Solved

Workstations (not on domain and never will be) cannot access a shared folder on Windows Server 2008 R2

Posted on 2010-11-12
12
900 Views
Last Modified: 2012-05-10
Recently, our Server 2008 R2 server stopped allowing none domain computer or VPN users to access the shared folders.  It used to prompted us for a user name and password and we would use our domain logins to access the shares on the server.  We receive the error code as shown in the picture I have attached.  "The trust relationship between this and the primary domain failed."  How can I get the server to prompt the user name and password again so non domain PC's can access it again.  All of our other servers are working perfect and they are Server 2008 R2 and Server 2003.  Thank you!

Jeff Error code for accessing the server
0
Comment
Question by:jokert
  • 4
  • 4
  • 2
  • +1
12 Comments
 
LVL 3

Expert Comment

by:msincorp
ID: 34122927
Two things you might try.

1) Check and see what the preferred DNS server settings are in the TCP/IP settings on the workstation, and make sure it is set to the ip address of the 2008 server.

2) Check your firewall settings on the server.  Temporarily shut down the firewall and try to connect.  If you can then we can look at the rules and see which one is causing the problem.  If not, resart the firewall and we can try somthing else.

Good luck!

Chris
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 200 total points
ID: 34123326
Have you tried mapping the drive  through the Network Mapping feature you can enter your username and password at this location
0
 

Author Comment

by:jokert
ID: 34124722
Thank you for the quick replies,  here is what I came up with.

1. Double checked all the DNS settings on the server and it has the correct primary DNS information just like the other servers.  Still no luck though.

2. Turned off the firewall and still couldn't make it.  Even flushed the DNS just to make sure and it still didn't work.

3. I was able to map a drive by selecting "Connect using different credentials.  Short term fix but i am still puzzled why this server only is having this problem.  I am really stumped on this.  Not one of the other servers is doing this.  :(  
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:jokert
ID: 34124820
One more update.  Logging on to the VPN doesn't allow the map network drive.  The user name and password just keep popping up.  Tried with both the DNS name and directly to the IP address but didn't work.
0
 
LVL 3

Expert Comment

by:msincorp
ID: 34124982
When you checked the preferred DNS server, did you confirm the workstations as well?  Are they pointing to the proper mail server?  It also might be worth a shot to enter the ip address into the local host file.

You mentioned that if you were able to login with different credentials and map a drive.  That suggests a "rights" issue.  Is there a way for you to create a group, assign domain admin rights to the group, add the user that cannot map a drive directly to that group, and see if you can then map a drive.  If you can we need to look at rights as well as connectivity.

Have a good one!

Chris  
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34129550
Are you using the domain\username
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 34129562
You mention the primary DNS server points to your server but do you have a secondary pointing to an alternate server outside of the domain, such as an ISP or a router? This can cause name resolution issues.
0
 

Author Comment

by:jokert
ID: 34137914
The workstation and the server have the proper Primary DNS and our Secondary DNS.  We did try to also just use the direct IP and it still will not pop up the User name and password.  Active Directory sees the server so I am not sure what is going on still.  I think we are getting closer.  :P
0
 
LVL 3

Accepted Solution

by:
msincorp earned 300 total points
ID: 34138009
This KB Article looks promising - http://support.microsoft.com/kb/162797.

Might be as easy as creating a computer account on the DC with the same name as the computer.  Seems like the computer needs to authenticate if if the user does not.

Hope it helps.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 34144379
That will not resolve the problem for VPN users even if it should work on the LAN.
0
 

Author Comment

by:jokert
ID: 34148488
I should of tried this a long time ago but figured there was more to it but I removed the Server from the domain and re-joined it back and now everything seems to be fixed.  Seems to be a random problem around the network but a simple yet annoying two reboot fix.  Thank you everyone for all the help!
0
 
LVL 3

Expert Comment

by:msincorp
ID: 34148520
Well.. seems that the computer account that needed to be created was the server!!!

Glad you found your answer!

Chris
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question