12-07-2011 10:41 AM
im trying to install a BE 2010 r3 sp1 on a freshly built 2008 R2 x64 server that is a member of the domain.
when i get to the server account step and i provide domain account credentials, i get "unable to authenticate with the user and password information given for domain\user".
it works fine in the test domain that has same gpos applied but fails in the prod env. i even disabled all GPOs and FW for the OU where the server resides. still the same error. i tried running the installer on the DC just to see if it will work, still the same error. im at a loss right now as to why it is not authenticating. any insight will be appreciated
Solved! Go to Solution.
12-07-2011 12:12 PM
no errors pertaining to the problem
12-07-2011 12:43 PM
anyone? i tried contacting support but the symantec support structure is so... not easy, cant open cases online, and the guy i spoke to never called back...
12-07-2011 12:49 PM
i think i found a record in the security log for this
audit failure event 4625 - NULL SID
12-07-2011 01:01 PM
I would suggest to remove the server from the domain, and add it again.
Or reinstall the server from scratch.
12-07-2011 01:05 PM
Create an online case here:
12-07-2011 01:25 PM
its not this particular server, i get the same error form the installer when i run it on the DC
12-07-2011 02:10 PM
cant do that either, called in no reply so far, makes me wonder, why am i paying for support???
12-07-2011 02:14 PM
Pls provide me details of your support ticket...such as the case #
12-07-2011 02:40 PM
thats the problem, i dont know the details, the guy i spoke to said he will email me the details, never received the email.
and i cant open the issue online either since it gives me
MySupport Application Error
The MySupport application has encountered a program error. You can either try again or contact Symantec Technical Services
Thank you for your patience.
after i provide my technical contact ID.
12-07-2011 02:42 PM
Would suggest to call Tech Support at +1 800 342 0652...There is hardly any wait time now...not more than 5 mins & you would be able to log a support case with the rep
12-08-2011 12:25 AM
Have you tried downloading the installation media again ?
12-08-2011 06:13 AM
the media works on my test domain and works on production domain when i select a local account instead of domain account. im not sure how BE installer is trying to auth against the AD, using kerberos or NTLM and what exactly is preventing it from doing so
12-08-2011 09:00 AM
ok i found what was causing this. looking at evenid 4625 having subtype 0xc0000418 lead me to conclusion that DC is blocking NTLM. original GPOs were restricing all but NTLM v2 and apparently BE, being in the 2010 r3 release still needs original very unsecure NTLM , which is a security flaw. i removed the gpo but not having policies defined is not enough for windows. since it kept ntlm blocked. i had to explicitly allow ALL kinds of incoming/outgoing ntlm traffic in the gpo to get BE installer to authenticate successfully.
12-08-2011 09:56 AM
hmm, now it gets stuck at the serice account step without any errors. i click next, the back button gets grayed out for few seconds, then it becomes available again, but its not going anywhere
12-08-2011 12:43 PM
restricting NTLM to NTLM v2 only works with BE
12-09-2011 06:57 AM
by the way, symantec customer support sucks! i still did not get a call back and the woman who i opened the issue with was rude and uncooperative. she also opened the issue with the least priority available while i specifically told her that it does affect the bussinness. bad experience!