Cant access admin shares on a windows7 machine on a domain when the firewall in enabled as a domain admin

Posted on 2011-09-13
Last Modified: 2012-05-12
Hi , I am a domain admin on our network. On all windows 7 machines with the firewall turned on and file and print share enabled I still cant access admin shares on remore pc's. I am a domain admin and have no problem accessing any win xp or server2003 or server2008 machine admin shares. If i turn off the firewall I can access the admin shares on the win7 machine. I tried enabling the firewall and allowing all programs through and still wont work.
Question by:mestek
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4

Expert Comment

ID: 36531166
Im guessing you want to keep your firewall on...
So here is a link on how to cofnigure some rules
LVL 39

Expert Comment

ID: 36531773
Go into the firewall properties and make an exception to "File and Print Sharing"

Author Comment

ID: 36531940
Already did.. I posted that in the body. Thanks though.
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

LVL 39

Expert Comment

ID: 36535282
As in your post:

So, even if you have file and print sharing enabled, and you turn the firewall on, it doesn't work??>>But, with the firewall off, it does work??

Still sounds like a firewall setting, don't you think?

Background information:
File and print sharing is performed using netbios broadcasts. These broadcasts are held to the broadcast domain. This means the broadcasts will not go through a VPN tunnel, across a NAT router, to separate VLANS, ect... If everything is on the same broadcast domain, they are not "remote" computers. They are local to the same subnet. This sounds like the case for you.

Since the firewall seems to be the issue, let's discuss the software firewall's function. A system state firewall is defined as a firewall that blocks certain traffic, IF the communications were not started by the host. This means any UDP traffic to this host will be blocked. Any requests from the host should work. So, you will not be able to see computers in my network places, nor will file and print sharing because much of the traffic is broadcasted traffic and most firewalls block netbios broadcasts. The hosts that are not seeing other computers on the network possibly have a firewall blocking them.

Then, there is the specific features of WIN 7. Navigate to: Control Pannel>>Network and Sharing Center>> "Change Advanced Sharing Settings. There you will see a list of settings to control file and print sharing as well as network discovery. This is how Netbios is minipulated for WIN 7 computers IN ADDITION to firewall settings you have seen in XP 'puters.

With that said, if you truly have a remote comptuer, (meaning computers not on the same subnet or not on the same broadcast domain), let me know. There are ways to get this to work.

Author Comment

ID: 36536242
Im sorry , I used the term "remote" losely.. The computers are indeed on the same subnet.
LVL 39

Expert Comment

ID: 36591931
We are not on the same sheet of music:

When you disable the firewall, it works. When enabled, it doesn't. This is a firewall setting to allow file and print sharing. Also see if IPsec is enabled. You can see this by going to the command prompt and typing, IPconfig /all

Accepted Solution

mestek earned 0 total points
ID: 36599324
Turns out that there was a group policy applied to Privledge Authority that was disabling .. file and print sharing..

Author Closing Comment

ID: 36895830
Talked with the network engine who went through all policies and found the policy over riding the file and print sharing.
LVL 39

Expert Comment

ID: 36601479
OOPS.... Glad to see it resolved.

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor ( Top Charts is a view in which you can set seve…
Suggested Courses

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question