Re: CIFS and Windows Server 2003

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: Joe Richards [MVP] (humorexpress_at_hotmail.com)
Date: 05/09/04

• Next message: Joe Richards [MVP]: "Re: LDAP Hotfix Query"
• Previous message: Joe Richards [MVP]: "Re: objectSID"
• Next in thread: Steve Schofield: "Re: CIFS and Windows Server 2003"
• Reply: Steve Schofield: "Re: CIFS and Windows Server 2003"
• Messages sorted by: [ date ] [ thread ]

---

Date: Sun, 09 May 2004 15:48:05 -0400

Are you using kerberos for the authentication from HPUX? That may be the issue.
Windows Server 2003 drops one or more of the more insecure kerberos mechanisms.

--
Joe Richards Microsoft MVP Windows Server Directory Services
www.joeware.net
faels wrote:
> We are currently using FacetCorp's FacetWin to access resources on an
> HPUX platform from Windows.
> 
> We recently upgraded one of our domain controllers to Windows Server
> 2003 Standard Edition.  Prior to the upgrade, we were successfully
> using this server to authenticate users trying to access NetBIOS
> resources on the HPUX box.  After the upgrade we started receiving
> errors when trying to authenticate using the new 2003 DC.  Everything
> seems to work for a few hours before authentication starts to fail.
> 
> If we point the HPUX box to a Windows 2000 domain controller,
> everything works just fine.
> 
> We have disabled all policies requiring SMB signing, and enabled
> "Sending unencrypted passwords to third party SMB servers" for the
> domain.  I am also supporting all available types of LM and NTLM
> authentication.
> 
> I have created SPNs for the Windows services that need access to the
> Unix resources, trusted the associated machines and services users for
> delegation, and still can't get it to work.
> 
> Can anybody tell me why this works on 2000 but not on 2003?  Is it a
> Kerberos issue?  If so, is there any sound literature on service
> principal names and their role in AD?
> 
> I tried capturing packets, but could not find any useful information.

---

• Next message: Joe Richards [MVP]: "Re: LDAP Hotfix Query"
• Previous message: Joe Richards [MVP]: "Re: objectSID"
• Next in thread: Steve Schofield: "Re: CIFS and Windows Server 2003"
• Reply: Steve Schofield: "Re: CIFS and Windows Server 2003"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Unneccessary Authenitication Dialogs ... Windows Server 2003 - basic installation, ... ASP.NET intranet site utilizing Windows Authentication ... (microsoft.public.windows.server.security) Re: looking for a group calendaring system - any suggestions ... Currently using windows server 2003 for authentication. ... First thoughts were to use a Linux system because I do not believe I can find a low cost or open source product that runs on windows. ... plays harp for food, ... (RedHat) Re: Kerberos Issue ... MVP for Windows Server - Software Distribution ... "Ralish" wrote in message ... > I have tracked the issue down to an authentication issue with Kerberos. ... > LFN-SVR-1 is the name of the machine and LFN is the short domain name. ... (microsoft.public.windows.server.security) Re: kerberos configuration for Samba Server ... > package or the workstation package. ... > be a domain member of a Windows Server 2003 Active Directory domain, ... to be able to get tickets from the Windows Server 2003 KDC. ... you only want to act as a Kerberos client (which is the case for AD ... (Fedora) Re: Members only with Frontpage ... already authenticated by a Windows server. ... I'm trying to create a members ... "Jim Buyens" wrote in message ... > Securing Web Pages With Windows Authentication ... (microsoft.public.frontpage.client)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.active_directory  > 2004-05