CIFS Authentication in AD 2003

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: faels (dweingarten_at_firstam.com)
Date: 09/14/04 

Date: 14 Sep 2004 09:01:52 -0700

We have a HPUX server running FacetWin (NetBIOS Server software) on
our network. The HPUX server references a domain controller to help
authenticate domain users looking to access its resources.

Everything was working perfectly when our main domain controller was
running Windows 2000. We upgraded the domain controller's OS to
Windows Server 2003 Standard, and immediately started experiencing
problems. The FacetWin software will run smoothly for a varied amount
of time while referencing the 2003 server. After a while the software
will persistently fail to authenticate users stating that the trusted
server rejected the request.

We have a 2000 domain controller that also hosts a copy of AD on our
network. When we configure the HPUX box to use it for authenticating
users, the process works flawlessly and permanently.

The authentication process is only failing by one machine that has
custom services running as a domain user. It is accessing UNC paths
on the HPUX box on a recurring basis.

All "required" SMB signing has been disabled, so that is not the
issue.

What has changed between 2000 and 2003 that is causing this problem?
Kerberos settings, policy changes, user rights?

Relevant Pages

  • Re: How to know which Active Directory Server Ive logged on?
    ... server is the user's exchange home server. ... Users from a certain domain can authenticate against every ... location then a user is authenticated by a domain controller covering ...
    (microsoft.public.win2000.active_directory)
  • Re: How to know which Active Directory Server Ive logged on?
    ... "Marwan Kandeel" wrote: ... server is the user's exchange home server. ... Users from a certain domain can authenticate against every ... location then a user is authenticated by a domain controller covering ...
    (microsoft.public.win2000.active_directory)
  • Re: Sites and Services
    ... Joe Richards Microsoft MVP Windows Server Directory Services ... The workstation should always prefer to authenticate to a DC in its site first. ... In your situation they should also be DNS servers and the local clients should have the local DC/GC/DNS server set as the preferred DNS server via DHCP. ... I have a power domain controller onsite. ...
    (microsoft.public.windows.server.active_directory)
  • RE: hosts not using alternate DCs
    ... These enable a client to locate a domain controller that is running the ... Windows Server 2003–based domain controllers that are running the KDC service ... > could not authenticate with the shopcart server causing our website to go ... i have since gone in and configured replication to auto discover ...
    (microsoft.public.windows.server.active_directory)
  • Re: CIFS Authentication in AD 2003
    ... In Server 2003 nul access to directory services is not permitted by default. ... Is your application running under the security context of a domain user ... The HPUX server references a domain controller to help ... > authenticate domain users looking to access its resources. ...
    (microsoft.public.windows.server.active_directory)