Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Active Directory + MS DOS!!!
- Thread starter Virtualp
- Start date
no.
Joseph L. Poandl
MCSE 2003
If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
Joseph L. Poandl
MCSE 2003
If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
- Thread starter
- #3
Bhavin78
IS-IT--Management
- Oct 26, 2004
- 320
I tried this but no succes.
I have a dos pc on windows 2003 domain. I want DOS pc to be authenticated by 2003 domain. I tried everything but still no sucess. Any help will be appreciated.
My dos PC has NT Lan Manager version 2.0 ( it works fine with NT domain)
I made below changes to my domain group policy
Digitally sign client communications (always) - disabled
Digitally sign server communications (always)- disabled
LAN Manager Authentication Level set to Send LM and NTLM - use NTLMv2
session security if negotiated - (default) send LM & NTLM responses
Secure channel: Digitally encrypt or sign secure channel data (always) -disabled
Secure channel: Require strong (Windows 2000 or later) session key -disabled
How can my dos pc authenticate to windows 2003 domain and have access to files and folder.
I have a dos pc on windows 2003 domain. I want DOS pc to be authenticated by 2003 domain. I tried everything but still no sucess. Any help will be appreciated.
My dos PC has NT Lan Manager version 2.0 ( it works fine with NT domain)
I made below changes to my domain group policy
Digitally sign client communications (always) - disabled
Digitally sign server communications (always)- disabled
LAN Manager Authentication Level set to Send LM and NTLM - use NTLMv2
session security if negotiated - (default) send LM & NTLM responses
Secure channel: Digitally encrypt or sign secure channel data (always) -disabled
Secure channel: Require strong (Windows 2000 or later) session key -disabled
How can my dos pc authenticate to windows 2003 domain and have access to files and folder.
Bhavin78
IS-IT--Management
- Oct 26, 2004
- 320
My dos PC has NT Lan Manager version 2.0 ( it works fine with NT domain)
I made below changes to my domain group policy
Digitally sign client communications (always) - disabled
Digitally sign server communications (always)- disabled
LAN Manager Authentication Level set to Send LM and NTLM - use NTLMv2
session security if negotiated - (default) send LM & NTLM responses
Secure channel: Digitally encrypt or sign secure channel data (always) -disabled
Secure channel: Require strong (Windows 2000 or later) session key -disabled
I created account in AD
Am i missing anything else...If it's possible for dos to authenticate to 2003 than I need help.
I made below changes to my domain group policy
Digitally sign client communications (always) - disabled
Digitally sign server communications (always)- disabled
LAN Manager Authentication Level set to Send LM and NTLM - use NTLMv2
session security if negotiated - (default) send LM & NTLM responses
Secure channel: Digitally encrypt or sign secure channel data (always) -disabled
Secure channel: Require strong (Windows 2000 or later) session key -disabled
I created account in AD
Am i missing anything else...If it's possible for dos to authenticate to 2003 than I need help.
Please check the following registry keys also. HKLM\System\CCS\Control\LSA
Restrictanonymous 0
Restrictanonymoussam 0
lmcompatabilitylevel 0
everyoneincludeanonymous 0 (I Think on this one we may need to add everyone to the pre-windows 2000 compatible access group or vice versa.)
Check the nolmhash value here to. If i can remember it may need to be set to 0.
Make sure under HKLM\System\CCS\Services\ Lanmanserver and lanmanworkstation we have requiresecuritysignature set to 0.
The reason we use these settings is to allow us to have Windows 2000 security compat. Thus we are actually weakening our security on our servers to give access to downlevel clients. Also, any changes made to the LSA reg keys requires a reboot.
Restrictanonymous 0
Restrictanonymoussam 0
lmcompatabilitylevel 0
everyoneincludeanonymous 0 (I Think on this one we may need to add everyone to the pre-windows 2000 compatible access group or vice versa.)
Check the nolmhash value here to. If i can remember it may need to be set to 0.
Make sure under HKLM\System\CCS\Services\ Lanmanserver and lanmanworkstation we have requiresecuritysignature set to 0.
The reason we use these settings is to allow us to have Windows 2000 security compat. Thus we are actually weakening our security on our servers to give access to downlevel clients. Also, any changes made to the LSA reg keys requires a reboot.
- Status
Similar threads
- Locked
- Question