Thanks Carl , there is a password in the actual script :) I am just starting to try an emulate the problem, the remote site is a clients site so hard to test there
Just though soemoen might say "yep its this!" It is probably a firewall issue, if not a rule issue , then a RPC inspect issue on the firewall On Thu, Nov 10, 2011 at 11:54 AM, Carl Houseman <[email protected]>wrote: > The net use command you exemplified below has no password on the command > line – you do have a password included in the actual script, do you not?** > ** > > ** ** > > Do you get the same logon failures if you run the same logon script from a > non-domain-joined machine on the same LAN as the target server?**** > > ** ** > > Carl**** > > ** ** > > *From:* Dean Cunningham [mailto:[email protected]] > *Sent:* Wednesday, November 09, 2011 5:33 PM > *To:* NT System Admin Issues > *Subject:* Re: Random logon failures over WAN , due to a net use command, > resulting in account lockout**** > > ** ** > > Make that a CISCO firewall**** > > On Thu, Nov 10, 2011 at 10:08 AM, Dean Cunningham < > [email protected]> wrote:**** > > Any straws greatfully accepted **** > > **** > > **** > > Overview**** > > A group of 20 users in a separate domain connect to file resources in > another domain via a 1MB WAN link. The file server (Wk8) is in its own DMZ, > with the domain controllers (Wk3) in separate DMZs. The FMSO role is on a > DC (FMSODC )in one DMZ and there are 2 DCs(DC01,DC02) in another DMZ. The > remote domain are behind a NAT pool so the usual SMB NAT translation > problems are eliminated**** > > The file server generally connects to DC02**** > > There is a logon script for the clients that runs a net use* x*: > \\domain\share / u:\\DOMAIN\Username**** > > ALL users map the drive as that \\DOMAIN\username. The users have a > combination of XP and Windows 7 clients, joined to their own NT Domain (yes > NT SP4)**** > > The problem is that the net use command can create sporadic logon > failures before finally logging in success fully (over the space of 5 – 15 > sec). If multiple users are running the logon script over the same period > (5 – 15 sec) then multiple logon failures will occur, resulting in the > common user account being locked out**** > > The logon failures are shown in the security log on the file server as an > *Audit Failure Event ID 4625***** > > The account lockout is shown in the security log of a domain controller as > a *Success Audit Event ID 644***** > > The firewall between the DCs and the file server (CISCO) allows for > dynamic ports for RPC etc so no static ports setup**** > > Anyone seen this before?**** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
<<image001.gif>>
