I had one client who could not connect to a samba share giving the error that the credentials where wrong while I was sure they where not.
This happened suddenly on a laptop with Windows 10 while other clients with Windows 10, Windows 7 and Ubuntu etc. all where able to connect.
At first I was suspecting the problem beeing a change in the hash or key for the share - and maybe it really was because Putty was saying so when I tried to SSH into the server.
But I could not find any saved connection to delete with net use.
The solution was to change a setting in secpol.msc which is accessible as administrator via the search even in Windows 10 Home.
I had to set LAN-Manager-Authenticationlevel to just send NTLMv2.
You will find this setting under Security settings -> local -> Security options -> Network Security: LAN-Manager-Authenticationlevel.
(I translated this from German. Feel free to edit with nativ english wording.)
Related
I have Visual Studio 2013 and a pretty basic MVC web application.
When I am connected to my work network (hard wire or VPN) I can open up VS without issue. However when not connected to my work network I get the following error:
---------------------------
Microsoft Visual Studio
---------------------------
Creation of the virtual directory http://localhost:54156/ failed with the error: Unable to access the IIS metabase. You do not have sufficient privilege to access IIS web sites on your machine.
---------------------------
OK
---------------------------
I've tried granting my user rights to IIS via the aspnet_regiis -ga mydomain\myuser and that did not help.
I am certainly running VS as an administrator. It works just fine when connected to the network. Our security and server teams do not seem to understand why this would behave this way.
Is this IIS Express? I (and those I work with) often get a similar error due to the domain login script encrypting My Documents. It's fixed by simply decrypting
Documents\IISExpress\config\applicationhost.config
Not sure if that's the issue here though;
Ultimately I believe this to be an issue between our network policies and the IIS and .NET installs.
When I was off network it could not access the cached user folders. Switching from having the home drives on network to having them local did not fix the issue (assuming some files were still referencing the network location).
I had my system refreshed and started with my user folders as local and have not had the issue since.
I know it's an old question, but at my location the user profile is stored on the network. When I checked to see if the IISExpress application was encrypted as Chad Schouggins suggested, I didn't even have a documents folder. Ultimately, the answer was really simple:
turn the machine off and back on again.
I've just created two Windows VM's in Azure, one 2012 Datacenter and a 2008 R2 SP1 and i am not able to connect via remote desktop to either of them. Both machines are running under the same cloud service and the RDP ports are mapped to two distinct public ports. Every time i try to connect i get the error message "The logon attempt failed".
Using NMAP in a Linux VM i also have there, i was able to check that the port 3389 is OPEN in both machines. Also, the public RDP ports respond correctly (e.g. are open).
I tried to enter using two different Windows 7 client machines, also with no lock. MSTSC version is 6.3.9600.16415, in both machines. I've used both the .rdp file, downloaded from the "Connect" option in the windows azure dashboard and a brand new RDP connection created by me - same result.
I've tried also to upgrade the VM size from small (1 core, 1.5 GBRam) to medium (2 cores, 3.6 GBRam), restart, setup a new clean windows VM, with different credentials... nothing changed, same result.
The really odd thing is that i was able to connect, after several failed attempts, to one of the VM's, the 2012 one, but only one time - after that, no luck, always "The login attempt failed".
What worked for me was changing the RDP login screen to use a different account, and use the "local account" which is the name of the VM and the username, like so:
TheVMName\TheAdminUsername
Where TheVMName is the name of your VM, and TheAdminUserName is the admin user name you used for that machine.
I was able to find/confirm the latter on the Reset Password screen under the SUPPORT + TROUBLESHOOTING section on the left.
Since Windows 10, you need the domain is automatically set to MicrosoftAccount followed by your email address as username. MicrosoftAccount\My#UserName.com
Instead, the username is like UserName.com\My.
This worked for me.
I have no idea why, but the solution is simple (works every time, at least for me): I was copy-pasting the passwords from a KeePass, as i use this to generate and maintain the huge amount of credentials i use one way or another.
SOLUTION: instead of copy-paste, type the password
The drawback is that i have to use simpler passwords for this access
I've tried to login and failed using windows 8.1 Pro to an azure vm. The message I got repeatedly was "Login Attempt Failed". So my specific problem wasn't that i couldn't connect to the machine but that it couldn't authenticate...even though my my Administrator username and password were correct.
The way I logged into the machine was to provide the host name then the username:
Host\Username
My Azure account did not have a domain controller setup.
It was simply looking for it's local host machine name.
This link helped: https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-log-on-windows-server/
May be following can help:
In this screen please select the option "Use a different account":
Further type in "Domain\Username"
TIPS:
- The "Domain" can be found on the "Overview" page for your VM in Azure. It's appearing as:
Public IP Address: [SomeIPValue].
- If you do not remember or have "Username" & "Password".The local admin "Username" & "Password" can be set to get access under:
Azure -> Your VM page -> Support + Troubleshooting -> Reset Password.
I've had a similar problem and it turned out that my password wasn't complex enough.
It was really confusing that Azure Portal even let me create a VM with such a password.
It was resolved by going to the VM page -> Support + Troubleshooting -> Reset Password and specifying a more complex password (both case letters, numbers, special characters and doesn't contain username).
Thanks to Jagjit Singh whose answer pointed me in the right direction. Hope this helps somebody.
I found that, while creating VM, if we put password without any special characters, then it still accepts the password but the login to the VM will fail using that password. It gives an error "The logon attempt failed".
It may work after the "Reset password" option but sometimes it shows "Failed to reset password".
So better to put a proper password.
I know this question is too old, answering for new visitors.
Easy solution would be, you can try to add new user or reset the password from Azure Portal
This will add the user if it does not exist, and you can try logging in with new account.
Issue : "The logon attempt failed". ( Windows azure Machine)
I have tried multiple option didn't help, hence updating this as correct answer , it worked for me .
Solution :- While creating the password/updating for windows azure vm create the password as recommended by Azure with prescribed. Main issue with password .
Steps as below for Issue fix.
Once logged in Azure portal, click on VM windows machine , go to (Support and Troubleshoot)
update the password as recommended by Azure as below
(Password must have 3 of the following: 1 lower case character, 1 upper case character, 1 number, and 1 special character.)
Password :- updated as 13 char which include 1 Capital, Lower Case and Special ,1 number .
Password:- Azureuser#123
After updating the password as Microsoft Suggested it worked for me and able to connect windows machine as below
Able to connect as below
Try about method it should work, if issue please suggest.
We need to have strong password when we create user account for VM ..
It was annoying when I encountered this.I was only succeed when I reset my password step. Issue with portal allows is to create week password while creating VM and validation rules are different while RDP to using week password.Same validation rules applies when we re-setting password.
I have recently spun up a new Ubuntu 12.04 instance in AWS. I had no issues connecting to and opening an SSH terminal to the server. Having connected to the instance, I was able to install the Ubuntu desktop and FreeNX without any problem, as well as enabling password authentication on the server instance.
I downloaded and installed the NX Client for Windows on a PC running Windows 8. After entering the user credentials I can connect to and authenticate into the server. I'm brand new to the Linux world, but at this point everything was going so smoothly I was about ready to throw my Windows licenses to the dogs - good thing I held off on that.
"Problem: At the client, the !M logo window appears, but after a few seconds that window just closes, even without showing any error message."
That problem statement is in quotes because it's precisely the issue described in FreeNX Ubuntu Community support documentation https://help.ubuntu.com/community/FreeNX#Troubleshooting.
So naturally I follow the solution in the guide:
"Solution: The issue is due custom VNC configuration. In the server, access your home directory and run these commands,"
sudo rm .Xauthority*
touch .Xauthority
chmod 600 .Xauthority
Unfortunately, this did absolutely nothing to resolve the issue. The problem would be easier to diagnose if I had an error message, but reference the Problem statement, there is no error message to be had. Several hours of googling yielded nothing, so wondering if anyone here has encountered this problem in the past, and if so, they would be willing to help.
Thanks!
I have some problems regarding WMI scripting on Windows 8. More precisely, remote connection from Win7(not that relevant) to Windows 8. Note that the following issues do not happen when the client machine runs Windows 7.
First one is getting data regarding the current shares on that machine. Specifically, I am trying to get the Path property of the shares, that is local path.
In windows 7 it works perfectly, in windows 8 however it returns null(ran with wbemtest from remote computer).
First I thought that there is a problem with the WMI system. Then I ran the same query directly on the win8 machine. That returned the actual local path of the share. This led me to believe that there are problems with the WMI security on that machine.
Another issue I have with WMI on win8 is that it does not allow me to run things as Administrator, even though the user used to log is is the Administrator.
Regarding the security settings on the win8 machine, I gradually lowered them to try the exact position in which I can operate. I have reached the level where Everyone has every access, so it is the lowest security possible. Hope someone can help.
After a few days of just playing with security around Wmimgmt.msc and dcomcnfg I finally found a way to run wmi as administrator on a remote machine. Although this is not exactly what I did, I found that this works great: I activated the Administrator account: net user administrator /active:yes. Then I entered User accounts and set a password for the Administrator account. I then opened Wmimgmt.msc and set allow on all security for the Root node and cimv2 node. After this Wmi remotely(logged on as administrator) works as a charm
Okay, so I'm running a small test webserver on my private network. I've got a machine running Windows 2000 Pro, and I'm trying to run an ASP.NET app through IIS.
I wrote it so that the webpage would use the registry to store certain settings (connection strings, potentially volatile locations of other web services, paths in the local filesystem where certain information is stored etc...) Of course, it worked fine when testing with VStudio.NET 2005, because the user running the app has elevated privileges. However, running it on IIS I get a "Access to the registry key 'HKEY_LOCAL_MACHINE\Software' is denied.", which suggests the IIS user doesn't have read access to that part of the registry (I only do reads through the website itself, never writes).
I was like "okay, simple enough, I'll just go give that user rights to that part of the registry through regedit." The problem is, I don't see an option anywhere in regedit to change security settings... at all. Which got me thinking... I don't think I've ever actually had to change security settings for registry hives/keys before, and I don't think I know how to do it.
Half an hour of searching the web later, I haven't found any usable information on this subject. What I'm wondering is... how DO you change security rights to portions of the registry? I'm stumped, and it seems my ability to find the answer on Google is failing me utterly... and since I just signed up here, I figured I'd see if anyone here knew. =)
If your having touble with RegEdit in Windows 2000 you can try the following:
Copy the Windows XP RegEdt32.exe to the Windows 2000 Machine
Using a Windows XP Machine, connect to the Windows 2000 registry remotely: File > Connect Network Registry
You can set permissions at the folder level for which you want to grant user permissions read/write access.
In your case, right click on the "Software" folder and select "Permissions".
You'll probably know the rest from there.
EDIT: If you still run into issues, you may want to modify your web.config file and use impersonation to have your web application run as a certain user account. Then you can put a tighter reign on the controls.
RegEdt32.exe will allow you to set permissions to registry keys.
Simply right click on a Key (Folder) and click Permissions, then you can edit the permissions as you would an file system folder.
I did so, assuming that a Security setting would be available. I didn't see any "Security" option when I right-clicked on the Key. =( I triple-checked just to make sure... and I just tried it on my XP machine, and it does indeed have the "Permissions" section... but the Windows 2000 machine doesn't. (how's that for wierd?)
In my searching, I found:
http://www.experts-exchange.com/Programming/Languages/.NET/ASP.NET/Q_21563044.html
Which notes that RegEdit for Windows 2000 doesn't have the Security/Permissions settings... but it proposes no solution to the problem. (Whoever asked the question was using Windows XP so he was okay... but in my case, it's 2000)
Is there any way to make it happen specifically in 2000?
EDIT: Ahhhh... if worse come to worse, I suppose I can do the impersonation as mentioned below... though if I can't set security settings for the registry in 2000, I'm left with making that user have Administrative access (I assume?) to actually get those rights, which sadly defeats the purpose. =(
Oh, let me try that! I didn't realize you could remotely connect to another registry.
(EDIT: I was wrong, it did work... it just took several minutes to respond to my request to change permissions remotely)
The remote connection idea did it! You're good! Thanks so much for your help! I never realized you could remote connect with RegEdit... you learn something new every day, they say! =) Thanks again for your assistance! =)
On another note though, about copying the XP version of RegEdit to Windows 2000... is that safe? I figured they would be coded in such a way as to be incompatible... but I could be assuming too much. =)
Just use RegEdt32.exe instead of Regedit.exe.
Go to the desired key or folder, then open the security menu and click on 'permissions'.