Registry Changes not Persistent

S

Shih

We recently upgraded our NT4 DC's to Windows Server 2003 and in the course
of doing so needed to change the following keys to allow NTLM authentication
for some Dell Powervault NAS devices (that don't support SMB Signing). When
I change the values, users can browse and access the NAS devices. After
several hours users start complaining that they cannot access the NAS
devices and I find that the registry changes have reverted back to their
original values.

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\LMCompatibilityLevel

HKEY_LOCAL_MACHINES\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSecuritySignature

HKEY_LOCAL_MACHINES\System\CurrentControlSet\Services\LanManServer\Parametes\RequireSecuritySignature

I make the changes logged on locally as an administrator and have rebooted
the server after making the change. Any idea what gives?

-Shih
 
M

Mark V

In said:
We recently upgraded our NT4 DC's to Windows Server 2003 and in
the course of doing so needed to change the following keys to
allow NTLM authentication for some Dell Powervault NAS devices
(that don't support SMB Signing). When I change the values,
users can browse and access the NAS devices. After several hours
users start complaining that they cannot access the NAS devices
and I find that the registry changes have reverted back to their
original values.

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\LMCompati
bilityLevel

HKEY_LOCAL_MACHINES\System\CurrentControlSet\Services\LanManServe
r\Parameters\EnableSecuritySignature

HKEY_LOCAL_MACHINES\System\CurrentControlSet\Services\LanManServe
r\Parametes\RequireSecuritySignature

I make the changes logged on locally as an administrator and
have rebooted the server after making the change. Any idea what
gives?
Click to expand...

And it is not an existing local security policy or GPO that's set
contrary to what you are doing manually?
 
R

Randy Dalton

Mark said:
In microsoft.public.win2000.registry Shih wrote:




And it is not an existing local security policy or GPO that's set
contrary to what you are doing manually?
Click to expand...
I am not sure. How do I see what local policy maps to a registry entry?
 
M

Mark V

In said:
I am not sure. How do I see what local policy maps to a registry
entry?
Click to expand...

I am sorry. I lost that this was NT4, which does not have (to my
knowledge) secpol.msc. It's been far too long since NT4 here.

But perhaps if you either turn on Auditing for those keys using
regedt32.exe (then Event Viewer Secutity entries) or use a registry
monitoing tool such as regmon.exe (sysinternals), you may detect
the account or process that is Writing to those keys.
 
G

Guest

-----Original Message-----


I am sorry. I lost that this was NT4, which does not have (to my
knowledge) secpol.msc. It's been far too long since NT4 here.

But perhaps if you either turn on Auditing for those keys using
regedt32.exe (then Event Viewer Secutity entries) or use a registry
monitoing tool such as regmon.exe (sysinternals), you may detect
the account or process that is Writing to those keys.

.
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

resetting security permissions not working 2
problems resetting Vista security back to defaults 0
Yet another: The account is not authorized to log in from this station 1
Nasty 1202 Warning and no apparent fix! 2
Event 1202 error 1
What does this winlogon.log message mean?! 1
Turn off SMB Signing? 4
Samba and Windows 2003 server 2

Top