Eric;
You read through the guidance and examined the settings in our baseline before deploying them, right? You have to invest the time in order to be able to effectively deploy our security guidance while minimizing problems such as what you describe. in this
case, its probably the setting called "Microsoft network client: Digitally sign communications (always)" That setting is located in the group policy editor at:
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options
The best way to resolve this issue is to enable the digital signing of communications on all of your file servers. If you're using non-Microsoft technologies like NetApp or SAMBA recent versions of those products also support digital signing, you need to
upgrade to the latest version and make sure you enable signing.
Another setting that may be involved affects NTLM authentication level, its in the same location in group policy and its called "Network security: LAN Manager authentication level" You need to make sure that all of the Windows computers on your network are
configured in a compatible way. Read the information in SCM for the setting to see what I mean.
Kurt Dillard http://www.kurtdillard.com
