Windows 7 64bit and Server 2000

Hunter1958

Junior Member
Aug 8, 2005
13
0
0
Hello; I work at a computer repair shop. I’m using Windows Server 2000 with shared drives to backup user data and store software. When I try to connect to the server from Windows 7 64bit, it ask for a domain user name and password. I can not login to be able to install software or transfer data. Any help would be greatly appreciated.

Thank you,
 

Arkaign

Lifer
Oct 27, 2006
20,736
1,379
126
I mean absolutely no disrespect in saying this, but if you have to ask that question regarding a Microsoft Server OS, this is probably a poor solution for you.

A much, much better solution for you is to buy a cheap gbit nas enclosure, and toss a 1tb or whatever sata drive in it. Grab a cheap gbit switch if you need to. Speeds will be pretty decent over 100mb connections (most computers 2 years old and older), and really good on any pc with a gbit lan port.

Very easy to access and set up as well, you just configure them by connecting to them like you do a router : by browsing to the ip in a web browser.
 

Hunter1958

Junior Member
Aug 8, 2005
13
0
0
All right then! So I have system that has work just fine until Windows 7 64bit. I can login with any OS, but a 64bit Windows 7. Now I need to throw that out and go spend a bunch of money on a new system. I quest that I am just not as smart a$$ as you.
 

Arkaign

Lifer
Oct 27, 2006
20,736
1,379
126
First, a basic nas for storage/backup is hardly a 'bunch of money'. Any reputable computer repair shop should be able to afford such a device. Win2k Server is incredibly old, we're talking the days of pata hard drives and sdram. I can't imagine it is very useful to you now ~11 years on.

For the login, does it not accept the domain admin credentials? If you're just doing basic unprotected file sharing, why run 2k server at all?

Anyway, as I said in the first line of my reply, I'm not trying to be offensive, but this is a bizarre question related to a somewhat bizarre situation.
 

theevilsharpie

Platinum Member
Nov 2, 2009
2,322
14
81
Windows 7 is probably attempting to use a version of NTLM that Windows 2000 doesn't enable out of the box, and authentication is failing as a result.

Check the LAN Manager authentication level on your Windows 2000 box, and set it to the highest version of NTLM that it supports.
 

sourceninja

Diamond Member
Mar 8, 2005
8,805
65
91
Windows 7 is probably attempting to use a version of NTLM that Windows 2000 doesn't enable out of the box, and authentication is failing as a result.

Check the LAN Manager authentication level on your Windows 2000 box, and set it to the highest version of NTLM that it supports.

Yup

Although honestly, I'd either upgrade windows 2000, or replace it with something free and open source like freenas/openflier/NexentaStor.
 

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0
All right then! So I have system that has work just fine until Windows 7 64bit. I can login with any OS, but a 64bit Windows 7. Now I need to throw that out and go spend a bunch of money on a new system. I quest that I am just not as smart a$$ as you.

Yes, paying MS to stay on the upgrade treadmill is part of using MS' software. That's just how it is and you've gotten almost a decade out of that software, don't you think it would be a good idea to move on to something supported?

If you don't want to pay MS look at the free alternatives. Hell, you can install Linux on the same hardware for free and keep using all of it and have a supported, updated OS.
 

Arkaign

Lifer
Oct 27, 2006
20,736
1,379
126
Yes, paying MS to stay on the upgrade treadmill is part of using MS' software. That's just how it is and you've gotten almost a decade out of that software, don't you think it would be a good idea to move on to something supported?

If you don't want to pay MS look at the free alternatives. Hell, you can install Linux on the same hardware for free and keep using all of it and have a supported, updated OS.

Huge thumbs up!

Btw, freeNAS is a way to build out a cheap box to deal with backups/storage/etc. It's fast and incredibly light.

Imho, running a Microsoft domain-environment server OS for the simple act of backups/data storage is kind of odd considering the environment. Particularly an extremely old OS like 2k.
 

imagoon

Diamond Member
Feb 19, 2003
5,199
0
0
Windows 7 is probably attempting to use a version of NTLM that Windows 2000 doesn't enable out of the box, and authentication is failing as a result.

Check the LAN Manager authentication level on your Windows 2000 box, and set it to the highest version of NTLM that it supports.

I would personally guess the reverse actually. 7 disabled some the older NTLM out of the box (and kerberos actually). You need to enable it on Windows 7. I know on 2k3 server there were patches that updated it to handle 2008 / 7 but I have no idea if 2k had those same patches. If you dumb down 7 to the same level that Samba uses by default it should connect to 2k also.

Also without knowing what the server is being used for, no one here can make a good replace recommendation on what you should do. Linux will get thrown out as "better because it is free" but it will really depend on your needs. Your mileage will vary. FreeNAS generally works well but I have had issues with it where I could nearly "bomb it on command" using the iSCSI targets and ESXi. Again your needs will define it better.
 

spikespiegal

Golden Member
Oct 10, 2005
1,219
9
76
NTLM is the issue here, and I encounter it rather frequently given Win2K is so prolific. Hell, I still support NT4 boxes running proprietray software, and those are a real joy to migrate data from.

I've also had limited success in changing the level of NTLM authentication either way. Connecting a standalone Server 2008 box for instance to an existing Win2K domain is often next to impossible in this context.

Nothinman made a good point on this, and one I agree with. If anything, it's a subtle attempt by MS to force upgrades, often when they aren't needed because NTLM wasn't really brok to begin with. Win2K might be old, but if anybody wants to benchmark it with 512meg of RAM on a P3 700 with half a dozen Terminal Server accounts connected compared to Server 2008 on the same hardware be my guest.

I would strongly suggest looking at some of the 'Samba optimized' Linux distros for file moving. Win2K ain't the problem, it's MS.
 

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0
NTLM is the issue here, and I encounter it rather frequently given Win2K is so prolific. Hell, I still support NT4 boxes running proprietray software, and those are a real joy to migrate data from.

I've also had limited success in changing the level of NTLM authentication either way. Connecting a standalone Server 2008 box for instance to an existing Win2K domain is often next to impossible in this context.

Nothinman made a good point on this, and one I agree with. If anything, it's a subtle attempt by MS to force upgrades, often when they aren't needed because NTLM wasn't really brok to begin with. Win2K might be old, but if anybody wants to benchmark it with 512meg of RAM on a P3 700 with half a dozen Terminal Server accounts connected compared to Server 2008 on the same hardware be my guest.

I would strongly suggest looking at some of the 'Samba optimized' Linux distros for file moving. Win2K ain't the problem, it's MS.

NTLM certainly did have issues that were fixed in later versions and disabling support for those old, broken versions of the protocol by default is just good sense. Yes, MS is trying to sell software since that's their business, but there are real, technical reasons behind this particular issue.

Dropping NetBIOS support, newer versions of SMB, etc are also very valid things MS has done to improve their products. Some of the stuff could've been backported to Win2K and earlier I'm sure, but where is the line drawn? Should they be putting out patches to make NT 3.1 be able to join a Win2K8 domain?
 

spikespiegal

Golden Member
Oct 10, 2005
1,219
9
76
Some of the stuff could've been backported to Win2K and earlier I'm sure, but where is the line drawn?

The 'line' should be drawn via technical and customer need, not determined by the legal/marketing division of MS where so many currently are, and that's my point. MS has backed off the pressure to kill Server 2003 realizing how much is broke on 2008, but if they had their way Server 2008 would only talk to Server 2008.

I'm not entirely disagreeing with you, and I'm only one of a million system admins that get sick of supporting legacy platforms in AD and having to make allowances for them. NT4 in a Win2K domain was bad enough. Oops....GPO's configured with Server 2008 or Win 7 aren't applying to XP boxes.

However, the flip side is that Microsoft has made it clear they want every business with more than two computers to either be running SBS and AD, and/or their own Exchange Server, ISA Server, blah, blah, blah. Net result of this is simple networking on Windows is gimped and Microsoft hasn't got this to work reliably since effing NetBEUI.

In a nutshell, if you aren't running AD, you're screwed, and not every Windows based computer in a professional environment should be AD centric. NTLM is irrelevant in a workgroup environment anyways, and once a box gets compromised it's equally so. At least MS got smart and stopped with default Admin$ shares all over the place.

Another suggestion for the OP is to install a basic third party FTP server on the Win2K box and by-pass all the MS junk anyways.
 

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0
spikespiegal said:
In a nutshell, if you aren't running AD, you're screwed, and not every Windows based computer in a professional environment should be AD centric.

I would disagree. If you can afford a Windows server you have the ability to setup AD which isn't complicated and the benefits far outweigh the little bit of work required. If you just need a file/print server then use something else, there's a ton of non-Windows options for that.
 

imagoon

Diamond Member
Feb 19, 2003
5,199
0
0
The 'line' should be drawn via technical and customer need, not determined by the legal/marketing division of MS where so many currently are, and that's my point. MS has backed off the pressure to kill Server 2003 realizing how much is broke on 2008, but if they had their way Server 2008 would only talk to Server 2008.

I'm not entirely disagreeing with you, and I'm only one of a million system admins that get sick of supporting legacy platforms in AD and having to make allowances for them. NT4 in a Win2K domain was bad enough. Oops....GPO's configured with Server 2008 or Win 7 aren't applying to XP boxes.

However, the flip side is that Microsoft has made it clear they want every business with more than two computers to either be running SBS and AD, and/or their own Exchange Server, ISA Server, blah, blah, blah. Net result of this is simple networking on Windows is gimped and Microsoft hasn't got this to work reliably since effing NetBEUI.

In a nutshell, if you aren't running AD, you're screwed, and not every Windows based computer in a professional environment should be AD centric. NTLM is irrelevant in a workgroup environment anyways, and once a box gets compromised it's equally so. At least MS got smart and stopped with default Admin$ shares all over the place.

Another suggestion for the OP is to install a basic third party FTP server on the Win2K box and by-pass all the MS junk anyways.

Just to post a counter point:
My 2003 servers (they were AD servers at one point also) participate in my 2008R2 network without issue. Actually I have not found a single issue so far that could be attributed to "2003 / 2008 won't talk to each other" Actually things like DFS, DFS-R, AD based DNS zones, DHCP etc all worked with out a complaint.

I have been using "2008" style GPO on 2003 / XP / 7 for about 18 months prior to moving the servers to 2008R2. Roll out the XP / 2003 Group policy extensions. This is an example actually what people always say MS "never does." The patched XP and 2003 to handle the new GPO style. You can even roll it out via WSUS which is also free. There is no excuse that even the smallest company should not have a WSUS server available. You can stick in on a machine with 512mb of ram and 60GB of disk even.

Microsoft has tried to improve the home experience. Look up Homegroup. The issue is people will not give up on XP. (As a side comment, in my home network, my XP boxes that live on old junk machines that I really should replace... connect and stream from the 7 boxes with out an issue. Biggest thing I see is a 30 second delay from XP > 7 when it first asks for credentials.)

When it comes to business, AD is by far superior to a workgroup. I would rather spend the $300 and pick an SBS box license than deal with the password and performance issues that appear when everyone is on a workgroup. I have tried to support 50 person peer to peer networks. It is not good, does not work well and made me waste more time running around fixing issues causes be "suzy in accounting" changing her password that now doesn't match the server(s).

Also NTLM is used in workgroups. When is asks for a password, it uses NTLM to authenticate. Don't confuse things like the NTLM integrated authentication engine in Samba (which is used to do domain authentication) with the local NTLM authentication it does.

The line by the way was drawn by consumer need. I need features that are in 2008 vs say 2003 / 2000 and NT4. I am sure if enough people banded together and offered to send MS $$$ every year to keep supporting 2003, they would be happy to do it.

Also many of these points have similar points on the Linux side. I remember when people "wouldn't let them tear the 2.2.x kernel out of their cold dead hands" same with 2.4 > 2.6 etc. When the 'free' software world is also passing you by, you may want to review your IT goals.
 
Last edited:

Lorne

Senior member
Feb 5, 2001
873
1
76
Does the sever set up with user and password?.
We still have a server 2000 machine going, The only problems we ever ran into with all our new Win7/64 Are trying to connect to any machines not set up for password loggin.
A user account was needed but the password wasnt unless the destination had one, We just set them up all the same.
 

Hunter1958

Junior Member
Aug 8, 2005
13
0
0
Thanks to everyone for there help. I found a fix for my problem. Here is the information;

You may have devices on your network that you can no longer connect (Vista/Windows 7) to or you may not be able to network to Windows XP (for whatever reason, this works). Actually this changes settings to accept NTLMv1 and NTLMv2 so that you can connect to Samba Servers, Snap Servers, Older Windows Computers or whatever….

1. Go to Run, Type Regedit and open this key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

2. If it doesn’t exist, create a DWORD value named
LmCompatibilityLevel

3. Set the value to 1

4. Reboot

Thanks again.
 

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0
Thanks to everyone for there help. I found a fix for my problem. Here is the information;

You may have devices on your network that you can no longer connect (Vista/Windows 7) to or you may not be able to network to Windows XP (for whatever reason, this works). Actually this changes settings to accept NTLMv1 and NTLMv2 so that you can connect to Samba Servers, Snap Servers, Older Windows Computers or whatever….

1. Go to Run, Type Regedit and open this key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

2. If it doesn’t exist, create a DWORD value named
LmCompatibilityLevel

3. Set the value to 1

4. Reboot

Thanks again.

Anything that requires that setting is old and should be replaced, my Win7 laptop connects to my Samba shares just fine without it.
 

Gamingphreek

Lifer
Mar 31, 2003
11,679
0
81
I sincerely hope that this system is not connected to the internet in any capacity. NTLM of any kind is stupidly insecure, v1 even more so.

Glad that you fixed it, but you really need to upgrade/transition to Linux. Honestly, if, for some reason, I ever walked into a computer shop and they were running Server 2000 I would turn around and walk out.

-GP