Solved

W2k3 SBS R2 Map Drive authentication issues when using non domain member PC's.

Posted on 2007-04-05
13
477 Views
Last Modified: 2010-08-05
I'm new to this...so I hope that this makes sense.  

I have a small dentist office that's has deployed a w2k3 Small Business Server.  They brought with them from their old office a mishmash of operating systems that including a few Win2000 systems, an XP Home, and a bunch of XP Pro's.  

Here's my problem.  Their EMR system is very picky, and I've mapped network drives to Z: manually on each workstation to make it work.  Since it's such a mishmash, and they're not members of the domain...they're getting a ton of error messages every few hours or when the connection between the server and the client times out.  

The only way they can fix the problem is to open a share folder on the server, enter their credentials, then double click the map drive to re-populate the folder listing.  

Is there a way that I can keep them from having to do this process over and over again without adding every machine to the domain?  Since it's SBS there's a DC configured, however no PC's have been added to the domain due to the client's wishes of not paying for the extra CAL's associated.  

Any help would be great.  

Thanks!
0
Comment
Question by:cdharris2005
  • 5
  • 4
  • 2
  • +1
13 Comments
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 18862598
SBS comes with 5 CALs so by your logic, at least 5 machines should be able to join the domain.  

Unfortunately, that's not how Microsoft licensing works - you need a CAL if the clients are going to access the server AT ALL - it doesn't matter if they are members of the domain or not.  So your making your life difficult AND violating licensing terms.
0
 
LVL 1

Author Comment

by:cdharris2005
ID: 18862605
Ugh, I figured someone was going to say that.  My only concern at the moment is that they're under a crunch for time to get this office open on Monday.  As a temporary solution does anyone have any ideas?  I can get more cals and add the machines to the domain next week sometime after hours.  

0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 18862617
How many machines do you have?  As I said, you can add 5 right now.
0
 
LVL 1

Author Comment

by:cdharris2005
ID: 18862624
I know it comes standard with 5 out of the box.  Client has a total of 11 PC's on the network.
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 18862638
So he needs to buy 10 more CALs (sold in 5 packs only).  

As for a connection timeout, I actually think you have another problem - I've not seen any kind of timeout on connections for file sharing. I've left things connected for WEEKS without problems.  What are your event log errors?
0
 
LVL 1

Author Comment

by:cdharris2005
ID: 18862658
Ironically, I have nothing out of the ordinary in the event logs.  It doesn't even mention any accesses by client PC's that aren't members of the domain.  

Gone ahead and added the 5 most critical machines to the domain,  just have to move over the local profile to it's respective domain user.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 18862663
didn't you use the http://servername/connectcomputer/ wizard to join the computers to the domain?  that allows you to migrate the users profiles as well.
0
 
LVL 1

Expert Comment

by:Nishant_pritam
ID: 18863648
I have an ad hock solution for you, on your client machine delete existing mapping logoff and re-login, create a new network map and click on connect using different user name provide a domain user name which have permission on that share in the format of username@fullyQualifiedDomainName provide password and click on save password. Also check reconnect on logon. Now every time a user open that mapping it is open with domain cardinals.

Nishant kumar

0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 250 total points
ID: 18864810
Since you said one or some of the workstaitons are XP Home you can actually get them to authenticate on the domain even though they really need to be upgraded at some point.

To get this to work, you need to name the WORKGROUP of the XP Machine the Same as your domain's NETBIOS name (without the .local), then create a LOCAL user account for the user assigned to that machine which has the SAME NAME and SAME PASSWORD as their domain user account.  They will then log on to the workstation with these credentials... and those will in turn be passed through to the shared folder which will accept them.

But the Windows 2000 and XP Pro machines MUST be members of your domain if you want things to work properly.  If you only currently have the 5 Server CALs but need to get this going, that should be no problem at all either.  Just make sure that when you run the Add User Wizard you DO NOT also add computers within that wizard.  You should then run the Add Client Computers wizard separately.

When you join the workstaitons to the domain using the http://<servername>/connectcomputer wizard do NOT assign a user to the workstations.  Let the connectcomputer wizard finish out, and then log on with a domain administrator account and add the Domain User to the LOCAL Administrator's Group.  Log back on as that user and Outlook will configure automatically.

The reason to do these separately is because otherwise SBS will map the users to the computers and will immediately recognize that there are more than 5.  Keeping them separate during this process will give you enough time to get the proper CALs before SBS figures it out.

Jeff
TechSoEasy

0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 18864868
> ... do NOT assign a user to the workstations.

But won't that make migrating the profiles far more difficult?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18865338
Yes, it will.. but the choice then has to be made whether to get things going with a limited amount of CALs.  Profiles can be migrated with the Files and Settings Transfer Wizard in XP.  For the Win2K machines... they'll have to be manually copied.

Jeff
TechSoEasy
0
 
LVL 1

Author Comment

by:cdharris2005
ID: 18868394
Everyone, thank you muchly for your help.  I followed leew's advice and just went ahead and purchased the CAL's.  I'll be adding them to the domain early next week.  

Hindsight is always 20/20 in this case as I went ahead and added the initial 5 workstations and immediately so a drastic increase of speed in regard to applications finding their appropriate network paths to the server.

This is a place I will definitely be calling upon again and again.  

Once again, thank you all for your help...it was muchly appreciated. =)
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now