We recently had a rather unusual problem. All users at one of clients could not access any of the shared drives, though could a few days before hand. There was nothing wrong in windows file sharing on any of the PC's.
The specific errors were:
Trying to access \\192.168.1.2 we got "Network path not found"
We then tried to ping -a 192.168.1.2 and it resolves to server name.
So we tried accessing \\domain.local and got "\\domain.local is inaccessible. You might not have permissions to use this network resource"
We then recreated all default group policies, changed SBS login scripts, reset all share permissions
This did nothing so here is what are the next steps we tried to do to get to the root of this evilness.
Disabled Offloading from NIC and from registry.
Created registry key maxpoolusage at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management with value 60.Uninstalled IE8. Put the system in clean boot and rebooted the server.
netdiag and dcdiag showed the following errors :
Failed to enumerate DCs by using the browser. [ERROR_NETNAME_DELETED] (Netdiag)
An net use or LsaPolicy operation failed with error 64, Win32 Error 64 (Dcdiag)
So we Followed kb 887303 and set:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters requiresecuritysignature=0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\parameters requiresecuritysignature=0
We then tried to stop netlogon renamed netlogon.dns and netlogon.dnb. We checked DNS and deleted the GUID of A records.
Ran netdiag/fix.
Ensured all the services DFS TCP/IP Netbios Helper Netlogon server Workstation are running.
Performed ipconfig/flushdns and ipconfig/registerdns.
We then checked and GUID were back in DNS console.
We the tried to open \\domain.local and got "\\domain.local is inaccessible.You might not have permissions to use this network resource".
So we followed kb 946937.
Next we uninstalled kb 951748.
This didn't work so it was back to the google trawl.
Next we followed http://blogs.technet.com/sbs/archive/2008/07/17/some-services-may-fail-to-start-or-may-not-work-properly-after-installing-ms08-037-951746-and-951748.aspx
and created reserved ports value as mentioned in the article at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ReservedPorts
then rebooted the server and tried to access \\domain.local and got "\\domain.local is inaccessible.You might not have permissions to use this network resource".
This was now becoming iritating and so it was back to the drawing board.
So we checked the permissions on NTFS on c: and sysvol structure.
Ran the command secedit /configure /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose and this was stucked on 4% while we waited for one and half hour. Finally terminated it.
Ran dcgpofix which failed with error "unable to read EFS certificate from registry.pol file of Default domain policy configuration information could not be read from the domain controller either because machine is unavailable or access has been denied"
Another dead end. Running out ideas we descided to uninstall NOD32 and remote backup application failed to uninstall. Rebooted the server.
Tried to access \\domain.local and we were able to browse it.
Tested from client machines and that worked as well.
And there we go NOD was to blame, the latest update kicked all the group policies out.
Again I hope this helps someone out there.
IT Support
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment