Renamed server, can't connect...

We renamed a server, and replaced it with another server that has taken
the old server's name and IP.

DNS and WINS show the right IP to the right name, I can ping it by name.
But when I go Start-->Run-->\\Servername I get "Windows cannot find
'\\Servername.domain.com'. Check spelling blah blah"

Where should I look? I can ping, connect via TS. But cannot access
shares, and if I try to "manage" the server remotely I get "Computer
\\Servernam cannot be managed. The semaphore timeout period has expired."

I've never had this problem before, is it WINS or something like that?
Netbios over TCP/IP is enabled if that helps.


Thanks!

Try using the IP address to access it instead of the name to see if that
helps as in \\xxx.xxx.xxx.xxx\share or use the IP address in Computer
Management. At the command prompt run nbtstat -RR and Ipconfig /registerdns.
Check the wins and dns records to make sure they are correct. It would help
to know if this is a domain computer, what operating system, what type of
server, etc. Windows 2003 Server has a built in firewall that you would want
to check the configuration of if enabled. Look in Event Viewer for any
pertinent errors and make sure that the server service is running and that
netbios over tcp/ip is enabled in tcp/ip properties/advanced wins. The
nbtstat -n command should show at least three entries. If it is a Windows
2003 Server you may also want to open Local Security Policy and go to
security settings/local policies/security options and set the option for
Microsoft network server:digitally sign communications(always) to
ISABLED. --- Steve



"Jesse Gardner" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> We renamed a server, and replaced it with another server that has taken
> the old server's name and IP.
>
> DNS and WINS show the right IP to the right name, I can ping it by name.
> But when I go Start-->Run-->\\Servername I get "Windows cannot find
> '\\Servername.domain.com'. Check spelling blah blah"
>
> Where should I look? I can ping, connect via TS. But cannot access
> shares, and if I try to "manage" the server remotely I get "Computer
> \\Servernam cannot be managed. The semaphore timeout period has expired."
>
> I've never had this problem before, is it WINS or something like that?
> Netbios over TCP/IP is enabled if that helps.
>
>
> Thanks!

I don't think this will fix the problem but it is the first thing
you have to try: Install the Server Tools from the Server CD, and
then run a netdiag /fix and a dcdiag /fix on all domain controllers
If a second run of netdiag still indicates problems you'll have to
correct them manually.

But the errors you are seeing strongly suggest an SMB/NetBIOS
protocol misconfiguration or some problem with the RPC service.
Look in the event log for clues of course. Try removing ALL network
services and protocols and reinstalling and configuring them. If the
new server is Windows 2003 you can try disabling SMB
signing in group policy. See if you are able to connect via IPX or NetBEUI,
which would determine if it is just the IP transport of something deeper.

Steve Duff, MCSE, MVP
Ergodic Systems, Inc.

"Jesse Gardner" <(E-Mail Removed)> wrote in message news:(E-Mail Removed)...
> We renamed a server, and replaced it with another server that has taken
> the old server's name and IP.
>
> DNS and WINS show the right IP to the right name, I can ping it by name.
> But when I go Start-->Run-->\\Servername I get "Windows cannot find
> '\\Servername.domain.com'. Check spelling blah blah"
>
> Where should I look? I can ping, connect via TS. But cannot access
> shares, and if I try to "manage" the server remotely I get "Computer
> \\Servernam cannot be managed. The semaphore timeout period has expired."
>
> I've never had this problem before, is it WINS or something like that?
> Netbios over TCP/IP is enabled if that helps.
>
>
> Thanks!

Thanks for your reply, I've answered your questions below. Most
noteworthy is the nbtstat -n results.



Steven L Umbach wrote:

> Try using the IP address to access it instead of the name to see if that
> helps as in \\xxx.xxx.xxx.xxx\share or use the IP address in Computer
> Management.

Tried, didn't work.

At the command prompt run nbtstat -RR and Ipconfig /registerdns.
> Check the wins and dns records to make sure they are correct.

Tried, didn't seem to help.

It would help
> to know if this is a domain computer, what operating system, what type of
> server, etc.

Windows Server 2003 Enterprise w/ SQL 2000 Enterprise On an AD domain
in mixed mode.

Windows 2003 Server has a built in firewall that you would want
> to check the configuration of if enabled.

Internet connection firewall is not enabled.

Look in Event Viewer for any
> pertinent errors

No scary events.

and make sure that the server service is running

It's running.

and that
> netbios over tcp/ip is enabled in tcp/ip properties/advanced wins.

Yup.

The
> nbtstat -n command should show at least three entries.


!!! This is what I get !!!

C:\Documents and Settings\someuser>nbtstat -n

Local Area Connection 2:
Node IpAddress: [172.30.32.22] Scope Id: []

NetBIOS Local Name Table

Name Type Status
---------------------------------------------
THE_SERVER <00> UNIQUE Registered
AD_DOM <00> GROUP Registered
THE_SERVER <20> UNIQUE Registered
AD_DOM <1E> GROUP Registered


!!! Is there something missing? !!!



If it is a Windows
> 2003 Server you may also want to open Local Security Policy and go to
> security settings/local policies/security options and set the option for
> Microsoft network server:digitally sign communications(always) to
> ISABLED. --- Steve

It is disabled.



>
>
>
> "Jesse Gardner" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>
>>We renamed a server, and replaced it with another server that has taken
>>the old server's name and IP.
>>
>>DNS and WINS show the right IP to the right name, I can ping it by name.
>>But when I go Start-->Run-->\\Servername I get "Windows cannot find
>>'\\Servername.domain.com'. Check spelling blah blah"
>>
>>Where should I look? I can ping, connect via TS. But cannot access
>>shares, and if I try to "manage" the server remotely I get "Computer
>>\\Servernam cannot be managed. The semaphore timeout period has expired."
>>
>>I've never had this problem before, is it WINS or something like that?
>>Netbios over TCP/IP is enabled if that helps.
>>
>>
>>Thanks!
>
>
>

Hmm. Nbtstat looks like it might be OK. I just wanted you to run that to see
if it was registering names which would indicate the server, workstation
service, and netbios over tcp/ip are running. If you run netstat -an it
should show at least port 445 tcp and probably port 139 tcp listening. It is
puzzling that you can ping and connect via TS but not file and print
sharing. From another computer on the network I would use the portqry
utility to see if it reports ports 139 and or 445 as listening on your
problem server. See the link below on how to use portqry and where to
download it from. For instance use " portqry -n xxx.xxx.xxx.xxx -e 139 " to
find if port 139 tcp is available on the problem server [using it's IP
address] from a remote computer.

http://support.microsoft.com/default.aspx?kbid=310099

Since it is a domain computer try running the support tool netdiag on it to
see if any failed tests, warnings, or errors are reported that may give a
clue. The /v or debug switches can give more detailed info if you find a
problem as in " netdiag /test:dns /debug ". Netdiag and other support tools
are found on the install disk for the server operating system in the
support/tools folder where you will have to run the setup there to install
them. Be sure to pay attention to the winsock test also when you run
netdiag. Your nbtstat results indicate Local Area Connection 2. If the
computer has more than one nic make sure that the nic used for the local
lan/domain is at the top of the list in network
connections/advanced/advanced properties. -- Steve

"Jesse Gardner" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Thanks for your reply, I've answered your questions below. Most
> noteworthy is the nbtstat -n results.
>
>
>
> Steven L Umbach wrote:
>
>> Try using the IP address to access it instead of the name to see if that
>> helps as in \\xxx.xxx.xxx.xxx\share or use the IP address in Computer
>> Management.
>
> Tried, didn't work.
>
> At the command prompt run nbtstat -RR and Ipconfig /registerdns.
>> Check the wins and dns records to make sure they are correct.
>
> Tried, didn't seem to help.
>
> It would help
>> to know if this is a domain computer, what operating system, what type of
>> server, etc.
>
> Windows Server 2003 Enterprise w/ SQL 2000 Enterprise On an AD domain in
> mixed mode.
>
> Windows 2003 Server has a built in firewall that you would want
>> to check the configuration of if enabled.
>
> Internet connection firewall is not enabled.
>
> Look in Event Viewer for any
>> pertinent errors
>
> No scary events.
>
> and make sure that the server service is running
>
> It's running.
>
> and that
>> netbios over tcp/ip is enabled in tcp/ip properties/advanced wins.
>
> Yup.
>
> The
>> nbtstat -n command should show at least three entries.
>
>
> !!! This is what I get !!!
>
> C:\Documents and Settings\someuser>nbtstat -n
>
> Local Area Connection 2:
> Node IpAddress: [172.30.32.22] Scope Id: []
>
> NetBIOS Local Name Table
>
> Name Type Status
> ---------------------------------------------
> THE_SERVER <00> UNIQUE Registered
> AD_DOM <00> GROUP Registered
> THE_SERVER <20> UNIQUE Registered
> AD_DOM <1E> GROUP Registered
>
>
> !!! Is there something missing? !!!
>
>
>
> If it is a Windows
>> 2003 Server you may also want to open Local Security Policy and go to
>> security settings/local policies/security options and set the option for
>> Microsoft network server:digitally sign communications(always) to
>> ISABLED. --- Steve
>
> It is disabled.
>
>
>
>>
>>
>>
>> "Jesse Gardner" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>>
>>>We renamed a server, and replaced it with another server that has taken
>>>the old server's name and IP.
>>>
>>>DNS and WINS show the right IP to the right name, I can ping it by name.
>>>But when I go Start-->Run-->\\Servername I get "Windows cannot find
>>>'\\Servername.domain.com'. Check spelling blah blah"
>>>
>>>Where should I look? I can ping, connect via TS. But cannot access
>>>shares, and if I try to "manage" the server remotely I get "Computer
>>>\\Servernam cannot be managed. The semaphore timeout period has
>>>expired."
>>>
>>>I've never had this problem before, is it WINS or something like that?
>>>Netbios over TCP/IP is enabled if that helps.
>>>
>>>
>>>Thanks!
>>
>>

Thanks for your reply. Hopefully later today we can nuke the network
protocols, I'll report back after I figure out what is going on.



Steve Duff [MVP] wrote:

> I don't think this will fix the problem but it is the first thing
> you have to try: Install the Server Tools from the Server CD, and
> then run a netdiag /fix and a dcdiag /fix on all domain controllers
> If a second run of netdiag still indicates problems you'll have to
> correct them manually.
>
> But the errors you are seeing strongly suggest an SMB/NetBIOS
> protocol misconfiguration or some problem with the RPC service.
> Look in the event log for clues of course. Try removing ALL network
> services and protocols and reinstalling and configuring them. If the
> new server is Windows 2003 you can try disabling SMB
> signing in group policy. See if you are able to connect via IPX or NetBEUI,
> which would determine if it is just the IP transport of something deeper.
>
> Steve Duff, MCSE, MVP
> Ergodic Systems, Inc.
>
> "Jesse Gardner" <(E-Mail Removed)> wrote in message news:(E-Mail Removed)...
>
>>We renamed a server, and replaced it with another server that has taken
>>the old server's name and IP.
>>
>>DNS and WINS show the right IP to the right name, I can ping it by name.
>> But when I go Start-->Run-->\\Servername I get "Windows cannot find
>>'\\Servername.domain.com'. Check spelling blah blah"
>>
>>Where should I look? I can ping, connect via TS. But cannot access
>>shares, and if I try to "manage" the server remotely I get "Computer
>>\\Servernam cannot be managed. The semaphore timeout period has expired."
>>
>>I've never had this problem before, is it WINS or something like that?
>>Netbios over TCP/IP is enabled if that helps.
>>
>>
>>Thanks!
>
>
>

This is definately a weird one...

Well, I noticed that 445 was being knocked out by a access-list between
my VLAN and the server's VLAN. So when I allowed 445, I could connect.

My only problem with that is, I thought 139 is used if 445 can't be
accessed. (We have many servers that work without 445 permitted) This
server is the only problem child.

Here is a netstat -an on that machine:

C:\Documents and Settings\Someuser>netstat -an

Active Connections

Proto Local Address Foreign Address State
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1433 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2301 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2381 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5631 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49400 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49401 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49402 0.0.0.0:0 LISTENING
TCP 172.30.32.22:135 172.30.32.22:1115 ESTABLISHED
TCP 172.30.32.22:139 0.0.0.0:0 LISTENING
TCP 172.30.32.22:139 172.30.32.35:1088 ESTABLISHED
TCP 172.30.32.22:445 172.30.1.93:1299 ESTABLISHED
TCP 172.30.32.22:445 172.30.32.40:1088 ESTABLISHED
TCP 172.30.32.22:445 172.30.32.50:1132 ESTABLISHED
TCP 172.30.32.22:445 172.30.32.51:1094 ESTABLISHED
TCP 172.30.32.22:445 172.30.32.52:2662 ESTABLISHED
TCP 172.30.32.22:445 172.30.32.64:1082 ESTABLISHED
TCP 172.30.32.22:445 172.30.32.77:3290 ESTABLISHED
TCP 172.30.32.22:445 172.30.32.86:1086 ESTABLISHED
TCP 172.30.32.22:445 172.30.32.91:1086 ESTABLISHED
TCP 172.30.32.22:445 172.30.32.102:1096 ESTABLISHED
TCP 172.30.32.22:445 172.30.32.103:1086 ESTABLISHED
TCP 172.30.32.22:445 172.30.32.106:1096 ESTABLISHED
TCP 172.30.32.22:445 172.30.32.108:1089 ESTABLISHED
TCP 172.30.32.22:445 172.30.32.143:1073 ESTABLISHED
TCP 172.30.32.22:445 172.30.32.144:1068 ESTABLISHED
TCP 172.30.32.22:445 172.30.32.145:1086 ESTABLISHED
TCP 172.30.32.22:445 172.30.32.147:1229 ESTABLISHED
TCP 172.30.32.22:445 172.30.32.150:1069 ESTABLISHED
TCP 172.30.32.22:445 172.30.38.53:3248 ESTABLISHED
TCP 172.30.32.22:1115 172.30.32.22:135 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.21:2216 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.21:2401 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.26:1094 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.26:1095 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.26:1104 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.26:1112 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.35:1093 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.51:1097 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.60:1151 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.60:1461 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.60:1462 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.76:1032 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.76:1033 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.81:1034 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.81:1035 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.85:1092 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.86:1100 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.92:1052 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.92:1053 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.94:1050 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.94:1051 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.95:1053 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.95:1054 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.96:1032 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.96:1033 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.105:1216 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.105:1217 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.107:1057 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.107:1058 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.110:1096 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.110:1877 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.110:2649 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.110:2650 ESTABLISHED
TCP 172.30.32.22:1433 172.30.32.148:2224 ESTABLISHED
TCP 172.30.32.22:2117 172.30.1.91:135 ESTABLISHED
TCP 172.30.32.22:2118 172.30.1.91:1025 TIME_WAIT
TCP 172.30.32.22:2137 172.30.1.91:445 ESTABLISHED
TCP 172.30.32.22:2141 172.30.1.91:1025 ESTABLISHED
TCP 172.30.32.22:2145 172.30.1.91:389 TIME_WAIT
TCP 172.30.32.22:2146 172.30.1.91:389 TIME_WAIT
TCP 172.30.32.22:2147 172.30.1.91:139 TIME_WAIT
TCP 172.30.32.22:3389 172.30.1.25:48735 ESTABLISHED
TCP 172.30.32.22:3389 172.30.1.254:3957 ESTABLISHED
UDP 0.0.0.0:161 *:*
UDP 0.0.0.0:445 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:1027 *:*
UDP 0.0.0.0:1028 *:*
UDP 0.0.0.0:1029 *:*
UDP 0.0.0.0:1030 *:*
UDP 0.0.0.0:1070 *:*
UDP 0.0.0.0:1303 *:*
UDP 0.0.0.0:1434 *:*
UDP 0.0.0.0:2143 *:*
UDP 0.0.0.0:2153 *:*
UDP 0.0.0.0:2967 *:*
UDP 0.0.0.0:4500 *:*
UDP 0.0.0.0:5632 *:*
UDP 127.0.0.1:123 *:*
UDP 172.30.32.22:123 *:*
UDP 172.30.32.22:137 *:*
UDP 172.30.32.22:138 *:*


We are probably going to try removing and reinstalling the TCP/IP
protocall and all the network stuff. Hopefully this will help!?


Thanks for your time and help on this!




Steven L Umbach wrote:

> Hmm. Nbtstat looks like it might be OK. I just wanted you to run that to see
> if it was registering names which would indicate the server, workstation
> service, and netbios over tcp/ip are running. If you run netstat -an it
> should show at least port 445 tcp and probably port 139 tcp listening. It is
> puzzling that you can ping and connect via TS but not file and print
> sharing. From another computer on the network I would use the portqry
> utility to see if it reports ports 139 and or 445 as listening on your
> problem server. See the link below on how to use portqry and where to
> download it from. For instance use " portqry -n xxx.xxx.xxx.xxx -e 139 " to
> find if port 139 tcp is available on the problem server [using it's IP
> address] from a remote computer.
>
> http://support.microsoft.com/default.aspx?kbid=310099
>
> Since it is a domain computer try running the support tool netdiag on it to
> see if any failed tests, warnings, or errors are reported that may give a
> clue. The /v or debug switches can give more detailed info if you find a
> problem as in " netdiag /test:dns /debug ". Netdiag and other support tools
> are found on the install disk for the server operating system in the
> support/tools folder where you will have to run the setup there to install
> them. Be sure to pay attention to the winsock test also when you run
> netdiag. Your nbtstat results indicate Local Area Connection 2. If the
> computer has more than one nic make sure that the nic used for the local
> lan/domain is at the top of the list in network
> connections/advanced/advanced properties. -- Steve
>
> "Jesse Gardner" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>
>>Thanks for your reply, I've answered your questions below. Most
>>noteworthy is the nbtstat -n results.
>>
>>
>>
>>Steven L Umbach wrote:
>>
>>
>>>Try using the IP address to access it instead of the name to see if that
>>>helps as in \\xxx.xxx.xxx.xxx\share or use the IP address in Computer
>>>Management.
>>
>>Tried, didn't work.
>>
>>At the command prompt run nbtstat -RR and Ipconfig /registerdns.
>>
>>>Check the wins and dns records to make sure they are correct.
>>
>>Tried, didn't seem to help.
>>
>> It would help
>>
>>>to know if this is a domain computer, what operating system, what type of
>>>server, etc.
>>
>>Windows Server 2003 Enterprise w/ SQL 2000 Enterprise On an AD domain in
>>mixed mode.
>>
>>Windows 2003 Server has a built in firewall that you would want
>>
>>>to check the configuration of if enabled.
>>
>>Internet connection firewall is not enabled.
>>
>>Look in Event Viewer for any
>>
>>>pertinent errors
>>
>>No scary events.
>>
>>and make sure that the server service is running
>>
>>It's running.
>>
>>and that
>>
>>>netbios over tcp/ip is enabled in tcp/ip properties/advanced wins.
>>
>>Yup.
>>
>>The
>>
>>>nbtstat -n command should show at least three entries.
>>
>>
>>!!! This is what I get !!!
>>
>>C:\Documents and Settings\someuser>nbtstat -n
>>
>>Local Area Connection 2:
>>Node IpAddress: [172.30.32.22] Scope Id: []
>>
>> NetBIOS Local Name Table
>>
>> Name Type Status
>> ---------------------------------------------
>> THE_SERVER <00> UNIQUE Registered
>> AD_DOM <00> GROUP Registered
>> THE_SERVER <20> UNIQUE Registered
>> AD_DOM <1E> GROUP Registered
>>
>>
>>!!! Is there something missing? !!!
>>
>>
>>
>>If it is a Windows
>>
>>>2003 Server you may also want to open Local Security Policy and go to
>>>security settings/local policies/security options and set the option for
>>>Microsoft network server:digitally sign communications(always) to
>>>ISABLED. --- Steve
>>
>>It is disabled.
>>
>>
>>
>>
>>>
>>>
>>>"Jesse Gardner" <(E-Mail Removed)> wrote in message
>>>news:(E-Mail Removed)...
>>>
>>>
>>>>We renamed a server, and replaced it with another server that has taken
>>>>the old server's name and IP.
>>>>
>>>>DNS and WINS show the right IP to the right name, I can ping it by name.
>>>>But when I go Start-->Run-->\\Servername I get "Windows cannot find
>>>>'\\Servername.domain.com'. Check spelling blah blah"
>>>>
>>>>Where should I look? I can ping, connect via TS. But cannot access
>>>>shares, and if I try to "manage" the server remotely I get "Computer
>>>>\\Servernam cannot be managed. The semaphore timeout period has
>>>>expired."
>>>>
>>>>I've never had this problem before, is it WINS or something like that?
>>>>Netbios over TCP/IP is enabled if that helps.
>>>>
>>>>
>>>>Thanks!
>>>
>>>
>

I have the same understanding that port 139 should be used if netbios over
tcp/ip is enabled and it is not being blocked by tcp/ip filtering, ipsec
policy, firewall, etc. The portquery utility should tell if the remote
computer finds port 139 tcp available or not. Anyhow it sounds like you are
making some headway. --- Steve


"Jesse Gardner" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> This is definately a weird one...
>
> Well, I noticed that 445 was being knocked out by a access-list between my
> VLAN and the server's VLAN. So when I allowed 445, I could connect.
>
> My only problem with that is, I thought 139 is used if 445 can't be
> accessed. (We have many servers that work without 445 permitted) This
> server is the only problem child.
>
> Here is a netstat -an on that machine:
>
> C:\Documents and Settings\Someuser>netstat -an
>
> Active Connections
>
> Proto Local Address Foreign Address State
> TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:1433 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:2301 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:2381 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:5631 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:49400 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:49401 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:49402 0.0.0.0:0 LISTENING
> TCP 172.30.32.22:135 172.30.32.22:1115 ESTABLISHED
> TCP 172.30.32.22:139 0.0.0.0:0 LISTENING
> TCP 172.30.32.22:139 172.30.32.35:1088 ESTABLISHED
> TCP 172.30.32.22:445 172.30.1.93:1299 ESTABLISHED
> TCP 172.30.32.22:445 172.30.32.40:1088 ESTABLISHED
> TCP 172.30.32.22:445 172.30.32.50:1132 ESTABLISHED
> TCP 172.30.32.22:445 172.30.32.51:1094 ESTABLISHED
> TCP 172.30.32.22:445 172.30.32.52:2662 ESTABLISHED
> TCP 172.30.32.22:445 172.30.32.64:1082 ESTABLISHED
> TCP 172.30.32.22:445 172.30.32.77:3290 ESTABLISHED
> TCP 172.30.32.22:445 172.30.32.86:1086 ESTABLISHED
> TCP 172.30.32.22:445 172.30.32.91:1086 ESTABLISHED
> TCP 172.30.32.22:445 172.30.32.102:1096 ESTABLISHED
> TCP 172.30.32.22:445 172.30.32.103:1086 ESTABLISHED
> TCP 172.30.32.22:445 172.30.32.106:1096 ESTABLISHED
> TCP 172.30.32.22:445 172.30.32.108:1089 ESTABLISHED
> TCP 172.30.32.22:445 172.30.32.143:1073 ESTABLISHED
> TCP 172.30.32.22:445 172.30.32.144:1068 ESTABLISHED
> TCP 172.30.32.22:445 172.30.32.145:1086 ESTABLISHED
> TCP 172.30.32.22:445 172.30.32.147:1229 ESTABLISHED
> TCP 172.30.32.22:445 172.30.32.150:1069 ESTABLISHED
> TCP 172.30.32.22:445 172.30.38.53:3248 ESTABLISHED
> TCP 172.30.32.22:1115 172.30.32.22:135 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.21:2216 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.21:2401 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.26:1094 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.26:1095 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.26:1104 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.26:1112 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.35:1093 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.51:1097 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.60:1151 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.60:1461 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.60:1462 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.76:1032 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.76:1033 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.81:1034 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.81:1035 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.85:1092 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.86:1100 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.92:1052 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.92:1053 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.94:1050 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.94:1051 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.95:1053 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.95:1054 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.96:1032 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.96:1033 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.105:1216 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.105:1217 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.107:1057 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.107:1058 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.110:1096 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.110:1877 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.110:2649 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.110:2650 ESTABLISHED
> TCP 172.30.32.22:1433 172.30.32.148:2224 ESTABLISHED
> TCP 172.30.32.22:2117 172.30.1.91:135 ESTABLISHED
> TCP 172.30.32.22:2118 172.30.1.91:1025 TIME_WAIT
> TCP 172.30.32.22:2137 172.30.1.91:445 ESTABLISHED
> TCP 172.30.32.22:2141 172.30.1.91:1025 ESTABLISHED
> TCP 172.30.32.22:2145 172.30.1.91:389 TIME_WAIT
> TCP 172.30.32.22:2146 172.30.1.91:389 TIME_WAIT
> TCP 172.30.32.22:2147 172.30.1.91:139 TIME_WAIT
> TCP 172.30.32.22:3389 172.30.1.25:48735 ESTABLISHED
> TCP 172.30.32.22:3389 172.30.1.254:3957 ESTABLISHED
> UDP 0.0.0.0:161 *:*
> UDP 0.0.0.0:445 *:*
> UDP 0.0.0.0:500 *:*
> UDP 0.0.0.0:1027 *:*
> UDP 0.0.0.0:1028 *:*
> UDP 0.0.0.0:1029 *:*
> UDP 0.0.0.0:1030 *:*
> UDP 0.0.0.0:1070 *:*
> UDP 0.0.0.0:1303 *:*
> UDP 0.0.0.0:1434 *:*
> UDP 0.0.0.0:2143 *:*
> UDP 0.0.0.0:2153 *:*
> UDP 0.0.0.0:2967 *:*
> UDP 0.0.0.0:4500 *:*
> UDP 0.0.0.0:5632 *:*
> UDP 127.0.0.1:123 *:*
> UDP 172.30.32.22:123 *:*
> UDP 172.30.32.22:137 *:*
> UDP 172.30.32.22:138 *:*
>
>
> We are probably going to try removing and reinstalling the TCP/IP
> protocall and all the network stuff. Hopefully this will help!?
>
>
> Thanks for your time and help on this!
>
>
>
>
> Steven L Umbach wrote:
>
>> Hmm. Nbtstat looks like it might be OK. I just wanted you to run that to
>> see if it was registering names which would indicate the server,
>> workstation service, and netbios over tcp/ip are running. If you run
>> netstat -an it should show at least port 445 tcp and probably port 139
>> tcp listening. It is puzzling that you can ping and connect via TS but
>> not file and print sharing. From another computer on the network I would
>> use the portqry utility to see if it reports ports 139 and or 445 as
>> listening on your problem server. See the link below on how to use
>> portqry and where to download it from. For instance use " portqry -n
>> xxx.xxx.xxx.xxx -e 139 " to find if port 139 tcp is available on the
>> problem server [using it's IP address] from a remote computer.
>>
>> http://support.microsoft.com/default.aspx?kbid=310099
>>
>> Since it is a domain computer try running the support tool netdiag on it
>> to see if any failed tests, warnings, or errors are reported that may
>> give a clue. The /v or debug switches can give more detailed info if you
>> find a problem as in " netdiag /test:dns /debug ". Netdiag and other
>> support tools are found on the install disk for the server operating
>> system in the support/tools folder where you will have to run the setup
>> there to install them. Be sure to pay attention to the winsock test also
>> when you run netdiag. Your nbtstat results indicate Local Area
>> Connection 2. If the computer has more than one nic make sure that the
>> nic used for the local lan/domain is at the top of the list in network
>> connections/advanced/advanced properties. -- Steve
>>
>> "Jesse Gardner" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>>
>>>Thanks for your reply, I've answered your questions below. Most
>>>noteworthy is the nbtstat -n results.
>>>
>>>
>>>
>>>Steven L Umbach wrote:
>>>
>>>
>>>>Try using the IP address to access it instead of the name to see if that
>>>>helps as in \\xxx.xxx.xxx.xxx\share or use the IP address in Computer
>>>>Management.
>>>
>>>Tried, didn't work.
>>>
>>>At the command prompt run nbtstat -RR and Ipconfig /registerdns.
>>>
>>>>Check the wins and dns records to make sure they are correct.
>>>
>>>Tried, didn't seem to help.
>>>
>>> It would help
>>>
>>>>to know if this is a domain computer, what operating system, what type
>>>>of server, etc.
>>>
>>>Windows Server 2003 Enterprise w/ SQL 2000 Enterprise On an AD domain in
>>>mixed mode.
>>>
>>>Windows 2003 Server has a built in firewall that you would want
>>>
>>>>to check the configuration of if enabled.
>>>
>>>Internet connection firewall is not enabled.
>>>
>>>Look in Event Viewer for any
>>>
>>>>pertinent errors
>>>
>>>No scary events.
>>>
>>>and make sure that the server service is running
>>>
>>>It's running.
>>>
>>>and that
>>>
>>>>netbios over tcp/ip is enabled in tcp/ip properties/advanced wins.
>>>
>>>Yup.
>>>
>>>The
>>>
>>>>nbtstat -n command should show at least three entries.
>>>
>>>
>>>!!! This is what I get !!!
>>>
>>>C:\Documents and Settings\someuser>nbtstat -n
>>>
>>>Local Area Connection 2:
>>>Node IpAddress: [172.30.32.22] Scope Id: []
>>>
>>> NetBIOS Local Name Table
>>>
>>> Name Type Status
>>> ---------------------------------------------
>>> THE_SERVER <00> UNIQUE Registered
>>> AD_DOM <00> GROUP Registered
>>> THE_SERVER <20> UNIQUE Registered
>>> AD_DOM <1E> GROUP Registered
>>>
>>>
>>>!!! Is there something missing? !!!
>>>
>>>
>>>
>>>If it is a Windows
>>>
>>>>2003 Server you may also want to open Local Security Policy and go to
>>>>security settings/local policies/security options and set the option for
>>>>Microsoft network server:digitally sign communications(always) to
>>>>ISABLED. --- Steve
>>>
>>>It is disabled.
>>>
>>>
>>>
>>>
>>>>
>>>>
>>>>"Jesse Gardner" <(E-Mail Removed)> wrote in message
>>>>news:(E-Mail Removed)...
>>>>
>>>>
>>>>>We renamed a server, and replaced it with another server that has taken
>>>>>the old server's name and IP.
>>>>>
>>>>>DNS and WINS show the right IP to the right name, I can ping it by
>>>>>name. But when I go Start-->Run-->\\Servername I get "Windows cannot
>>>>>find '\\Servername.domain.com'. Check spelling blah blah"
>>>>>
>>>>>Where should I look? I can ping, connect via TS. But cannot access
>>>>>shares, and if I try to "manage" the server remotely I get "Computer
>>>>>\\Servernam cannot be managed. The semaphore timeout period has
>>>>>expired."
>>>>>
>>>>>I've never had this problem before, is it WINS or something like that?
>>>>>Netbios over TCP/IP is enabled if that helps.
>>>>>
>>>>>
>>>>>Thanks!
>>>>
>>>>
>>

Thanks, that portqry is pretty cool, nice to have a command line port
scanner.

Anyway, the results...


C:\Documents and Settings\Me>portqry -n 172.30.32.22 -e 139

Querying target system called:

172.30.32.22

Attempting to resolve IP address to a name...


IP address resolved to server.domain.com

querying...

TCP port 139 (netbios-ssn service): LISTENING



But I still can't browse shares w/out 445 allowed. What is your
impression on this? (We are still waiting to reload TCP/IP)




Steven L Umbach wrote:

> I have the same understanding that port 139 should be used if netbios over
> tcp/ip is enabled and it is not being blocked by tcp/ip filtering, ipsec
> policy, firewall, etc. The portquery utility should tell if the remote
> computer finds port 139 tcp available or not. Anyhow it sounds like you are
> making some headway. --- Steve
>
>
> "Jesse Gardner" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>
>>This is definately a weird one...
>>
>>Well, I noticed that 445 was being knocked out by a access-list between my
>>VLAN and the server's VLAN. So when I allowed 445, I could connect.
>>
>>My only problem with that is, I thought 139 is used if 445 can't be
>>accessed. (We have many servers that work without 445 permitted) This
>>server is the only problem child.
>>
>>Here is a netstat -an on that machine:
>>
>>C:\Documents and Settings\Someuser>netstat -an
>>
>>Active Connections
>>
>> Proto Local Address Foreign Address State
>> TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
>> TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
>> TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
>> TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING
>> TCP 0.0.0.0:1433 0.0.0.0:0 LISTENING
>> TCP 0.0.0.0:2301 0.0.0.0:0 LISTENING
>> TCP 0.0.0.0:2381 0.0.0.0:0 LISTENING
>> TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
>> TCP 0.0.0.0:5631 0.0.0.0:0 LISTENING
>> TCP 0.0.0.0:49400 0.0.0.0:0 LISTENING
>> TCP 0.0.0.0:49401 0.0.0.0:0 LISTENING
>> TCP 0.0.0.0:49402 0.0.0.0:0 LISTENING
>> TCP 172.30.32.22:135 172.30.32.22:1115 ESTABLISHED
>> TCP 172.30.32.22:139 0.0.0.0:0 LISTENING
>> TCP 172.30.32.22:139 172.30.32.35:1088 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.1.93:1299 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.32.40:1088 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.32.50:1132 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.32.51:1094 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.32.52:2662 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.32.64:1082 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.32.77:3290 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.32.86:1086 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.32.91:1086 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.32.102:1096 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.32.103:1086 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.32.106:1096 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.32.108:1089 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.32.143:1073 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.32.144:1068 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.32.145:1086 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.32.147:1229 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.32.150:1069 ESTABLISHED
>> TCP 172.30.32.22:445 172.30.38.53:3248 ESTABLISHED
>> TCP 172.30.32.22:1115 172.30.32.22:135 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.21:2216 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.21:2401 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.26:1094 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.26:1095 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.26:1104 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.26:1112 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.35:1093 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.51:1097 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.60:1151 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.60:1461 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.60:1462 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.76:1032 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.76:1033 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.81:1034 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.81:1035 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.85:1092 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.86:1100 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.92:1052 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.92:1053 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.94:1050 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.94:1051 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.95:1053 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.95:1054 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.96:1032 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.96:1033 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.105:1216 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.105:1217 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.107:1057 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.107:1058 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.110:1096 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.110:1877 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.110:2649 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.110:2650 ESTABLISHED
>> TCP 172.30.32.22:1433 172.30.32.148:2224 ESTABLISHED
>> TCP 172.30.32.22:2117 172.30.1.91:135 ESTABLISHED
>> TCP 172.30.32.22:2118 172.30.1.91:1025 TIME_WAIT
>> TCP 172.30.32.22:2137 172.30.1.91:445 ESTABLISHED
>> TCP 172.30.32.22:2141 172.30.1.91:1025 ESTABLISHED
>> TCP 172.30.32.22:2145 172.30.1.91:389 TIME_WAIT
>> TCP 172.30.32.22:2146 172.30.1.91:389 TIME_WAIT
>> TCP 172.30.32.22:2147 172.30.1.91:139 TIME_WAIT
>> TCP 172.30.32.22:3389 172.30.1.25:48735 ESTABLISHED
>> TCP 172.30.32.22:3389 172.30.1.254:3957 ESTABLISHED
>> UDP 0.0.0.0:161 *:*
>> UDP 0.0.0.0:445 *:*
>> UDP 0.0.0.0:500 *:*
>> UDP 0.0.0.0:1027 *:*
>> UDP 0.0.0.0:1028 *:*
>> UDP 0.0.0.0:1029 *:*
>> UDP 0.0.0.0:1030 *:*
>> UDP 0.0.0.0:1070 *:*
>> UDP 0.0.0.0:1303 *:*
>> UDP 0.0.0.0:1434 *:*
>> UDP 0.0.0.0:2143 *:*
>> UDP 0.0.0.0:2153 *:*
>> UDP 0.0.0.0:2967 *:*
>> UDP 0.0.0.0:4500 *:*
>> UDP 0.0.0.0:5632 *:*
>> UDP 127.0.0.1:123 *:*
>> UDP 172.30.32.22:123 *:*
>> UDP 172.30.32.22:137 *:*
>> UDP 172.30.32.22:138 *:*
>>
>>
>>We are probably going to try removing and reinstalling the TCP/IP
>>protocall and all the network stuff. Hopefully this will help!?
>>
>>
>>Thanks for your time and help on this!
>>
>>
>>
>>
>>Steven L Umbach wrote:
>>
>>
>>>Hmm. Nbtstat looks like it might be OK. I just wanted you to run that to
>>>see if it was registering names which would indicate the server,
>>>workstation service, and netbios over tcp/ip are running. If you run
>>>netstat -an it should show at least port 445 tcp and probably port 139
>>>tcp listening. It is puzzling that you can ping and connect via TS but
>>>not file and print sharing. From another computer on the network I would
>>>use the portqry utility to see if it reports ports 139 and or 445 as
>>>listening on your problem server. See the link below on how to use
>>>portqry and where to download it from. For instance use " portqry -n
>>>xxx.xxx.xxx.xxx -e 139 " to find if port 139 tcp is available on the
>>>problem server [using it's IP address] from a remote computer.
>>>
>>>http://support.microsoft.com/default.aspx?kbid=310099
>>>
>>>Since it is a domain computer try running the support tool netdiag on it
>>>to see if any failed tests, warnings, or errors are reported that may
>>>give a clue. The /v or debug switches can give more detailed info if you
>>>find a problem as in " netdiag /test:dns /debug ". Netdiag and other
>>>support tools are found on the install disk for the server operating
>>>system in the support/tools folder where you will have to run the setup
>>>there to install them. Be sure to pay attention to the winsock test also
>>>when you run netdiag. Your nbtstat results indicate Local Area
>>>Connection 2. If the computer has more than one nic make sure that the
>>>nic used for the local lan/domain is at the top of the list in network
>>>connections/advanced/advanced properties. -- Steve
>>>
>>>"Jesse Gardner" <(E-Mail Removed)> wrote in message
>>>news:(E-Mail Removed)...
>>>
>>>
>>>>Thanks for your reply, I've answered your questions below. Most
>>>>noteworthy is the nbtstat -n results.
>>>>
>>>>
>>>>
>>>>Steven L Umbach wrote:
>>>>
>>>>
>>>>
>>>>>Try using the IP address to access it instead of the name to see if that
>>>>>helps as in \\xxx.xxx.xxx.xxx\share or use the IP address in Computer
>>>>>Management.
>>>>
>>>>Tried, didn't work.
>>>>
>>>>At the command prompt run nbtstat -RR and Ipconfig /registerdns.
>>>>
>>>>
>>>>>Check the wins and dns records to make sure they are correct.
>>>>
>>>>Tried, didn't seem to help.
>>>>
>>>>It would help
>>>>
>>>>
>>>>>to know if this is a domain computer, what operating system, what type
>>>>>of server, etc.
>>>>
>>>>Windows Server 2003 Enterprise w/ SQL 2000 Enterprise On an AD domain in
>>>>mixed mode.
>>>>
>>>>Windows 2003 Server has a built in firewall that you would want
>>>>
>>>>
>>>>>to check the configuration of if enabled.
>>>>
>>>>Internet connection firewall is not enabled.
>>>>
>>>>Look in Event Viewer for any
>>>>
>>>>
>>>>>pertinent errors
>>>>
>>>>No scary events.
>>>>
>>>>and make sure that the server service is running
>>>>
>>>>It's running.
>>>>
>>>>and that
>>>>
>>>>
>>>>>netbios over tcp/ip is enabled in tcp/ip properties/advanced wins.
>>>>
>>>>Yup.
>>>>
>>>>The
>>>>
>>>>
>>>>>nbtstat -n command should show at least three entries.
>>>>
>>>>
>>>>!!! This is what I get !!!
>>>>
>>>>C:\Documents and Settings\someuser>nbtstat -n
>>>>
>>>>Local Area Connection 2:
>>>>Node IpAddress: [172.30.32.22] Scope Id: []
>>>>
>>>> NetBIOS Local Name Table
>>>>
>>>> Name Type Status
>>>> ---------------------------------------------
>>>> THE_SERVER <00> UNIQUE Registered
>>>> AD_DOM <00> GROUP Registered
>>>> THE_SERVER <20> UNIQUE Registered
>>>> AD_DOM <1E> GROUP Registered
>>>>
>>>>
>>>>!!! Is there something missing? !!!
>>>>
>>>>
>>>>
>>>>If it is a Windows
>>>>
>>>>
>>>>>2003 Server you may also want to open Local Security Policy and go to
>>>>>security settings/local policies/security options and set the option for
>>>>>Microsoft network server:digitally sign communications(always) to
>>>>>ISABLED. --- Steve
>>>>
>>>>It is disabled.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>>
>>>>>"Jesse Gardner" <(E-Mail Removed)> wrote in message
>>>>>news:(E-Mail Removed)...
>>>>>
>>>>>
>>>>>
>>>>>>We renamed a server, and replaced it with another server that has taken
>>>>>>the old server's name and IP.
>>>>>>
>>>>>>DNS and WINS show the right IP to the right name, I can ping it by
>>>>>>name. But when I go Start-->Run-->\\Servername I get "Windows cannot
>>>>>>find '\\Servername.domain.com'. Check spelling blah blah"
>>>>>>
>>>>>>Where should I look? I can ping, connect via TS. But cannot access
>>>>>>shares, and if I try to "manage" the server remotely I get "Computer
>>>>>>\\Servernam cannot be managed. The semaphore timeout period has
>>>>>>expired."
>>>>>>
>>>>>>I've never had this problem before, is it WINS or something like that?
>>>>>>Netbios over TCP/IP is enabled if that helps.
>>>>>>
>>>>>>
>>>>>>Thanks!
>>>>>
>>>>>
>
>

Check to make sure that the computer you are trying to access the share from
has netbios over tcp/ip enabled on it and be sure to try from a computer on
the network that can successfully connect to port 139 tcp on the other
servers. Other than that I would resort to using Ethereal on each end of the
connection to see what is going on at the packet level. Windows Server
versions do have netmon available if it is installed. I can't think of
anything else offhand that would cause a computer to be able to use port 445
but not 139 unless netbios over tcp/ip is disabled on the client or there is
some form of packet filtering in the path between the two computers. Also
make sure the tcp/ip netbios helper service is running on the server. ---
Steve


"Jesse Gardner" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Thanks, that portqry is pretty cool, nice to have a command line port
> scanner.
>
> Anyway, the results...
>
>
> C:\Documents and Settings\Me>portqry -n 172.30.32.22 -e 139
>
> Querying target system called:
>
> 172.30.32.22
>
> Attempting to resolve IP address to a name...
>
>
> IP address resolved to server.domain.com
>
> querying...
>
> TCP port 139 (netbios-ssn service): LISTENING
>
>
>
> But I still can't browse shares w/out 445 allowed. What is your
> impression on this? (We are still waiting to reload TCP/IP)
>
>
>
>
> Steven L Umbach wrote:
>
>> I have the same understanding that port 139 should be used if netbios
>> over tcp/ip is enabled and it is not being blocked by tcp/ip filtering,
>> ipsec policy, firewall, etc. The portquery utility should tell if the
>> remote computer finds port 139 tcp available or not. Anyhow it sounds
>> like you are making some headway. --- Steve
>>
>>
>> "Jesse Gardner" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>>
>>>This is definately a weird one...
>>>
>>>Well, I noticed that 445 was being knocked out by a access-list between
>>>my VLAN and the server's VLAN. So when I allowed 445, I could connect.
>>>
>>>My only problem with that is, I thought 139 is used if 445 can't be
>>>accessed. (We have many servers that work without 445 permitted) This
>>>server is the only problem child.
>>>
>>>Here is a netstat -an on that machine:
>>>
>>>C:\Documents and Settings\Someuser>netstat -an
>>>
>>>Active Connections
>>>
>>> Proto Local Address Foreign Address State
>>> TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
>>> TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
>>> TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
>>> TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING
>>> TCP 0.0.0.0:1433 0.0.0.0:0 LISTENING
>>> TCP 0.0.0.0:2301 0.0.0.0:0 LISTENING
>>> TCP 0.0.0.0:2381 0.0.0.0:0 LISTENING
>>> TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
>>> TCP 0.0.0.0:5631 0.0.0.0:0 LISTENING
>>> TCP 0.0.0.0:49400 0.0.0.0:0 LISTENING
>>> TCP 0.0.0.0:49401 0.0.0.0:0 LISTENING
>>> TCP 0.0.0.0:49402 0.0.0.0:0 LISTENING
>>> TCP 172.30.32.22:135 172.30.32.22:1115 ESTABLISHED
>>> TCP 172.30.32.22:139 0.0.0.0:0 LISTENING
>>> TCP 172.30.32.22:139 172.30.32.35:1088 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.1.93:1299 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.32.40:1088 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.32.50:1132 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.32.51:1094 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.32.52:2662 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.32.64:1082 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.32.77:3290 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.32.86:1086 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.32.91:1086 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.32.102:1096 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.32.103:1086 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.32.106:1096 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.32.108:1089 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.32.143:1073 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.32.144:1068 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.32.145:1086 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.32.147:1229 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.32.150:1069 ESTABLISHED
>>> TCP 172.30.32.22:445 172.30.38.53:3248 ESTABLISHED
>>> TCP 172.30.32.22:1115 172.30.32.22:135 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.21:2216 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.21:2401 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.26:1094 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.26:1095 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.26:1104 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.26:1112 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.35:1093 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.51:1097 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.60:1151 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.60:1461 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.60:1462 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.76:1032 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.76:1033 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.81:1034 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.81:1035 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.85:1092 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.86:1100 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.92:1052 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.92:1053 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.94:1050 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.94:1051 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.95:1053 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.95:1054 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.96:1032 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.96:1033 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.105:1216 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.105:1217 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.107:1057 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.107:1058 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.110:1096 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.110:1877 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.110:2649 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.110:2650 ESTABLISHED
>>> TCP 172.30.32.22:1433 172.30.32.148:2224 ESTABLISHED
>>> TCP 172.30.32.22:2117 172.30.1.91:135 ESTABLISHED
>>> TCP 172.30.32.22:2118 172.30.1.91:1025 TIME_WAIT
>>> TCP 172.30.32.22:2137 172.30.1.91:445 ESTABLISHED
>>> TCP 172.30.32.22:2141 172.30.1.91:1025 ESTABLISHED
>>> TCP 172.30.32.22:2145 172.30.1.91:389 TIME_WAIT
>>> TCP 172.30.32.22:2146 172.30.1.91:389 TIME_WAIT
>>> TCP 172.30.32.22:2147 172.30.1.91:139 TIME_WAIT
>>> TCP 172.30.32.22:3389 172.30.1.25:48735 ESTABLISHED
>>> TCP 172.30.32.22:3389 172.30.1.254:3957 ESTABLISHED
>>> UDP 0.0.0.0:161 *:*
>>> UDP 0.0.0.0:445 *:*
>>> UDP 0.0.0.0:500 *:*
>>> UDP 0.0.0.0:1027 *:*
>>> UDP 0.0.0.0:1028 *:*
>>> UDP 0.0.0.0:1029 *:*
>>> UDP 0.0.0.0:1030 *:*
>>> UDP 0.0.0.0:1070 *:*
>>> UDP 0.0.0.0:1303 *:*
>>> UDP 0.0.0.0:1434 *:*
>>> UDP 0.0.0.0:2143 *:*
>>> UDP 0.0.0.0:2153 *:*
>>> UDP 0.0.0.0:2967 *:*
>>> UDP 0.0.0.0:4500 *:*
>>> UDP 0.0.0.0:5632 *:*
>>> UDP 127.0.0.1:123 *:*
>>> UDP 172.30.32.22:123 *:*
>>> UDP 172.30.32.22:137 *:*
>>> UDP 172.30.32.22:138 *:*
>>>
>>>
>>>We are probably going to try removing and reinstalling the TCP/IP
>>>protocall and all the network stuff. Hopefully this will help!?
>>>
>>>
>>>Thanks for your time and help on this!
>>>
>>>
>>>
>>>
>>>Steven L Umbach wrote:
>>>
>>>
>>>>Hmm. Nbtstat looks like it might be OK. I just wanted you to run that to
>>>>see if it was registering names which would indicate the server,
>>>>workstation service, and netbios over tcp/ip are running. If you run
>>>>netstat -an it should show at least port 445 tcp and probably port 139
>>>>tcp listening. It is puzzling that you can ping and connect via TS but
>>>>not file and print sharing. From another computer on the network I would
>>>>use the portqry utility to see if it reports ports 139 and or 445 as
>>>>listening on your problem server. See the link below on how to use
>>>>portqry and where to download it from. For instance use " portqry -n
>>>>xxx.xxx.xxx.xxx -e 139 " to find if port 139 tcp is available on the
>>>>problem server [using it's IP address] from a remote computer.
>>>>
>>>>http://support.microsoft.com/default.aspx?kbid=310099
>>>>
>>>>Since it is a domain computer try running the support tool netdiag on it
>>>>to see if any failed tests, warnings, or errors are reported that may
>>>>give a clue. The /v or debug switches can give more detailed info if you
>>>>find a problem as in " netdiag /test:dns /debug ". Netdiag and other
>>>>support tools are found on the install disk for the server operating
>>>>system in the support/tools folder where you will have to run the setup
>>>>there to install them. Be sure to pay attention to the winsock test also
>>>>when you run netdiag. Your nbtstat results indicate Local Area
>>>>Connection 2. If the computer has more than one nic make sure that the
>>>>nic used for the local lan/domain is at the top of the list in network
>>>>connections/advanced/advanced properties. -- Steve
>>>>
>>>>"Jesse Gardner" <(E-Mail Removed)> wrote in message
>>>>news:(E-Mail Removed)...
>>>>
>>>>
>>>>>Thanks for your reply, I've answered your questions below. Most
>>>>>noteworthy is the nbtstat -n results.
>>>>>
>>>>>
>>>>>
>>>>>Steven L Umbach wrote:
>>>>>
>>>>>
>>>>>
>>>>>>Try using the IP address to access it instead of the name to see if
>>>>>>that helps as in \\xxx.xxx.xxx.xxx\share or use the IP address in
>>>>>>Computer Management.
>>>>>
>>>>>Tried, didn't work.
>>>>>
>>>>>At the command prompt run nbtstat -RR and Ipconfig /registerdns.
>>>>>
>>>>>
>>>>>>Check the wins and dns records to make sure they are correct.
>>>>>
>>>>>Tried, didn't seem to help.
>>>>>
>>>>>It would help
>>>>>
>>>>>
>>>>>>to know if this is a domain computer, what operating system, what type
>>>>>>of server, etc.
>>>>>
>>>>>Windows Server 2003 Enterprise w/ SQL 2000 Enterprise On an AD domain
>>>>>in mixed mode.
>>>>>
>>>>>Windows 2003 Server has a built in firewall that you would want
>>>>>
>>>>>
>>>>>>to check the configuration of if enabled.
>>>>>
>>>>>Internet connection firewall is not enabled.
>>>>>
>>>>>Look in Event Viewer for any
>>>>>
>>>>>
>>>>>>pertinent errors
>>>>>
>>>>>No scary events.
>>>>>
>>>>>and make sure that the server service is running
>>>>>
>>>>>It's running.
>>>>>
>>>>>and that
>>>>>
>>>>>
>>>>>>netbios over tcp/ip is enabled in tcp/ip properties/advanced wins.
>>>>>
>>>>>Yup.
>>>>>
>>>>>The
>>>>>
>>>>>
>>>>>>nbtstat -n command should show at least three entries.
>>>>>
>>>>>
>>>>>!!! This is what I get !!!
>>>>>
>>>>>C:\Documents and Settings\someuser>nbtstat -n
>>>>>
>>>>>Local Area Connection 2:
>>>>>Node IpAddress: [172.30.32.22] Scope Id: []
>>>>>
>>>>> NetBIOS Local Name Table
>>>>>
>>>>> Name Type Status
>>>>> ---------------------------------------------
>>>>> THE_SERVER <00> UNIQUE Registered
>>>>> AD_DOM <00> GROUP Registered
>>>>> THE_SERVER <20> UNIQUE Registered
>>>>> AD_DOM <1E> GROUP Registered
>>>>>
>>>>>
>>>>>!!! Is there something missing? !!!
>>>>>
>>>>>
>>>>>
>>>>>If it is a Windows
>>>>>
>>>>>
>>>>>>2003 Server you may also want to open Local Security Policy and go to
>>>>>>security settings/local policies/security options and set the option
>>>>>>for Microsoft network server:digitally sign communications(always) to
>>>>>>ISABLED. --- Steve
>>>>>
>>>>>It is disabled.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>
>>>>>>"Jesse Gardner" <(E-Mail Removed)> wrote in message
>>>>>>news:(E-Mail Removed)...
>>>>>>
>>>>>>
>>>>>>
>>>>>>>We renamed a server, and replaced it with another server that has
>>>>>>>taken the old server's name and IP.
>>>>>>>
>>>>>>>DNS and WINS show the right IP to the right name, I can ping it by
>>>>>>>name. But when I go Start-->Run-->\\Servername I get "Windows cannot
>>>>>>>find '\\Servername.domain.com'. Check spelling blah blah"
>>>>>>>
>>>>>>>Where should I look? I can ping, connect via TS. But cannot access
>>>>>>>shares, and if I try to "manage" the server remotely I get "Computer
>>>>>>>\\Servernam cannot be managed. The semaphore timeout period has
>>>>>>>expired."
>>>>>>>
>>>>>>>I've never had this problem before, is it WINS or something like
>>>>>>>that? Netbios over TCP/IP is enabled if that helps.
>>>>>>>
>>>>>>>
>>>>>>>Thanks!
>>>>>>
>>>>>>
>>