• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 484
  • Last Modified:

sbs2008 (company keeps asking for username and password)

All of a sudden users are prompted for username and password when accessing the companyweb from within the office. If cancel is clicked, no error message of denial is displayed, the page just goes blank. if I am logged on to the server, I can access the companyweb without a prompt. Now here is the strange thing. My internal domain is taylorbateman.local, or actual domain is taylor-bateman.com (observe hyphen). when prompted for password, the dialog box displays TAYLORBATEMAN\ZAY, so I type in my password, it rejects it. if I change it to taylor-bateman\zay, it takes my password. Help guys.
0
xzay1967
Asked:
xzay1967
  • 9
  • 6
1 Solution
 
Andrew OakeleyConsultantCommented:
Although your internal FQDN is taylorbateman.local it is possible (not sure how you would manage to do it on SBS though, but anyway) for you netbios domain mane to be taylor-bateman. Please humour me and confirm this is not the case?
- AD users and computers
  - right click taylorbateman.local
   - properties
    - what is in "Domain Name (Pre windows 2000)" field
0
 
xzay1967Author Commented:
Thanks for the response, the Domain Name as shown  is TAYLORBATEMAN. I setup and configured this domain more than a yr ago, and it has been working fine as is until yesterday during and after windows updates. Sometimes I feel like it is Russian roulette with these updates. They either break, fix or improve your systems.
0
 
Andrew OakeleyConsultantCommented:
I am struggling to get my head around this right now, I just cannot see how specifying an incorrect domain name allows authentication to work. If the domain name is taylorbateman then "taylor-bateman\zay" should fail, just as "mymadeupdomin\zay" should also fail.

Please try "mymadeupdomin\zay" with your password
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
xzay1967Author Commented:
I think you are missing something here. Our internal domain is taylorbateman, but our external domain is taylor-bateman. Since this is sbs2008 and exchange is included, exchange is setup as taylor-bateman.com so users can still log on with taylor-bateman. hope this helps you grasp the setup.
0
 
Andrew OakeleyConsultantCommented:
I got that perfectly. But authentication aginst AD is authentication against AD, which has the name TAYLORBATEMAN not TAYLOR-BATEMAN. So there is no way that taylor-bateman\user should work, regardless of taylor-bateman being the email domain name, this should have as much chance of working as loadofcrap\zay or make-me-rich\zay or tay-lor-bate-man\zay

What I am getting at by getting you to test with "mymadeupdomin\zay" with your password is to determine if the server is actually paying any attention to the domain part of the domain\username combination.
0
 
xzay1967Author Commented:
OK I am really worried now, I did your test with mymadeupdomain, and it let me in. see screenshots.
first-logon-screen.jpg
0
 
xzay1967Author Commented:
Here is the screenshot with the dummy domain name that worked.
dummy-logon.jpg
0
 
Andrew OakeleyConsultantCommented:
Man that's weird.... From what you were telling me I thought it would work, that's why I asked you to do it. But there is no logical reason why it should.

1. anything in the windows event logs that look relevant?
2. have you rebooted the server since the issue started?
3. please confirm workstations hav the SBS Serevr ONLY as their DNS Server
4. any userenv or seccli errors in the workstation event logs
5. did you change any authentication settings on the sharepoint site?
6. are you using a FQDN or INTRANET url when accessing the site (i.e http://sharepoint/ or http://sharepoint.yourdomain.local/)?

Andy
0
 
xzay1967Author Commented:
I haven't made any changes to the sharpoint authentication settings, yes I have reboot the server since then. I was waiting on the update to fininsh when one of the agents asked me if I was working on the server because she was prompted with the dialog box. I will look at the event viewer in the morning when I wake up. I am still at work trying to repair a server. Thanks for your input so far. I sure wish there was some sort of system restore for servers lol.
0
 
xzay1967Author Commented:
To access the intranet, I use a url http://companyweb. I looked at the event viewer, and I did not see anything relating to sharepoint. There a lot of dcom errors concering protocols, but that related to the server trying to communicate with a workstation
0
 
xzay1967Author Commented:
Here is a screenshot of my authentication settings.
sharepoint-settings.jpg
0
 
Andrew OakeleyConsultantCommented:
Try this:
1. Add http://companyweb/ into intranet sites list
Test
2. If still not working change auth to NTLM
iisreset on server
Test

Won't be infront of a pc for a bit. Exercising my democratic right to be forced to vote for a selection of gooses who could not run a monopoly board let alone a country.
0
 
rebejonesCommented:
What version of windows are you running on the pcs. If you are running Vista you made need to add the intranet site to your trusted sites under Internet Explorer. If you go to tools -> Internet Options -> then go to the security tab. From there click on local intranet and then sites and then the advanced tab. Add the intranet site. You will also need to check and make sure that under custom level and user authentication that the radio button is on Automatic logon  in Intranet Zone. The last part is a registry fix that you can find here.: http://support.microsoft.com/kb/943280 
Hope this helps
0
 
xzay1967Author Commented:
The environment is xp and windows 7. That would be a possible solution if this was happening outside the network, or if it was the first time they are attempting to access the intranet. As I mentioned in my prior post, this system has been up and running for more than a yr. The issue did not start happening till last week during and after the last sbs2008 update (rollup). If I am on the actual server, it does not prompt me for any credentials. From the last test rendered, whereby I used a totally random domain\my name, and it allowed me to access the site, seems to be some sort of disconnect betweent the sharepoint and the DC/AD. In the past it would accept taylorbateman\myname, now it is not. If I put somemadeupdomain\myname, it allows me access.............weird.
0
 
Andrew OakeleyConsultantCommented:
Did you test as per my last post?
0
 
xzay1967Author Commented:
Not sure how or why it either changed or worked, but it did. Thanks for your input. I wonder if the update some how changed it, if so, seems a like a warning need to go out.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 9
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now