Solved

Can see shares on Win2k domain server but cannot connect

Posted on 2004-08-19
13
140 Views
Last Modified: 2010-04-14
We have a windows domain with Win2k and Win2k3 servers.  Everything has been working great except for one of server.  It is a Win2k server with Exchange 2003.  It is a domain controller.  It has been working fine till yesterday.

We can connect to Exchange server and printers are fine but we cannot connect to Shared Folders.  When you goto the server you can see the shares, but when you try to connect to them it brings up a login prompt.  It has never done that before.  None of the logins work, including Administrator account.  Once you click Ok it just brings the Login prompt back up again.  If you try to connect from a 2k3 server it says access denied.

Nothing has changed on the server so I am not sure what happened.  Can anyone help?

Thanks,

Rick
0
Comment
Question by:rmarfil
  • 6
  • 5
13 Comments
 
LVL 9

Expert Comment

by:jdeclue
ID: 11846435
If nothing has truly changed, and this is an Exchange 2003 server, you may have a serious issue. If this machine has direct connections to it from the internet for SMTP etc, I would be concerned that the box has been "owned". Do you have SMTP servers in a DMZ passing mail back and forth or are you opening ports directly to the Exchange Server?

0
 

Author Comment

by:rmarfil
ID: 11846532
This is an internal server only.  Does not use a public IP and is behind a firewall.

Something kinda of weird.  I rebooted my workstation and I was able to connect to shares.  I went to another workstation and cannot.  I rebooted it and still could not.  I came back to my workstation where it was just working and rebooted.  Now I cannot connect again.

I went to a 3rd workstation that already had mappings to the server and they are working.  If I try to connect to server I get login prompt, if I try to map a new drive I get login prompt.  What the hell.  But the pre-existing mappings are working.

All workstations are XP with SP1.
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11846586
How many people is this happening to, it is starting to sound like a credentials issue?

J
0
 

Author Comment

by:rmarfil
ID: 11852081
It's doing it with all workstations now.  I'm stumped.  Can't find anything on the net with this problem either.  Other domain controllers cannot connect to it either.
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11852404
Was this machine taken out of the Domain Contollers OU in Active Directory?

J
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:rmarfil
ID: 11874937
Kinda figured it out.  This is what all the DC's are set at for the below keys.  All the servers can connect to \\localdomain\Sysvol

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters

enablesecuritysignature 0x1
requiresecuritysignature 0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\parameters

enablesecuritysignature 0x1
requiresecuritysignature 0x0


The workstations are set to below keys.  With the below settings the workstations cannot connect to \\localdomain\Sysvol or to \\server-backup\sysvol which is the exchange server.  They have always been set this way and have never had a problem.  I changed the lanserver parameters to both 0x1 and now any workstation with this changed setting can connect to \\localdomain\sysvol and \\server-backup\sysvol.  Just enablesecuritysignature being enabled under lanmanserver does not work.  I have to enable requiresecuritysignature as well.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters

enablesecuritysignature 0x0
requiresecuritysignature 0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\parameters

enablesecuritysignature 0x1
requiresecuritysignature 0x0

0
 

Author Comment

by:rmarfil
ID: 11874985
So does anyone know what might have happened that I now have to change these settings on my workstations registry for them to be able to connect \\localdomain\Sysvol and to \\server-backup\Sysvol?

We have 3 other DC's as well which workstations can connect to fine.

With original settings all workstations can connect to:

\\server-rnd\sysvol
\\server-office\sysvol
\\server-raid\sysvol

Workstations cannot connect to:

\\server-backup\sysvol
\\localdomain\sysvol

When I change the settings in registry workstations can connect to all DC sysvols and localdomain sysvol.
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11875000
Hmmm... credentials. By default the Domain Controllers support LM, NTLM and NTLMv2.  Only two things can typically make this happen, on is by Removing the Domain Controller from the Domain Contoller OU, the other is to use Group Policy to change the authentication level of the workstations. Did either of those occur.

J
0
 

Author Comment

by:rmarfil
ID: 11875148
Have not removed any Domain Controllers and have not changed policy's.  Only thing that has happened recently is a new server was added to the Domain Contoller OU.  Which was server-raid.  About 3 weeks after this is when I started having this problem.  So for 3 weeks everything was working great with the current setup.  Workstations could connect to all server sysvols with no problems.  

Then they could connect to all servers except \\server-backup.  You could still use the printers and exchange on server-backup but you could not connect to shares or sysvol.

\\server-office = Win2k Server
\\server-backup = Win2k Server with Exchange Server 2003
\\server-raid = Win2003 Server
\\server-rnd= Win2k Server
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11875196
OK... is there any group policies at the root of your Domain, and if not, has anyone made changes to the Default Policy.

More on the Domain Controllers OU. When a server has Active Directory installed on it, it is automatically put in the Domain Controllers OU. That OU has the Default Domain Controller Policy applied to it. Servers should never be put into the OU and servers should not be removed from this OU. Make sure this is the case.

J
0
 
LVL 9

Accepted Solution

by:
jdeclue earned 500 total points
ID: 12363048
My points
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
HOW TO: Connect to the VMware vSphere Hypervisor 6.5 (ESXi 6.5) using the vSphere (HTML5 Web) Host Client 6.5, and perform a simple configuration task of adding a new VMFS 6 datastore.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now