Working with shared folders on Windows Server 2008 operating system server, there could be some problems:
The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you.
To work around this problem, make sure that client computers use the cryptography algorithms that are compatible with Windows Server 2008. You may have to request software updates from the product vendors.
If you cannot install software updates because a service outage will occur, follow these steps:
1. Log on to a Windows Server 2008-based domain controller.
2. Click Start, click Run, type gpmc.msc, and then click OK.
3. In the Group Policy Management console, expand Forest: DomainName, expand DomainName, expand Domain Controllers, right-click Default Domain Controllers Policy, and then click Edit.
4. In the Group Policy Management Editor console, expand Computer Configuration, expand Policies, expand Administrative Templates, expand System, click Net Logon, and then double-click Allow cryptography algorithms compatible with Windows NT 4.0.
5. In the Properties dialog box, click the Enabled option, and then click OK.
Notes
o By default, the Not Configured option is set for the Allow cryptography algorithms compatible with Windows NT 4.0 policy in the following Group Policy objects (GPO):
§ Default Domain Policy
§ Default Domain Controllers Policy
§ Local Computer Policy
By default, the behavior for the Allow cryptography algorithms compatible with Windows NT 4.0 policy on Windows Server 2008-based domain controllers is to programmatically prevent connections from using cryptography algorithms that are used in Windows NT 4.0. Therefore, tools that enumerate effective policy settings on a member computer or on a domain controller will not detect the Allow cryptography algorithms compatible with Windows NT 4.0 policy unless you explicitly enable or disable the policy.
o Windows 2000 Server-based domain controllers and Windows Server 2003-based domain controllers do not have the Allow cryptography algorithms compatible with Windows NT 4.0 policy. Therefore, pre-Windows Server 2008-based domain controllers accept security channel requests from client computers even if the client computers use the old cryptography algorithms that are used in Windows NT 4.0. If security channel requests are intermittently processed by Windows Server 2008-based domain controllers, you will experience inconsistent results.
6. Install third-party software updates that fix the problem, or remove client computers that use incompatible cryptography algorithms.
7. Repeat steps 1 through 4.
8. In the Properties dialog box, click the Disabled option, and then click OK.
Important For security reasons, you should set the option for this policy back to Disabled.
No comments:
Post a Comment