Link to home
Start Free TrialLog in
Avatar of Accdat
Accdat

asked on

New AD users not able to login through Telnet

Any new users created withing Active directory are unable to login through Telnet.
Telnet works fine with new users when the Win Server 2003 standard is in a workgroup but as soon as it is joined to the Small Business Server 2003 Standard domain and setup as a Active Directory replicator any new users created under AD are not able to login to Telnet.
Avatar of KentuckyDataService
KentuckyDataService
Flag of United States of America image

I'm not too "expert" in this, but have you verifed that you don't have a domain group policy being pushed down from the SBS server that enables the firewall...and in turn, blocks it?  You can always use NETMON to watch the protocols for that coming in to see if they are making it.  Just an idea!!
Avatar of Accdat
Accdat

ASKER

I will have a look at that,
but if there was a problem with the firewall blocking incoming connections then I would presume it would also affect existing users, which it is not.
Existing users within AD when Win 2003 Standard is joined to the domain work fine, its only new user added to AD that are not able to login using Telnet.
You're right...it would stop all.  Are the users trying to log onto windows with telnet? or another client software?
Avatar of Accdat

ASKER

They login to Telnet to access a DOS based app called "Business Manager Classic" from Business Manager Software, which is running on the Win 2003 standard server.
so, does the authentication happen with AD credentials, or does that software interface with active directory?
Avatar of Accdat

ASKER

Telnet session authenticates through AD (or windows user accounts if not joined to a domain). Business Manger Software has its own builtin user authentication and does not use AD.
1.  Are the telnet(ing) to the server from the WAN or LAN or both
2.  What exact port are they connecting too
3.  With one of the users that works, if you change their windows password from the new server AD console, not the old one, can they still establish a telnet session?

and to clarify my brain!!, they telnet the server on the specified port, give them their windows account credentials, then after session is established, they run the application from that session.  And the problem is with the initial connection, not the software authentication for "Business Manager Classic"
Do you have a firewall enabled, like windows firewall or ISA firewall?
Avatar of Accdat

ASKER

Response to Kentucky:
1. WAN
2. Port 23
3. I have also tried this and it works fine, you can change user passwords and they can still authenticate fine.
And yes you are correct. They Telnet to the server and authenticate using AD account details.  then after session is established, they run the application from that session.
Problem is with the intial Telnet Authentication not the BMC login.

Response to CheifIT:
Problem is not firewall related, old users can still login fine, this is only affecting new users.
ASKER CERTIFIED SOLUTION
Avatar of KentuckyDataService
KentuckyDataService
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
You might check out the file's ACL to see what happened:

There is a fileACL.exe program you can do this with.