Windows 2003 SP1 denies access from DOS client
- From: "TimF" <twf_news@xxxxxxxxx>
- Date: 31 May 2005 09:09:44 -0700
After installation of SP1 on Windows 2003 Standard server a DOS client
can no longer login.
- Before SP1, the DOS client (Microsoft networking client v3.0) had
consistently logged in to this simple domain controlled by the Windows
2003 server.
- Same computer was also connecting to Windows 2003 server when booted
into Windows 98 SE.
- Immediately after installation of SP1 on the Windows 2003 server,
when booted into DOS, the DOS client on this computer could not login
to the domain, though the same computer is still able to connect and
logon when booted into Windows 98 SE. The error message that the DOS
client receives is "#5: Access denied".
Here are the settings on the server:
The Windows Firewall is disabled on the Windows 2003 SP1 server and no
other firewalls are loaded on it.
On the Windows 2003 SP1 server, the following Local Policies/Security
Options are set:
Domain member: Digitally encrypt or sign secure channel data
(always) Disabled
Domain member: Digitally encrypt secure channel data (when
possible) Disabled
Domain member: Digitally sign secure channel data (when
possible) Disabled
Domain member: Require strong (Windows 2000 or later) session
key Disabled
Microsoft network client: Digitally sign communications
(always) Disabled
Microsoft network client: Digitally sign communications (if server
agrees) Enabled
Microsoft network server: Digitally sign communications
(always) Disabled
Microsoft network server: Digitally sign communications (if client
agrees) Disabled
Network security: LAN Manager authentication level
LM & NTLM responses
Network security: Minimum session security for NTLM SSP based
(including secure RPC) clients No minimum
Network security: Minimum session security for NTLM SSP based
(including secure RPC) servers No minimum
In both the Domain Controller Security Policies and the Default Domain
Security Policies: All items corresponding to the above Local Policies
are set to "Not Defined'.
Except for the LAN Manager authentication level, I have tried setting
these to "Disabled" on the domain policies, with no success.
Info about the LAN:
The LAN consists of this Windows 2003 SP1 Server as the sole server on
a domain with 30 user licenses and 8 PC's, most of which are Windows 98
SE, some Windows XP Home/Pro, one Windows 2000 Pro. Periodically, the
Windows 98 SE computer is re-started into DOS to run an application
that requires a pure DOS environment. This computer was logging into
the domain via the Microsoft DOS networking client v3.0 until the
installation of SP1 on the Windows 2003 server. No other known changes
were made at the server or the DOS client.
Are there any other settings that I should try?
Tim
.
- Prev by Date: Re: Windows 2000 client can't map network drive on windows server 2003
- Next by Date: Re: DHCP Script
- Previous by thread: Copying TOS into PPTH header
- Index(es):
Relevant Pages
|
Loading
