It's possible the DC needs a reboot for the setting to be effective? Some of this legacy stuff is like that.
I'd get a network trace of the failed communication though as a troubleshooting step and see where it actually fails. Thanks, Brian Desmond [email protected] w - 312.625.1438 | c - 312.731.3132 From: N Parr [mailto:[email protected]] Sent: Thursday, August 11, 2011 11:23 AM To: NT System Admin Issues Subject: NT authentication to 08 DC's So I did my research and found multiple answers that say the same thing. In order for old NT clients to authenticate to 08 DC's you have to change the following. I've done so with no success. Am I missing something else? It's been 6 hours since I made the change so policy should have replicated. Nothing in the security event log on the DC other than and audit success when the computer attempted to validate the credentials for the account. Default Domain Controller GPO: Computer Configuration->Policies->Windows Settings->Security Settings->Local Policies->Security Options Network security: LAN Manager authentication level ----Send LM & NTLM - use NTLMv2 session security if negotiated Computer Configuration->Policies->Administrative Templates->System->Net Logon Allow cryptography algorithms compatible with Windows NT 4.0 ---Enabled Software\Policies\Microsoft\Netlogon\Parameters\AllowNT4Crypto 1 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
