Invalid Password in Deployment Solution
A day out of the life of a System consultant. Today a customer called me, and he explained to me that his Deployment Solution was not functioning anymore.
First question I asked: Have you done anything on the server?
Answer: No, I only installed the new patches and Microsoft updates.
I got in my car and drove to the customer to see what was happening.
When a client booted into PXE boot and tried to connect to the express share, there was a statement that the password was invalid.
Entering the password gave an invalid disk error, and the machine rebooted.
Looking at the share, the security rights did not reveal the problem.
What happened? Below you will find the answer.
Microsoft has set his/her minds on a higher level of security. So they decided that it was necessary to put a security sign value to enabled.
This only happens on domain controllers. So if your Altiris Deployment Solution is on a domain controller, remember this article.
Go to start, programs and administrative tools.
Click on default domain security settings.
Go to the rule Microsoft network client, Digitally sign communications (always). Set this back to disabled.
Do this also on the default domain controllers security settings.
Reboot your server.
Now it works again.
Reading this article costs you 5 minutes. Today this costs me over 4 hours.
Regards
Erik
About Endpoint Management Community Blog
The Endpoint Management Community Blog is the perfect place to share short, timely insights including product tips, news and other information relevant to the Endpoint Management community. Any authenticated Connect member can contribute to this blog.
Comments
Article needs an update
I have seen this issue occur on member servers as well. The fix is as follows:
- Go to the rule Microsoft network SERVER, Digitally sign communications (always). Set this back to disabled. Reboot the server.
- If you are using a domain account to access the express share, make sure that the password never expires and the length of the password is less than or equal to 8 characters.
Two ways to do it
Mciraco,
You have two possible scenarios.
The Deployment Solution is installed on a domain controller, or it is installed on a member server.
On the domain controller you do it on the default domain security.
On the member server you do it on the server security settings.
The server settings may set to always, because the client that gets the failure does not use this.
Regards
Erik
Regards Erik www.DinamiQs.com Dinamiqs is the home of VirtualStorm (www.virtualstorm.org)
*************************************************************
If your issue has been solved, Please mark it as solved
***********
Interesting article, I have
Interesting article, I have to remember what you described.
Fortunately in my network environment the DC is running in a separate box device and the applications server is separated for the rest of the others.
Thanks
PM
invalid password durint PXE DOS boot
I have 2 deployment servers, 6.1 and 6.9. Both are domain members and the security settings appear to be the same on both. They are both Windows server 2003. The DOS based PXE boot on the 6.1 server has been working for several years. We want to move to 6.9 but get the same invalid password error mentioned above. Both setups use the username used to run the altiris server. Both are 11 character usernames with 7 character passwords - no special characters. Any idea of where else to look for the problem?
Thanks very much.
Would you like to reply?
Login or Register to post your comment.