New use logon problem

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Dear,
The server was upgrade from NT4.0 to 2000 AD. Everything working smooth but when i create new use account. It also working fine both W2K and XP but when use logon on NT4.0 workstation, It can logon successfully but can't map the network drive to W2k server with unknow user name or bad password message on the logon script screen. I check the access right on this share folder from the server, I check the security item on the share folder. It show the SID only, i can't see the user name. What the problem on the W2K AD or the PDC emulator have some problem or i need change something on NT 4.0 workstation?

Many Thanks
John
 
John,

Check the following values in the registry on your 2000 server:

1. HKLM\CurrentControlSet\Control\LSA - Restrictanonymous value should be
set to 1 or 0. Zero is default. If it is set to 2 or higher, please set it
to 1 or 0.

2. HKLM\CurrentControlSet\Control\LSA - lmcompatibilitylevel should be set
to 1 or 0. Zero is default. If it is set to 2 or higher, set it to 1 or 0.

If you change one of these settings, a reboot is required for it to take
effect.

Please keep in mind that these registry settings can be set manually or via
group policy. If you change these registry values and they get reset after
a reboot, then they are being set by group policy. They can be set in the
local policy, default domain policy or default domain controller policy or
any other policy that you have applying to that server's OU. You may want
to check them all.

The group policy settings that control these registry values can be found
at:
Computer Configuration - Windows Settings - Security Settings - Local
Policies - Security Options

1. Additional Restrictions for anonymous connections
2. Lan Manager Authentication Level

I hope this helps.

Best Regards,

Ray Lava
Microsoft Corporation

This posting is provided "AS IS" with no warranties, and confers no rights


The two policies that you will need to look at are
John said:
Dear,
The server was upgrade from NT4.0 to 2000 AD. Everything working smooth
Click to expand...
but when i create new use account. It also working fine both W2K and XP but
when use logon on NT4.0 workstation, It can logon successfully but can't map
the network drive to W2k server with unknow user name or bad password
message on the logon script screen. I check the access right on this share
folder from the server, I check the security item on the share folder. It
show the SID only, i can't see the user name. What the problem on the W2K AD
or the PDC emulator have some problem or i need change something on NT 4.0
workstation?
 
Back
Top