Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Server 2008 R2 cannot access over netwrok

Posted on 2014-10-06
24
67 Views
Last Modified: 2015-06-27
I have a Windows Server 2008 R2 machine that is not connected to the domain for security reasons, but we did setup a shared folder to be accessed by the two lead technicians on site.

All the basic stuff has been done. We are not using a blank password, file sharing with passwords has been turned on (i do not want to enable blank passwords for security purposes), it doesn't work if I use IP address. I am 1000% sure the password I am entering is accurate. I have even entered the password as both: username and as "servername\username"

I created a new local user on that machine with a new password. Same result. If I actually enter a bad username or password, I get a different error code than below. I believe it said 6d instead of 6e....

I feel like I have checked and recheck NTLM settings in GPedit over and over again. It is set to accept NTLM but also v2 if negotiated. No matter what I do
SERVER is not accessible, You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.

Logon failure: user account restriction. Possible reasons are blank passwords not allowed, logon hour restrictions, or a policy restriction has been enforced.


On the server where I am trying to access, the security log has this:
An account failed to log on.

Subject:
	Security ID:		NULL SID
	Account Name:		-
	Account Domain:		-
	Logon ID:		0x0

Logon Type:			3

Account For Which Logon Failed:
	Security ID:		NULL SID
	Account Name:		administrator
	Account Domain:		bethanyhv

Failure Information:
	Failure Reason:		Unknown user name or bad password.
	Status:			0xc000006e
	Sub Status:		0xc000006e

Process Information:
	Caller Process ID:	0x0
	Caller Process Name:	-

Network Information:
	Workstation Name:	SERVERNAME
	Source Network Address:	192.168.1.4
	Source Port:		64586

Detailed Authentication Information:
	Logon Process:		NtLmSsp 
	Authentication Package:	NTLM
	Transited Services:	-
	Package Name (NTLM only):	-
	Key Length:		0

This event is generated when a logon request fails. It is generated on the computer where access was attempted.

The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).

The Process Information fields indicate which account and process on the system requested the logon.

The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
	- Transited services indicate which intermediate services have participated in this logon request.
	- Package name indicates which sub-protocol was used among the NTLM protocols.
	- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.

Open in new window


If someone can help identify what I should check to get permissions to browse shared resources on this machine I would be very grateful. I've been beating my head against a virtual wall for days now.
0
Comment
Question by:fecklessness
  • 9
  • 4
  • 3
  • +4
24 Comments
 
LVL 27

Expert Comment

by:Steve
ID: 40365635
can you access any other resources with these user credentials or is it just this particular one that is inaccessible?

eg browse to '\\servername\c$' to see if you can see the admin share
or
'\\servername' for access to all shares & printers etc.
0
 

Author Comment

by:fecklessness
ID: 40365874
no, it is the same results when accessing specific shares. no matter what you try to access on that server, you get the same result as described above.
0
 
LVL 43

Expert Comment

by:Davis McCarn
ID: 40365930
Since it is not joined to the domain, the age old trick is to make its workgroup name match the domain name.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 3

Expert Comment

by:TropicalBound
ID: 40365936
What about the other way around?  Can this server access shares on the domain, with the appropriate credentials?

The firewall isn't getting in the way, is it?
0
 

Author Comment

by:fecklessness
ID: 40365969
No, I have tried turning off firewall. And yes we can access shares on the domain.
0
 
LVL 3

Expert Comment

by:TropicalBound
ID: 40366057
Under 'Network and Sharing Center', what type of network did you select?  If it's set to 'Public', change it to 'Work'.
0
 

Author Comment

by:fecklessness
ID: 40366062
It is currently set for 'Work'.
0
 
LVL 27

Expert Comment

by:Steve
ID: 40366138
the error does appear to be specific to credentials. have you tried creating a new user and seeing if that works?
Reset the password to see if it helps?
Check the password isn't 'expired'?
0
 

Author Comment

by:fecklessness
ID: 40366156
I tried that  -  "I created a new local user on that machine with a new password. Same result. If I actually enter a bad username or password, I get a different error code than below. I believe it said 6d instead of 6e...."
0
 
LVL 43

Expert Comment

by:Davis McCarn
ID: 40366187
Did you change the workgroup name to match the domain?
0
 

Author Comment

by:fecklessness
ID: 40366714
Yes. This had no positive effect.

Here's where I am at so far. I have access but I had to enable the guest account...

Go to gpedit.msc, Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options

Set Guest Account Status: Enabled

Set Network access: Sharing and security model for local accounts to Classic (already was this but I checked to confirm)

Check Access remotely, it works using "servername\username" and password

Set Guest Account Status to disabled and access is denied again. So it only works if I enable guest, even though I am apparently using the classic form of authentication which requires username/password.
0
 
LVL 15

Expert Comment

by:joharder
ID: 40366741
Are you attempting to RDP into the server?  If so, is Remote Desktop enabled (it is disabled by default)?  Set Remote Desktop to allow connections for computers running any version of RDP.
0
 

Author Comment

by:fecklessness
ID: 40366748
no RDP, just trying to access shares
0
 
LVL 43

Expert Comment

by:Davis McCarn
ID: 40366945
Hmmmmm.......
What happens if you create an AD user account that exactly matches one on this server and try using it from a workstation?
0
 

Author Comment

by:fecklessness
ID: 40367074
Steps taken:
- GPEDIT, disabled Guest Account
- create matching user in AD
- try using credentials again to access non-domain fileserver

NOPE
0
 
LVL 15

Expert Comment

by:joharder
ID: 40367186
Are you attempting to access the share via IP or server name?  If the latter, is there a DNS entry?

Try remapping the shares and give everyone access.  If that works, just enable the specific users and then delete the everyone access.

Double check your anti-virus and firewall.  Maybe they are doing some overtime protecting you?
0
 
LVL 43

Expert Comment

by:Davis McCarn
ID: 40367317
"Steps taken:
 - GPEDIT, disabled Guest Account
 - create matching user in AD
 - try using credentials again to access non-domain fileserver"

You left out #3, login to workstation with same credentials before " - try using credentials again to access non-domain fileserver"
0
 
LVL 15

Expert Comment

by:joharder
ID: 40367357
One more thing: on the NIC, is file and printer sharing enabled?
0
 
LVL 27

Expert Comment

by:Steve
ID: 40368836
is there any chance that you or anyone else has amended local group policy on this server in the past? should work by default, but there are many settings in local group policy that could cause this.

try running gpresult /h result.html and looking at the results for any security/access settings.
0
 

Author Comment

by:fecklessness
ID: 40368895
Good idea. We had amended some network access settings regarding NTLM previously but we did reset those settings. Running GPRESULT doesn't indicate any of those settings being applied now though. The only real rule I see being applied is allowing RDP which has nothing to do with my problem....

Yes File & Printer sharing is enabled.

@DavidMcCarn completed steps as described, logging in with same credentials and accessing the non-domain server. No positive effect.
0
 
LVL 11

Expert Comment

by:hecgomrec
ID: 40370557
I will start my recommendation saying that you should bring the machine to basic installation (re-install).  Then create the accounts of the Tech people on the machine (notice I said machine) as administrators.  Create the share either using "Share an Storage Management" or properties using the file explorer.  Once you have finished and tested that users can access the shares then you can start playing around with the Group Policy.

Now, if the machine is out of the domain and only local users are going to have access to it, I find it redundant to play with GP if only administrators have access to it... unless you don't trust them!!!! ;)
0
 

Accepted Solution

by:
fecklessness earned 0 total points
ID: 40379802
None of this worked, we have resorted to enabling the Guest user, even though we are using a username and password to access the shared folders this is the only way it works. I have renamed the Guest user so at least it is much harder for someone to hack that I hope!. Thanks for all the suggestions, I wish one of them worked out.
0
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 40854424
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This article runs through the process of deploying a single EXE application selectively to a group of user.
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question