Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Stop Vista trying to use certificate for mapped netwrok drives 1

Status
Not open for further replies.

1DMF

Programmer
Jan 18, 2005
8,795
GB
Hi,

I have a remote user I have set up with VPN access and a user certificate for the VPN SSL connection.

All is grand. However, when they try to mapp the network drives a certificate popup appears asking you to select a certificate for connection to the mapped network drives?

How do i stop this so it works by asking for a username and password to be entered for the mapped netwrok drive access.

It works fine on XP, Windows 7 and other Vista machines, it's just this one, where it refuses to let me supply user credentials and only wants to use a certificate that isn't valid for the mapped drive connections?

why is it doing this and how do I stop it.

Thanks,
1DMF.

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

Google Rank Extractor -> Perl beta with FusionCharts
 
Nope, I found two threads at the bottom asking the same question about certificate popup when mapping network drives.

Neither has had a reply to it!

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

Google Rank Extractor -> Perl beta with FusionCharts
 
I can't really help you further but I'll leave you with this.

Certificate Support and Resulting Internet Communication in Windows Vista


Trusted root certificates that are required by Windows Server 2008, by Windows Vista, by Windows Server 2003, by Windows XP, and by Windows 2000




You could also check in the Server and VPN Forums.

Virtual Private Networks (VPN)

Microsoft: Windows Server 2008
 
you could take a look at the registry setting of each mapped drive that is causing the problem and compare it with the registry setting of a working computer...

Registry Key:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\


also check the Local Security Policies...


how are the mapped drives applied, e.g. with the NET USE command or with through the CONNECT DRIVE Wizard?

take a gander on how to use NET USE:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\


Ben
"If it works don't fix it! If it doesn't use a sledgehammer..."
How to ask a question, when posting them to a professional forum.
Only ask questions with yes/no answers if you want "yes" or "no"
 
Hey Ben, they are mapped via a batch file I have written using the 'net use' dos command.

I'll have a gander through the registry and see what I can find, but the user is close to throwing his laptop away and getting a new one.

After all it is a Pentium and has Vista - YUK!

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

Google Rank Extractor -> Perl beta with FusionCharts
 
darn it, I just now noticed that the LINK I wanted to post is gone missing (I forgot to COPY) and pasted the last thing I copied again... this is what happens with lack of sleep...

Vista has been known to cause problems in the past...

probably the user would be happier with a newer model and W7, and I would go down that route, and just forget VISTA altogether...

I found this little tidbit:
How Authentication Works for Net Use Command

When you use the NET USE command to connect to a share on a server in a domain, the following authentication process verifications take place:
=> If the client's user name is in the domain's UAS account database, the passwords are compared. If the passwords match, access is allowed to the share. If the passwords do not match, an access denied message is returned.

The behavior allows for backward compatibility with Windows for Workgroups and other clients. These clients do not pass the domain name to the Server.
=> If the client's user name does not match a user name in the domain's UAS, the domain controller checks to see if the client's domain is listed in its trust list. If the client's domain name is on the target domain's trust list, the domain controller communicates with the other domain to see if the client's user account and password are valid. If so, access is allowed to the share. If not, an access denied message is returned.
source: Net Use Command

you may also wish to try the use of BASIC AUTHENTICATION on the client side see: and scroll down to Windows Vista...

besides that, I have not dealt with that issue at all, and it may just be as simple as updating the ROOT CERTS on the CLIENT...

Ben
"If it works don't fix it! If it doesn't use a sledgehammer..."
How to ask a question, when posting them to a professional forum.
Only ask questions with yes/no answers if you want "yes" or "no"
 
Hey Ben,

Forcing basic authentication with dword value 2 seemed to do the trick.

It was on value 1.

Thanks for the help, much appreciated.

1DMF.

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

MIME::Lite TLS Email Encryption - Perl v0.02 beta
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top