Home All Groups Group Topic Archive Search About

Can't log on to a Win2k3 domain with a DOS client

microsoft.public.windows.server.general
Author
27 May 2005 6:43 PM
E.J.
Hello everyone.
We recently moved to a new set of Win2k3 terminal servers that also
have a domain controller for about 5-10 fat clients we have around.
Two of these are computer controlled CNC machines that are basically
DOS computers that run DOS TCP networking and have a custom control
interface.  Since our switch from NT to 2k3, these and only these two
CNC clients cannot log onto our domain, which has that same name as it
did before.  Other fat clients can log on just fine.  There is a net
logon command in the autoexec.bat file, and now whenever it runs I get
prometed to, "Enter password for the Domain XExampleX:", but the
password is already inclued in the net logon command.  After entering
the correct password, I am always greeted with the message, "Error 5:
Access has been Denied."  Entering the wrong password also generates
this same message.

I have tried many things, including: reinstalling DOS TCP networking,
changing the password, deleting the password file, and using the net
start command instead.  All of these yeilded no luck, as the machines
also need to seamlessly boot, and not prompt for a logon.  I have been
searching microsoft's support quite a bit, and can't seem to find
anything applying to this specific issue.  Any help would be greatly
appreciated.  Thanks in advance.

-E.J.

Author
27 May 2005 10:36 PM
Kevin Longley
The following is required if you need OS2, Windows 95 or NT 4 SP3 or
earlier, access to resources in a Windows 2003 domain - I have used a dos
client and it does work also.


To prevent domain controllers from requiring secure channel signing or
encryption

Open Active Directory Users and Computers.
In the console tree, right-click Domain Controllers, click Properties, and
then click the Group Policy tab.
Click Default Domain Controllers Policy, and then click Edit.
Under Security Options, right-click Domain member: Digitally encrypt or sign
secure channel data (always), click Properties, and then click Disabled.

Where?

Computer Configuration
Windows Settings
Security Settings
Local Policies
Security Options

By disabling this security setting, you expose secure channel
communications to man-in-the-middle attacks.

Show quoteHide quote
"E.J." <mba***@gmail.com> wrote in message
news:1117219401.734012.43590@g43g2000cwa.googlegroups.com...
> Hello everyone.
> We recently moved to a new set of Win2k3 terminal servers that also
> have a domain controller for about 5-10 fat clients we have around.
> Two of these are computer controlled CNC machines that are basically
> DOS computers that run DOS TCP networking and have a custom control
> interface.  Since our switch from NT to 2k3, these and only these two
> CNC clients cannot log onto our domain, which has that same name as it
> did before.  Other fat clients can log on just fine.  There is a net
> logon command in the autoexec.bat file, and now whenever it runs I get
> prometed to, "Enter password for the Domain XExampleX:", but the
> password is already inclued in the net logon command.  After entering
> the correct password, I am always greeted with the message, "Error 5:
> Access has been Denied."  Entering the wrong password also generates
> this same message.
>
> I have tried many things, including: reinstalling DOS TCP networking,
> changing the password, deleting the password file, and using the net
> start command instead.  All of these yeilded no luck, as the machines
> also need to seamlessly boot, and not prompt for a logon.  I have been
> searching microsoft's support quite a bit, and can't seem to find
> anything applying to this specific issue.  Any help would be greatly
> appreciated.  Thanks in advance.
>
> -E.J.
>
Are all your drivers up to date? click for free checkup

Author
1 Jun 2005 5:38 PM
E.J.
Thanks for that idea, but unfortunately it didn't work.  As I said
originally, all of our other DOS clients work just fine except these
two specific ones, so I think the issue is more with these two
computers rather that getting DOS machines to work in general.  Any
other ideas?  Thank.s
Author
1 Jun 2005 5:38 PM
E.J.
Thanks for that idea, but unfortunately it didn't work.  As I said
originally, all of our other DOS clients work just fine except these
two specific ones, so I think the issue is more with these two
computers rather that getting DOS machines to work in general.  Any
other ideas?  Thanks

Bookmark and Share

Post Other interesting topics
Net use lpt1 command
What DOS command to unlock acct?
L2TP/Ipsec on RRAS
Exporting AD users and Groups
Installing Windows SErver 2003
Password problem
Server 2003 Backup
Internal vs External Web Access
server shuts down unexpectedly every morning around 5 am
WebDav Large file download problems