Probably not applicable to this subject
but I had a problem with SP1 when it added in Data Execution Prevention.
A new tab labeled Data Execution
Prevention is present under System Properties – Advanced –
Performance Settings that tells the O/S not to run certain potentially harmful
programs and scripts. I have to support a java-based application and it was
driving us nuts until we adjusted DEP for Windows apps only.
Keep another SP1 item to keep an eye
on......
-----Original Message-----
From: Guy Teverovsky
[mailto:[EMAIL PROTECTED]
Sent: Friday, June 30, 2006 11:46
AM
To: [email protected]
Subject: RE: [ActiveDir] Windows
2003 sp1 DNS problem
I
have been bitten by it with databases, but my understanding is that it is
relevant to any authentication attempt that tries to access a resource that
does not have a registered SPN.
http://support.microsoft.com/?id=887993
Now
that I think about it, the right way would probably be to make sure the
required SPN is registered for the server in question. The KB above can help
determining whether it is an SPN issue. If it is, after registering the SPN,
the DisableLoopbackCheck reg value can be set back to 0 or deleted.
Guy
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Abouelnasr, Jerry
Sent: Friday, June 30, 2006 11:54 AM
To: [email protected]
Subject: RE: [ActiveDir] Windows
2003 sp1 DNS problem
Is it your experience
that this applies to UNC file paths as well?
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Guy Teverovsky
Sent: Friday, June 30, 2006 9:57
AM
To: [email protected]
Subject: RE: [ActiveDir] Windows
2003 sp1 DNS problem
Another
thing that is worth mentioning is the loopback check that has been enforced
since W2K3 SP1.
Try
disabling the loopback check or specifying additional FQDNs using one of the
methods in the following KB:
http://support.microsoft.com/?kbid=896861
Guy
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Friday, June 30, 2006 8:14
AM
To: [email protected]
Cc: [email protected];
[EMAIL PROTECTED]
Subject: RE: [ActiveDir] Windows
2003 sp1 DNS problem
Thanks a lot, It did not work. I used additional names,
disabled strict name checking.... But it is still the same.
I
am almost aware it´s a SP1 security function. But
there must be a way to disable that.....
I´m
still waiting new tips...
|
"Grillenmeier, Guido"
<[EMAIL PROTECTED]>
Enviado
Por: [EMAIL PROTECTED]
29/06/2006
20:40
|
|
I wasn't aware that this was a change in SP1,
but it sounds as if StrictNameChecking is enabled on your server after you've
added SP1
(http://support.microsoft.com/default.aspx?scid=kb;en-us;281308)
You ca disable it in general by configuring the
DisableStrictNameChecking reg-key as the KB above explains. However, this
would allow to access the server via _any_ name. I typically suggest to
use the reg-keys to limit additional names to those you really want:
DNS:
HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AlternateComputerNames
(Multi-SZ)
NetBios:
HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\Parameters\OptionalNames
(Multi-SZ)
This can also be done via the Win2003 version of NETDOM:
NETDOM COMPUTERNAME <current NetBIOS or DNS name>
/add:<additional FQDN name>
/Guido
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Donnerstag, 29. Juni 2006 21:38
To: [email protected]
Cc: [EMAIL PROTECTED]
Subject: [ActiveDir] Windows 2003 sp1 DNS problem
Hallow all.
I need help in a problem I have after installing
Service Pack 1
This is the case:
I have a windows 2003 Server (I Will call it
SERVER01), without service pack 1
I created a dns name like this
aplicacao.mycompany.com
Before installing SP1, when I called locally
\\aplicacao.mycompany.com
It opened shared folders perfectly
Now , after SP1, if I call \\aplicacao.mycompany.com
It asks for a user and password. I don´t know witch password or user is
that...
If I call \\SERVER01.mycompany.com, it
works.....
What was changed after installing SP1?
how can I correct that?
Adrião
