× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. March 2006

RE: QNTC

Thanks Chris. I Googled this and finally found this page that explains
that. My network guy could care les about helping me see "his" servers. 

 Enabling QNTC access to Windows Server 2003
with Active Directory 
 
Problem description 
  
 
This problem only affects i5/OS(tm) V5R2 systems that access data on
Windows Server(tm) 2003 servers via the i5/OS Network Client (QNTC) file
system. 

By default, file shares on a Windows Server 2003 server with Active
Directory installed (for example, a domain controller) cannot be
accessed via the QNTC file system on V5R2. This affects i5/OS commands
such as Save (SAV), Restore (RST) and Work Link (WRKLNK). For example,
the i5/OS SAV command cannot do a file-level backup of files on a
Windows Server 2003 domain controller with the default settings.

QNTC is an i5/OS file system that utilizes the Server Message Block
(SMB) protocol. By default, a Windows Server 2003 server installed with
Active Directory requires digital signatures of SMB packets for
increased security. Since QNTC does not perform this task on V5R2,
attempts at authenticating to the server using SMB are denied, making
QNTC operations fail.
 
  
Circumvention 
  
 
On V5R2, if you are unable to save Windows Server 2003 data using the
SAV command through QNTC file system, or are unable to view a list of
shares defined using the WRKLNK command through QNTC, then you may need
to perform one of the following procedures on the Windows Server 2003
server to disable the requirement for digitally signed SMB
communications.

Note: You should install Active Directory on the server, run Windows
Update to load the latest updates from Microsoft(r) and then reboot the
server before disabling SMB signing as described below.

Preferred method to disable SMB signing

Microsoft has a help topic that describes how to disable SMB signing on
domain controllers so that clients (such as PCs or QNTC) that do not
have this capability can connect to the server. You can view this
Microsoft help topic by starting Help and Support on the server console
and searching for "smb signing". An excerpt from the Microsoft help
topic is shown below:

Click on Start, then Programs, then Administrative Tools, then Active
Directory Users and Computers. 
In the console tree, right-click Domain Controllers, click Properties
and then click the Group Policy tab. 
Click on Default Domain Controllers Policy and then click Edit. 
Click on the '+' next to Windows Settings. 
Click on the '+' next to Security Settings. 
Click on the '+' next to Local Policies. 
Click on Security Options. 
Right-click Microsoft network server: Digitally sign communications
(always), then click Properties. 
On the property sheet, click Disabled and then click OK.
 

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Chris Bipes
Sent: Sunday, March 19, 2006 10:07 PM
To: Midrange Systems Technical Discussion
Subject: RE: QNTC

Windows NT passwords are of the old style encryption while 2003 is
newer.   You can run 2003 in compatibility mode to support NT and 98
machines.  Your AS400 also has a password level compatible with 98/NT,
the default, and a more secure password mode that is compatible with
2003.  Check your security settings on the 2003 system.  Sorry I am not
able to give you the details at this time, I know they exist but not
sure how to change my self.  ( That's what I pay my network admin for. )


Christopher Bipes
Information Services Director
CrossCheck, Inc.

-----Original Message-----
Karl Lauritzen Jr.
Sent: Saturday, March 18, 2006 8:49 AM
To: Midrange Systems Technical Discussion
Subject: RE: QNTC

Yes exactly the same I know because we use netserver and they have to be
to use those mapped drives as well. 
The part that confuses me is that it works on the NT box but no other
non-NT box. I looked and those shares are the same in authority.
Everyone has full access. I picked those to test on because of that.

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at http://archive.midrange.com/midrange-l.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.