Active Directory users or just local users?

Just local users. I haven't even set up Active Directory.

Are you logging in with:

servername\username
password

Do you get a login prompt at all?

Yes and yes.

I've been initially doing it like this:

username
password

And typically in my case, it would authenticate just fine, but not on the Win2K server.

And even when trying to log in with "servername\username" followed by the password, it still wouldn't connect.

What happens if you set the shared folder with 'Everyone' share AND security permissions?

In also curious what a XP SP2 machine would do.

Same problem. Still asking for a password and still wouldn't authenticate. I even removed the shares and created one with permissions and security set for everyone.

I could try an SP2 setup to see what sticks, but I just don't have the time or resources to do it right now, especially since that I am aiming to keep SP3 on my XP rig.

Default for Windows 2000 server is for NTLMv2 response only. I suppose it's possible you have NTLMv2 working on 9x but not on XP? XP is to send NTLMv2 response and refuse LM & NTLM though....
Compare your security settings on both XP and 2000 machines in gpedit -> Computer -> Windows Settings -> Security Settings -> Local Policies -> Security Options

Got it!

So, here's what I've discovered.

Turns out that the "LAN Manager Authentication Level" on Win2K was set to "Send LM & NTLM responses" by default, hence the reason why Windows 9x machines and earlier were able to access it just fine. On my XP machine, the "Network Security: LAN Manager authentication level" was indeed set to "Send NTLMv2 response only" by default.

Changing the LANMAL under Win2K and WinXP to "Send LM & NTLM - use NTLMv2 session security if negotiated" finally allowed me to connect my Windows XP client to my retro server, while still maintaining the ability of my Windows 9x clients and earlier to do the same as well.

So, everything is now working and I can finally have a central location for all of my retro PCs. Thanks for the help! 😀

You don't need to downgrade security to allow all of those OSes to communicate with Windows 2000. If you have a desire to increase security, install the Active Directory Client pack for Windows 9x. This will provide NTLMv2 ability. Then you can set 2000 and XP back to NLVMv2 only. If you're keeping this around long term, it's a good idea to eliminate NTLMv1 (and LM) from your environment.

https://docs.microsoft.com/en-us/troubleshoot … -authentication for help to configure the client

(Additional information and download, but the download is already on the Windows 2000 Server CD, if you have it handy)
https://web.archive.org/web/20040628002406/ht … kb;en-us;288358

Meatball wrote on 2022-02-04, 20:40:

You don't need to downgrade security to allow all of those OSes to communicate with Windows 2000. If you have a desire to increase security, install the Active Directory Client pack for Windows 9x. This will provide NTLMv2 ability. Then you can set 2000 and XP back to NLVMv2 only. If you're keeping this around long term, it's a good idea to eliminate NTLMv1 (and LM) from your environment.

Generally speaking, it is a good idea, but here's the thing.

Windows 9x and Windows XP aren't the only machines that'll be serving as clients. I also have a machine that runs MS-DOS and Windows for Workgroups 3.11, the latter of which has Windows file sharing capabilities that would allow me to access files from servers running that service such as my Win2K server. So, I highly doubt that NTLMv2 is possible in this scenario.

I guess I can suffice for FTP, Telnet, or whatever for WFW 3.11 and think about NTLMv2 for the rest, but the key here is to maintain the convenience of not only accessing my files, but executing them as well. And I don't know of any other solutions than Windows File Sharing that would help me achieve the latter.

Also worth noting is that I might be considering sharing my files to my Macs as well since Windows 2000 Server has an option to enable file sharing for these computers. Although, since it uses the AFP protocol, it is completely separate from Windows File Sharing.

And one important thing too is that the Win2K machine in question is a RETRO Server, which is meant to serve older Windows XP machines and earlier ONLY. So, it's really not meant to do anything as serious as a modern server these days. Now sure, security is a concern and I wish I can push it as far as the server is capable of, but if one of my older machines can't access my server because of a certain protocol that the client cannot understand no matter what and/or the convenience is not there, that's something that I honestly would want to maintain.

Meatball wrote on 2022-02-04, 20:40:

You don't need to downgrade security to allow all of those OSes to communicate with Windows 2000. If you have a desire to incre […]
Show full quote

You don't need to downgrade security to allow all of those OSes to communicate with Windows 2000. If you have a desire to increase security, install the Active Directory Client pack for Windows 9x. This will provide NTLMv2 ability. Then you can set 2000 and XP back to NLVMv2 only. If you're keeping this around long term, it's a good idea to eliminate NTLMv1 (and LM) from your environment.

https://docs.microsoft.com/en-us/troubleshoot … -authentication for help to configure the client

(Additional information and download, but the download is already on the Windows 2000 Server CD, if you have it handy)
https://web.archive.org/web/20040628002406/ht … kb;en-us;288358

Why even bother do you really think that's going to secure it and from who what and how

Warlord wrote on 2022-02-05, 22:31:

Meatball wrote on 2022-02-04, 20:40:

You don't need to downgrade security to allow all of those OSes to communicate with Windows 2000. If you have a desire to incre […]
Show full quote

You don't need to downgrade security to allow all of those OSes to communicate with Windows 2000. If you have a desire to increase security, install the Active Directory Client pack for Windows 9x. This will provide NTLMv2 ability. Then you can set 2000 and XP back to NLVMv2 only. If you're keeping this around long term, it's a good idea to eliminate NTLMv1 (and LM) from your environment.

https://docs.microsoft.com/en-us/troubleshoot … -authentication for help to configure the client

(Additional information and download, but the download is already on the Windows 2000 Server CD, if you have it handy)
https://web.archive.org/web/20040628002406/ht … kb;en-us;288358

Why even bother do you really think that's going to secure it and from who what and how

It was a simple suggestion, which doesn't sacrifice much convenience. I didn't bother responding further to the original poster because it was clear more convenience was preferred. Do you wish to continue the discussion?