Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users
Course Of The Month
8 days, 7 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Permissions Issue
Posted on 2011-03-08
Hello Experts,
I'm having a weird issue on a few of my servers.
I have a NAS that i connect to for backing stuff up. For some reason, i have lost the ability to access the NAS via it's name.
So, if i go to start run: \\backupNAS\ --> i get an error saying i don't have permissions to access this.
If i do: start run: \\10.10.10.50\ --> i get in with no problems.
Can anyone shine some light on this please?
Thank you,
gmWindows
I'm having a weird issue on a few of my servers.
I have a NAS that i connect to for backing stuff up. For some reason, i have lost the ability to access the NAS via it's name.
So, if i go to start run: \\backupNAS\ --> i get an error saying i don't have permissions to access this.
If i do: start run: \\10.10.10.50\ --> i get in with no problems.
Can anyone shine some light on this please?
Thank you,
gmWindows
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
6-
6
13 Comments
it's probably due to Kerberos errors. (with IP you fall automatically to NTLM)
- is the name of your computer (backupNAS) is the same than the name you enter in start/run ?
- could you launch the command setspn /L backupNAS
you should see HOST/backupNAS and HOST/backupNAS.domain.com
if you don't see them, you should run: setspn /R backupNAS
- it could be an issue with multiples computers sharing the same SPN
take a look here http://support.microsoft.com/kb/321044/en-us
or launch the command:
dsquery * -limit 0 -filter "(&(objectcategory=compute
if duplicate, you will get more than one DN as result.
- is the name of your computer (backupNAS) is the same than the name you enter in start/run ?
- could you launch the command setspn /L backupNAS
you should see HOST/backupNAS and HOST/backupNAS.domain.com
if you don't see them, you should run: setspn /R backupNAS
- it could be an issue with multiples computers sharing the same SPN
take a look here http://support.microsoft.com/kb/321044/en-us
or launch the command:
dsquery * -limit 0 -filter "(&(objectcategory=compute
if duplicate, you will get more than one DN as result.
All the tests you mentioned above came back ok.
The entries were there and there were not duplicates.
When i queried it from LDAP it came back with the correct machine.
I checked the System logs and found the following two entries:
Type: Warning
Source: LsaSrv
The Security System detected an authentication error for the server cifs/backupNAS.local.domai
Type: Warning
Source: Kerberos
There were password errors using the Credential Manager. To remedy, launch the Stored User Names and Passwords control panel applet, and reenter the password for the credential DOMAIN\admin.
The entries were there and there were not duplicates.
When i queried it from LDAP it came back with the correct machine.
I checked the System logs and found the following two entries:
Type: Warning
Source: LsaSrv
The Security System detected an authentication error for the server cifs/backupNAS.local.domai
Type: Warning
Source: Kerberos
There were password errors using the Credential Manager. To remedy, launch the Stored User Names and Passwords control panel applet, and reenter the password for the credential DOMAIN\admin.
ok launch this command to add the cifs service and retry
setspn /A cifs/backupNAS
setspn /A cifs/backupNAS.local.domai
setspn /A cifs/backupNAS
setspn /A cifs/backupNAS.local.domai
Else, look at the Stored User Names and Passwords control panel applet to see if you have already stored credentials for this server. Did you mount network share in the past while specifiing specific credentials?
That worked.
Windows caching is a blessing and a curse (more leaning towards the latter).
Thank you!
Windows caching is a blessing and a curse (more leaning towards the latter).
Thank you!
on the backupNAS server, have you looked event viewer to see if there is errors or warnings especially with Kerberos and LSASRV?
are the time on your computer, the DCs and the BackupNas server are well synched (or at least with few than 5 minutes of delta) ?
are the time on your computer, the DCs and the BackupNas server are well synched (or at least with few than 5 minutes of delta) ?
Ok happy this worked :)
As soon as you encounter issues with name but not with IP you can be pretty sure it's related to Kerberos authentication failures :)
As soon as you encounter issues with name but not with IP you can be pretty sure it's related to Kerberos authentication failures :)
I think you can begin with this: http://technet.microsoft.com/fr-fr/library/cc772815%28WS.10%29.aspx
be carefull with headache !
be carefull with headache !
Featured Post
We value your feedback.
Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s
ManageEngine
webinar, where attendees received a comprehensive look at the ma…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This Micro Tutorial hows how you can integrate Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease.
The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month8 days, 7 hours left to enroll
615 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.