General discussion

  • Creator
    Topic
  • #2091324

    NT Workstation Security Problem

    Locked

    by ruloth ·

    I have an NT 4.0 Workstation running NTFS and is on SP6. After joing the domain the PC will not allow domain users to access the local drive. Users with Domain Admin permissions have no problem accessing the PC. All the directory and file permissions are standard from the NT installation. The only way I can allow the Domain users to use the PC is by making them a member of local administrators group on the PC.

    Any ideas would be appreciated!

All Comments

  • Author
    Replies
    • #3879932

      NT Workstation Security Problem

      by shmaltz ·

      In reply to NT Workstation Security Problem

      Make sure that you did not give anyone the No Access permission as this permission overrides any other permission.

      • #3879929

        NT Workstation Security Problem

        by ruloth ·

        In reply to NT Workstation Security Problem

        Appreicate the reply.

        As I stated in the message the permissions are the NT defaults. On the C Drive the share is the default(Everyone). The NTFS permissions are also the default(Everyone). This is the same for the WINNT directory.

    • #3879881

      NT Workstation Security Problem

      by don christner ·

      In reply to NT Workstation Security Problem

      Within each user you can allow them to logon to certain computers or all computers. Make sure that the users are allowed to logon to all computers, or at least the computer in question. This is stored on the server, not the local perms.

      Don

      • #3879870

        NT Workstation Security Problem

        by ruloth ·

        In reply to NT Workstation Security Problem

        All users within our environment are able to logon to any workstation. This was one of the first items I had double checked. Just before replying to this message I went and changed all the permissions on the c drive and sub directories for “Everyone” to have full control. It did not make a difference. After the domain user logs on he/she is prompted for a user name and password to access c$.

    • #3879747

      NT Workstation Security Problem

      by allan ·

      In reply to NT Workstation Security Problem

      Are you running “System Policies” ?
      If so, the problem may be there.
      Otherwise you need to change the permissions for the “Right to Log on Locally”

      • #3879707

        NT Workstation Security Problem

        by ruloth ·

        In reply to NT Workstation Security Problem

        I’m not running system policies but I did check the Account Policy. Something I hadn’t thought of. Checking the permissions. My setting indicated that Domain Users have the right to log on locally. ( For a minute I thought you had it!!)

    • #3879706

      NT Workstation Security Problem

      by ruloth ·

      In reply to NT Workstation Security Problem

      Point value changed by question poster.

    • #3880604

      NT Workstation Security Problem

      by m_galvin ·

      In reply to NT Workstation Security Problem

      If you are using DHCP reserve that workstation’s IP address with a bogus Unique Idenitfier, then release and renew the workstation.

      • #3880683

        NT Workstation Security Problem

        by ruloth ·

        In reply to NT Workstation Security Problem

        We are using DHCP. I made the changes that you suggested. There was no difference.

    • #3880463

      NT Workstation Security Problem

      by nicko ·

      In reply to NT Workstation Security Problem

      Sorry, could you please clarify:
      are the users sitting at this workstation when you say they log on to it or they connecting remotely to a share?

      Have you excplicitly shared out c to everyone or are you using the default c$ share?

      • #3880445

        NT Workstation Security Problem

        by ruloth ·

        In reply to NT Workstation Security Problem

        The users are sitting down at the machine. The share that is being used is the default c$ share. I hve not changed any of the NT setting since the install

    • #3878689

      NT Workstation Security Problem

      by ewing bettles ·

      In reply to NT Workstation Security Problem

      I’ve had similar problems in the past when using “imaged” workstations. Even when the computer name and SID’s have been changed, shortcuts have embedded UNC information that still points to the original workstation name. If that original workstation name still exists on the network, each time a link is accessed it resolves to the original computer name UNC path, and the normal domain user doesn’t have local administrator privaleges necessary to access the c$ share of that original machine.

      Two ways to fix this:
      1. Find the original computer name and remove it from the network. When the link resolution is attempted, the O/S will first try the original UNC path, if this isn’t available a local path will be substituted – permanently. Downside is timeout period required for each different link.

      2. If network shortcut resolution isn’t a biggie, please follow the information provided in Microsoft’s Technet KB article Q158682 to add a Registry value to HKEY_LOCAL_MACHINE subtree. The entry, LinkResolveIgnoreLinkInfo, its value and exact location are fully explained within the article.

      Hope this helps, -Ewing

      • #3878498

        NT Workstation Security Problem

        by ruloth ·

        In reply to NT Workstation Security Problem

        The issue was resolved with the article Q158682. It however does not resolve similar issues on a Windows 2000 desktop.

        Thanks.

    • #3878497

      NT Workstation Security Problem

      by ruloth ·

      In reply to NT Workstation Security Problem

      This question was closed by the author

Viewing 7 reply threads