For years you had a thing called "Sister accounts" that existed between
computers and domains, when you had a username/password combo that was the
same it did passthrough authentication. Supposedly MS fixed this, but I
seem to remember it still working after that. I don't know of any reason it
would have to have been just MS stuff, any LANMAN authentication should have
worked the same way at the time, it was the "other" system that was taking
the token and passing you on. Perhaps the AS/400 LANMAN authentication
modules are still based on the older principals.
+-------------------------------------------------------------------+
Kevin Flanagan
C/S Planning Engineer III
I/T Implementation Department
Branch Banking & Trust Company
3261 Atlantic Avenue, Suite 116
MC: 172-85-01-00
Raleigh, NC 27604
Voice: 919-716-6209
-----Original Message-----
From: Walden H. Leverich [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 28, 2001 9:36 AM
To: NT 2000 Discussions
Subject: RE: Mapping drives with different user names (almost)
FYI, I'm going back and forth with MS Security to determine if this is a
bug/security hole. As it looks now, case #1 is "as designed" but case number
4 is still open to negotiation.
-Walden
-----Original Message-----
From: Andrew S. Baker [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 28, 2001 6:47 AM
To: NT 2000 Discussions
Subject: RE: Mapping drives with different user names (almost)
Interesting!
I don't think I've ever tried #4...
Time for some experimentation...
==============================================================
ASB - http://www.ultratech-llc.com/KB/?File=~MoreInfo.TXT
==============================================================
"And when fate summons monarchs must obey."
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Keystrokes are an Endangered Species: http://www.shortkeys.com/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>-----Original Message-----
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED]]On Behalf Of Walden H.
>Leverich
>Sent: Monday, August 27, 2001 1:51 PM
>To: NT 2000 Discussions
>Subject: RE: Mapping drives with different user names (almost)
>
>
>OK, actually I'm partially right. There are two components
>to security,
>right? First the username and second the password. Given two components
>there are 4 possible options for connecting to a server.
>
>1) Same username and same password
>2) Same username different password
>3) Different username and different password
>4) Different username and SAME password
>
>Well, obviously option 1 will work. However, option 4 ALSO works. Even
>though the username is different the password was the same and the
>connection works w/o prompting me for the password. I guess
>W2K just throws
>my password at the foreign server. I've tried this both
>against an AS/400
>and from a W2K Pro machine against a W2K server, works in
>either case.
>
>-Walden
>
>-----Original Message-----
>From: David Strome [mailto:[EMAIL PROTECTED]]
>Sent: Monday, August 27, 2001 12:53 PM
>To: NT 2000 Discussions
>Subject: RE: Mapping drives with different user names (almost)
>
>
>Andrew is correct. I connect to several resources with different
>username/passwords. I have to reenter the passwords each time. It does
>remember the username though.
>
>The 400 may be helping you out somehow. You say it's just being a
>server...well, servers are devices that allow people to access
>data...maybe the method in which the 400 authenticates allows for this
>behavior in some
>way.
>
>However, W2K, by design, does not remember credentials. I would
>consider that a severe security hole.
>
>David.
>
>-----Original Message-----
>From: Walden H. Leverich [mailto:[EMAIL PROTECTED]]
>Sent: Monday, August 27, 2001 6:27 AM
>To: NT 2000 Discussions
>Subject: FW: Mapping drives with different user names (almost)
>
>
>Ooooo! I have the fact that OWA ignores the Reply-To: directive. I
>accidentally took this thread offline w/Andrew. This should catch
>everyone up.
>
>-Walden
>
>---------
>
>I'll confirm this Monday, but I'm sure it happens. I don't
>see how this
>could be a function of the AS/400 since the 400 just acts as an SMB
>server. When you've tried this in the past have you used the same
>user names for the
>resources, or different ones? It prompts if the user names
>are the same, it
>doesn't if they are different.
>
>-Walden
>
>-----Original Message-----
>From: Andrew S. Baker
>To: Walden H. Leverich
>Sent: 8/25/2001 9:40 AM
>Subject: RE: Mapping drives with different user names (almost)
>
>I've never seen this happen when the remote resources are NT/2000
>resources. Upon reboot or subsequent logon, I'm asked for the
>credentials again.
>
>Are you sure this isn't a function of the AS/400? (I've
>never connected to
>AS/400 resources, so I wouldn't know).
>
>
>==============================================================
> ASB - http://www.ultratech-llc.com/KB/?File=~MoreInfo.TXT
>==============================================================
> "The course of true love never did run smooth." -- William
>Shakespeare.
>
>
>>-----Original Message-----
>>From: Walden H. Leverich [mailto:[EMAIL PROTECTED]]
>>Sent: Friday, August 24, 2001 8:31 PM
>>To: 'Andrew S. Baker '
>>Subject: RE: Mapping drives with different user names (almost)
>>
>>
>>Andrew, sorry but that is not true. If I use a _different_
>userid for
>>my AS/400 connection W2K stores the password and reconnects the drive
>>when I log back in w/o prompting me for the password. The problem
>>is when I have
>>the same userid but different passwords. In this case W2K
>>apparently doesn't
>>cache the password and I need a way to force it to.
>>
>>-Walden
>>
>>-----Original Message-----
>>From: Andrew S. Baker
>>To: NT 2000 Discussions
>>Sent: 8/24/2001 7:52 PM
>>Subject: RE: Mapping drives with different user names (almost)
>>
>>This is the standard behavior.
>>
>>NT/2000 never save the password for mapped connections which use
>>separate credentials from your logon credentials.
>>
>>
>>
>>
>>==============================================================
>> ASB - http://www.ultratech-llc.com/KB/?File=~MoreInfo.TXT
>>==============================================================
>> "My night has become a sunny dawn because of you." -- Ibn Abbad.
>>
>>
>>
>>>-----Original Message-----
>>>From: [EMAIL PROTECTED]
>>>[mailto:[EMAIL PROTECTED]]On Behalf Of Walden H.
>>>Leverich
>>>Sent: Friday, August 24, 2001 5:44 PM
>>>To: NT 2000 Discussions
>>>Subject: Mapping drives with different user names (almost)
>>>
>>>
>>>I have an AS/400 that can share it's files as though it was an NT
>>>server (think Samba, but different). Here is the problem: The AS/400
>>>has it's own security database (users and passwords), it not
>>>integrated
>>into NT/2K
>>>security at all. I need to map a drive from my PC to the AS/400.
>>>
>>>If I have different user names on the AS/400 and the PC this is a
>>>piece of cake. I bring up the map drive dialog, fill in
>the drive and
>>>UNC and click
>>>"Connect using a different user name" and I'm all set. I can even log
>>>off and on and W2K will remember my userid and password.
>>>
>>>My problem occurs if I have the same user names on W2K and
>the AS/400
>>>but DIFFERENT passwords. I can connect fine the first time. I click
>>>on "Connect Using..." and enter my userid and the password for the
>>AS/400 and I'm
>>>connected. However, when I signoff and back on I'm
>prompted to enter
>>>my AS/400 password. Best I can figure W2K didn't save my password
>>>because it thinks that 'WaldenL' on the AS/400 and 'WaldenL' on W2K
>>>are the same user
>>>and therefore have the same password. I've tried entering a
>>>blank domain
>>>name '\WaldenL' but that didn't help.
>>>
>>>Does anyone have any idea how to force W2K to use the password I
>>>supply on the connection when reconnecting the drive at logon?
>>>
>>>Thanks,
>>>-Walden
------
You are subscribed as [EMAIL PROTECTED]
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe send a blank email to [EMAIL PROTECTED]
------
You are subscribed as [EMAIL PROTECTED]
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe send a blank email to [EMAIL PROTECTED]
------
You are subscribed as [email protected]
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe send a blank email to [EMAIL PROTECTED]
