Subscribe via RSS Feed Connect with me on LinkedIn

Resolution: Windows 7 User Cannot Connect to SharePoint (WSS v3.0) Site

[ 0 ] January 12, 2011 |

One of our users had recently:

  • been migrated from one domain (OldDomain) to another domain (NewDomain)
  • upgraded from Windows XP to Windows 7

Our grief started when he could not log into our SharePoint site anymore. When he tried to log in, he would either:

  • get prompted to authenticate, then get an error page saying “Connection was reset”, or
  • not get prompted at all, but get a “Connection was reset” error

We further verified this error by running both FireBug and Fiddler.

Initially we were thinking it must be the domain change; technically that’s the biggest change. We were also not able to ping the SharePoint site URL, but oddly we could ping the IP address of the site. This led us to think that this could be DNS related.

We went on a wild goose chase as to what domain-related problem it could have been, including:

  • flushing dns (flushdns)
  • refreshing DNS suffix search list
  • checking that user’s domain privileges, group policies
  • etc

We also did try other general non-domain-related possible fixes, like:

  • turning off firewall
  • adding site to Intranet Zone
  • adding site to Trusted Sites
  • allowing JavaScript, cookies in site
  • etc

Unfortunately we did not get any resolution, and we were not making any progress with this issue.

We also knew it was not a credentials issue as the user could still connect to our SharePoint site using another laptop running Windows XP. So, it’s not the domain name change after all. The culprit then had to be Windows 7.

Thank goodness we came across this post: http://social.msdn.microsoft.com/Forums/en/sharepoint2010general/thread/bc216eb7-d556-4819-8d96-8e14ee988f24 (Thank you MichAda!)

The resolution is to change Network security: LAN Manager authentication level in Windows 7’s Local Security Policy to Send LM & NTLM – use NTLMv2 session security if negotiated:

  1. Start > Run > C:Windowssystem32secpol.msc
  2. Go to Local Policies > Security Option
  3. Change “Network security: LAN Manager authentication level” to “Send LM & NTLM – use NTLMv2 session security if negotiated”
  4. Apply the changes, and test again

We thought this was it! We tested on Firefox, and everything was back to normal in FIREFOX. Unfortunately, not everything was in happy land with IE. No matter what we did, we could not authenticate the user in IE. After a bit more fiddling around, this is what we found as a fix:

  1. In IE, purposely sign out by clicking “Sign In as Different User”
  2. Log in using the old domain (OldDomainUserName)
  3. After successfully signing in, “Sign In as Different User” again
  4. Log in using the new domain (NewDomainUserName)

Not sure why that works. Maybe somehow the old credentials are still what IE remembers. At this point, we’re just happy the user can sign in again and work with SharePoint.

Tags: ,

Category: Blog

About Shereen Qumsieh: View author profile.

Leave a Reply




If you want a picture to show with your comment, go get a Gravatar.