XP Pro to Win2K server - can ping but can't access network shares.

Posted on 2004-08-19
Last Modified: 2010-08-05
OK. I have been browsing answers for a week and need to just write this out.

My servers are configured statically.
All clients are DHCP clients.
DNS and WINS are running internally.

I have a network with two win2k domain controllers(DC1 and DC2).
DC 1 runs and SQL database.

 I also have a third machine running win2K as a member server - not a DC. It is configured as a file and print server.

I have 25 clients - all running XP Pro.
All SPs are up to date.
5 are notebooks that connect wirelessly.(netgear wg511)
3 desktops connect wirelessly (Belkin 54g)

This occurs on two wireless desktop and one wireless notebook. NONE OF THE OTHER CLIENTS EXHIBIT THIS PROBLEM.

These machines will not connect to mapped drives pointed to the file server, nor the printers. I can ping the file server from these machines with both ip address and name. I can ping these machines by name and IP from the file server.

ALL machines, including the problem ones, have Internet connectivity and can connect to shares and the SQL database in DC1, browse the network and connect to each other.

Enabled Netbios over tcp/ip
Disabled the use of simple file sharing on the clients
Disabled Opportunistic locking on the server
Checked that no firewalls are running on the clients or servers, including XP's firewall and Zonealarm.
Uninstalled Symantec Corporate edition and Veritas Backup Exec on the file server.
Changed out client network card with a known good card.
Uninstalled and reinstalled the wireless card and reconfigured the connection keys.
Edited the autodisconnect on the server.
removed the registry key that searches for scheduled tasks before opening files.
I put one machine on a hardwire to the network and had the same problems.

I think I did something with the SMB signing on the default domain policy, but cant remember for certain.

I have 2 errors in the Application log

1) userenv - event ID 1030 - this error appears in the logs of the clients that are not having problems as well. (windows cannot obtain the DC name...)

2) Autoenrollment - event id 15 - This error also appear sporadically around the nework in computer that work and other that dont.

I have run SAV, AdAware and spybot on all.

All three computer can exercise full domain rights except for what is on DC2. They are properly locked out of files they do not have permissions for and let in to ones they do.

I am tired of working on this and need to move on to other things. ANY ideas are appreciated.
Question by:Broadcaster
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Assisted Solution

MatthewWilliams earned 250 total points
ID: 11843093
I'm thinking this sounds like a DNS issue. Run IPCONFIG /ALL on working and non-working machines to see if their DNS settings are any different. If the machines are going to the Internet for DNS instead of to your DCs they will not be able to resolve the DCs addresses and may have some trouble getting to resources.

Accepted Solution

LimeSMJ earned 250 total points
ID: 11843217
Try removing the three machines from the domain (put them in a temporary workgroup).  Go into your PDC and delete the computer accounts in AD.  Force an AD sync between your DCs.

Add them again but use different computer names.  If all goes well, they should be added to your domain again.

See if you can access the shares and the printers now.

If that doesn't work, look at this :

Author Comment

ID: 11852215
Thanks for the link lime - that was the disabling of SMB I did.

I had taken the steps recommended by matthew and lime earlier. Tried them together with a few differences and I have two of the machines working well. All still have the userenv error but not the autoenrollment.

I set the dns addresses statically only to my internal dns servers. (DHCP was assigning an external DNS server as a secondary.

Local Administrator log-on
Joined fake workgroup
restarted and logged on as local admin (computer in fake domain)
deleted computer account in AD
forced replication
rejoined computer to domain
restarted and logged in as local admin - comfirmed domain membership of computer(
logged off as administrator and back on with domain account.

As I said, thi worked for 2 of them. With one desktop, during the time the machine held membership in the workgroup, I could browse all network shares, mapped drives and connect to all printers. EVEN THINGS THAT IT DID NOT HAVE PERMISSIONS FOR. When it was rejoined to the domain - it couldn't browse the network, reconnect network drives or use printers. I don't mind problems but I hate inconsistencies!

Featured Post

Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Suggested Courses

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question