Can't map the I drive

Posted on 2011-10-26
Last Modified: 2012-05-12
I have a user, his network password and as400 password are the same. He can signon to the as400 sucessfully. When he attempts to map the I drive, it asks for a userid and password. He enters his userid and password (for the as400), it just presents the logon screen again. No error message, but if I check iseries navigator, I find that his userid has been disabled ( I reenabled it before we tried mapping the idrive, so it is disabling it when he tries to enter it at that logon screen). I have checked to be sure he is enrolled in the system directory he is. This was working for him a few months back. He has been out on leave. When he returned it no longer worked. From his machine, after he gor the signon again, we entered a different users id and password, The I drive opened for use.
What else can I check?
Question by:qbjgqbjg
    LVL 34

    Accepted Solution

    Well, the system only disables profiles like this after multiple failed signon attempts: meaning that the user ID an/or password combination are incorrect.  The number of attempts and specific action is governed by the QMAXSIGN and QMAXSGNACN system values.  

    The simplest answer is that he is typing something different in this password box than he is typing to log on to the AS/400 through whatever other facility he is using.

    If that is not the answer, then this may be a "case" issue.  See this support document for more information:

    After following that support document, if you need more help, please post back with:

    PC OS version
    Client Access version
    AS/400 OS version
    QPWDLVL system value
    Windows password characteristics (just need to know if it contains only upper case, only lower case, or mixed case letters)
    AS/400 password characteristics (ditto)
    PC's HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\LMCompatibilityLevel registry setting (see support document above)
    If Client Access is at V5R4 or later, iSeries NetServer Properties > Security tab -> Allow authentication with LAN Manager password hash setting

    - Gary Patterson

    LVL 13

    Expert Comment

    To make problem determination simpler, I often map the drive with a different profile than the user logs into the screen with. Then can try to separate what the issue is.

    Think also about what else may have changed in the environment during user's absence? windows version? o/s version?

    Hope this helps

    Author Comment

    He said he has bith lower and uppercase in his password. On a AS400 session, case does not seem to matter, I wonder if that could be an issue?

    Author Comment

    He is going to try changing his password to all lowercase and a #, to see if that makes a difference.
    LVL 2

    Expert Comment

    I have dealt with that disabled user profile for many reasons.  The most common one is the user name on the Windows PC matches the iSeries server but the password doesn't match.

    The following information came from the IBM Information Center that explains it a bit more.

    iSeries NetServer authenticates client files and print requests that are based on the user identity (user ID) and password that are used in the Windows® desktop logon. If an i5/OS user profile matches the Windows desktop client user ID, then the passwords are checked. If the passwords do not match, iSeries NetServer prompts the client to enter the correct one.

    Note: If the Windows user ID is longer than 10 characters (also the maximum length of the user profile name on the i5/OS operating system), then iSeries NetServer truncates the Windows user ID to 10 characters and attempts to match it with an i5/OS user profile. For example, an i5/OS user profile called ADMINISTRA can be created to match the Windows Administrator user without requiring guest support.

    If your passwords used to be in sync and now they are not it would explain that happening.  Also, to make sure I don't have some other authority issue, I usually try to use a problem user profile and log into a telnet session.  Of course, the user must have the authority to do that too - at least long enough to test it out.

    Author Closing Comment

    The answer was the mixed case password. He changed it to all lowercase and #. It is working.

    The setting must have been changed.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    After several days of searching and hunting for limited documentation, I wanted to share this guide to hopefully save someone the hassle of trying to figure this out on their own. I have tested this on Xendesktop 7.1 and PS 4.5 running simultaneous…
    Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now