NT 4 will not resolve and can’t access UNC on 2008 network

Posted on 2011-10-28
Last Modified: 2012-05-12
We had a 2003 domain (DNS, DHCP, DC), domain controllers were 2003.
We have one NT 4 standalone server that is running old statistic software, and some Intranet pages.
We added two 2008 R2 Domain controllers and made them DNS server (integrated)
I Transferred the FMOS rolls from single 2003 DC to 2008 server
Also transferred DHCP roll to one of the new 2008 servers.

Everything has work fine for last week or so. This Wednesday I shut down the old 2003 server to see if any problems would pop up before demoting and retiring the server. The standalone NT 4 box immediately when trying to log on, you would get:
“There are currently no logon servers available to Authenticate to”, so it is using cache credentials.
You could not access the NT 4 box from a UNC path (name or IP). You could not access some web pages or links. Went trying to access UNC path I get:  “There are currently no logon servers available to service the logon request”.

I can, access the NT 4 box using VNC software from any other computer (name or IP).

From the NT 4 box, I do a nslookup and it is the new DNS server, all the settings on the network card are set to static and pointing to the new DNS server. (only thing changed on NIC was DNS server, pointing to new DNS)

All records look right in DNS (new DNS (NS), and NT box is static in forward and reverse zones

Doing a IPCONFIG /all on NT box, gives all the right information (pointing to new DNS)
(see enclosed)

From the NT 4 box I can access any other computer via run box, UNC path (name or IP), Ping anyone …etc.

I don’t remember how to flush the DNS on NT 4 box, but I have shut down the NT box and restarted 4 times since I took the old server offline (I would think that would flush any caches).

Was wondering if there is some WINS setting or something I might need to add/change…???

Definitely need some help or advice to point me in the right direction. Can’t find any errors on new 2008 servers that might help me pinpoint the issue, so I am kind of leaning towards some setting on the NT box not refreshing or needs changed. Got to be something simple… HELP Experts.

Thanks in advanced!!


Question by:Fubr

    Author Comment

    LVL 15

    Accepted Solution

    This problem occurs because of the default behavior of the Allow cryptography algorithms compatible with Windows NT 4.0 policy on Windows Server 2008-based domain controllers. This policy is configured to prevent Windows operating systems and third-party clients from using weak cryptography algorithms to establish NETLOGON security channels to Windows Server 2008-based domain controllers.

    1.  Log on to a Windows Server 2008-based domain controller.
    2.  Click Start, click Run, type gpmc.msc, and then click OK.
    3.  In the Group Policy Management console, expand Forest: DomainName, expand DomainName, expand Domain Controllers, right-click Default Domain Controllers Policy, and then click Edit.
    4.  In the Group Policy Management Editor console, expand Computer Configuration, expand Policies, expand Administrative Templates, expand System, click Net Logon, and then double-click Allow cryptography algorithms compatible with Windows NT 4.0.
    5.  In the Properties dialog box, click the Enabled option, and then click OK.

    Author Comment

    jrhelgeson you are the BOMB!!
    "Bam, Bam, BAMITY BAM"

    I would have never figure that out!
    Thanks a million!!

    Any other catch 12s for older hardware with 2008??
    (evil grin)


    Author Closing Comment

    Rock on "Big Guy"!!

    Thanks again

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
    Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
    This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
    This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now