I found a solution.....
I typed trhe DNS seufix in tcp properties, and it is now working.
This is strange, cause, my server is "server01.mydomain.com.br" , it is member of the domain, I can ping it as server01.mydomain.com.br. I added the "my domain.com.br" in the dns configuration > "append these DNS suffixes (in order)" and it is now working.
Now my question would change to:
If it is already member of tha domain, why do I have to add suffixes?
Adrião
| "Guy Teverovsky"
<[EMAIL PROTECTED]>
Enviado Por: [EMAIL PROTECTED] 30/06/2006 15:45
|
|
I have been bitten by it with databases, but my understanding is that it is relevant to any authentication attempt that tries to access a resource that does not have a registered SPN.
http://support.microsoft.com/?id=887993
Now that I think about it, the right way would probably be to make sure the required SPN is registered for the server in question. The KB above can help determining whether it is an SPN issue. If it is, after registering the SPN, the DisableLoopbackCheck reg value can be set back to 0 or deleted.
Guy
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Abouelnasr, Jerry
Sent: Friday, June 30, 2006 11:54 AM
To: [email protected]
Subject: RE: [ActiveDir] Windows 2003 sp1 DNS problem
Is it your experience that this applies to UNC file paths as well?
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Guy Teverovsky
Sent: Friday, June 30, 2006 9:57 AM
To: [email protected]
Subject: RE: [ActiveDir] Windows 2003 sp1 DNS problem
Another thing that is worth mentioning is the loopback check that has been enforced since W2K3 SP1.
Try disabling the loopback check or specifying additional FQDNs using one of the methods in the following KB:
http://support.microsoft.com/?kbid=896861
Guy
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Friday, June 30, 2006 8:14 AM
To: [email protected]
Cc: [email protected]; [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Windows 2003 sp1 DNS problem
Thanks a lot, It did not work. I used additional names, disabled strict name checking.... But it is still the same.
I am almost aware it´s a SP1 security function. But there must be a way to disable that.....
I´m still waiting new tips...
Adrião.....
|
| "Grillenmeier, Guido"
<[EMAIL PROTECTED]> Enviado Por: [EMAIL PROTECTED] 29/06/2006 20:40
|
|
I wasn't aware that this was a change in SP1, but it sounds as if StrictNameChecking is enabled on your server after you've added SP1
(http://support.microsoft.com/default.aspx?scid=kb;en-us;281308)
You ca disable it in general by configuring the DisableStrictNameChecking reg-key as the KB above explains. However, this would allow to access the server via _any_ name. I typically suggest to use the reg-keys to limit additional names to those you really want:
DNS:
HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AlternateComputerNames (Multi-SZ)
NetBios:
HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\Parameters\OptionalNames (Multi-SZ)
This can also be done via the Win2003 version of NETDOM:
NETDOM COMPUTERNAME <current NetBIOS or DNS name> /add:<additional FQDN name>
/Guido
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Donnerstag, 29. Juni 2006 21:38
To: [email protected]
Cc: [EMAIL PROTECTED]
Subject: [ActiveDir] Windows 2003 sp1 DNS problem
Hallow all.
I need help in a problem I have after installing Service Pack 1
This is the case:
I have a windows 2003 Server (I Will call it SERVER01), without service pack 1
I created a dns name like this
aplicacao.mycompany.com
Before installing SP1, when I called locally
\\aplicacao.mycompany.com
It opened shared folders perfectly
Now , after SP1, if I call \\aplicacao.mycompany.com It asks for a user and password. I don´t know witch password or user is that...
If I call \\SERVER01.mycompany.com, it works.....
What was changed after installing SP1?
how can I correct that?
Adrião
