theniteowl
Programmer
We have application servers that are logged in under a local account so that the app vendor can remote connect to the box without having direct access inside our domain.
The application requires access to shared drives on other domain servers so there are a number of drives mapped using a domain ID and password.
With the upgrade to Windows 2003 server with SP1 and now SP2 Windows will no longer cache the credentials for the drive mappings that use an account other than the current logon account.
The drives that are a problem are ones connected to SAN space on another Windows server. When we first boot the server all the mappings establish themselves except for the 4 going to the SAN space. Those show as disconnected until you click on one and then it prompts for the ID/Password. This happens of course because the account info is not cached on the local server.
Sometimes the drives will disconnect again due only to an inactivity timeout and clicking on the drive again automatically re-connects. Other times the drives will not re-connect and we have to delete and re-create the mapping which forces a new request for authentication.
My theory is that the SAN server creates a time limited connection after it is authenticated. Once that time period expires it requires the credentials to be passed again which cannot happen since the app server does not have them cached. I do not know if this time limit is 24 hours, 48 hours, a week, etc.
We have 10 mappings on each server. Only the 4 mappings going to the SAN server have this issue. The app server is not caching the credentials locally (wonderful new security feature of Win2003). The other servers are a mix of Unix and Windows 2000 servers. Since the app server does not cache the credentials but those other server mappings do not fail then it stands to reason that there is a setting on the SAN server that forces re-authentication after some length of time and the other servers do not force the re-authentication.
I do not have access to the SAN server to look up any possible settings and the support folks for that server just stare at us blankly and say it is not a problem on their end.
Can anyone confirm this type of setting, tell me what the possible options are and what terminology would be accurate so that I can make a good case to push the issue with the SAN server support?
The problem is not with the timeout setting that disconnects inactive connections to decrease network traffic. That is at the typical 15 minutes and as soon as the resource is accessed again the connection goes live. It is some other setting on the SAN server that establishes a time frame for a specifically identified machine to connect for a fixed length of time before requiring fresh authentication.
Anyone?
Thanks.
At my age I still learn something new every day, but I forget two others.
The application requires access to shared drives on other domain servers so there are a number of drives mapped using a domain ID and password.
With the upgrade to Windows 2003 server with SP1 and now SP2 Windows will no longer cache the credentials for the drive mappings that use an account other than the current logon account.
The drives that are a problem are ones connected to SAN space on another Windows server. When we first boot the server all the mappings establish themselves except for the 4 going to the SAN space. Those show as disconnected until you click on one and then it prompts for the ID/Password. This happens of course because the account info is not cached on the local server.
Sometimes the drives will disconnect again due only to an inactivity timeout and clicking on the drive again automatically re-connects. Other times the drives will not re-connect and we have to delete and re-create the mapping which forces a new request for authentication.
My theory is that the SAN server creates a time limited connection after it is authenticated. Once that time period expires it requires the credentials to be passed again which cannot happen since the app server does not have them cached. I do not know if this time limit is 24 hours, 48 hours, a week, etc.
We have 10 mappings on each server. Only the 4 mappings going to the SAN server have this issue. The app server is not caching the credentials locally (wonderful new security feature of Win2003). The other servers are a mix of Unix and Windows 2000 servers. Since the app server does not cache the credentials but those other server mappings do not fail then it stands to reason that there is a setting on the SAN server that forces re-authentication after some length of time and the other servers do not force the re-authentication.
I do not have access to the SAN server to look up any possible settings and the support folks for that server just stare at us blankly and say it is not a problem on their end.
Can anyone confirm this type of setting, tell me what the possible options are and what terminology would be accurate so that I can make a good case to push the issue with the SAN server support?
The problem is not with the timeout setting that disconnects inactive connections to decrease network traffic. That is at the typical 15 minutes and as soon as the resource is accessed again the connection goes live. It is some other setting on the SAN server that establishes a time frame for a specifically identified machine to connect for a fixed length of time before requiring fresh authentication.
Anyone?
Thanks.
At my age I still learn something new every day, but I forget two others.
