Re: Unable to authenticate to untrusted domain NTLM v2 related issue
- From: "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx>
- Date: Wed, 13 Sep 2006 22:31:20 -0700
"Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:Okbkrf51GHA.4392@xxxxxxxxxxxxxxxxxxxxxxx
After reading your original post more carefully it seems that there is no
trust between the domains. If your domain is not a trusted domain then you
can not use accounts in your domain to access recourses in the other
domain. You could either use local accounts on or use a user account in
the other domain from your computer.
I understood from the original post that that access is being done
using domain credentials defined in the NT 4 domain
<quote>
I am having a problem getting XP SP1 clients using NTLM v2 (AD domain
A) to authenticate (NT4 SP6 domain B) user credentials. These
credentails are used to map a network drive to member servers in the
NT4 based domain.
User logs on to XP SP1 using domain A user id / password. PCs are
domain members of A. They then map a drive to domain B using a
username / password for domain B for some development work.
</quote>
That he can access the share on the member from the XP SP1
when using a member machine local account rules out authentication
protocol issues on the XP SP1, and seemingly most all other network
issues (at least between the XP and the member).
The event logs posted show that the login is only anonymous on the
member when using NT4 domain credentials, at least if that part of
the info was not delete for posting privacy in the two events shown
where User is blank. I assume that is the IPC$ activity (?) . . .
But there is nothing in the NT4 DC logs (and logs checked on all
of the NT4 DCs were stated)
Steve, IIRC in NT4 when one set the lmcompatability level on a
DC it really was not firm, and the DC would downshift when needed.
If I am recalling correctly then that part of this would not be an issue
in the member being able to use its schannel for the authentication.
Since I will assume that other login with the member using credentials
from the NT4 domain work (from other machines in that domain or
local at that machine) I have then assumed that the member does
function well as an authenticating member in that domain.
That nothing shows in the NT4 DCs' logs make it seem like the member
believes it is doing a local login. But, there is no login failure for the
user
name in the member's logs, which contradicts that idea.
hmmm . . .
If this were "in-house" I would probably peek with netmon next to see
just exactly what is passing on the network to/from where during an
attempt from an XP SP1 in the uplevel domain.
Any other brilliant ideas, as you are well known for, Steve??
Roger
"lwoody7110" <lwoody@xxxxxxxxxxxxx> wrote in message
news:1158150807.703689.6050@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Thanks Steve. I will look at this after Roger has had a chance to
advise me on the questions I have answered for him.
.
- Follow-Ups:
- Re: Unable to authenticate to untrusted domain NTLM v2 related issue
- From: Steven L Umbach
- Re: Unable to authenticate to untrusted domain NTLM v2 related issue
- From: lwoody7110
- Re: Unable to authenticate to untrusted domain NTLM v2 related issue
- References:
- Unable to authenticate to untrusted domain NTLM v2 related issue
- From: lwoody
- Re: Unable to authenticate to untrusted domain NTLM v2 related issue
- From: Steven L Umbach
- Re: Unable to authenticate to untrusted domain NTLM v2 related issue
- From: Steven L Umbach
- Re: Unable to authenticate to untrusted domain NTLM v2 related issue
- From: lwoody7110
- Re: Unable to authenticate to untrusted domain NTLM v2 related issue
- From: Steven L Umbach
- Unable to authenticate to untrusted domain NTLM v2 related issue
- Prev by Date: Re: EFS Recovery
- Next by Date: Re: Windows 2000 User/Group
- Previous by thread: Re: Unable to authenticate to untrusted domain NTLM v2 related issue
- Next by thread: Re: Unable to authenticate to untrusted domain NTLM v2 related issue
- Index(es):
Relevant Pages
|
