Strange Problem with Authentication Has anyone ever run across thi

[David Lausten]

I have 3 DC lets call them Main, Exchange and Util.

Until recently everything has been working great. the strange issue is I can
log into the domain just fine It maps all the drives except for one of the
DC's which is Main.

Main is the Infastructure Master and first DC. whenever it tries to map the
drive on the server it asks for a username and password. this hapens on a
couple of different computers on different accounts but not all. and it seems
to roam.

The permisions on the share are set to everyone Read Write etc. and the file
security is the same. if I input my username and password it will connect but
for some reason it is prompting me. Almost like it does not recognize my
Ticket. but when I do input username and password it works fine.

Also when I open up Group Policy managmment it says Logon failure: unknown
user name or bad password.. My account is in the administrator's group.
Selecting the domain controler with the Operations master token for the PDC
emulator does not work I.E. Main. but if I select another DC I will either
get Unable to update the password. The value provided as the current password
is incorrect.
or access denied.

Checked my Account and it is not locked...... if I access \\main\netlogon it
prompts for Username and password.. if I type in \\exchange\netlogon it comes
up.... I have no idea what is going on.

No red X's in the Event viewer anywhere. DNS is correct

AD users and computers and Sites and Services come up. only connecting to
the Exchange computer. but I get Access denied trying to go to Util or Main.
its almost as if I am out of Sync. I also checked the time on the servers
compared to my time. and they are both synced.

I am at a complete loss. I even tried using Kerbtray to purge my tickets.

Main is my Operations Master and when I connect to another DC and select
change it says the Operations Master is Offline.

I will add in the DC and Net Diags. Thanks.

 

[David Lausten]

Diag's too big I can email them by request. Thank you VERY Much in Advance.

 

[Anthony]

Its hard to tell from what you have said. I would run a replmon and force a
replication to check for errors. Then double check the DNS. Is everything
resolving correctly when you use the FQDN? Are the DC's all on the same
site?
Anthony, http://www.airdesk.com

"David Lausten" <DavidLausten@discussions.microsoft.com> wrote in message
news:4AFA0548-4C3C-4744-8B01-213E6A601591@microsoft.com...
> Diag's too big I can email them by request. Thank you VERY Much in
> Advance.

 

[David Lausten]

Re: Strange Problem with Authentication Has anyone ever run across

When I use \\pbcdf-main\netlogon it requests login... when I use
\\pbcdf-main.pbcdf.com\netlogon it also requests login.

checked DNS and it seems to be functioning correctly.

All DC's are in the same site. Ran Replmon and no errors in replication I
will post the NetDiag and DcDiags in the next post.

Thank you VERY Much Anthony for helping with this !!!! I am at my wits end.

"Anthony" wrote:

> Its hard to tell from what you have said. I would run a replmon and force a
> replication to check for errors. Then double check the DNS. Is everything
> resolving correctly when you use the FQDN? Are the DC's all on the same
> site?
> Anthony, http://www.airdesk.com
>
> "David Lausten" <DavidLausten@discussions.microsoft.com> wrote in message
> news:4AFA0548-4C3C-4744-8B01-213E6A601591@microsoft.com...
> > Diag's too big I can email them by request. Thank you VERY Much in
> > Advance.
>
>
>

 

[David Lausten]

RE: Strange Problem with Authentication Has anyone ever run across

Main NetDiag
Gathering IPX configuration information.
Querying status of the Netcard drivers... Passed
Testing IpConfig - pinging the Primary WINS server... Passed
Testing Domain membership... Passed
Gathering NetBT configuration information.
Testing for autoconfiguration... Passed
Testing IP loopback ping... Passed
Testing default gateways... Passed
Enumerating local and remote NetBT name cache... Passed
Testing the WINS server
Internal
Sending name query to primary WINS server 10.25.240.15 - Passed
There is no secondary WINS server defined for this adapter.
Gathering Winsock information.
Testing DNS
PASS - All the DNS entries for DC are registered on DNS server
'10.25.240.15' and other DCs also have some of the names registered.
PASS - All the DNS entries for DC are registered on DNS server
'10.25.240.6' and other DCs also have some of the names registered.
Testing redirector and browser... Passed
Testing DC discovery.
Looking for a DC
Looking for a PDC emulator
Looking for a Windows 2000 DC
Gathering the list of Domain Controllers for domain 'SITE2'
Testing trust relationships... Skipped
Testing Kerberos authentication... Passed
Testing LDAP servers in Domain SITE2 ...
Gathering routing information
Gathering network statistics information.
Gathering configuration of bindings.
Gathering RAS connection information
Gathering Modem information
Gathering Netware information
Gathering IP Security information

Tests complete.


Computer Name: PBCDF-MAIN
DNS Host Name: PBCDF-MAIN.Pbcdf.Com
DNS Domain Name: Pbcdf.Com
System info : Windows 2000 Server (Build 3790)
Processor : x86 Family 15 Model 4 Stepping 1, GenuineIntel
Hotfixes :
Installed? Name
Yes KB909520
Yes KB911564
Yes KB921503
Yes KB925398_WMP64
Yes KB925876
Yes KB925902
Yes KB926122
Yes KB927891
Yes KB929123
Yes KB930178
Yes KB931768
Yes KB931784
Yes KB931836
Yes KB932168
Yes KB933360
Yes KB933566
Yes KB933729
Yes KB933854
Yes KB935839
Yes KB935840
Yes KB935966
Yes KB936021
Yes KB936357
Yes KB936782
Yes KB937143
Yes KB938127
Yes KB939653
Yes KB941202
Yes KB941672
Yes KB943460
Yes Q147222
No ServicePackUninstall


Netcard queries test . . . . . . . : Passed

Information of Netcard drivers:


---------------------------------------------------------------------------
Description: Intel(R) PRO/1000 MT Network Connection
Device: \DEVICE\{4ED79BDF-0F71-48FE-B693-2ABB5E6C12DC}

Media State: Connected

Device State: Connected
Connect Time: 17 days, 03:10:24
Media Speed: 100 Mbps

Packets Sent: 259548925
Bytes Sent (Optional): 0

Packets Received: 138327330
Directed Pkts Recd (Optional): 136918100
Bytes Received (Optional): 0
Directed Bytes Recd (Optional): 0


---------------------------------------------------------------------------
[PASS] - At least one netcard is in the 'Connected' state.



Per interface results:

Adapter : Internal
Adapter ID . . . . . . . . : {4ED79BDF-0F71-48FE-B693-2ABB5E6C12DC}

Netcard queries test . . . : Passed

Adapter type . . . . . . . : Ethernet
Host Name. . . . . . . . . : PBCDF-MAIN.pbcdf.com
Description. . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address . . . . . : 00-11-43-E4-38-90
Dhcp Enabled . . . . . . . : No
DHCP ClassID . . . . . . . :
Autoconfiguration Enabled. : Yes
IP Address . . . . . . . . : 10.25.240.15
Subnet Mask. . . . . . . . : 255.255.248.0
Default Gateway. . . . . . : 10.25.240.1
Primary WINS Server. . . . : 10.25.240.15
Dns Servers. . . . . . . . : 10.25.240.15
10.25.240.6

IpConfig results . . . . . : Passed
Pinging the Primary WINS server 10.25.240.15 - reachable

AutoConfiguration results. . . . . . : Passed
AutoConfiguration is not in use.

Default gateway test . . . : Passed
Pinging gateway 10.25.240.1 - reachable
At least one gateway reachable for this adapter.

NetBT name test. . . . . . : Passed
NetBT_Tcpip_{4ED79BDF-0F71-48FE-B693-2ABB5E6C12DC}
PBCDF-MAIN <00> UNIQUE REGISTERED
SITE2 <00> GROUP REGISTERED
SITE2 <1C> GROUP REGISTERED
PBCDF-MAIN <20> UNIQUE REGISTERED
SITE2 <1B> UNIQUE REGISTERED
SITE2 <1E> GROUP REGISTERED
SITE2 <1D> UNIQUE REGISTERED
..__MSBROWSE__.<01> GROUP REGISTERED
[WARNING] At least one of the <00> 'WorkStation Service', <03>
'Messenger Service', <20> 'WINS' names is missing.

NetBios Resolution : Enabled

Netbios Remote Cache Table
Name Type HostAddress Life [sec]
---------------------------------------------------------------
PBCDF-SMSEND <20> UNIQUE 10.25.240.11 442
PBCDF-ORO.PBCDF<2E> UNIQUE 10.1.1.5 442
PBCDF-EXS01.PBC<44> UNIQUE 10.25.240.6 442
PBCDF-NTS032.PB<43> UNIQUE 10.25.240.14 442
PBCDF-DOC <20> UNIQUE 10.25.240.7 427
PBCDF-ORO <20> UNIQUE 10.1.1.5 12
SITE2 <1C> GROUP 10.25.240.15 442


WINS service test. . . . . : Passed
Sending name query to primary WINS server 10.25.240.15 - Passed
There is no secondary WINS server defined for this adapter.
The test was successful. At least one WINS server was found.
IPX test : IPX is not installed on this machine.

 

[David Lausten]

Actually this is easyer.

Main Netdiag

https:\\www.pbcdf.com\main-netdiag.txt

Main DcDiag

https:\\www.pbcdf.com\main-dcdiag.txt

Exchange Netdiag

https:\\www.pbcdf.com\exch-netdiag.txt

Exchange DcDiag

https:\\www.pbcdf.com\exch-dcdiag.txt

 

[- Michel]

RE: Strange Problem with Authentication Has anyone ever run across

David,

Have you checked the requirements for authentication to the machine, for
instance the LAN Manager Authentication Level, the minimum session security
that is allowed etc? It sounds like it falls back to a lower method because
higher methods fail. You'll find the settings in the local (or DC) policies.
Easiest is to check if you see differences with other machines.

Kind regards,
Michel

"David Lausten" wrote:

> Actually this is easyer.
>
> Main Netdiag
>
> https:\\www.pbcdf.com\main-netdiag.txt
>
> Main DcDiag
>
> https:\\www.pbcdf.com\main-dcdiag.txt
>
> Exchange Netdiag
>
> https:\\www.pbcdf.com\exch-netdiag.txt
>
> Exchange DcDiag
>
> https:\\www.pbcdf.com\exch-dcdiag.txt
>

 

[Anthony]

Re: Strange Problem with Authentication Has anyone ever run across

David,
You have four DC's. What happened to the other one?
You have another subnet 10.1.1.0. Is that on a separate site? How is it
connected?
You have a route to a 192.168.12.0 subnet. Is one of the DC's multihomed?
Your Netbios domain name is SITE2. Is this an upgrade from Windows NT? Do
you have a problem with new accounts as well as with old accounts?
You are using the same domain name for AD as you are for your web service.
Can you show an ipconfig /all from one of the clients where you are having a
problem?
I don't quite follow your description of the problem, though I get the
general idea. Is this a problem from one or two specific clients? Do you
have any general client problems? Do you have any errors in the client event
logs? Is this only a problem when mapping drives, and only from your own
client?
Anthony, http://www.airdesk.com



"David Lausten" <DavidLausten@discussions.microsoft.com> wrote in message
newsD12FC89-A114-4D5E-8D1E-35A116EFAFA1@microsoft.com...
> When I use \\pbcdf-main\netlogon it requests login... when I use
> \\pbcdf-main.pbcdf.com\netlogon it also requests login.
>
> checked DNS and it seems to be functioning correctly.
>
> All DC's are in the same site. Ran Replmon and no errors in replication I
> will post the NetDiag and DcDiags in the next post.
>
> Thank you VERY Much Anthony for helping with this !!!! I am at my wits
> end.
>
> "Anthony" wrote:
>
>> Its hard to tell from what you have said. I would run a replmon and force
>> a
>> replication to check for errors. Then double check the DNS. Is everything
>> resolving correctly when you use the FQDN? Are the DC's all on the same
>> site?
>> Anthony, http://www.airdesk.com
>>
>> "David Lausten" <DavidLausten@discussions.microsoft.com> wrote in message
>> news:4AFA0548-4C3C-4744-8B01-213E6A601591@microsoft.com...
>> > Diag's too big I can email them by request. Thank you VERY Much in
>> > Advance.
>>
>>
>>

 

[David Lausten]

Re: Strange Problem with Authentication Has anyone ever run across

Thank you again Anthony

the 4th DC is in the Outreach office it is on the 10.1.1.0 subnet and
connected via VPN over a Cablemodem. only 1 server there and 2 users.

the route for 192 is to connect to another firewall interface for a report
feature. it is not one of the DC and is only used to connect to a RSView
system

The Netbios name of Site2 is indeed an upgrade from nt about 6 years ago.
Went from NT4 to 2000 and now on 03 Never have been able to figure out how to
get rid of that

Yes do have a problem with all accounts funny thing is its not consistent.
In the past month I have had 6 different users complain about the problem.
not sure what is going on. when it runs the login net use s:
\\pbcdf-main\share it promps for username and password even though I am an
administrator on the domain.


ipconfig

Windows IP Configuration



Host Name . . . . . . . . . . . . : Lausten

Primary Dns Suffix . . . . . . . : Pbcdf.Com

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : Pbcdf.Com

Pbcdf.com



Ethernet adapter ISCSI-2:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Server
Adapter

Physical Address. . . . . . . . . : 00-07-E9-1F-C5-A9

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 192.168.48.20

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . :



Ethernet adapter Internal:



Connection-specific DNS Suffix . : Pbcdf.com

Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit
Controller

Physical Address. . . . . . . . . : 00-19-B9-3F-B2-A9

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 10.25.240.133

Subnet Mask . . . . . . . . . . . : 255.255.248.0

Default Gateway . . . . . . . . . : 10.25.240.1

DHCP Server . . . . . . . . . . . : 10.25.240.14

DNS Servers . . . . . . . . . . . : 10.25.240.15

10.25.240.6

Primary WINS Server . . . . . . . : 10.25.240.15

Lease Obtained. . . . . . . . . . : Thursday, January 03, 2008
4:07:37 PM

Lease Expires . . . . . . . . . . : Saturday, January 05, 2008
4:07:37 PM



No General client problems. They are Clean machines.. I make a master
install all software. Run Sysprep. Make an image using Altiris. and push to
the machine and rejoin to the domain.

Basicly pretty much this is the total issue.

1. I can log into the domain
2. Some Drives Map the one on the Main DC does not but promps for username
and password

As an Example. i type in \\pbcdf-main\netlogon (DC 1) it promps for username
and password

I type in \\pbcdf-exs01\netlogon (DC 2) it opens up
I type in \\pbcdf-nts032\netlogon (DC 3) It Promps for Username and Password
I type in \\pbcdf-oro\netlogon (DC 4) It opens up

Being that I am an Administrator on the Domain it should open up everything.

Like in the share folder on pbcdf-main

on the Share permissions Administrators Full Control, Read and Change.
Everyone Read and Change

if I look at the security on the folder itself.
Administrators all rights. and Everyone is everything except for full control.

double checking my membership and I am in administrators and my account is
not locked.

I go into effective permissions and type in my username.

I have the following
Full Control
Travers Folder
List Folder
Read Attributs
Read Extended Attr
Creat Files
Creat Folders
Write Attrib
Write Extended Attrib
Delete Sub
Delete

etc.

So there should be absolutly no reason it is promptming me for username and
password. it is almost as if it doesnt know who I am

here is the key factor

when I do do the \\pbcdf-main\netlogon and it promps me for my username and
password and I input my username and password. it comes up. but when I reboot
it happens again. have no idea. Thanks again for the help

"Anthony" wrote:

> David,
> You have four DC's. What happened to the other one?
> You have another subnet 10.1.1.0. Is that on a separate site? How is it
> connected?
> You have a route to a 192.168.12.0 subnet. Is one of the DC's multihomed?
> Your Netbios domain name is SITE2. Is this an upgrade from Windows NT? Do
> you have a problem with new accounts as well as with old accounts?
> You are using the same domain name for AD as you are for your web service.
> Can you show an ipconfig /all from one of the clients where you are having a
> problem?
> I don't quite follow your description of the problem, though I get the
> general idea. Is this a problem from one or two specific clients? Do you
> have any general client problems? Do you have any errors in the client event
> logs? Is this only a problem when mapping drives, and only from your own
> client?
> Anthony, http://www.airdesk.com
>
>
>
> "David Lausten" <DavidLausten@discussions.microsoft.com> wrote in message
> newsD12FC89-A114-4D5E-8D1E-35A116EFAFA1@microsoft.com...
> > When I use \\pbcdf-main\netlogon it requests login... when I use
> > \\pbcdf-main.pbcdf.com\netlogon it also requests login.
> >
> > checked DNS and it seems to be functioning correctly.
> >
> > All DC's are in the same site. Ran Replmon and no errors in replication I
> > will post the NetDiag and DcDiags in the next post.
> >
> > Thank you VERY Much Anthony for helping with this !!!! I am at my wits
> > end.
> >
> > "Anthony" wrote:
> >
> >> Its hard to tell from what you have said. I would run a replmon and force
> >> a
> >> replication to check for errors. Then double check the DNS. Is everything
> >> resolving correctly when you use the FQDN? Are the DC's all on the same
> >> site?
> >> Anthony, http://www.airdesk.com
> >>
> >> "David Lausten" <DavidLausten@discussions.microsoft.com> wrote in message
> >> news:4AFA0548-4C3C-4744-8B01-213E6A601591@microsoft.com...
> >> > Diag's too big I can email them by request. Thank you VERY Much in
> >> > Advance.
> >>
> >>
> >>
>
>
>

 

[David Lausten]

RE: Strange Problem with Authentication Has anyone ever run across

Local Security policy is set to the following.

Sent LM & NTLM - Use NTLMv2 Session Secirity if Negotiated.

Checking on the SMB Signing I have the following.

Network Server Digitaly sign always disabled.
Network Server Digitaly sign if client agrees enable

Network Client Digitally sign always disabled
Network Client Digitaly sight if server agrees Enabled.

Also when trying to open Group Policy Management Console on my machine it
says bad username or password...

Default DC Policy is Not Definined on anything
Default Domain Policy not Defined

On my Main Policy that I manage the domain with the only setting is Sent LM
& NTLM - Use NTLMv2 Session Secirity if Negotiated.

Thank you for Help Michel. I really appreciate it.

"- Michel" wrote:

> David,
>
> Have you checked the requirements for authentication to the machine, for
> instance the LAN Manager Authentication Level, the minimum session security
> that is allowed etc? It sounds like it falls back to a lower method because
> higher methods fail. You'll find the settings in the local (or DC) policies.
> Easiest is to check if you see differences with other machines.
>
> Kind regards,
> Michel
>
> "David Lausten" wrote:
>
> > Actually this is easyer.
> >
> > Main Netdiag
> >
> > https:\\www.pbcdf.com\main-netdiag.txt
> >
> > Main DcDiag
> >
> > https:\\www.pbcdf.com\main-dcdiag.txt
> >
> > Exchange Netdiag
> >
> > https:\\www.pbcdf.com\exch-netdiag.txt
> >
> > Exchange DcDiag
> >
> > https:\\www.pbcdf.com\exch-dcdiag.txt
> >

 

[Anthony]

Re: Strange Problem with Authentication Has anyone ever run across

It sounds like the kind of problem you get if you access a domain from a
workgroup, or from another domain, or with a different account - for example
if you logged on to the client with a local account and then accessed a
domain resource. It is not the permissions, because you would be denied, not
prompted. You might try rejoining the client to the domain,
Anthony, http://www.airdesk.com

"David Lausten" <DavidLausten@discussions.microsoft.com> wrote in message
news:6808247F-28E3-4BD0-B511-B0D1CA2EF0AC@microsoft.com...
> Thank you again Anthony
>
> the 4th DC is in the Outreach office it is on the 10.1.1.0 subnet and
> connected via VPN over a Cablemodem. only 1 server there and 2 users.
>
> the route for 192 is to connect to another firewall interface for a report
> feature. it is not one of the DC and is only used to connect to a RSView
> system
>
> The Netbios name of Site2 is indeed an upgrade from nt about 6 years ago.
> Went from NT4 to 2000 and now on 03 Never have been able to figure out how
> to
> get rid of that
>
> Yes do have a problem with all accounts funny thing is its not consistent.
> In the past month I have had 6 different users complain about the problem.
> not sure what is going on. when it runs the login net use s:
> \\pbcdf-main\share it promps for username and password even though I am an
> administrator on the domain.
>
>
> ipconfig
>
> Windows IP Configuration
>
>
>
> Host Name . . . . . . . . . . . . : Lausten
>
> Primary Dns Suffix . . . . . . . : Pbcdf.Com
>
> Node Type . . . . . . . . . . . . : Hybrid
>
> IP Routing Enabled. . . . . . . . : No
>
> WINS Proxy Enabled. . . . . . . . : No
>
> DNS Suffix Search List. . . . . . : Pbcdf.Com
>
> Pbcdf.com
>
>
>
> Ethernet adapter ISCSI-2:
>
>
>
> Connection-specific DNS Suffix . :
>
> Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Server
> Adapter
>
> Physical Address. . . . . . . . . : 00-07-E9-1F-C5-A9
>
> Dhcp Enabled. . . . . . . . . . . : No
>
> IP Address. . . . . . . . . . . . : 192.168.48.20
>
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
>
> Default Gateway . . . . . . . . . :
>
>
>
> Ethernet adapter Internal:
>
>
>
> Connection-specific DNS Suffix . : Pbcdf.com
>
> Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit
> Controller
>
> Physical Address. . . . . . . . . : 00-19-B9-3F-B2-A9
>
> Dhcp Enabled. . . . . . . . . . . : Yes
>
> Autoconfiguration Enabled . . . . : Yes
>
> IP Address. . . . . . . . . . . . : 10.25.240.133
>
> Subnet Mask . . . . . . . . . . . : 255.255.248.0
>
> Default Gateway . . . . . . . . . : 10.25.240.1
>
> DHCP Server . . . . . . . . . . . : 10.25.240.14
>
> DNS Servers . . . . . . . . . . . : 10.25.240.15
>
> 10.25.240.6
>
> Primary WINS Server . . . . . . . : 10.25.240.15
>
> Lease Obtained. . . . . . . . . . : Thursday, January 03, 2008
> 4:07:37 PM
>
> Lease Expires . . . . . . . . . . : Saturday, January 05, 2008
> 4:07:37 PM
>
>
>
> No General client problems. They are Clean machines.. I make a master
> install all software. Run Sysprep. Make an image using Altiris. and push
> to
> the machine and rejoin to the domain.
>
> Basicly pretty much this is the total issue.
>
> 1. I can log into the domain
> 2. Some Drives Map the one on the Main DC does not but promps for username
> and password
>
> As an Example. i type in \\pbcdf-main\netlogon (DC 1) it promps for
> username
> and password
>
> I type in \\pbcdf-exs01\netlogon (DC 2) it opens up
> I type in \\pbcdf-nts032\netlogon (DC 3) It Promps for Username and
> Password
> I type in \\pbcdf-oro\netlogon (DC 4) It opens up
>
> Being that I am an Administrator on the Domain it should open up
> everything.
>
> Like in the share folder on pbcdf-main
>
> on the Share permissions Administrators Full Control, Read and Change.
> Everyone Read and Change
>
> if I look at the security on the folder itself.
> Administrators all rights. and Everyone is everything except for full
> control.
>
> double checking my membership and I am in administrators and my account is
> not locked.
>
> I go into effective permissions and type in my username.
>
> I have the following
> Full Control
> Travers Folder
> List Folder
> Read Attributs
> Read Extended Attr
> Creat Files
> Creat Folders
> Write Attrib
> Write Extended Attrib
> Delete Sub
> Delete
>
> etc.
>
> So there should be absolutly no reason it is promptming me for username
> and
> password. it is almost as if it doesnt know who I am
>
> here is the key factor
>
> when I do do the \\pbcdf-main\netlogon and it promps me for my username
> and
> password and I input my username and password. it comes up. but when I
> reboot
> it happens again. have no idea. Thanks again for the help
>
> "Anthony" wrote:
>
>> David,
>> You have four DC's. What happened to the other one?
>> You have another subnet 10.1.1.0. Is that on a separate site? How is it
>> connected?
>> You have a route to a 192.168.12.0 subnet. Is one of the DC's multihomed?
>> Your Netbios domain name is SITE2. Is this an upgrade from Windows NT? Do
>> you have a problem with new accounts as well as with old accounts?
>> You are using the same domain name for AD as you are for your web
>> service.
>> Can you show an ipconfig /all from one of the clients where you are
>> having a
>> problem?
>> I don't quite follow your description of the problem, though I get the
>> general idea. Is this a problem from one or two specific clients? Do you
>> have any general client problems? Do you have any errors in the client
>> event
>> logs? Is this only a problem when mapping drives, and only from your own
>> client?
>> Anthony, http://www.airdesk.com
>>
>>
>>
>> "David Lausten" <DavidLausten@discussions.microsoft.com> wrote in message
>> newsD12FC89-A114-4D5E-8D1E-35A116EFAFA1@microsoft.com...
>> > When I use \\pbcdf-main\netlogon it requests login... when I use
>> > \\pbcdf-main.pbcdf.com\netlogon it also requests login.
>> >
>> > checked DNS and it seems to be functioning correctly.
>> >
>> > All DC's are in the same site. Ran Replmon and no errors in replication
>> > I
>> > will post the NetDiag and DcDiags in the next post.
>> >
>> > Thank you VERY Much Anthony for helping with this !!!! I am at my wits
>> > end.
>> >
>> > "Anthony" wrote:
>> >
>> >> Its hard to tell from what you have said. I would run a replmon and
>> >> force
>> >> a
>> >> replication to check for errors. Then double check the DNS. Is
>> >> everything
>> >> resolving correctly when you use the FQDN? Are the DC's all on the
>> >> same
>> >> site?
>> >> Anthony, http://www.airdesk.com
>> >>
>> >> "David Lausten" <DavidLausten@discussions.microsoft.com> wrote in
>> >> message
>> >> news:4AFA0548-4C3C-4744-8B01-213E6A601591@microsoft.com...
>> >> > Diag's too big I can email them by request. Thank you VERY Much
>> >> > in
>> >> > Advance.
>> >>
>> >>
>> >>
>>
>>
>>

 

[David Lausten]

Re: Strange Problem with Authentication Has anyone ever run across

Removed the computer from the domain (my computers, properties, Joined to
workgroup, restarted, Removed computer record in AD, loged in as admin
rejoined to domain restarted) Verified record creation in AD.

Still having Same problem...... argggggggg.
Thank you VERY VERY VERY Much for your Help Anthony.

I am still stumped...

"Anthony" wrote:

> It sounds like the kind of problem you get if you access a domain from a
> workgroup, or from another domain, or with a different account - for example
> if you logged on to the client with a local account and then accessed a
> domain resource. It is not the permissions, because you would be denied, not
> prompted. You might try rejoining the client to the domain,
> Anthony, http://www.airdesk.com
>
> "David Lausten" <DavidLausten@discussions.microsoft.com> wrote in message
> news:6808247F-28E3-4BD0-B511-B0D1CA2EF0AC@microsoft.com...
> > Thank you again Anthony
> >
> > the 4th DC is in the Outreach office it is on the 10.1.1.0 subnet and
> > connected via VPN over a Cablemodem. only 1 server there and 2 users.
> >
> > the route for 192 is to connect to another firewall interface for a report
> > feature. it is not one of the DC and is only used to connect to a RSView
> > system
> >
> > The Netbios name of Site2 is indeed an upgrade from nt about 6 years ago.
> > Went from NT4 to 2000 and now on 03 Never have been able to figure out how
> > to
> > get rid of that
> >
> > Yes do have a problem with all accounts funny thing is its not consistent.
> > In the past month I have had 6 different users complain about the problem.
> > not sure what is going on. when it runs the login net use s:
> > \\pbcdf-main\share it promps for username and password even though I am an
> > administrator on the domain.
> >
> >
> > ipconfig
> >
> > Windows IP Configuration
> >
> >
> >
> > Host Name . . . . . . . . . . . . : Lausten
> >
> > Primary Dns Suffix . . . . . . . : Pbcdf.Com
> >
> > Node Type . . . . . . . . . . . . : Hybrid
> >
> > IP Routing Enabled. . . . . . . . : No
> >
> > WINS Proxy Enabled. . . . . . . . : No
> >
> > DNS Suffix Search List. . . . . . : Pbcdf.Com
> >
> > Pbcdf.com
> >
> >
> >
> > Ethernet adapter ISCSI-2:
> >
> >
> >
> > Connection-specific DNS Suffix . :
> >
> > Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Server
> > Adapter
> >
> > Physical Address. . . . . . . . . : 00-07-E9-1F-C5-A9
> >
> > Dhcp Enabled. . . . . . . . . . . : No
> >
> > IP Address. . . . . . . . . . . . : 192.168.48.20
> >
> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> >
> > Default Gateway . . . . . . . . . :
> >
> >
> >
> > Ethernet adapter Internal:
> >
> >
> >
> > Connection-specific DNS Suffix . : Pbcdf.com
> >
> > Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit
> > Controller
> >
> > Physical Address. . . . . . . . . : 00-19-B9-3F-B2-A9
> >
> > Dhcp Enabled. . . . . . . . . . . : Yes
> >
> > Autoconfiguration Enabled . . . . : Yes
> >
> > IP Address. . . . . . . . . . . . : 10.25.240.133
> >
> > Subnet Mask . . . . . . . . . . . : 255.255.248.0
> >
> > Default Gateway . . . . . . . . . : 10.25.240.1
> >
> > DHCP Server . . . . . . . . . . . : 10.25.240.14
> >
> > DNS Servers . . . . . . . . . . . : 10.25.240.15
> >
> > 10.25.240.6
> >
> > Primary WINS Server . . . . . . . : 10.25.240.15
> >
> > Lease Obtained. . . . . . . . . . : Thursday, January 03, 2008
> > 4:07:37 PM
> >
> > Lease Expires . . . . . . . . . . : Saturday, January 05, 2008
> > 4:07:37 PM
> >
> >
> >
> > No General client problems. They are Clean machines.. I make a master
> > install all software. Run Sysprep. Make an image using Altiris. and push
> > to
> > the machine and rejoin to the domain.
> >
> > Basicly pretty much this is the total issue.
> >
> > 1. I can log into the domain
> > 2. Some Drives Map the one on the Main DC does not but promps for username
> > and password
> >
> > As an Example. i type in \\pbcdf-main\netlogon (DC 1) it promps for
> > username
> > and password
> >
> > I type in \\pbcdf-exs01\netlogon (DC 2) it opens up
> > I type in \\pbcdf-nts032\netlogon (DC 3) It Promps for Username and
> > Password
> > I type in \\pbcdf-oro\netlogon (DC 4) It opens up
> >
> > Being that I am an Administrator on the Domain it should open up
> > everything.
> >
> > Like in the share folder on pbcdf-main
> >
> > on the Share permissions Administrators Full Control, Read and Change.
> > Everyone Read and Change
> >
> > if I look at the security on the folder itself.
> > Administrators all rights. and Everyone is everything except for full
> > control.
> >
> > double checking my membership and I am in administrators and my account is
> > not locked.
> >
> > I go into effective permissions and type in my username.
> >
> > I have the following
> > Full Control
> > Travers Folder
> > List Folder
> > Read Attributs
> > Read Extended Attr
> > Creat Files
> > Creat Folders
> > Write Attrib
> > Write Extended Attrib
> > Delete Sub
> > Delete
> >
> > etc.
> >
> > So there should be absolutly no reason it is promptming me for username
> > and
> > password. it is almost as if it doesnt know who I am
> >
> > here is the key factor
> >
> > when I do do the \\pbcdf-main\netlogon and it promps me for my username
> > and
> > password and I input my username and password. it comes up. but when I
> > reboot
> > it happens again. have no idea. Thanks again for the help
> >
> > "Anthony" wrote:
> >
> >> David,
> >> You have four DC's. What happened to the other one?
> >> You have another subnet 10.1.1.0. Is that on a separate site? How is it
> >> connected?
> >> You have a route to a 192.168.12.0 subnet. Is one of the DC's multihomed?
> >> Your Netbios domain name is SITE2. Is this an upgrade from Windows NT? Do
> >> you have a problem with new accounts as well as with old accounts?
> >> You are using the same domain name for AD as you are for your web
> >> service.
> >> Can you show an ipconfig /all from one of the clients where you are
> >> having a
> >> problem?
> >> I don't quite follow your description of the problem, though I get the
> >> general idea. Is this a problem from one or two specific clients? Do you
> >> have any general client problems? Do you have any errors in the client
> >> event
> >> logs? Is this only a problem when mapping drives, and only from your own
> >> client?
> >> Anthony, http://www.airdesk.com
> >>
> >>
> >>
> >> "David Lausten" <DavidLausten@discussions.microsoft.com> wrote in message
> >> newsD12FC89-A114-4D5E-8D1E-35A116EFAFA1@microsoft.com...
> >> > When I use \\pbcdf-main\netlogon it requests login... when I use
> >> > \\pbcdf-main.pbcdf.com\netlogon it also requests login.
> >> >
> >> > checked DNS and it seems to be functioning correctly.
> >> >
> >> > All DC's are in the same site. Ran Replmon and no errors in replication
> >> > I
> >> > will post the NetDiag and DcDiags in the next post.
> >> >
> >> > Thank you VERY Much Anthony for helping with this !!!! I am at my wits
> >> > end.
> >> >
> >> > "Anthony" wrote:
> >> >
> >> >> Its hard to tell from what you have said. I would run a replmon and
> >> >> force
> >> >> a
> >> >> replication to check for errors. Then double check the DNS. Is
> >> >> everything
> >> >> resolving correctly when you use the FQDN? Are the DC's all on the
> >> >> same
> >> >> site?
> >> >> Anthony, http://www.airdesk.com
> >> >>
> >> >> "David Lausten" <DavidLausten@discussions.microsoft.com> wrote in
> >> >> message
> >> >> news:4AFA0548-4C3C-4744-8B01-213E6A601591@microsoft.com...
> >> >> > Diag's too big I can email them by request. Thank you VERY Much
> >> >> > in
> >> >> > Advance.
> >> >>
> >> >>
> >> >>
> >>
> >>
> >>
>
>
>

 

[David Lausten]

Re: Strange Problem with Authentication Has anyone ever run across

Ok Just found something REALLY Intresting...

I loged in on that computer with another regular account (it created a
profile) and I am able to access all the shares....... No Prompting..

I am going to try and delete my profile after I copy all my stuff out and
recreate to see what happens.... I will post back and let you know...

Does this make any sense? and if so what would/could cause a profile to act
that way.

 

[David Lausten]

Re: Strange Problem with Authentication Has anyone ever run across

Ok.... That was the Issue... Something was goofy with my profile on the
box... transfered all my documents and favorites etc to another directory.
deleted my profile and reloged into the box which created another profile.
and Voila.... everything is working !!!!!!!!!

Any Ideas to what can cause that? Thanks again.

"David Lausten" wrote:

> Ok Just found something REALLY Intresting...
>
> I loged in on that computer with another regular account (it created a
> profile) and I am able to access all the shares....... No Prompting..
>
> I am going to try and delete my profile after I copy all my stuff out and
> recreate to see what happens.... I will post back and let you know...
>
> Does this make any sense? and if so what would/could cause a profile to act
> that way.

 

[Anthony]

Re: Strange Problem with Authentication Has anyone ever run across

Glad you fixed it. It sounds like a cached credentials problem, but I don't
kow why it would have happened,
Anthony, http://www.airdesk.com


"David Lausten" <DavidLausten@discussions.microsoft.com> wrote in message
newsFB0E2A7-393E-4C47-9779-B93B1E32D632@microsoft.com...
> Ok.... That was the Issue... Something was goofy with my profile on the
> box... transfered all my documents and favorites etc to another directory.
> deleted my profile and reloged into the box which created another profile.
> and Voila.... everything is working !!!!!!!!!
>
> Any Ideas to what can cause that? Thanks again.
>
> "David Lausten" wrote:
>
>> Ok Just found something REALLY Intresting...
>>
>> I loged in on that computer with another regular account (it created a
>> profile) and I am able to access all the shares....... No Prompting..
>>
>> I am going to try and delete my profile after I copy all my stuff out and
>> recreate to see what happens.... I will post back and let you know...
>>
>> Does this make any sense? and if so what would/could cause a profile to
>> act
>> that way.