cannot access network shares on domain - export all network settings in windows 7 for troubleshooting

4

2

I am on a domain computer running Windows 7 Enterprise. I am having trouble accessing network drives and network shares (including network printers). I am able to access the internet fine.

I have to wait a very long time for windows explorer to eventually give an error when clicking on a network drive as says that the network share location refers to a location that is unavailable. When clicking on a link to the network share location, e.g. \\nas\sharename, the progress bar in the address bar takes a very long time and sits there with the red x to cancel then says that the location is not accessible. I have also gotten error code 0x80004005, unspecified error, when trying to access network shares that were on a workgroup. I was able to ping the other computer that was on the workgroup but not access or browse network shares.

Other programs that access network share also hang for a very long time before doing anything. This has happened after I login with my username and password, which I believe is because group policy is trying to access a network share. If I unplug my network cable I can login after a few minutes as opposed to 20 minutes or so.

I have System Center Endpoint Protection (SCEP) that has real-time protection turned on. It has settings to scan all downloads, monitor all files, behavior monitoring enabled, and Network Inspection System enabled. I am not able to change any of these settings since they are set by group policy.

I have looked at a lot of different online forums for solutions including

I tried the following

Control Panel "Network and Sharing Center" "Advanced sharing settings"

  • Home or Work
    • Turn on network discovery
    • Turn on file and printer sharing
    • Turn on sharing so anyone with network access can read and write files in the Public folders
    • Media streaming is off
    • Use 128-bit encryption to help protect file sharing connections (recommended)
    • Use user accounts and passwords to connect to other computers
  • Domain (current profile)
    • Turn on network discovery
    • Turn on file and printer sharing
    • Turn on sharing so anyone with network access can read and write files in the Public folders
    • Use 128-bit encryption to help protect file sharing connections (recommended)

Network Connections (ncpa.cpl)

  • Cisco AnyConnect Secure Mobility Client Connection
    • Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
  • Local Area Connection
    • Intel(R) Ethernet Connection I217-LM
  • Wireless Network Connection
    • Intel(R) Dual Band Wireless-AC 7260
  • Wireless Network Connection 4
    • Microsoft Virtual WiFi Miniport Adapter #3
  • Wireless Network Connection 5
    • Microsoft Virtual WiFi Miniport Adapter #4

The Local Area Connection has the following

  • Client for Microsoft Networks
  • QoS Packet Scheduler
  • File and Printer Sharing for Microsoft Networks
  • (unchecked) Internet Protocol Version 6 (TCP/IPv6) Properties
  • Internet Protocol Version 4 (TCP/IPv4) Properties
    • Obtain an IPv6 address automatically
    • Obtain DNS server address automatically
    • Validate Settings upon exit: (grayed out)
    • Advanced: IP Settings: IP addresses: DHCP Enabled
    • Advanced: IP Settings: Default gateways: (none listed)
    • Advanced: IP Settings: Automatic metric: (checked)
    • Advanced: DNS: DNS server addresses, in order of use: (none listed)
    • Advanced: DNS: For resolution of unqualified names: (has list of DNS suffixes, grayed out, set by group policy)
    • Advanced: DNS: Register this connection's addresses in DNS: (checked)
    • Advanced: DNS: Use this connection's DNS suffix in DNS registration: (not checked)
    • Advanced: WINS: WINS addresses, in order of use: (none listed)
    • Advanced: WINS: Enable LMHOSTS lookup (checked)
    • Advanced: WINS: NetBIOS setting: Default (Use NetBIOS setting from the DHCP server. If static IP address is used or the DHCP server does not provide NetBIOS setting, enable NetBIOS over TCP/IP
  • Link-Layer Topology Discovery Mapper I/O Driver
  • Link-Layer Topology Discovery Responder

Local Security Policy (secpol.msc)

"Local Policies" "Security Options"

  • "Network Security: LAN Manager authentication level"
    • "Send LM & NTLM - use NTLMv2 session security if negotiated"

Local Group Policy Editor (gpedit.msc)

"Computer Configuration" "Windows Settings" "Security Settings" "Local Policies" "Security Options"

  • Enabled policies
    • Network access: Allow anonymous SID/name translation (was disabled =now enabled)
    • Network access: Let Everyone permissions apply to anonymous users (was disabled =now enabled)
  • Disabled policies
    • Network access: Restrict anonymous access to Named Pipes and Shares (was enabled =now disabled)
    • Network access: Do not allow anonymous enumeration of SAM accounts (was enabled =now disabled)
    • Network access: Do not allow anonymous enumeration of SAM accounts and shares (no change)
    • Microsoft network client: Digitally sign communications (always) (no change)

Tried updating group policy using the command gpupdate /force

The processing of Group Policy failed. Windows attempted to read the file xxx from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:

a) Name Resolution/Network Connectivity to the current domain controller.

b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).

c) The Distributed File System (DFS) client has been disabled.

Tried checking system files using sfc /verifyonly

Verification 100% complete.

Windows Resource Protection did not find any integrity violations.

Services

Here is a list of some services

  • Computer Browser (Manual) (Started)
  • DHCP Client (Automatic) (Started)
  • DNS Client (Automatic) (Started)
  • IP Helper (Automatic) (Started)
  • Microsoft Network Inspection (Manual) (Started)
  • Network Access Protection Agent (Manual)
  • Network Connections (Automatic) (Started)
  • Network List Service (Manual) (Started)
  • Network Location Awareness (Automatic) (Started)
  • Network Store Interface Service (Automatic) (Started)
  • Server (Automatic) (Started)
  • TCP/IP NetBIOS Helper (Automatic) (Started)
  • Workstation (Automatic) (Started)

Network Provider settings

The order listed under HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider has listed for both HWOrder and Order

  • RDPNP,LanmanWorkstation,webclient

configuration change history

I looked at the MSI installer history around the time the problems started happening. I had recently gotten a new computer. I believe IT installed McAfee DLP Endpoint and ManageEngine AssetExplorer Agent. I believe IT had also activated Trusted Platform Module (TPM) in the BIOS. I had installed Visual C++ redistributable, Java runtime, and .NET Framework recently.

Our IT technician who used to work on our systems recently left the company. We had a temporary contract worker for a couple weeks, but IT decided to get someone else, so we are currently without someone to help.

UPDATE: Network Connections

For all Network Connections (ncpa.cpl) went in and unchecked TCP/IPv6 for all adapters

  • (unchecked) Internet Protocol Version 6 (TCP/IPv6) Properties

UPDATE: Can Access Some Shares but not all

I am currently able to access some network shares, but not all of them, such as the network server that hosts our printers, so I can't print.

I tried to access those network shares by appending the fully qualified domain name FQDN at the end of the share name, as well as entering in the IP addresss manually. I am able to ping the servers/shares, however I do not have access:

  • I will get unspecified error 0x80004005 when trying to access with windows explorer
  • When trying to map a drive for example with net use Z: \\NetworkServerName\NetworkShareName /P:Yes it returns System error 64 has occurred

UPDATE: Domain Controller Queries

When I run the following commands I found in the thread :

nltest /sc_query:domain

nltest /dclist:domain

w32tm /query /source

I am able to get the names of the domain controllers successfully

UPDATE: Reset Winsock and TCP/IP

I entered the following commands to reset Winsock and reset TCP/IP:

netsh winsock reset c:\winsock.log

netsh int ip reset c:\ipreset.log

and rebooted my computer, however still had the same problems.

UPDATE: Dhcp-Client Event Viewer Logs

for Dhcp-Client logs there are warnings whenever I try to access network shares and fail:

  • Offer Receive Timeout has happened in the Interface Id 21
  • Offer Receive Timeout has happened in the Interface Id 20

UPDATE: Static Route Table

I found out that those warnings listed in the DHCP event viewer logs were for Microsoft Virtual WiFi Miniport Adapters receiving timeouts

route print

===========================================================================
Interface List
 21...da fc 93 53 a8 e1 ......Microsoft Virtual WiFi Miniport Adapter #4
 20...da fc 93 53 a8 e0 ......Microsoft Virtual WiFi Miniport Adapter #3
 15...34 e6 d7 22 a2 1e ......Intel(R) Ethernet Connection I217-LM
 14...d8 fc 93 53 a8 e0 ......Intel(R) Dual Band Wireless-AC 7260
  1...........................Software Loopback Interface 1
 38...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 39...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      172.27.24.1    172.27.24.167     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      172.27.24.0    255.255.255.0         On-link     172.27.24.167    266
    172.27.24.167  255.255.255.255         On-link     172.27.24.167    266
    172.27.24.255  255.255.255.255         On-link     172.27.24.167    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     172.27.24.167    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     172.27.24.167    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

I am not an expert and do not know if the Virtual WiFi Miniport Adapter is causing problems or there is something else that is missing...

UPDATE: Safe Mode with Networking (3/19)

I restarted in Safe Mode with Networking and I was able to access all of the network locations that I was not able to access previously. A difference that I noticed if I clicked on the network icon

  • while in safe mode with networking I was able to see NetBIOS machines, however,
  • when launching windows normally I am only able to see machines found with WSD or SSDP discovery methods

I am still waiting for IT to prepare an image to reconfigure the laptop from scratch, but I would prefer not to if there is another solution

ClearBlueSky85

Posted 2015-03-16T19:23:00.107

Reputation: 356

Could it be a simple thing as the network card speed setting causing a bottleneck? I.e. The card is set to "auto-negotiate" and it's recognised a gigabit connection on a 100MBps LAN/switches? We've had the same symptoms and forcing the card to 100Mbps/full duplex fixed it. – Kinnectus – 2015-03-16T19:46:44.380

The client should be using the DC as it's (only) DNS source; but you say you have "blank", which isn't right. Also you need to define a gateway, which again, you claim is blank, so I'm surprised you're getting anywhere. :) – Ƭᴇcʜιᴇ007 – 2015-03-16T20:28:27.093

I'm pretty sure we have gigabit lan switches. This is on a new laptop I got recently that may have not been setup correctly. I believe my old laptop had a gigabit connection. – ClearBlueSky85 – 2015-03-18T23:22:55.290

For the DNS and gateway, when I said blank, I meant that it is configured to get the addresses automatically, and that there are no manual entries listed – ClearBlueSky85 – 2015-03-18T23:23:56.260

Did you find a solution? I have the exact same problem - when trying to access our domain network on file share level, I receive a long delay in response which result in a semaphore timeout (RDP works fine). I am running Windows 10 Enterprise - and only thing I can come to think of is, that I uninstalled Hyper-V recently.

Fileshares on other domains works fine; primary domain (and its trustees) is the only one affected. – Michael Mortensen – 2015-08-06T08:26:14.557

Answers

1

I had to go to the local area connection, open properties, select ipv4, then advanced - to to DNS tab and uncheck "append thse DNS suffixes" and check "append primary and connection specific DNS suffixes"

Lucida Consol

Posted 2015-03-16T19:23:00.107

Reputation: 11

Yes, this fix worked for me although I am unsure if it would have fixed the original poster's problem. My problem was that someone had configured the DNS tab of my ethernet adapter to use a different (trusted) domain name for DNS suffixes instead of the computer's primary domain. So when we tried to go to \computername it was trying to reach out to \computername.otherdomain.local instead of \computername.mydomain.local. Cursing whatever admin did that on this machine. – sdek – 2017-07-12T20:58:25.917

1

It may due to port 445 or 139 is blocked by firewall or security software(like McAfee). Try to check whether you are able to telnet port 445 from other machine. If not, you may try to disable firewall and security software.

user2345656

Posted 2015-03-16T19:23:00.107

Reputation: 11

thanks mate. working – Bimal Das – 2019-08-27T09:30:41.130

-1

Go to Start menu -> Run Services.msc -> Restart Computer Browser service. Check to see if Domain network PC's are Displayed...

Suhas

Posted 2015-03-16T19:23:00.107

Reputation: 1

1This is not an answer, avoid to post comments as asnwers, and Welcome to SU. – Francisco Tapia – 2015-09-14T11:37:03.810