Re: Need access to Windows SBS 2003 from DOS client

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Hello Tim,

You have to change the Default domain controllers policy and LOWER the security level to allow DOS authentication with server 2003. The question is, will you allow this?

Then change following policy:
Default domain controllers policy,Security settings,local policies, Security, Digitally sign Server communication (always) to DISABLED

Also look here about SMB signing:
http://support.microsoft.com/kb/839499/EN-US/

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

We are trying to support an old network that has a number of DOS
clients that are required to access a server for manufacturing data.
We would like to replace the existing server with at least Windows SBS
2003. However, in testing, we are unable to access the new domain from
DOS clients.

The client and server can communicate, but the client gets an "Error
5: Access has been denied" error on logon. The server's event log
shows a logon request from the client, a successful logon, and an
immediate logoff. No error or other data is given in the log; all
three events have a Successful status. The client has no problem
logging on to a Windows 2000 Server domain.

We have read numerous support articles and tried numerous settings
without changing the result. Many others claim success in getting this
to work, but we cannot. We do understand that lowering the required
security settings exposes the network to some risk, but we have no
choice. We have tried modifying various group policy settings such as
secure channel signing, SMB signing, LDAP signing, SID translation, LM
and NTLM responses, SAM password hashes, etc. We are still unable to
find a combination that allows DOS clients on the domain.

For testing, we are using a freshly installed copy of Windows SBS 2003
SP1 and a freshly installed copy of DOS V6.22 with the Networking
Client for MS-DOS V3.0. The domain controller and client can ping
each other by name and, as mentioned above, the server event log does
see the logon attempt and identifies the client and user by name. The
logon event (540) has a success status, but is immediately followed by
a logoff event (538). The client only sees the error message listed
above.

Can anyone help? Thanks!



.

Relevant Pages

  • Re: TCP/IP comms problems between WinXP and DOS
    ... I have written client and server versions ... In the instance where I have a problem the DOS system is running as client, ... By simple changing of i/p addresses / network names I have run the client ...
    (microsoft.public.dotnet.languages.vc)
  • Re: network booting
    ... So the client would need to tell on which offset into on of the ... The client asks the server to open a specific file (by ... component of DOS 3.3, as well as RWTS. ... code on the C64 can send commands (using a serial protocol called IEC) ...
    (comp.sys.apple2)
  • Re: TCP/IP comms problems between WinXP and DOS
    ... I have written client and server versions ... In the instance where I have a problem the DOS system is running as client, ... implementation of the communications of the DOS client. ...
    (microsoft.public.dotnet.languages.vc)
  • Re: TCP/IP comms problems between WinXP and DOS
    ... I have written client and server versions ... In the instance where I have a problem the DOS system is running as client, ... By simple changing of i/p addresses / network names I have run the client ...
    (microsoft.public.dotnet.languages.vc)
  • Re: Port 1025 RPC /Lsass.exe
    ... Clients use DNS to locate all domain controllers in domain. ... Next thing -- client will try to talk to the DC it chose. ... from command line to see which server authenticated the client. ... We have a branch office with approx 40 users. ...
    (microsoft.public.windows.server.networking)