Windows Share Access: Error – The Computer You Are Signing Into Is Protected By An Authentication Firewall

Problem

I put a ‘net use’ command in a logon script for a client today, and the drive refused to appear. So I executed the offending line and saw the following error:

Protected By Authentication Firewall System error 1935 has occurredThe computer you are signing into is protected by an authentication firewall. The specified account is not allowed to authenticate the computer.

This is a very specific error and it generally occurs when you are trying to access a resource in another forest. In this case the trust relationship has been configured with selective authentication. You need to specifically give your account “Allow to Authenticate” rights on the resource.

Solution

This error is seen because the user, (or group the user is a member of), has been granted the correct rights to access the share. BUT the share is in another domain, and even though that domain trusts the one the user is coming from, the trust was set up with ‘selective authentication’.

Go to the domain that’s providing the share, log into a domain controller > Open ‘Active Directory Users and Computers’ > View  > Advanced Features > Locate the COMPUTER you are trying to authenticate TO > Properties > Security > Add in the user (or group) that requires access > Grant the “Allowed to authenticate” right > Apply > OK.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.