LateNiteR
asked on
Win7 Can't See File Shares on FreeNAS, XP or ANYTHING !?!?
Here's what I am working with:
Clients: (6+) Windows 7 (Ultimate & Professional), (1) Windows XP Pro SP3
(DHCP Assigned IPs)
AV: Symantec Endpoint Protection v11.0.5 (Managed)
NAS: FreeBSD 6.4-RELEASE-p3 (revision 199506)
0.69 Kwisatz Haderach (revision 4276)
(Static IP, resolves from all clients)
MS AD Domain (2003 Native Funct-Level): Mix of 2003 & 2008 (no 2008 DCs yet)
(All Static IPs)
Up until a month ago everything was working beautifully. My Win7 Clients, after making the necessary Local Sec Policy adjustments for the NTLM Authentication Level, could connect to the WinXP Machines shares and FreeNAS (without shutting down Samba). Then all of a sudden, just like when I first began testing Win7, the Win7 clients could no longer access the NAS. Additionally (UNLIKE before) Win7 machines are now unable to connect to the even WinXP or Win2003 shares. Every attempts results in "Windows cannot access \\MachineName".
The WinXP Machines can STILL connect and browse the Win7 files, NAS, AND the 2003 servers (so, no lost data).
I've beaten my head against the wall researching possible culprits as I am rather sure this can't be an isolated incident. The event logs on the Win7 Machines do not show anything for the time period when I try to access either the NAS shares or the WinXP shares.
I did find a couple of postings which pointed to creating a couple of registry entries to disable Samba v2.0 and v3.0 (DWORD 'SMB2' = 000000) but that didn't seem to do anything.
I NEED to get to the FreeNAS (from the other machines without logging onto an XP device) and the WinXP shares from the Win7 Machines.
BOTTOMLINE : The Win7 machines seem unable to see ANY Shares on ANY machine (Even my Win2008 server.....REALLY strange)
HELP!?
Clients: (6+) Windows 7 (Ultimate & Professional), (1) Windows XP Pro SP3
(DHCP Assigned IPs)
AV: Symantec Endpoint Protection v11.0.5 (Managed)
NAS: FreeBSD 6.4-RELEASE-p3 (revision 199506)
0.69 Kwisatz Haderach (revision 4276)
(Static IP, resolves from all clients)
MS AD Domain (2003 Native Funct-Level): Mix of 2003 & 2008 (no 2008 DCs yet)
(All Static IPs)
Up until a month ago everything was working beautifully. My Win7 Clients, after making the necessary Local Sec Policy adjustments for the NTLM Authentication Level, could connect to the WinXP Machines shares and FreeNAS (without shutting down Samba). Then all of a sudden, just like when I first began testing Win7, the Win7 clients could no longer access the NAS. Additionally (UNLIKE before) Win7 machines are now unable to connect to the even WinXP or Win2003 shares. Every attempts results in "Windows cannot access \\MachineName".
The WinXP Machines can STILL connect and browse the Win7 files, NAS, AND the 2003 servers (so, no lost data).
I've beaten my head against the wall researching possible culprits as I am rather sure this can't be an isolated incident. The event logs on the Win7 Machines do not show anything for the time period when I try to access either the NAS shares or the WinXP shares.
I did find a couple of postings which pointed to creating a couple of registry entries to disable Samba v2.0 and v3.0 (DWORD 'SMB2' = 000000) but that didn't seem to do anything.
I NEED to get to the FreeNAS (from the other machines without logging onto an XP device) and the WinXP shares from the Win7 Machines.
BOTTOMLINE : The Win7 machines seem unable to see ANY Shares on ANY machine (Even my Win2008 server.....REALLY strange)
HELP!?
Have you tried dropping the firewalls and dropping the UAC on the Win 7 box? Could be that an update or security patch caused the problem.
ASKER
I also suspect a "Fix" broke things too but I have yet to review the last couple months of patches.
Yes, just this morning I decided to disable the Windows firewall and reboot. No change in connecting to WinXP, FreeNAS or 2003 Shares.
I didn't even consider dropping UAC as I'm OK with being periodically notified about certain types of activity (Saved my a$$ before I got SEP Clients fully distributed). Why might UAC pose such a widespread issue like that (other than it being a Microsoft 'creation')?
Let me know Hulking I'd be interested to know.
Yes, just this morning I decided to disable the Windows firewall and reboot. No change in connecting to WinXP, FreeNAS or 2003 Shares.
I didn't even consider dropping UAC as I'm OK with being periodically notified about certain types of activity (Saved my a$$ before I got SEP Clients fully distributed). Why might UAC pose such a widespread issue like that (other than it being a Microsoft 'creation')?
Let me know Hulking I'd be interested to know.
I have several home grown apps that connect using ODBC to Oracle. We had to turn off the UAC to get those working. We do not map any peer to peer Win 7 to XP so I have not seen that issue, but some similar to it. Any chance there was an update to the Symantec End Point Protection, a new policy that would turn off prompting for the UAC and deny admin rights? Just through it out there...
I had a couple things to try
1. Ping the ip of the xp box, does it return a ping , and when it does what name is returned
2. try mapping the share using the ip address instead of the name \\ip\share
3. try mapping using the full name, (example \\xppc.microsoft.local\sha re)
If you can connect to the share using one of those methods you have a DNS problem
1. Ping the ip of the xp box, does it return a ping , and when it does what name is returned
2. try mapping the share using the ip address instead of the name \\ip\share
3. try mapping using the full name, (example \\xppc.microsoft.local\sha
If you can connect to the share using one of those methods you have a DNS problem
ASKER
....Hmmmmm. I will investigate UAC because I do not really need it in my environment so it wont be missed (some will likely cheer to have it gone, actually).
DNS is working properly as I am able to resolve all hosts from each PC, nslookup returns queries properly, and all ping as expected. The NAS shares, which are the home of the Users My Documents among other data, automatically maps drives on client computers (via GPO) and the XPs clients don't have a problem w/ those.
Remember, "The WinXP Machines can STILL connect and browse the Win7 files, NAS, AND the 2003 servers..." which is why UAC, for lack of other possibilities, could certainly be the culprit.
I'll try it tonight and let you know tomorrow morning.
Thanks.
DNS is working properly as I am able to resolve all hosts from each PC, nslookup returns queries properly, and all ping as expected. The NAS shares, which are the home of the Users My Documents among other data, automatically maps drives on client computers (via GPO) and the XPs clients don't have a problem w/ those.
Remember, "The WinXP Machines can STILL connect and browse the Win7 files, NAS, AND the 2003 servers..." which is why UAC, for lack of other possibilities, could certainly be the culprit.
I'll try it tonight and let you know tomorrow morning.
Thanks.
On the Win 7 machines:
Run gpedit.msc
Computer Configuration
Windows Settings
Security Settings
Local Policies
Security Options
Network access: Do not allow anonymous enumeration of SAM accounts and shares (note the "and shares")
This setting should be set to Disabled. If it is enabled, disable and reboot.
Run gpedit.msc
Computer Configuration
Windows Settings
Security Settings
Local Policies
Security Options
Network access: Do not allow anonymous enumeration of SAM accounts and shares (note the "and shares")
This setting should be set to Disabled. If it is enabled, disable and reboot.
ASKER
YLandRum,
Nope. I already have that setting configured in the Local Security Policy.
I am FLOORED that this isn't more common....seriously.
Nope. I already have that setting configured in the Local Security Policy.
I am FLOORED that this isn't more common....seriously.
ASKER
...another bit of information regarding DNS which I failed to mention. I can RDP from Win7 to the XP clients without any issues.
....and no, I am not using an LMHost file either.
....and no, I am not using an LMHost file either.
ASKER
FYI.
I disabled UAC without any benefit. I am now in the process of uninstalling the last couple of months worth of updates.
I disabled UAC without any benefit. I am now in the process of uninstalling the last couple of months worth of updates.
ASKER
OK. This is a BIGGER issue.
My NONE of my Windows 7 Machines can connect to ANY Windows 2003 Share either.
While I thought that this was only a problem w/ FreeNAS that is obviously not the case.
I'll search EE for a possible solution. Google-searching shows me that this isn't rare but I haven't come across the solution yet either.
My NONE of my Windows 7 Machines can connect to ANY Windows 2003 Share either.
While I thought that this was only a problem w/ FreeNAS that is obviously not the case.
I'll search EE for a possible solution. Google-searching shows me that this isn't rare but I haven't come across the solution yet either.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
To keep this solution easy to find I have created a 2nd Post to award your points.
https://www.experts-exchange.com/questions/26701864/Win7-Can't-See-File-Shares.html
Thank you both.
https://www.experts-exchange.com/questions/26701864/Win7-Can't-See-File-Shares.html
Thank you both.
ASKER
The Linksys E1000 Blocks Samba and other shares.