Solved

Registry settings are changing

Posted on 2009-04-03
5
233 Views
Last Modified: 2012-05-06
Customer is running av Win 2003 server as domain controller in a small LAN (less than 10 users). Recently they installed a multi-function printer and attached it to the LAN. This unit is configured to scan to a specified folder on the server.

In order for this to work, the printer supplier defined two registry settings on the server:
HKLM/System/CurrentControlSet/Services/lanmanserver/requiresecuritysignature value = 0
and
HKLM/System/CurrentControlSet/Services/lanmanserver/enablesecurityseignature value = 0

These settings seems to work for a short time, but then they are reset or changed to a value of 1 (which causes the scanner to stop working).

I'm not sure what these settings are doing, but suspect that they're used to get access to the server (without defining a specific user/password). Questions are then: What is causing these settings to change?.  Any ideas how to make this work better?

-Olaf-

0
Comment
Question by:omberli
  • 3
  • 2
5 Comments
 
LVL 6

Expert Comment

by:matt_beatt
ID: 24058038
Group Policy is altering your settings

Computer Settings > Windows Settings > Local Policies > Security Options

Microsoft network client: Digitally sign communications (if server agrees)
&
Microsoft network client: Digitally sign communications (always)

Change them to disabled.  Run GPMC and see which GP is the culprit and change them over
0
 
LVL 6

Expert Comment

by:matt_beatt
ID: 24058051
Sorry that should be

Computer Settings > Windows Settings > Local Policies > Security Options

Microsoft network server: Digitally sign communications (if server agrees)
&
Microsoft network server: Digitally sign communications (always
0
 

Author Comment

by:omberli
ID: 24070848
Thanks for the feedback.
I logged on to the server(via mstsc /console), ran mmc and found those settings - both enabled. Couldn't change them, because they were greyed out. Any ideas how to get around this?

I'm not very familiar with AD administration. What is GPMC?  Any details about "see which GP is the culprit and change them over"....?

-Olaf-
0
 
LVL 6

Accepted Solution

by:
matt_beatt earned 500 total points
ID: 24071332
GPMC = Group Policy Management Console

Try logging onto your DC and from run type gpmc.msc - if it doesnt run, download it from download.microsoft.com

In your scenario, what you want to do is edit the Default Domain Controller Policy, in that policy you should find the options mentioned above enabled as they are by default on DC's - change to disabled.

Then on your machine Run > gpupdate /force and then reboot

Should solve the problem - if not let me know as your GP's will be slightly more complex than my assumptions
0
 

Author Closing Comment

by:omberli
ID: 31566139
Customer reported back today that the problem seems to be solved. Registry settings stayed also after a server reboot. Thanks!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now