Problems browsing shared path Win2k3

gwydion75

Junior Member
Jul 11, 2007
24
0
0
I have 4 Windows 2003 DCs, 2 on each campus. One of them is also my exchange server (yes, I know).

For an unknown amount of time, I've been unable to browse the file shares on ExchangeServerDC1. The reason I don't know how long is because I only began using its F&P Sharing last week, at which point it may have worked flawlessly and then broke, or worked intermitently always. In any case, right now, it's not working at all, which is making replication impossible and sharing impossible.

I've set up Folder Redirection for a dozen of my users for MyDocs/AppData/Desktop to a share on this server, because its the only one on this campus with enough HD space. (It's a school. We don't buy things to solve problems. Much to my great great sorrow.)

It seemed to work at first, which made me quite pleased, but a few days into it, connectivity from the other campus was lost. I can't pinpoint any specific action that would've caused it or even a specific time that connectivity was lost, as their desktops were appearing fine locally, only disappearing on their TS sessions to the other campus.

I can PING this server fine from the other campus. I can access this servers shares just fine from THIS campus. All the same AD Domain, just different sites. (10.0.0.0/16 for Campus1, 10.1.0.0/16 for Campus2).

I can access other Campus1 server shares from Campus2 just fine also, so it's not a connectivity thing that I can figure.

The error I most commonly see when trying to browse manually to \\ExchangeServerDC1 is:

"No Network provider accepted the given network path."

It doesn't browse by \\IP either.

dcdiag just reports problems with replication which is expected since I doubt the other DCs can access it.

I've uninstalled and reinstalled F&P For Microsoft already. I've ran sfc /scannow to no avail.

I've even had the opportunity of cleaning out old DNS records and such in the blind hope that it might be DNS related. Nada.

Any other perky ideas?


P.S. I didn't design this network, I inherited it. At present my only recourse is to correct existing problems as best I can until I can get more political will to purchase some hardware for some VMs or something eternally more useful. So please don't waste anyones time criticizing the design or recommending purchases.

Thanks so much,

Gwyd
 

gwydion75

Junior Member
Jul 11, 2007
24
0
0
In my attempts to troubleshoot, with help from skace, I'm attaching two wireshark outputs. They were taken during a brief time after pressing \\Campus1DC1 and \\Campus1DC2 from the the desktop of Campus2Server.

Campus2Server(10.1.0.27) is typical system on Campus2, similar results from multiple systems there.

Campus1DC1(10.0.0.6) is the Exchange/DC Server that cannot be browsed

Campus1DC2(10.0.0.2) is a DC on Campus1 that can be browsed.

It would seem that attempts to hit Campus1DC1 bring up NBSS traffic which is not present in a working connection. The working connection is is awash with SMB traffic that is clearly missing in the broken request.

http://pastebin.com/m11a2cbf - Campus2Server to Campus1DC2

http://pastebin.com/m3d8536bb - Campus2Server to Campus1DC1


I have yet to determine why this is occuring.
 

gwydion75

Junior Member
Jul 11, 2007
24
0
0
Looks like no one can access Campus1DC1 via port 445 (Telnet 445) not even Campus1, so somehow Campus1 is still accessing it over 139 or some other alternative.

After a 3.5 hour long call with MS, what we did was disable the IPSec Service, restart DNS. This opened up 445, which means IPSec had somehow locked it up, however DCOM was still creating crashes and not starting completely, which may have also been causing the crashes. So I've been given a set of instructions for reinstalling DCOM, basically, that I'll do tonight to try and stabalize the server. CLEAR!...

The shares are accessible now which is the main goal, but with IPSec being disabled and DCOM crashing who knows where we're at on the long-run.
 

gwydion75

Junior Member
Jul 11, 2007
24
0
0
At this point I might as well continue logging my efforts here in hopes someone will find it useful.

MS instructed me to follow this KB article http://support.microsoft.com/kb/891801

I must say, I'm halfway through it, and was unable to get MSDTC (DCOM) to start, still. The "Distributed Transaction Coordinator" won't start. There are other articles on google about using msdtc -resetlog to fix this, but it doesn't.
 

gwydion75

Junior Member
Jul 11, 2007
24
0
0
Found some more articles about deleting the %SYSTEMROOT%\system32\MSDTC dir then running msdtc -resetlog ...

That worked!!! ONCE!! Then upon reboot, the problem returned.

Found ANOTHER article that suggest modifying the permissions of the log file to match the USER of the Distributed Transaction Coordinator service! BUT YOU CANT! Cuz the NETWORKSERVICE account isn't part of the domain. So I just gave the log full perms to everyone. Screw it.

Rebooted.

Started service successfully manually!!! NO ERROR!
 

gwydion75

Junior Member
Jul 11, 2007
24
0
0
Now, if you looked at that KB article you'll see it says to Manual all services but a specific list. Here's the list of services I set to Manual in order to work on DCOM in a clean way. I wonder how many of these are actually in use. This poor server.

Application Experience Lookup Service
Application Layer Gateway Service
ASP >NET State Service
Audomatic Updates
Bacula File Server
Certificate Services
Crypto Services
DCOM Service Process Launcher
DHCP Client
Dis File Sys
Dist Trans Coord
DNS HOst Helper
DNS Server
Error Reporting
File Rep
File Server for Mac
FTP Pub
Help and Support
HID Input Service
HTTP SSL
IIS Admin
Indexing
Intel Alert Handler
Intel Alert Originator
Intel File Transfer
Intel PDS
Internet Auth Service
Interside Mesasging
Kerberos Key Distro
License Logging
Logical Disk Manager Admin Service
Machine Debug Manager
Microsoft Exchange
Event
IMAP4
Information Store
Management
MTA Stacks
POP3
RoutingEngine
Site Replication Service
System Attendance
Microsoft Search
Microsoft Software Shadow Copy Provider
MS File Manager Services
MySQL
Network Event Services
Network Intelligent Services
Performance Logs and Alerts
Print Server for Macintosh
Print Spooler
Protected Storage
Remote Desktop Help Session Manager
Remote Registry
RSOP
Secondary Login
Security Accounts Manager
Shell Hardware Detection
SMTP
Simple TCP/IP Services
SNMP Service
Symantec AV
Symantec AV Def W
Symantec Event Manager
Symantec Settings Manager
Symantec System Center Discovery Service
TCP/IP Print Server
Trivial FTP D
Virtual Disk Service
Volume Shadow Copy
Windows Audio
Windows Deployment Services Server
Windows Media Services
Wireless Configuration
World Wide Web Publishing Service

 

gwydion75

Junior Member
Jul 11, 2007
24
0
0
Time to start putting the important ones back to Automatic and see what I can leave off to keep this server from imploding again.
 

gwydion75

Junior Member
Jul 11, 2007
24
0
0
I've re-enabled the following services on automatic and am rebooting.

*DHCP Client
*File Server for Mac
*FTP Pub
*Machine Debug Manager
*Print Server for Macintosh
*Remote Desktop Help Session Manager
*Symantec AV
*Symantec AV Def W
*Symantec Event Manager
*Symantec Settings Manager
*Symantec System Center Discovery Service
*Windows Audio
*Windows Media Services
*Wireless Configuration

I'll miss that fast reboot time. Hopefully I'll be able to build myself an exchange cluster soon that only does exchange. Wouldn't that be a sight.
 

gwydion75

Junior Member
Jul 11, 2007
24
0
0
Uhg. Back to failing to start again. So another part of DCOM, one of the activated services, or a separate intermittent problem, are still affecting DCOM.

This is beginning to look less and less hopeful. I'll need to get ahold of MS again. Their fix isn't working.