Solved

sbs2008 (company keeps asking for username and password)

Posted on 2010-08-19
16
466 Views
Last Modified: 2012-05-10
All of a sudden users are prompted for username and password when accessing the companyweb from within the office. If cancel is clicked, no error message of denial is displayed, the page just goes blank. if I am logged on to the server, I can access the companyweb without a prompt. Now here is the strange thing. My internal domain is taylorbateman.local, or actual domain is taylor-bateman.com (observe hyphen). when prompted for password, the dialog box displays TAYLORBATEMAN\ZAY, so I type in my password, it rejects it. if I change it to taylor-bateman\zay, it takes my password. Help guys.
0
Comment
Question by:xzay1967
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 6
16 Comments
 
LVL 17

Expert Comment

by:aoakeley
ID: 33481512
Although your internal FQDN is taylorbateman.local it is possible (not sure how you would manage to do it on SBS though, but anyway) for you netbios domain mane to be taylor-bateman. Please humour me and confirm this is not the case?
- AD users and computers
  - right click taylorbateman.local
   - properties
    - what is in "Domain Name (Pre windows 2000)" field
0
 

Author Comment

by:xzay1967
ID: 33487039
Thanks for the response, the Domain Name as shown  is TAYLORBATEMAN. I setup and configured this domain more than a yr ago, and it has been working fine as is until yesterday during and after windows updates. Sometimes I feel like it is Russian roulette with these updates. They either break, fix or improve your systems.
0
 
LVL 17

Expert Comment

by:aoakeley
ID: 33489970
I am struggling to get my head around this right now, I just cannot see how specifying an incorrect domain name allows authentication to work. If the domain name is taylorbateman then "taylor-bateman\zay" should fail, just as "mymadeupdomin\zay" should also fail.

Please try "mymadeupdomin\zay" with your password
0
Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

 

Author Comment

by:xzay1967
ID: 33489985
I think you are missing something here. Our internal domain is taylorbateman, but our external domain is taylor-bateman. Since this is sbs2008 and exchange is included, exchange is setup as taylor-bateman.com so users can still log on with taylor-bateman. hope this helps you grasp the setup.
0
 
LVL 17

Expert Comment

by:aoakeley
ID: 33490089
I got that perfectly. But authentication aginst AD is authentication against AD, which has the name TAYLORBATEMAN not TAYLOR-BATEMAN. So there is no way that taylor-bateman\user should work, regardless of taylor-bateman being the email domain name, this should have as much chance of working as loadofcrap\zay or make-me-rich\zay or tay-lor-bate-man\zay

What I am getting at by getting you to test with "mymadeupdomin\zay" with your password is to determine if the server is actually paying any attention to the domain part of the domain\username combination.
0
 

Author Comment

by:xzay1967
ID: 33490261
OK I am really worried now, I did your test with mymadeupdomain, and it let me in. see screenshots.
first-logon-screen.jpg
0
 

Author Comment

by:xzay1967
ID: 33490264
Here is the screenshot with the dummy domain name that worked.
dummy-logon.jpg
0
 
LVL 17

Expert Comment

by:aoakeley
ID: 33490284
Man that's weird.... From what you were telling me I thought it would work, that's why I asked you to do it. But there is no logical reason why it should.

1. anything in the windows event logs that look relevant?
2. have you rebooted the server since the issue started?
3. please confirm workstations hav the SBS Serevr ONLY as their DNS Server
4. any userenv or seccli errors in the workstation event logs
5. did you change any authentication settings on the sharepoint site?
6. are you using a FQDN or INTRANET url when accessing the site (i.e http://sharepoint/ or http://sharepoint.yourdomain.local/)?

Andy
0
 

Author Comment

by:xzay1967
ID: 33490294
I haven't made any changes to the sharpoint authentication settings, yes I have reboot the server since then. I was waiting on the update to fininsh when one of the agents asked me if I was working on the server because she was prompted with the dialog box. I will look at the event viewer in the morning when I wake up. I am still at work trying to repair a server. Thanks for your input so far. I sure wish there was some sort of system restore for servers lol.
0
 

Author Comment

by:xzay1967
ID: 33490347
To access the intranet, I use a url http://companyweb. I looked at the event viewer, and I did not see anything relating to sharepoint. There a lot of dcom errors concering protocols, but that related to the server trying to communicate with a workstation
0
 

Author Comment

by:xzay1967
ID: 33490368
Here is a screenshot of my authentication settings.
sharepoint-settings.jpg
0
 
LVL 17

Accepted Solution

by:
aoakeley earned 500 total points
ID: 33490398
Try this:
1. Add http://companyweb/ into intranet sites list
Test
2. If still not working change auth to NTLM
iisreset on server
Test

Won't be infront of a pc for a bit. Exercising my democratic right to be forced to vote for a selection of gooses who could not run a monopoly board let alone a country.
0
 
LVL 5

Expert Comment

by:rebejones
ID: 33500329
What version of windows are you running on the pcs. If you are running Vista you made need to add the intranet site to your trusted sites under Internet Explorer. If you go to tools -> Internet Options -> then go to the security tab. From there click on local intranet and then sites and then the advanced tab. Add the intranet site. You will also need to check and make sure that under custom level and user authentication that the radio button is on Automatic logon  in Intranet Zone. The last part is a registry fix that you can find here.: http://support.microsoft.com/kb/943280 
Hope this helps
0
 

Author Comment

by:xzay1967
ID: 33500406
The environment is xp and windows 7. That would be a possible solution if this was happening outside the network, or if it was the first time they are attempting to access the intranet. As I mentioned in my prior post, this system has been up and running for more than a yr. The issue did not start happening till last week during and after the last sbs2008 update (rollup). If I am on the actual server, it does not prompt me for any credentials. From the last test rendered, whereby I used a totally random domain\my name, and it allowed me to access the site, seems to be some sort of disconnect betweent the sharepoint and the DC/AD. In the past it would accept taylorbateman\myname, now it is not. If I put somemadeupdomain\myname, it allows me access.............weird.
0
 
LVL 17

Expert Comment

by:aoakeley
ID: 33500830
Did you test as per my last post?
0
 

Author Closing Comment

by:xzay1967
ID: 33506119
Not sure how or why it either changed or worked, but it did. Thanks for your input. I wonder if the update some how changed it, if so, seems a like a warning need to go out.
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

SharePoint Designer 2010 has tools and commands to do everything that can be done with web parts in the browser, and then some – except uploading a web part straight into a page that is edited in SPD. So, can it be done? Scenario For a recent pr…
Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question