Networking Forums
Home Register Members Search Links
Member Login:

Networking Forums > Computer Networking > Windows Networking > URGENT: Why the impersonation work in one case and not the other?

Reply
Thread Tools Display Modes

URGENT: Why the impersonation work in one case and not the other?

 
 
=?Utf-8?B?Q3liZXJEaWdnZXI=?=
Guest
Posts: n/a

 
      01-07-2005, 04:25 AM
I have two computers, client and server. The client is running Windows 2000
Professional and is in a workgroup, say "MyWorkgroup". The server is running
Windows Server 2003 Standard Edition and is in a domain, say "MyDomain".
What I need is to logon to the client as some generic local administrator
user and then access resources (e.g. share folder, SQL Server using Windows
Authentication, etc.) on the server.

Here is what I did:
I create another local administrator user (user A) with on the client with
the same username and password as a domain user (user B) on the server. I
then access resources on the server by first logging on to the client as the
generic administrator user and then impersonating to user A and use user A's
credentials to access the server. I have two sets of such systems in two
environments. This works fine in one environment, but not the other. In the
environment that works fine, when accessing the server, user A is
automatically viewed as the domain user B. In the environment that fails,
user A is not recognized as a domain user on the server, i.e. it's not
automatically mapped to user B.

There're only 2 differences between the two environments:
Environemnt 1: Server is domain controller. There's no firewall between the
server and the client.
Environment 2: Server is a member server of a domain, the domain controller
is another computer residing somewhere else. There's a firewall between the
server and the client.

I don't think the problem is with the firewall, because I can get to the
server from the client successfully (I can ping), and I also did see the
logon request coming over to the server from the client. It's just that the
logon request fails (in environemnt) 2 because the client user (user A) is
not mapped to the domain user (user B). In the EventViewer (I have auditing
on), it reports logon failure because user doesn't exist (error code
0xC0000064).

Any idea on why it fails in environemnt 2? Also any idea on how to tell the
Windows server to look for the username in the server's domain rather than
just looking for it in the local user list on the server? That username is a
domain user on the server, not a local user.

Thank you very much.
 
Reply With Quote
 
 
 
Reply

« Upgraded from nt4 to 2003... domain name question | Event ID1058 & Event ID1030 errors in the application log!!! »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Will broadband work in this case? dw Broadband 8 04-28-2006 11:00 PM
Server share permissions work in one case but not another I__Alone@hotmail.com Windows Networking 1 12-21-2005 11:44 AM
How pointers work in this case? kernel.lover Linux Networking 1 01-30-2005 05:31 PM
Cannot access SBS clients from server, Please Help! Urgent! Urgent! Urgent! novice Windows Networking 1 04-06-2004 12:46 PM
URGENT: can't get WEP to work with DWL-800AP+ Phil Wireless Internet 1 11-29-2003 10:11 PM


Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11