New Windows 10 can no longer access share on another W10 PC.
New Dell Optiplex 3090 computers (Windows 10 Pro 21H1), with one set as the file server. Norton 360 and Acronis Cyber Protect 2021 installed. I was having trouble with Norton blocking the file sharing from computer #2 due to "Windows 2000 SMBv1 restriction" We did find that SMBv1 was active on these computers! For testing purposes I disabled the Norton firewall and it works just fine. Next I uninstalled the SMBv1 and restarted. It was still showing "Windows 2000..." claiming the mrxsmb10 file was in use? So I query lanmanworkstation and it confirmed mrxsmb10 file is attached to SMBv2/3. I removed that from SMBv2/3 and I still cannot access the shares with Norton disabled. I have removed Norton and Acronis with reboot and still cannot access the shares. I have reinstalled Norton and Acronis and then tested with another computer to be working fine. I have reset the network on Computer #2, Deleted the device (LAN) and installed the latest driver. Now I get "network is not present or not started". All network services are running. I have run SFC and DISM successfully. Dell says clean install the OS. Norton says it's a Dell problem.
Agreed.
What are the build and version of the OS of your ”client” and "server" PC?
What are the build and version of the OS of your ”client” and "server" PC?
ASKER
We run all of our systems with Norton 360 and Acronis. Zero issues for years. Until Dell screwed up the OS image to include SMBv1. I have pulled the computer to do a clean OS install.
ASKER
Jackie Man, the builds are 21H1. I will be doing a clean OS of 21H2 though. We intentionally have not upgraded them to H2. But this will be a good test unit to have out there on H2.
Hopefully, you haven't rebuilt the computer yet. We remove SMBv1 all the time for security reasons and run the following scripts from Powershell to install and enable SMBv2 and haven't had any issues with it. Takes less than three minutes.
This article will explain the commands to run.
This article will explain the commands to run.
Yes, it should be a no-brainer to uninstall SMBv1. It is now off by default, so I don't understand while Dell should include it in fresh images.
Also, I would postpone the Norton and cyber stuff until the network operates as intended.
Also, I would postpone the Norton and cyber stuff until the network operates as intended.
Yes, it should be a no-brainer to uninstall SMBv1. It is now off by default, so I don't understand while Dell should include it in fresh images.Relying on Dell for anything this minor I personally think is unnecessary. We run a script that tells us what SMBv is running on all devices which are reported back to us in our daily reports.. Far less time-consuming than bringing Dell into it. If it were something major that couldn't be resolved in a matter of minutes then I would reach out to our Dell rep and get them involved.
Also, I would postpone the Norton and cyber stuff until the network operates as intended.I recommend using a professional-grade anti-virus malware that can easily exclude something like this. I do not recommend postponing anti-malware/cyber stuff on anything facing the internet. The risks are too high.
ASKER
Works2011, those are the articles we use for removing SMBv1 also. It didn't work in this case, as we had to also remove the mrxsmb10 file attached to SMBv2/3. But still not working.
ASKER
Clean OS install was done using 21H2, but the problem is not gone. Used R&R on host machine and problem was resolved. However after the computer was rebooted it fails with the same problem. Running DISM and SFC had no effect, nor another reboot. Running R&R again fixes the issue temporarily. I rebooted as a test, and the first time around worked fine, but the second test reboot Norton firewall fails again. R&R will fix it every time. This is a brand new computer, but new SSD drives are not a 100% guarantee they are flawless. Everytime it happens I have been running SFC which does repair corruption. Run it again before the problem returns and no issues found.
To complicate things more, today I upgraded the RAM in an older file server (Optiplex 3040) to 16GB and upon restart it's Norton firewall stopped working (Green check on Norton though). Before shutdown to install RAM, I installed this months Windows update, Norton live updates, and checked for drivers (drivers were up to date, recent install according to Command Update). SFC and R&R were run, and things work again. Next week we have another RAM upgrade scheduled on a similar setup (OP3060) and almost expect something in the updates might break another perfectly working setup.
The logs in Norton show the windows 2000 error on ports 139 & 445. Note: SMBv1 is not running on any computer in the network.
To complicate things more, today I upgraded the RAM in an older file server (Optiplex 3040) to 16GB and upon restart it's Norton firewall stopped working (Green check on Norton though). Before shutdown to install RAM, I installed this months Windows update, Norton live updates, and checked for drivers (drivers were up to date, recent install according to Command Update). SFC and R&R were run, and things work again. Next week we have another RAM upgrade scheduled on a similar setup (OP3060) and almost expect something in the updates might break another perfectly working setup.
The logs in Norton show the windows 2000 error on ports 139 & 445. Note: SMBv1 is not running on any computer in the network.
Again, try a truly clean install - without Norton and other "cyber" stuff.
Eventually, use Windows Server as the server OS.
Eventually, use Windows Server as the server OS.
ASKER
I already tried that. Doesn't work. Just a clean OS with Windows updates and all drivers. No software added.
My test laptop still works. So it has to be something it recalls from a MAC address of networked computers. I set a static IP (Clean OS PC) and rebooted the router and switches.
MAC addresses just have to be different and, by default, they are.
Either have a DHCP server running (could be the router), assign a fixed IP address to the "server", and it will work.
Or (in the rare case of no DHCP server) assign different IP addresses within the same subnet to all machines.
Either have a DHCP server running (could be the router), assign a fixed IP address to the "server", and it will work.
Or (in the rare case of no DHCP server) assign different IP addresses within the same subnet to all machines.
ASKER
Not what I am talking about. Does norton track MAC addresses in its software?
I don't know. MAC adresses are for packets, thus routers and switches.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The logs showed Live update had run overnight, and nothing else happened.Updates are natorious for causing issues. Before cyber attacks were a common event, we would wait to install updates three or four days later, sometimes a week, to give ourselves time to research if the update caused any issues. Just making the point that updates have always been an issue that created other issues.
What update was installed, research the fixes it provided to link together what happened. If you really want to know you can uninstall the update, test, and reinstall. There are so many variables created when an update fixes an issue, that it may be best to document and make a note to keep an eye on it. In IT this seems to happen now and then.
ASKER
Just to point out, the updates I referred to are From Norton, not Windows.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
And I would trash the Norton and "cyber protect" stuff, use the default Defender, and use Edge with AdBlock Plus installed.
That's what we use. Zero issues.