Mac OS X Server v10.5 or later: Windows Vista clients may be unable to join a hosted PDC

Microsoft Windows Vista clients may be unable to join a PDC hosted on Mac OS X Server v10.5 or later. Windows Vista may be configured with a local security policy which does not include an authentication protocol that is required by Mac OS X Server v10.5 and later.

Windows Vista clients may receive an alert similar to this when trying to bind to the Mac OS X Server PDC: 

"Your computer could not be joined to the domain because the following error has occurred:
Logon failure: unknown user name or bad password."

To allow Windows Vista clients to join a PDC that's hosted on Mac OS X Server v10.5 or later, the local security policy of the Windows Vista client must be changed. On each Windows Vista client:

  1. Choose Start > Control Panel.
  2. Select "Classic View".
  3. Open "Administrative Tools".
  4. Click the Shortcut named "Local Security Policy" and confirm that you want to continue.
  5. Select "Local Policies" and then select "Security Options".
  6. Scroll down the list until you find the "Network security: LAN Manager authentication level" policy.
  7. Double-click "Network security: LAN Manager authentication level" to edit this policy.
  8. The default Windows Vista setting is "NTVLM2 responses only". Change it to "Send LM & NTLM - use NTLMv2 session security if negotiated".
  9. Click the "Apply" button.

You should now be able to log in.

For an explanation of each of the various options for this security policy in Windows Vista, see this Microsoft Technet article.

Important: Mention of third-party websites and products is for informational purposes only and constitutes neither an endorsement nor a recommendation. Apple assumes no responsibility with regard to the selection, performance or use of information or products found at third-party websites. Apple provides this only as a convenience to our users. Apple has not tested the information found on these sites and makes no representations regarding its accuracy or reliability. There are risks inherent in the use of any information or products found on the Internet, and Apple assumes no responsibility in this regard. Please understand that a third-party site is independent from Apple and that Apple has no control over the content on that website. Please contact the vendor for additional information.
Published Date: