• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

AUTOEXNT on win2k3

Shamus MacNoob

Moderator
Political User
#1
I am using win2k3 sever at work and we are having a little trouble running a batch file with autoexnt, on NT it worked fine but now we have migrated to win2003 server and when we try to run the .bat we are getting an error about invalid password so thats where is stops we need to get this running and any info about logon errors using autoexnt on win2003 server would really help me right now.

thanks in advance
 

Shamus MacNoob

Moderator
Political User
#3
Sry its at work but trust me the same exact batch works on NT I think I am getting close with this

When a network connection is made with NET USE /USER:'Domain\Auser', the redirector sends an Server Message Block (SMB) frame "C Session setup" to the server in order to validate the credentials of "Domain\Auser." The server creates an access token for this user and replies to the redirector with an SMB frame "R Session setup" including a user ID that will be used in all consecutive SMB frames related to the connection.
NET USE X: \\ASERVER\SHARE /USER :DOMAIN\Auser
The drive X: is mapped to \\ASERVER\SHARE and can only be used by processes which have validated the credentials of DOMAIN\AUser. Therefore only the following processes can access the network drive X:

but in win2003 by default it demands SMB

so by going this way


Workaround for SMB signing

If Windows NT 4.0-based clients do not have Windows NT 4.0 Service Pack 6 (SP6) installed or if Windows 95,98, 98SE-based clients do not have the Directory Service Client installed, you can disable SMB signing in the default domain controller's policy setting on the domain controller's OU and then link this policy to all OUs that host domain controllers. We recommend that you install Service Pack 6a (SP6a) on Windows NT 4.0 clients that interoperate in a Windows Server 2003-based domain. Windows 98 Second Edition, Windows 98 and Windows 95 clients must run the Directory Services Client to perform NTLMv2.

The Directory Services Client for Windows 98 Second Edition, Windows 98 and Windows 95 will perform SMB Signing with Windows 2003 servers under NTLM authentication, but not under NTLMv2 authentication. Additionally, Windows 2000 servers will not respond to SMB Signing requests from these clients.

Although Microsoft does not recommend it, you can prevent SMB signing from being required on all domain controllers that run Windows Server 2003 in a domain. To configure this security setting, follow these steps: 1.Open the default domain controller's policy.2.Open the Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options folder.3.Locate and then click the Microsoft network server: Digitally sign communications (always) policy setting, and then click Disabled.


I might be onto something also there is talk about the group policy editor I might need to fiddle in there ... but Monday I will post the .bat either way
 

Members online

No members online now.

Latest posts

Latest profile posts

Perris Calderon wrote on Electronic Punk's profile.
Ep, glad to see you come back and tidy up...did want to ask a one day favor, I want to enhance my resume , was hoping you could make me administrator for a day, if so, take me right off since I won't be here to do anything, and don't know the slightest about the board, but it would be nice putting "served administrator osnn", if can do, THANKS

Been running around Quora lately, luv it there https://tinyurl.com/ycpxl
Electronic Punk wrote on Perris Calderon's profile.
All good still mate?
Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,962
Messages
673,240
Members
89,018
Latest member
timpage