Previously answered question -  Title: Mac Can no Longer Connect to one of our servers - with new user question

Kraus-IT
Kraus-IT used Ask the Experts™
on
After researching this issue here I found the answer under the following:

   

Home - All Topics - Networking - Mac Net. Q_21862435.html

One of the suggestions was to do the following:

1. Allow the mac to send clear text passwords, explaind here:
http://docs.info.apple.com/article.html?artnum=301580

2. Allow your Windows machine to accept packets that are not digitaly signed
Change this key at the server to 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\requiresecuritysignature

After completing these two steps our Mac user was able to connect without issue, but the next morning they ran into the same error. Upon checking the registry the setting had reverted to 1 instead of 0.

My question is this: what could be causing this to revert and how would I fix this?

Thank you,

John Hoffman
jhoffman@bernan.com
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
That setting is controlled by domain security policy, which is what is changing it back.  Everytime the security policy is refreshed it will reset that registry key.

You need to follow these directions to change it permanently:

You need to go administrative tools, Domain Security Policy, Local Policies, Security Options, then for the entry "Microsoft network server: Digitally sign communications (always)" set it to disabled.  

Then you need to go to administrative tools, Domain Controller Security Policy, Local Policies, Security Options, then for the entry "Microsoft network server: Digitally sign communications (always)" set it to disabled.

Then open a command prompt and type "gpupdate /force" to apply the settings.  You may want to reboot to insure the settings have activated.

Commented:
Sorry you didn't say it was a domain controller.  If it is not a domain controller then you will go to administrative tools, Local Security Policy, Local Policies, Security Options, then for the entry "Microsoft network server: Digitally sign communications (always)" set it to disabled.  

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial