Start Free Trial

asked on

How to fix access a remote computer by name besides ip address

In a windows 10 computer, we can access the device by \\ipaddress\c$ but if we address it by name, that is \\computername\c$, it requests a user/password - which we enter but get 'access denied' and the user/password login windows re-appears.

Note, both computers are Windows 10, same workgroup, no domain, same subnet, etc.

We noticed that even though cannot access the computer by \\computername, we can ping it with no problem (which means we can see that computer).

We don't have a problem using the access vi IP address, but when the ip changes, th at's when we have problems. So we are trying to see whats going on and how to access the remote computer by \\computer\c$

Please advice.

Start by associating the name of the computer being accessed to its IP address in the HOSTS file of the accessing computer. I do that and it works properly.

Also are both computer Local Accounts or Microsoft Accounts?

Do you have Home Group turned off ?

Also consider VPN for secure remote access. I should have noted I do that as well.

ASKER

How do I associate the name of the computer ip address in the HOSTS file? (don't think we ever did that)

The computer is within the office, don't think we need VPN setup (unless nothing else works).

After-New-Install-RDC-Doesn't-Work-With-Name

The solution in the link is how to edit the hosts file

ASKER

Ok, so add at the end of the file the ip-address and the computer name don't include #?

David Johnson, CD

just the ip address and the computername, the # signifies the rest of the line is a comment
i.e.
10.0.10.101 computername

you will have to edit the file as an administrator << important>>

ASKER

Ok.... just did, didn't, we have to reboot right?

David Johnson, CD

no reboot required

ASKER

hmmm... didn't work. I place the ip _ name at the en of the file as:

192.168.0.14   COMPUTERNAME

Open in new window

David Johnson, CD

ping -a 192.168.0.14 should bring up the computername
ping computername should show the address

ASKER

It does. Also I connect to the remote computer RDP with a computer name instead of IP, but can't seem to connect via winows explorer to the computer.

But did I do it correct?

192.168.0.14 COMPUTERNAME

at the end of the file?

David Johnson, CD

to connect via explorer

\\computername

check your credential manager in control panel
names are for humans, machines use ip addresses

ASKER

We have done all that prior placing the question, is that the Host file didn't work and are asking if the we wrote is correct:

at the en of the file we included this line...

192.168.0.14 COMPUTERNAME

David Johnson, CD

YES that is the correct way to do it.

SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Rayluvs: do you know what saved credentials are? Because that is what we see here. There is a credential set for the IP saved which grants administrative access. The name is accessed using different credentials, that don't offer administrative access. If you would like to use the computername, simply save the same credentials that were used for the IP.

cmdkey /list
will list all saved credentials.
cmdkey /list | findstr youriphere
might help you finding your ip.

You can also use cmdkey to save credentials. cmdkey /? will tell you how.

192.168.0.14 COMPUTERNAME

at the end of the file?

there should be at least 1 linefeed at end of line.

you may not use spaces or non-ASCII characters in the computer name.

can you post the name you currently were using? shouldn't be "COMPUTERNAME" because that is the name of an environment variable.

Sara

ASKER

Jackie Man,

Yes, Antivirus / Internet security software installed in both computers and the sames apps also (Comodo Internet Security premium 10, Malwarebytes, SUPERAntiSpyware, and Spybot-Search & Destroy. You suggestion conflict? makes sense, but where to look?

Mcknife,

No, we don't know saved credentials are, but just looked it up - 'Cmdkey command creates, lists and deletes stored user names and passwords form a computer'. Note, we did cmdkey/list on the computer that want to connect to the remote computer and found:

Target: Domain:target=TERMSRV/192.168.0.23
Type: Domain Password
User: RemoteComputerName\OurUserName
Local machine persistence

We noticed that the IP is wrong. When we ping RemoteComputerName, we get 192.168.0.14, not 192.168.0.23.

can this be the problem?

sarabande,

yes, there is a linefeed at end of file. Made sure to press ENTER key at the end of the line and made sure no more blank spaces afterward. the name of the computer is ACCOUNTVPC (we place COMPUTERNAME so to make best references to what we are doing).

"We noticed that the IP is wrong" - sorry, how can an IP be wrong? That is a credential entry for a different IP, that's all.
Are there no saved credentials for 192.168.0.14?

cmdkey /list | findstr 192.168.0.14

Open in new window

returns nothing?

ASKER CERTIFIED SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

we place COMPUTERNAME so to make best references to what we are doing

does that mean you were using the environment variable named COMPUTERNAME ?

you couldn't do that in hosts file (be also aware that hosts has no file extension before and after editing). here you have to define ACCOUNTVPC.
if you want to issue a command like ping using the environment variable computername you would do

ping %COMPUTERNAME%

Sara

ASKER

McKnife,

Returns nothing. No saved credentials for 192.168.0.14.

When I previous stated "We noticed that the IP is wrong", meant that when we 'cmdkey /list', we saw the name of computer we want to connect to within the list but with a different UP as indicated in my entry ID: 42229130, see 'Target: Domain:target=TERMSRV/192.168.0.23' (noticed that the IP with the computer name is '192.168.0.23' and we ping the computer the IP is '192.168.0.14').

That is why we asked this be an indication of the problem? You think that changing it to 'Target: Domain:target=TERMSRV/192.168.0.14' would fixe it? How?

jackie man,

Understood, but wouldn't it also block the IP address? As stated in the initial question, when we use '\\ipaddress\c$' we have access to the remote computer drive, but when we use the remote computer name. that is \\computername\c$, we get access denied.

sarabande,

No we are not using the environment variable named COMPUTERNAME. Understood on 'no extension' on Host file. To correct our description in our entry ID: 42228411, the Host file last line reads:

192.168.0.14 ACCOUNTVPC

Where ACCOUNTVPC is the actual computer-name.

Windows 10 Security continues to increase. Can you put proper IPsec VPN access into your network. I do this and access either by IP address or Name Resolution with HOST files is very simple and easy.

Use cmdkey and add credentials for that name.
cmdkey /add:servername /user:domainname.local\someuser /pass:SomeUsersPassword

ASKER

Hi, setting up IPsec VPN in our network don't think it's worth it. The computers are closed by ,within the same room and as stated in the question, we have no problem using or accessing the remote computer via IP; we want to know why can't access via comouertname.

Tjanx McKnige I was looking for that format, will try.

we have no problem using or accessing the remote computer via IP; we want to know why can't access via computername.

Your problem is caused by improper DNS + "NetBIOS over TCP/IP".

Have you tried to reset TCP/IP of the remote computer and flush the DNS of the client PC?

ASKER

DNS, yes, makes sense sense; that is why it doesn't recognize or relate the IP and the name.

Ok will proceed to reset te TCP/IP and flush - here is what we are going to do, anything else?

netsh int ip reset c:\resetlog.txt

restart computer

ipconfig /flushdns

ipconfig /renew

Open in new window

Also "NetBIOS over TCP/IP" is supposed be disabled or off?

It depends on the number of legacy systems. NetBIOS can be OFF if all new systems but that will not impact your issue.

If I were you, I will enable NetBIOS over TCP/IP at the remote computer.

SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER

if not mistaken enabling NetBIOS over TCP/IP puts the computer at risk?

ASKER

FYI:

Ran all recommendations,

netsh int ip reset c:\resetlog.txt

restart computer

ipconfig /flushdns

ipconfig /renew

cmdkey /add:servername /user:domainname.local\someuser /pass:SomeUsersPassword

Open in new window

Still can't access via computer name.

We are also checking will keep u guys informed any new stuff.

thanx all.

ASKER

Hi sarabande, didn't read your entry prior my last comment., here is my answers:

if netbios over tcp/ip is the problem, access via ip address wouldn't work neither.

--> didn't enable it for security purposes.

also C:\Windows\System32\drivers\etc\hosts file should solve the name resolution regardless whether DNS generally was properly configured or not.

--> Inserted the IP and the computer real name, didn't work either.

also the remote computer shouldn't see any difference because name resolution happens at the local side (at least with hosts file).

--> Also tried to go to the remote computer and tried to access the other computer via \\computername\c$ and it also doesn't work, says "access denied".

so, the only idea left for me is, that either microsoft accounts or firewall of the local computer prevent from proper name resolution.

as far as i recognized, you didn't answer the question whether the Windows 10 was connected with a Microsoft account or not. also whether there is (or was) a homegroup network configured, wasn't answered. don't know what to do if one or both are the case but it might be important to know.

--> All computers are connect with local user name, non with microsoft accounts. There is no domain, it's one workgroup and all are windows 10 pro

perhaps you could try with another name. or change the ip address of the remote computer.

ASKER

Again, it's no big deal for use to use \\ipaddress\c$ instead of \\computername\c$, we just wanted to know what is happening and maybe fixed it. We checking & will keep u guys posted, Thanx!

Antivirus / Internet security software can have a role here apart from Windows firewall.

Have you tried to uninstall then at the remote computer and do a test?

ASKER

yes, u recommended that back in ID: 42228481 and we replied.

Your reply was "where to look".

Have you done anything to troubleshoot?

didn't enable it for security purposes.

could you enable it for a test?

as far as my memories of 'netbios over tcp/ip' go back, this requires that both computers have the same user and same password (both together would be the credentials) such that the internal hash would match for both and a log-in at the remote computer could be skipped. the security risks of this technique easily can be seen: a potential attacker who got access to the internal credentials doesn't need knowledge of a password to access all remote computers and their shares. so it would be not surprising if an operation system would like to close this security leak (perhaps with a major update) and allow only access by ip address for compatibility reasons. but that is only a guess and if you disabled netbios over tcp/ip anyhow, it probably is a wrong idea.

Sara

ASKER

jackie man, we done troubleshooting besides the ones followed here. The "where to look" I referred since you asked Antivirus / Internet security software installed, we thought that may be some sort of conflict, thus, the question "where to look"?

sarabande, so we have to enable netbios over tcp/ip on both computers? or only the remote?

since it is only for test i would do it first only for the local computer and if there was no success on both. from my understanding it is a local thing. but perhaps - if no success for either case - you should use a network sniffer to see from the logs what happened when using the ip versus what happened when using the name.

Sara

ASKER

Yes, makes sense.

“where to look” us to uninstall your antivirus / Internet security software and do a test.

ASKER

We done that. Will proceed with enable netbios over tcp/ip recommendation when we get the computer.

ASKER

Got the the computer and enable netbios over tcp/ip on both computers - same problem.

ASKER

Please note:

We use remote desktop and uses the actual pc name, no IP to connect with RDP. The problem is when we use \\pc-name\; it detect the computer, asked for user/password but doesn't connect. Yet if we use \\ip-address\, it request the user/password and WE DO CONNECT.

real strange this situation.

can you connect to the remote computer with the windows explorer?

what happens if you do

dir \\pc-name\share

Open in new window

in a command window?

Sara

ASKER

Access is denied.

ASKER

But if we use the IP, that is 'dir \\192.168.0.14\share' we get 'The network path was not found.'.

However, if we 'dir \\192.168.0.14\c$' we get the folders contents.

Something crazy is going on.

I think you will find this results from Windows 10 security changes, even from prior Windows 10 versions. Just use IP address in your case

ASKER

Of course, that is what we have been doing even prior placing the question, using IP. It's just so crazy this is happening. if at the end can't get fixed, we stay accessing via IP.

Windows 10 has had security updates since you raised the question two weeks ago.

ASKER

I think it's update... let me check

ASKER

W10Pro v.10.0.15063 Build 15063 - it's that the latest? or how can we know?

Check the three sub numbers but overall that is Creator Update and is different (security) than the prior non-Creator version

ASKER

Don't understand, you mean that my version will not be able to see remote pc \\pcname\c$ ?

Windows 10 no longer allows remote access to C$ . I have tried that several times and posted.

Map to \\pcname\folder. Folder can be DriveC where DriveC is the name of C$

Even then you are likely to need pcname in your local HOSTS file.

ASKER

But I have access using ip-address and Windows 10 allows remote access to C$, E$, F$, etc. doesn't make sense restricting pc-name and permition on IP address. There has to be something else.

IP is different than Computer Name and that is probably why.

Are you using domain account to access the remote admin share?

http://woshub.com/enable-remote-access-to-admin-shares-in-workgroup/

ASKER

No domain, workgroup via a cable modem router. These specific setting are just 2 computers.

In such case, you need to disable Remote UAC by creating the

LocalAccountTokenFilterPolicy

parameter in the registry

Tip. It will slightly reduce the system security level.

Open the Registry Editor (regedit.exe)

Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Create a new DWORD (32-bit) parameter with the name LocalAccountTokenFilterPolicy
Specify the LocalAccountTokenFilterPolicy parameter value equal to 1LocalAccountTokenFilterPolicy

Restart your computer to apply the changes

I would not recommend disabling UAC because the problem can be readily solved by making an alias (DriveC) and sharing that. I do this all the time and it works.

So I really suggest doing things the way they should be done and not trying to force a non-standard way that has now been disabled by Windows 10 security.

The above is copied from the link in my previous comment.

If you are using domain account, you do not need to edit the registry.

Agreed.

But the above is not disabling the UAC and it is the most easy way to do as a workaround.

ASKER

Ok, will try the recomendations as soon we get to the office.

I use the Microsoft recommended approach for remote access and it all works fine.

Just by the by for remote access:

In my Home Office, I have a Cisco RV325 VPN Router. I have site to site tunnels for client access and a site to Gateway tunnel for me to get in with NCP Secure Entry from anywhere at all including with my HUAWEI Internet stick.

I securely share my Desktop drives to myself only as DriveC and DriveD. I have unfettered and simple access to these drives (me only - no one else although that can be changed).

I put Radmin Server on my Desktop and from wherever I am, I can run my Desktop computer.

What you want can be done, just using the ways Microsoft suggests.

ASKER

Just read your entry, makes sense but how can we go about it?

You state,
- site to site tunnel
- ncp secure entry
- secure your desktop drive (I assume it's right-click >> properties and only me should be the user access?)
- radmin server

Please advice on links on how-to

No links. I learned this stuff over time.

1. Cisco RV325 is a VPN router and you can make IPsec VPN tunnels in and out. If you get one or like, post a new question.

2. NCP Secure Entry (www.ncp-e.com) is a VPN IPsec Client Application. It can connect to the RV325 Router. Post a new question.

3. Radmin Server (Famatech) you can try on site. The server is about $50 and the viewer is free. Set up a server machine and put the viewer on another machine. You can do this over an internal network, no VPN.

You can read up on each of the sites above to gain some familiarity

ASKER

Kind of lost. You said "I use the Microsoft recommended approach for remote access and it all works fine.", then present your setup; is that MS recommendation?

I use the Microsoft recommended approach for File Sharing, that is, share folders not C$.
I set up Network Discovery and FIle/Print using the Microsoft setup.
I keep UAC ON.
I do not make any registry changes at all.

Then I use two non-Microsoft Products but Microsoft Certified companies: NCP Secure Entry for VPN. Bomb-proof and top of class. And then Radmin Tools for remote access to my computer.

1. Set up file sharing first.
2. Set up Radmin between 2 computers on the same network
3. Decide about Cisco RV325 and then we will go from there.

ASKER

Understood.

ASKER

Fixed! ...we can access the remote computer by now \\pcname\c$.

We re-read all the thread carefully and even though we did each of every recommendations, when we came upon antivirus and firewall, we:

- uninstall all our antivirus, spyware & firewall apps (used iOBIT Uninstaller)
- rebooted
- cleaned out any registry with these apps
- delete any remaining of these apps folders
- rebooted
- installed the Firewall first, then the rest
- rebooted

And worked.

So the problem was maybe misconfigurations or corrupted antivirus, spyware & firewall apps; a clean reinstall fixed it.

Note:
we did the above steps on both client & host pc. Also when we uninstalled the first time (or various times before) we only did it with one pc forgetting the other. When we did uninstall on both, we didn't' do a cleanup as stated the steps above. Finally, we used this last time iOBIT uninstaller because it cleans out the registry and actual folders related to the installed apps.

(Don't know exactly what else could have been exactly but this process fixed it)

Good

“where to look” us to uninstall your antivirus / Internet security software and do a test.

Antivirus / Internet security + Windows update will create a mess, especially in Windows 10.

If you have no further question, please do us a favor to close this question.

Thanks!

ASKER

Even though the problem is fixed, how can apps like antivirus/firewall block a PC-NAME and not the IP? (as stated in our initial question)

That is so strange.

Anyways, Thanx!

ASKER

(no need to answer this last one.. just rhetorical)