Solved

Ghost error you were logged on but

Posted on 2007-04-09
7
1,227 Views
Last Modified: 2008-05-31
Ghost Drive Mapping Boot Disk problem.

Setup a Laptop with AD, DHCP, and DNS.  Connected a single client to verify DHCP is updating DNS which it is.  All records show up and the computer can access all resources.

Created a Ghost Network (mapping) Boot Disk, which connects and when I logon to the server as the domain admin(or any other user I create), I get the message:  You were logged on, but have not been validated by a server.  Therefore you may not have permission to use some network resources.

The disk continues and gives me a mapped drive but of course when I try to access anything I get Access Denied.

Any ideas?
0
Comment
Question by:dgore1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 

Author Comment

by:dgore1
ID: 18875714
Also forgot to mention that this is an AD 2003 server.
0
 
LVL 18

Expert Comment

by:John Gates, CISSP
ID: 18875763
What does your NET/network.ini file look like?

It should look like this:

[network]
computername=<unique name>
lanroot=A:\NET
autostart=netbeui full
username=<your username>
domain=<your domainname>
lslogon=yes
reconnect=no
passwordcaching=no
timesync=no

Let me know and I will help further 8)

-D-
0
 

Author Comment

by:dgore1
ID: 18876179
[network]
computername=test1
lanroot=A:\NET
autostart=netbeui full
username=ghostie
domain=casting.local
lslogon=yes
reconnect=no
passwordcaching=no
timesync=no


Also, ghostcasting works just fine.  But that doesn't require name resolution.  And for the domain area, if I leave the .local off, it denies me access with net help 5 I belive.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 18

Accepted Solution

by:
John Gates, CISSP earned 500 total points
ID: 18876991
change the line casting.local to just the base pre dot name:

casting

the DOS client is not going to know what to do with that ;-)  

That should fix the issue.

-D-
0
 

Author Comment

by:dgore1
ID: 18877352
Yup...that's what I thought too.  So I changed it again today and get the error message :

Error 5:  Access has been denied.

the full domain name is testing.casting.local, with the Server name being testing.  Netbios name is testing as well.

I even found this symantec article that said if you receive access denied on a Windows 2003 server, change the network security: Lan Manager Authentication Level from Send NTLM response only to Send LM & NTLM responses.

Same error.

I then joined another computer to the domain using the user ghostie with no problems since they are an enterprise admin.
0
 

Author Comment

by:dgore1
ID: 18877455
Another update:

I forgot to read the whole article:  You also have to find microsoft network server: digitally sign communications (always), and change the setting from enbled to disabled.

Wow...That did the trick!! Even though I changed the domain to be casting, going to award you the poinst since you made me go down the path one more time!!(and it was wrong!!)

Thanks,
Dale
0
 
LVL 18

Expert Comment

by:John Gates, CISSP
ID: 18878112
Is one of the choices for digitally sign communications "Respond" ?  I think I would set it to that before disabling it completely.
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question