Solved

Windows Server 2008 client gets security error in Win 7 Pro

Posted on 2013-12-13
10
336 Views
Last Modified: 2014-02-01
I have a client with a new laptop who logs into a new Windows Server 2008 R2 domain, with redirected Documents folder.  When she took her laptop home, she turned it on, and without getting onto LAN or wireless, her documents folder was empty, consisting only of the Public folder.

At her office, I dropped in, and connected her to the office wireless, and without logging off/on, browsed to the server and was prompted for user name and password. In that box was the message:

The system has detected a possible attempt to compromise security.  Please ensure that you can contact the server that authenticated you."

The DNS settings for the LAN and wireless are set to automatic, and while connected to the LAN, she seems to be fine.

I thought that the system should give her connection to her documents even if she is connected to *no* network.

Microsoft says, "To resolve this problem, configure the network firewall so that TCP port 88 and UDP port 88 are not blocked for either domain."  I assume this is a change for the laptop's firewall?  Or is it the server's?

I need help. Thanks.
Dave
0
Comment
Question by:DaveWWW
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
10 Comments
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39717330
This would refer to the laptop's firewall.
http://support.microsoft.com/kb/938457

I have also seen issues like this when the default gateway is not configured properly.

Will.
0
 

Author Comment

by:DaveWWW
ID: 39717419
There are three laptops, all configured the same, seemingly.  Only this one has an issue.  I have added the ports to the firewall.  No difference.
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39717435
Check the event viewer on the users machine for Event ID 6 as it could very well be related to token size. The below link will provide sets to correct this...

http://technet.microsoft.com/en-us/library/dd348689%28WS.10%29.aspx

Will.
0
Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

 

Author Comment

by:DaveWWW
ID: 39732436
The only ID 6 I have relates to the fingerprint sensor.  I'm remoted in with the client right now. When I log on, the documents folder has only the public folder.  I have Hamachi on this laptop as well.  Same result if the Hamachi program is shut off.

I'm at my wits end.
0
 

Author Comment

by:DaveWWW
ID: 39732447
I should mention that the domain controller is not on a static IP.  I'm assuming this is irrelevant as I would have assumed that no syncing would take place until the laptop is back on the DC network?
0
 

Author Comment

by:DaveWWW
ID: 39732581
I'm now wondering if this is all as simple as the fact that I need to add the Documents folder to the sync set in "Sync Center" in Control Panel?
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39732599
I would definitly change the DC to static. Think about it that means your DNS server/s IP is changing. If your clients are not flushing the DNS entries it might be looking for DNS query's at the cached IP address. If that changes and the clients to update their cache then this creates a huge issues.

Change that IP to static on the DC's.

Will.
0
 

Author Comment

by:DaveWWW
ID: 39732685
Sorry, I meant the router's WAN address is dynamic. The server *definitely* has a static internal IP :-)
0
 

Accepted Solution

by:
DaveWWW earned 0 total points
ID: 39757868
It turns out that the user removed her laptop from the domain before an initial sync was accomplished.  I suspect this is the source of at least some of the problems.  I'll post back once I have the laptop on site again.

Dave
0
 

Author Closing Comment

by:DaveWWW
ID: 39826074
The sync issues resulted because an initial sync was not completed.
0

Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question