none
NTLMSSP 4625 Failure since Windows Update RRS feed

  • Question

  • Hi all

    I have a very bad problem here. before my W2K12R2 Server have been updated, i was able to transfer my files from a W2K19 Server to that W2K12R2 Server. The Share where i had, i allow the ComputerAccount to connect to this share ( SCCM Automation Task, create vhdx file and deploy it on that server). because of SCCM i must allow the ComputerAccount to connect to this share. So this is working fine until i update my W2K12R2 Server in August with this Updates. Since there i was not able to connect again to this share over SCCM Automation. I can not connect to any other W2K12R2 Server with a ComputerAccount. When i try it, it popups the Windows Logon Credentials Window. When i connect than with a Domain user i come to the share. but only with computer account it work not. i try different Security GPO - NTLM Options but i had no luck. Can someone help here and give me the right hint?

    regards

    franco

    Wednesday, September 11, 2019 10:38 AM

All replies

  • this not help really, i mean it must have change here something in general. why i can connect to other w2k16 oder w2k19 machines, but not to the w2k12r2? there must be something from windows ms side, what are now different as before the august updates coming.
    Wednesday, September 11, 2019 12:32 PM
  • Hello,
    Thank you for posting in our TechNet forum.

    Would you please tell us which update do we install on W2K12 R2 server?

    From August 13, 2019—KB4512489 (Security-only update), we can see:



    So if we have installed August 13, 2019—KB4512489 (Security-only update) on W2K12 R2, we can try to install KB4512478 to see if it helps.




    Best Regards,
    Daisy Zhou


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, September 12, 2019 5:57 AM
    Moderator
  • so what i see, is that since 17.08.2019 somewhere the ntlm lan manager level must be changed, since there i am not able to connect to the share with my computer account. on smb event i get following error:

    SMB Session Authentication Failure

    Client Name: \\10.x
    Client Address: 10.x:64608
    User Name: 
    Session ID: 0x1C00000000011
    Status: The attempted logon is invalid. This is either due to a bad username or authentication information. (0xC000006D)

    Both Server / W2K19 Server and also W2K12R2 Server has same NTLM Level 5. So what must i set in GPO that i can connect from W2K19 Server to a FileShare of a W2K12R2 Server with a Computer Account?

    Regards

    Franco


    Thursday, September 12, 2019 8:59 AM
  • Hi,
    We can troubleshoot as below:

    1. On one problematic server, if we have installed KB4512489, we can try to uninstall it or try to install KB4512478 to see if it helps.

    2. On one problematic server, if we have not installed KB4512489, we can try to change NTLM level to see if it helps.


    Reference:
    Network security: LAN Manager authentication level
    https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level



    Best Regards,
    Daisy Zhou

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, September 13, 2019 2:18 AM
    Moderator
  • i try both Updates but nothing helps, i also have the KB4512488 installed, but the same behaviour. When i try to set NTLM Level to 3 on both sides, i can't see the file share again, with both NTLM 4 i get the windows credential popup again, so very confusing me, what is here happen. can you look in your lab, if you get this working?

    regards franco

    Friday, September 13, 2019 5:27 AM
  • did you know, because i dont think it is a ntlm setting, because when i set my credentals i am able to see the share. so it must be a security setting, that w2k19 os not allow traffic between w2k19 to w2k12r2 server or vice versa. did MS apply a patch in this time what cut this maybe?
    Friday, September 13, 2019 5:50 AM
  • Hi,

    We can try to uninstall KB4512489 and KB4512478 to see if the issue is related to update if we can do it.


    Best Regards,
    Daisy Zhou

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, September 13, 2019 6:33 AM
    Moderator
  • that what i wrote to you, i have try to also uninstall this patches, but same behaviour.
    Friday, September 13, 2019 7:35 AM
  • Hi,
    We can try to re-install the operating system with 2012 R2 on one machine. And install all the patch except the patch in Auguest 2019.

    Then join the machine to our domain to see if the issue persists.



    Best Regards,
    Daisy Zhou

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, September 16, 2019 7:20 AM
    Moderator
  • Hi,
    If this question has any update or is this issue solved? Also, for the question, is there any other assistance we could provide?



    Best Regards,
    Daisy Zhou

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, September 18, 2019 2:07 AM
    Moderator
  • Hi,
    Would you please tell me how things are going on your side. If you have any questions or concerns about the information I provided, please don't hesitate to let us know. 
     
    Again thanks for your time and have a nice day!



    Best Regards,
    Daisy Zhou

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, September 20, 2019 1:53 AM
    Moderator