Results 1 to 3 of 3
  1. #1
    Join Date
    May 2002

    Authenticated users not gaining Directory Service Access

    I've posted this on a couple of other boards with no replies so far. If someone knows of a site that would better suit my question, I'd appreciate the referral.

    Every morning for the last couple of weeks I have had
    users unable to access network drives after they log in.
    There is no error on their machine as they log in.

    In reviewing the security log on the DC (Win2k3), I see
    that these users do not have the normal log entry
    for "Directory Service Access", event ID 565. I am
    logging both successes and failures but I get no failures
    for the DS access. Finally, after numerous attempts at
    logging on, the user will gain access to the drives and
    there will be entries in the log for DS access.

    I am unable to figure out why the user is not being
    granted, or due to lack of failure audits even
    requesting, DS access. Can anyone shed light on this?
    [glowpurple]I\'d tell you about my paranoia but I think someone else is listening.[/glowpurple]

  2. #2
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    There is an annoying little issue with Win2k AD that I come across from time to time. You can't map remote drives twice.... Sounds silly but take a look and see that the device isn't being mapped by both a login script and by explorer itself. The second one messes the system up and IIRC there is no Event log entry for the failure. Security wise I can see it as an advantage, netadmin-wise it can be a bugger to work out.....

    Hope that helps....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #3
    Join Date
    May 2002
    I will check that out but I'm not very optimistic. The problem is quite random. Happens to some users some of the time. I can find no pattern in the logs. One thing that seemed to be a possible connection was the user getting their password wrong upon first login attempt and then correcting it. But looking further, it does not seem to be related as a user experienced the problem one day when they used the wrong password and then again the next day when they put the password in correctly.

    Is there a resouce that lays out the process of a Windows XP Pro login to a Windows 2003 server? It seems like a step is being left out?
    [glowpurple]I\'d tell you about my paranoia but I think someone else is listening.[/glowpurple]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts