|
Posted by Steven L Umbach on December 6, 2005, 12:00 pm
Please log in for more thread options Is anyone at all able to access the server from any network computer?? Are
these users able to ping the server from the computer that they can not
access it from? If a user logs onto a computer with the same logon/password
that exists on the Windows 2003 server can they access shares then if they
have permissions for the share and folder/NTFS permissions? Are there any
type 3 logon failures in the security log that indicate why the logon
attempt failed? Does the computer have an ipsec require policy assigned on
it? By default it should not. If the Windows Firewall is enabled on it
disable it temporarily assuming it has other firewall protection such as a
perimeter firewall. In Local Security Policy set the two security options
for digitally sign communications always to be disabled and the two for when
possible to enabled if non of the above works. Set lan manager
authentication level to send ntlmv2 responses only if none of the above
works. Verify that the server service is started and use net share to make
sure the IPC$ share is present if no one can access the computer shares and
also try booting into Safe Mode with networking. --- Steve
> Thanks for the ideas Steve, I have tried several things in the local
> security policy with no luck. I messed around with the net use commands as
> well. I just can't seem to get this 2003 server to ask for the credentials
> from an unknown computer. If it meets any anonymous logins, it just says
> access denied without asking for a username and password to connect. This
> is a very fresh install and we haven't done much to it yet except install
> SQL Server 2000 and applied SP4 to SQL. I'm going to bed for now.
> Hopefully there will be some more suggestions by morning. Thanks.
>
>> From what I have seen the user should be prompted for user credentials as
>> long as there is not a user account with the same name as the user but a
>> different password on the Windows 2003 server. It might also help to
>> look in the security log of the Windows 2003 server to see if there are
>> type 3 logon failures and the reason why. Windows 2003 also requires that
>> the user must have a password to access the computer shares in case some
>> of your users are not using passwords. There is also the possibility that
>> access is being denied due to incompatible security settings such as for
>> digitally sign communications or lan manager authentication level. You
>> can use Local Security Policy [secpol.msc] to check such settings.
>> Assuming everything else is fine as far as network connectivity and
>> compatible security options the user should be able to connect with the
>> net user command as in net use * \server\share /user:server\user after
>> which they will be prompted for the password and allowed to connect. That
>> would not be the most desirable way to connect would but establish if a
>> user could connect with their user name/password or if there was some
>> other problem indicated by logon ilure. --- Steve
>>
>>
>>>I have used 2000 server a lot but not server 2003. I don't know if this
>>>behaviour is because it is 2003 or what. Here is the problem.
>>>
>>> We have a new 2003 server that our users will be loggin onto. The
>>> usernames that have been setup on the server are different than the ones
>>> the users use to log into their individual computers. With 2000, if the
>>> username of the local login was different than the username and password
>>> on the server, the server would ask for credentials. The user could then
>>> enter their "Server" username and password and gain access to whatever
>>> resources that username had access to. Right now, all the server does is
>>> says access denied. How do I make server 2003 as for credentials if the
>>> local user login is different than the server username and password?
>>>
>>
>>
>
>
| 
XML Sitemap