?
Solved

Cannot access C$ or Admin$ on some computers but can on others.

Posted on 2008-06-11
20
Medium Priority
?
2,482 Views
Last Modified: 2013-12-09
Cannot access C$ or Admin$ on some computers but can on others.  All computers are part of the same domain, same OU, same GP's.  Some computers are XP and some are Vista, however I have had success and problems on both OS's.  All users computers are configured the same, and I am logged in from the DC trying to run: \\<computer name>\C$  .... some will work and others will not.   Again, the PC's should be configed the same, the firewalls are completely off, no antivirus (this issue spawned from trying to install symantec endpoint clients from the deployment wizard to all computers) Windows defender is off, Network Discovery is on (on Vista machines) Simple file sharing is off.  

I am a local admin by being a member of Domain Admin, which is set as a admin on every local computer.  

Any thoughts?

0
Comment
Question by:tgrizzel
  • 9
  • 4
  • 4
  • +2
20 Comments
 
LVL 3

Expert Comment

by:Trivious
ID: 21760655
I had this issue with Symantec Endpoint Protection when it was first released. I had to uninstall it and reinstall it to get it to shake loose. It may say off, but it still blocks stuff. Make sure that the check boxes under network threat protection are all unchecked as well. This will help you to diagnose it.
0
 

Author Comment

by:tgrizzel
ID: 21760833
Actually I should clarify a bit more:

I have been using Symantec just fine with local installs up unitl this point.  I have now manually removed the clients and I am trying to deploy them under via a anitvirus server that i have setup.  I began running into a few problems deploying the clients via the new server, and after hours of being on the phone with tech support (Symantec) I have gotten no where.  

It seems to me that the issue doesnt actually reside in the symantec software but rather my network:  on the computers that i was able to push the client to, I can open up run and type \\<computer name>\C$ and I can access this folder, however in the same session I cannot access other members computers in my domain with the same exact command.  These also happen to be the same computers that I cannot push the client to.  

FYI, as you can probably tell, this is all part of a domain, not a workgroup or anything.
0
 

Expert Comment

by:mekkattiljj
ID: 21760859
Now the ones you cannot get to can you at least ping the workstation?
0
Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

 

Author Comment

by:tgrizzel
ID: 21760914
yes i can ping them.  I have also logged on locally to their machines, and verified that the local admin includes the domain admin.
0
 

Expert Comment

by:mekkattiljj
ID: 21761081
How with any 2 XP machines that one can connect and one that cannot are they physically in the same location meaning same segement on the network?
0
 

Author Comment

by:tgrizzel
ID: 21761179
They are physically in the same building, same floor, same dang firewalls and hubs.  I cannot understand this issue at all... it seems as though permissions are getting lost on some computers, however I have ran gpupdate /force on all computers involved to confirm consistency.  

This is nuts!!!
0
 

Expert Comment

by:mekkattiljj
ID: 21761218
Try this out, disconnect it from the domain, reboot then reattch it to the domain and try it again.
0
 

Author Comment

by:tgrizzel
ID: 21761451
I will try this in a bit and let you know what i find.  I had thought about this as well....i will also 'reset' the computers account within the AD to ensure that it joins back into the domain correct.
0
 

Expert Comment

by:mekkattiljj
ID: 21761486
Cool...Post with the results
0
 
LVL 3

Expert Comment

by:Trivious
ID: 21762710
I just had a similar issue that I had to fix today. Take a look here and please at least read the first few sections to get an understanding of why this was the issue. Strange, but it worked for me. The first article links to the second. Please go to link 1 first.

http://www.eventid.net/display.asp?eventid=1058&eventno=1752&source=Userenv&phase=1

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007121216494948?Open&docid=2007102613484948&nsf=ent-security.nsf&view=docid
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 21763399
You have one of two issues, in my opinion:

1) Connecting through shares using the UNC path is the master browser's responsibility.

2) Also, Internet Explorer Enhanced Security may prevent you from accessing Operating system intrusive files from remote locations: These files include, but are not limited to (*.EXE, *.REG, *.MSI)

Decifering between the two is in the syntax of the error: Please look at the error and decide wich issue you have:

1)  http://www.experts-exchange.com/OS/Miscellaneous/Q_23463433.html

2) http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23351830.html

Let me know what problem you have and we can fix it.

0
 

Author Comment

by:tgrizzel
ID: 21763560
This problem is on hold until tomorrow as we had some major network issues today... ill get back to both of you and let you know where we are at....thanks for the info.
0
 

Author Comment

by:tgrizzel
ID: 21764614
Cheif,

I looked at both of these briefly, however I am not sure that either of these would be my issue....

We are not using Netbios for any of this, we are not going through 'network places'.  Also Firewalls are completely off, there is no ports to allow.

I am not trying to install or copy anything to these shared drives....only access C$ and Admin$ which should be accessible to any domain admin.  This would rule out the IE security blocks.

Thanks for the reply, let me know if i am misunderstanding your answers.

Travis
0
 
LVL 39

Accepted Solution

by:
ChiefIT earned 1500 total points
ID: 21765160
OOPS, don't be so hasty:
You ARE connecting through Netbios, (or at least trying to). Netbios is the backbone for the MASTER BROWSER to communicate with. The Master Browser is responsible with completing a list of computers in MY NETWORK PLACES and allowing you to use UNC paths, (like \computername\C$), in the browser, or My Network Places.

I promise you, your problem is a problem with Netbios or WINS.

OK: With that said>

Netbios will not propogate through many Firewalls, VPN Tunnel, across different subnets, or through some sort of NAT. In order to bypass any of these, you could elect to use WINS. The below article is for NT4. Don't let that scare you. If you have to propogate Netbios through any of these, use what I call the WINS/WAN configuration of the Master Browser.

If all of your nodes are not separated subnets, behind firewalls or have to transverse over NAT or through a VPN tunnel, you live in a perfect world for the browser service. If you are in a perfect world, then all you will have to do is turn on NET BIOS OVER TCP/IP and make sure the BROWSER SERVICE is started on all of your devices.

I am going to provide you an article as reference to help you. Don't let this article scare you since it is an NT4 article. The browser hasn't changed except on tiny thing:
*****(The NT4 computer has a registry key that says "IsDomainMasterBrowser" while the 2003 server shortened that up to "IsDomainMaster")
Follow this article and you will find your problem.
http://www.microsoft.com/resources/documentation/windowsnt/4/server/reskit/en-us/net/chptr3.mspx?mfr=true

0
 

Author Comment

by:tgrizzel
ID: 21772060
Cheif,

I read through this article and took the following steps:

Changed my Wins server from running on my secondary DC to running on the PDC.  Set the correct WINS server in DHCP and on the client updated this information via ipconfig /renew.  I also insured to unchecked "enable lmhost lookup" on the client, and selected "enable Net Bios Over TCP/IP".  Browser services are started on all DC's as well as client computer.  Tried several times within a few hour time span and I am still unable to access the users \\computername\c$ or admin$.  I am however able to access a users computer on the exact same network (even same 5 port hub) right now.  I do not see any discrepancy in this users network settings.  

However, I am starting to agree that this is a Netbios issue.  In network places or just network on vista, the computers that I cannot push this client to (the original problem) I also cannot access there shares from here....however the ones that are successful are the ones i can push the antivirus too...also I can access there \\computername\c$.  Again, same network, no vpn or diff subnets, all firewalls and old antivirus are off, network discovery and file sharing is on.  I am using 2 diff computers as main testing pcs....1 is almost brand new (new hire started on monday) and the other is a laptop that has been deployed for several months.  Computer Browser is running on both of these as well.

Could i be missing something?
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 21772394
With the changes in WINS, you might have to refresh and repair your WINS cache. This is the netbios equivallent of DNS cache. You probably need to do this on the clients. To do this, you need a couple utilities. One is called NBTstat. The other is called Browstat.

For XP and 2003 server, these utilities are found on 2003 server support tools.

For vista, I don't know, the tools may already exist.

Go to the command prompt and type:
NBTSTAT -RR
then take a gander on what computer is listed as your master browser by typing at the command prompt:
Browstat /status

THE REST OF THIS IS JUST THEORY:
I don't know how well Vista machines work with 2003 server on the browser service. By default, the highest operating system, then holder of roles, wins the election as being the master browser. As a little troubleshooting, you might go into both the local server and client's event logs and see if you see any errors that says, something like:
""ClientXXX thinks it is the master browser, the browser service on clientXXX was shut down and an election has been forced. ""
I think this is event 8032 and 8031

In that case, you need to make a registry edit on the "IsDomainMaster" Registry Key ON THE CLIENT. The NT4 article can help you out on that. You want the client to not think itself as a candidate for the domain master election.

If you have two operating systems competing to be the domain master> I can see your Vista client getting its browser service shut down. But, since Netbios is on, It will send out the netbios broadcast saying "I am Here". So, it will be a member of the browselist through the Netbios broadcasts, but you can't access the files because the browser service is shut down on the client.


0
 

Author Comment

by:tgrizzel
ID: 21772785
still no go.

I ran nbtstat -RR and flushed the Netbios names on all computers involved - DC's and all.  Also, When moving the Wins to a diff server (main PDC) I set this as the master browser via the reg key and did test to make sure that this was actually true.

I am going to take some time and think this over some more....I may jump back to mekkattiljj and try and remove and re-add these specific computer accounts into the domain.

Thanks for the continued, detailed responses....this is the first time that I feel i have received a decent lead off of this forum....for that, thank you.
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 21772840
You know, lately, I have had to run NBTSTAT -RR a couple times to get it to work right. I have also had to run it by just NBTSAT -R. I don't know why it doesn't repair/refresh the netbios connection the first time.
0
 

Author Closing Comment

by:tgrizzel
ID: 31466176
I would like to close this question, not that I ever got the problem fixed, but that I am no longer pursuing this.  This is too much work for a simple antivirus server!  I beleive that CheifIT is correct and that I do have Netbios issues, although the nbtstat never ended up helping the situation.

Thanks for you help.
0
 

Expert Comment

by:TheCronLab
ID: 22204261
Hi,

Am suffering with the same issue,  unable to view c$ shares on certain machines in a domain.
As with Trivious,  came across this issue when attempting to remotely deploy Symantec endpoint protection.

Trivious, did you ever come across a solution?
thanks
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens.   Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my…
Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question