Welcome on my SharePoint 2010 blog

Hello,

My name's Roy. I'm a dutch SharePoint & BI consultant/architect at Advantive B.V. At this moment I'm busy with some big SharePoint 2010 projects in The Netherlands. In all the projects I've got different roles, like: Business consultancy, Lead Consultant, Architect (logical and technical), Development and Teaching/courses.

Products where you can ask me about are: SharePoint, Visual Studio, SQL Server, PowerPivot, Analysis and Reporting Services, Visio Services, InfoPath, PerformancePoint Services, Team Foundation Server, Office line.

I love to work and to write about Microsoft SharePoint 2010 so, feel free and read/comment my Blogs!

Greetz.

Saturday, October 23, 2010

SharePoint 2010 and Windows 2000 Active Directory

In the last months I've had two installs/configs of SharePoint 2010. In both situations SharePoint is installed on a Windows 2008 R2 server. That's fine for so far, but:

They are both linked to a Windows 2000 AD environment. And I think you can already guess it, that doesn't work Out-Of-The-Box....

The problems you get is that you can't get authenticated in SharePoint and when you think to give the AD user more rights (as well in SharePoint as in AD) you see question marks in front of the user ID (on the Windows 2008 R2 server), the user name/id and the complete SID.



That doensn't look good.... so go and investigate for the solution!

Solution to let SharePoint 2010 work with Windows 2000 AD:

On the 2008 servers - In GPEDIT.MSC > Computer configuration > Windows Settings > Security Settings > Local Policies > Security Options.

Domain Member: Digitally encrypt or sign secure channel data (always)  - Set this to Disable
Domain member: Digitally encrypt secure channel data (when possible) Set this to Disable
Domain member: Digitally sign secure channel data (when possible)   Set this to Disable

Then reboot the Windows 2008 R2 server to refresh the policy settings.

But after all the best solution is to upgrade your AD environment to the latest version.

No comments:

Post a Comment