Jump to content
Sign in to follow this  
poundesville

Local Account, DriveMap and its problem

Recommended Posts

poundesville

Hi guys,

The script that i'm writing is to keep an exact replica (like backup style) of certain files from one server to another server.

Both servers are running Windows Server 2003 and in both servers we created a Local Account.

So the big problem i'm having his now I cannot "driveMap" the target server eventhough I put all the all the necessary ingredients. Thus, I tested to use "net use" command and that's where the problem is:

I cannot connect to the \\server2\c$ using the local account from the server2.

The net use command i use is

net use M: \\server2\c$ /user:server2\user_name <password>

I tried to replace the "c$" with the "ipc$" but that didn't work. and the error return is always

System Error 1326 has occured. Logon failure: unknown user name or bad password

I can remote desktop to these server using the local account (once again the local account is part of the admin groups). So I am guessing something is set in the server that does not allow a local account to connect to the Default share (C$) or the IPC$.

How do I set the server to allow the connection?

Thanks a bunch

ps: search google for some explanations and found plenty; but i guess everyone just say it should work but not on my servers

Share this post


Link to post
Share on other sites
zac23

this is batch script for one not autoit but i will help none the less

Can u map to the drive using the windows? like right click mycomputer in start menu/ map network drive..

Autoit dose it useing drivemapadd and you can chose weather it will prompt for the password or not

give that a try and let us know how it goes


Share this post


Link to post
Share on other sites
poundesville

this is batch script for one not autoit but i will help none the less

Can u map to the drive using the windows? like right click mycomputer in start menu/ map network drive..

Autoit dose it useing drivemapadd and you can chose weather it will prompt for the password or not

give that a try and let us know how it goes

Hi,

You're right. This is a batch question but if this work, then I can go back and use the "DriveMapAdd" (which was the main problem I have).

If I use Windows and map network drive (in explorer -> Tools->Map Network drive) and then choose the "connect using different username", it will not work either. A window will appear and prompt me to enter the username and the password again. In this window, i entered

a. domain\username ; e.g. server2\username

b. username@domain ; e.g. username@server2

Neither of them works. I put the DOMAIN as the Server name here since this is a local account.

If I connect using my own Active Directory username (where the server is also located in the same domain); then it works.

So the main problem here is: local account can be use in remote desktop, but can't be used to connect to map the network drive.

Edited by poundesville

Share this post


Link to post
Share on other sites
rudi

Hi.

You propably have an access rights issue.

1st of all use the server you want to run the script from, GUI.

start, run, \\server\<share>, [OK]

What happens? A auth dialog box should pop up. Try the local "Administrator" of the destination system.

If this is fine, try the user you wanna use.

If even "administrator" fails, check at the server you want to connect to:

start, run, CMD.

net share

now you should see all the shares (if there are any)

Now try to

net use localhost <one-of-the-listed-share-names>

regards, Rudi.

<edit: typo>

Edited by rudi

Earth is flat, pigs can fly, and Nuclear Power is SAFE!

Share this post


Link to post
Share on other sites
poundesville

Hi.

You propably have an access rights issue.

1st of all use the server you want to run the script from, GUI.

start, run, \\server\<share>, [OK]

What happens? A auth dialog box should pop up. Try the local "Administrator" of the destination system.

If this is fine, try the user you wanna use.

If even "administrator" fails, check at the server you want to connect to:

start, run, CMD.

net share

now you should see all the shares (if there are any)

Now try to

net use localhost <one-of-the-listed-share-names>

regards, Rudi.

<edit: typo>

Hi Rudi,

Actually this local account is a member of the administrators group in the server2. On top of that my NT Username is also a member of the same group.

The only difference is that my username is member of the my Company Network Domain while the Local Account is only found in the server2.

With that in mind. Let me feedback the test that you've asked

1. \\server2\c$

The result: no windows will ask for any username or password. Simply because my username is used and sent to Server2 for login credentials. I checked this in server2 in the Security Event log

2. in server2 : run NET SHARE

The result: the "default share - C$" and the "remote Admin - IPC$" are found in server2 (the one where I intend to access the share folder)

3. Net use Server2\<one of the local shared folder>

The result: it will work also due to same reason as "1" - that is: my own username is used for credential here in server2. If I tried to use the local account username; it will fail with the error message 1326.

Share this post


Link to post
Share on other sites
poundesville

Ladies & gentlemen,

The problem is answered although it is not solved. I approach the IT person who used to maintain servers for us and when I ask him if local account could access a shared folder. His reply was a cool one-liner "Local account is used only to do stuff locally".

arrrrrgggggh - should have tried the Net Use before starting to write the script..

Now, have to find the workaround... back to the drawing board.

Thank you all for the replies..

Share this post


Link to post
Share on other sites
rudi

Hi.

His reply was a cool one-liner "Local account is used only to do stuff locally".

What a smart and helpful answer!

So try this:

net use \\server\ipc$ /user:Domain\user-on-server-SAM <clear-text-password>

Do clarify a bit:

If a Win WS accesses a server ressource, it will:

1.) try to use the current logon's credetials.

A.) If these are sufficent to access a server ressource this can have two sources:

A.1) your current logon already *IS* based on a AD user account.

A.2) your current logon is based on a local SAM's user account, but there exists a *SEPARATE* user account with the exact same user name and password on the server hosting the service you want to access. (so A.2 basically is an "ABUSE" of the local credetials for a "Shot in the dark, Server side")

B.) If A.) is not fact, you should see

B.1) a prompt asking for password, or a GUI box asking for user/password.

B.2) an error message. That basically means you are even not allowed to "see" the service, or something with you browser list / WINS / Workgroup Names is messed up.

Regards, Rudi.


Earth is flat, pigs can fly, and Nuclear Power is SAFE!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.