jana
asked on
How to fix access a remote computer by name besides ip address
In a windows 10 computer, we can access the device by \\ipaddress\c$ but if we address it by name, that is \\computername\c$, it requests a user/password - which we enter but get 'access denied' and the user/password login windows re-appears.
Note, both computers are Windows 10, same workgroup, no domain, same subnet, etc.
We noticed that even though cannot access the computer by \\computername, we can ping it with no problem (which means we can see that computer).
We don't have a problem using the access vi IP address, but when the ip changes, th at's when we have problems. So we are trying to see whats going on and how to access the remote computer by \\computer\c$
Please advice.
Note, both computers are Windows 10, same workgroup, no domain, same subnet, etc.
We noticed that even though cannot access the computer by \\computername, we can ping it with no problem (which means we can see that computer).
We don't have a problem using the access vi IP address, but when the ip changes, th at's when we have problems. So we are trying to see whats going on and how to access the remote computer by \\computer\c$
Please advice.
Also consider VPN for secure remote access. I should have noted I do that as well.
ASKER
How do I associate the name of the computer ip address in the HOSTS file? (don't think we ever did that)
The computer is within the office, don't think we need VPN setup (unless nothing else works).
The computer is within the office, don't think we need VPN setup (unless nothing else works).
ASKER
Ok, so add at the end of the file the ip-address and the computer name don't include #?
just the ip address and the computername, the # signifies the rest of the line is a comment
i.e.
10.0.10.101 computername
you will have to edit the file as an administrator << important>>
i.e.
10.0.10.101 computername
you will have to edit the file as an administrator << important>>
ASKER
Ok.... just did, didn't, we have to reboot right?
no reboot required
ASKER
hmmm... didn't work. I place the ip _ name at the en of the file as:
192.168.0.14 COMPUTERNAME
ping -a 192.168.0.14 should bring up the computername
ping computername should show the address
ping computername should show the address
ASKER
It does. Also I connect to the remote computer RDP with a computer name instead of IP, but can't seem to connect via winows explorer to the computer.
But did I do it correct?
192.168.0.14 COMPUTERNAME
at the end of the file?
But did I do it correct?
192.168.0.14 COMPUTERNAME
at the end of the file?
to connect via explorer
\\computername
check your credential manager in control panel
names are for humans, machines use ip addresses
\\computername
check your credential manager in control panel
names are for humans, machines use ip addresses
ASKER
We have done all that prior placing the question, is that the Host file didn't work and are asking if the we wrote is correct:
at the en of the file we included this line...
192.168.0.14 COMPUTERNAME
at the en of the file we included this line...
192.168.0.14 COMPUTERNAME
YES that is the correct way to do it.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Rayluvs: do you know what saved credentials are? Because that is what we see here. There is a credential set for the IP saved which grants administrative access. The name is accessed using different credentials, that don't offer administrative access. If you would like to use the computername, simply save the same credentials that were used for the IP.
cmdkey /list
will list all saved credentials.
cmdkey /list | findstr youriphere
might help you finding your ip.
You can also use cmdkey to save credentials. cmdkey /? will tell you how.
cmdkey /list
will list all saved credentials.
cmdkey /list | findstr youriphere
might help you finding your ip.
You can also use cmdkey to save credentials. cmdkey /? will tell you how.
192.168.0.14 COMPUTERNAME
at the end of the file?
there should be at least 1 linefeed at end of line.
you may not use spaces or non-ASCII characters in the computer name.
can you post the name you currently were using? shouldn't be "COMPUTERNAME" because that is the name of an environment variable.
Sara
ASKER
Jackie Man,
Mcknife,
sarabande,
Yes, Antivirus / Internet security software installed in both computers and the sames apps also (Comodo Internet Security premium 10, Malwarebytes, SUPERAntiSpyware, and Spybot-Search & Destroy. You suggestion conflict? makes sense, but where to look?
Mcknife,
No, we don't know saved credentials are, but just looked it up - 'Cmdkey command creates, lists and deletes stored user names and passwords form a computer'. Note, we did cmdkey/list on the computer that want to connect to the remote computer and found:
Target: Domain:target=TERMSRV/192. 168.0.23
Type: Domain Password
User: RemoteComputerName\OurUser Name
Local machine persistence
We noticed that the IP is wrong. When we ping RemoteComputerName, we get 192.168.0.14, not 192.168.0.23.
can this be the problem?
Target: Domain:target=TERMSRV/192.
Type: Domain Password
User: RemoteComputerName\OurUser
Local machine persistence
We noticed that the IP is wrong. When we ping RemoteComputerName, we get 192.168.0.14, not 192.168.0.23.
can this be the problem?
sarabande,
yes, there is a linefeed at end of file. Made sure to press ENTER key at the end of the line and made sure no more blank spaces afterward. the name of the computer is ACCOUNTVPC (we place COMPUTERNAME so to make best references to what we are doing).
"We noticed that the IP is wrong" - sorry, how can an IP be wrong? That is a credential entry for a different IP, that's all.
Are there no saved credentials for 192.168.0.14?
Are there no saved credentials for 192.168.0.14?
cmdkey /list | findstr 192.168.0.14
returns nothing?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
we place COMPUTERNAME so to make best references to what we are doing
does that mean you were using the environment variable named COMPUTERNAME ?
you couldn't do that in hosts file (be also aware that hosts has no file extension before and after editing). here you have to define ACCOUNTVPC.
if you want to issue a command like ping using the environment variable computername you would do
ping %COMPUTERNAME%
Sara
ASKER
McKnife,
jackie man,
sarabande,
Returns nothing. No saved credentials for 192.168.0.14.
When I previous stated "We noticed that the IP is wrong", meant that when we 'cmdkey /list', we saw the name of computer we want to connect to within the list but with a different UP as indicated in my entry ID: 42229130, see 'Target: Domain:target=TERMSRV/192. 168.0.23' (noticed that the IP with the computer name is '192.168.0.23' and we ping the computer the IP is '192.168.0.14').
That is why we asked this be an indication of the problem? You think that changing it to 'Target: Domain:target=TERMSRV/192. 168.0.14' would fixe it? How?
When I previous stated "We noticed that the IP is wrong", meant that when we 'cmdkey /list', we saw the name of computer we want to connect to within the list but with a different UP as indicated in my entry ID: 42229130, see 'Target: Domain:target=TERMSRV/192.
That is why we asked this be an indication of the problem? You think that changing it to 'Target: Domain:target=TERMSRV/192.
jackie man,
Understood, but wouldn't it also block the IP address? As stated in the initial question, when we use '\\ipaddress\c$' we have access to the remote computer drive, but when we use the remote computer name. that is \\computername\c$, we get access denied.
sarabande,
No we are not using the environment variable named COMPUTERNAME. Understood on 'no extension' on Host file. To correct our description in our entry ID: 42228411, the Host file last line reads:
192.168.0.14 ACCOUNTVPC
Where ACCOUNTVPC is the actual computer-name.
192.168.0.14 ACCOUNTVPC
Where ACCOUNTVPC is the actual computer-name.
Windows 10 Security continues to increase. Can you put proper IPsec VPN access into your network. I do this and access either by IP address or Name Resolution with HOST files is very simple and easy.
Use cmdkey and add credentials for that name.
cmdkey /add:servername /user:domainname.local\som euser /pass:SomeUsersPassword
cmdkey /add:servername /user:domainname.local\som
ASKER
Hi, setting up IPsec VPN in our network don't think it's worth it. The computers are closed by ,within the same room and as stated in the question, we have no problem using or accessing the remote computer via IP; we want to know why can't access via comouertname.
Tjanx McKnige I was looking for that format, will try.
Tjanx McKnige I was looking for that format, will try.
we have no problem using or accessing the remote computer via IP; we want to know why can't access via computername.
Your problem is caused by improper DNS + "NetBIOS over TCP/IP".
Have you tried to reset TCP/IP of the remote computer and flush the DNS of the client PC?
ASKER
DNS, yes, makes sense sense; that is why it doesn't recognize or relate the IP and the name.
Ok will proceed to reset te TCP/IP and flush - here is what we are going to do, anything else?
Also "NetBIOS over TCP/IP" is supposed be disabled or off?
Ok will proceed to reset te TCP/IP and flush - here is what we are going to do, anything else?
netsh int ip reset c:\resetlog.txt
restart computer
ipconfig /flushdns
ipconfig /renew
Also "NetBIOS over TCP/IP" is supposed be disabled or off?
It depends on the number of legacy systems. NetBIOS can be OFF if all new systems but that will not impact your issue.
If I were you, I will enable NetBIOS over TCP/IP at the remote computer.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
if not mistaken enabling NetBIOS over TCP/IP puts the computer at risk?
ASKER
FYI:
Ran all recommendations,
Still can't access via computer name.
We are also checking will keep u guys informed any new stuff.
thanx all.
Ran all recommendations,
netsh int ip reset c:\resetlog.txt
restart computer
ipconfig /flushdns
ipconfig /renew
cmdkey /add:servername /user:domainname.local\someuser /pass:SomeUsersPassword
Still can't access via computer name.
We are also checking will keep u guys informed any new stuff.
thanx all.
ASKER
Hi sarabande, didn't read your entry prior my last comment., here is my answers:
if netbios over tcp/ip is the problem, access via ip address wouldn't work neither.
--> didn't enable it for security purposes.
also C:\Windows\System32\driver s\etc\host s file should solve the name resolution regardless whether DNS generally was properly configured or not.
--> Inserted the IP and the computer real name, didn't work either.
also the remote computer shouldn't see any difference because name resolution happens at the local side (at least with hosts file).
--> Also tried to go to the remote computer and tried to access the other computer via \\computername\c$ and it also doesn't work, says "access denied".
so, the only idea left for me is, that either microsoft accounts or firewall of the local computer prevent from proper name resolution.
as far as i recognized, you didn't answer the question whether the Windows 10 was connected with a Microsoft account or not. also whether there is (or was) a homegroup network configured, wasn't answered. don't know what to do if one or both are the case but it might be important to know.
--> All computers are connect with local user name, non with microsoft accounts. There is no domain, it's one workgroup and all are windows 10 pro
perhaps you could try with another name. or change the ip address of the remote computer.
--> didn't enable it for security purposes.
also C:\Windows\System32\driver
--> Inserted the IP and the computer real name, didn't work either.
also the remote computer shouldn't see any difference because name resolution happens at the local side (at least with hosts file).
--> Also tried to go to the remote computer and tried to access the other computer via \\computername\c$ and it also doesn't work, says "access denied".
so, the only idea left for me is, that either microsoft accounts or firewall of the local computer prevent from proper name resolution.
as far as i recognized, you didn't answer the question whether the Windows 10 was connected with a Microsoft account or not. also whether there is (or was) a homegroup network configured, wasn't answered. don't know what to do if one or both are the case but it might be important to know.
--> All computers are connect with local user name, non with microsoft accounts. There is no domain, it's one workgroup and all are windows 10 pro
perhaps you could try with another name. or change the ip address of the remote computer.
ASKER
Again, it's no big deal for use to use \\ipaddress\c$ instead of \\computername\c$, we just wanted to know what is happening and maybe fixed it. We checking & will keep u guys posted, Thanx!
Antivirus / Internet security software can have a role here apart from Windows firewall.
Have you tried to uninstall then at the remote computer and do a test?
Have you tried to uninstall then at the remote computer and do a test?
ASKER
yes, u recommended that back in ID: 42228481 and we replied.
Your reply was "where to look".
Have you done anything to troubleshoot?
Have you done anything to troubleshoot?
didn't enable it for security purposes.
could you enable it for a test?
as far as my memories of 'netbios over tcp/ip' go back, this requires that both computers have the same user and same password (both together would be the credentials) such that the internal hash would match for both and a log-in at the remote computer could be skipped. the security risks of this technique easily can be seen: a potential attacker who got access to the internal credentials doesn't need knowledge of a password to access all remote computers and their shares. so it would be not surprising if an operation system would like to close this security leak (perhaps with a major update) and allow only access by ip address for compatibility reasons. but that is only a guess and if you disabled netbios over tcp/ip anyhow, it probably is a wrong idea.
Sara
ASKER
jackie man, we done troubleshooting besides the ones followed here. The "where to look" I referred since you asked Antivirus / Internet security software installed, we thought that may be some sort of conflict, thus, the question "where to look"?
sarabande, so we have to enable netbios over tcp/ip on both computers? or only the remote?
sarabande, so we have to enable netbios over tcp/ip on both computers? or only the remote?
since it is only for test i would do it first only for the local computer and if there was no success on both. from my understanding it is a local thing. but perhaps - if no success for either case - you should use a network sniffer to see from the logs what happened when using the ip versus what happened when using the name.
Sara
Sara
ASKER
Yes, makes sense.
“where to look” us to uninstall your antivirus / Internet security software and do a test.
ASKER
We done that. Will proceed with enable netbios over tcp/ip recommendation when we get the computer.
ASKER
Got the the computer and enable netbios over tcp/ip on both computers - same problem.
ASKER
Please note:
We use remote desktop and uses the actual pc name, no IP to connect with RDP. The problem is when we use \\pc-name\; it detect the computer, asked for user/password but doesn't connect. Yet if we use \\ip-address\, it request the user/password and WE DO CONNECT.
real strange this situation.
We use remote desktop and uses the actual pc name, no IP to connect with RDP. The problem is when we use \\pc-name\; it detect the computer, asked for user/password but doesn't connect. Yet if we use \\ip-address\, it request the user/password and WE DO CONNECT.
real strange this situation.
can you connect to the remote computer with the windows explorer?
what happens if you do
in a command window?
Sara
what happens if you do
dir \\pc-name\share
in a command window?
Sara
ASKER
Access is denied.
ASKER
But if we use the IP, that is 'dir \\192.168.0.14\share' we get 'The network path was not found.'.
However, if we 'dir \\192.168.0.14\c$' we get the folders contents.
Something crazy is going on.
However, if we 'dir \\192.168.0.14\c$' we get the folders contents.
Something crazy is going on.
I think you will find this results from Windows 10 security changes, even from prior Windows 10 versions. Just use IP address in your case
ASKER
Of course, that is what we have been doing even prior placing the question, using IP. It's just so crazy this is happening. if at the end can't get fixed, we stay accessing via IP.
Windows 10 has had security updates since you raised the question two weeks ago.
ASKER
I think it's update... let me check
ASKER
W10Pro v.10.0.15063 Build 15063 - it's that the latest? or how can we know?
Check the three sub numbers but overall that is Creator Update and is different (security) than the prior non-Creator version
ASKER
Don't understand, you mean that my version will not be able to see remote pc \\pcname\c$ ?
Windows 10 no longer allows remote access to C$ . I have tried that several times and posted.
Map to \\pcname\folder. Folder can be DriveC where DriveC is the name of C$
Even then you are likely to need pcname in your local HOSTS file.
Map to \\pcname\folder. Folder can be DriveC where DriveC is the name of C$
Even then you are likely to need pcname in your local HOSTS file.
ASKER
But I have access using ip-address and Windows 10 allows remote access to C$, E$, F$, etc. doesn't make sense restricting pc-name and permition on IP address. There has to be something else.
IP is different than Computer Name and that is probably why.
Are you using domain account to access the remote admin share?
http://woshub.com/enable-remote-access-to-admin-shares-in-workgroup/
http://woshub.com/enable-remote-access-to-admin-shares-in-workgroup/
ASKER
No domain, workgroup via a cable modem router. These specific setting are just 2 computers.
In such case, you need to disable Remote UAC by creating the
LocalAccountTokenFilterPol icy
parameter in the registry
Tip. It will slightly reduce the system security level.
Open the Registry Editor (regedit.exe)
Go to HKEY_LOCAL_MACHINE\SOFTWAR E\Microsof t\Windows\ CurrentVer sion\Polic ies\System
Create a new DWORD (32-bit) parameter with the name LocalAccountTokenFilterPol icy
Specify the LocalAccountTokenFilterPol icy parameter value equal to 1LocalAccountTokenFilterPo licy
Restart your computer to apply the changes
LocalAccountTokenFilterPol
parameter in the registry
Tip. It will slightly reduce the system security level.
Open the Registry Editor (regedit.exe)
Go to HKEY_LOCAL_MACHINE\SOFTWAR
Create a new DWORD (32-bit) parameter with the name LocalAccountTokenFilterPol
Specify the LocalAccountTokenFilterPol
Restart your computer to apply the changes
I would not recommend disabling UAC because the problem can be readily solved by making an alias (DriveC) and sharing that. I do this all the time and it works.
So I really suggest doing things the way they should be done and not trying to force a non-standard way that has now been disabled by Windows 10 security.
So I really suggest doing things the way they should be done and not trying to force a non-standard way that has now been disabled by Windows 10 security.
The above is copied from the link in my previous comment.
If you are using domain account, you do not need to edit the registry.
If you are using domain account, you do not need to edit the registry.
Agreed.
But the above is not disabling the UAC and it is the most easy way to do as a workaround.
But the above is not disabling the UAC and it is the most easy way to do as a workaround.
ASKER
Ok, will try the recomendations as soon we get to the office.
I use the Microsoft recommended approach for remote access and it all works fine.
Just by the by for remote access:
In my Home Office, I have a Cisco RV325 VPN Router. I have site to site tunnels for client access and a site to Gateway tunnel for me to get in with NCP Secure Entry from anywhere at all including with my HUAWEI Internet stick.
I securely share my Desktop drives to myself only as DriveC and DriveD. I have unfettered and simple access to these drives (me only - no one else although that can be changed).
I put Radmin Server on my Desktop and from wherever I am, I can run my Desktop computer.
What you want can be done, just using the ways Microsoft suggests.
In my Home Office, I have a Cisco RV325 VPN Router. I have site to site tunnels for client access and a site to Gateway tunnel for me to get in with NCP Secure Entry from anywhere at all including with my HUAWEI Internet stick.
I securely share my Desktop drives to myself only as DriveC and DriveD. I have unfettered and simple access to these drives (me only - no one else although that can be changed).
I put Radmin Server on my Desktop and from wherever I am, I can run my Desktop computer.
What you want can be done, just using the ways Microsoft suggests.
ASKER
Just read your entry, makes sense but how can we go about it?
You state,
- site to site tunnel
- ncp secure entry
- secure your desktop drive (I assume it's right-click >> properties and only me should be the user access?)
- radmin server
Please advice on links on how-to
You state,
- site to site tunnel
- ncp secure entry
- secure your desktop drive (I assume it's right-click >> properties and only me should be the user access?)
- radmin server
Please advice on links on how-to
No links. I learned this stuff over time.
1. Cisco RV325 is a VPN router and you can make IPsec VPN tunnels in and out. If you get one or like, post a new question.
2. NCP Secure Entry (www.ncp-e.com) is a VPN IPsec Client Application. It can connect to the RV325 Router. Post a new question.
3. Radmin Server (Famatech) you can try on site. The server is about $50 and the viewer is free. Set up a server machine and put the viewer on another machine. You can do this over an internal network, no VPN.
You can read up on each of the sites above to gain some familiarity
1. Cisco RV325 is a VPN router and you can make IPsec VPN tunnels in and out. If you get one or like, post a new question.
2. NCP Secure Entry (www.ncp-e.com) is a VPN IPsec Client Application. It can connect to the RV325 Router. Post a new question.
3. Radmin Server (Famatech) you can try on site. The server is about $50 and the viewer is free. Set up a server machine and put the viewer on another machine. You can do this over an internal network, no VPN.
You can read up on each of the sites above to gain some familiarity
ASKER
Kind of lost. You said "I use the Microsoft recommended approach for remote access and it all works fine.", then present your setup; is that MS recommendation?
I use the Microsoft recommended approach for File Sharing, that is, share folders not C$.
I set up Network Discovery and FIle/Print using the Microsoft setup.
I keep UAC ON.
I do not make any registry changes at all.
Then I use two non-Microsoft Products but Microsoft Certified companies: NCP Secure Entry for VPN. Bomb-proof and top of class. And then Radmin Tools for remote access to my computer.
1. Set up file sharing first.
2. Set up Radmin between 2 computers on the same network
3. Decide about Cisco RV325 and then we will go from there.
I set up Network Discovery and FIle/Print using the Microsoft setup.
I keep UAC ON.
I do not make any registry changes at all.
Then I use two non-Microsoft Products but Microsoft Certified companies: NCP Secure Entry for VPN. Bomb-proof and top of class. And then Radmin Tools for remote access to my computer.
1. Set up file sharing first.
2. Set up Radmin between 2 computers on the same network
3. Decide about Cisco RV325 and then we will go from there.
ASKER
Understood.
ASKER
Fixed! ...we can access the remote computer by now \\pcname\c$.
We re-read all the thread carefully and even though we did each of every recommendations, when we came upon antivirus and firewall, we:
- uninstall all our antivirus, spyware & firewall apps (used iOBIT Uninstaller)
- rebooted
- cleaned out any registry with these apps
- delete any remaining of these apps folders
- rebooted
- installed the Firewall first, then the rest
- rebooted
And worked.
So the problem was maybe misconfigurations or corrupted antivirus, spyware & firewall apps; a clean reinstall fixed it.
Note:
we did the above steps on both client & host pc. Also when we uninstalled the first time (or various times before) we only did it with one pc forgetting the other. When we did uninstall on both, we didn't' do a cleanup as stated the steps above. Finally, we used this last time iOBIT uninstaller because it cleans out the registry and actual folders related to the installed apps.
(Don't know exactly what else could have been exactly but this process fixed it)
We re-read all the thread carefully and even though we did each of every recommendations, when we came upon antivirus and firewall, we:
- uninstall all our antivirus, spyware & firewall apps (used iOBIT Uninstaller)
- rebooted
- cleaned out any registry with these apps
- delete any remaining of these apps folders
- rebooted
- installed the Firewall first, then the rest
- rebooted
And worked.
So the problem was maybe misconfigurations or corrupted antivirus, spyware & firewall apps; a clean reinstall fixed it.
Note:
we did the above steps on both client & host pc. Also when we uninstalled the first time (or various times before) we only did it with one pc forgetting the other. When we did uninstall on both, we didn't' do a cleanup as stated the steps above. Finally, we used this last time iOBIT uninstaller because it cleans out the registry and actual folders related to the installed apps.
(Don't know exactly what else could have been exactly but this process fixed it)
Good
“where to look” us to uninstall your antivirus / Internet security software and do a test.
Antivirus / Internet security + Windows update will create a mess, especially in Windows 10.
If you have no further question, please do us a favor to close this question.
Thanks!
“where to look” us to uninstall your antivirus / Internet security software and do a test.
Antivirus / Internet security + Windows update will create a mess, especially in Windows 10.
If you have no further question, please do us a favor to close this question.
Thanks!
ASKER
Even though the problem is fixed, how can apps like antivirus/firewall block a PC-NAME and not the IP? (as stated in our initial question)
That is so strange.
Anyways, Thanx!
That is so strange.
Anyways, Thanx!
ASKER
(no need to answer this last one.. just rhetorical)
Also are both computer Local Accounts or Microsoft Accounts?
Do you have Home Group turned off ?