Broadcaster
asked on
XP Pro to Win2K server - can ping but can't access network shares.
OK. I have been browsing answers for a week and need to just write this out.
MY NETWORK
My servers are configured statically.
All clients are DHCP clients.
DNS and WINS are running internally.
SERVER SIDE
I have a network with two win2k domain controllers(DC1 and DC2).
DC 1 runs and SQL database.
I also have a third machine running win2K as a member server - not a DC. It is configured as a file and print server.
CLIENT SIDE
I have 25 clients - all running XP Pro.
All SPs are up to date.
5 are notebooks that connect wirelessly.(netgear wg511)
3 desktops connect wirelessly (Belkin 54g)
THE PROBLEM
This occurs on two wireless desktop and one wireless notebook. NONE OF THE OTHER CLIENTS EXHIBIT THIS PROBLEM.
These machines will not connect to mapped drives pointed to the file server, nor the printers. I can ping the file server from these machines with both ip address and name. I can ping these machines by name and IP from the file server.
ALL machines, including the problem ones, have Internet connectivity and can connect to shares and the SQL database in DC1, browse the network and connect to each other.
WHAT HAS BEEN DONE ALREADY
Enabled Netbios over tcp/ip
Disabled the use of simple file sharing on the clients
Disabled Opportunistic locking on the server
Checked that no firewalls are running on the clients or servers, including XP's firewall and Zonealarm.
Uninstalled Symantec Corporate edition and Veritas Backup Exec on the file server.
Changed out client network card with a known good card.
Uninstalled and reinstalled the wireless card and reconfigured the connection keys.
Edited the autodisconnect on the server.
removed the registry key that searches for scheduled tasks before opening files.
I put one machine on a hardwire to the network and had the same problems.
I think I did something with the SMB signing on the default domain policy, but cant remember for certain.
OTHER INFO
I have 2 errors in the Application log
1) userenv - event ID 1030 - this error appears in the logs of the clients that are not having problems as well. (windows cannot obtain the DC name...)
2) Autoenrollment - event id 15 - This error also appear sporadically around the nework in computer that work and other that dont.
I have run SAV, AdAware and spybot on all.
NOTE
All three computer can exercise full domain rights except for what is on DC2. They are properly locked out of files they do not have permissions for and let in to ones they do.
I am tired of working on this and need to move on to other things. ANY ideas are appreciated.
MY NETWORK
My servers are configured statically.
All clients are DHCP clients.
DNS and WINS are running internally.
SERVER SIDE
I have a network with two win2k domain controllers(DC1 and DC2).
DC 1 runs and SQL database.
I also have a third machine running win2K as a member server - not a DC. It is configured as a file and print server.
CLIENT SIDE
I have 25 clients - all running XP Pro.
All SPs are up to date.
5 are notebooks that connect wirelessly.(netgear wg511)
3 desktops connect wirelessly (Belkin 54g)
THE PROBLEM
This occurs on two wireless desktop and one wireless notebook. NONE OF THE OTHER CLIENTS EXHIBIT THIS PROBLEM.
These machines will not connect to mapped drives pointed to the file server, nor the printers. I can ping the file server from these machines with both ip address and name. I can ping these machines by name and IP from the file server.
ALL machines, including the problem ones, have Internet connectivity and can connect to shares and the SQL database in DC1, browse the network and connect to each other.
WHAT HAS BEEN DONE ALREADY
Enabled Netbios over tcp/ip
Disabled the use of simple file sharing on the clients
Disabled Opportunistic locking on the server
Checked that no firewalls are running on the clients or servers, including XP's firewall and Zonealarm.
Uninstalled Symantec Corporate edition and Veritas Backup Exec on the file server.
Changed out client network card with a known good card.
Uninstalled and reinstalled the wireless card and reconfigured the connection keys.
Edited the autodisconnect on the server.
removed the registry key that searches for scheduled tasks before opening files.
I put one machine on a hardwire to the network and had the same problems.
I think I did something with the SMB signing on the default domain policy, but cant remember for certain.
OTHER INFO
I have 2 errors in the Application log
1) userenv - event ID 1030 - this error appears in the logs of the clients that are not having problems as well. (windows cannot obtain the DC name...)
2) Autoenrollment - event id 15 - This error also appear sporadically around the nework in computer that work and other that dont.
I have run SAV, AdAware and spybot on all.
NOTE
All three computer can exercise full domain rights except for what is on DC2. They are properly locked out of files they do not have permissions for and let in to ones they do.
I am tired of working on this and need to move on to other things. ANY ideas are appreciated.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I had taken the steps recommended by matthew and lime earlier. Tried them together with a few differences and I have two of the machines working well. All still have the userenv error but not the autoenrollment.
I set the dns addresses statically only to my internal dns servers. (DHCP was assigning an external DNS server as a secondary.
Local Administrator log-on
Joined fake workgroup
restarted and logged on as local admin (computer in fake domain)
deleted computer account in AD
forced replication
rejoined computer to domain
restarted and logged in as local admin - comfirmed domain membership of computer(computer.domain.x
logged off as administrator and back on with domain account.
As I said, thi worked for 2 of them. With one desktop, during the time the machine held membership in the workgroup, I could browse all network shares, mapped drives and connect to all printers. EVEN THINGS THAT IT DID NOT HAVE PERMISSIONS FOR. When it was rejoined to the domain - it couldn't browse the network, reconnect network drives or use printers. I don't mind problems but I hate inconsistencies!