J
justin.krejci
I have a Windows 2000 server. It is fully patched. The server is not
on a domain, just a plain workgroup. From another server on the local
subnet (also not on a domain) I am able to connect to the first server
to access shared directories. From clients not on the local subnet
there is auth errors.
Example
ServerA 10.10.2.101 /24 = server with shares (no domain)
ServerB 10.10.2.102 /24 = server on same local subnet as ServerA (also
no domain)
Client1 192.168.1.50 /24 = Random internet client (my computer for
example, winxpsp2 or win2k same result)
ServerA has been rebooted. This apparently just started happening in
the last week or two. No known changes occured around the start of
this issue.
on ServerB
net use \\10.10.2.101\logfiles /user:loguser passwordishere
this connects instantly and I can now browse the share
on Client1
net use \\10.10.2.101\logfiles /user:loguser passwordishere
gives
System error 1326 has occurred.
Logon failure: unknown user name or bad password.
2 Event log entries on ServerA
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 529
Date: 2/27/2007
Time: 5:40:56 PM
User: NT AUTHORITY\SYSTEM
Computer: ServerA
Description:
Logon Failure:
Reason: Unknown user name or bad password
User Name: loguser
Domain: 10.10.2.101
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: Client1
Event Type: Failure Audit
Event Source: Security
Event Category: Account Logon
Event ID: 681
Date: 2/27/2007
Time: 5:40:56 PM
User: NT AUTHORITY\SYSTEM
Computer: ServerA
Description:
The logon to account: loguser
by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
from workstation: Client1
failed. The error code was: 3221225578
ServerA has been rebooted. the user credentials have been given as
/user:ServerA\loguser
and as
/user:10.10.2.101\loguser
always with the same results. There is nothing on the net that I could
find that was this exact case... Most are when there is a windows
domain involved or there really is a typo. Any ideas or suggestions
would be appreciated.
on a domain, just a plain workgroup. From another server on the local
subnet (also not on a domain) I am able to connect to the first server
to access shared directories. From clients not on the local subnet
there is auth errors.
Example
ServerA 10.10.2.101 /24 = server with shares (no domain)
ServerB 10.10.2.102 /24 = server on same local subnet as ServerA (also
no domain)
Client1 192.168.1.50 /24 = Random internet client (my computer for
example, winxpsp2 or win2k same result)
ServerA has been rebooted. This apparently just started happening in
the last week or two. No known changes occured around the start of
this issue.
on ServerB
net use \\10.10.2.101\logfiles /user:loguser passwordishere
this connects instantly and I can now browse the share
on Client1
net use \\10.10.2.101\logfiles /user:loguser passwordishere
gives
System error 1326 has occurred.
Logon failure: unknown user name or bad password.
2 Event log entries on ServerA
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 529
Date: 2/27/2007
Time: 5:40:56 PM
User: NT AUTHORITY\SYSTEM
Computer: ServerA
Description:
Logon Failure:
Reason: Unknown user name or bad password
User Name: loguser
Domain: 10.10.2.101
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: Client1
Event Type: Failure Audit
Event Source: Security
Event Category: Account Logon
Event ID: 681
Date: 2/27/2007
Time: 5:40:56 PM
User: NT AUTHORITY\SYSTEM
Computer: ServerA
Description:
The logon to account: loguser
by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
from workstation: Client1
failed. The error code was: 3221225578
ServerA has been rebooted. the user credentials have been given as
/user:ServerA\loguser
and as
/user:10.10.2.101\loguser
always with the same results. There is nothing on the net that I could
find that was this exact case... Most are when there is a windows
domain involved or there really is a typo. Any ideas or suggestions
would be appreciated.