We have an SBS 2003 server, with a Windows XP Professional (domain-joined) PC connecting from a remote site via VPN (LogMeIn Hamachi).
One domain user account is unable to browse any shares on the server from the remote PC (despite having the same security group membership as the other domain user accounts).
Browsing "\\server\share" is successful with all other domain user accounts on this PC, and this user account works perfectly on all PCs in the main office (just not on this remote PC connecting via VPN).
This is the error I get when trying to browse network shares with this account:
Pinging the server is successful (has no trouble resolving hostname to IP).
I have deleted and recreated the domain user profile on this PC- but it made no difference (so not a corrupted profile issue).
Disabling the firewall on the server and workstation made no difference.
I have not posted the results of ipconfig here as they are identical for the problematic user account and all the working domain user accounts.
- browsing to "\\server" does not list any shares on the server (whereas it does with all other domain accounts).
browsing the server by IP (rather than hostname) also fails ("\\192.168.1.50\share"), suggesting this is not a NetBIOS issue.
rejoining the PC to the domain did not resolve the issue
resetting the password on this domain user account did not resolve the issue
browsing to "\\server" does work when testing the problematic domain user account using a different Windows XP PC on the domain.
We only have 1 PC at the remote site that connects via VPN, so it is difficult to say if the (fairly slow) VPN connection is somehow causing the issue here, or if there is something wrong with the PC itself.
The other PC I tested today was in the main office (on the LAN, rather than relying on VPN to communicate with the DC).
If necessary, I can move the problematic PC up to the main office temporarily so we can narrow down if the problem is related to VPN or the PC itself.
Any suggestions of further troubleshooting steps I can try would be much appreciated.
Update:
I just noticed something very strange when doing further troubleshooting:
When this domain user is added to one particular security group, they can no longer see any shares on the server. However, if the user is not a member of this security group, then ("\\server") does show a list of all shares on the server.
How could being a member of a security group cause network shares on a server not to be displayed when browsing by UNC path? We have been using this security group for over 4 years without problems (and, even now, it does not affect other users in this way).
Also, the Application Log on the workstation has errors stating that the DC cannot be contacted- but this only seems to be happening when the logged in user is a member of the problematic security group: