newsgroups.microsoft.com said:
Yes, when I go to that server I can log in with the Administrator OK.
and I open the Local Security Policy / User Rights to see logon over network
the user list inlude the group "Administrators". The checkboxs are all
checked.
OK. So all those ducks seem in order.
My guess is that for some reason the one machine is negotiating
use of a different security protocol, or its settings for such as
signing of communications, etc. are different and in disagreement
with the server.
When presented with the authentication prompt from server X
the behavior is the same whether you say to log in
X\Administrator or just Administrator ? If so, review the settings
in the Local Security Policy of the machine from which access fails
to verify that all the policies in the Computer section under Security
Options that have (always) and/or (when possible) agree with
settings on a machine from which access works. Also compare
the LAN Manager authentication level setting to make sure it has
something in common with the server from which access is failing.
--
Roger
"Roger Abell" <mvpNOSpam@asu.edu> дÈëÏûÏ¢ÐÂÎÅ:e6xGYp3WFHA.3348@TK2MSFTNGP14.phx.gbl...
and . . .
when you go to that server you can log in with the Administrator
account and password exactly as what fails when remote ??
Check whether the account is allowed to log on over the network
in the Local Security Policy / User Rights and also that it is not
denied this right in the deny network logon right also found there.
--
Roger Abell
Microsoft MVP (Windows Security)
MCSE (W2k3,W2k,Nt4) MCDBA
When I logged on to the server from my remote PC there are no errors
report.
It remain the log on dialog box. Only the "Administrator" user cannot log
on.
I go to the server to see the security log and there also no error
recorded.
It very strange!!
"Steven L Umbach" <n9rou@nospam-comcast.net>
дÈëÏûÏ¢ÐÂÎÅ:eNFYPTxWFHA.2540@tk2msftngp13.phx.gbl...
What happens - any error message or such?? Can you ping the server
from
the computer that you can to logon from to the shares?? Try enabling
auditing of logon events in the Local Security Policy of the Windows
2000
server [secpol.msc] and then see if a corresponding failure event is
recorded in the security log that correlates to the time of the failed
logon which will often have error codes as to why access was denied.
Possible causes are host firewall/ipsec policy blocking access,
incompatible security options such as digital signing or lan manager
authentication level, or their is no user account on the server that
will
allow access. Keep in mind that XP Pro can use stored credentials which
can block access after a password change. --- Steve
We have 2 win 2K server, If we run by "\\server01" or "\\10.0.0.1\d$"
command on a Win 2k PC.
There are all logged on OK, but if we run above command from a Win XP
PC.
One can be logged on and another cannot.
who can tell me why?
Thanks.