long story short... discovered that if you save a blank admin pass on server 2003, clients (at least in a workgroup scheme) will not be able to log on to the server using user: Administrator, pass: *blank*.


is there a function associated with this? sort of like APIPA being the function that results in DHCP clients self-assigning an IP in the 169.*.*.* range when their requests for IP/DNS assignments go unanswered? or is it one of those "thats just the way ot works" things? im assuming either way it has to do with a NOS's inherant need to authenticate.

I'm not sure I understand how they are logging on to the server in a workgroup scheme.

Are they mapping network drives and or printers to their PC's?

I'm not sure I understand how they are logging on to the server in a workgroup scheme.

Are they mapping network drives and or printers to their PC's?




no, just even trying to share a folder on the server side to the workgroup. no permissions or any complaicated stuff. default settings on the share.

the XP clients can navigate through network neighborhood to the server. but, when trying to access the shared object, the login que for user/pass pops up. using Adminitrator and *blank* for user/pass results in an access error. similar to if i were to use the incorrect password. if i go in and set an admin pass on the 2003 server local account, the workgroup clients can login with user: Administrator, pass: *NewlySetPassword* as youd think they should.

I haven't tried setting up Windows Server in workgroup mode in the manner of XPs "Simple File Sharing", I have done it in workgroup mode...but I'll enter usernames/passwords to the local users group on the server that exactly match the usernames/passwords used to log onto the other workstations in the workgroup. And then include those users in the share.

I know Terminal Server won't start up as a host if the Admin password is left <blank>...on server and on Windows XP, as part of the design for security purposes. Can't answer that for shares though...I never approached that bridge.

Try enabling the guest account on the server?

Can't you set up individual users under Local users & group (On 2003) that correspond with what they use to sign into their pc's?

thanks for the replies, fellas.

i didnt try enabling the guest account or creating specific user accounts (wasn't expecting the need), but will monkey around with it again when im back there on monday.

more than anything i was just curious as to why it was occurring like it did. it took me about an hour of wtf'ing between the clients and server using the login as i knew it was supposed to be. all resulting in the inability to login to the share (at that point just a folder with a test .txt in it) with a blank pass. but as soon as i went back into the server and changed the pass from blank, everything worked.

i'd never had that happen before, and was wondered if thats common law amongst newer NOSs.

yeah, i just replicated it here at home. everything worked great until i changed the admin pass to blank. if i had actually taken the time to read the error before i woulda seen the circled part of the error. ok, big time "duh!" points on my end.

http://i623.photobucket.com/albums/tt313/smaier69/error.jpg?t=1243734179



im thinking it's something that could be changed through admin templates(?) on the server's end. although i could understand it not being a changeable setting. i mean, really.... aside from convenience on a network thats completely devoid of any threats (i.e. dreamsville), why would a blank admin pass be desireable? 'specially if youre taking the needed steps to install fully fledged network server OS?

anyways, im gonna check on the templates tomorrow. even though im sure i will never employ the knowledge of this peculiar error/function, i can't let it sit as-is.

Keep us posted.:)

ah, found it finally! luckily the setting is near the top of the list.


admin tools-> local security policy-> local policies-> security options

Accounts: limit local account use of blank passwords to console only

enabled = can only log on with blank password if its through the local machine's console.

disabled = global login with blank pass is acceptable.