Solved

Cannot access server shares or join workstation to domain

Posted on 2006-06-21
17
3,896 Views
Last Modified: 2011-09-20
Experts,

I have completed the process of migrating SBS 2003 to a new server. It has the same server name, domain name, and IP address of the old server. The new server is running on an isolated hub for testing purposes. I have connected a couple of workstations to the hub and Exchange seems to be working fine. My problem is the workstations cannot browse or map a drive to the new servers shares. I keep getting a login prompt. Have tried all logins including administrator and domain admin. If I right click on the servername in Explorer I get "You do not have appropriate access rights to this server". I decided to remove and then re-join the workstation to the domain. When trying to join back to the domain I get an "access denied" error. Any help would be greatly appreciated. Thanks.

Steve
0
Comment
Question by:sirvodka
  • 9
  • 4
  • 2
  • +1
17 Comments
 
LVL 13

Expert Comment

by:Kini pradeep
ID: 16955023
what about window firewall. Is it enabled.
what credentials are you using.
what about the default gp "add w/s to the domain"
what error is reported in the eventvwr ?
0
 

Author Comment

by:sirvodka
ID: 16955403
kprad,

>>what about window firewall. Is it enabled
disabled on server, enabled on workstation

>>what credentials are you using
I'm assuming by credentials you mean username/password. I have tried mine(domain admin) and the administrator

>>what about the default gp "add w/s to the domain"
Authenticated Users

>>what error is reported in the eventvwr ?
I assume you want eventviewer on the server.

APPLICATION
Event Type:      Error
Event Source:      MSExchangeTransport
Event Category:      Routing Engine/Service
Event ID:      929
Date:            6/14/2006
Time:            12:37:01 PM
User:            N/A
Computer:      ---
Description:
Failed in reading Connector's DS Info Process Id: 1712 Process location:
C:\WINDOWS\system32\inetsrv\inetinfo.exe ConnectorDN: CN=SmallBusiness SMTP
connector,CN=Connections,CN=first routing group,CN=Routing Groups,CN=first
administrative group,CN=Administrative Groups,CN=(server),CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=Exotic,DC=local Hr:80040920
Attribute:[]


Event Type:      Warning
Event Source:      WinMgmt
Event Category:      None
Event ID:      5603
Date:            6/21/2006
Time:            9:26:24 AM
User:            NT AUTHORITY\SYSTEM
Computer:      SHEPSBS
Description:
A provider, PerfProv, has been registered in the WMI namespace,
ROOT\CIMV2\MicrosoftHealthMonitor\PerfMon, but did not specify the
HostingModel property.  This provider will be run using the LocalSystem account.  
This account is privileged and the provider may cause a security violation
if it does not correctly impersonate user requests.  Ensure that provider has
been reviewed for security behavior and update the HostingModel property
of the provider registration to an account with the least privileges possible for the required functionality.  

SYSTEM
Event Type:      Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5722
Date:            6/21/2006
Time:            2:40:41 PM
User:            N/A
Computer:      SHEPSBS
Description:
The session setup from the computer TRAIN02 failed to authenticate.
The name(s) of the account(s) referenced in the security database is TRAIN02$.  
The following error occurred:
Access is denied.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 22 00 00 c0               "..À    


Event Type:      Error
Event Source:      Kerberos
Event Category:      None
Event ID:      4
Date:            6/21/2006
Time:            2:35:44 PM
User:            N/A
Computer:      SHEPSBS
Description:
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server TRAIN02$.  
The target name used was cifs/Train02. This indicates that the password used
to encrypt the kerberos service ticket is different than that on the target server.
Commonly, this is due to identically named  machine accounts in the target
realm (SHEPHERDDATA.LOCAL), and the client realm.   Please contact your system administrator.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Train02 is the workstation I was trying to join to the domain. Thanks.

Steve
0
 
LVL 51

Expert Comment

by:Netman66
ID: 16955500
Since the new server is really a new domain (even if named the same) as the Domain SID is completely different, you will have to rejoin all workstations to the domain.

In SBS, you use the Wizards, then http://servername/connectcomputer (where servername is your server's name).

0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:sirvodka
ID: 16955549
I forgot to mention this in my original post.
I did try http://servername/connectcomputer and got the following error.
"You are not authorized to view this page"
0
 

Author Comment

by:sirvodka
ID: 16961398
Just a quick update.

I was able to resolve the /computerconnect "not authorized" error by fixing the IWAM and IUSER passwords but of course it created another issue.

Now I get a "an error occured when configuring network settings" error after clicking finish.

0
 

Author Comment

by:sirvodka
ID: 16961690
Another quick update.

After renaming the PC I was able to join it to the domain through /computerconnect and it was now able to browse the server.

I removed it from the domain again, named it back to the original name, and was able to join the domain through /computerconnect and browse the server.

Will it be necessary to do this on all the workstations and how will this affect my user profiles?

Thanks
0
 
LVL 51

Expert Comment

by:Netman66
ID: 16961741
It shouldn't be - however, I can't state that with any certainty.

You'll have to attack each PC on a case-by-case basis.

Your profiles will remain on the PC, however they may not be used for the new domain - that part you will need to test.

0
 

Author Comment

by:sirvodka
ID: 16962295
Along with the previously stated problems I am also getting the following Application Event Errors. Can anyone help me with these? Thanks

Event Type:      Error
Event Source:      MSExchangeTransport
Event Category:      Routing Engine/Service
Event ID:      929
Date:            6/22/2006
Time:            12:38:30 PM
User:            N/A
Computer:      SHEPSBS
Description:
Failed in reading Connector's DS Info Process Id: 1572 Process location: C:\WINDOWS\system32\inetsrv\inetinfo.exe ConnectorDN: CN=SmallBusiness SMTP connector,CN=Connections,CN=first routing group,CN=Routing Groups,CN=first administrative group,CN=Administrative Groups,CN=SHEPHERDDATA,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=shepherddata,DC=local Hr:80040920 Attribute:[]

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type:      Warning
Event Source:      Perflib
Event Category:      None
Event ID:      2003
Date:            6/22/2006
Time:            10:37:44 AM
User:            N/A
Computer:      SHEPSBS
Description:
The configuration information of the performance library "C:\WINDOWS\system32\inetsrv\w3ctrs.dll" for the "W3SVC" service does not match the trusted performance library information stored in the registry. The functions in this library will not be treated as trusted.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type:      Warning
Event Source:      Perflib
Event Category:      None
Event ID:      1016
Date:            6/22/2006
Time:            10:37:19 AM
User:            N/A
Computer:      SHEPSBS
Description:
The data buffer created for the "MSExchangeIS" service in the "C:\Program Files\Exchsrvr\bin\mdbperf.dll" library is not aligned on an 8-byte boundary. This may cause problems for applications that are trying to read the performance data buffer. Contact the manufacturer of this library or service to have this problem corrected or to get a newer version of this library.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 80 c9 84 00 fc 2b 00 00   ?É?.ü+..


Event Type:      Warning
Event Source:      WinMgmt
Event Category:      None
Event ID:      5603
Date:            6/22/2006
Time:            10:37:16 AM
User:            NT AUTHORITY\SYSTEM
Computer:      SHEPSBS
Description:
A provider, PerfProv, has been registered in the WMI namespace, ROOT\CIMV2\MicrosoftHealthMonitor\PerfMon, but did not specify the HostingModel property.  This provider will be run using the LocalSystem account.  This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.  Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.  

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 16968758
What methodology did you use to originally migrate to the SBS?  I have a feeling that you may have a very faulty implementation which would require a complete reinstallation.  There is good documentation for making these moves... but it has to be followed with SBS because of SBS's pre-configured nature.

Jeff
TechSoEasy
0
 

Author Comment

by:sirvodka
ID: 16968912
I used the Swing Migration method and have been struggling with problems for 3 weeks. At this point I am just going to do a fresh install and forget about the migration. I have no more time to spend on troubleshooting the issues. Is seems once I fix one another pops up. Thanks to everyone for their help.

Steve
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16971121
Your struggles, I would think, have come from making manual configurations before you have everything working.  SBS really MUST be configured with the wizards.  

If you run into any problems, don't try to fix things the "normal" server 2003 way... make sure it's an SBS way... because it's easy to break one thing by fixing another.  I mention that again because of your comment about " fixing the IWAM and IUSER passwords ".

Definitely start with this:  http://sbsurl.com/start

Jeff
TechSoEasy
0
 

Author Comment

by:sirvodka
ID: 16971263
I would only run the fixes when directed to by Jeff. Anyway, I have shelved the migration idea and am reloading from scratch. So far all is well except I have a corrupted system event log. What would be the best way to fix this. Thanks.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16971634
ahh... milking the question for another topic!  okay, you win...

Did you happen to run windows updates before completing the To-Do list?  I know it tells you to on screen, but you shouldn't.  If you have... you need to start over.  Sorry.

FYI... legend has it that it takes a minimum of three sbs installs before one gets it right... (it took me 4).

Jeff
TechSoEasy
0
 

Author Comment

by:sirvodka
ID: 16971824
I love milk!

Anyway, I'll take what I can get at this point.

I also did about 4 installs setting up my current online server.

What part of the TO-DO list are you referring to?
I did run the CEICW first, then all the service pack updates that come with SBS 2003 SP1, Exchange SP2, and then windows update.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16971880
That's the problem... do ALL of the to-do list, such as adding users, computers, configure fax, configure monitoring, configure backup.

If you want a really good book (one that I follow each time I install... even after more than 50 installations) check out http://sbsurl.com/best

Jeff
TechSoEasy
0
 

Author Comment

by:sirvodka
ID: 16971909
Thanks. I'll reinstall.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question