[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 307
  • Last Modified:

Win 2k and Win XP

I'm having a small problem with accessing a windows 2k computer from windows xp. I'm working on a medium sized LAN and all computers (bar one) are running XP. None of the XP machines can access the windows 2k computer, but yet the win 2k computer can access all the XP machines. When I try to access it via start->run and tying in "\\win2kcomp" I'm prompted for a user name and password. I enter the Admin name and password, and then get a message telling me I don't have permission to access it.

If I try navigating to it via My Network Places, I don't get asked for a password, I just get the message.

But yet, if I try access any computer from Windows 2k, I get access wothou being asked any passwords.

Networking isn't really my thing, so I would appreciate any help I can get.
Thanks
0
krispin
Asked:
krispin
  • 6
  • 5
  • 4
  • +1
2 Solutions
 
JoeCommented:
Is this on a domain or workgroup?
0
 
krispinAuthor Commented:
Some XP computers on the LAN are on a domain, others are in a workgroup. The Win2k computer is in the workgroup.

If I access an XP computer that's on the domain from the Win2K computer, I need a user name and password, otherwise, I can get straight in.

Accessing the Win2k computer from either a domain or workgroup computer yields the same result (username/password prompt, then the error message)
0
 
krispinAuthor Commented:
I have tried separating the physical networks out, in case there was some sort of conflict there (I plugged the cable out connecting the switch from the workgroup network to the switch from the domain network).

Obviously, I coulnd't access the domain computers from the Win2k computer now, and vice-versa, but the issue of the Win2k to Win XP computers in the workgroup remained
0
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

 
JoeCommented:
Ok, So if I understand you right most of your XP machines are on the domain and the 2000 machine is on a workgroup. Just a question is there a reason you are leaving the 2000 machine off of the domain? When accessing the domain from a machine that is in a workgroup you will need to supply a valid user of the domain that has rights to join it. When the box comes up to enter your user name and password type in domain\domain username - then the password.

Joe
0
 
krispinAuthor Commented:
There are the same number of XP machines off the domain (in the workgroup), as there are on the domain.

At the moment in time, I have removed the domain element, because I don't need to access these from the Win2K machine.

I still have a number of XP machines that are in the same workgroup (and subnet, etc.... I checked pinging) as the Win2k machine. The Win2k machine can access the XP machines fine. But the XP machines in the workgroup cannot access the Win2k machine. I get the prompt as above whether the XP machine is on the domain or not.

I'm not trying to access a machine on the domain from a machine off the domain. It's the other way around; accessing a machine off the domain from a machine on or off the domain.

But as I said, I have removed the domain element of the problem. Currently, I have 13 XP machines and one Win2k machine, all in a work group called "Workgroup". The Win2k machine can access the XP machines. The XP machines cannot access the Win2k machine. I get the prompt and the error if I try.
0
 
JoeCommented:
Have you tried to access the machine by IP address? \\ipaddressofthemachihne
0
 
krispinAuthor Commented:
Yeah, I get the exact same thing. Prompt for username and password, and then a message telling me I don't have permission.

It's obvious the problem is a security issue at the Win2k side, since it doesn't happen when ye try to access an XP machine.

There must be a setting or security policy or something set that is making Win2k reject any attempt at accessing it.

I'm just not overly versed in networking and even less versed in Win2k. The network engineers here can't figure it out either.

I can access it using IP bases applications, like telnet, ftp, and VNC. But I need to be able to access it via windows networking
0
 
JoeCommented:
Weed through the local security policies on the machine. Go to Control Panel > Administrative Tools > Local Security Policy.  Look under the local policies to see if anything is enabled.
0
 
HDatabase AdministratorCommented:
Hi
when you connect from the XP system to the windows system follow these steps


scenario#1
XP system on domain connecting to win2k system not on domain...You will get prompted for a usename and password...

Username will be:     " systemname\localcomputerusername "  IE if my system name is PC1 and username is user one I will type " pc1\user1 " in the username box.

password:  regualr Localaccount password...
0
 
krispinAuthor Commented:
That's exactly what I've been doing.
If I type in an incorrect username and password, the dialog box disappears for a moment and then reappears, prompting me to enter the username and password.

When I enter the correct username preceeded by "pcname\" the dialog disappears and a few seconds later I get a message saying something like "You do not have permission to access this network resource" which is why I think this is a security issue on the Win 2k machine.

If you read the above posts, I have also removed the domain element of the network for the time being. I'm currently using just XP machines and one Win 2K machine in a workgroup, but I still get the same problem.

-----------------------------------------------------------------------------
 JoeZ430

I've gone through the Local Security Policy and have been unable to find anything that would cause this
0
 
HDatabase AdministratorCommented:
so you have tried to create a local administrator account on the win2k machine?  And that is the one you are trying to login as?

Also since your not connecting from a domain anymore you do not need the machinename/username  just username...

Alos try logging the win2k machine in as the same local user on both machines and see if you can access it then?
0
 
krispinAuthor Commented:
Both the win xp machine and the win 2k machine are using the Administrator account. It's the only account that exists on either machine. I made the passwords identical just to be safe.

So I am trying to log on using the local Administrator account on the win 2k machine, yes.

>>Also since your not connecting from a domain anymore you do not need the machinename/username  just username...

The login doesn't work whether I use the machinename/username or just the username approach.

But it seems to me that the login is working since if I type in a wrong username and password combination, the login dialog box pops back up. I only get the error messages when I enter the correct username and password, which suggests the username and password is at least being validated, but win 2k just won't allow access after that.
0
 
HDatabase AdministratorCommented:
Does each machine only have one nic per machine?

Go to the properties of the netowrk cards on both machines.  What protocols are installed and which ones are checked?

0
 
HDatabase AdministratorCommented:
Hi
Can you try these steps for me and see what happens..

#1 Create a new share on the windows2k machine
#2 go to a command-line/dos prompt on the windows xp machin

#3 Type :

                   net use x: \\MachineName\Sharename /user:USERNAME password

Let me know if the maps a drive to the share or if it gives you and error..This may give us more detail on the issue..




0
 
HDatabase AdministratorCommented:
Also if the above does nothing...DO this as well

Create a new local user id on both machines and put them both in the administrators group on that machine..

on the xpmachine add this to the local administrator group  2kmachine/2kusername
on the win2k machine add this to the local administrator group xpmachinname/xpusername

..Make shure both machines are in the same workgroup.  Log both machines on with the new user accounts

TRy and connect useing the normal windows method and also try the net use method..

Let me know the results...

What I am trying to do if non of this works is narrow down were the issue is actaully located...
0
 
FriarTukCommented:
are these option in your local security policy on the w2k box, try A (if it doesn't work, chg it back & try B)

gpedit.msc - comp config - win sett - sec sett - loc pol - sec opt:
A)  Disable =0  "Accounts: Limit local account use of blank passwords to console login only."
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\limitblankpassworduse
   * This will permit network access without a password. The user's computer can boot directly to
     the Windows desktop, and be validated against the corresponding XP Professional user account, without a password.

B)  Disable =0  "Network Access: Do not allow anonymous enumeration of SAM accounts & share"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\restrictanonymous
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 6
  • 5
  • 4
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now