Ok, this is an odd one and hard to explain so bear with me.
We have several users that are in workgroups and other domains that need access to our exchange server. They've been using Outlook and just have to type in a valid username, domain, and password. It had been working fine. All until one day we decided to patch our exchange server (win2k) with the latest security patches. When the exchange server was rebooted, the users in workgroups could no longer get email. After looking through the logs it was discovered that the clients were passing the local user and machine information instead of the domain information typed into outlook. Well, obviously, we thought we had a problem with the patches. Once we removed all of them and reinstalled SP4, it started working again. Of course, now we had a production exchange server with absolutely no security holes filled in. Everytime we tried to install security patches and reboot, it would stop working again. Well, at this point, I thought I had a bad Exchange server, corrupt registry or something. I built a temporary pdc and built a new exchange server in a offline network. I patched it with the latest security patches and tested it with a machine that was in a workgroup. Outlook worked. So I swapped exchange servers. I tested with a machine in a workgroup, DID NOT WORK!! AHHHH! Anyways, I decided to go to extremes and powered off the PDC...rebooted exchange and it machines in a workgroup started working again. Ok, bad PDC...so I promoted the BDC, turned off the old pdc, and tested with a machine in a workgroup, still worked. I then built a new BDC, brought it online, got WINS set up, all that stuff. Tested with a workgroup machine, DID NOT WORK AGAIN!! I powered off the new BDC and it started working again.
I've left the BDC off so that people can work. I'm pretty confused on what this could be. I'm pretty sure the problem does lie in our domain controllers but I'm not sure where to look. I don't see any errors in the logs that really point me in the right direction. Here is some more info:
(the old pdc is not listed, the promoted pdc now has the ip address of the old pdc)
PDC
192.168.1.2
WINS
DHCP
BDC (local) (turned off for now)
192.168.70.3
WINS
BDC (remote)
192.168.250.2
WINS
WINS on the bdc's push/pull to the pdc
Exchange
192.168.1.18
Everything pings everything else ok, no other problems that I'm aware of. We do not use any lmhost or host files.
Here is what the Exchange server logs say when someone logs in with a machine in a workgroup, when everything is working properly:
Successful Network Logon:
User Name: temp
Domain: DOMAIN
Logon ID: (0x0,0x44B2F)
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: temppc
Here is what the Exchange server logs when someone tries to log into Outlook with a machine in a workgroup. As you can see, it reports back the login for the machine, rather than the login for Outlook:
The logon to account: administrator
by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
from workstation: temppc
failed. The error code was: 3221225572
Logon Failure:
Reason: Unknown user name or bad password
User Name: administrator
Domain:
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: temppc
Well, if you've read this far down, I appreciate you taking the time to understand my problem (and it's a doozy) I also, do appreciate suggestions, ideas, and solutions to this. If you have any questions about my setup, please don't hesitate to ask. Thanks for the help!
We have several users that are in workgroups and other domains that need access to our exchange server. They've been using Outlook and just have to type in a valid username, domain, and password. It had been working fine. All until one day we decided to patch our exchange server (win2k) with the latest security patches. When the exchange server was rebooted, the users in workgroups could no longer get email. After looking through the logs it was discovered that the clients were passing the local user and machine information instead of the domain information typed into outlook. Well, obviously, we thought we had a problem with the patches. Once we removed all of them and reinstalled SP4, it started working again. Of course, now we had a production exchange server with absolutely no security holes filled in. Everytime we tried to install security patches and reboot, it would stop working again. Well, at this point, I thought I had a bad Exchange server, corrupt registry or something. I built a temporary pdc and built a new exchange server in a offline network. I patched it with the latest security patches and tested it with a machine that was in a workgroup. Outlook worked. So I swapped exchange servers. I tested with a machine in a workgroup, DID NOT WORK!! AHHHH! Anyways, I decided to go to extremes and powered off the PDC...rebooted exchange and it machines in a workgroup started working again. Ok, bad PDC...so I promoted the BDC, turned off the old pdc, and tested with a machine in a workgroup, still worked. I then built a new BDC, brought it online, got WINS set up, all that stuff. Tested with a workgroup machine, DID NOT WORK AGAIN!! I powered off the new BDC and it started working again.
I've left the BDC off so that people can work. I'm pretty confused on what this could be. I'm pretty sure the problem does lie in our domain controllers but I'm not sure where to look. I don't see any errors in the logs that really point me in the right direction. Here is some more info:
(the old pdc is not listed, the promoted pdc now has the ip address of the old pdc)
PDC
192.168.1.2
WINS
DHCP
BDC (local) (turned off for now)
192.168.70.3
WINS
BDC (remote)
192.168.250.2
WINS
WINS on the bdc's push/pull to the pdc
Exchange
192.168.1.18
Everything pings everything else ok, no other problems that I'm aware of. We do not use any lmhost or host files.
Here is what the Exchange server logs say when someone logs in with a machine in a workgroup, when everything is working properly:
Successful Network Logon:
User Name: temp
Domain: DOMAIN
Logon ID: (0x0,0x44B2F)
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: temppc
Here is what the Exchange server logs when someone tries to log into Outlook with a machine in a workgroup. As you can see, it reports back the login for the machine, rather than the login for Outlook:
The logon to account: administrator
by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
from workstation: temppc
failed. The error code was: 3221225572
Logon Failure:
Reason: Unknown user name or bad password
User Name: administrator
Domain:
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: temppc
Well, if you've read this far down, I appreciate you taking the time to understand my problem (and it's a doozy) I also, do appreciate suggestions, ideas, and solutions to this. If you have any questions about my setup, please don't hesitate to ask. Thanks for the help!
