Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

URGENT - Temporary XP Pro Workgroup outside Domain screwed up


  • Please log in to reply

#1
MindTheGap

MindTheGap

    New Member

  • Member
  • Pip
  • 1 posts
Good evening from Germany,


I just stumbled in here in the hope there may be a person out there with at least a vague hint on what the heck may be wrong. I' ll try to cut this short whilst trying to provide as much data as possible. This is an urgent matter as the auditing team outside at the customer is unable to work.


For historic reasons, we've NOW made the final step to upgrade our notebook fleet with new machines ( LENOVO T6x with Windows XP Professional ). The old fleet were ( new ) toshiba boxes with ( old ) windows 2000 which weren't giving ANY probs for YEARS.


INSIDE
All of the above ( ~20 in total ) are domain members and run just fine in the office. Adressing in the Office - AD runs via DHCP off a Cisco 2611XM, DNS in place, no WINS, no other nifty 3rd Party protocols on the IP stack. The machine names are MOBILn where n = 0 to ... as needed. UNPLUGGING the machines, re-logon with the following ( !! ) does not give a problem until the machines are offline for some hours OR if they are rebooted or cold booted, then the following will come up.


OUTSIDE

For specific reasons, some notebooks are in outside use from time to time over several weeks and need to form an ad-hoc topology using workgroup switches with CAT wiring, thus sharing printers and files. Every Notebook has a certain LOCAL user belonging to the LOCAL admin group, named identically on every machine with identical password. NO DOMAIN ACCOUNTS are used outside.

As DHCP is unavailable outside, the boxes use static 172.16.2.0 /16 ( CIDR notation here ) addresses, using the secondary IP config. No Gateway entered, as no router and no WAN connection present, same goes for DNS. This is where the problem comes up - the machines can PING each other's IP back and forth, but when trying to browse / access the domain in the N/W Environment "access is denied". So no interconnection via browsing facility is possible. Again, the Error does NOT read "Domain unavailable" ( which is self-explanatory ) but "Access denied".

The Notebooks are subject to an AD policy in the office - which is not the problem too, as 1. ) it is transparent concerning machine access and 2. ) the local SA is in use outside, not the DOMAIN SA, so no need to drag the boxes off the domain when workgroup functionality is needed outside ( which of course is NOT done, the boxes remain as they are ) and 3. ) The Windows 2000 boxes ran just fine in the desired manner.

As a backup, using UNC paths via [START -> EXECUTE -> \\[172.16.2.n] or [START -> EXECUTE -> \\[HOSTNAME] fails with "Network path not found".

NET VIEW fails with Errors accordingly.

  • Simple File Sharing is disabled in the folder options. ( Enabling it does NOT solve the problem )
  • TCP/IP filter setting in the N/W connectin advanced tab is fully transparent.
  • The needed Shared payload folder "transit" has full RXWD access for the "authenticated user" groups.
  • The folder name and share name are the same.
  • Firewall / ICS is disabled.
  • Browser Service is STARTED.
  • Server Service is STARTED
  • netBIOS via TCP/IP is checked in the connection properties and the netBT helper Service runs.
  • NBT node type is unknown ( as it should be ).
  • Local security policy does not deny anything except Guest and SUPPORT... user access via the NW
  • Local security policy does allow Administrators accessing the box via he N/W
  • [HKLM\SYS\CCS\LSA\restrictanonymous]=0

I must confess I have not had this kind of problem in more than 10 years of networking experience, I am at my WITS end.
Please help, can't handle this anymore. The last idea I would have is the following - Leonovo ships hthe machine with preinstalled proprietary tools such as "ACCESS CONNECTIONS" which I uninstalled and pre-installed Symantec ( !!! ) security center which I also uninstalled. I may guess that there are remains from that lurking around somewhere as a hidden service....

Thanks a lot in advance.

Daniel

Edited by MindTheGap, 21 April 2008 - 04:24 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP