Guest totoro Posted November 2, 2007 Posted November 2, 2007 submit for your opinion: AD network with numerous 2000 and 2003 servers, shared folders & printers, etc. recently added 2003 r2 server to be used for print server, routine shared duties, etc. functions well with other servers, used for GPO deployment mostly, can manage exchange on exchange server via system mgr, server to server all good BUT XP workstations cannot access this servers shared resources (printers and folders). XP workstation can see the server in the "enitre network", and can RDC into it, BUT when attempting to access a shared resources (printers, folders) the user is prompted for user name and password, and these are not accepted. no other error is displayed or event recorded. yes, file and print sharing is turned on, yes its patched
Guest Lanwench [MVP - Exchange] Posted November 3, 2007 Posted November 3, 2007 Re: workstation to server mystery totoro <totoro@discussions.microsoft.com> wrote: > submit for your opinion: > AD network with numerous 2000 and 2003 servers, shared folders & > printers, etc. > recently added 2003 r2 server to be used for print server, routine > shared duties, etc. > functions well with other servers, used for GPO deployment mostly, can > manage exchange on exchange server via system mgr, server to server > all good BUT > XP workstations cannot access this servers shared resources (printers > and folders). > XP workstation can see the server in the "enitre network", and can > RDC into it, BUT when attempting to access a shared resources > (printers, folders) the user is prompted for user name and password, > and these are not accepted. no other error is displayed or event > recorded. > yes, file and print sharing is turned on, yes its patched You joined the domain as a member server? No firewall enabled anywhere? Correct permissions are set on shares, correct domain group/user NTFS permissions set on folders?
Guest totoro Posted November 5, 2007 Posted November 5, 2007 Re: workstation to server mystery Hi Lanwench, 1st, off I DIDNT DO IT!!what ever it is I did not do it. I see in permission for the server domain users are not llisted at all, and I need them to eb able to do the typical server things: use its printer and access shared folders. What's weird is even as network administrator it will not allw access to shared resources but I can RDC into it. I am using 4 XP Pro boxes, as my "lab rats" I have my personal account, a test account with minimal privelage, and the admin account to test this box. behavior is same for all. I've run the r2 File Server and Print Mgt. Wizards and rebooted the system. I guess I must manually set premisions? is ther a guide to what I should set them as? it IS joined to the domain and listed in AD as a domain controller. thanks for your help!! "Lanwench [MVP - Exchange]" wrote: > totoro <totoro@discussions.microsoft.com> wrote: > > submit for your opinion: > > AD network with numerous 2000 and 2003 servers, shared folders & > > printers, etc. > > recently added 2003 r2 server to be used for print server, routine > > shared duties, etc. > > functions well with other servers, used for GPO deployment mostly, can > > manage exchange on exchange server via system mgr, server to server > > all good BUT > > XP workstations cannot access this servers shared resources (printers > > and folders). > > XP workstation can see the server in the "enitre network", and can > > RDC into it, BUT when attempting to access a shared resources > > (printers, folders) the user is prompted for user name and password, > > and these are not accepted. no other error is displayed or event > > recorded. > > yes, file and print sharing is turned on, yes its patched > > You joined the domain as a member server? > No firewall enabled anywhere? > Correct permissions are set on shares, correct domain group/user NTFS > permissions set on folders? > > >
Guest Lanwench [MVP - Exchange] Posted November 5, 2007 Posted November 5, 2007 Re: workstation to server mystery totoro <totoro@discussions.microsoft.com> wrote: > Hi Lanwench, > > 1st, off I DIDNT DO IT!!what ever it is I did not do it. Hah. That's not what the security-camera videos tell us! > > I see in permission for the server domain users are not llisted at > all, and I need them to eb able to do the typical server things: use > its printer and access shared folders. Are the workstations joined to the domain? They should be. Post an unedited ipconfig /all from the DC and from one of your workstations. > > What's weird is even as network administrator it will not allw access > to shared resources but I can RDC into it. > > I am using 4 XP Pro boxes, as my "lab rats" I have my personal > account, a test account with minimal privelage, and the admin account > to test this box. behavior is same for all. > > I've run the r2 File Server and Print Mgt. Wizards and rebooted the > system. I guess I must manually set premisions? is ther a guide to > what I should set them as? > > it IS joined to the domain and listed in AD as a domain controller. > > thanks for your help!! > > "Lanwench [MVP - Exchange]" wrote: > >> totoro <totoro@discussions.microsoft.com> wrote: >>> submit for your opinion: >>> AD network with numerous 2000 and 2003 servers, shared folders & >>> printers, etc. >>> recently added 2003 r2 server to be used for print server, routine >>> shared duties, etc. >>> functions well with other servers, used for GPO deployment mostly, >>> can manage exchange on exchange server via system mgr, server to >>> server all good BUT >>> XP workstations cannot access this servers shared resources >>> (printers and folders). >>> XP workstation can see the server in the "enitre network", and can >>> RDC into it, BUT when attempting to access a shared resources >>> (printers, folders) the user is prompted for user name and password, >>> and these are not accepted. no other error is displayed or event >>> recorded. >>> yes, file and print sharing is turned on, yes its patched >> >> You joined the domain as a member server? >> No firewall enabled anywhere? >> Correct permissions are set on shares, correct domain group/user NTFS >> permissions set on folders?
Guest totoro Posted November 5, 2007 Posted November 5, 2007 Re: workstation to server mystery well I have to edit it some of it.....this is the one and only R2 box in our environment. the other dc's are win2k, not 2003, and this is the only R2 box out of all of our 2k3 boxes. I don't think the guy who got it knew what he was getting, because I'm not sure how we'd take advantage of those R2 features. Firewalls are disabled via GPO, btw. Thanks again LW!! From a xp workstation Windows IP Configuration Host Name . . . . . . . . . . . . : WORKSTATIONNAME Primary Dns Suffix . . . . . . . : DOMAINNAME.com Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : DOMAINNAME.com Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Cont roller Physical Address. . . . . . . . . : 00-13-72-1B-16-9B Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 1.1.1.36 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 1.1.1.101 DHCP Server . . . . . . . . . . . : 1.1.1.2 DNS Servers . . . . . . . . . . . : 1.1.1.2 1.1.1.4 Primary WINS Server . . . . . . . : 1.1.1.4 Lease Obtained. . . . . . . . . . : Monday, November 05, 2007 7:57:02 AM Lease Expires . . . . . . . . . . : Tuesday, November 06, 2007 7:57:02 A M From the guilty server: Windows IP Configuration Host Name . . . . . . . . . . . . : SERVERNAME Primary Dns Suffix . . . . . . . : DOMAINNAME.com Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : DOMAINNAME.com Ethernet adapter Local Area Connection 2: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet #2 Physical Address. . . . . . . . . : 00-19-B9-F7-9F-C8 DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 1.1.1.236 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 1.1.1.101 DNS Servers . . . . . . . . . . . : 1.1.1.2 1.1.1.4 "Lanwench [MVP - Exchange]" wrote: > totoro <totoro@discussions.microsoft.com> wrote: > > Hi Lanwench, > > > > 1st, off I DIDNT DO IT!!what ever it is I did not do it. > > Hah. That's not what the security-camera videos tell us! > > > > > I see in permission for the server domain users are not llisted at > > all, and I need them to eb able to do the typical server things: use > > its printer and access shared folders. > > Are the workstations joined to the domain? They should be. Post an unedited > ipconfig /all from the DC and from one of your workstations. > > > > > > > What's weird is even as network administrator it will not allw access > > to shared resources but I can RDC into it. > > > > I am using 4 XP Pro boxes, as my "lab rats" I have my personal > > account, a test account with minimal privelage, and the admin account > > to test this box. behavior is same for all. > > > > I've run the r2 File Server and Print Mgt. Wizards and rebooted the > > system. I guess I must manually set premisions? is ther a guide to > > what I should set them as? > > > > it IS joined to the domain and listed in AD as a domain controller. > > > > thanks for your help!! > > > > "Lanwench [MVP - Exchange]" wrote: > > > >> totoro <totoro@discussions.microsoft.com> wrote: > >>> submit for your opinion: > >>> AD network with numerous 2000 and 2003 servers, shared folders & > >>> printers, etc. > >>> recently added 2003 r2 server to be used for print server, routine > >>> shared duties, etc. > >>> functions well with other servers, used for GPO deployment mostly, > >>> can manage exchange on exchange server via system mgr, server to > >>> server all good BUT > >>> XP workstations cannot access this servers shared resources > >>> (printers and folders). > >>> XP workstation can see the server in the "enitre network", and can > >>> RDC into it, BUT when attempting to access a shared resources > >>> (printers, folders) the user is prompted for user name and password, > >>> and these are not accepted. no other error is displayed or event > >>> recorded. > >>> yes, file and print sharing is turned on, yes its patched > >> > >> You joined the domain as a member server? > >> No firewall enabled anywhere? > >> Correct permissions are set on shares, correct domain group/user NTFS > >> permissions set on folders? > > > >
Guest Lanwench [MVP - Exchange] Posted November 5, 2007 Posted November 5, 2007 Re: workstation to server mystery totoro <totoro@discussions.microsoft.com> wrote: > well I have to edit it some of it.... Um, why? Do you think someone will be able to access your corporate accounting data if you tell us the big top secret NetBIOS name of your server and we know the non-routable IP addressing scheme you're using on your LAN? :-) > .this is the one and only R2 box > in our environment. the other dc's are win2k, not 2003, and this is > the only R2 box out of all of our 2k3 boxes. I don't think the guy > who got it knew what he was getting, because I'm not sure how we'd > take advantage of those R2 features. Some R2 stuff is nice. WSUS 3, etc, ability to prevent users from storing MP3 files on your server, etc. Not worth an upgrade, but sure worth getting if you're installing something new anyway. > > Firewalls are disabled via GPO, btw. > > Thanks again LW!! > > From a xp workstation > Windows IP Configuration > > Host Name . . . . . . . . . . . . : WORKSTATIONNAME > Primary Dns Suffix . . . . . . . : DOMAINNAME.com > Node Type . . . . . . . . . . . . : Hybrid > IP Routing Enabled. . . . . . . . : No > WINS Proxy Enabled. . . . . . . . : No > DNS Suffix Search List. . . . . . : DOMAINNAME.com > > Ethernet adapter Local Area Connection: > > Connection-specific DNS Suffix . : > Description . . . . . . . . . . . : Broadcom NetXtreme 57xx > Gigabit Cont > roller > Physical Address. . . . . . . . . : 00-13-72-1B-16-9B > Dhcp Enabled. . . . . . . . . . . : Yes > Autoconfiguration Enabled . . . . : Yes > IP Address. . . . . . . . . . . . : 1.1.1.36 > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > Default Gateway . . . . . . . . . : 1.1.1.101 > DHCP Server . . . . . . . . . . . : 1.1.1.2 > DNS Servers . . . . . . . . . . . : 1.1.1.2 > 1.1.1.4 > Primary WINS Server . . . . . . . : 1.1.1.4 > Lease Obtained. . . . . . . . . . : Monday, November 05, 2007 > 7:57:02 AM > > Lease Expires . . . . . . . . . . : Tuesday, November 06, 2007 > 7:57:02 A > M > > > From the guilty server: > Windows IP Configuration > > Host Name . . . . . . . . . . . . : SERVERNAME > Primary Dns Suffix . . . . . . . : DOMAINNAME.com > Node Type . . . . . . . . . . . . : Unknown > IP Routing Enabled. . . . . . . . : No > WINS Proxy Enabled. . . . . . . . : No > DNS Suffix Search List. . . . . . : DOMAINNAME.com > > Ethernet adapter Local Area Connection 2: > > Connection-specific DNS Suffix . : > Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit > Ethernet #2 Physical Address. . . . . . . . . : 00-19-B9-F7-9F-C8 > DHCP Enabled. . . . . . . . . . . : No > IP Address. . . . . . . . . . . . : 1.1.1.236 I'd assign your server an IP address lower in the food chain on your subnet in a range designated for servers. > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > Default Gateway . . . . . . . . . : 1.1.1.101 > DNS Servers . . . . . . . . . . . : 1.1.1.2 > 1.1.1.4 See - this is where your sneaky, underhanded, devilishly clever masking and editing of the data can cause problems. I can't tell if the IP addresses you're using for DNS and WINS are even in the same subnet as your server... or what they are. What *are* they? Does the ipconfig from a *working*/extant W2k server look identical? Anyway, I tend to suspect your problem is due to DNS misconfiguration, but it's hard to say. And I don't know what the R2 wizards do - I try to avoid wizards when I'm not using things that require them. > > "Lanwench [MVP - Exchange]" wrote: > >> totoro <totoro@discussions.microsoft.com> wrote: >>> Hi Lanwench, >>> >>> 1st, off I DIDNT DO IT!!what ever it is I did not do it. >> >> Hah. That's not what the security-camera videos tell us! >> >>> >>> I see in permission for the server domain users are not llisted at >>> all, and I need them to eb able to do the typical server things: use >>> its printer and access shared folders. >> >> Are the workstations joined to the domain? They should be. Post an >> unedited ipconfig /all from the DC and from one of your workstations. >> >> >> >>> >>> What's weird is even as network administrator it will not allw >>> access to shared resources but I can RDC into it. >>> >>> I am using 4 XP Pro boxes, as my "lab rats" I have my personal >>> account, a test account with minimal privelage, and the admin >>> account to test this box. behavior is same for all. >>> >>> I've run the r2 File Server and Print Mgt. Wizards and rebooted the >>> system. I guess I must manually set premisions? is ther a guide to >>> what I should set them as? >>> >>> it IS joined to the domain and listed in AD as a domain controller. >>> >>> thanks for your help!! >>> >>> "Lanwench [MVP - Exchange]" wrote: >>> >>>> totoro <totoro@discussions.microsoft.com> wrote: >>>>> submit for your opinion: >>>>> AD network with numerous 2000 and 2003 servers, shared folders & >>>>> printers, etc. >>>>> recently added 2003 r2 server to be used for print server, routine >>>>> shared duties, etc. >>>>> functions well with other servers, used for GPO deployment mostly, >>>>> can manage exchange on exchange server via system mgr, server to >>>>> server all good BUT >>>>> XP workstations cannot access this servers shared resources >>>>> (printers and folders). >>>>> XP workstation can see the server in the "enitre network", and can >>>>> RDC into it, BUT when attempting to access a shared resources >>>>> (printers, folders) the user is prompted for user name and >>>>> password, and these are not accepted. no other error is displayed >>>>> or event recorded. >>>>> yes, file and print sharing is turned on, yes its patched >>>> >>>> You joined the domain as a member server? >>>> No firewall enabled anywhere? >>>> Correct permissions are set on shares, correct domain group/user >>>> NTFS permissions set on folders?
Guest totoro Posted November 6, 2007 Posted November 6, 2007 Re: workstation to server mystery "Lanwench [MVP - Exchange]" wrote: Do you think someone will be able to access your corporate > accounting data if you tell us the big top secret NetBIOS name of your > server and we know the non-routable IP addressing scheme you're using on > your LAN? :-) well you are already watching me on the secret web cams!! wheres my tin foil hat? > Some R2 stuff is nice. WSUS 3, etc, ability to prevent users from storing > MP3 files on your server, etc. Not worth an upgrade, but sure worth getting > if you're installing something new anyway. the president itunes collection is on the server so we can't use that feature. 20% of our san is mp3's. it's "policy". > > Firewalls are disabled via GPO, btw. > > > > Windows IP Configuration > > > > Host Name . . . . . . . . . . . . : WORKSTATIONNAME > > Primary Dns Suffix . . . . . . . : DOMAINNAME.com > > Node Type . . . . . . . . . . . . : Hybrid > > IP Routing Enabled. . . . . . . . : No > > WINS Proxy Enabled. . . . . . . . : No > > DNS Suffix Search List. . . . . . : DOMAINNAME.com > > > > Ethernet adapter Local Area Connection: > > > > Connection-specific DNS Suffix . : > > Description . . . . . . . . . . . : Broadcom NetXtreme 57xx > > Gigabit Cont > > roller > > Physical Address. . . . . . . . . : 00-13-72-1B-16-9B > > Dhcp Enabled. . . . . . . . . . . : Yes > > Autoconfiguration Enabled . . . . : Yes > > IP Address. . . . . . . . . . . . : 1.1.1.36 > > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > > Default Gateway . . . . . . . . . : 1.1.1.101 > > DHCP Server . . . . . . . . . . . : 1.1.1.2 > > DNS Servers . . . . . . . . . . . : 1.1.1.2 > > 1.1.1.4 > > Primary WINS Server . . . . . . . : 1.1.1.4 > > Lease Obtained. . . . . . . . . . : Monday, November 05, 2007 > > 7:57:02 AM > > > > Lease Expires . . . . . . . . . . : Tuesday, November 06, 2007 > > 7:57:02 A > > M > > From the guilty server: > > Windows IP Configuration > > > > Host Name . . . . . . . . . . . . : SERVERNAME > > Primary Dns Suffix . . . . . . . : DOMAINNAME.com > > Node Type . . . . . . . . . . . . : Unknown > > IP Routing Enabled. . . . . . . . : No > > WINS Proxy Enabled. . . . . . . . : No > > DNS Suffix Search List. . . . . . : DOMAINNAME.com > > > > Ethernet adapter Local Area Connection 2: > > > > Connection-specific DNS Suffix . : > > Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit > > Ethernet #2 Physical Address. . . . . . . . . : 00-19-B9-F7-9F-C8 > > DHCP Enabled. . . . . . . . . . . : No > > IP Address. . . . . . . . . . . . : 1.1.1.236 > > I'd assign your server an IP address lower in the food chain on your subnet > in a range designated for servers. > > > > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > > Default Gateway . . . . . . . . . : 1.1.1.101 > > DNS Servers . . . . . . . . . . . : 1.1.1.2 > > 1.1.1.4 > > > See - this is where your sneaky, underhanded, devilishly clever masking and > editing of the data can cause problems. I can't tell if the IP addresses > you're using for DNS and WINS are even in the same subnet as your server... > or what they are. What *are* they? Does the ipconfig from a *working*/extant > W2k server look identical? well, if you can access the cameras you certainly can look up our MAC addresses in the Trilateral Commission's MAC db. I can hear the black helicopters now. let us take a look at a good server..... Microsoft Windows 2000 [Version 5.00.2195] © Copyright 1985-2000 Microsoft Corp. C:\Documents and Settings\Administrator.PPG>ipconfig /all Windows 2000 IP Configuration Host Name . . . . . . . . . . . . : servername Primary DNS Suffix . . . . . . . : domain name.com Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : domain name.com Ethernet adapter Local Area Connection 2: Connection-specific DNS Suffix . : domain name.com Description . . . . . . . . . . . : Intel® PRO/1000 MT Server Adapter Physical Address. . . . . . . . . : 00-0E-0C-77-5F-7E DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 1.1.1.2 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 1.1.1.101 DNS Servers . . . . . . . . . . . : 1.1.1.2 Primary WINS Server . . . . . . . : 1.1.1.4 > Anyway, I tend to suspect your problem is due to DNS misconfiguration, but > it's hard to say. And I don't know what the R2 wizards do - I try to avoid > wizards when I'm not using things that require them. > LW you have given me something to go on, I've been spinning my wheels so far, as you probably have already figured out. thank you Lan Wench!!
Recommended Posts