Solved

Cannot access C$ or Admin$ on some computers but can on others.

Posted on 2008-06-11
20
2,460 Views
Last Modified: 2013-12-09
Cannot access C$ or Admin$ on some computers but can on others.  All computers are part of the same domain, same OU, same GP's.  Some computers are XP and some are Vista, however I have had success and problems on both OS's.  All users computers are configured the same, and I am logged in from the DC trying to run: \\<computer name>\C$  .... some will work and others will not.   Again, the PC's should be configed the same, the firewalls are completely off, no antivirus (this issue spawned from trying to install symantec endpoint clients from the deployment wizard to all computers) Windows defender is off, Network Discovery is on (on Vista machines) Simple file sharing is off.  

I am a local admin by being a member of Domain Admin, which is set as a admin on every local computer.  

Any thoughts?

0
Comment
Question by:tgrizzel
  • 9
  • 4
  • 4
  • +2
20 Comments
 
LVL 3

Expert Comment

by:Trivious
Comment Utility
I had this issue with Symantec Endpoint Protection when it was first released. I had to uninstall it and reinstall it to get it to shake loose. It may say off, but it still blocks stuff. Make sure that the check boxes under network threat protection are all unchecked as well. This will help you to diagnose it.
0
 

Author Comment

by:tgrizzel
Comment Utility
Actually I should clarify a bit more:

I have been using Symantec just fine with local installs up unitl this point.  I have now manually removed the clients and I am trying to deploy them under via a anitvirus server that i have setup.  I began running into a few problems deploying the clients via the new server, and after hours of being on the phone with tech support (Symantec) I have gotten no where.  

It seems to me that the issue doesnt actually reside in the symantec software but rather my network:  on the computers that i was able to push the client to, I can open up run and type \\<computer name>\C$ and I can access this folder, however in the same session I cannot access other members computers in my domain with the same exact command.  These also happen to be the same computers that I cannot push the client to.  

FYI, as you can probably tell, this is all part of a domain, not a workgroup or anything.
0
 

Expert Comment

by:mekkattiljj
Comment Utility
Now the ones you cannot get to can you at least ping the workstation?
0
 

Author Comment

by:tgrizzel
Comment Utility
yes i can ping them.  I have also logged on locally to their machines, and verified that the local admin includes the domain admin.
0
 

Expert Comment

by:mekkattiljj
Comment Utility
How with any 2 XP machines that one can connect and one that cannot are they physically in the same location meaning same segement on the network?
0
 

Author Comment

by:tgrizzel
Comment Utility
They are physically in the same building, same floor, same dang firewalls and hubs.  I cannot understand this issue at all... it seems as though permissions are getting lost on some computers, however I have ran gpupdate /force on all computers involved to confirm consistency.  

This is nuts!!!
0
 

Expert Comment

by:mekkattiljj
Comment Utility
Try this out, disconnect it from the domain, reboot then reattch it to the domain and try it again.
0
 

Author Comment

by:tgrizzel
Comment Utility
I will try this in a bit and let you know what i find.  I had thought about this as well....i will also 'reset' the computers account within the AD to ensure that it joins back into the domain correct.
0
 

Expert Comment

by:mekkattiljj
Comment Utility
Cool...Post with the results
0
 
LVL 3

Expert Comment

by:Trivious
Comment Utility
I just had a similar issue that I had to fix today. Take a look here and please at least read the first few sections to get an understanding of why this was the issue. Strange, but it worked for me. The first article links to the second. Please go to link 1 first.

http://www.eventid.net/display.asp?eventid=1058&eventno=1752&source=Userenv&phase=1

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007121216494948?Open&docid=2007102613484948&nsf=ent-security.nsf&view=docid
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 38

Expert Comment

by:ChiefIT
Comment Utility
You have one of two issues, in my opinion:

1) Connecting through shares using the UNC path is the master browser's responsibility.

2) Also, Internet Explorer Enhanced Security may prevent you from accessing Operating system intrusive files from remote locations: These files include, but are not limited to (*.EXE, *.REG, *.MSI)

Decifering between the two is in the syntax of the error: Please look at the error and decide wich issue you have:

1)  http://www.experts-exchange.com/OS/Miscellaneous/Q_23463433.html

2) http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23351830.html

Let me know what problem you have and we can fix it.

0
 

Author Comment

by:tgrizzel
Comment Utility
This problem is on hold until tomorrow as we had some major network issues today... ill get back to both of you and let you know where we are at....thanks for the info.
0
 

Author Comment

by:tgrizzel
Comment Utility
Cheif,

I looked at both of these briefly, however I am not sure that either of these would be my issue....

We are not using Netbios for any of this, we are not going through 'network places'.  Also Firewalls are completely off, there is no ports to allow.

I am not trying to install or copy anything to these shared drives....only access C$ and Admin$ which should be accessible to any domain admin.  This would rule out the IE security blocks.

Thanks for the reply, let me know if i am misunderstanding your answers.

Travis
0
 
LVL 38

Accepted Solution

by:
ChiefIT earned 500 total points
Comment Utility
OOPS, don't be so hasty:
You ARE connecting through Netbios, (or at least trying to). Netbios is the backbone for the MASTER BROWSER to communicate with. The Master Browser is responsible with completing a list of computers in MY NETWORK PLACES and allowing you to use UNC paths, (like \computername\C$), in the browser, or My Network Places.

I promise you, your problem is a problem with Netbios or WINS.

OK: With that said>

Netbios will not propogate through many Firewalls, VPN Tunnel, across different subnets, or through some sort of NAT. In order to bypass any of these, you could elect to use WINS. The below article is for NT4. Don't let that scare you. If you have to propogate Netbios through any of these, use what I call the WINS/WAN configuration of the Master Browser.

If all of your nodes are not separated subnets, behind firewalls or have to transverse over NAT or through a VPN tunnel, you live in a perfect world for the browser service. If you are in a perfect world, then all you will have to do is turn on NET BIOS OVER TCP/IP and make sure the BROWSER SERVICE is started on all of your devices.

I am going to provide you an article as reference to help you. Don't let this article scare you since it is an NT4 article. The browser hasn't changed except on tiny thing:
*****(The NT4 computer has a registry key that says "IsDomainMasterBrowser" while the 2003 server shortened that up to "IsDomainMaster")
Follow this article and you will find your problem.
http://www.microsoft.com/resources/documentation/windowsnt/4/server/reskit/en-us/net/chptr3.mspx?mfr=true

0
 

Author Comment

by:tgrizzel
Comment Utility
Cheif,

I read through this article and took the following steps:

Changed my Wins server from running on my secondary DC to running on the PDC.  Set the correct WINS server in DHCP and on the client updated this information via ipconfig /renew.  I also insured to unchecked "enable lmhost lookup" on the client, and selected "enable Net Bios Over TCP/IP".  Browser services are started on all DC's as well as client computer.  Tried several times within a few hour time span and I am still unable to access the users \\computername\c$ or admin$.  I am however able to access a users computer on the exact same network (even same 5 port hub) right now.  I do not see any discrepancy in this users network settings.  

However, I am starting to agree that this is a Netbios issue.  In network places or just network on vista, the computers that I cannot push this client to (the original problem) I also cannot access there shares from here....however the ones that are successful are the ones i can push the antivirus too...also I can access there \\computername\c$.  Again, same network, no vpn or diff subnets, all firewalls and old antivirus are off, network discovery and file sharing is on.  I am using 2 diff computers as main testing pcs....1 is almost brand new (new hire started on monday) and the other is a laptop that has been deployed for several months.  Computer Browser is running on both of these as well.

Could i be missing something?
0
 
LVL 38

Expert Comment

by:ChiefIT
Comment Utility
With the changes in WINS, you might have to refresh and repair your WINS cache. This is the netbios equivallent of DNS cache. You probably need to do this on the clients. To do this, you need a couple utilities. One is called NBTstat. The other is called Browstat.

For XP and 2003 server, these utilities are found on 2003 server support tools.

For vista, I don't know, the tools may already exist.

Go to the command prompt and type:
NBTSTAT -RR
then take a gander on what computer is listed as your master browser by typing at the command prompt:
Browstat /status

THE REST OF THIS IS JUST THEORY:
I don't know how well Vista machines work with 2003 server on the browser service. By default, the highest operating system, then holder of roles, wins the election as being the master browser. As a little troubleshooting, you might go into both the local server and client's event logs and see if you see any errors that says, something like:
""ClientXXX thinks it is the master browser, the browser service on clientXXX was shut down and an election has been forced. ""
I think this is event 8032 and 8031

In that case, you need to make a registry edit on the "IsDomainMaster" Registry Key ON THE CLIENT. The NT4 article can help you out on that. You want the client to not think itself as a candidate for the domain master election.

If you have two operating systems competing to be the domain master> I can see your Vista client getting its browser service shut down. But, since Netbios is on, It will send out the netbios broadcast saying "I am Here". So, it will be a member of the browselist through the Netbios broadcasts, but you can't access the files because the browser service is shut down on the client.


0
 

Author Comment

by:tgrizzel
Comment Utility
still no go.

I ran nbtstat -RR and flushed the Netbios names on all computers involved - DC's and all.  Also, When moving the Wins to a diff server (main PDC) I set this as the master browser via the reg key and did test to make sure that this was actually true.

I am going to take some time and think this over some more....I may jump back to mekkattiljj and try and remove and re-add these specific computer accounts into the domain.

Thanks for the continued, detailed responses....this is the first time that I feel i have received a decent lead off of this forum....for that, thank you.
0
 
LVL 38

Expert Comment

by:ChiefIT
Comment Utility
You know, lately, I have had to run NBTSTAT -RR a couple times to get it to work right. I have also had to run it by just NBTSAT -R. I don't know why it doesn't repair/refresh the netbios connection the first time.
0
 

Author Closing Comment

by:tgrizzel
Comment Utility
I would like to close this question, not that I ever got the problem fixed, but that I am no longer pursuing this.  This is too much work for a simple antivirus server!  I beleive that CheifIT is correct and that I do have Netbios issues, although the nbtstat never ended up helping the situation.

Thanks for you help.
0
 

Expert Comment

by:TheCronLab
Comment Utility
Hi,

Am suffering with the same issue,  unable to view c$ shares on certain machines in a domain.
As with Trivious,  came across this issue when attempting to remotely deploy Symantec endpoint protection.

Trivious, did you ever come across a solution?
thanks
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now