Solved

Ghost error you were logged on but

Posted on 2007-04-09
7
1,220 Views
Last Modified: 2008-05-31
Ghost Drive Mapping Boot Disk problem.

Setup a Laptop with AD, DHCP, and DNS.  Connected a single client to verify DHCP is updating DNS which it is.  All records show up and the computer can access all resources.

Created a Ghost Network (mapping) Boot Disk, which connects and when I logon to the server as the domain admin(or any other user I create), I get the message:  You were logged on, but have not been validated by a server.  Therefore you may not have permission to use some network resources.

The disk continues and gives me a mapped drive but of course when I try to access anything I get Access Denied.

Any ideas?
0
Comment
Question by:dgore1
  • 4
  • 3
7 Comments
 

Author Comment

by:dgore1
ID: 18875714
Also forgot to mention that this is an AD 2003 server.
0
 
LVL 17

Expert Comment

by:John Gates
ID: 18875763
What does your NET/network.ini file look like?

It should look like this:

[network]
computername=<unique name>
lanroot=A:\NET
autostart=netbeui full
username=<your username>
domain=<your domainname>
lslogon=yes
reconnect=no
passwordcaching=no
timesync=no

Let me know and I will help further 8)

-D-
0
 

Author Comment

by:dgore1
ID: 18876179
[network]
computername=test1
lanroot=A:\NET
autostart=netbeui full
username=ghostie
domain=casting.local
lslogon=yes
reconnect=no
passwordcaching=no
timesync=no


Also, ghostcasting works just fine.  But that doesn't require name resolution.  And for the domain area, if I leave the .local off, it denies me access with net help 5 I belive.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 17

Accepted Solution

by:
John Gates earned 500 total points
ID: 18876991
change the line casting.local to just the base pre dot name:

casting

the DOS client is not going to know what to do with that ;-)  

That should fix the issue.

-D-
0
 

Author Comment

by:dgore1
ID: 18877352
Yup...that's what I thought too.  So I changed it again today and get the error message :

Error 5:  Access has been denied.

the full domain name is testing.casting.local, with the Server name being testing.  Netbios name is testing as well.

I even found this symantec article that said if you receive access denied on a Windows 2003 server, change the network security: Lan Manager Authentication Level from Send NTLM response only to Send LM & NTLM responses.

Same error.

I then joined another computer to the domain using the user ghostie with no problems since they are an enterprise admin.
0
 

Author Comment

by:dgore1
ID: 18877455
Another update:

I forgot to read the whole article:  You also have to find microsoft network server: digitally sign communications (always), and change the setting from enbled to disabled.

Wow...That did the trick!! Even though I changed the domain to be casting, going to award you the poinst since you made me go down the path one more time!!(and it was wrong!!)

Thanks,
Dale
0
 
LVL 17

Expert Comment

by:John Gates
ID: 18878112
Is one of the choices for digitally sign communications "Respond" ?  I think I would set it to that before disabling it completely.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

YESTERDAY YESTERDAY.BAT is inspired by a previous article I wrote entitled: TOMORROW.BAT (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/MS_DOS/A_4196-Advanced-Batch-File-Programming-TOMORROW-BAT.html). The crux of this batch f…
Being a system administrator some time we require to do things remotely, one of them is installing software. Here I am going to tell you how to install software through wmic (Windows management instrument console). I am not at all saying that this i…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now