possible attempt to compromise security
I have Windows 7 64bit Pro and Ultimate clients, and Windows Server 2003 R2 32bit domain. All systems are fully updated. I have no problem with Windows XP clients. When the Win7 clients try to browse to a network share, such as \\servername they get the following error message: The system has detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you. Sometimes, I also get the following message: Windows needs your current credentials to ensure network connectivity. Please lock this computer, then unlock it using your most recent password or smart card. To lock your computer, press CTRL-ALT-DEL and then press Enter. Of course, authentication should be automatic and behind the scenes. These messages should not come up. But even when I type in my credentials or lock/unlock as it says, there is no change.
March 19th, 2010 5:55pm

One more comment. There is only one thing I can think of, that I ever did, that might be uncommon. A long time ago, I went into AD Users & Computers. I right-clicked my domain name, and chose "Raise Domain Functional Level." At the time, it said my domain was at functional level 2000, and I upgraded it to 2003. It was successful and smooth. Seemed like a good thing to do at the time. I have no reason to think this caused the problem now, except that I admin more than one site, and this is the only site having the problem. Still, it's probably unrelated.
Free Windows Admin Tool Kit Click here and download it now
March 19th, 2010 6:00pm

Hi, Please refer to the following article to troubleshoot the issue. You receive a "The system has detected a possible attempt to compromise security" error message when you try to include security settings for a user from different domain in a local domain folder Thanks, Novak
March 25th, 2010 9:57pm

I have the same problem -- but only on my Windows 7 clients trying to stay connected to my Window 2003 R2 server (my XP clients are fine). I am in a single domain situation and the Windows 7 clients are all members of that domain so the article referenced above does not apply. I use a logon script to map to a share on the server but at some point (after a long idle period), the mapped drive fails and I get that error message. I can ping the server from the Windows 7 PC, I can resolve the name as well, so it is not a network problem and it works again after reboot so it is not a firewall problem. If the user reboots, the mapping works again but I need to find a solution that does not require me to tell the president of the company "Stop what you are working on and restart your computer repeatedly". Any help would be appreicated. Laurie
Free Windows Admin Tool Kit Click here and download it now
April 8th, 2010 12:20pm

The resolution to the problem listed in that article Novak posted is so simple you should check your Windows Firewall anyway... It says, "To resolve this problem, configure the network firewall so that TCP port 88 and UDP port 88 are not blocked for either domain." Interestingly, a quick scan through Windows Firewall's predefined rules does not show any for port 88 specifically. If I were you, I'd try adding specific rules to allow connections to those ports and see if the problem is resolved. Alternatively, as a quick check to see if it is indeed a firewall issue you could try temporarily disabling the firewall entirely. Keep in mind that Windows 7's firewall is the first Windows firewall to switch over to the new "disallow incoming connections unless they match a rule" philosophy. -Noel
April 8th, 2010 2:03pm

As a quick check, I dropped the firewall entirely and tried to reconnect the drive. It threw the same error. Repeated attempts resulted in a different error -- "An unexpected network error occurred". However, even as the reconnect failed, I could ping the server, both by IP and by name. However, to fully test the firewall theory, I will run the scenerio again from the beginning (starting with a good connection). Once I shutdown and restart (reconnecting the drive), I have to wait for it to drop again to test if any given solution works, which is going to make this a very long process. My first test will be to reconnect by restarting a test machine tonight and making sure that the firewall is completely down on that machine overnight. Then I will see if I have lost connection again by tomorrow morning. Thanks, Laurie
Free Windows Admin Tool Kit Click here and download it now
April 8th, 2010 2:36pm

Opening port 88 did NOT resolve the problem. Any more ideas of what I might try?Thanks,Laurie
April 15th, 2010 9:47am

Sorry to hear that.I'm out of ideas, though my thoughts drifted briefly toward at least lengthening the connection timeout on the server to possibly lessen the appearance of the problem. I used to know exactly how to do that, but I've since forgotten... Something about NET CONFIG SERVER...-Noel
Free Windows Admin Tool Kit Click here and download it now
April 15th, 2010 12:44pm

I was receiving this error on a client in a single domain situation. I found that the DNS server addresses for the TCP/IP connection had been set manually to servers out on the net. I set it to obtain DNS server address automatically and it's been fine since. Conrad
May 11th, 2010 11:19am

I was receiving this error on a client in a single domain situation. I found that the DNS server addresses for the TCP/IP connection had been set manually to servers out on the net. I set it to obtain DNS server address automatically and it's been fine since. Conrad
Free Windows Admin Tool Kit Click here and download it now
May 11th, 2010 11:19am

I will try that next. Thank you. Laurie
May 11th, 2010 1:45pm

I have this problem almost everyday (SBS08). I have tried a ton as well. I got so fed up and angry I reimaged the machines. Still happens. Im guessing now its a server issue. They are XP Pro machines. Firewalls all off. After I reimaged the machines I noticed that I could not add the stations back onto the domain unless I specified DNS manually. Then it worked. Any conclusion as to what the problem is?
Free Windows Admin Tool Kit Click here and download it now
December 27th, 2010 9:07am

This was solved. A group policy waaaaaaaaaaaaay nested inside of the 1000 default policies SBS makes has kerberos ticket to expire every 10 hours.
February 3rd, 2011 10:19am

did you remove the policy or just change it?--- ian
Free Windows Admin Tool Kit Click here and download it now
March 24th, 2011 6:22pm

That's not working for most of us. (I have Win 7 client, Server 2003 R2 64 bit AD) This seems more likely to be a Kerberos time-out issue, as recently suggested by CCA-Admin. However, there's no suggested route to changing these. Any help proferred, gratefully accepted. Thanks Brian25 years in IT?
April 7th, 2011 6:02am

I have similar problem. My windows7(64) Enterprise PC, is a member of domain ABC. I am logged in with a ABC domain user with local administrator privileges. I am using my PC inside a different network, no connection to domain ABC. I am able to successfully file share to server 123 in domain XYZ, however I get same error when attempting start>run>\\456\c$ . I am given the "an attempt to compromise security...blah blah" message at the bottom of window before I ever attempt putting in credentials, when I do enter the credentials, i get the "unknown username or bad password" error. Any help fellow geeks? :)
Free Windows Admin Tool Kit Click here and download it now
May 13th, 2011 12:26pm

Manyhat, Windows 7 stores domain log on credentials locally allowing you to log on your system when your not connected to the domain your system is associated with. When your logging in to the xyz domain your not authenticating to that domain your logging in to your system with the cached credentials from domain abc. Doing this doesn't provide you network access rights and definitely not to a system admin share. You have to be joined to the domain and use admin credentials or local admin credentails for xyz domain to access \\456\c$. You should try command net use Z: \\ip\share /user:domain\username password to log on to \\456\c$. You have to use credentials for xyz domain. You could also map a drive and check the box"Use different user name and password to connect". As for successfully file sharing to server 123 in domain xyz it appears that security for 123 isn't setup correctly or the share your accessing allows for anonymous access.
May 14th, 2011 5:50am

I have a similar issue. Server 2008 R2 Desktop running 7 DNS-DHCP set to AD serer. It is NOT a Kerberos issue (all patches and work-a-rounds have been used). All the users have their own log-in script that work. (all maps are to the one server/domain) Of the 50+ desktops only one is giving this error. I have set the "Amount of idle time required before suspending a session to": 99999. All desktops are shutdown at night. If I run the user log-in script from the user desktop, all maps are restored. Any thoughts?
Free Windows Admin Tool Kit Click here and download it now
May 31st, 2011 12:42pm

OK I have a similar issue but narrowed my issue down to a particular user ID. One of my desktop people got a new laptop and loaded a corporate image of Windows 7 Enterprise that we have been using for a few months now. Her old laptop works fine with WinXP. The Win7 one will also propmt her for credetials on trying to access any network resources. If I login with my normal user credentials on her machine everything works fine. I thought OK it is her ID or profile. I then had her login to my laptop with her credentials and see what happens, she had never logged into mine or me hers so no cahed credetials were used. The problem followed her from system to system on Win7. We had firewalls disabled on both systems. I would think it is related to her User account except that the XP system works fine. We also tried changing her password at the PC and it will not change it either. No real messahe other than a small yellow triagle with exclamation point and the word "set". Any ideas guys? JD
August 8th, 2011 7:36pm

I having the same exact problem. When I moved to the new laptop, I used the same computer name as the old laptop and connected to the domain. And my user account password had expired at that time. I am not too sure if that contributed to the problem. I cannot change my password either, as I receive the same yellow triangle with no information apart from "status". The AD administrator will look through the logs to check if there is anything wrong?
Free Windows Admin Tool Kit Click here and download it now
August 23rd, 2011 4:53am

Been a long time....but the problem for me was related to the syntax I was using for entering credentials. I have never been able to memorize which is the correct "slash / or \ to use when entering credentials, so when I stumbled across this syntax username@domain I was like "SWEET", my memory block is fixed. It seems however that this syntax isn't liked on the server I was attempting to access. I had to use the old slash syntax "domain<slash>username" and it worked !!
January 3rd, 2012 1:39am

You nailed it, ConradMSP. I had a hardcoded nameserver in my connection. TY :)
Free Windows Admin Tool Kit Click here and download it now
January 12th, 2012 3:23pm

You nailed it, ConradMSP. I had a hardcoded nameserver in my connection. TY :) ConradMSP was right! I too had 1 machine Win7 that was having this issue... I had forgotten that I changed the DNS on this machine to Google's DNS servers as a test and never set them back. So I changed it back to auto (Set from the DC) and BINGO! Problem gone.
February 3rd, 2012 10:09am

Almost always a DNS issue with Windows. I too had changed my PCs DNS server to my ISP's to temporarily bypass my content filter. I forgot to change it back. Imagine that...it worked!!!
Free Windows Admin Tool Kit Click here and download it now
February 8th, 2012 1:17pm

We were experiencing the exact same issue, but the resolution was not related to DNS or Firewall. Turns out the user had Kerberos DES encryption types enabled in Active Directory Users & Computers. Disabling this option fixed the problem. RjZ
April 12th, 2012 9:07am

I was receiving this error on a client in a single domain situation. I found that the DNS server addresses for the TCP/IP connection had been set manually to servers out on the net. I set it to obtain DNS server address automatically and it's been fine since. Conrad Brilliant...I'd changed DNS for testing. Changed it back to "auto" and am in again. Thanks ConradMSP!!Bill Hagen, Owner That Computer Geek Newberg, OR www.thatcomputergeek.com
Free Windows Admin Tool Kit Click here and download it now
June 1st, 2012 8:11pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics