So I did my research and found multiple answers that say the same thing. In order for old NT clients to authenticate to 08 DC's you have to change the following. I've done so with no success. Am I missing something else? It's been 6 hours since I made the change so policy should have replicated. Nothing in the security event log on the DC other than and audit success when the computer attempted to validate the credentials for the account.
Default Domain Controller GPO: Computer Configuration->Policies->Windows Settings->Security Settings->Local Policies->Security Options Network security: LAN Manager authentication level ----Send LM & NTLM - use NTLMv2 session security if negotiated Computer Configuration->Policies->Administrative Templates->System->Net Logon Allow cryptography algorithms compatible with Windows NT 4.0 ---Enabled Software\Policies\Microsoft\Netlogon\Parameters\AllowNT4Crypto 1 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin