Windows client can't acces share on 2003 DC server
Hello Everybody,
i need some Help :
I've two network, A and B, linked by a cisco VPN.
Network A contains :
- A server W2003 DC file server, GC, DNS
- W2000 and WXP clients
Network B contains :
- 1 W200 client
- 1 printer
The network settings have been verifyed many times ( DNS, IP, ...)
"A" cleints are able to access any shares on other A clients, on the DC, on B client. they can print by IP (port of the printer), to the B printer.
DC can access any share on B client, Browse the B printer config, telent B printer port 9100, etc..
But when i try to print from DC to B printer adress, as the A workstations, the job hangs, and restarts, and hangs, and restarts, with long time delay before each hang and each restart.
The same way, when i'm trying on the DC to install the shared B printer on the DC, error after 30 seconds.
From the other side, B client can't browse the DC, but can browse each other A clients, access their shares, etc. The only shares that B can browse on the DC are SYSVOL and NETLOGON
The B client isn't able to have a terminal service session to the DC. Not the uthentication, just when i give the name of the DC, or it's IP address, the RDP client says me Unable to find, after some seconds.
I'm able to open a VNC connexion to the DC, but as soon as the VNC session is authenticated the screen keeps grayed (no graphic is coming to the client session)
In the B client's eventviewer, I see some errors :
- 5788 and 5789 ... HOST DNS update.... time delayed , no response.... This errors seems to be discussed only about access error, or permissions , on the net, but that's not what I have for errors.
- And error that says that the strategy couldn't be fully retrieved. error 0.
The logon script executes well, indicates that the "Net use" finished succssfully. The drives appears in the explorer, but as soon as i'm trying to browse them, it's hanging three minutes, ant then i have a message that say's something like that "drive could not be mapped, it already exists", and sometimes an other error "the rpc server could not be contacted" or "The server service is not started".
I've have tried with another client, that i've put in the B network. That was my laptop. I didn't integrate it in the domain but i tested share browsing and terminal services to the DC. The same error appears ( for share browsing, of course i had to enter authetication credentials)
I tried to disjoin the client from domain, rename it, rejoin it. Not better.
I updated at max server and client, not better.
I had the network enginers to delete every filter in the cisco routers in order to be sure that everithing is going through without problem.
I tried to monitor client authentication, on the DC side, everithing seems OK : no error, also with full audit enabled.
I don't know how to continue my investigations.
Has someone ideas ?
thanks a lot
i need some Help :
I've two network, A and B, linked by a cisco VPN.
Network A contains :
- A server W2003 DC file server, GC, DNS
- W2000 and WXP clients
Network B contains :
- 1 W200 client
- 1 printer
The network settings have been verifyed many times ( DNS, IP, ...)
"A" cleints are able to access any shares on other A clients, on the DC, on B client. they can print by IP (port of the printer), to the B printer.
DC can access any share on B client, Browse the B printer config, telent B printer port 9100, etc..
But when i try to print from DC to B printer adress, as the A workstations, the job hangs, and restarts, and hangs, and restarts, with long time delay before each hang and each restart.
The same way, when i'm trying on the DC to install the shared B printer on the DC, error after 30 seconds.
From the other side, B client can't browse the DC, but can browse each other A clients, access their shares, etc. The only shares that B can browse on the DC are SYSVOL and NETLOGON
The B client isn't able to have a terminal service session to the DC. Not the uthentication, just when i give the name of the DC, or it's IP address, the RDP client says me Unable to find, after some seconds.
I'm able to open a VNC connexion to the DC, but as soon as the VNC session is authenticated the screen keeps grayed (no graphic is coming to the client session)
In the B client's eventviewer, I see some errors :
- 5788 and 5789 ... HOST DNS update.... time delayed , no response.... This errors seems to be discussed only about access error, or permissions , on the net, but that's not what I have for errors.
- And error that says that the strategy couldn't be fully retrieved. error 0.
The logon script executes well, indicates that the "Net use" finished succssfully. The drives appears in the explorer, but as soon as i'm trying to browse them, it's hanging three minutes, ant then i have a message that say's something like that "drive could not be mapped, it already exists", and sometimes an other error "the rpc server could not be contacted" or "The server service is not started".
I've have tried with another client, that i've put in the B network. That was my laptop. I didn't integrate it in the domain but i tested share browsing and terminal services to the DC. The same error appears ( for share browsing, of course i had to enter authetication credentials)
I tried to disjoin the client from domain, rename it, rejoin it. Not better.
I updated at max server and client, not better.
I had the network enginers to delete every filter in the cisco routers in order to be sure that everithing is going through without problem.
I tried to monitor client authentication, on the DC side, everithing seems OK : no error, also with full audit enabled.
I don't know how to continue my investigations.
Has someone ideas ?
thanks a lot
ASKER
I don't think, because alle traffic between the two network subnets is suposed to go through a VPN tunnel, but i will have a look again (heu.. the cisco engineer wil have a look again :) )
thx
thx
You can use TELNET to ping by specific Port. This is a good test to see if you ports are open...
Example:
• I first try to connect to www.lycos.com without specifying a port number (The result is that I could not connect to the host on the default Telnet PORT 23)
Welcome to Microsoft Telnet Client
Escape Character is 'CTRL+]'
Microsoft Telnet> o
( to ) www.lycos.com
Connecting To www.lycos.com...Could not open connection to the host, on port 23:
Connect failed
Microsoft Telnet>
• Then I try to specify a PORT number and connect to www.lycos.com. In this example, I choose PORT 80 because I know lycos.com server is a web server communicating on port 80.
Microsoft Telnet> o
( to ) www.lycos.com 80
Example:
• I first try to connect to www.lycos.com without specifying a port number (The result is that I could not connect to the host on the default Telnet PORT 23)
Welcome to Microsoft Telnet Client
Escape Character is 'CTRL+]'
Microsoft Telnet> o
( to ) www.lycos.com
Connecting To www.lycos.com...Could not open connection to the host, on port 23:
Connect failed
Microsoft Telnet>
• Then I try to specify a PORT number and connect to www.lycos.com. In this example, I choose PORT 80 because I know lycos.com server is a web server communicating on port 80.
Microsoft Telnet> o
( to ) www.lycos.com 80
ASKER
Hello,
nothing wrong with ports connections
But i have noticed something else : from network B, when I trie to TSE another server in network A, it can communicate to the server, open's a window with the login background, but the session does'nt come to the login window. After a time, it gaves me an error , the server does not respond.
Same way, some internet sites does'nt work ( microsoft.com, microsoft.fr, and other), from any host on network B, whereas in network A it's all ok.
nothing wrong with ports connections
But i have noticed something else : from network B, when I trie to TSE another server in network A, it can communicate to the server, open's a window with the login background, but the session does'nt come to the login window. After a time, it gaves me an error , the server does not respond.
Same way, some internet sites does'nt work ( microsoft.com, microsoft.fr, and other), from any host on network B, whereas in network A it's all ok.
ASKER
nothing new.
has anyone another idea ?
has anyone another idea ?
ASKER
NEW NEW NEW
I said that the clients in network A are able to print to the printer in network B.
That's right, but i noticd something strange this morning :
When i spool a document to the printer, the printer receives immediately this document
When I spool a second document after the first, the printer receives this document only 95 seconds exactly after I spooled IT. When i'm waiting 95 seconds before spooling my second document, the printer receives the document immediately...
I said that the clients in network A are able to print to the printer in network B.
That's right, but i noticd something strange this morning :
When i spool a document to the printer, the printer receives immediately this document
When I spool a second document after the first, the printer receives this document only 95 seconds exactly after I spooled IT. When i'm waiting 95 seconds before spooling my second document, the printer receives the document immediately...
ASKER
Hello ! I found the problem. I had to add this command on the interface of the routers : ip tcp adjust-mss 1300
It worked immediately.
It's a firend cisco enginner that found it.
It worked immediately.
It's a firend cisco enginner that found it.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I would guess there is a firewall blocking the IP print port here: Here is a listing of ports...
http://www.chebucto.ns.ca/~rakerman/port-table.html