Network Drive Mapping for users who have Port 445 (possibly others) Blocked by their ISP to a Server 2008 system

Nice to see my original posts are still up.  I was hoping that in the ensuing time someone had found a solution.  At least I can now see many other posting the same problems.  :)  Thought I was losing it for a while.
We have 100% proven that the problem (in our case) is from the ISP blocking port 445 (possibly others but 445 for SURE) with the reasoning that it prevents the spread of some Internet "worms".  It also just happens to prevent people who work
from home from being able to map to their network drives at work.
What I was hoping was that eventually someone would comer up with a solution for this short of having to load a server using a different OS from Windows.  The SMB protocol is the one needing port 445 as far as I can tell.  Not all ISP block
port 445 and the laptops that use those ISP's  have no problem.  Unless they travel.  Then it is "hit or miss" as to whether the ISP for the Hotel they stay at blocks it.
I have run multiple tests to prove that this was in FACT the problem.  Even the particular ISP in question which is a very large national ISP company freely admits they do this supposedly to prevent the spread of an unnamed Internet Worm.  It also
happens to prevent Business use of their Internet by Home Subscribers at they cannot map to their Business Servers which also need port 445 to map.
I have used WebDAV successfully to get around this but at a huge loss of speed and performance.  Cloud services all do essentially the same thing and all have pretty much the same loss of speed.
If anyone has come across a method of allowing a drive mapping to be rerouted to any other port, that is the only hope I have short of changing to an alternate OS for the Office Server and even then I cant be sure until I try if it would help.  I read
somewhere about the possibility of routing through a proxy but again, the problem would still be that the requests for mapping are expected on port 445 on the server and they will not get through even to the proxy since the originating ISP is the one blocking
the port from the User's system. 
Any help or suggestions would be greatly appreciated  I have posted this question now for several years with no one yet providing a working solution.  Hope burns Eternal though :)

Yes, OwnCloud is an option as well as many others.  Even self hosted Cloud services such as the WD MyCloud all work.  The problem is speed.  JungleDisk is the best I have found so far.  I am not sure exactly what they use to allow the
drive mapping but it seems to work faster that anything else I have found.
VPN's don't work.  At least none of them I have tried.   I can connect a VPN with no problem.  But still cannot map a drive over it.   Actually, there are some issues with the VPN as well but these are just a matter of methodology. 
Mapping to the FQDN works for some people while others require the public IP.  Some users on some ISP's can map using the FQDN, others have to map to the IP.  That in itself was a bit odd.
I have tried every trick I could find including adding  the IP and/or FQDN to the Windows Hosts file on the server as well as on the client systems.  This actually did help to get the VPN to connect in some cases.  However, it still would
not allow me to map a drive letter.
I can create a Network Place,  This also works.  But it will not allow me to MAP that "network place" to a drive letter.  I have tried multiple utilities that allow mapping of Drive letters to almost anything but they wont work to map to a
Network Place.
The software that needs the mapped drive is a SQL database which runs on port 2004.  The program itself has no problems at all connecting to the server to run the database.  Even on systems which cannot map to the needed drive letter for the documents
referred to in the database.    Users can run it and look up all kinds of material but it it is only a half-solution since the database refers to files stored in a "common-mapped" drive letter.  Which I cannot Map.
I have tried every possible configuration of the VPN setup I could find, I have even tried a "Test System" with the NIC connected directly to the T1 Modem.  With all firewalls off and no AV software.  Even if that had worked,  there is no
way I could run like that.  But it didn't.  Same issues.  All this did was put the blame squarely on the User's ISP which was the only reason I did it.  I had to rule out even the slightest chance that it was something in our equipment.
This was already almost a certain fact since the same user could take their laptop to a WiFi Hotspot at a fast food restaurant and connect as well as map the drive.  As soon as they went back home, no drive.  On the ones I could convince to pay
the extra charges, if they switched to a business connection from their ISP, No Problems.
On most MiFi or other Cellular Internet devices, No Problem,  Although that had a habit of changing.  We had a few that worked for a while, then they got a software update for their MiFi which immediately blocked the ability to map.  Others
it would be that some models of Cellular HotSpot units worked while other would not work even if both came from the same carrier.
Coincidentally, we had none of these problems before two other events occurred: 
One was the release of Server 2008 R2, (which was a kid of "surprise" change for all of us used to Server 2008 R1.  Welcomed changes, but not expected with a simple SP release. 
The other was IPV6 finally became a reality:  June of 2012.
This left us with much head scratching as to what was the real cause of the problem.  It took months to narrow it down to port blocking by the Outside ISP's with a 100% certainty.  Even tried reloading a system with Server 2008 R1 just to rule
that out.  As well as disabling IPV6 on every network device.  The problem stayed with the User when Outside and which ISP they were connected to.
Currently we are using a mix of normal VPNs for those who can run them, and CLOUD access for those who can't.  Even this is problematic since we have to keep both the local copy and the cloud copy in constant sync so that everyone sees the same versions
of the same files on each one.
Sorry to make this so long but I wanted to cover everything to show that we tried it all.  The only thing left short of getting the ISP's to remove the port blocks would be to find a way to route the SMB file requests around port 445 in some way. 
I have been told that this is easy enough if using a file system other than Windows but that is not an option even if true. 
Thanks for the updates and ideas.  I keep hoping that eventually there will be some secure method for mapping a drive letter that does not depend on having port 445.

Similar Messages

  • Is Azure File Service available for User who have MSDN subscritpion

    is  Azure File Service available for User who have MSDN subscritpion

    Hi Mohit,
    I responded to your other post as well, please see the approach there:
    https://social.msdn.microsoft.com/Forums/azure/en-US/f789cbeb-b01b-4cf8-ac97-513340ae7a5c/azure-file-services-not-available-in-preview?forum=windowsazuredata
    Thanks,

  • CSV file for users who have one-time password email address

    Hi Guys,
    I am trying to extract the list of users who have one-time password email address in FIM or users who have registered with one-time password reset authentication workflow. I need to get their email addresses in CSV file.
    Regards
    Sarwar
    Sarwar

    Take a look at:
    http://social.technet.microsoft.com/wiki/contents/articles/3616.how-to-use-powershell-to-export-all-users-who-have-registered-for-self-service-password-reset-sspr.aspx
    The script queries a WorkFlow called "Password Reset AuthN Workflow" and returns its ObjectID, then uses it to do a new query searching for "Users" with these parameters:
    AuthN WorkFlow Registered = ObjectID of "Password Reset AuthN Workflow"
    The script exports these details to a CSV.
    Also, all OTP email addresses should be stored in the "msidmOneTimePasswordEmailAddress" attribute in the FIM Portal.

  • FM for users who have authorization for some transactions.

    Hi there.
    Does anybody know any FM where from a list of transactions the system shows you all the user who have authorization to these transactions?
    I know that there are transactions to obtain this information, but we need a FM.
    Thanks and regards.
    Raúl.

    Hi Mahalakshmi.
    With FM SUSR_USER_DISPLAY_WITH_S_TCODE and GET_AUTH_VALUES you populate users and you get transactions. But we need to populate transactions and to get users.
    Regards.
    Raúl.

  • Converting wmv files for use in imovie 9 for users who have pc

    To convert wmv files use your pc windows movie maker. (if you have one) On your pc, open windows movie maker, get collections and get your wmv project/video, drag it into the timeline, and then save in your computer, save it as an avi file and rename it. After send file to your memory card reader, that way you can transfer that file onto your mac!! And voila! I tried to email it but file became too large so transfering it to a memory card is the easiest. This took me days to figure out, I hope I have helped someone out there.....

    I don't want to use DV because these .m2t files are from an HDV camcorder and I want to preserve the aspect ratio and resolution in the files. What other "flavor" of HD would you suggest that I convert them to since (a) I can't bring the files into FCP6 or Compressor (b) I don't see any other flavors of HD to use in VisualHub.
    The whole business of converting .m2t files to a FCP6 compatible format, i.e. a Quicktime format, would seem to be one that is commonly encountered, and yet I have never found a thread on this forum that really answers this question: What is the best workflow for converting .m2t files for use in FCP? Surely, one of the pros who frequent this forum must have dealt with this issue and have an answer.
    I don't want to have to recapture the files from tape all over again just to use them in FCP6.
    Tom

  • Subscription for users who have personal subscript...

    Hi there
    I'm trying to add a subscription for a user but it refused to do so because that user has existing personal subscription. it says that the user needs to cancel that subscription.
    However, even after cancelling the subscription its still showing the same message. The subscription although cancelled is still active until march 2012 (it was paid yearly). Please don't tell me that I have to wait for 10 months to be able to manage subscription to that user. It would be really stupid to not have a way to cancel the subscrption completely, get a refund for remainding period and be able to manage from the manager.

    Hi Mahalakshmi.
    With FM SUSR_USER_DISPLAY_WITH_S_TCODE and GET_AUTH_VALUES you populate users and you get transactions. But we need to populate transactions and to get users.
    Regards.
    Raúl.

  • Steps to deploy Lync for users who own Office 365 E1/E2 licenses, but don't have Office 365 E3, using Office Deployment tool.

    After many hours of debugging with Microsoft support the system to install the Lync Client silently can be done with a SINGLE LINE command.  The steps to take are below. It should be an easy next step to put this as GPO installation since
    it is a simple command.
    Comments appreciated. 
    side question: Why is there no Lync 2013 or Lync Office 365 forum?
    Basic steps to deploy Lync for users who own Office 365 E2 licenses, but don’t have Office 365 E3, using Office Deployment tool.
    This also applies for other Office 365 service types where the full office suite download is not included.  In April 2015 This was impossible to find online and not know by the Lync support team.
    Steps are:
    Download the Office deployment tool from
    http://www.microsoft.com/en-in/download/details.aspx?id=36778 and extract it to a folder. For this
    example we will use the \\server\sharename
    location.
    Extracting it creates a setup.exe file and it show a sample XML file.
    2. Create XML file and give it a name such as LyncEntryRetail.xml
    Note: The key is the productID that has to be the “LyncEntryRetail”. Other product IDs will download a version that needs another office 365 license. The productID “LyncRetail” needs an E3 license of Office 365.
    <Configuration>
      <Add SourcePath="\\server\sharename" OfficeClientEdition="32" >
        <Product ID="LyncEntryRetail">
          <Language ID="en-us" />
        </Product>
      </Add> 
    </Configuration>
    3. From the folder where you extracted the Office deployment tool, run the following command on the command prompt to download the source files and store them on the shared drive:
     (on single line)
    Setup.exe /download LyncEntryRetail.xml  
    (This is the name of the XML file created above)
    One can also run the same on a server share by using UNC path names such as  (on single line)
    \\servername\sharename\Setup.exe /download
    \\servername\sharename\LyncEntryRetail.xml  
    (This is the name of the XML file created above)
    4. Run the following command on the command prompt on a machine where you want to install the software: (on single line)
    \\servername\sharename\Setup.exe /configure
    \\servername\sharename\LyncEntryRetail.xml  
    (This is the name of the XML file created above)
    Once you are comfortable that it all works, you may want to edit the XML file if you want to have silent installation and add the following lines.
      <Display Level="None" AcceptEULA="TRUE" /> 
      <Property Name="AUTOACTIVATE" Value="1" /> 
    Regards
    Bart
    Bart Louwagie

    Hi Chudly,
    For the office365 issue, I also recommend you can post in dedicated forum for more efficient support:
    http://community.office365.com/en-us/f/166.aspx
    If you want to modify the powershell script, please post the current script and the issue, we will notice and continue to follow up.
    If there is anything else regarding this issue, please feel free to post back.
    If you have any feedback on our support, please click here.
    Best Regards,
    Anna Wang
    TechNet Community Support
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

  • I have a tesco router and an external hard drive attached to it as a network drive (shared) for my macbook and MB-Air. Have no problems with my MB accessing it, but with MB-AIR it says -  'the version of the server you are trying to connect to is not supp

    I have a tesco router and an external hard drive attached to it as a network drive (shared) for my macbook and MB-Air. Have no problems with my MB accessing it, but with MB-AIR it says -  'the version of the server you are trying to connect to is not supported. pls contact your system administrator to resolve the problem'. MB-Air uses maverick downloaded yesterday - upgrade from mountain lion. MB uses snow leopard still, as i am quite used to it and am thinking of upgrade if mavericks work fine on air. Also have parallel on snow leopard but it is no longer supported according to mac website - if i upgrade am i going to lose my parallel and will have to buy a new one!!!

    Yes, the Old Master file has a folder for each year where I find all photos from that specific year. I am attaching a screen shot of the file.
    In the meantime i have managed to download all photos (it did not download any video files though in mpg, avi, 3gp, m4v,mp4 and mov format) to a new iphoto library. Unfortunately the photos are quite mixed and often doubled up. I ma considering to purchase iphoto library which checks all duplicates in iphoto. this will save me a lot of time. What do you think?

  • List of users who have authorization for a particular transaction?

    Hi All,
    Can anyone guide me how to know the list of users who have authorization for a particular transaction?
    I need this to find out the list of authorizations that are obsolete ,when the particular trnsaction is obsolete in an Upgrade process.
    Thanks in advance.

    we can get the list of users for a particular transaction as below.
    get the tcode and place in AGR_TCODES and we get the list of roles .
    loop the roles and pass each role to AGR_USERS and we get list of users for that role.
    finally we got the list of users for that tcode.

  • For those who have problems RE: My iPhone 4 on connecting to my pc shows my friends name in the DIGITAL camera Drive..It dsiplays my correct name when I`m on iTunes..PLEASE HELP ME HOW DO I CHANGE THE NAME IN THE DIGITAL CAMERA DRIVE??

    For those who have problems RE: My iPhone 4 connecting to my pc shows my friends name in the DIGITAL camera Drive..It dsiplays my correct name when I`m on iTunes..PLEASE HELP ME HOW DO I CHANGE THE NAME IN THE DIGITAL CAMERA DRIVE??
    SOLUTION:
    Iam pointing t0 windows7 os.
    1) go to control panel
    2) open hardware and sound
    3) In that open Devices and printers
    4)In that u can find Apple Iphone.
    5) now right click on this --> Hardware --> Properties --> General --> Uninstall --> ok.
    6) now unplug and plug in ur iphone again.There u go u iphone name changes to its original name.

    I am having this problem.  At first with the new iPhone 5, and then with the iPad 2.  I am not sure why this is happening. 
    My gut feeling is this is an iO6 issue and here's why -
    The problem mainly occurs with apps.  I have about 150 apps, and when I plugged in the phone, iTunes went to sync all of them.  The process would hang up after about 20 - 30 apps were loaded onto the phone. I could tell where about the process hung up because the apps on the phone showed up as "waiting".
    Then on the iPad 2 I plugged in to sync and saw there was a huge "Other" component in my storage.  It required me to restore the iPad 2 from backup.  With this restore the same issues occurred - putting the apps back on the iPad would hang up.  The videos on the iPad also got stuck - maybe after about 10 hours of videos transfered iTunes crashed.
    My solution has been to soft reset the device, restart Windows, and continue the process until it's complete.  This is remarkably inefficient and time-intensive but everything works with patience.
    I have been wondering if others have had these same problems. 

  • How to find out users who have answered security questions

    Is there any report where we can find out users who have answered security questions.
    Please reply back to this.

    This might help you:
    Define a task template, reference the UserQuestionReport task definition:
      <TaskDefinitionRef>
        <ObjectRef type='TaskDefinition' id='#ID#TaskDefinition:UserQuestionReport' name='User Question Report' displayName='UI_REPTS_XML_USER_QUESTION_TITLE'/>
      </TaskDefinitionRef>Define desired variables
          <Attribute name='attrListField'>
            <List>
              <String>accountId</String>
              <String>policy</String>
              <String>loginInterface</String>
              <String>questions</String>
            </List>
          </Attribute>
          <Attribute name='attrMapField'>
            <Map>
              <MapEntry key='accountId' value='UI_REPTS_XML_REPORT_ATTR_ACCOUNTID'/>
              <MapEntry key='loginInterface' value='UI_ATTR_LOGIN_INTERFACE'/>
              <MapEntry key='policy' value='UI_SERVICEMODIFY_JSP_ACCOUNTPOLICY'/>
              <MapEntry key='questions' value='UI_ATTR_MIN_QUESTION_UNANSWERED'/>
            </Map>
          </Attribute>and the rest of the task template for a report definition.
    Hth
    Edited by: nickoarg on Feb 5, 2009 1:57 PM

  • Network drive and fast user switching OS 10.7

    I have a shared network drive that I want all accounts on my Mac to be able to access. On my Mac I have a single admin account and several non-admin accounts. The problem is that once one account mounts the network drive when another user logs in (using fast user switching) the drive shows as being inaccessible (a folder icon with a "do not enter" icon on it) and must be unmounted and remounted. This is an issue because unmounting requires the admin password which is not known to all users.
    Is there a way that I can make the mount available to all users on the machine without needing to remount for each user? Or is there a way that I can unmount without requiring the admin account?
    Thanks

    System Preferences -> Users & Groups, click Login Options, you'll see it then.  You'll need to unlock that preference pane with the lock in the lower left corner of the window to change that setting.

  • Query to find out the list of user who have delete access

    Hi,
    I need a query to find out the list of users who have delete access on perticular folder/universe/ reports  in infoview.
    Please advice.
    Regards,
    Neo.

    orton607 wrote:
    thanks for replying guys. But the thing is i am using dynamic sql execute immediate in my package, so i want those tables also and the schema name.
    thanks,
    ortonThis is not possible. The best you could do is to have a good guess.
    Or how would you parse some dynamic statement as this:
       v_suffix := 'loyees';
       v_sql := 'Select count(*) from (select ''nonsense'' col1 from emp'||v_suffix||') where col1 = ''Y'''';
       execute_immediate(v_sql);
    ...What is the table name? How do you want to parse that?
    Better rewrite all dynamic SQL statements into non dynamic ones. Or do the source control logic for those dynamic parts in an extra module. For example implement your own dependency table and force every developer to add there all dynamic parts.

  • Portal users who have logged in during a specified time interval ?

    Hi,
    I need to know all the users who have logged in to the portal during a specific interval of time e.g during the last 10 days. Is there any provision to write code using UME api ?
    Any help would be highly appreciated and rewarded.
    Thanks & Regards,
    Sudhir

    Hi Jaga, Thanks for your reply.
    This is what i needed.
         Vector v=new Vector();
         IUserAccountFactory uaf = UMFactory.getUserAccountFactory();
         IUserAccountSearchFilter userAccountSearchFilter=uaf.getUserAccountSearchFilter();
         userAccountSearchFilter.setLoggedInBetween(fromDate,toDate);
         ISearchResult sr = uaf.search(userAccountSearchFilter);
         while(sr.hasNext())
                         IUserAccount ua = uaf.getUserAccount((String)sr.next());
              IUser tmp = ua.getAssignedUser();
              v.add(tmp);

  • SharePoint 2013 - Server Error in '/' Application - This operation can be performed only on a computer that is joined to a server farm by users who have permissions in SQL Server to read from the configuration database

    Hi
    After I ran SharePoint configuration wizard successfully to upgrade to SharePoint 2013 / SP1.
    I can open Central Administration site just fine.
    but now when I open any Site collection,  I got this error.
    Server Error in '/' Application
    This operation can be performed only on a computer that is joined to a server farm by users who have permissions in SQL Server to read from the configuration database. To connect this server to the server farm, use the SharePoint Products Configuration
    Wizard, located on the Start menu in Microsoft SharePoint 2010 Products
    I have restarted all the servers:  SQL server, WFE and APP servers but still cann't get this resolve.
    Services on all servers are running,  IIS - application pools are running.
    Can someone help with where that could be a problem or if there is a solution.
    Thanks in advance for your comments or advices.
    Swanl

    Please verify the followings:
    Make sure that from the SharePoint front end and application servers that you can ping your SQL server.
    Make sure that your Farm account has permission to the configuration database.
    Lastly verify that your database didn't for some reasons go into recovery mode.
    once everything is fine and you are still having issues, restart the SQL host service on the SQL server.
    Once the service is restarted you will need to reboot Central Admin and then your front end servers.
    In addition, as you built your farm inside the firewall, please disable the firwall, or create rules for SQL Server service in the firwall on SQL server.
    More information about creating rules in firewall, please refer to the following posts: http://social.technet.microsoft.com/Forums/en-US/c5d4d0d0-9a3b-4431-8150-17ccfbc6fb82/can-not-create-data-source-to-an-sql-server http://www.mssqltips.com/sqlservertip/1929/configure-windows-firewall-to-work-with-sql-server/
    Here is a similar post for you to take a look at: http://social.technet.microsoft.com/Forums/en-US/ea54e26c-1728-48d4-b2c5-2a3376a1082c/this-operation-can-be-performed-only-on-a-computer-that-is-joined-to-a-server-farm-by-users-who-have?forum=sharepointgeneral 
    Please 'propose as answer' if it helped you, also 'vote helpful' if you like this reply.

Maybe you are looking for