Video Screencast Help
Endpoint Management Community Blog

Invalid Password in Deployment Solution

Created: 17 Apr 2007 • Updated: 04 May 2007 • 4 comments
erikw's picture
+5 5 Votes
Login to vote

A day out of the life of a System consultant. Today a customer called me, and he explained to me that his Deployment Solution was not functioning anymore.

First question I asked: Have you done anything on the server?

Answer: No, I only installed the new patches and Microsoft updates.

I got in my car and drove to the customer to see what was happening.

When a client booted into PXE boot and tried to connect to the express share, there was a statement that the password was invalid.

Entering the password gave an invalid disk error, and the machine rebooted.

Looking at the share, the security rights did not reveal the problem.

What happened? Below you will find the answer.

Microsoft has set his/her minds on a higher level of security. So they decided that it was necessary to put a security sign value to enabled.

This only happens on domain controllers. So if your Altiris Deployment Solution is on a domain controller, remember this article.

Go to start, programs and administrative tools.

Click on default domain security settings.

Go to the rule Microsoft network client, Digitally sign communications (always). Set this back to disabled.

Do this also on the default domain controllers security settings.

Reboot your server.

Now it works again.

Reading this article costs you 5 minutes. Today this costs me over 4 hours.

Regards

Erik

Comments 4 CommentsJump to latest comment

mciraco's picture

I have seen this issue occur on member servers as well. The fix is as follows:

- Go to the rule Microsoft network SERVER, Digitally sign communications (always). Set this back to disabled. Reboot the server.

- If you are using a domain account to access the express share, make sure that the password never expires and the length of the password is less than or equal to 8 characters.

+1
Login to vote
erikw's picture

Mciraco,

You have two possible scenarios.

The Deployment Solution is installed on a domain controller, or it is installed on a member server.

On the domain controller you do it on the default domain security.

On the member server you do it on the server security settings.

The server settings may set to always, because the client that gets the failure does not use this.

Regards
Erik

Regards Erik www.DinamiQs.com Dinamiqs is the home of VirtualStorm (www.virtualstorm.org)

*************************************************************
If your issue has been solved, Please mark it as solved
***********

+1
Login to vote
riva11's picture

Interesting article, I have to remember what you described.

Fortunately in my network environment the DC is running in a separate box device and the applications server is separated for the rest of the others.

Thanks
PM

+2
Login to vote
cyberart's picture

I have 2 deployment servers, 6.1 and 6.9.  Both are domain members and the security settings appear to be the same on both.  They are both Windows server 2003.  The DOS based PXE boot on the 6.1 server has been working for several years.  We want to move to 6.9 but get the same invalid password error mentioned above.  Both setups use the username used to run the altiris server.  Both are 11 character usernames with 7 character passwords - no special characters.  Any idea of where else to look for the problem?

Thanks very much.

+1
Login to vote