Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

sbs2008 (company keeps asking for username and password)

Posted on 2010-08-19
16
455 Views
Last Modified: 2012-05-10
All of a sudden users are prompted for username and password when accessing the companyweb from within the office. If cancel is clicked, no error message of denial is displayed, the page just goes blank. if I am logged on to the server, I can access the companyweb without a prompt. Now here is the strange thing. My internal domain is taylorbateman.local, or actual domain is taylor-bateman.com (observe hyphen). when prompted for password, the dialog box displays TAYLORBATEMAN\ZAY, so I type in my password, it rejects it. if I change it to taylor-bateman\zay, it takes my password. Help guys.
0
Comment
Question by:xzay1967
  • 9
  • 6
16 Comments
 
LVL 17

Expert Comment

by:aoakeley
ID: 33481512
Although your internal FQDN is taylorbateman.local it is possible (not sure how you would manage to do it on SBS though, but anyway) for you netbios domain mane to be taylor-bateman. Please humour me and confirm this is not the case?
- AD users and computers
  - right click taylorbateman.local
   - properties
    - what is in "Domain Name (Pre windows 2000)" field
0
 

Author Comment

by:xzay1967
ID: 33487039
Thanks for the response, the Domain Name as shown  is TAYLORBATEMAN. I setup and configured this domain more than a yr ago, and it has been working fine as is until yesterday during and after windows updates. Sometimes I feel like it is Russian roulette with these updates. They either break, fix or improve your systems.
0
 
LVL 17

Expert Comment

by:aoakeley
ID: 33489970
I am struggling to get my head around this right now, I just cannot see how specifying an incorrect domain name allows authentication to work. If the domain name is taylorbateman then "taylor-bateman\zay" should fail, just as "mymadeupdomin\zay" should also fail.

Please try "mymadeupdomin\zay" with your password
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 

Author Comment

by:xzay1967
ID: 33489985
I think you are missing something here. Our internal domain is taylorbateman, but our external domain is taylor-bateman. Since this is sbs2008 and exchange is included, exchange is setup as taylor-bateman.com so users can still log on with taylor-bateman. hope this helps you grasp the setup.
0
 
LVL 17

Expert Comment

by:aoakeley
ID: 33490089
I got that perfectly. But authentication aginst AD is authentication against AD, which has the name TAYLORBATEMAN not TAYLOR-BATEMAN. So there is no way that taylor-bateman\user should work, regardless of taylor-bateman being the email domain name, this should have as much chance of working as loadofcrap\zay or make-me-rich\zay or tay-lor-bate-man\zay

What I am getting at by getting you to test with "mymadeupdomin\zay" with your password is to determine if the server is actually paying any attention to the domain part of the domain\username combination.
0
 

Author Comment

by:xzay1967
ID: 33490261
OK I am really worried now, I did your test with mymadeupdomain, and it let me in. see screenshots.
first-logon-screen.jpg
0
 

Author Comment

by:xzay1967
ID: 33490264
Here is the screenshot with the dummy domain name that worked.
dummy-logon.jpg
0
 
LVL 17

Expert Comment

by:aoakeley
ID: 33490284
Man that's weird.... From what you were telling me I thought it would work, that's why I asked you to do it. But there is no logical reason why it should.

1. anything in the windows event logs that look relevant?
2. have you rebooted the server since the issue started?
3. please confirm workstations hav the SBS Serevr ONLY as their DNS Server
4. any userenv or seccli errors in the workstation event logs
5. did you change any authentication settings on the sharepoint site?
6. are you using a FQDN or INTRANET url when accessing the site (i.e http://sharepoint/ or http://sharepoint.yourdomain.local/)?

Andy
0
 

Author Comment

by:xzay1967
ID: 33490294
I haven't made any changes to the sharpoint authentication settings, yes I have reboot the server since then. I was waiting on the update to fininsh when one of the agents asked me if I was working on the server because she was prompted with the dialog box. I will look at the event viewer in the morning when I wake up. I am still at work trying to repair a server. Thanks for your input so far. I sure wish there was some sort of system restore for servers lol.
0
 

Author Comment

by:xzay1967
ID: 33490347
To access the intranet, I use a url http://companyweb. I looked at the event viewer, and I did not see anything relating to sharepoint. There a lot of dcom errors concering protocols, but that related to the server trying to communicate with a workstation
0
 

Author Comment

by:xzay1967
ID: 33490368
Here is a screenshot of my authentication settings.
sharepoint-settings.jpg
0
 
LVL 17

Accepted Solution

by:
aoakeley earned 500 total points
ID: 33490398
Try this:
1. Add http://companyweb/ into intranet sites list
Test
2. If still not working change auth to NTLM
iisreset on server
Test

Won't be infront of a pc for a bit. Exercising my democratic right to be forced to vote for a selection of gooses who could not run a monopoly board let alone a country.
0
 
LVL 5

Expert Comment

by:rebejones
ID: 33500329
What version of windows are you running on the pcs. If you are running Vista you made need to add the intranet site to your trusted sites under Internet Explorer. If you go to tools -> Internet Options -> then go to the security tab. From there click on local intranet and then sites and then the advanced tab. Add the intranet site. You will also need to check and make sure that under custom level and user authentication that the radio button is on Automatic logon  in Intranet Zone. The last part is a registry fix that you can find here.: http://support.microsoft.com/kb/943280 
Hope this helps
0
 

Author Comment

by:xzay1967
ID: 33500406
The environment is xp and windows 7. That would be a possible solution if this was happening outside the network, or if it was the first time they are attempting to access the intranet. As I mentioned in my prior post, this system has been up and running for more than a yr. The issue did not start happening till last week during and after the last sbs2008 update (rollup). If I am on the actual server, it does not prompt me for any credentials. From the last test rendered, whereby I used a totally random domain\my name, and it allowed me to access the site, seems to be some sort of disconnect betweent the sharepoint and the DC/AD. In the past it would accept taylorbateman\myname, now it is not. If I put somemadeupdomain\myname, it allows me access.............weird.
0
 
LVL 17

Expert Comment

by:aoakeley
ID: 33500830
Did you test as per my last post?
0
 

Author Closing Comment

by:xzay1967
ID: 33506119
Not sure how or why it either changed or worked, but it did. Thanks for your input. I wonder if the update some how changed it, if so, seems a like a warning need to go out.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We had a requirement to extract data from a SharePoint 2010 Customer List into a CSV file and then place the CSV file into a directory on the network so that the file could be consumed by an AS400 system. I will share in Part 1 how to Extract the Da…
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question