Quote:
|
Originally Posted by steverobbo
Blue68f100, The clients are mostly using XP Pro but I also cannot connect from one of the servers (W2K & W2K3).
Re3dyb0y, From what I've read on this forum the v4 OS is a chargeable upgrade so I'd be loathe to purchase it if my current version should include the functionality. Am I better off starting again from scratch? I get a couple of 'master browser errors in my Snap log, do you think this may have any relevance?
|
I found this on SnapAppliance server it may help.
Introduction
The Snap OS was designed to interoperate with Windows NT 4.0 domains. While Snap Servers are not Windows NT 4.0 Domain Controllers, the Snap Servers will attach to the Domain Controller and retrieve the Users and Groups from the Domain Controller so that Administrators do not need to re enter their users and groups. In addition, Snap Servers can authenticate a user connection utilizing the Domain Controller. This provides a seamless authentication to the various Windows clients. As of the latest SnapOS release (v4.0), Snap Servers support all Windows clients. In order to support such a wide range of Windows clients, the SnapOS supports only those authentication protocols that are supported across all Windows clients and are consistent with the original NT 4.0 implementation.
It should be pointed out that the SnapOS v4.0 works with all Windows clients in their default configuration. Most client connection / compatibility problems with the SnapOS v4.0 would indicate that either a policy or registry setting has been modified to change the default behavior of the various Windows clients.
Authentication Protocols
SnapOS supports two CIFS authentication protocols. LM and NTLM are both supported which is consistent with the protocols required to support all Windows client platforms, other CIFS clients and even some older DOS / Lan Manager clients. Unfortunately, we do not support NTLMv2 authentication, NTLMv2 Session Security or Kerberosv5 authentication.
Signing
The SnapOS does not support SMB Signing. If this is enabled, the client connections to the Snap Server cannot be successfully authenticated with the domain controller and will result in a failed connection and/or an access denied message.
Registry Settings for Domain Controllers
Windows NT, Windows 2000, Windows XP and Windows 2003
HKEY_LOCAL_MACHINES\System\CurrentControlSet\Contr ol\LSA\LMCompatibilityLevel
must be either a 0 (NT & 2000 default), 1, or 2 (Win2003 default). LMCompatibilityLevel 3-5 are not supported.
HKEY_LOCAL_MACHINES\System\CurrentControlSet\Servi ces\LanManServer\Parameters\EnableSecuritySignatur e
must be 0
HKEY_LOCAL_MACHINES\System\CurrentControlSet\Servi ces\LanManServer\Parametes\RequireSecuritySignatur e
must be 0
Registry Settings for Workstations
Windows NT, Windows 2000, Windows XP and Windows 2003
HKEY_LOCAL_MACHINES\System\CurrentControlSet\Contr ol\LSA\LMCompatibilityLevel
must be either a 0 (NT & 2000 default), 1, or 2 (Win2003 default).
LMCompatibilityLevel 3-5 is not supported.
HKEY_LOCAL_MACHINES\System\CurrentControlSet\Servi ces\Rdr\Parameters\EnableSecuritySignature
must be 0
HKEY_LOCAL_MACHINES\System\CurrentControlSet\Servi ces\Rdr\Paramete\RequireSecuritySignature
must be 0
Windows 95, Windows 98, Windows ME machines
HKEY_LOCAL_MACHINES\System\CurrentControlSet\Contr ol\LSA\LMCompatibility
must be a 0 (default). LMCompatibility 3 is not supported.
HKEY_LOCAL_MACHINES\System\CurrentControlSet\Servi ces\VxD\Vnetsup\EnableSecuritySignature
must be 0
HKEY_LOCAL_MACHINES\System\CurrentControlSet\Servi ces\VxD\Vnetsup\RequireSecuritySignature
must be 0