Title: Message
Check out this article from Paula Sharick @ Windows 2000 mag - there are a few low level security changes made in SP4 that might cause some issues, both with certain applications using SeImpersonate but also with Terminal Services:
http://www.win2000mag.net/Articles/Index.cfm?ArticleID=39534
 
(Also liked from http://www.wiredeuclid.com/modules.php?op=modload&name=News&file=article&sid=9&mode=thread&order=0&thold=0) [1]
 
Roger
--------------------------------------------------------------
Roger D. Seielstad - MTS MCSE MS-MVP
Sr. Systems Administrator
Inovis Inc.
 
[1] Yeah, its back up, but I lost a few weeks worth of data. I'll get it back sooner or later I think.
-----Original Message-----
From: Wilkinson, Stephen [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 27, 2003 9:48 AM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] Terminal Services and domain credentials Win2k3-Win2k

This maybe slightly off-topic but we are seeing something odd in our environment where when we try to connect via terminal service (any client) to a host in a Windows 2000 (SP4) Active Directory domain with an account from a W2003 Active directory account the domain credentials do not pass through, i.e. if we fire up mstsc, select options and put the username, password and domain name, ts will connect to the machine then try to logon locally (with the supplied account name and password) and not onto the specified domain.  It is as if it is ignoring the domain name supplied only if it is a Windows 2003 domain

All domains are fully trusted (2 way) and is re-producible with W2003 -> W2000 only.  We can reproduce in our lab as well on a test W2003 AD.  However if we use  NT4 domain account credentials or W2000 account credentials all is well.  It is not dependent on which domain the source host is a member of, purely the domain which the accounts credentials are from.

Has anyone seen this or can anyone spend 5 mins to see if they can re-produce?
This is causing us real headaches a we cannot pass-through authenticate to our citrix farms - so we cannot migrate to our Windows 2003 AD until we have a solution so any help gratefully received.

Logged with PSS but as yet no response.

Thanks in advance


Stephen Wilkinson

Tel     +44(0)207 4759276
Mobile  +44(0)7973 143970
E-Mail: [EMAIL PROTECTED]



----------------------------------------------------------------------
If you have received this e-mail in error or wish to read our e-mail
disclaimer statement and monitoring policy, please refer to
http://www.drkw.com/disc/email/ or contact the sender.
----------------------------------------------------------------------

Reply via email to