Server 2008 R2 & Domain Trusts - Attempt to Compromise Security

windows-server-2008-r2 network-share
5,202

Fixed. This was a DNS problem, there were some rogue entries for the old Domain Controller that DC Promo obviously did not remove.

After removing all of those, the message went away and we could browse shares as normal.

Share:
5,202

Related videos on Youtube

SnAzBaZ
Author by

SnAzBaZ

Updated on September 17, 2022

Comments

  • SnAzBaZ
    SnAzBaZ almost 2 years

    We have two separate Active Directory domains; EUROPE and US. There is a two way trust between the domains / forests. I have a group of users called "USA Staff" that have access to certain shares on servers in the EUROPE domain and a group called "EUROPE Staff" which have access to shares in the USA domain.

    Recently the USA PDC was upgraded to Windows Server 2008 R2. Now when I try to access a share on a USA server from a Windows 7 workstation in the EUROPE domain I get the "Please enter your username / password" dialog box appear, with a message at the bottom:

    "The system has detected a possible attempt to compromise security."

    When I enter a username / password for a user in the USA domain, I can then access the network resource. Entering credentials for a EUROPE user however does not give me access, even though my NTFS and Share permissions are set to allow that.

    Windows Server 2003 / Windows Server 2008 did not have this problem, it seems to be unique to R2.

    I found KB938457 and opened up port 88 on the Server 2008 R2 firewall but it did not make any difference.

    Any other suggestions as to what to turn off in R2 to get this working again ?

    Thanks

    • Admin
      Admin over 11 years
      i am just runnin into exactly the same problem as you did. Can you remember what DNS entries you removed? Or is there a log somewhere? Thanks for snwering Paddy
    • SnAzBaZ
      SnAzBaZ over 11 years
      Hmm! Cannot remember too much about this as it was 2 years ago! I think they were quite obvious when I looked. DNS links to the old server etc. I compared what I had for other PDC's and deleted what didnt appear to be required, making a note of the entries in case I had to add them back in again. Sorry I cannot be more specific, but take a good look through your DNS Zone for anything that looks to be related to the old server.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Create printer localport from a network printer in windows 7
How to allow simple file sharing on Windows Server 2008R2 through VPN
How to enable authenticated access to Windows NFS shares from Solaris 5.10?
Unable to rename/move files/directories in Windows 2008r2 due to 'in use' state
Windows Server 2008 R2 can't connect to shares using FQHN or IP - System Error 64
Sharing with Windows File Services in 2008R2
Very slow network copy from windows 7 to windows 2008 r2 server
Browse mapped network drives when connected over VPN
Contents of network share is not up to date or current on Windows 2008R2 terminal server
How to prevent non-domain computers from accessing the domain share resources?