RE: Authentication question
From: gordonah (gordonah_at_discussions.microsoft.com)
Date: 11/12/04
- Next message: Mark Clark: "RE: Authentication question"
- Previous message: gordonah: "Re: Intersite urgent replication"
- In reply to: Mark Clark: "Authentication question"
- Next in thread: Mark Clark: "RE: Authentication question"
- Reply: Mark Clark: "RE: Authentication question"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 12 Nov 2004 08:13:04 -0800
Mark
just a guess, but as it stands there are three 'account databases' as such;
Netware, Active Directory and the MEMBER-SERVER SAM.
When the PC accesses the share on PDC-SERVER, the server checks against it
account database (the AD as it is a DC), and finds a matching
username/password combination. When similar is attempted on MEMBER-SERVER, it
checks against it's account database and draws a blank, therefore prompts for
a username and password. By inputting the username/password combination you
are implicitly or explicitly adding the domain association, i.e. DOM\username
password.
As above, I'm just making this up as I go along, it seems feasible. Although
I'm not sure of the underlying authentication mechanics for accessing a share
on a member server, this theory could perhaps be tested by adding matching
credentials for a local account (in MEMBER-SERVER SAM), and seeing if this
grants access.
Gordon
"Mark Clark" wrote:
> As a bit of introduction, we are using Netware 6.5 and ZenWorks 6.5 to
> create dynamic local users on our XP machines (they are not in a
> domain). We are now trying to set up an Active Directory server in
> addition to this. We are using Nsure Identity Manager (DirXML) 2.0 to
> sychronize accounts between the NW servers and the AD domain controller
> (a Windows 2003 server). This is all working fine.
>
> From a client machine I can browse to \\PDC-SERVER\C$ with no problems
> or dialogs, even though my machine is not in the domain. I can do this
> because the account and password matches on both systems (NW & AD), so
> the PDC just authenticates me and lets me in automatically (I assume).
> This is the desired result. I want logins between the two systems to be
> totally seamless (no login dialog) once the user logs into NW.
>
> The problem: I have just added a member server to the domain. Whenever
> I try to browse to this member server via \\MEMBER-SERVER\C$, I am
> prompted to log in. If I supply the same username and password as I
> have already done to log in initially, the member server will let me in.
> However, I need this member server to just figure out that I have the
> same userid and password and let me in automatically, just like the PDC
> does. I cannot figure out how to get it to do that. Does anyone know
> why the PDC will automatically authenticate me while the member server
> will not, and how I can modify the member server behavior?
>
> Thank you!
>
- Next message: Mark Clark: "RE: Authentication question"
- Previous message: gordonah: "Re: Intersite urgent replication"
- In reply to: Mark Clark: "Authentication question"
- Next in thread: Mark Clark: "RE: Authentication question"
- Reply: Mark Clark: "RE: Authentication question"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
