Solved

I need to map the shared drive of windows 2003 server from dos network boot diskette

Posted on 2003-10-22
26
15,356 Views
Last Modified: 2008-04-15
Hi,

I installed W2003server. I have 2 laptops and I would like to create their disk images from time to time and save them on server big disks (just 0in case).

I created dos network boot disk, no problem message during boot up, DHCP address was obtained.

Then I wanted to logon, it asked me for name - I answered administrator, then password I entered correct administrator password from windows 2003 and OK, I was succesfully logon.

But when I entered command net view \\server - I received error that it is denied.

The same it was when I entered net use t: \\server\y (y is big server disk), it said that password is not correct to fulfil the command and asked for new password. So I repeated adminstrator's password of windows 2003 and received answer 5: Access is denied.

Could you plz help me what is wrong?

Best regards


Vladimir
0
Comment
Question by:vladobb
26 Comments
 
LVL 4

Expert Comment

by:Wiired
ID: 9601695
Did you set the drive "y" to be shared on the 2k3 server? You must share the drive and give everyone who will connect to it permissions to access the share.
0
 
LVL 8

Expert Comment

by:scraig84
ID: 9601734
Try specifying the username and password in the net use command:

net use t: \\server\y password /USER:domain\user
0
 

Author Comment

by:vladobb
ID: 9601880
net use t: \\server\y password /USER:domain\user

this is not correct syntax

can anyone of you help that I use microsoft client basic redirector version 3.11, this is what I see when I type net ver


as for wiired question I shared drive Y as put all the rights to cro/administrator (cro is domain name)

V.
0
 
LVL 8

Expert Comment

by:scraig84
ID: 9601976
Have you tried doing

net use /?

to see what options are available to you?  Can you post them here?  I know what I typed will work from my pc, but it may be slightly different with that redirector.  

Otherwise - usually you would allow "Everyone" full rights at the share level and then have specific rights at the folder level.  For the purposes of getting a drive mapped, I would think you may want to try this approach.
0
 
LVL 4

Expert Comment

by:Wiired
ID: 9601993
net use \\server\y password /USER:cro\administrator is the correct syntax

I have just tried to duplicate your problem, but mine worked just fine...The only difference was that I used "Bart's Network boot disk" found at http://www.nu2.nu/bootdisk/network/

0
 
LVL 8

Expert Comment

by:scraig84
ID: 9602028
>>net use \\server\y password /USER:cro\administrator is the correct syntax

That's exactly the syntax I said...
0
 
LVL 4

Expert Comment

by:Wiired
ID: 9602085
-Comment from vladobb
-Date: 10/22/2003 01:19PM PDT  Author Comment  

-net use t: \\server\y password /USER:domain\user

-this is not correct syntax  

I was just aggreeing with you scraig84  :-)
0
 
LVL 8

Expert Comment

by:scraig84
ID: 9602101
Well, when you put it that way...

:)
0
 
LVL 31

Expert Comment

by:qwaletee
ID: 9602143
Vague recollection... isn't there a limit on user name length in the LANMAN stacks?  Try creating a user name with 8 chars that has admin rights, double-check that you can connect using a standard Win32 client to that resource using those credentials, then retry from DOS
0
 
LVL 31

Expert Comment

by:qwaletee
ID: 9602149
Oh, and don't bother with domain\user... try just /USER:user
0
 
LVL 6

Expert Comment

by:bkoehler-mpr
ID: 9602188
Universal (works in all versions I've used)
net use \\servername\sharename

Modern syntax (doesn't work with older MS redirectors)
net use \\servername\sharename /user:domain\user password

I think the redirector that ships with NT4 didn't allow the /user switch.  Just use the full redirector when logging on and you can circumvent this issue.

In my experience LANMAN has the same issues as NetBIOS with special characters, anything over 14 characters, and things that start with a number.
0
 
LVL 17

Expert Comment

by:John Gates
ID: 9617845
Make sure that the W2K3 server had netBIOS over tcp/ip enabled on it's network connection.
net connection > properties> tcp/ip> advanced> wins tab

D
0
 

Author Comment

by:vladobb
ID: 9620188
Hi all,

I tried to use your suggestions but was not succesful. I created Bart¨s network boot floppy, everything goes well but I am not able to use the drive.

Generally it asks me about 2 passwords.

First password is user password and second password is password for domain. I do not know what is the difference?

I use administrator name and password so I should be able to map server's drives.

But when I try to do

net use x: \\server\x

the computer either say that password for x is incorrect and do not accept administrator's password

or second variant which also happened to me is that the command is executed succesfully but then I try to see mapped drive it says

Drive has no label
Error 5: Access is denied

It is really crazy, I would like to save the ghost image on server but I do not know how.

Plz help
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 17

Expert Comment

by:John Gates
ID: 9620651
If you are using Norton/Symantec Ghost there is a boot wizard that will guide you through creating a network boot floppy.  

D
0
 
LVL 6

Expert Comment

by:bkoehler-mpr
ID: 9627633
On the server:
Verify NetBIOS over TCP/IP is enabled.  Windows 2003 Server is the first server OS to have this disabled by default.

On the workstation:
Using Bart's disk enter Administrator as your username, your domain password, and your domain when prompted.  By entering the domain name you are prompted a second time for the domain administrator password.

Once at a command prompt type the following:

C:\>net use x: \\servername\sharename

This will pass the username and password of the administrator account we used earlier to logon to the domain.
0
 
LVL 5

Expert Comment

by:mfehrmann
ID: 10108030
Which version of ghost are you using?  
0
 

Expert Comment

by:DavidCulbertson
ID: 10238984
Symantec Tech support says that you need to create an "MS DOS" boot diskette, not a "PC-DOS" diskette.  This is not as easy as it sounds.  You need support files from Windows for Workgroups!  I'm still lookig for those files.
0
 
LVL 6

Accepted Solution

by:
Greenclock earned 500 total points
ID: 10419960
Disable digitally sign communications - found in

Start >
         Admin tools >
                    Local Security policy >
                                         Security Settings >
                                                   Local Policies >
                                                             Security Options
       
Make the following change  "Microsoft network server:Digitally sign communications (always)" to "Disabled" This should fix the problem.  Got this from another forum, so cant really take the credit.  

If you are in a domain or on a domain controller the policy location is different.  Check the Domain Policy, Domain controller policy and also any GPO's that are enforced by active directory.

Let us know how you get on.  

0
 

Expert Comment

by:jmcgrew
ID: 10421837
As it is a DC you will need to adjust the GPO on the domain controller.

The following GPO's must be disabled.

Microsoft network server:Digitally sign communications (always)

and

Domain member:  Digitally sign communications (always)
0
 

Expert Comment

by:driesmans
ID: 10441134
Hi all,

I just had the same problem, using Bart's Network Boot disk and Ghost for cloning the disks.

Changed Three parameters on the 2003 ADS server and login works perfect:

This is what i changed:

-> My Network Places, Properties
-> Right click on LAN Connection, choose Properties
-> Choose Internet Protocal (TCP/IP), click on Properties button
-> Click Advanced
-> choose tab WINS
-> At the bottom NetBIOS setting, select  option “Enable netbios over TCP/IP”
-> click OK, OK, Close
-> Restart the server

-Start, Programs, Administrative tools, Domain Controller security policy

-> Choose Security Settings, Local Policies, Security Options
-> Doubleclick on  Policy “Microsoft network server: Digitally sign communications (always)
-> Set this Disabled and click Apply
-> Doubleclick Policy “Microsoft network client: Digitally sign communications (always)
-> Set this Disabled and click Apply

Wait for 5 to 10 minutes so thats the local GPO is activated and try it, it works...

Johan
0
 
LVL 6

Expert Comment

by:Greenclock
ID: 10536418
Disable digitally sign communications & Lan Manger Hash
Start >
         Admin tools >
                    Domain Controller Security policy >
                                         Security Settings >
                                                   Local Policies >
                                                             Security Options
       
Make the following changes:--
       "Microsoft network server:Digitally sign communications (always)" to "Disabled"
       "Microsoft network Client:Digitally sign communications (always)" to "Disabled"
       "Network security:Do not store Lan Manager Hash value on next password change" to "Disabled2
       "Network security:Lan Manager Authentication Level" to "Send Lm & NTLM - use NTLMv2 session ......"

Important: You need to Change the password of the account you are using to connect via the Boot Disk
=======

This should fix the problem.  

good luck!!  
0
 

Expert Comment

by:Hypo11
ID: 10951458
Just wanted to confirm that Johan's procedure worked perfectly for me.  I didn't have to change the Lan Manager Hash or authentication level as suggested in Greenclock's post.  The simpler the better I always say.

Oh, and here's a good tip to add since there is no "local security policy" in Server 2003 Admin Tools anymore (at least there wasn't for me).  In my experience, the Domain Controller Security Policy did NOT have the offending security policies set.  It was just in the LOCAL security policy for that particular Server 2003 DC.  Use the following to access the local security policy in Server 2003 instead:

-Open an mmc (mmc in run box)
-Add the "Group Policy Object Editor" snapin, and leave it set to open the Local Computer Policy.
-Click OK to get back to the main mmc window and you'll see the local policy...
-Expand "Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options" to find the security settings that Johan discusses.

Hope that helps!

--
Hypo11

0
 

Expert Comment

by:cbp25
ID: 11150842

HI All ! ..
The not logged in / Not been verified By a server
PROBLEM .... on 2003 server.
using a net use boot disk or a disk createt in Norton Ghost ent 7.5.


the comment:
Comment from Greenclock
Date: 03/07/2004 01:17PM PST

I WORKS !!!!

I did this:

1. “Enable netbios over TCP/IP”

2. Admin tools >
 Domain Controller Security policy >
 Security Settings >
 Local Policies >
 Security Options
       
Make the following changes:--
       "Microsoft network server:Digitally sign communications (always)" to "Disabled"
       "Microsoft network Client:Digitally sign communications (always)" to "Disabled"
       "Network security:Do not store Lan Manager Hash value on next password change" to "Disabled2
       "Network security:Lan Manager Authentication Level" to "Send Lm & NTLM - use NTLMv2 session ......"

Important: You need to Change the password of the account you are using to connect via the Boot Disk


THX a lot to Greenclock....

Ciao
Carsten
0
 

Expert Comment

by:waltermis
ID: 11283858
Just ran into this one....a month after we upgraded to Server 2003.

Thanks alot fellas!
0
 

Expert Comment

by:TeamPyro
ID: 11924466
I also want to commend Johan. His proceedures worked great!!!!

Here they are again for everyone:

My Network Places, Properties
-> Right click on LAN Connection, choose Properties
-> Choose Internet Protocal (TCP/IP), click on Properties button
-> Click Advanced
-> choose tab WINS
-> At the bottom NetBIOS setting, select  option “Enable netbios over TCP/IP”
-> click OK, OK, Close
-> Restart the server

-Start, Programs, Administrative tools, Domain Controller security policy

-> Choose Security Settings, Local Policies, Security Options
-> Doubleclick on  Policy “Microsoft network server: Digitally sign communications (always)
-> Set this Disabled and click Apply
-> Doubleclick Policy “Microsoft network client: Digitally sign communications (always)
-> Set this Disabled and click Apply

Wait for 5 to 10 minutes so thats the local GPO is activated and try it, it works...



Thanks!!!!
0
 

Expert Comment

by:ejmeado
ID: 21361625
In addition to Johans solution.  when we changed password of the account accessing the server from the boot disk - we were getting access denied errors.  The problem was caused by a security setting on the local machine policy - Network Secuity, Do not store LAN manager hash value on next password change.  We had it enabled - you need to have it disabled to use a network boot disk.

Tks

Ed
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now