Problem mapping network shares in domain

microsoft.public.windowsxp.network_web

16 Jan 2009 10:34 AM

Magnusb

Since some time I had problems mapping to network shares (or showing the
available shares on a remote computer) in domain. I can search active
directory and logging on to sql servers will use my domain credentials
(ie integrated security works) so it looks like I am logged on to the
domain correctly.

If I logon computer with a local (non-domain) user and logon to each
individual file server (using domain\userid which is same userid as I
use when logging on to the domain above) I can map shares with no
problems.

At the moment I was able to map shares on the PDC (after some tries),
however trying to map to some other server did not work. Tried net use
and then got a prompt about invalid password. Get a error 5 access
denied if I try net view. I have admin rights so it is not a permission
issue.

It is not a permission thing since I am using the same user/password
when not login on to the domain.

I can even access the computers with (remote) computer management but
still not access the shares.

This is Win XP SP3, using Nortel VPN.

Note: The domain I am logging on to is a stand-alone domain within the
corporate network. To be able to login I need to setup DNS pointing to
this domains PDC/DNS server. I have setup this in the vpn client (and
also dns names for the normal network card).

16 Jan 2009 3:39 PM

Lanwench [MVP - Exchange]

Magnusb <magn***@sbbs.se> wrote:

> Since some time I had problems mapping to network shares (or showing
> the available shares on a remote computer) in domain. I can search
> active directory and logging on to sql servers will use my domain
> credentials (ie integrated security works) so it looks like I am
> logged on to the domain correctly.
>
> If I logon computer with a local (non-domain) user and logon to each
> individual file server (using domain\userid which is same userid as I
> use when logging on to the domain above) I can map shares with no
> problems.

Hmmm... but why would you have a local workstation account? I don't
recommend that. You should log in to the domain all the time, with cached
credentials when out of the office.

>
> At the moment I was able to map shares on the PDC (after some tries),
> however trying to map to some other server did not work. Tried net use
> and then got a prompt about invalid password. Get a error 5 access
> denied if I try net view. I have admin rights so it is not a
> permission issue.

Admin rights on what? Was this over a VPN client? Do you have any such
problems when connected via Ethernet?

>
> It is not a permission thing since I am using the same user/password
> when not login on to the domain.
>
> I can even access the computers with (remote) computer management but
> still not access the shares.
>
> This is Win XP SP3, using Nortel VPN.
>
> Note: The domain I am logging on to is a stand-alone domain within the
> corporate network. To be able to login I need to setup DNS pointing to
> this domains PDC/DNS server. I have setup this in the vpn client (and
> also dns names for the normal network card).

You might post an unedited ipconfig /all from when you've got the VPN
connection enabled - I suspect DNS problems.

21 Jan 2009 12:06 PM

Magnusb

In article <u9X4fF$dJHA.1***@TK2MSFTNGP03.phx.gbl>,
lanwe***@heybuddy.donotsendme.unsolicitedmailatyahoo.com says...

> > If I logon computer with a local (non-domain) user and logon to each
> > individual file server (using domain\userid which is same userid as I
> > use when logging on to the domain above) I can map shares with no
> > problems.
>
> Hmmm... but why would you have a local workstation account? I don't
> recommend that. You should log in to the domain all the time, with cached
> credentials when out of the office.

Yes that is what I want to do. I really don't use (or want to use) the
local account. I set that up for testing (and when I can't map servers
when logged on to domain).

> Admin rights on what? Was this over a VPN client? Do you have any such
> problems when connected via Ethernet?

My domain account has admin rights. No problems at all when I logon
locally w/o VPN.

> You might post an unedited ipconfig /all from when you've got the VPN
> connection enabled - I suspect DNS problems.

I am not connecting through vpn ATM so can't show ipconfig. But yes I
often have a DNS problem. For some reason the DNS server sometimes
register my local ip number (as assigned in my home network) and not the
ip number assigned by the vpn connection.

When this happens I fix it by rdp into the dns server and delte the dns
record and trying ipconfig /registerdns (and also doing flushdns on the
dns server).

But even after fixing dns (can ping my machine from the dns server) the
problems remains.

Maybe it is a computer browser problem?

I have setup ip somthing like this:

NIC: Ip assigned by dhcp, have setup DNS manually (first is the DNS/DC
of the domain and also including the DNS server of my home internet
connection). The reason I have setup DNS manually is that I need this
when I logon locally at corporate network (domain I logon is a stand-
alone domain).

WINS is also setup.

VPN connection: DNS pointing to DNS/DC of the domain. Same WINS as for
NIC.

Thank you for replying.

22 Jan 2009 3:55 PM

Lanwench [MVP - Exchange]

Magnusb <magn***@sbbs.se> wrote:
Show quoteHide quote

> In article <u9X4fF$dJHA.1***@TK2MSFTNGP03.phx.gbl>,
> lanwe***@heybuddy.donotsendme.unsolicitedmailatyahoo.com says...
>
>>> If I logon computer with a local (non-domain) user and logon to each
>>> individual file server (using domain\userid which is same userid as
>>> I use when logging on to the domain above) I can map shares with no
>>> problems.
>>
>> Hmmm... but why would you have a local workstation account? I don't
>> recommend that. You should log in to the domain all the time, with
>> cached credentials when out of the office.
>
> Yes that is what I want to do. I really don't use (or want to use) the
> local account. I set that up for testing (and when I can't map servers
> when logged on to domain).

OK.

>
>> Admin rights on what? Was this over a VPN client? Do you have any
>> such problems when connected via Ethernet?
>
> My domain account has admin rights. No problems at all when I logon
> locally w/o VPN.

On the workstation, you mean.

>
>> You might post an unedited ipconfig /all from when you've got the VPN
>> connection enabled - I suspect DNS problems.
>
> I am not connecting through vpn ATM so can't show ipconfig.

Next time you connect, capture the ip info (ipconfig /all

>c:\myfilename.txt)

> But yes I
> often have a DNS problem. For some reason the DNS server sometimes
> register my local ip number (as assigned in my home network) and not
> the ip number assigned by the vpn connection.

That's going to be a problem, then...

>
> When this happens I fix it by rdp into the dns server and delte the
> dns record and trying ipconfig /registerdns (and also doing flushdns
> on the dns server).

You shouldn't need to do anything on the *server* - just on your client.

>
> But even after fixing dns (can ping my machine from the dns server)
> the problems remains.
>
> Maybe it is a computer browser problem?

Nope, unlikely. That's NetBIOS & it isn't routable.

>
> I have setup ip somthing like this:
>
> NIC: Ip assigned by dhcp, have setup DNS manually (first is the DNS/DC
> of the domain and also including the DNS server of my home internet
> connection).

Ah. That's a no-no when you've got AD.

The reason I have setup DNS manually is that I need this

> when I logon locally at corporate network (domain I logon is a stand-
> alone domain).

So you run AD at work, and they don't have DHCP? That's silly!

At home, you should have your own hardware/DHCP server assigning what you
need.

>
> WINS is also setup.

Cool, but it won't be relevant.

>
> VPN connection: DNS pointing to DNS/DC of the domain. Same WINS as for
> NIC.

I think you should set that connection up for "automatically obtain" for
components, including DNS.
Show quoteHide quote

>
> Thank you for replying.