none
Trouble with server access on XP workstations after disabling NoLmHash in server registry

    Question

  • Hello,

    I've had to disable SMB packet signing and have allowed storage of LAN manager hash value as well as set LAN manager authentication level to Send LM & NTLM-USE NTLMv2 session if negotiated....in order to allow DOS machines onto the domain network.  All of the windows 7 workstations work just fine, but the XP Pro workstations log onto the domain but have no access to the server (which also serves as domain controller).  This entire DOS project has been a nightmare, the network performed flawlessly prior to my attempts to include our DOS based machine tools.  Any help would be greatly appreciated!

    Friday, November 08, 2013 4:02 PM

Answers

All replies

  • Hi,

    Which edition of windows server you are using?

    Also the change should be made on all the DCs.

    Follow the guide to change the registry value:

    How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases

    http://support.microsoft.com/kb/299656

    Monday, November 11, 2013 12:02 PM
  • Hi, Thanks for the reply.  I'm running 2008 R2 enterprise.  I'm getting the following message on the XP machines:

    \\(the server) is not accessible. You might not have permission to use this network resource.  Contact the administrator of this server to find out if you have permissions.

    The specified network name is no longer available.

    The XP machines log onto the domain, and have access to the shared files on the other workstations, just not the server.  And again, the Windows 7 machines have no problems at all.

    Monday, November 11, 2013 1:32 PM
  • Hi,

    Have you checked the permission of the user?

    Log on the server and check the shared folder if the user is under the group with read permission.

    Hope this helps.

    Friday, November 15, 2013 9:48 AM