|
*Sounds* like something to do with the pre-authentication
settings. Have you already captured a network trace? If not, you may
want that and may want to check the websites of those products for your versions
to see if any issues have been logged there.
Al From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Wright, T. MR NSSB Sent: Thursday, July 08, 2004 1:35 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Possibly OT: Application Authentication Issues with Win2003 All, We are in the process of upgrading our AD domain from Win2k SP4 to Win 2003. We have a single forest with 2 domains with an empty mgmt root domain. We have been swapping out the Win2k DC's with freshly built Win2k3 DC's one at a time. We completed the empty root domain without any problems, then we went to work on the child domain (which is where all of the accounts exist) Yesterday we dcpromo'd a new Win2003 DC into the child domain and transferred the PDCE & RIDMaster Roles off of our old Win2k DC that was holding roles and onto this Win2003 machine. We then DCpromo'd the old Win2k machine to take it out of domain. Here's where things got a little crazy, since we made that switch the following things have all stopped working:
Our Cisco VPN Concentrator has stopped being able to authenticate users, when I look in the logs on the server when someone tries to authenticate it appears as a bad username/password combo, even though the proper credentials are being supplied.
Our developers were testing AD authentication for all of our Cold Fusion Apps in their labs for the past few months since the upgrade their CFLDAP lookups have stopped working. Looking at the event logs shows successful authentication from the CF Web Server when I log in, it seems that it's never getting back to the webserver.
Last, we have a few departments that are running Snap Servers for local file storage, these devices have also stopped being able to authenticate users. The machines are up and on the network, when I try to connect to the shares I get access denied errors.
All of these things were working when the 2k box was there, and have only stopped working since the upgrade to 2003. I have quite a few ideas as to what could be the problem, but I wanted to see if anyone else had experienced any issues like these.
TIA,
-Tim |
