?
Solved

Authentication Problems via Telnet

Posted on 2016-11-08
8
Medium Priority
?
82 Views
Last Modified: 2016-11-10
Good Afternoon,

I have a very strange issue happening in our environment with SMTP.

Information about our environment:

Mail Server: Exchange 2013
Mail Server OS: Windows Server 2012 R2 Standard
Receive connector on exchange has been created and is enabled
Users workstations: Windows 7 Professional
Users workstation mail clients: Office 2010
All users have local administrative rights to the workstations

Please read carefully my test results before answering. To keep it as simple as possible, tests are done with a telnet session and the goal is to authenticate successfully in the telnet session, nothing more.

The commands I am using in telnet is steps 1 through 7 from here: https://technet.microsoft.com/en-us/library/aa995718(v=exchg.65).aspx I am not concerned about the rest of the steps in this document with testing mail flow as the goal here is to authenticate ONLY.

For our tests we used two domain users (Mary and Peter) and 3 workstations (Peter’s workstation, Mary’s workstation and a test machine. Test machine is newly built with ONLY Windows installed for our testing with this issue), in these tests both users are using the CORRECT credentials. Result tests below.

telnet unsucessful authentication
1. Mary logs in to her workstation using her domain credentials and attempts to authenticate via telnet using her domain credentials. Authentication is UNSUCCESSFUL (seen above).

2. Mary logs in to her workstation under her domain credentials, Peter attempts to authenticate via telnet on her machine using his domain credentials. Authentication is SUCESSFUL.

3. Peter logs in to Mary’s workstation using his domain credentials and attempts to authenticate via telnet on her machine using his domain credentials. Authentication is SUCESSFUL

4. Peter logs in to his workstation using his domain credentials and attempts to authenticate via telnet on his machine using his domain credentials. Authentication is SUCESSFUL.

5. Mary logs in to Peters workstation using her domain credentials and attempts to authenticate via telnet on his machine using her domain credentials. Authentication is SUCESSFUL.

6. Peter logs in to his workstation using his domain credentials, Mary attempts to authenticate via telnet on his machine using her domain credentials. Authentication is SUCESSFUL

7. Peter logs in to the test workstation using his domain credentials and attempts to authenticate via telnet on the test machine using his domain credentials. Authentication is UNSUCESSFUL.

8. Mary logs in to the test workstation using his domain credentials and attempts to authenticate via telnet on the test machine using her domain credentials. Authentication is UNSUCESSFUL.

So what is causing this? From these tests we have come to the conclusion that something must be missing or disabled from both Mary’s and the test workstation, however why would Peter authenticate successfully on Mary’s machine if that were the case (test 2).

And it doesn’t appear that there is an issue with exchange as when Mary attempts to authenticate from Peters machine she is successful (tests 5 and 6).

We are absolutely stumped.

Anybody got any ideas?

Kindly advise.

Regards,
N
0
Comment
Question by:nobushi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 16

Expert Comment

by:joinaunion
ID: 41879544
Is Mary's machine blocking port 25 assuming your using port 25? Are you configured to use SSL&TLS and is Mary's pc configured likewise?
0
 
LVL 1

Author Comment

by:nobushi
ID: 41879625
@joinaunion

Yes we are indeed using port 25.

All workstations including Mary's has Windows firewall disabled. So the port is not being blocked by the workstation.

All of the below are enabled under Mary's profile as well as all other users via GPO.

IE Advanced Options
Kindly advise.

Regards,
N
0
 
LVL 16

Accepted Solution

by:
joinaunion earned 2000 total points
ID: 41881172
Are you able to assign Mary's pc a new ip and try again? (test purposes) I feel you may have tried to many times with the current ip wich in turn may have caused a Authentication ban on the current ip.

Please post back.
0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

 
LVL 1

Author Comment

by:nobushi
ID: 41881262
@joinaunion

OK. Will give it a try tonight and revert back.

Thanks,
N
1
 
LVL 1

Author Comment

by:nobushi
ID: 41881532
@joinaunion

So I changed the IP of Mary's machine as you suggested and the bugger finally authenticated. Amazing!!! Thank you so much, I never even imagined it could be the bloody IP giving us all this fuss.

So now that that's settled, how would I go about to remove this Authenticated ban on the IP??? I'm assuming exchange, but where in exchange as I've read several articles that this first had to be set up and to my knowledge it never was.

Below screenshot is where i should find it in the protection menu there should be a "Action Center" but its not there. Is there another place where it would be blocked?

exchange.png
Kindly advise.

Regards,
N
0
 
LVL 16

Expert Comment

by:joinaunion
ID: 41882687
Is there a specific intrusion software your using on your server? If so that is where you will want to unblock/unban.

If not please post back.
0
 
LVL 1

Author Closing Comment

by:nobushi
ID: 41882985
@joinaunion - Thank you for your time. We do have a cisco ironport appliance for mail, however I haven't been able to locate the area for blocking/unblocking IP's within there.

Don't worry about it though, you have solved my initial problem and that's what matters most. I will be contacting cisco tonight to see if they can assist me, since we are paying for support of the appliance anyways.

Thanks again.

Kind Regards,
N
0
 
LVL 16

Expert Comment

by:joinaunion
ID: 41883090
Glad to have helped. Anytime.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
This Micro Tutorial will give you a basic overview of Windows Live Photo Gallery and show you various editing filters and touches to photos you can apply. This will be demonstrated using Windows Live Photo Gallery on Windows 7 operating system.
This video discusses moving either the default database or any database to a new volume.
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question