dplus
asked on
MS WinXP and Server 2003 machines with same administrator/password combination: "bad username or password" ???
Hi,
I have a Windows XP PRO SP3 machine which is only member of a workgroup.
Furthermore I have a MS Windows 2003 SP2 machine with its own Active Directory.
On both machines the administrator username and password are the same.
OK, now I log in as an administrator on my WinXP machine:
Now, if I do a "net use * \\server\C$" from the commandline on the WinXP machine, I get an error that my username or password is invalid:
C:\Documents and Settings\Administrator>net
The password or user name is invalid for \\SERVER\C$.
Enter the user name for 'SERVER':
Strange enough, when I now type in: administrator and my password, the share will be connected.
It's strange that the server is asking for my credentials, because the passwords of the administrator account are for both PC's identical!
I also have a third Win XP machine, also WinXP PRO SP3, with the same config as the machine stated above (not part of a domain, just its own workgroup).
This machine has also the same password for the Administrator account, when I execute the command to connect the share I don't have to fill out my credentials:
C:\Documents and Settings\Administrator>net
Drive Y: is now connected to \\SERVER\C$.
The command completed successfully.
Now for the verry weird part, I've setup a virtual machine, installing Server 2003 SP2 on it, and edited the administrator user to again, have the same password as all of the aforementioned machines.
If I execute the command to connect the C$-share to my previous "problematic" win XP machine, it works without it asking my credentials!
So why is it, that this one server will NOT accept the password from the administrator user from this particular Windows XP machine???
The reason I am asking this is because I wanted to use Remote Debugging for ASP.NET pages with this client machine and server.
I have Visual Studio 2008 installed on the XP machine, and remote debugger 2008 on the server.
But the problem was that the Administrator user could not log on to the debugger service, while from another PC or another user it WAS possilbe!
So I started narrowing this problem down, and now it seems that only the administrator account from this Win XP machine is rejected.
I get the following failure audit on the server when I try to connect as "Administrator":
Event Type: Failure Audit
Event Source: Security
Event Category: Account Logon
Event ID: 680
Date: 15-4-2009
Time: 13:34:34
User: NT AUTHORITY\SYSTEM
Computer: SERVER
Description:
Logon attempt by: MICROSOFT_AUTHENTICATION_P
Logon account: Administrator
Source Workstation: WINXPMACHINE
Error Code: 0xC000006A
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
As you will see, the error code: 0xC000006A means that the password is invalid.
I've been researching this problem for quite a while now, and cannot seem to fix it.
One other thing: if I create another user on this problematic winxp machine and the same user on the server with again the same password, then it will work, the server accepts the credentials right away. Only NOT from the administrator??
I have a Windows XP PRO SP3 machine which is only member of a workgroup.
Furthermore I have a MS Windows 2003 SP2 machine with its own Active Directory.
On both machines the administrator username and password are the same.
OK, now I log in as an administrator on my WinXP machine:
Now, if I do a "net use * \\server\C$" from the commandline on the WinXP machine, I get an error that my username or password is invalid:
C:\Documents and Settings\Administrator>net
The password or user name is invalid for \\SERVER\C$.
Enter the user name for 'SERVER':
Strange enough, when I now type in: administrator and my password, the share will be connected.
It's strange that the server is asking for my credentials, because the passwords of the administrator account are for both PC's identical!
I also have a third Win XP machine, also WinXP PRO SP3, with the same config as the machine stated above (not part of a domain, just its own workgroup).
This machine has also the same password for the Administrator account, when I execute the command to connect the share I don't have to fill out my credentials:
C:\Documents and Settings\Administrator>net
Drive Y: is now connected to \\SERVER\C$.
The command completed successfully.
Now for the verry weird part, I've setup a virtual machine, installing Server 2003 SP2 on it, and edited the administrator user to again, have the same password as all of the aforementioned machines.
If I execute the command to connect the C$-share to my previous "problematic" win XP machine, it works without it asking my credentials!
So why is it, that this one server will NOT accept the password from the administrator user from this particular Windows XP machine???
The reason I am asking this is because I wanted to use Remote Debugging for ASP.NET pages with this client machine and server.
I have Visual Studio 2008 installed on the XP machine, and remote debugger 2008 on the server.
But the problem was that the Administrator user could not log on to the debugger service, while from another PC or another user it WAS possilbe!
So I started narrowing this problem down, and now it seems that only the administrator account from this Win XP machine is rejected.
I get the following failure audit on the server when I try to connect as "Administrator":
Event Type: Failure Audit
Event Source: Security
Event Category: Account Logon
Event ID: 680
Date: 15-4-2009
Time: 13:34:34
User: NT AUTHORITY\SYSTEM
Computer: SERVER
Description:
Logon attempt by: MICROSOFT_AUTHENTICATION_P
Logon account: Administrator
Source Workstation: WINXPMACHINE
Error Code: 0xC000006A
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
As you will see, the error code: 0xC000006A means that the password is invalid.
I've been researching this problem for quite a while now, and cannot seem to fix it.
One other thing: if I create another user on this problematic winxp machine and the same user on the server with again the same password, then it will work, the server accepts the credentials right away. Only NOT from the administrator??
ealcaniz
Error code: 0xC000006A (Error code 0xC000006A) - According to Microsoft Windows XP attempts a limited logon for each account that is displayed on the Welcome screen to determine whether to prompt the user for a password. An attempted logon is logged for each account displayed. To resolve this problem, obtain the latest service pack for Windows XP. To prevent these events from being logged, disable the Welcome screen and use the classic logon screen or turn off auditing of logon events.
Another check this key in registry
HKEY_LOCAL_MACHINE\SYSTEM\
More details in
How to prevent Windows from storing a LAN manager hash of your password in Active
Directory and local SAM databases
<http://support.microsoft.com/kb/299656/en-us>
HKEY_LOCAL_MACHINE\SYSTEM\
More details in
How to prevent Windows from storing a LAN manager hash of your password in Active
Directory and local SAM databases
<http://support.microsoft.com/kb/299656/en-us>
ASKER
All systems are fully patched and up-to-date with the latest service packs.
The policy: "Network security: Do not store LAN Manager hash value on next password change" is disabled and HKEY_LOCAL_MACHINE\SYSTEM\
The policy: "Network security: Do not store LAN Manager hash value on next password change" is disabled and HKEY_LOCAL_MACHINE\SYSTEM\
ASKER
By the way: the password for the administrator account is on all pc's more than 15 characters long and meets the complexity requirements. Wanted to say that because of the NTLM comments posted above by ealcaniz.
Hello I thought I would chime in on this.
Remember that on a workgroup it tries to authenticate machinename/username not domain/username. If the machine is not on the domain but the server does have a domain user the user and pass are the same but the group it tries to authenticate to is different.
Remember that on a workgroup it tries to authenticate machinename/username not domain/username. If the machine is not on the domain but the server does have a domain user the user and pass are the same but the group it tries to authenticate to is different.
ASKER
Please understand it's only the ADMINISTRATOR account of 1 XP-machine which is giving problems.
If I create other users on this machine, or if I use another Administrator account on a different XP machine that is also NOT part of a domain, all goes well....
If I create other users on this machine, or if I use another Administrator account on a different XP machine that is also NOT part of a domain, all goes well....
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.