Solved

Just set up Domain...now one of my xp computers cannot connect to the other....

Posted on 2003-11-23
27
9,375 Views
Last Modified: 2007-12-19
Little background:

Had 5 computers all peer-to-peer on a workgroup (COM)

Two running windows XP pro
Three running windows 2000 pro

I Have Linksys router (the cable connection) and one port category-5 going to a DELL 2106 Hub/Switch.  From the Hub/Switch my computers are all connected by cat-5 cable.  Linksys router is running internal IP 192.168.0.1.  Linksys router DCHP is DISABLED. [the reason for the wire from the Linksys router to the Dell Hub/Switch is because I ran out of ports on the router].

Each computer's set to SPECIFY its own IP ADDRESS
TCP/IP Properties are set to 192.168.0.(X) <---- variable for each computer
Subnet Mask 255.255.255.0
Gateway 192.168.0.1

DNS set to primary and secondary as provided by cable internet company

(DON'T KNOW IF THIS IS RIGHT BUT IT WAS WORKING FINE)

*****************************************************

Then we added a sixth computer DELL SERVER Windows 2003 Small Business Server.

We got rid of the Workgroup (COM) and created a domain (Premier).

The Dell Server TCP/IP properties, again, is set just like the clients'.

The internet works fine on all clients/server.

'My Network Places' on each computer shows All computers under the Premier domain.

**********Here's the weird thing.

On my Windows XP client, I can see the other Windows XP Client in 'My Network Places' as well as the other computers, but when I click on the XP computer it says "\\COMPUTERNAME is not accessible.  You do not have permission to use this network resourse...blah ... blah ...blahh...the user name could not be found"

The other clients running Windows 2000 pro and the server itself can click on that XP computer in 'My Network Places' and access the shared folders without a hitch just like all the other computers.

Any ideas??????????  I am so new to the world of servers/domains...much appreciated!
Also startup/boot seems to take forever on the XP computers.  I hate this crap.

Thanks.
0
Comment
Question by:Dale Massicotte
  • 10
  • 6
  • 5
  • +1
27 Comments
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
Two issues at work here.
one is netbios name resolution. If you setup a domain, then the domain controller should have DNS setup, and pointing only to itself as its own dns server. All clients should be set to automatically register themselves with DNS.
Two is permissions. Did you join all the computers to the domain? If you can access the XP name, the Guest account is most likely enabled. Join the machines to the domain, reboot, and go into the properties of the shared resources and make sure "domain users" have permissions to read and/or write
0
 

Author Comment

by:Dale Massicotte
Comment Utility
I am not familiar with the term "Domain Controller"  is that on the server or does each client have a domain controller.   The Linksys Router is assigned 192.168.0.1 and therefore all my clients are configured on that IP.
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
If you setup a domain, then the server is the domain controller. Assuming this is Windows 2k, then it is an Active Directory Domain. As such, you must also setup DNS on the server and then point the server to itself, and the clients also point to it for dns.

If you don't have the basic concepts of a domain, active directory, or setting up your own dns, or joing clients to the domain, then I suggest you simply run it as a standalone server and create identical username/passwords on all systems, and enable netbios over TCP/IP on the xp boxes.


Enable NetBios over TCP/IP in WIndows XP
Step 1: Turn On NetBIOS over TCP/IP
Click Start, click Control Panel, and then click Network and Internet Connections.
Click Network Connections.
Right-click Local Area Connection, and then click Properties.
Click Internet Protocol (TCP/IP), and then click Properties.
Click the General tab, and then click Advanced.
Click the WINS tab.
Under NetBIOS setting, click Enable NetBIOS over TCP/IP, and then click OK two times.
Click Close to close the Local Area Connection Properties dialog box.
Close the Network Connections window.

Step 2: Start the Computer Browser Service
Click Start, right-click My Computer, and then click Manage.
In the console tree, expand Services and Applications.
Click Services.
In the right details pane, verify that the Computer Browser service is started, right-click Computer Browser, and then click Start.
Close the Computer Management window.

References:
http://support.microsoft.com/default.aspx?scid=kb;en-us;318030
http://support.microsoft.com/default.aspx?scid=kb;en-us;314366
http://support.microsoft.com/default.aspx?scid=kb;en-us;315267
http://www.practicallynetworked.com/sharing/troubleshoot/slowbrowse02.htm
http://www.michna.com/kb/WxNetwork.htm
0
 
LVL 18

Expert Comment

by:chicagoan
Comment Utility
Try setting your clients DNS server to the IP addrss of the SBS.
0
 

Author Comment

by:Dale Massicotte
Comment Utility
Irmoore - your resourses have been awesome.   I enabled NETBIOS over TCP/IP on one of the XP computers (as it was not)  But I am still stuck-no problem solved.     Here is some IPCONFIG info...just for clarification

Just to reiterrate XP Computer \\PRESIDENT cannot access XP Computer \\OLDSERVER in "My Network Places"

Click on XP Computer \\OLDSERVER Error Msg:   ** "\\COMPUTERNAME is not accessible.  You do not have permission to use this network resourse...blah ... blah ...blahh...the user name could not be found"

but vice versa XP Computer \\OLDESERVER  **CAN** access XP Computer \\PRESIDENT in "My Network Places" - no problems there.


This is from CMD prompt IPCONFIG /all from Client XP Computer PRESIDENT.

C:\Documents and Settings\DaleMassicotte>ipconfig /all

Windows IP Configuration

        Host Name . . . . . . . . . . . . : PRESIDENT
        Primary Dns Suffix  . . . . . . . : premierexpress.local
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : premierexpress.local

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : GVC-REALTEK Ethernet 10/100 PCI Adap
ter #2
        Physical Address. . . . . . . . . : 00-C0-A8-89-EE-99
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.0.8
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.0.1
        DNS Servers . . . . . . . . . . . : 68.9.16.30
                                            68.13.16.30


This is from CMD prompt IPCONFIG /all from Client XP Computer OLDSERVER.

C:\Documents and Settings\Administrator>ipconfig /all
Windows IP Configuration
        Host Name . . . . . . . . . . . . : OldServer
        Primary Dns Suffix  . . . . . . . : premierexpress.local
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : premierexpress.local
Ethernet adapter Local Area Connection:
        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Linksys LNE100TX Fast Ethernet Adapt
er(LNE100TX v4)
        Physical Address. . . . . . . . . : 00-04-5A-53-B3-E5
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.0.6
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.0.1
        DNS Servers . . . . . . . . . . . : 68.9.16.30
                                            68.13.16.30


This japaneese may actually look like english to you!  Note the DNS server addresses are those for my Cable Internet Connection.

I am actually doing all this from Remote Connection at my home --- remotely connecting to my office computer PRESIDENT through the Linksys router at the office with IP forwarding to my computer's ip address 192.168.0.6.  While remotely viewing the PRESIDENT computer, I have REMOTE CONNECTION setup to see OLDSERVER computer 192.168.0.8.  Needless to say, I can't check the other computers for NetBios over IP until I get there tomorrow.  So in all actuality I am remotely viewing OLDSERVER computer via the PRESIDENT computer which I am actually remotely viewing from home.  Have I completely gone insane?

But again, I appreciate all of your help.  Dale
0
 
LVL 18

Expert Comment

by:chicagoan
Comment Utility
as your DNS domain is only hosted on your local DNS you will need to set the clients to use it.
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 166 total points
Comment Utility
PRESIDENT may have Guest account enabled, OLDSERVER does not.
Do you have identical username/password accounts on both?
0
 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
Yah, it's pretty much a permissions thing, IMHO, since you can "see" the other comps but get a message that you don't have permission to use it...

I think lrmoore's last post will be your clue.  You need to have the same authentication criteria, or add the other computer/user accounts to the local permissions on each computer.

When you changed from workgroup to domain, you got a new set of local user accounts with the domain name in it as well as the user/computer name, so even though permissions were granted to each other in a workgroup setting, those permissions didn't carry over to a domain setting.
0
 

Author Comment

by:Dale Massicotte
Comment Utility
No -- its not the folder/computer permissions.  After I enabled Netbios over TCP/IP on the Server and OLDSERVER (as they were not enanbled) the PRESIDENT computer was finally able to access OLDSERVER's folders.   But strangley it seems to take a few minutes for the PRESIDENT computer to accept OLDSERVER for viewing its folders, meanwhile the other computers I have access to almost instantly.

I don't know why anyone has addressed checking the EVENT VIEWER.  I am getting error messages on my XP and Poweredge Server computers.  Error messages 1030 (Unable to query group policy), 1053(Windows cannot determine the user or computer name. (Access is denied. )). Group Policy processing aborted. , and 1058(Windows cannot access the file gpt.ini for GPO CN={31B2F340-016D-11D2-945F-),  come up continuously.

Also the Poweredge Server Windsows SBS2003 says that itself and the PRESIDENT computer are domain contollers while all the others are clients.  Go figure.

So there is alot more going on here.

0
 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
Is PRESIDENT a server version of Win2K rather than PRO?

The server should be the only domain controller, if you upgraded from a Win2KPro peer-to-peer network.  How can PRSIDENT be presenting itself as a domain controller if it is a client version of the software?
0
 

Author Comment

by:Dale Massicotte
Comment Utility
Good Question  lol

There are five clients

PRESIDENT - WINDSOWS XP PRO
OLDSERVER - WINDSOWS XP PRO

DISPATCH - WINDSOWS 2000 PRO
TERMINAL A- WINDSOWS 2000 PRO
TERMINAL B-- WINDSOWS 2000 PRO

One server Dell PowerEdge running MS SBS 2003
0
 
LVL 18

Expert Comment

by:chicagoan
Comment Utility
Is your DC (and the clients) configured to use it(self) as the(y're) primary DNS server?
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 

Author Comment

by:Dale Massicotte
Comment Utility
How?
0
 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
Check the TCP/IP properties under the DNS tab... I think that's what chicagoan is talking about...
0
 

Author Comment

by:Dale Massicotte
Comment Utility
The DNS tab on the PRESIDENT computer says is pointing to the Poweredge Server IP Address.

Likewise The DNS tab on the Poweredge Server computer says is pointing to the Poweredge Server IP Address.

All checks out there.

Maybe I will give all the computers a few wacks and redefine the meaning of "domain" at this company   lol
0
 
LVL 35

Assisted Solution

by:ShineOn
ShineOn earned 167 total points
Comment Utility
Sometimes, that's what it takes.  Can I mail you a hammer?  I have an old 3-pound sledge that will work nicely ;)
0
 

Author Comment

by:Dale Massicotte
Comment Utility
Okay guys listen...I think we are totally off.  I think what has happened is that

Let's change the focus:

3 Windows 200 Pro Computers - Are on the domain properly
2 Windows XP Computers - Are not on properly

Here is why - On the Dell PowerEdge Server running Windows SBS 2003, I do the following:

I go to the SERVER MANAGEMENT window.
I click on ADVANCED MANAGEMENT.
I click on premierexpress.local    <---- the domain DNS

I click on
Computers

(i get)     OLDSERVER     <----- Windows XP Pro Machine
               PRESIDENT      <----- Windows XP Pro Machine
 

I click on
Domain Controllers

(i get)      POWEREDGE     <----- Windows SBS 2003

I click on
MyBusiness
   Cumputers
      SBSComputers

(i get)     DISPATCH     <----- Windows 2000 Pro Machine
               TERMINAL A     <----- Windows 2000 Pro Machine
               TERMINAL B     <----- Windows 2000 Pro Machine

Now I know I am certainly not an expert...I am tempted to shut this question down and start a new one to get someone's attention who knows more about this.

Can Someone Make Sense of What is Going On Here????????????????
0
 
LVL 18

Accepted Solution

by:
chicagoan earned 167 total points
Comment Utility
1st - all the computers, including the SBS machine hereafter referred to at the DC,  
   should point to the DC as their primary DBS server.
   This is done in the TCP/IP properties on each machine or by changing the 1st DNS server in the DHCP server.

2nd - You should have a unique login IN THE DOMAIN for the user of each of the workstations (at least for this exercise).
         This means going into Domain Users And Groups on the DC and creating the users.

3rd - You should join each workststion to the domain by going into
      system properties >name on the worksations and using the administrator login

4th - you should login into the domain on each machine by using the usernames you created in 2
      Note it is still possible to log into the local machine when it starts up, you need to use the domain name.








0
 

Author Comment

by:Dale Massicotte
Comment Utility
WELL AS I SUSPECTED (See comments above) I WAS CORRECT IN THINKING THAT WE WERE ALL OFF.  The problem was unusual.  The Server Computer (Poweredge made by Dell) was Factory Installed with Windows 2003 Small Business Server.

Unfortunately, the GPO (group policy) was not working between the clients and the server.  This was because it appears that Dell had appeared to set up the Poweredge with its own domain name.  In the event viewer, all clients, and the server were giving me error 1030 and 1058.

It took 3 hours for a MS tech support rep (very nice guy), to figure out the problem.  He said that he never saw this problem before.

In my Event Viewer (Application) I was getting this error 1058:

Windows cannot access the file gpt.ini for GPO CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=premierexpress,DC=local. The file must be present at the location <\\OEMSBSDN-9601.local\sysvol\OEMSBSDN-9601.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini>. (The network path was not found. ). Group Policy processing aborted.

OEMSBSDN-9601.local was what my windows registry was pointing to as my network domain...not what I had set up. (Must have come from Dell???? Why the heck would I type that in for a domain name???????????????)

Basically the solution was to go thorough the registry and find and replace all instances of OEMSBSDN-9601.local with mycorrectdomain.local.  And then he used a Windows 2003 SBS Server Utility "domainrename.exe" -- as I was watching all of this as he hijacked my computer from wherever in cyberspace he was.

Bottom line is this...as soon as the GPO / domainname.local / insanity was fixed, the network connectivity issues magically disappeared.   And so did error msgs 1030 and 1058.

Splitting points equally for helping me in the right direction.  Thanks All!
0
 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
DalerTheWhaler:

Forgive me if I sound ungrateful, but I would rather have someone else get a B or A grade and me get no points than to see a Question answered with a grade of C, regardless how the apportionment is split.

Please see http://www.experts-exchange.com/help.jsp for grading guidelines.

Essentially, if we were "spot on" and had the exact answer you wanted, that rates an A.  Even if the answer is not one you wanted to hear.

If we weren't quite there but led you to the correct answer, that rates a B.

If we had a lot of helpful input but nothing that resolved your problem, that rates a C.

Only a Moderator can give a D, and the equivalent to failure would be a request to delete and refund the question.  

If you answer your own question, then it is worth a PAQ and refund, so it gets in the KB without costing you question points.


Do you get what I'm talking about?  A "C" grade from a questioner is actually worse than a request to delete and refund.

Please reconsider your grading.  You can request a change in the CS area.  Include a link to this question in your request.

Thank you.
0
 

Author Comment

by:Dale Massicotte
Comment Utility
I had no idea...I will tend to this in the morning.  Please accept my appoligies.  I get an "F" for speling.  
0
 

Author Comment

by:Dale Massicotte
Comment Utility
Just wanted you guys to get points but I guess that I am the moron
0
 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
It's up to you.

If you think we had a good effort that you want to reward but didn't greatly factor into your solution, it is possible that a "C" is correct.  However, you may want to request it to be raised to a "B" if we truly helped you get to your solution, or an "A" if one or more of our comments gave you the solution.

No morons here.  We're all experts in our own way.

It also helps the EE community in general if you give us some info on what the actual solution was and how you came about it.  That's what we call a "good PAQ" which means it's a good addition to the EE knowledgebase.

No apologies needed.  Glad you got it working.  Thanks again.
0
 
LVL 18

Expert Comment

by:chicagoan
Comment Utility
huh? I didn't ask for anything...
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now