Solved

Cannot access server shares or join workstation to domain

Posted on 2006-06-21
17
3,892 Views
Last Modified: 2011-09-20
Experts,

I have completed the process of migrating SBS 2003 to a new server. It has the same server name, domain name, and IP address of the old server. The new server is running on an isolated hub for testing purposes. I have connected a couple of workstations to the hub and Exchange seems to be working fine. My problem is the workstations cannot browse or map a drive to the new servers shares. I keep getting a login prompt. Have tried all logins including administrator and domain admin. If I right click on the servername in Explorer I get "You do not have appropriate access rights to this server". I decided to remove and then re-join the workstation to the domain. When trying to join back to the domain I get an "access denied" error. Any help would be greatly appreciated. Thanks.

Steve
0
Comment
Question by:sirvodka
  • 9
  • 4
  • 2
  • +1
17 Comments
 
LVL 13

Expert Comment

by:Kini pradeep
ID: 16955023
what about window firewall. Is it enabled.
what credentials are you using.
what about the default gp "add w/s to the domain"
what error is reported in the eventvwr ?
0
 

Author Comment

by:sirvodka
ID: 16955403
kprad,

>>what about window firewall. Is it enabled
disabled on server, enabled on workstation

>>what credentials are you using
I'm assuming by credentials you mean username/password. I have tried mine(domain admin) and the administrator

>>what about the default gp "add w/s to the domain"
Authenticated Users

>>what error is reported in the eventvwr ?
I assume you want eventviewer on the server.

APPLICATION
Event Type:      Error
Event Source:      MSExchangeTransport
Event Category:      Routing Engine/Service
Event ID:      929
Date:            6/14/2006
Time:            12:37:01 PM
User:            N/A
Computer:      ---
Description:
Failed in reading Connector's DS Info Process Id: 1712 Process location:
C:\WINDOWS\system32\inetsrv\inetinfo.exe ConnectorDN: CN=SmallBusiness SMTP
connector,CN=Connections,CN=first routing group,CN=Routing Groups,CN=first
administrative group,CN=Administrative Groups,CN=(server),CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=Exotic,DC=local Hr:80040920
Attribute:[]


Event Type:      Warning
Event Source:      WinMgmt
Event Category:      None
Event ID:      5603
Date:            6/21/2006
Time:            9:26:24 AM
User:            NT AUTHORITY\SYSTEM
Computer:      SHEPSBS
Description:
A provider, PerfProv, has been registered in the WMI namespace,
ROOT\CIMV2\MicrosoftHealthMonitor\PerfMon, but did not specify the
HostingModel property.  This provider will be run using the LocalSystem account.  
This account is privileged and the provider may cause a security violation
if it does not correctly impersonate user requests.  Ensure that provider has
been reviewed for security behavior and update the HostingModel property
of the provider registration to an account with the least privileges possible for the required functionality.  

SYSTEM
Event Type:      Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5722
Date:            6/21/2006
Time:            2:40:41 PM
User:            N/A
Computer:      SHEPSBS
Description:
The session setup from the computer TRAIN02 failed to authenticate.
The name(s) of the account(s) referenced in the security database is TRAIN02$.  
The following error occurred:
Access is denied.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 22 00 00 c0               "..À    


Event Type:      Error
Event Source:      Kerberos
Event Category:      None
Event ID:      4
Date:            6/21/2006
Time:            2:35:44 PM
User:            N/A
Computer:      SHEPSBS
Description:
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server TRAIN02$.  
The target name used was cifs/Train02. This indicates that the password used
to encrypt the kerberos service ticket is different than that on the target server.
Commonly, this is due to identically named  machine accounts in the target
realm (SHEPHERDDATA.LOCAL), and the client realm.   Please contact your system administrator.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Train02 is the workstation I was trying to join to the domain. Thanks.

Steve
0
 
LVL 51

Expert Comment

by:Netman66
ID: 16955500
Since the new server is really a new domain (even if named the same) as the Domain SID is completely different, you will have to rejoin all workstations to the domain.

In SBS, you use the Wizards, then http://servername/connectcomputer (where servername is your server's name).

0
 

Author Comment

by:sirvodka
ID: 16955549
I forgot to mention this in my original post.
I did try http://servername/connectcomputer and got the following error.
"You are not authorized to view this page"
0
 

Author Comment

by:sirvodka
ID: 16961398
Just a quick update.

I was able to resolve the /computerconnect "not authorized" error by fixing the IWAM and IUSER passwords but of course it created another issue.

Now I get a "an error occured when configuring network settings" error after clicking finish.

0
 

Author Comment

by:sirvodka
ID: 16961690
Another quick update.

After renaming the PC I was able to join it to the domain through /computerconnect and it was now able to browse the server.

I removed it from the domain again, named it back to the original name, and was able to join the domain through /computerconnect and browse the server.

Will it be necessary to do this on all the workstations and how will this affect my user profiles?

Thanks
0
 
LVL 51

Expert Comment

by:Netman66
ID: 16961741
It shouldn't be - however, I can't state that with any certainty.

You'll have to attack each PC on a case-by-case basis.

Your profiles will remain on the PC, however they may not be used for the new domain - that part you will need to test.

0
 

Author Comment

by:sirvodka
ID: 16962295
Along with the previously stated problems I am also getting the following Application Event Errors. Can anyone help me with these? Thanks

Event Type:      Error
Event Source:      MSExchangeTransport
Event Category:      Routing Engine/Service
Event ID:      929
Date:            6/22/2006
Time:            12:38:30 PM
User:            N/A
Computer:      SHEPSBS
Description:
Failed in reading Connector's DS Info Process Id: 1572 Process location: C:\WINDOWS\system32\inetsrv\inetinfo.exe ConnectorDN: CN=SmallBusiness SMTP connector,CN=Connections,CN=first routing group,CN=Routing Groups,CN=first administrative group,CN=Administrative Groups,CN=SHEPHERDDATA,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=shepherddata,DC=local Hr:80040920 Attribute:[]

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type:      Warning
Event Source:      Perflib
Event Category:      None
Event ID:      2003
Date:            6/22/2006
Time:            10:37:44 AM
User:            N/A
Computer:      SHEPSBS
Description:
The configuration information of the performance library "C:\WINDOWS\system32\inetsrv\w3ctrs.dll" for the "W3SVC" service does not match the trusted performance library information stored in the registry. The functions in this library will not be treated as trusted.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type:      Warning
Event Source:      Perflib
Event Category:      None
Event ID:      1016
Date:            6/22/2006
Time:            10:37:19 AM
User:            N/A
Computer:      SHEPSBS
Description:
The data buffer created for the "MSExchangeIS" service in the "C:\Program Files\Exchsrvr\bin\mdbperf.dll" library is not aligned on an 8-byte boundary. This may cause problems for applications that are trying to read the performance data buffer. Contact the manufacturer of this library or service to have this problem corrected or to get a newer version of this library.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 80 c9 84 00 fc 2b 00 00   ?É?.ü+..


Event Type:      Warning
Event Source:      WinMgmt
Event Category:      None
Event ID:      5603
Date:            6/22/2006
Time:            10:37:16 AM
User:            NT AUTHORITY\SYSTEM
Computer:      SHEPSBS
Description:
A provider, PerfProv, has been registered in the WMI namespace, ROOT\CIMV2\MicrosoftHealthMonitor\PerfMon, but did not specify the HostingModel property.  This provider will be run using the LocalSystem account.  This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.  Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.  

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 16968758
What methodology did you use to originally migrate to the SBS?  I have a feeling that you may have a very faulty implementation which would require a complete reinstallation.  There is good documentation for making these moves... but it has to be followed with SBS because of SBS's pre-configured nature.

Jeff
TechSoEasy
0
 

Author Comment

by:sirvodka
ID: 16968912
I used the Swing Migration method and have been struggling with problems for 3 weeks. At this point I am just going to do a fresh install and forget about the migration. I have no more time to spend on troubleshooting the issues. Is seems once I fix one another pops up. Thanks to everyone for their help.

Steve
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16971121
Your struggles, I would think, have come from making manual configurations before you have everything working.  SBS really MUST be configured with the wizards.  

If you run into any problems, don't try to fix things the "normal" server 2003 way... make sure it's an SBS way... because it's easy to break one thing by fixing another.  I mention that again because of your comment about " fixing the IWAM and IUSER passwords ".

Definitely start with this:  http://sbsurl.com/start

Jeff
TechSoEasy
0
 

Author Comment

by:sirvodka
ID: 16971263
I would only run the fixes when directed to by Jeff. Anyway, I have shelved the migration idea and am reloading from scratch. So far all is well except I have a corrupted system event log. What would be the best way to fix this. Thanks.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16971634
ahh... milking the question for another topic!  okay, you win...

Did you happen to run windows updates before completing the To-Do list?  I know it tells you to on screen, but you shouldn't.  If you have... you need to start over.  Sorry.

FYI... legend has it that it takes a minimum of three sbs installs before one gets it right... (it took me 4).

Jeff
TechSoEasy
0
 

Author Comment

by:sirvodka
ID: 16971824
I love milk!

Anyway, I'll take what I can get at this point.

I also did about 4 installs setting up my current online server.

What part of the TO-DO list are you referring to?
I did run the CEICW first, then all the service pack updates that come with SBS 2003 SP1, Exchange SP2, and then windows update.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16971880
That's the problem... do ALL of the to-do list, such as adding users, computers, configure fax, configure monitoring, configure backup.

If you want a really good book (one that I follow each time I install... even after more than 50 installations) check out http://sbsurl.com/best

Jeff
TechSoEasy
0
 

Author Comment

by:sirvodka
ID: 16971909
Thanks. I'll reinstall.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Written by Glen Knight (demazter) as part of a series of how-to articles. Introduction One of the biggest consumers of disk space with Small Business Server 2008(SBS) is Windows Server Update Services, more affectionately known as WSUS. For t…
Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now