Re: Security Log Event ID 537
From: Steven L Umbach (sumbach55_at_ameritech.net)
Date: 11/05/03
- Next message: Steven L Umbach: "Re: No Local Security Policy"
- Previous message: Neal: "No Local Security Policy"
- In reply to: Pat Rooney: "Re: Security Log Event ID 537"
- Next in thread: Pat Rooney: "Re: Security Log Event ID 537"
- Reply: Pat Rooney: "Re: Security Log Event ID 537"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 05 Nov 2003 20:07:43 GMT
Interesting. I have not had much experience in domains with mixed domain
controllers such as yours, I have a small test network setup but with no
NT4.0 clients as of now and my suggestions are based on settings that I know
can "break" things based on past experience. I have yet to find a resource
that defines how to manage security policy in such a situation since W2K and
W2003 domain controllers have a somewhat different set of security options
and user rights, and how that is going to interact and propagate to domain
controllers and affected domain clients. From what you post I would suggest
looking at the Domain Security Policy on one of the Windows 2000 domain
controllers and the Local Security Policy for "effective" settings. For the
W2K domain controllers, I would check that the digitally sign options for
always are at least temporarily disabled. Then the additional restrictions
for anonymous connections option can cause problems in some situations if it
is set to "no access without explicit anonymous permissions". Also check
that the everyone group is in the "access this computer from the network"
user right assignment for the W2K domain controllers. Again I do't know what
the exact problem is but these are some things worth checking out. --- Steve
"Pat Rooney" <pat_rooney@hotmail.com> wrote in message
news:Orn7P68oDHA.2488@TK2MSFTNGP12.phx.gbl...
> Steven,
>
> OK, all the NT clients are SP6 so that should be fine. I also installed
the
> DS client software on one PC to see if that made any difference, which it
> didn't. I went through your other suggestion
> - the "let everyone permissions apply to anonymous users" had already been
> enabled, but still NT4 clients are unable to browse W2k Domain
Controllers.
> I noticed however, that they can browse shares on the Win 2003 DC.
>
> Weird.
>
> Pat Rooney
>
> "Steven L Umbach" <n9rouz@nscomcast.net> wrote in message
> news:DLXpb.109715$e01.379849@attbi_s02...
> > My guess is that it is a security option or user right assignment . The
> NT4.0 clients
> > should have at least SP4. In security options for the domain check the
> security
> > options for lan manager authentication level and try setting it to send
> NTLMv2
> > responses only and also the four options for digitally sign client
> communications,
> > disable any settings for "require" - at least temporarily. There is also
a
> security
> > option "let everyone permissions apply to anonymous users" which may be
> needed for
> > NT4.0 access on Windows 2003 domains. --- Steve
> >
> >
> > "Pat Rooney" <pat_rooney@hotmail.com> wrote in message
> > news:O%23TeTuxoDHA.2456@TK2MSFTNGP09.phx.gbl...
> > > Hi,
> > >
> > > I recently upgraded from NT 4 to AD with a mixture of 2000 and 2003
> domain
> > > controllers. All went well except that the NT4 clients are unable to
> access
> > > shares on the W2k DCs - access denied, Win2k clients can browse the
> shares
> > > fine. Also, we are getting a lot of Event ID 537 login failure events
in
> the
> > > event log.
> > >
> > > On the 2003 DC the event log gives more detail:
> > > Event ID 537 Status Code 0xC000006D Subcode 0xC0000133
> > >
> > > Any idea what could cause this?
> > >
> > > Pat Rooney
> > > SOTA Technology Ltd.
> > >
> > >
> > >
> >
> >
>
>
- Next message: Steven L Umbach: "Re: No Local Security Policy"
- Previous message: Neal: "No Local Security Policy"
- In reply to: Pat Rooney: "Re: Security Log Event ID 537"
- Next in thread: Pat Rooney: "Re: Security Log Event ID 537"
- Reply: Pat Rooney: "Re: Security Log Event ID 537"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
