Friday, March 4, 2005

How to enable Windows 98/ME/NT/Mac clients to logon to Windows 2003 based Domains

Symptoms: Most companies have legacy operating system like - Windows 98, that give them backward compatibility for legacy applications. The default settings of Windows 2003 domains prohibit the logon of these clients. To overcome this limitation, a change of behavior is needed.
Cause: By default, security settings on domain controllers running Windows Server 2003 are configured to help prevent domain controller communications from being intercepted or tampered with by malicious users. For users to successfully negotiate communications with a domain controller that runs Windows Server 2003, these default security settings require that client computers use both server message block (SMB) signing and encryption or signing of secure channel traffic. Clients that run Windows NT 4.0 with SP2 or earlier installed and clients that run Windows 95 do not have SMB packet signing enabled and cannot authenticate to a Windows Server 2003 domain controller.
Resolution: You can find the HowTo here.

No comments:

Post a Comment