Solved

Can't access shared resources on a Windows 2008 R2 server

Posted on 2012-03-21
9
879 Views
Last Modified: 2012-03-25
We have a Winfows 2003 domain with three Win 2003 serevrs (all DC's) and just added a Windows 2008 member server to the domain. This 2008 server has three new network printers shared on it along with a few shared folders.

The member server is in the domain and is fully patched but no user can browse any of the shares or add a shared printer. The clients are Win7x64 bit and Win XPx32 bit. The shares are all setup for read access to authenticated users. All clients can access the shares on the 2003 servers.

I need help getting the shares and printers accessable to all users.
0
Comment
Question by:Tony Giangreco
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
9 Comments
 
LVL 9

Expert Comment

by:Geodash
ID: 37749534
How are you accessing the shares? Mapped drive or Start>run>UNC?
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37749536
Are the members trying to access the shares in Administrative groups on the server?
0
 
LVL 25

Author Comment

by:Tony Giangreco
ID: 37749762
I have tried accessing the shares this way logged on as the domain user of that workstation:

1. Mapping from My computer on a Win 7 64 bit Pc in the domain, we see the Win 2008 server, click it and get the message - You don't have permisson to access this server.

2. On a Win XP pc 32 bit in the domain, open My Computer, click Map Drive and we see two workgroups. OurDomain and Unknown. The new server appears in Unknown.

On the 2008 server, when I check system properties, it says it's in OurDomain. Why would it be listed as unknown on the XP box?
 
The users are all authenticated users of the domain.

If I login to a pc as domain admin, I can access the 2008 server.
0
Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

 
LVL 25

Author Comment

by:Tony Giangreco
ID: 37749765
Sorry, I meant I see two groups: Our Domain and Unknown, not workgroups.
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37749794
Have you added the appropriate AD groups containing users to the shares on the 2008 Server?
0
 
LVL 25

Author Comment

by:Tony Giangreco
ID: 37749904
Since this is a domain, I added the following groups

domain\administrators
authenticated users
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37749925
So you added authenticated users on the share from AD? What are the share permissions on the folder?

Try making the shared permissions - Everyone Full Control
NTFS Permissions - add one user (for a test, not best practice) give them full control. Have them logoff and back on, just to make sure, and try again. I generally steer away from adding authenticated users by removing the group and adding exclusive AD groups for that share, it is more secure. What NTFS permisssions does the authenticated users group have on the share?

If that does not work, look at the Event Log for any access errors and post the errors.
0
 
LVL 25

Author Comment

by:Tony Giangreco
ID: 37749990
I added a domain user with read access and tried mapping the share on her Pc. It shows the server, but won't expand out as if there were no shares.

When I run \\servername it says Login Failure: The user has not beedn granted the requested login type for this computer.

On the server, here is the log:

Log Name:      Security
Source:        Microsoft-Windows-Security-Auditing
Date:          3/21/2012 4:07:03 PM
Event ID:      4625
Task Category: Logon
Level:         Information
Keywords:      Audit Failure
User:          N/A
Computer:      server.mydomain
Description:
An account failed to log on.

Subject:
      Security ID:            NULL SID
      Account Name:            -
      Account Domain:            -
      Logon ID:            0x0

Logon Type:                  3

Account For Which Logon Failed:
      Security ID:            NULL SID
      Account Name:            gayle
      Account Domain:            mydomain

Failure Information:
      Failure Reason:            The user has not been granted the requested logon type at this machine.
      Status:                  0xc000015b
      Sub Status:            0x0

Process Information:
      Caller Process ID:      0x0
      Caller Process Name:      -

Network Information:
      Workstation Name:      -
      Source Network Address:      192.168.1.112
      Source Port:            2159

Detailed Authentication Information:
      Logon Process:            Kerberos
      Authentication Package:      Kerberos
      Transited Services:      -
      Package Name (NTLM only):      -
      Key Length:            0

This event is generated when a logon request fails. It is generated on the computer where access was attempted.

The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).

The Process Information fields indicate which account and process on the system requested the logon.

The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
      - Transited services indicate which intermediate services have participated in this logon request.
      - Package name indicates which sub-protocol was used among the NTLM protocols.
      - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
0
 
LVL 5

Accepted Solution

by:
CarlosDominguez earned 500 total points
ID: 37752893
Have you tried accessing \\IP_address (instead of name)?

Do you have all the automatic services running?

Do you have the firewall active and configured in the 2008 server? Maybe you can try turning the firewall off for the private network.

Maybe you could have an AV product installed and resident in the server. Could you try turning it off temporarily?

In 2008 there are roles and features: go to server manager and check if you have enabled the role "File services".

If no success in any way... I would suggest re-join the 2008 server to the domain.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On some Windows 7 (SP1) computers, Windows Update becomes super slow even the computer is reasonably fast.  There's one solution that seemed to have worked well for me (after trying a few other suggested solutions).
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.
Suggested Courses

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question