G
Guest
I have a domain laptop that is used on both the local corporate LAN and over
a dynamic VPN tunnel. Outlook and other apps do work over the VPN, but we
are experiencing issues with accessing UNC shares on a Windows 2000 server,
particularly under this user's name and profile. When the user attempts to
access his home folder e.g. (\\servername\share\username), he will receive a
message alerting him that the username and password have already been tried
and failed, and to ensure that the domain controller that authenticated him
is available. To ensure that an authenticating domain controller was
available over the VPN I not only rejoined the workstation to the domain over
VPN, but changed his password via Remote Desktop and successfully logged him
in over VPN.
It seems that as the domain admin I was able to look at UNC shares, but
under his account I cannot. I have also received this message:
The system detected a possible attempt to compromise security. Please
ensure that you can contact the server that authenticated you.
The share that is most critical is the home folder assigned to him via AD,
and has no problems on the local LAN. Furthermore this folder is
synchronized with My Documents and logon and logoff, and the errors and
authentication prompts take place when trying to synchronize. If he
synchronizes in the office, the data will be available when the unit has no
TCP/IP connection, but as soon as he gets on the VPN the My Documents folder
is empty.
Please note that I recently installed 2 Windows 2003 domain controllers. I
am not seeing any errors from the AD integrated DNS zone. There are
currently 2 W2k3 DC's and 2 Win2k DC's running in Windows 2000 native mode.
I have made all machines Global Catalogs as there seemed to be some issues
with that too. Hope this was readable, let me know what you think.
a dynamic VPN tunnel. Outlook and other apps do work over the VPN, but we
are experiencing issues with accessing UNC shares on a Windows 2000 server,
particularly under this user's name and profile. When the user attempts to
access his home folder e.g. (\\servername\share\username), he will receive a
message alerting him that the username and password have already been tried
and failed, and to ensure that the domain controller that authenticated him
is available. To ensure that an authenticating domain controller was
available over the VPN I not only rejoined the workstation to the domain over
VPN, but changed his password via Remote Desktop and successfully logged him
in over VPN.
It seems that as the domain admin I was able to look at UNC shares, but
under his account I cannot. I have also received this message:
The system detected a possible attempt to compromise security. Please
ensure that you can contact the server that authenticated you.
The share that is most critical is the home folder assigned to him via AD,
and has no problems on the local LAN. Furthermore this folder is
synchronized with My Documents and logon and logoff, and the errors and
authentication prompts take place when trying to synchronize. If he
synchronizes in the office, the data will be available when the unit has no
TCP/IP connection, but as soon as he gets on the VPN the My Documents folder
is empty.
Please note that I recently installed 2 Windows 2003 domain controllers. I
am not seeing any errors from the AD integrated DNS zone. There are
currently 2 W2k3 DC's and 2 Win2k DC's running in Windows 2000 native mode.
I have made all machines Global Catalogs as there seemed to be some issues
with that too. Hope this was readable, let me know what you think.