Network shares to DC disconnect at remote site.

First post....

Brief description:

We have two buildings connected via two devices owned by our isp. It's not a
vpn, the device, some sort of media converter I know nothing about) basically
just forwards all traffic from one building to another. both buildings are on
different subnets and our firewall/vpn device at our main building routes
traffic. No changes have been made to the firewall/vpn device.
I have recently implemented a new AD domain using a new 2003 R2 SP2 server.
It includes both 2003 and 2000 member servers. I also implemented a new
Exchange 2007 server on Windows Server 2003R2x64. My primary DC and backup DC
are both running Server 2003 R2

Problem Description:

Almost two weeks after implementation users in the remote site could no
longer access data on the primary domain controller. To my knowledge no
changes were made to any security/network/file share settings.

I can ping the pdc from the remote subnet using either it's name or ip
address, nslookup does not pinpoint any dns issues. I can see the shares
using \\servername and I can map drives no problem. Logion scripts run
without error as well. Permissions are not an issue as the users can access
the data if they login at a workstation at the building where the servers
sit...and it happens when using the administrator account or any account with
full read/write access.

However, if I try to copy a file from the pdc to the workstation it starts
and then almost immediately fails with the error:"The specified network name
is no longer available".

If I try to open a file (spreadsheet, pdf, word doc, etc.) I get the
following error: "file cannot be access. The file may be read-only, you may
be accessing a read-only location, or the server the file is on may not be
responding".

Also, on the win 2000 clients the mapped drives show up as disconnect and if
you leave windows explorer open they sometimes change in name from the format
<folder name on server> (ex: “shared on pdc (S�) to just <Network folder>
(“Network Folder (S�) and when you try to access the drive you get the
message: "The local device name is already in use, the connection has not
been restored". Clicking 'ok' and trying again will usually result in the
shared data being displayed but nobody can access it, read from, copy from,
or save to the shared drives.
The funny (or disturbing?) thing for me is that this problem only happens
with shares on our Primary Domain Controller. If I setup test shares on other
member servers, even the other 2003 R2 member servers or the backup domain
controller they can be mapped, read, copied from, saved to, and files can be
opened.

I must admit I am baffled. I have checked security on the shared folders and
I have full access. The firewall service on the DC is turned off.

Does anyone have any idea what could cause such a problem. The local subnet
in the building where the server is located does not have any issues
connecting to shared drives, this only happens with my users in the remote
building.

At first I thought it might be an issue with the device the allows the data
to go from one building to the other but after further testing and seeing the
symptoms I have posted here I'm not so sure. It points to an issue with only
the PDC and only from traffic coming from the remote subnet but I don't know
where else to turn now.

I do not have a backup domain controller at the remote site (only 8 machines
so I used host and lmhost files)...do you think this would help?

One more piece of info I gathered in my testing. If I create a vpn in
windows networking on the client and connect to our server using this vpn
client they can then access the shares and data ok, disconnect the vpn and
the problem comes back. I don't really want to buy hardware devices to create
a vpn tunnel between buildings as the current configuration did work up until
last week?

Any insight would be much appreciated.

Hello-
If you have any SOLUTIONS to this problem, PLEASE e-mail them to me at
(E-Mail Removed).......

We have been fighting this problem for 7 months now.....

"EPfaffinger" wrote:

> First post....
>
> Brief description:
>
> We have two buildings connected via two devices owned by our isp. It's not a
> vpn, the device, some sort of media converter I know nothing about) basically
> just forwards all traffic from one building to another. both buildings are on
> different subnets and our firewall/vpn device at our main building routes
> traffic. No changes have been made to the firewall/vpn device.
> I have recently implemented a new AD domain using a new 2003 R2 SP2 server.
> It includes both 2003 and 2000 member servers. I also implemented a new
> Exchange 2007 server on Windows Server 2003R2x64. My primary DC and backup DC
> are both running Server 2003 R2
>
> Problem Description:
>
> Almost two weeks after implementation users in the remote site could no
> longer access data on the primary domain controller. To my knowledge no
> changes were made to any security/network/file share settings.
>
> I can ping the pdc from the remote subnet using either it's name or ip
> address, nslookup does not pinpoint any dns issues. I can see the shares
> using \\servername and I can map drives no problem. Logion scripts run
> without error as well. Permissions are not an issue as the users can access
> the data if they login at a workstation at the building where the servers
> sit...and it happens when using the administrator account or any account with
> full read/write access.
>
> However, if I try to copy a file from the pdc to the workstation it starts
> and then almost immediately fails with the error:"The specified network name
> is no longer available".
>
> If I try to open a file (spreadsheet, pdf, word doc, etc.) I get the
> following error: "file cannot be access. The file may be read-only, you may
> be accessing a read-only location, or the server the file is on may not be
> responding".
>
> Also, on the win 2000 clients the mapped drives show up as disconnect and if
> you leave windows explorer open they sometimes change in name from the format
> <folder name on server> (ex: “shared on pdc (S�) to just <Network folder>
> (“Network Folder (S�) and when you try to access the drive you get the
> message: "The local device name is already in use, the connection has not
> been restored". Clicking 'ok' and trying again will usually result in the
> shared data being displayed but nobody can access it, read from, copy from,
> or save to the shared drives.
> The funny (or disturbing?) thing for me is that this problem only happens
> with shares on our Primary Domain Controller. If I setup test shares on other
> member servers, even the other 2003 R2 member servers or the backup domain
> controller they can be mapped, read, copied from, saved to, and files can be
> opened.
>
> I must admit I am baffled. I have checked security on the shared folders and
> I have full access. The firewall service on the DC is turned off.
>
> Does anyone have any idea what could cause such a problem. The local subnet
> in the building where the server is located does not have any issues
> connecting to shared drives, this only happens with my users in the remote
> building.
>
> At first I thought it might be an issue with the device the allows the data
> to go from one building to the other but after further testing and seeing the
> symptoms I have posted here I'm not so sure. It points to an issue with only
> the PDC and only from traffic coming from the remote subnet but I don't know
> where else to turn now.
>
> I do not have a backup domain controller at the remote site (only 8 machines
> so I used host and lmhost files)...do you think this would help?
>
> One more piece of info I gathered in my testing. If I create a vpn in
> windows networking on the client and connect to our server using this vpn
> client they can then access the shares and data ok, disconnect the vpn and
> the problem comes back. I don't really want to buy hardware devices to create
> a vpn tunnel between buildings as the current configuration did work up until
> last week?
>
> Any insight would be much appreciated.
>

I have searched everywhere without success. I must say I am disappointed that
I have not heard anything from anyone on this forum? It has to have something
to do with the Server 2003 domain controller but I have not found anything
different in the security settings than the other 2003 servers, at least
nothing that has worked? I find it very strange that it is only with the
Primary DC, backup DC's do not have the same problem?

"Michael" wrote:

> Hello-
> If you have any SOLUTIONS to this problem, PLEASE e-mail them to me at
> (E-Mail Removed).......
>
> We have been fighting this problem for 7 months now.....
>