Unable to access CIFS shares using SSL Web portal

Similar Messages

• Open VDW files stored on file share using Visio Web Access

  Hi,
  Is it possiblwe to view VDW files that are stored in a file share using Visio Web Access in SharePoint?
  If so, how?
  Opening up a Visio Web Drawing stored in a SharePoint document library is straight forwards however I want to view a visio web drawing stored in a file system using the web access service.
  Hope I'm made myself clear.
  MDB

  Hi Jens,
  I will suggest you to call the support center, cause there are some bugs related to the issue you are having.
  http://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html
  Regards.

• ASA 9.1 + ACS 5.4 SSL Web Portal Bookmarks according to AD Group.

  Hello.
  Have some issues, with ssl vpn on ASA 5515-X.
  I have ASA (9.1) connected to the  ACS (5.4) and configured anyconnect mobile client and clientless ssl web portal. ACS also have connection to Active Directory.
  So it's configured that AD users from group, for example, VPN_clients could connect via anyconnect client or without client via SSL web page. And it's working fine.
  My goal is that to make different SSL portal bookmarks (in terms of ASA different Group Polices) according to AD user group.
  For example: I have 3 groups in AD: VPN_admin, VPN_Finance, VPN_Logistic. I want that users from these group after authentication at SSL web portal would see only their own bookmarks available only for their group.
  As i inderstand after authentication process ACS must answer to ASA which AD groups the user consist of and ASA must choose the right group policy for the user, but i have no experience how to make this?

  Hello Ivan,
  You are right, ACS can let the ASA know which group-policy should assign based on the RADIUS attribute 25.
  Steps on ACS:
  1- Defined AD groups:
  2- Define the authorization profile under the Policy Elements tab:
  3- Create the Authorization policy and access criteria:
  Then, on the ASA:
  1- Create a group-policy and name it it.
  2- Through the ASDM, create and assign the bookmarks to this group-policy.
  3- Once a user authenticates, the ACS sends the attribute 25, which contains the string "ou=it".
  4- The ASA looks for the group-policy it and assigns it to the user's session.
  Let me know if you have any questions.
  HTH.
  Please rate any helpful posts.

• Cannot access CIFS shares from Windows 2008R2 on NSS3000

  Hi,
  I am trying to upgrade our 2008 domain to 2008R2 but with that last version we cannot access to cifs shares on the NSS3000. Access from all other clients are OK. It was 100% OK under 2008...
  Whether I use the IP or the FQDN, I got an error from Windows 2008R2. From IP, I got "No process is on the other end of pipe." and from network Gui, I got "Windows cannot access \\nas0026CB647BC6. Check the spelling of the name...blabla. Details : Error Code : 0x80070035, The network path was not found".
  On the NAS, I got this errors in the cifs logs :
  Feb 24 14:12:45 NAS0026cb647bc6 winbindd[28457]: rpc_api_pipe: Remote machine WIN2008-PDC.bluemoon.holywell.leics pipe \NETLOGON fnum 0x4002returned critical error. Error was NT_STATUS_PIPE_DISCONNECTED 
  Feb 24 14:12:45 NAS0026cb647bc6 winbindd[28457]: [2011/02/24 14:12:45, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) 
  Feb 24 14:12:45 NAS0026cb647bc6 winbindd[28457]: rpc_api_pipe: Remote machine WIN2008-PDC.bluemoon.holywell.leics pipe \NETLOGON fnum 0x4002returned critical error. Error was NT_STATUS_PIPE_DISCONNECTED 
  Feb 24 14:12:45 NAS0026cb647bc6 winbindd[28457]: [2011/02/24 14:12:45, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) 
  Feb 24 14:12:45 NAS0026cb647bc6 winbindd[28457]: rpc_api_pipe: Remote machine WIN2008-PDC.bluemoon.holywell.leics pipe \NETLOGON fnum 0x4002returned critical error. Error was NT_STATUS_PIPE_DISCONNECTED 
  Feb 24 14:12:45 NAS0026cb647bc6 winbindd[28457]: [2011/02/24 14:12:45, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) 
  Feb 24 14:12:45 NAS0026cb647bc6 winbindd[28457]: rpc_api_pipe: Remote machine WIN2008-PDC.bluemoon.holywell.leics pipe \NETLOGON fnum 0x4002returned critical error. Error was NT_STATUS_PIPE_DISCONNECTED 
  Feb 24 14:12:45 NAS0026cb647bc6 winbindd[28457]: [2011/02/24 14:12:45, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) 
  Feb 24 14:12:45 NAS0026cb647bc6 winbindd[28457]: rpc_api_pipe: Remote machine WIN2008-PDC.bluemoon.holywell.leics pipe \NETLOGON fnum 0x4002returned critical error. Error was NT_STATUS_PIPE_DISCONNECTED 
  Feb 24 14:12:48 NAS0026cb647bc6 winbindd[28457]: [2011/02/24 14:12:48, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) 
  It is likely to be an incompatibility between Windows 2008R2 smbv2 and the NSS3000 smbd but I can't find any firmware update and I can't find the process to allow in the registry.
  I can ping it, I can connect on the web interface, I can connect on FTP but no CIFS at all.
  Firmware version running is 1.20.1. Hardware rev : V03.
  Any idea?

  Hi SpaceBass, have you looked into sharepoints or into Netinfo manager. I have been playing around with sharepoints and it does let me enter non local users into the sharing prefs- albeit manually. Only thing is , depending on the number of macs you have, it could be a long and tedious job entering it all by hand. Netinfo may have an easier way, I'll do some more digging and post back.
  Cheers.

• WRT54GL unable to access wired shares or printer on PC from wireless iMac

  The subject line applies to a new router on which I can access the internet ok both from the wired PC and the wireless iMac.
  The problem is this router is unable to access the PC shares or printer from the iMac. Pls note, "this router"!
  I have an identical WRT54GL v1.1, same firmware, setup is identical on both, one works with no problem, but the new one has the above problem..
  I have spent a day on it and its in line for return on Monday, but I still hope for a miracle tip which may sort it out :-)
  On the good one 'Port scan' of the PC from iMac gives me:
  Port Scan has started ...
  Port Scanning host: 192.168.1.100
  Open TCP Port: 139
  Open TCP Port: 445
  while the faulty one gives me:
  Port Scan has started ...
  Port Scanning host: 192.168.1.100
  ..and thats it! No contact.
  Yes, the router is set up for 'Lan & Wireless' (no way to change that setting to 'WAN only' it seems, it bounces back to 'Lan & Wireless')
  I have btw done a Factory Reset on it (twice) with no joy.
  Any ideas anyone?
  Mvh

  My first guess for this kind of problem would be a software firewall on the computer. The firewall will detect where it is connected and configures the settings depending on the location. Two routers are two different "locations". Try turning off the firewall or even better deinstall it as often some parts of those software firewalls are still active when turned off.
  The only option that does affect access of wireless clients to the LAN is the "AP Isolation" option on the "Advanced Wireless Settings". That should be off.
  Another thing you could try if you like: do a configuration backup on the working router and restore it to the faulty one. Maybe there are some settings that don't match and that you cannot configure through the web interface. Have you ever used a 3rd party firmware on either of the routers?

• Unable to access end point while invoking web service from bpel

  We are trying to Consume Web Service in our SOA Application and we are getting the following error:-
  "java.lang.Exception: oracle.sysman.emSDK.webservices.wsdlapi.SoapTestException: oracle.fabric.common.FabricInvocationException: Unable to access the following endpoint(s): http://xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/yyyyyyy.svc ".
  Scenario*:-
  1.The Web Service that we are trying to consume is built on Microsoft Dynamics AX Framework and is using Windows Authentication and we are using Oracle Soa Suite 11g(11.1.1.5) to access it.
  2.The Web Serice is Hosted on IIS server 7.0 . The Soa server and IIS server both are on the same domain(Also need to confirm that is there any need to pass credentials while consuming Web Services when both the servers are on same domain??).
  3.We have tested the Web Service in SOAP UI and is working fine only when we pass the Username,Password and Domain.And if we do not pass the User Credentials then we get the following error:-
  " 401 - Unauthorized: Access is denied due to invalid credentials.
  You do not have permission to view this directory or page using the credentials that you supplied."
  4.We can even access the WSDL from the browser.
  Plz help me out to resolve this issue.Will be really greatfull
  Edited by: 937798 on May 31, 2012 2:36 AM

  910764
  1:- I have not begged or requested for marking all answers as helpful. If answers are helpful then post author can do that.
  2:- I also follow same practice. I dont blindly mark all answers correct or helpful. It can waste other's time. Correct marking is very important. Hence my all question are not having close end.Few are still open for correct answers. I will happily mark them correct if you can help me in that.
  In the end , I will say Kindly refrain yourself using this platform as facebook or other social networking websites.
  I hope you will understand seriousness of this forum and utilize its member's posts at the most.
  Thanks,
  Ashu

• Random error accessing CIFS shares from Windows

  I am setting up some CIFS shares to be used from Windows clients and in the process I had some random problems accessing the shares.
  In hope of finding the answer I checked the CIFS Service and the Active Directory Service, and while watching the screen for Active Directory Service I saw that the "Selected Domain Controller" changed from one to another. I now stayed within this screen and noticed that the "Selected Domain Controller" continued to change and then I found the problem, because an unknown Domain Controller appeared. The IP was 216.150.17.8
  I found that when ever this Domain Controller was the selected one, all access to CIFS shares from Windows clients failed! This is correct, because the 216.150.17.8 of course is unaware of all users in Our Domain
  So the Questions are:
  - what is happening?
  - and how to solve this?
  - why is a Domain Controller 216.150.17.8 sometimes the Selected Controller?
  - where does this 216.150.17.8 come from?
  Have You seen anything like this?

  I now have found out why the DC changes - it is because the CIFS service is restarting ;-(
  This is a log snip
  2009-5-14 09:24:53 Executing start method ("exec /usr/lib/smbsrv/smbd start").
  2009-5-14 09:24:53 Executing stop method (:kill).
  2009-5-14 09:24:53 Stopping because all processes in service exited.
  2009-5-14 09:24:39 Method "start" exited with status 0.
  2009-5-14 09:23:48 Executing start method ("exec /usr/lib/smbsrv/smbd start").
  smbd: NetBIOS services started
  2009-5-14 09:23:48 Executing stop method (:kill).
  2009-5-14 09:23:48 Stopping because all processes in service exited.
  2009-5-14 09:23:34 Method "start" exited with status 0.
  It seems to happen when I access the share and thereby force a uservalidation
  Any ideas?

• Unable to access a share - beachball...

  Colleague has raised an issue - he is unable to access a shared folder on our server.
  He does Command K, enters ip number of server, clicks connect,
  enters name and password
  Gets a window offering volumes to mount - as soon as he clicks on one gets 'beachball of death'...
  I can login from another site using his name and password and sail through to volumes OK...
  He can Ping the server's ip number successfully...
  Any thoughts on reason?
  Any solutions...
  Thanks - he's on 10.4.6 (probably should upgrade to 10.4.11), server is 10.4 os x server

  If you can access the site through www.megaproxy.com/freesurf/ or a similiar web proxy service, then Verizon is giving you access.   The Web Host probably has an out of date filter.
  He can either add your subnet to his network, or you can simply turn off your modem for four hours (there is a lease time on the ip address that doesn't expire for 4 hours) and then turn it back on.   I usually tell folks to do this at night when they go to bed.   Basically just unplug the modem and don't plug it back in until the morning.
  OR if you want it right away, you can try chat support or Call Verizon, and don't bother telling them your problem AT ALL.  just ask for tech support and ask if they can release your IP Address, or break the dhcp lease.
  you should have your modem powered off when they do that, and don't plug it back in for AT LEAST 3 to 5 minutes before plugging it back in. 
  If you plug it in immediately, then you run the risk of that IP address coming right back to you, but if you give it a few minutes, it will most likely go back into the dhcp pool and get assigned to someone else, and you will be in perfect shape to get a new ip address.

• Samba/cifs shares using AD for Authentication

  Hi,
  I am trying to make use of the internal cifs shares in Solaris 11.1 but I am running into road blocks - can anyone shed light on this for me?
  I won't bore you with my first and abortive attempt at configuring auth with native kerperos and simply say that have decided to go with the third party product PBIS Open for the authentication.
  setup is a breeze and I can see the shares from elsewhere but for the life of me I cannot mount the shares. For the record the setup that was most successful went in this order:
  SAMBA
  pkg install service/file-system/smb
  zpool create xpool /var/tmp/xpool
  zfs set sharesmb=on xpool
  zfs create -o nbmand=on xpool/fs1
  zfs get -r share xpool
  svcadm enable -r smb/server
  smbadm show-shares host
  smbadm enable-user AD.DOMAIN\\user
  WORKAROUND to point to a working test DC:
  xx.xx.xx.xx      AD.DOMAIN >> /etc/hosts
  smbadm join -u user AD.Domain
  PBIS:
  cd /var/tmp/pbis-open-7.5.3.1536.solaris.sparcv9.pkg/
  ./install.sh
  svccfg -s system/name-service/switch
  setprop config/password = astring: "files lsass"
  setprop config/group = astring: "files lsass"
  setprop config/host = astring: "files dns mdns4_minimal [NOTFOUND=return] mdns4"
  svcadm refresh name-service/switch
  domainjoin-cli join AD.DOMAIN user
  After which I can ssh into the host as an ad user but I can't mount  (get permission denied).
  /var/adm/messages shows:
  Jan 22 15:52:14 host smbd[1635]: [ID 649633 daemon.notice] ndr_rpc_bind[tid=8]: \\ADDC.fqdn\PIPE\srvsvc: smb/client authentication failed (114)
  Jan 22 15:52:14 host smbd[1635]: [ID 649633 daemon.notice] ndr_rpc_bind[tid=8]: \\ADDC.fqdn\PIPE\lsarpc: smb/client authentication failed (114)
  Jan 22 15:52:14 host smbd[1635]: [ID 649633 daemon.notice] ndr_rpc_bind[tid=8]: \\ADDC.fqdn\PIPE\srvsvc: smb/client authentication failed (114)
  Jan 22 15:52:14 host smbd[1635]: [ID 649633 daemon.notice] ndr_rpc_bind[tid=8]: \\ADDC.fqdn\PIPE\lsarpc: smb/client authentication failed (114)
  Jan 22 15:52:14 host smbd[1635]: [ID 702911 daemon.notice] smbd_dc_monitor: domain service not responding
  and the DC logs show:
  Log Name:      System
  Source:        Microsoft-Windows-Security-Kerberos
  Date:          22/01/2014 3:46:54 PM
  Event ID:      3
  Task Category: None
  Level:         Error
  Keywords:      Classic
  User:          N/A
  Computer:      ADDC.fqdn
  Description:
  A Kerberos Error Message was received:
  on logon session
  Client Time:
  Server Time: 5:46:54.0000 1/22/2014 Z
  Error Code: 0xd KDC_ERR_BADOPTION
  Extended Error: 0xc00000bb KLIN(0)
  Client Realm:
  Client Name:
  Server Realm: AD.DOMAIN
  Server Name: [email protected]
  Target Name: [email protected]@AD.DOMAIN
  Error Text:
  File: 9
  Line: f09
  Error Data is in record data.
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="Microsoft-Windows-Security-Kerberos" Guid="{98E6CFCB-EE0A-41E0-A57B-622D4E1B30B1}" EventSourceName="Kerberos" />
      <EventID Qualifiers="32768">3</EventID>
      <Version>0</Version>
      <Level>2</Level>
      <Task>0</Task>
      <Opcode>0</Opcode>
      <Keywords>0x80000000000000</Keywords>
      <TimeCreated SystemTime="2014-01-22T05:46:54.000000000Z" />
      <EventRecordID>476941</EventRecordID>
      <Correlation />
      <Execution ProcessID="0" ThreadID="0" />
      <Channel>System</Channel>
      <Computer>ADDC.fqdn</Computer>
      <Security />
    </System>
    <EventData>
      <Data Name="LogonSession">
      </Data>
      <Data Name="ClientTime">
      </Data>
      <Data Name="ServerTime">5:46:54.0000 1/22/2014 Z</Data>
      <Data Name="ErrorCode">0xd</Data>
      <Data Name="ErrorMessage">KDC_ERR_BADOPTION</Data>
      <Data Name="ExtendedError">0xc00000bb KLIN(0)</Data>
      <Data Name="ClientRealm">
      </Data>
      <Data Name="ClientName">
      </Data>
      <Data Name="ServerRealm">STAFF-TEST.AD.GRIFFITH.EDU.AU</Data>
      <Data Name="ServerName">[email protected]</Data>
      <Data Name="TargetName">[email protected]@AD.DOMAIN</Data>
      <Data Name="ErrorText">
      </Data>
      <Data Name="File">9</Data>
      <Data Name="Line">f09</Data>
      <Binary>3015A103020103A20E040CBB0000C00000000003000000</Binary>
    </EventData>
  </Event>

  Although setting up SMB server in Solaris 11.1 seems to be straight forward, yet there another important part to be completed on the Windows Side. the following link describes what to be done at the windows domain level
  https://social.technet.microsoft.com/wiki/contents/articles/2751.kerberos-interoperability-step-by-step-guide-for-window…
  Now, to be straight forward you have to do the following:
  Use Ktpass on the Windows Server 2003/2008/2012R2 KDC to create the keytab file (a keytab is a file used to store the keys used by a host or service) and set up the account for the UNIX host, and then copy the keytab file to the UNIX system and merge the keytab file into /etc/krb5.keytab (check the documentation for your Kerberos Implementation as the keytab path may be different or configurable).
  1.   From the command line, use the following command to generate the keytab file for the UNIX host, map the principal to the account, and set the host principal password.
  C:> klist
  this command will list the encrption type used by your server
  C:> Ktpass –princ host/hostname@DNS-REALM-NAME –mapuser account -pass password –crypto ENCRYPTION-TYPE –out UNIXmachine.keytab
  where
  hostnameis the fully-qualified name of the host, for example, foobar.reskit.com.
  DNS-REALM-NAME is the uppercase DNS name of the Windows Server 2003 domain; for example, RESKIT.COM.
  account is the user account previously created for the UNIX host as performed in the procedure to create Computer and User Accounts.
  password is a complex password to be set on the account.
  ENCYRYPTION-TYPE is the encryption type used to encrypt the key. Either RC4-HMAC-NT (recommended), DES-CBC-MD5, or DES-CBC-CRC.
  Note
  In order to create a keytab using the RC4-HMAC-NT encryption type you need to use the ktpass.exe from Windows Server 2003 SP1 or later.
  2.   Securely transfer the keytab file (UNIXmachine.keytab from the example above) to the UNIX host. Then, merge the keytab file with any existing keytab file for the UNIX computer.
  The UNIX commands to merge the keytab file are:
  % ktutil
  ktutil: rkt UNIXmachine.keytab
  ktutil: list
  The output should appear similar to the following:
  slot  KVNO  Principal
      1      1   host/[email protected]
  ktutil: wkt /etc/krb5.keytab
  ktutil: q
  rejoin the domain using smbadm command as following
  smbadm join -u username DOAMIN
  where username = username created from step 1
  the second part is where you have the issue \\ADDC.fqdn\PIPE\srvsvc: smb/client authentication failed
  change the following in Domain group policy if you are using domain policy or Local policy is no group policy applied
  GPO_name\Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options
  add  lsarpc to the following  policy
  Network access: Named pipes that can be accessed anonymously
  gpupdate /force
  observer your /var/adm/messages and see if these message stops or not

• Windows 10 unable to access CIFS

  I am unable to connect a windows 10 enterprise client to our cifs shares We use DFS on our windows server – so normally I would just map to the root of that \\domain\home I have tried adding the reg key as detailed here and elsewhere without success https://techjourney.net/cannot-connect-to-cifs-smb-samba-network-shares-shared-folders-in-windows-10/ Typically I normally disable SMB signing on windows 8/server 2012 clients but SMB signing negotiation seems to be optional now, and the reg key I would create gets rejected by windows 10 I do not want to start making wide ranging changes to my netapp, but if it improves security I am happy to do so The client is domain joined, and I have an account which is both local admin and domain admin running on it for testing Any advice greatly received – this is a tad inconvenient

  Hi, After some more personal digging around (my support ticket was getting nowhere fast) I have managed to successfully browse CIFS shares on my snapmirror filer at our DC.To do this I had to enable cifs signing and bounce the cifs service. FILER> cifs terminateCIFS local server is shutting down...CIFS local server has shut down...
  FILER> options cifs.signing.enable on
  FILER> cifs restart
  CIFS local server is running.
  Can't set cifs branchcache server secret. This filer is running 8.1.4P1 7-Mode This weekend we have a full power shutdown at our production site so I will try this on power up. It's so hard to get the users to close down their connections!!!! One thing I did notice though. The filer does not show the W10 client using security signatures - output from cifs sessions -t Using domain authentication. Domain type is Windows 2000.
  Root volume language is not set. Use vol lang.
  Number of WINS servers: 0
  Total CIFS sessions: 1
  CIFS open shares: 1
  CIFS open files: 0
  CIFS locks: 3
  CIFS credentials: 1
  IPv4 CIFS sessions: 1
  IPv6 CIFS sessions: 0
  Cumulative IPv4 CIFS sessions: 26383
  Cumulative IPv6 CIFS sessions: 0
  CIFS sessions using security signatures: 0 Will post results from production environment after the weekend

• Mapped GID is changing while accessing CIFS share

  Hi guys
  We're seening a strange issue on our AD-bound macs that the mapped GIDs of files on a CIFS share are changing without any change on the filesystem.
  First of all let me explain our setup:
  1. All macs are joined to our active directory domain. The output of "dsconfigad -show" for the uid/gid mapping looks as follows:
  <snip>
  Advanced Options - Mappings
    Mapping UID to attribute       = not set
    Mapping user GID to attribute  = not set
    Mapping group GID to attribute = not set
    Generate Kerberos authority    = Enabled
  <snap>
  2. Macs access a cifs share on a netapp filer.
  3. Username and groupnames are mapped correctly. The output of "id rth" for my user looks as follows:
  uid=1973125731(rth) gid=2108864217(OSAG\corp) groups=2108864217(OSAG\corp),....
  Problem:
  When I mount the netapp CIFS share and enter it, everything looks good:
  <snip>
  rth@mac-rth:~$ ls -l /Volumes/os/it
  total 696
  drwx------+ 1 rth  OSAG\corp  16384 Nov 29 11:48 admin
  drwx------+ 1 rth  OSAG\corp  16384 Mar 29  2004 corphtmlstats
  <snap>
  However when I execute a second ls a few seconds later, it can't map the group anymore:
  <snip>
  rth@mac-rth:~$ ls -l /Volumes/os/it
  total 696
  drwx------+ 1 rth  2181038096  16384 Nov 29 11:48 admin
  drwx------+ 1 rth  2181038096  16384 Mar 29  2004 corphtmlstats
  <snap>
  It seems that the mapping doesn't work anymore even tough nothing has changed in the meantime. The same behaviour can be seen on any folders on this share. With the first ls everything seems to be OK and with the 2nd execution the mapping is not correct anymore.
  From time to time it happens, that the mapping is correct again for single files or folders for a short period of time.
  Has anyone seen a similar behaviour so far?
  Thanks for your help.
  Cheers
  Raphi

  Sounds like an issue that has to do with JavaScript Origin policy. You'll have to use Domain Relaxing for this. Read all about it here:
  http://help.sap.com/saphelp_nw04/helpdata/en/59/87b54064c2742ae10000000a155106/frameset.htm
  here:
  http://help.sap.com/saphelp_nw04/helpdata/en/5e/473d4124b08739e10000000a1550b0/frameset.htm
  and here:
  http://help.sap.com/saphelp_nw04/helpdata/en/cb/f8751d8c6b254dac189f4029c76112/frameset.htm

• Window 8.1 system unable to access network shares via VPN connection

  Is there something inherent to Windows 8.1 that prevents it from accessing shares on a domain?
  I know that it cannot join a domain, but does that also mean that it cannot access shares which are on a domain?
  My problem is that I have several user that are running windows 8.1 that are connecting to our network via a VPN.
  The users have domain accounts but their computers as windows 8.1 cannot joined to the domain.
  So to access network shares they have to use their domain credentials to create a VPN connection.
  Once connected the user can RDP to systems on the domain using their domain accounts, so I know that their user names/passwords and permissions are correct. They can access these systems using the computer name, so I don't feel that I have a DNS issue.
  They can see the shares on our file server, but when they try to access their departments shared file, they receive an access denied message. There are a few shares that are completely wide open, shared to all users and all departments but they cannot access
  those shares either.
  You can ping the file server, from the the client when they are connected to the VPN but you just cannot access any of the shares.
  So...
  I am thinking that it has something to do with windows 8.1 and not being able to join a domain, but I cannot find anything to explicitly support this thought.
  Other users running a variety different OS (windows 7, OSX, Linux) can all access the shares without any problems via the VPN, so I am a little stumped.

  I have done some more testing and oddly enough I can map a drive if I use the IPaddress, but not the computer name, when checking the check box "connect using different credentials"and providing they users domain credentials.
  This seems to point to a DNS issue, one would think, but I can hit the file share server by name \\fileserver.dev.lan
  I can see all the shares, so dns seems to be fine right?
  So I don't understand why I can map a drive using do the IPaddress and not the machine name, but yet I can see and ping the server by name?
  When I try to create a mapped drive by machine name I receive the following message:
  Windows cannot access \\fileserver.dev.lan\all
  You do not have permissions to access \\fileserver.dev.lan. contact your network administrator  to request access.
  But if I use the \\x.x.x.x\all using the very same user and password I get connected with no problem.
  This only seems to happen on windows 8.1, which leads me to think that has something to do with OS. 
  I am thinking about upgrading to windows 8.1 pro, but I don't want to go though the hassle and expanse is the OS is not the problem.

• Unable to access DFS shares when server 1 goes down

  Hello all,
  I have a test domain I am building in order to prepare for a new domain we are going to create. We currently have an SBS 2003 that is reaching the end of its' life. We are going to start fresh. I have setup domain-based DFS along with DFS folder replication
  for each of the folders. So far, all is working ok, up to this point.
  Replication is occurring as it should and my Hyper-V test machines can connect to the mapped drives via the DFS namespace.
  \\domain\namespace\target folder
  However, once I shut down the primary server (SRV01) I am no longer able to access the shares. The namespace servers tab on the center window of the namespace MMC, has both SRV01 and 02 listed. I receive no errors except "Unable to connect to \\domain\namespace\target
  folder because it is unavailable". It is not "failing over" to the secondary available server.
  Once I power SRV01 back up, connectivity is then restored to the folders and mapped drives. Is there something I should check for, or am missing?
  Any and all insight is appreciated.
  Dario Garcia

  Hi,
  1. Run DFSUTIL /pktinfo to see if the referral target is still the primary server when it is actually down.
  If so, run DFSUTIL /pktflush to flush the cached information and try to access the namespace again.
  2. If 1 cannot help, whether DNS is also configged on primary server? If so, as it is down,
  \\domain may not be recognized.
  TechNet Subscriber Support in forum |If you have any feedback on our support, please contact [email protected]

• Network Media Player (Noontec V9-T) unable to access network shares on WIN8 Pro

  I have just upgraded from Windows 7 home premium 64 bit to Windows 8 Pro 64 bit. After the upgrade, I made sure my video library was shared (both with the homegroup and my username) and that network discovery was enabled file sharing enabled etc etc.
  On the Noontec Media centre I can see the workgoup called WORKGROUP. When I click on it I can see the name of my PC. But when I click on the pc name to log in to access the shares within it comes up with a username/pass box comes up. I then put in my username/pass
  on the windows 8 pro machine, to which the Noontec receives an error message stating cannot login.
  Previously I had enabled sharing with everyone (read only) on windows 7 home and this username/pass dialog box never appeared. Just said successful logon. So i tried sharing video library with "everyone" in windows 8 pro, the unit still can't log on.
  I believe this noontec uses Samba. The last updated samba file was named "samba_3.0.23c_mipsel.ipk" when I updated the media players samba about 9 months-a year ago. i have checked the manufacturers website, there has been no further updates released.
  Is there a way for me to access network shares from this media centre by maybe installing a new samba server on the windows 8 machine that is compatible with older samba clients? I am not savy with samba clients/servers at all, I just loved the way XP network
  shares always seemed to work across multiple platforms... and win7/8 doesn't. Help anyone?

  A lot of these media players will not work correctly. If your Video files are stored as .avi, MKV, MP4 etc.. pretty much anything excpet for .ISO, the best way is to use Plex media server on the windows 8 PC. It's free and should allow you to organise files
  and libraries as you want.In fact, it's my preferred access method now, as most, smart TVs also support plex and support it well....allowing me to play the files directly in my smart TV, without using the Media players.
  In addition if you have an Android tablet or phone, you can (if you want) access your media files from Plex using Media Monkey (free) and simply play them direct to the TV, Media Monkey simply hands the data stream over to the smart TV.
  I have a similar set of media players and exactly the same problem with windows 8,8.1, previous shares on versions 7, vist etc..work perfectly. I use a free application on my android phone to remote start my media server/s (via the network card).
  Shutter Light - Free monitoring activity and network data, to prevent unwanted sleep during Videos and to ensure the PC goes into sleep mode (disabling windows power management)
  Plex simplifies everything and acts as a great central server for all types of devices and can bring media files together from different Directories/Disks, in to one set of Libraries.

• Unable to run my application using java web start

  i have created one application and use java web start to download the application. all the files are succesfully downloaded but when i try to run the application an expected error occur. this only happen in my machine but not in other machine i'm currently using
  -jsdk1.4.2
  -windows 2000 professional 5.00.2195 service pack 3
  -pentium III 870 Mhz
  -x86-based PC
  -RAM 256 Mhz
  Anyone knows why, plz help me with this puzzle

  Please post the information from the Web Start "Exception" and "Wrapped Exception" tabs when the error occurs (I assume the error was in fact unexpected ;-)
  A blind stab in the dark would be that you don't have write permission to the cache directory on the second machine. Also worth checking that the proxy settings on the second machine are the same as the first (if they are on the same network).