Problem Syncing WHS User Passwords on Win7 x64 PCs

Posted on March 4, 2011 by Jeff

WHS Password Synchronization Problems

So I was just asked a question about how to change a user login password on WHS.  To recap, WHS requires user passwords to be the same between client PCs and the Server to allow transparent access to the server’s shared folders.

The process has always been simple.  Change the password on your local machine, log off, then back on again.  Next thing you see is that the WHS tray icon notifies you that the user password  does not match the one in WHS.  Clicking on that notification brings you to the Update Password form.

From here it’s a matter of choosing whether you want to keep the password set on this PC, or the one on the server knows about.  So, we choose the option to keep the password on this machine since we just changed it here.  You enter the current password you just set on this machine in the appropriate box, and the old (previous) password in the Server password box and click the OK button.  If you entered them without typos, you’re all set and now the PC and Server know the same password for your user account.

But WAIT,  on Win7 x64 systems, this doesn’t work!

Instead, it insists you’ve typed in the wrong password.  And after a few tries, it says your account is disabled.  Huh?  Well, it’s not really disabled, it just makes you wait a bit to try again.

The solution is not at all obvious to us plain folk.  I tried all manner of trying to get them to synchronize after that and occasionally could manage to get them sync’d, but after lots of changing passwords on the server and client, doing head stands, salt throwing, etc..  No dice…

One simple solution lies in changing the Local Network Security policy.

  1. In the start menu’s search bar, type:  SECPOL.MSC  and hit return.
  2. Find and Expand the Local Policies folder in the Left hand Pane.
  3. Select the Security Options folder under the Local Policies.
  4. Scroll down in the right hand pane and double click on this entry:   Network security: LAN Manager authentication level
  5. Set the authentication level to:  Send NTLM response only
  6. Click OK.   Now, you are free to change the password on your PC or the WHS console and the Update Password dialog should now work as expected.

Now, I haven’t investigated why this wasn’t necessary on other versions of windows, and perhaps it is, but I never ran into the problem until now.

    
This entry was posted in Computer Stuff, Windows Home Server. Bookmark the permalink.