jeffleese
asked on
troubleshooting a local network dns problem
I think I have a little dns configuration error somewhere, but need your experience to help troubleshoot and correct it.
I'm working with a local network, actually a workgroup of windows 8.1 computers, all connected by a Dlink DIR-820L wireless router at 192.168.0.1 - the router has two wireless networks: one is regular and runs at 2.4 Ghz, while the second is faster and runs at 5 Ghz. I will refer to the faster wireless network as the media network.
I have set one of the computers to use a preferred address of 192.168.0.8 and its is connected to the media network, and on the router I can see it is connected and it uses the name Sphere.
From another computer, connected to the regular network, I have network discovery turned on, and I can see the computer sphere on the network.
However, if I use RDP to connect, and I refer to the computer target as sphere, it won't connect. If I use the ip address 192.168.0.8 then it does connect. If I use the name sphere in rdp, it asks for my password, but fails to connect, and just repeats asking for the password. But if I use the ip address, it accepts the password and creates the remote desktop normally.
I have tried deleting and recreating the rdp connection. Any ideas on how to fix this? Does it indicate some kind of dns problem?
I'm working with a local network, actually a workgroup of windows 8.1 computers, all connected by a Dlink DIR-820L wireless router at 192.168.0.1 - the router has two wireless networks: one is regular and runs at 2.4 Ghz, while the second is faster and runs at 5 Ghz. I will refer to the faster wireless network as the media network.
I have set one of the computers to use a preferred address of 192.168.0.8 and its is connected to the media network, and on the router I can see it is connected and it uses the name Sphere.
From another computer, connected to the regular network, I have network discovery turned on, and I can see the computer sphere on the network.
However, if I use RDP to connect, and I refer to the computer target as sphere, it won't connect. If I use the ip address 192.168.0.8 then it does connect. If I use the name sphere in rdp, it asks for my password, but fails to connect, and just repeats asking for the password. But if I use the ip address, it accepts the password and creates the remote desktop normally.
I have tried deleting and recreating the rdp connection. Any ideas on how to fix this? Does it indicate some kind of dns problem?
try ping sphere from the desktop you are connecting rdp from and see what IP it is resolving to.
There is a file in System32\Drivers\etc name LMHOSTS.sam. Open it with notepad and put all your devices by name and IP in it using the example as a format guide.
eg.
192.168.0.8 Sphere
So, IP address, then TAB, then the netbios name of the computer. When you are done, save the file as LMHOSTS with no file extension.
Keep in mind that each computer in that file should have a static IP address or a DHCP reservation or if the IP changes the file is useless.
eg.
192.168.0.8 Sphere
So, IP address, then TAB, then the netbios name of the computer. When you are done, save the file as LMHOSTS with no file extension.
Keep in mind that each computer in that file should have a static IP address or a DHCP reservation or if the IP changes the file is useless.
I don't think that's a good idea.
I rather solve the issue if it is DNS problem.
I rather solve the issue if it is DNS problem.
It's a workgroup network, there is no DNS locally. The router is running a dns redirector not a server.
ASKER
C:\Users\Jeff>ping sphere
Pinging sphere [fe80::38ee:50c2:ad19:9169
Reply from fe80::38ee:50c2:ad19:9169%
C:\Users\Jeff>ping 192.168.0.108
Pinging 192.168.0.108 with 32 bytes of data:
Reply from 192.168.0.108: bytes=32 time<1ms TTL=128
So, I see that ping is using the hardware address when I use the name.
In the port forwarding section of the router, I list rdp to port forward to the 192.168.0.108 ip address. Not sure if that is the cause, but offer it anyway.
Pinging sphere [fe80::38ee:50c2:ad19:9169
Reply from fe80::38ee:50c2:ad19:9169%
C:\Users\Jeff>ping 192.168.0.108
Pinging 192.168.0.108 with 32 bytes of data:
Reply from 192.168.0.108: bytes=32 time<1ms TTL=128
So, I see that ping is using the hardware address when I use the name.
In the port forwarding section of the router, I list rdp to port forward to the 192.168.0.108 ip address. Not sure if that is the cause, but offer it anyway.
Ahhhh....you don't have local DNS server....
That is different story then. Thanks for pointing that out Netman.
You can't use hostname to ping if you don't have local DNS server.
The name it is resolving is actually IPv6 address. You can turn it off on the NIC properties.
You may want to do what Netman said unless you want to build a local DNS server.
That is different story then. Thanks for pointing that out Netman.
You can't use hostname to ping if you don't have local DNS server.
The name it is resolving is actually IPv6 address. You can turn it off on the NIC properties.
You may want to do what Netman said unless you want to build a local DNS server.
you're running ipv6.
try this command instead: ping sphere -4
try this command instead: ping sphere -4
ASKER
I tried adding "192.168.0.108 Sphere" to C:\windows\System32\Driver
No change after doing that.
Would you happen to know how I can add a DNS entry on the router, even in general terms. Maybe the routing section?
No change after doing that.
Would you happen to know how I can add a DNS entry on the router, even in general terms. Maybe the routing section?
ASKER
C:\Users\Jeff>ping sphere -4
Pinging sphere [169.254.80.80] with 32 bytes of data:
Reply from 169.254.80.80: bytes=32 time<1ms TTL=128
I have no idea where this 169.254.80.80 is from.
Pinging sphere [169.254.80.80] with 32 bytes of data:
Reply from 169.254.80.80: bytes=32 time<1ms TTL=128
I have no idea where this 169.254.80.80 is from.
Make sure you named the file LMHOSTS. You will need to unhide file extensions so you can make sure it didn't save as .txt.
ASKER
Thanks for the clarification. I renamed lmhosts.sam to lmhosts and saw that the properties of the file were showing it as lmhosts not lmhosts.txt
Then tried rdp, but no change.
Then tried rdp, but no change.
ASKER
C:\Users\Jeff>ping sphere -4
Pinging sphere [192.168.0.108] with 32 bytes of data:
Reply from 192.168.0.108: bytes=32 time=4ms TTL=128
This is now the result from the correct source computer, where the modified lmhost file is.
But for RDP on that same computer it won't accept password if I use name.
Pinging sphere [192.168.0.108] with 32 bytes of data:
Reply from 192.168.0.108: bytes=32 time=4ms TTL=128
This is now the result from the correct source computer, where the modified lmhost file is.
But for RDP on that same computer it won't accept password if I use name.
Ok, now resolution is working.
Make sure on Sphere that you set RDP properties to Allow any version. It will complain about security, but it's just a warning.
All these machines are Win 8.1? Including Sphere?
Make sure on Sphere that you set RDP properties to Allow any version. It will complain about security, but it's just a warning.
All these machines are Win 8.1? Including Sphere?
Also, what Authentication level is set on Sphere? Depending on that you may need the complete computername to connect.
ASKER
Sphere and the source computer are both windows 8.1 (but there are some version 8 pcs on the lan).
I went to the target computer (sphere) and looked at the "allow remote access to your computer" settings app, but could not find this rdp property. Where do I find this property?
Also, sorry to say, I'm not familiar with locating the authentication level. Please indicate how to find this.
I went to the target computer (sphere) and looked at the "allow remote access to your computer" settings app, but could not find this rdp property. Where do I find this property?
Also, sorry to say, I'm not familiar with locating the authentication level. Please indicate how to find this.
On Sphere, Open Control Panel, select System and Security
Now, under System click on the link for See the name of this computer. Make sure the Computername and Full Computername are the same - if not, record the full computername and change your LMHOSTS file to match this. You need to connect with full computername if it differs from computername.
If it is correct based on your LMHOSTS, then go back one pane and select Allow Remote Access.
On the new applet for System Properties, under Remote Desktop, make sure Allow Remote connections to this Computer is selected and the option for NLA is UNCHECKED.
Press Select Users button and make sure the right accounts are there that you are trying to use.
From your own computer, press the Windows Key + R and type mstsc in the run box, press Enter.
When the RDP box opens, press the arrow by Show Options.
Only fill in the computer name - no user, you will get prompted.
On the Advanced tab, make sure that Server Authentication is set to either Warn Me or Connect and don't warn me.
Let me know how you make out.
Now, under System click on the link for See the name of this computer. Make sure the Computername and Full Computername are the same - if not, record the full computername and change your LMHOSTS file to match this. You need to connect with full computername if it differs from computername.
If it is correct based on your LMHOSTS, then go back one pane and select Allow Remote Access.
On the new applet for System Properties, under Remote Desktop, make sure Allow Remote connections to this Computer is selected and the option for NLA is UNCHECKED.
Press Select Users button and make sure the right accounts are there that you are trying to use.
From your own computer, press the Windows Key + R and type mstsc in the run box, press Enter.
When the RDP box opens, press the arrow by Show Options.
Only fill in the computer name - no user, you will get prompted.
On the Advanced tab, make sure that Server Authentication is set to either Warn Me or Connect and don't warn me.
Let me know how you make out.
ASKER
Can do!
Looked at lmhost and saw that there was a capitalization difference, corrected, tested - no change.
Found that NLA was checked, so unchecked. Attempted test, no change.
Confirmed user (microsoft account, also the user on source computer attempting rdp to sphere) is registered for remote access on sphere.
Ran mstsc, filled name as sphere and user was blank. Then when I try to connect, I enter password, but it says "The logon attempt failed" same as before.
The weird thing here, is that it had already filled in my name (the microsoft account domain and username) even though the name field was blank in the mstsc interface. So where it's getting that, seems like a target for removal, maybe?
Looked at lmhost and saw that there was a capitalization difference, corrected, tested - no change.
Found that NLA was checked, so unchecked. Attempted test, no change.
Confirmed user (microsoft account, also the user on source computer attempting rdp to sphere) is registered for remote access on sphere.
Ran mstsc, filled name as sphere and user was blank. Then when I try to connect, I enter password, but it says "The logon attempt failed" same as before.
The weird thing here, is that it had already filled in my name (the microsoft account domain and username) even though the name field was blank in the mstsc interface. So where it's getting that, seems like a target for removal, maybe?
It pulls it from the current user.
Can you see if there are any event logs on Sphere or your local machine that may help us see why this is happening?
I can set this up here in the lab, but it would be faster to look for logs first.
Can you see if there are any event logs on Sphere or your local machine that may help us see why this is happening?
I can set this up here in the lab, but it would be faster to look for logs first.
I'm beginning to think this might be an issue with HomeGroup.
ASKER
Sure, I don't know the log name to get you, but am willing to follow up if you know the path.
For some further context information, I went to another computer and tried to log in to sphere as a different user: same problem.
Then I went back to the original source computer and tried to rdp back to the alternate computer, using its computer name (scope), and that worked normally, I could log on. So, this seems to point directly at something on sphere being wrong.
What I tried was, I cleared the event log, tried to log in to sphere, which failed, tried to log in to the ip address, which succeeded, and looked at the application log. I found and error from the Desktop Window Manager, The Desktop Window Manager has exited with code (0xd00002fe)
For some further context information, I went to another computer and tried to log in to sphere as a different user: same problem.
Then I went back to the original source computer and tried to rdp back to the alternate computer, using its computer name (scope), and that worked normally, I could log on. So, this seems to point directly at something on sphere being wrong.
What I tried was, I cleared the event log, tried to log in to sphere, which failed, tried to log in to the ip address, which succeeded, and looked at the application log. I found and error from the Desktop Window Manager, The Desktop Window Manager has exited with code (0xd00002fe)
ASKER
Would it be useful to leave the homegroup on sphere, test, rejoin, test?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I looked at the homegroup from the source computer, and I removed sphere from the homegroup. Then I checked if I could see a disk shared from sphere when I browse the network, and I could. So at that point I had ability to browse network, but sphere is not in the homegroup.
Then I rdp to sphere, and I log in normally.
Then I rdp to sphere, and I log in normally.
ASKER
But now I imagine I should rejoin the homegroup (for shared media and printers), and check the source computer's homegroup password (which was different from what had been the password on sphere's homegroup).
Can't figure out how to join the homegroup that seems to be provided from the source pc.
I can see why you might not be a fan of homegroup...
Can't figure out how to join the homegroup that seems to be provided from the source pc.
I can see why you might not be a fan of homegroup...
ASKER
Ok, I had to turn on network discovery again on sphere, and then when I browsed the homegroup, I had the option to join. I used the password provided on the source computer and then it joined the homegroup. Finally I tested again, and was still able to rdp with name.
So the problem was that there were two homegroups, each with different password.
Thanks for the troubleshooting. I think it's solved.
So the problem was that there were two homegroups, each with different password.
Thanks for the troubleshooting. I think it's solved.
ASKER
Patient and clear instructions were appreciated. Guess was on target!
Awesome, glad I could help!