The very strange problem about Win XP and Win 2K server

Archived from groups: microsoft.public.win2000.security (More info?)

We have 2 win 2K server, If we run by "\\server01" or "\\10.0.0.1\d$"
command on a Win 2k PC.
There are all logged on OK, but if we run above command from a Win XP PC.
One can be logged on and another cannot.
who can tell me why?

Thanks.
7 answers Last reply
More about strange problem server
  1. Archived from groups: microsoft.public.win2000.security (More info?)

    What happens - any error message or such?? Can you ping the server from the
    computer that you can to logon from to the shares?? Try enabling auditing of
    logon events in the Local Security Policy of the Windows 2000 server
    [secpol.msc] and then see if a corresponding failure event is recorded in
    the security log that correlates to the time of the failed logon which will
    often have error codes as to why access was denied. Possible causes are host
    firewall/ipsec policy blocking access, incompatible security options such as
    digital signing or lan manager authentication level, or their is no user
    account on the server that will allow access. Keep in mind that XP Pro can
    use stored credentials which can block access after a password change. ---
    Steve


    "newsgroups.microsoft.com" <mxc2000@hotmail.com> wrote in message
    news:urwDPBuWFHA.1796@TK2MSFTNGP15.phx.gbl...
    > We have 2 win 2K server, If we run by "\\server01" or "\\10.0.0.1\d$"
    > command on a Win 2k PC.
    > There are all logged on OK, but if we run above command from a Win XP PC.
    > One can be logged on and another cannot.
    > who can tell me why?
    >
    > Thanks.
    >
    >
    >
  2. Archived from groups: microsoft.public.win2000.security (More info?)

    When I logged on to the server from my remote PC there are no errors report.
    It remain the log on dialog box. Only the "Administrator" user cannot log
    on.

    I go to the server to see the security log and there also no error recorded.
    It very strange!!

    "Steven L Umbach" <n9rou@nospam-comcast.net> дÈëÏûÏ¢ÐÂÎÅ:eNFYPTxWFHA.2540@tk2msftngp13.phx.gbl...
    > What happens - any error message or such?? Can you ping the server from
    > the computer that you can to logon from to the shares?? Try enabling
    > auditing of logon events in the Local Security Policy of the Windows 2000
    > server [secpol.msc] and then see if a corresponding failure event is
    > recorded in the security log that correlates to the time of the failed
    > logon which will often have error codes as to why access was denied.
    > Possible causes are host firewall/ipsec policy blocking access,
    > incompatible security options such as digital signing or lan manager
    > authentication level, or their is no user account on the server that will
    > allow access. Keep in mind that XP Pro can use stored credentials which
    > can block access after a password change. --- Steve
    >
    >
    >
    > "newsgroups.microsoft.com" <mxc2000@hotmail.com> wrote in message
    > news:urwDPBuWFHA.1796@TK2MSFTNGP15.phx.gbl...
    >> We have 2 win 2K server, If we run by "\\server01" or "\\10.0.0.1\d$"
    >> command on a Win 2k PC.
    >> There are all logged on OK, but if we run above command from a Win XP PC.
    >> One can be logged on and another cannot.
    >> who can tell me why?
    >>
    >> Thanks.
    >>
    >>
    >>
    >
    >
  3. Archived from groups: microsoft.public.win2000.security (More info?)

    and . . .
    when you go to that server you can log in with the Administrator
    account and password exactly as what fails when remote ??
    Check whether the account is allowed to log on over the network
    in the Local Security Policy / User Rights and also that it is not
    denied this right in the deny network logon right also found there.

    --
    Roger Abell
    Microsoft MVP (Windows Security)
    MCSE (W2k3,W2k,Nt4) MCDBA
    "newsgroups.microsoft.com" <mxc2000@hotmail.com> wrote in message
    news:Om3DmC2WFHA.3876@tk2msftngp13.phx.gbl...
    > When I logged on to the server from my remote PC there are no errors
    report.
    > It remain the log on dialog box. Only the "Administrator" user cannot log
    > on.
    >
    > I go to the server to see the security log and there also no error
    recorded.
    > It very strange!!
    >
    > "Steven L Umbach" <n9rou@nospam-comcast.net>
    дÈëÏûÏ¢ÐÂÎÅ:eNFYPTxWFHA.2540@tk2msftngp13.phx.gbl...
    > > What happens - any error message or such?? Can you ping the server from
    > > the computer that you can to logon from to the shares?? Try enabling
    > > auditing of logon events in the Local Security Policy of the Windows
    2000
    > > server [secpol.msc] and then see if a corresponding failure event is
    > > recorded in the security log that correlates to the time of the failed
    > > logon which will often have error codes as to why access was denied.
    > > Possible causes are host firewall/ipsec policy blocking access,
    > > incompatible security options such as digital signing or lan manager
    > > authentication level, or their is no user account on the server that
    will
    > > allow access. Keep in mind that XP Pro can use stored credentials which
    > > can block access after a password change. --- Steve
    > >
    > >
    > >
    > > "newsgroups.microsoft.com" <mxc2000@hotmail.com> wrote in message
    > > news:urwDPBuWFHA.1796@TK2MSFTNGP15.phx.gbl...
    > >> We have 2 win 2K server, If we run by "\\server01" or "\\10.0.0.1\d$"
    > >> command on a Win 2k PC.
    > >> There are all logged on OK, but if we run above command from a Win XP
    PC.
    > >> One can be logged on and another cannot.
    > >> who can tell me why?
    > >>
    > >> Thanks.
    > >>
    > >>
    > >>
    > >
    > >
    >
    >
  4. Archived from groups: microsoft.public.win2000.security (More info?)

    You need to have auditing of account logon and /or logon events for success
    and failure enabled before you will see anything in the security log of the
    server which you can do in Local Security Policy. Did you check stored
    credentials on the XP Pro computer for that user to make sure they have been
    cleared? Try creating a new user account on the server and workstation that
    have the same logon name/password to see if that account will work. ---
    Steve

    http://support.microsoft.com/default.aspx?scid=KB;en-us;q248260 --- how to
    enable logging

    "newsgroups.microsoft.com" <mxc2000@hotmail.com> wrote in message
    news:Om3DmC2WFHA.3876@tk2msftngp13.phx.gbl...
    > When I logged on to the server from my remote PC there are no errors
    > report.
    > It remain the log on dialog box. Only the "Administrator" user cannot log
    > on.
    >
    > I go to the server to see the security log and there also no error
    > recorded.
    > It very strange!!
    >
    > "Steven L Umbach" <n9rou@nospam-comcast.net>
    > дÈëÏûÏ¢ÐÂÎÅ:eNFYPTxWFHA.2540@tk2msftngp13.phx.gbl...
    >> What happens - any error message or such?? Can you ping the server from
    >> the computer that you can to logon from to the shares?? Try enabling
    >> auditing of logon events in the Local Security Policy of the Windows 2000
    >> server [secpol.msc] and then see if a corresponding failure event is
    >> recorded in the security log that correlates to the time of the failed
    >> logon which will often have error codes as to why access was denied.
    >> Possible causes are host firewall/ipsec policy blocking access,
    >> incompatible security options such as digital signing or lan manager
    >> authentication level, or their is no user account on the server that will
    >> allow access. Keep in mind that XP Pro can use stored credentials which
    >> can block access after a password change. --- Steve
    >>
    >>
    >>
    >> "newsgroups.microsoft.com" <mxc2000@hotmail.com> wrote in message
    >> news:urwDPBuWFHA.1796@TK2MSFTNGP15.phx.gbl...
    >>> We have 2 win 2K server, If we run by "\\server01" or "\\10.0.0.1\d$"
    >>> command on a Win 2k PC.
    >>> There are all logged on OK, but if we run above command from a Win XP
    >>> PC. One can be logged on and another cannot.
    >>> who can tell me why?
    >>>
    >>> Thanks.
    >>>
    >>>
    >>>
    >>
    >>
    >
    >
  5. Archived from groups: microsoft.public.win2000.security (More info?)

    Yes, when I go to that server I can log in with the Administrator OK.
    and I open the Local Security Policy / User Rights to see logon over network
    the user list inlude the group "Administrators". The checkboxs are all
    checked.


    "Roger Abell" <mvpNOSpam@asu.edu> дÈëÏûÏ¢ÐÂÎÅ:e6xGYp3WFHA.3348@TK2MSFTNGP14.phx.gbl...
    > and . . .
    > when you go to that server you can log in with the Administrator
    > account and password exactly as what fails when remote ??
    > Check whether the account is allowed to log on over the network
    > in the Local Security Policy / User Rights and also that it is not
    > denied this right in the deny network logon right also found there.
    >
    > --
    > Roger Abell
    > Microsoft MVP (Windows Security)
    > MCSE (W2k3,W2k,Nt4) MCDBA
    > "newsgroups.microsoft.com" <mxc2000@hotmail.com> wrote in message
    > news:Om3DmC2WFHA.3876@tk2msftngp13.phx.gbl...
    >> When I logged on to the server from my remote PC there are no errors
    > report.
    >> It remain the log on dialog box. Only the "Administrator" user cannot log
    >> on.
    >>
    >> I go to the server to see the security log and there also no error
    > recorded.
    >> It very strange!!
    >>
    >> "Steven L Umbach" <n9rou@nospam-comcast.net>
    > дÈëÏûÏ¢ÐÂÎÅ:eNFYPTxWFHA.2540@tk2msftngp13.phx.gbl...
    >> > What happens - any error message or such?? Can you ping the server
    >> > from
    >> > the computer that you can to logon from to the shares?? Try enabling
    >> > auditing of logon events in the Local Security Policy of the Windows
    > 2000
    >> > server [secpol.msc] and then see if a corresponding failure event is
    >> > recorded in the security log that correlates to the time of the failed
    >> > logon which will often have error codes as to why access was denied.
    >> > Possible causes are host firewall/ipsec policy blocking access,
    >> > incompatible security options such as digital signing or lan manager
    >> > authentication level, or their is no user account on the server that
    > will
    >> > allow access. Keep in mind that XP Pro can use stored credentials which
    >> > can block access after a password change. --- Steve
    >> >
    >> >
    >> >
    >> > "newsgroups.microsoft.com" <mxc2000@hotmail.com> wrote in message
    >> > news:urwDPBuWFHA.1796@TK2MSFTNGP15.phx.gbl...
    >> >> We have 2 win 2K server, If we run by "\\server01" or "\\10.0.0.1\d$"
    >> >> command on a Win 2k PC.
    >> >> There are all logged on OK, but if we run above command from a Win XP
    > PC.
    >> >> One can be logged on and another cannot.
    >> >> who can tell me why?
    >> >>
    >> >> Thanks.
    >> >>
    >> >>
    >> >>
    >> >
    >> >
    >>
    >>
    >
    >
  6. Archived from groups: microsoft.public.win2000.security (More info?)

    "newsgroups.microsoft.com" <mxc2000@hotmail.com> wrote in message
    news:uydlww3WFHA.2768@tk2msftngp13.phx.gbl...
    > Yes, when I go to that server I can log in with the Administrator OK.
    > and I open the Local Security Policy / User Rights to see logon over
    network
    > the user list inlude the group "Administrators". The checkboxs are all
    > checked.
    >

    OK. So all those ducks seem in order.
    My guess is that for some reason the one machine is negotiating
    use of a different security protocol, or its settings for such as
    signing of communications, etc. are different and in disagreement
    with the server.

    When presented with the authentication prompt from server X
    the behavior is the same whether you say to log in
    X\Administrator or just Administrator ? If so, review the settings
    in the Local Security Policy of the machine from which access fails
    to verify that all the policies in the Computer section under Security
    Options that have (always) and/or (when possible) agree with
    settings on a machine from which access works. Also compare
    the LAN Manager authentication level setting to make sure it has
    something in common with the server from which access is failing.

    --
    Roger

    >
    > "Roger Abell" <mvpNOSpam@asu.edu>
    дÈëÏûÏ¢ÐÂÎÅ:e6xGYp3WFHA.3348@TK2MSFTNGP14.phx.gbl...
    > > and . . .
    > > when you go to that server you can log in with the Administrator
    > > account and password exactly as what fails when remote ??
    > > Check whether the account is allowed to log on over the network
    > > in the Local Security Policy / User Rights and also that it is not
    > > denied this right in the deny network logon right also found there.
    > >
    > > --
    > > Roger Abell
    > > Microsoft MVP (Windows Security)
    > > MCSE (W2k3,W2k,Nt4) MCDBA
    > > "newsgroups.microsoft.com" <mxc2000@hotmail.com> wrote in message
    > > news:Om3DmC2WFHA.3876@tk2msftngp13.phx.gbl...
    > >> When I logged on to the server from my remote PC there are no errors
    > > report.
    > >> It remain the log on dialog box. Only the "Administrator" user cannot
    log
    > >> on.
    > >>
    > >> I go to the server to see the security log and there also no error
    > > recorded.
    > >> It very strange!!
    > >>
    > >> "Steven L Umbach" <n9rou@nospam-comcast.net>
    > > дÈëÏûÏ¢ÐÂÎÅ:eNFYPTxWFHA.2540@tk2msftngp13.phx.gbl...
    > >> > What happens - any error message or such?? Can you ping the server
    > >> > from
    > >> > the computer that you can to logon from to the shares?? Try enabling
    > >> > auditing of logon events in the Local Security Policy of the Windows
    > > 2000
    > >> > server [secpol.msc] and then see if a corresponding failure event is
    > >> > recorded in the security log that correlates to the time of the
    failed
    > >> > logon which will often have error codes as to why access was denied.
    > >> > Possible causes are host firewall/ipsec policy blocking access,
    > >> > incompatible security options such as digital signing or lan manager
    > >> > authentication level, or their is no user account on the server that
    > > will
    > >> > allow access. Keep in mind that XP Pro can use stored credentials
    which
    > >> > can block access after a password change. --- Steve
    > >> >
    > >> >
    > >> >
    > >> > "newsgroups.microsoft.com" <mxc2000@hotmail.com> wrote in message
    > >> > news:urwDPBuWFHA.1796@TK2MSFTNGP15.phx.gbl...
    > >> >> We have 2 win 2K server, If we run by "\\server01" or
    "\\10.0.0.1\d$"
    > >> >> command on a Win 2k PC.
    > >> >> There are all logged on OK, but if we run above command from a Win
    XP
    > > PC.
    > >> >> One can be logged on and another cannot.
    > >> >> who can tell me why?
    > >> >>
    > >> >> Thanks.
    > >> >>
    > >> >>
    > >> >>
    > >> >
    > >> >
    > >>
    > >>
    > >
    > >
    >
    >
  7. Archived from groups: microsoft.public.win2000.security (More info?)

    Dear Roger,

    I try the following C++ code can connect to the server OK.

    {
    NETRESOURCE ns;
    memset(&ns,0,sizeof(ns));
    ns.dwScope=RESOURCE_CONNECTED;
    ns.dwType=RESOURCETYPE_DISK;
    ns.dwDisplayType=RESOURCEDISPLAYTYPE_SHARE;
    ns.lpLocalName="X:";
    ns.lpRemoteName="\\\\10.0.0.2\\D$";
    ns.lpComment=NULL;
    ns.lpProvider=NULL;
    char buf[MAX_PATH];
    memset(&buf,0,sizeof(buf));
    DWORD dw;
    WNetUseConnection(NULL,&ns,"password","Administrator",CONNECT_REDIRECT,NULL,(DWORD*)&buf,&dw);
    }

    Why under to use Windows Shell cannot conncet only with "Administrator" or
    "X\Administrator"
    except "Administrator" any user can conncet OK.

    --
    MXC


    "Roger Abell" <mvpNOSpam@asu.edu> wrote in message
    news:u1r$qAEXFHA.2996@TK2MSFTNGP10.phx.gbl...
    > "newsgroups.microsoft.com" <mxc2000@hotmail.com> wrote in message
    > news:uydlww3WFHA.2768@tk2msftngp13.phx.gbl...
    >> Yes, when I go to that server I can log in with the Administrator OK.
    >> and I open the Local Security Policy / User Rights to see logon over
    > network
    >> the user list inlude the group "Administrators". The checkboxs are all
    >> checked.
    >>
    >
    > OK. So all those ducks seem in order.
    > My guess is that for some reason the one machine is negotiating
    > use of a different security protocol, or its settings for such as
    > signing of communications, etc. are different and in disagreement
    > with the server.
    >
    > When presented with the authentication prompt from server X
    > the behavior is the same whether you say to log in
    > X\Administrator or just Administrator ? If so, review the settings
    > in the Local Security Policy of the machine from which access fails
    > to verify that all the policies in the Computer section under Security
    > Options that have (always) and/or (when possible) agree with
    > settings on a machine from which access works. Also compare
    > the LAN Manager authentication level setting to make sure it has
    > something in common with the server from which access is failing.
    >
    > --
    > Roger
    >
    >>
    >> "Roger Abell" <mvpNOSpam@asu.edu>
    > дÈëÏûÏ¢ÐÂÎÅ:e6xGYp3WFHA.3348@TK2MSFTNGP14.phx.gbl...
    >> > and . . .
    >> > when you go to that server you can log in with the Administrator
    >> > account and password exactly as what fails when remote ??
    >> > Check whether the account is allowed to log on over the network
    >> > in the Local Security Policy / User Rights and also that it is not
    >> > denied this right in the deny network logon right also found there.
    >> >
    >> > --
    >> > Roger Abell
    >> > Microsoft MVP (Windows Security)
    >> > MCSE (W2k3,W2k,Nt4) MCDBA
    >> > "newsgroups.microsoft.com" <mxc2000@hotmail.com> wrote in message
    >> > news:Om3DmC2WFHA.3876@tk2msftngp13.phx.gbl...
    >> >> When I logged on to the server from my remote PC there are no errors
    >> > report.
    >> >> It remain the log on dialog box. Only the "Administrator" user cannot
    > log
    >> >> on.
    >> >>
    >> >> I go to the server to see the security log and there also no error
    >> > recorded.
    >> >> It very strange!!
    >> >>
    >> >> "Steven L Umbach" <n9rou@nospam-comcast.net>
    >> > дÈëÏûÏ¢ÐÂÎÅ:eNFYPTxWFHA.2540@tk2msftngp13.phx.gbl...
    >> >> > What happens - any error message or such?? Can you ping the server
    >> >> > from
    >> >> > the computer that you can to logon from to the shares?? Try enabling
    >> >> > auditing of logon events in the Local Security Policy of the Windows
    >> > 2000
    >> >> > server [secpol.msc] and then see if a corresponding failure event is
    >> >> > recorded in the security log that correlates to the time of the
    > failed
    >> >> > logon which will often have error codes as to why access was denied.
    >> >> > Possible causes are host firewall/ipsec policy blocking access,
    >> >> > incompatible security options such as digital signing or lan manager
    >> >> > authentication level, or their is no user account on the server that
    >> > will
    >> >> > allow access. Keep in mind that XP Pro can use stored credentials
    > which
    >> >> > can block access after a password change. --- Steve
    >> >> >
    >> >> >
    >> >> >
    >> >> > "newsgroups.microsoft.com" <mxc2000@hotmail.com> wrote in message
    >> >> > news:urwDPBuWFHA.1796@TK2MSFTNGP15.phx.gbl...
    >> >> >> We have 2 win 2K server, If we run by "\\server01" or
    > "\\10.0.0.1\d$"
    >> >> >> command on a Win 2k PC.
    >> >> >> There are all logged on OK, but if we run above command from a Win
    > XP
    >> > PC.
    >> >> >> One can be logged on and another cannot.
    >> >> >> who can tell me why?
    >> >> >>
    >> >> >> Thanks.
    >> >> >>
    >> >> >>
    >> >> >>
    >> >> >
    >> >> >
    >> >>
    >> >>
    >> >
    >> >
    >>
    >>
    >
    >
Ask a new question

Read More

Servers Command Prompt Windows XP Windows