AD and WinXP
From: John Singler (singler@vet.upenn.edu)
Date: 06/20/02
- Next message: ads: "Windows XP - EFS"
- Previous message: Howie: "Connection sharing: Auto disconnect. (and ICQ)"
- Next in thread: Thomas Foster [MS]: "Re: AD and WinXP"
- Reply: Thomas Foster [MS]: "Re: AD and WinXP"
- Reply: John Singler: "AD and WinXP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "John Singler" <singler@vet.upenn.edu> Date: Thu, 20 Jun 2002 06:25:55 -0700
Greetings,
We have an Active Directory environment with mixed clients
(win98, 2k, XP).
Our security model is such that we have set
RestrictAnonymous to 2 on our Domain Controllers (for more
info. please see MSKB Q246261):
<http://support.microsoft.com/directory/article.asp?
ID=KB;EN-US;Q246261&>
I know this breaks some functionality for DOWN-LEVEL
clients (ie. when a user on a win98 box is forced to
change their password they are no longer able to do so).
I can live with problematic down-level clients but I am
seeing similar behavior from WinXP boxes (ie. when forced
to change their password users are not able to, resulting
in the error message "You Do Not Have Permission to Change
your Password" - though if you are already logged in to a
WinXP box and choose to change your password you can do
so).
I thought this
<http://support.microsoft.com/directory/article.asp?
ID=kb;en-us;Q258788> might be the answer but it isn't.
So, finally, here is my question: Does anyone have an
environment configured like ours (restrictanonymous = 2),
with winXP members, whose users can/cannot change their
passwords when they are FORCED to?
TIA.
- Next message: ads: "Windows XP - EFS"
- Previous message: Howie: "Connection sharing: Auto disconnect. (and ICQ)"
- Next in thread: Thomas Foster [MS]: "Re: AD and WinXP"
- Reply: Thomas Foster [MS]: "Re: AD and WinXP"
- Reply: John Singler: "AD and WinXP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
