Having trouble connecting?
Microsoft Windows Server 2003 requires digital signing of connecting clients by default. Problem is, not all clients like doing this. As an example, I was unable to connect to a 2003 server with my Macbook Pro, just wouldn't happen. After some searching, I did find a solution. I apoligize, as I forgot to record the source, but here is the solution
To prevent domain controllers from requiring secure channel signing or encryption
- Open Active Directory Users and Computers.
- In the console tree, right-click Domain Controllers, click Properties, and then click the Group Policy tab.
- Click Default Domain Controllers Policy, and then click Edit.
- Under Security Options, right-click Domain member: Digitally encrypt or sign secure channel data (always), click Properties, and then click Disabled.
By disabling this security setting, you expose secure channel communications to man-in-the-middle attacks. Therefore, it is highly recommended that you upgrade client computers running Windows NT 4.0 rather than disable this security setting.