tnesupport
asked on
OCS 2007 R2 auto sign in works, manual doesn't
So our OCS has been working pretty much properly since it was set up. There's only one thing that's been bugging me--when we first set up the server, either automatic or manual sign in worked.
Now, only automatic sign in works. If you "log out" of communicator while it's running & try to log back in, you're prompted for your sign-in address, username, and password.
When using the appropriate sign-in address (know it's the right one due to the OCS management console), username (taken from the user's ADSIEdit principle name, & tried in the format DOMAIN\username, DOMAIN.COM\user, as well as username@domain.com) & password, we are still given an error that the password is incorrect.
Now, the only way short of logging out of windows & logging back in is to delete the HKCU\Software\Microsoft\Sh
Any ideas?
Now, only automatic sign in works. If you "log out" of communicator while it's running & try to log back in, you're prompted for your sign-in address, username, and password.
When using the appropriate sign-in address (know it's the right one due to the OCS management console), username (taken from the user's ADSIEdit principle name, & tried in the format DOMAIN\username, DOMAIN.COM\user, as well as username@domain.com) & password, we are still given an error that the password is incorrect.
Now, the only way short of logging out of windows & logging back in is to delete the HKCU\Software\Microsoft\Sh
Any ideas?
JoltinJoe
I think automatic sign in can use Kerberos while manual sign-in probably uses NTLM. I might check the lanman authentication level on the client and front-end OCS server to make sure they are compatible (for example, make sure the client is not set to LM or NTLM if the server is set to only NTLMv2). This setting can be viewed at policy (local or group)\local policies\security options\network security:lan manager authentication level.
how did you configured your manual server settings, it should point to the pool name if you are running enterprise edition. I believe this is the issue.
ASKER
busbar, I mean that when communicator hits AD it signs in fine (for example, when OCS opens at windows log in), yet when it prompts for my sign-in address & username & password (say for instance, after I log out of OCS), it doesn't work.
JoltinJoe, this what the direction I was thinking too..I'll give it a shot tomorrow--think Windows 7 might have something to do with this? (all the problem machines are Win 7)
JoltinJoe, this what the direction I was thinking too..I'll give it a shot tomorrow--think Windows 7 might have something to do with this? (all the problem machines are Win 7)
nop both uses kerberos,
can you tell me any errors in the event viewer also enable communicator debugging as it will help
can you tell me any errors in the event viewer also enable communicator debugging as it will help
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.