Can't access shared resources on a Windows 2008 R2 server

We have a Winfows 2003 domain with three Win 2003 serevrs (all DC's) and just added a Windows 2008 member server to the domain. This 2008 server has three new network printers shared on it along with a few shared folders.

The member server is in the domain and is fully patched but no user can browse any of the shares or add a shared printer. The clients are Win7x64 bit and Win XPx32 bit. The shares are all setup for read access to authenticated users. All clients can access the shares on the 2003 servers.

I need help getting the shares and printers accessable to all users.
LVL 25
Tony GiangrecoAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

GeodashCommented:
How are you accessing the shares? Mapped drive or Start>run>UNC?
0
GeodashCommented:
Are the members trying to access the shares in Administrative groups on the server?
0
Tony GiangrecoAuthor Commented:
I have tried accessing the shares this way logged on as the domain user of that workstation:

1. Mapping from My computer on a Win 7 64 bit Pc in the domain, we see the Win 2008 server, click it and get the message - You don't have permisson to access this server.

2. On a Win XP pc 32 bit in the domain, open My Computer, click Map Drive and we see two workgroups. OurDomain and Unknown. The new server appears in Unknown.

On the 2008 server, when I check system properties, it says it's in OurDomain. Why would it be listed as unknown on the XP box?
 
The users are all authenticated users of the domain.

If I login to a pc as domain admin, I can access the 2008 server.
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

Tony GiangrecoAuthor Commented:
Sorry, I meant I see two groups: Our Domain and Unknown, not workgroups.
0
GeodashCommented:
Have you added the appropriate AD groups containing users to the shares on the 2008 Server?
0
Tony GiangrecoAuthor Commented:
Since this is a domain, I added the following groups

domain\administrators
authenticated users
0
GeodashCommented:
So you added authenticated users on the share from AD? What are the share permissions on the folder?

Try making the shared permissions - Everyone Full Control
NTFS Permissions - add one user (for a test, not best practice) give them full control. Have them logoff and back on, just to make sure, and try again. I generally steer away from adding authenticated users by removing the group and adding exclusive AD groups for that share, it is more secure. What NTFS permisssions does the authenticated users group have on the share?

If that does not work, look at the Event Log for any access errors and post the errors.
0
Tony GiangrecoAuthor Commented:
I added a domain user with read access and tried mapping the share on her Pc. It shows the server, but won't expand out as if there were no shares.

When I run \\servername it says Login Failure: The user has not beedn granted the requested login type for this computer.

On the server, here is the log:

Log Name:      Security
Source:        Microsoft-Windows-Security-Auditing
Date:          3/21/2012 4:07:03 PM
Event ID:      4625
Task Category: Logon
Level:         Information
Keywords:      Audit Failure
User:          N/A
Computer:      server.mydomain
Description:
An account failed to log on.

Subject:
      Security ID:            NULL SID
      Account Name:            -
      Account Domain:            -
      Logon ID:            0x0

Logon Type:                  3

Account For Which Logon Failed:
      Security ID:            NULL SID
      Account Name:            gayle
      Account Domain:            mydomain

Failure Information:
      Failure Reason:            The user has not been granted the requested logon type at this machine.
      Status:                  0xc000015b
      Sub Status:            0x0

Process Information:
      Caller Process ID:      0x0
      Caller Process Name:      -

Network Information:
      Workstation Name:      -
      Source Network Address:      192.168.1.112
      Source Port:            2159

Detailed Authentication Information:
      Logon Process:            Kerberos
      Authentication Package:      Kerberos
      Transited Services:      -
      Package Name (NTLM only):      -
      Key Length:            0

This event is generated when a logon request fails. It is generated on the computer where access was attempted.

The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).

The Process Information fields indicate which account and process on the system requested the logon.

The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
      - Transited services indicate which intermediate services have participated in this logon request.
      - Package name indicates which sub-protocol was used among the NTLM protocols.
      - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
0
CarlosDominguezCommented:
Have you tried accessing \\IP_address (instead of name)?

Do you have all the automatic services running?

Do you have the firewall active and configured in the 2008 server? Maybe you can try turning the firewall off for the private network.

Maybe you could have an AV product installed and resident in the server. Could you try turning it off temporarily?

In 2008 there are roles and features: go to server manager and check if you have enabled the role "File services".

If no success in any way... I would suggest re-join the 2008 server to the domain.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.