Go Premium for a chance to win a PS4. Enter to Win


Clients cannot Access Shared resources on DC

Posted on 2003-11-14
Medium Priority
Last Modified: 2010-04-14
Here's the scope:

I currently have a Win2k DC with a shared a few shred printers a a few shared directories.  my issue is this.  for the past 2 days my clients (xp and win9x) have not been able to aceess any of the shared resources.  When the 9x machines try to logon It comes up with a password error or access has been denied.  Withe the XP machines it does go trough but if you unc to the server it will prompt with a password and then give me a access deined.  I can log onto the server via terminal services and locally.  I checked to make sure DNS and the netlogon service was started and even stopped and restarted the services.  I've checked for Viruses and there is Norton running on this server as well.

Here is the kicker..  If I reboot the server I can log on from 1-10min and access shared resources. after that it goes to the standard errors listed above.  I checked the event log for anything crazy and nothing was there.  It's almost like there is either something going hay wire with AD or DNS or both...

If anyone can help Your input would be much appreciated.

Thanks In Advance
Question by:nlockwood
LVL 44

Expert Comment

ID: 9750621
Check for adware and sypware

spybot here



BHODemon and Hijack This and Browser Hijack Blaster
BHODemon | Think of BHODemon as a guardian for your Internet browser: it protects you from unknown Browser Helper Objects (BHOs), by letting you enable/disable them individually. This program is my choice for BHO detection and is highly recommended.

Browser Hijack Blaster | Running silently in the background, Browser Hijack Blaster only springs into action when an attempt is made. It watches and protects the following items: IE Homepage, IE Default Page, IE Search Page, BHOs. Whenver one of the above items is changed, or a BHO is added, you are immediately provided with information on the item, along with the option to keep the change, or revert to your previous settings.

Hijack This | Written by a member of our support forums and based on our Hijacked! article, this program scans the locations in your computer system that may be modified by browser hijackers and fixes any problems found. An easy-to-understand tutorial is available at TomCoyote.org.

General and overall information about Spy/Adware
LVL 44

Accepted Solution

CrazyOne earned 1000 total points
ID: 9750628
Or maybe a virus

Online Scanners

 Norton Web Services  
Go to this page and click on Scan for Viruses

It needs to download a few file so as to activate the scan so you may see a message like this.

"The Scan for Viruses uses an ActiveX program to scan your computer. The download is approximately 1.5MB and can take about 10 minutes over a 28.8 modem.

The scan can take more than 20 minutes depending on the speed of your computer and the number of files that you have. Please do not browse away from this page unless you intend to abort the scan.
Downloading Scan for Viruses controls. Please wait...
During the download, you might see one or more messages asking if it is OK to download and run these programs. Click Yes when these messages appear.
Note: Scan for Viruses does not scan compressed files"
 Trend Micro HouseCall        
"Trend Micro's free online virus scanner
In order to better serve our customers, we ask HouseCall users to register before scanning their computer.  By registering, you will receive virus alerts from our team of Virus Doctors. You will be able to unsubscribe when you receive your first email. You can also scan without registering"

PC Pitstop Virus Scan
Our free Web-based virus scan uses Panda Software's award-winning technology and virus list. We're checking against the "wildlist," the roughly 200 viruses that are most prevalent in the world in a given month

Author Comment

ID: 9750762
I did check for viruses from norton's sarc page did not find any I will try the spybot software right now...
Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.


Author Comment

ID: 9750980
Ok I ran Spybot search and destroy on the server and It did find some stuff..  I still am having the same issue.  I am going to run the software on all the clients too.  just to try something...

Author Comment

ID: 9754447
After running spybot seach and destroy on the server and all the clients.  I still have the issue.  I've also noticed that I cannot get into the licenseing on the server.  I'm thinking that the dns is screwed up some how...  Any thoughts..
LVL 21

Expert Comment

ID: 9759495
First, make sure the RestrictAnonymous key is set to 0 on your GC.  See:

246261 How to Use the RestrictAnonymous Registry Value in Windows 2000

Other things to check:

- run nbtstat -c on the Win9x client and see if the DC information is correct
- Check for this reg key on the DC:  HKLM\System\CurrentControlSet\Control\LSA\NoLMHash - If its there, set to 0 and reboot
- Disable SMB signing in the default domain controllers policy
- Make sure the share you're talking about isn't encrypted
LVL 15

Expert Comment

by:Rob Stone
ID: 9763424
Are there any errors in event viewer?

Does it happen if you add the server ip to a HOSTS file on a client?

Author Comment

ID: 9775883
Ok I found the fix.  after 5 long hours with 3 Microsoft Tech's.  Here's the skinny.  The system was infected with a few Backdoor Trojans;  NAV Corp didn't pick them up.  BKDR_insider and  and BKDR_def.a.  after runing the free scan from trendmicro's site to clean them.  I then picked out non microsoft serivces that looked like microsoft services (i.e. Remote access admin, WINDOWSUPDATE) After rebooting the service again we relized that the IPC$, ADMIN$, C$, and the PRINT$ were misisng.  So after deleteing the Autoshare keys in the HK_LOCALMACHINE/system/currentcontrolset/services/lanmanserver/paremeters hive.  My clients were once again successfully able to logon to the server and get at network resources.  How about them apples...


Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
It’s a season to be thankful, and we’re thankful for users like you who engage on site, solve technology problems, and network with others in the industry. What tech are we most thankful for? Keep reading.
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
Integration Management Part 2

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question