Solved

Non-Domain user Accessing Server Shares

Posted on 2011-03-15
8
557 Views
Last Modified: 2012-05-11
Hello Experts,

We have a Domain user (has a user account on our domain), that uses his personal laptop (which is not joint to the domain) on site. He has always been able to access server shares (using his login/password). I have setup an outlook profile that he uses to access his mail from his laptop (RPC over HTTP). I have also setup Network printers on his Laptop.
This has work fine for years.  About 6 months ago he upgraded his laptop to a newer Windows 7 (64-bit) laptop.
Which was fine, we reconfigured it and has been able to do everything he did before (email, print, share access).

Now about a week ago (and I don’t know if this is the problem), he updated to Windows 7, SP1.
Now when he came in a few days ago, every time he tries and connect to a share on server or access his mail, it locks up the whole laptop. Not just times out or locks up the task, but the whole laptop is froze. Only way out is to kill the power to laptop.

Something I notice when trying to access shares by run line (\\servername), is it give a “Logon Failure” before you even put in any username (see enclose attachment).
Doesn’t matter if you put in “DomainName\username”


User does have permissions to shares and has access them many times in the past.
I have check the logs (event viewer) and only things showing up here is, unexpected shutdown from killing the power to Laptop and I do have a event ID 529, Source Security in the “Security” logs. (Unkonw user name or bad password)

I can log on to any domain computer and access server shares with his username and password.
I have tried with windows firewall on/off (doesn’t matter)
There is no internal corp firewalls to cross (just to outside world and user can access internet fine)

Anyone have any ideas where this went south?

Thanks

  Fubr
 LogonFailure EventID529
0
Comment
Question by:Fubr
8 Comments
 
LVL 5

Accepted Solution

by:
KPAYNE123 earned 250 total points
ID: 35140887
Make sure that the workgroup name is the same as the domain and that should work.
0
 
LVL 33

Expert Comment

by:it_saige
ID: 35140987
Also...

Try using "net use * /delete" to ensure that you have removed all previous network connections and reattempt a connection to the network resource(s).

-saige-
0
 
LVL 12

Assisted Solution

by:Sommerblink
Sommerblink earned 250 total points
ID: 35140997
Also, check with the credential manager (in control panel) and delete any past references to that share from there.
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 3

Expert Comment

by:shjacks55
ID: 35141140
http://support.microsoft.com/kb/2492702 ?
not sure why BAD laptop freezes completely on failed login, sounds like another network component on the laptop. You've tried his username and password on the interior network however you don't say that you have tried logging in from a remote desktop?
Have you tried running msconfig or "safe mode with networking"?
0
 

Author Comment

by:Fubr
ID: 35141999
I tried the “net use */delete” and got error (can’t find computer)
I did change the workgroup name to domain name (DomainName), and it did not work.
(Still lock up laptop)
I check the credential manager and removed references (still no go)

I did find that (after changing workgroup name) that if I logon to server shares with FQDN (DomainName.local\username), that I could access shares and then, it didn’t matter what I access. I could use DomainName\Username on anything else (even email).
Like once it authenticated (or got token) it new who this user was.

Shjacks55, I think you mean mstsc (for msconfig), and I will try this and the safe mode with networking shortly, to see what happens.

I can’t believe everything could go so south after been working so good for 6 months
(still could be something with SP1, I guess)

Fubr
0
 
LVL 33

Expert Comment

by:it_saige
ID: 35142186
Did you type:

C:\>net use * /delete

or

C:\>net use */delete

If you used the second one you missed a space between the * and the /.

-saige-
0
 

Author Comment

by:Fubr
ID: 35142316
My bad it_saige, I did miss the space. Ran it (net use * /delete) again and it said:
"nothing in list"

shjacks55, I was able to log in using mstsc to remote computer.
I was also able to restart and use "safe mode with networking", using DomainName\username.

Going back into the credential manager, there is a entry under "ServerName" that has "DomainName.local\Username" now.
0
 

Author Comment

by:Fubr
ID: 35151823
User has no issues at home, and is getting along fine now.

I will split the points up with KPANYE123 and Sommerblink.
I couldn't do anything before changing the workgroup name and Once I removed the entry in Credential manager and log in with FQDN\username it seems to add the entry to credential manager.

All good advice and alway enjoy the feed back.

Thanks Fellas

 Fubr
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
GPO Access denied in AD 12 50
Active Directory - Error 8614 - Do all DC's need to replicate 5 74
AD user acount change history 4 69
Trasfering FSMO roles 8 104
Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question