Re: User authorisation

From: Alex (anonymous_at_discussions.microsoft.com)
Date: 08/20/04 

Date: Fri, 20 Aug 2004 04:51:22 -0700

Hi Mike
Yes I do get a indows asking for authentication, after
trying different usernames and passwords I've determind
that the member server only accepts a local logon(on the
member server).
This is what appears in the workstation Application event
log when it is un able to authorise.

Event Type: Error
Event Source: AutoEnrollment
Event Category: None
Event ID: 15
Date: 20/08/2004
Time: 12:41:27
User: N/A
Computer: Workstation1
Description:
Automatic certificate enrollment for local system failed
to contact the active directory (0x8007054b). The
specified domain either does not exist or could not be
contacted.
  Enrollment will not be performed.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

When the member server's local admin account username and
password is entered, access is granted.

this could be a normal function of windows server 2003 but
is ther a way to authenticate the user against the AD
without having to attach the computer to the domain?

thanks
Alex Hart

>-----Original Message-----
>Alex,
>
>Do you get a windows asking for authentication? Do you
use domain user to
>authenticate? Can you use some other user (e.g.
administrator) just for
>testing, so that we know that it is not a permission
issue?
>
>Can you check System and Application logs on client PC
and logs on DC?
>
>Mike
>
>"Alex" <anonymous@discussions.microsoft.com> wrote in
message
>news:2a2f01c486a5$fcf00250$a301280a@phx.gbl...
>> Hi Mike
>>
>> Thanks for the help but it doesnt seem to like that.
>> It appears as if it can not authorise the user for some
>> reason.
>>
>> Alex
>>
>>
>> >-----Original Message-----
>> >Hi Alex,
>> >
>> >Sure there is. Client's don't have to be members of
>> domain to access
>> >resources on other domain members, but they will need
>> appropriate
>> >permissions on drives or you will have to allow
anonymous
>> access (not
>> >recommended for security reasons)...
>> >
>> >When you e.g. go to shared folder e.g.
>> \\file_server\share_data and you get
>> >prompted for access under username enter:
>> >
>> >domain\username
>> >
>> >and under password enter password for username.
>> Replace "domain" part with
>> >NetBIOS name of domain. If you have any more questions,
>> feel free to ask
>> >:-).
>> >
>> >I hope this helps,
>> >
>> >Mike
>> >
>> >"Alex" <anonymous@discussions.microsoft.com> wrote in
>> message
>> >news:9af501c48696$75c57df0$a401280a@phx.gbl...
>> >> Hi All
>> >>
>> >> Is there a way or authorising users that do not logon
>> to a
>> >> DC, to be able to access folders on a member server?
The
>> >> reason for this is that I have just demoted a DC to a
>> >> member server that holds the user areas, laptops
that do
>> >> not logon to the domain were able to access the
shares
>> >> because the server was a DC. Other than adding each
user
>> >> as a local user, setting up a trust for each Laptop
or
>> >> moving the user areas to a DC and remaping the
drives.
>> >> What else could I try?
>> >>
>> >> Hope I've explained the problem in a way someone can
>> >> understand.
>> >>
>> >> Thanks in advance
>> >>
>> >> Alex Hart
>> >
>> >
>> >.
>> >
>
>
>.
>