|
Posted by Henrik Sjöström on October 4, 2006, 4:46 am
Please log in for more thread options Thing is, at this office, people don't use each others computers, and when
they do, its just temporary, which means that the owner to the borrowed
computer is mostly still logged on when another user uses his machine.
I'm kinda leaing towards a hardware error.
This user is using a new network socket (due to office remodeling), and has
a gigabit ethernet controller on his computer.
The switches are all 100 MBit, and I don't believe the cables themselves are
that high a quality either.
His NIC auto configures to 100 MBit on it's own, but I was kinda thinking it
might have something to do with this.
Thing is though, that he has not experienced any other errors, that he's
aware of.
I can just finish off by stating that he suffered from the error yesterday
at lunch time, but I did not have the time to look at it then, so it wasn't
until 3:30 PM or so when I got around to it.
Then it had healed on itself. That is, a reboot had not been not performed
in between.
// Henrik
> Weird. Since the security log does not show any related logon failures on
> the server then it would not appear to be a problem with wrong credentials
> being sent for some reason. It would be good to verify if the user has the
> same problem from any domain computer or just a particular one.
>
> Steve
>
>
>> TCP/IP is assigned by DHCP and ip settings on the client are no different
>> from anyone else.
>> I did double check the DHCP config but there ware no "dead" DNS servers
>> nor dead WINS Servers.
>> "ipconfig /all" on the client also looks normal / good.
>>
>> Apart from the known bug of Kerberos ticket, netdiag passed all checks
>> (apart from the also known warning of one or more WINS setting missing)
>>
>> Neither server nor client show any failures in any logs, although
>> methinks the things logged on the server needs to be increased a wee bit,
>> since the security log is IMHO a bit more empty than it should be.
>>
>>
>>
>>> Since a reboot clears it I would think it is possibly networking related
>>> such as improper DNS configuration on the computer he is using assuming
>>> this happens on just his computer. Verify that his computer is using
>>> ONLY domain controllers as the primary/secondary DNS servers as shown in
>>> tcp/ip properties. I would also run the support tool netdiag on that
>>> computer looking for any related errors and check the application log
>>> for any userenv errors/warnings that can also indicate a problem finding
>>> or contacting a domain controller. I would also check the server with
>>> the share security log for logon failures that occur when he is denied
>>> access to see they can provide any clues.
>>>
>>> Steve
>>>
>>> Active Directory DNS FAQ
>>>
>>>
>>>> Hello all.
>>>>
>>>> We have a user that is randomly denied access to the company's file
>>>> server's shares.
>>>> He can access the shares that do not have security on them OK, but not
>>>> the ones that have security on them (security that his accounts is part
>>>> of / qualifies for)
>>>> He just get a "access denied". (He is running Win XP w SP 2 and full
>>>> HFs, and the server is a Win 2K3 w SP1 and full HFs)
>>>>
>>>> This is the case when he tries to access his private share in the form
>>>> of USER$, as well as a couple of shares where access is restricted
>>>> either with windows user and or windows group accounts.
>>>> He does have at least modify permissions on the shares (in the case of
>>>> his private file area, he has full control). The permissions are set OK
>>>> both on the shares themselves as well as folder security.
>>>>
>>>> When this occurs, we do not see anything wrong either on his computer
>>>> or on the server.
>>>> It does not help to disconnect the share, or accessing it by
>>>> \FILESRV\USER$.
>>>> A reboot generally clears away the error, and he once again has access.
>>>>
>>>> Since shares that allow everyone access works OK, my hunch is that his
>>>> profile is somehow broken, and that the hash that windows sends to the
>>>> server when asked to authenticate in order to access the folder is not
>>>> correct.
>>>>
>>>> This is not a case of Windows fast logon, where Windows XP logs on
>>>> before all group policies have been downloaded, as the domain is small
>>>> (about 20 accounts, with no active policy changes in the last 6 months)
>>>>
>>>> Logging onto his computer and deleting his profile so that he has to
>>>> start over in the hopes of fixing the problem does not appeal to either
>>>> him or me.
>>>> Note that Norton Internet Security 2006 is installed on the system, and
>>>> that this error occurs even though all of Norton's subsystems are
>>>> disabled.
>>>> No one else have had any problems, so we can probably rule out the
>>>> server, right?
>>>>
>>>> Any thoughts?
>>>>
>>>>
>>>> // Henrik
>>>>
>>>
>>>
>>
>>
>
>
| 
XML Sitemap