|
Posted by =?Utf-8?B?SkQgQmVudG9u?= on November 18, 2005, 11:25 am
If you were Registered and logged in, you could reply and use other advanced thread options
Hello All
I have already posted this in another group but wonder if this might not be
the better place for it.
I have a very strange problem that I am sure someone here is just dieing to
solve for me. At least that is my hope.
Our setup is like this:
1. Windows 2003 domain
2. Many remote users with IBM laptops or Fujisu Stylistic Tablets
3. Checkpoint SecureClient VPN client software
4. RSA Ace server for VPN authentication
5. Scriptlogic 6.5.2 for mapping drives etc
The problem:
We have several users that authenticate to our network through a VPN
connection. These users have Checkpoint SecureClient installed on their
machines and are authenticated to a RSA Ace server in our domain. Once the
user is logged on they run a batch file that maps thier network drives via a
short-cut to the Slogic.bat file in the Netlogon directory of our PDC
Emulator. Now for most people this is not a problem but for some laptop
users and all Fujisu Tablet users the process of trying to run the login
script takes anywhere from 30-60 minutes to complete. What happens to the
people having a problem is this:
1. User runs the short-cut to Slogic.bat
2. After about 7-15 minutes they are prompted for a username and password
3. If they type in their domain user name and password they get prompted
again after about 4-10 more minutes with a message saying "that
authentication has been previously tried and failed".
4. The user can then type in a username and password from a temporary
account I created to help resolve this problem. This account is just a
simple domain user.
5. After several more minutes the logon screen will appear but can take up
to 35-40 to complete
6. When complete, the user checks for their drives but none have mapped.
As you can image, they are not very happy after taking all of this time only
to find out things did not work.
If the same user logs onto the network with the same machine while they are
in the office, everything works very quickly and as it should.
I have looked in the trace file that Scriptlogic creates and this an example
of the error message that I see:
08:44:58 Mapping drive G \Server1\Graphics [SLP00001 1/30]
08:46:02 Error: Unable to map drive: 1265 The system detected a possible
attempt to compromise security. Please ensure that you can contact the server
that authenticated you.
I have been in contact with Scriptlogic and they tell me it is a Windows
authentication issue. I read one post where a person appeared to have a
somewhat similar issue to mine and they apparently resolved it by hard coding
the DNS address to on the user machine to point to the DNS server in the
domain. I gave this a shot but did not have any success. This seems to be
an obvious case of authentication but for the life of me I am stumped.
Hopefully someone out there has run into the same problem that has been
dogging me for several months and is able to lend a hand.
Thank you to all that take the time to read this and especially those that
fire me off some suggestions.
JD Benton
| 
XML site map