Hi everyone,
I am sorry that I am going to be a little vague but I am not exactly sure what the problem is. I have been troubleshooting it now for a couple of days and I am not sure if I am any closer to a solution.
I have a SBS 2003 server in the head office in city A (Site A.) I have some clients in city B (Site B.) XP clients from Site B aren't able to access resources properly on my SBS server in Site A. There is a site-to-site VPN between the two sites.
Some history:
There used to be a server at Site B as well as a different ISP. At the same time the ISP was changed as well as the server (an additional DC in the domain) removed. The server was removed after the machine died, so it had to be removed manually from the AD/DNS, etc.
I am experiencing almost identical symptoms to this post: but setting the MTU to 1390 on the client has not fixed the issue. I haven't tried to set the MTU to anything lower or higher but the ping test works fine even at 1400+
I have done the following on a PC in Site B (and many other things that I can't presently recall ...):
- I set the IP address/DNS/WINS manually
- I can ping the server in Site A
- I can nslookup from the server in Site A ... everything resolves OK
- I have removed the PC from the domain, renamed it, re-joined it using the SBS Connectcomputer wizard (twice) always successfully
- I have run numerous netdiag, dcdiag, etc test with /fix and other switches
Some interesting (annoying) items of note:
- I can connect via VNC to the machines in Site B from the server in Site A but all I can see is a blank/black screen. The user can see the cursor moving
- I cannot connect to the PCs in Site B via RDP even though Remote Desktop is enabled. The connections time out.
- Firewalls on PCs are disabled
Any thoughts or input would be most appreciated.
Thanks,
B.
The netdiag output is here:
......................................
Computer Name: PC05
DNS Host Name: PC05.domain.com.au
System info : Windows 2000 Professional (Build 2600)
Processor : x86 Family 15 Model 6 Stepping 5, GenuineIntel
List of installed hotfixes :
(deleted for clarity)
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : PC05.domain.com.au
IP Address . . . . . . . . : 192.168.30.151
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.30.1
Primary WINS Server. . . . : 192.168.40.250
Dns Servers. . . . . . . . : 192.168.40.250
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.
WINS service test. . . . . : Passed
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{1E2E06C7-AF5A-428D-B56E-0A940DDA23EE}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{1E2E06C7-AF5A-428D-B56E-0A940DDA23EE}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{1E2E06C7-AF5A-428D-B56E-0A940DDA23EE}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Failed
[WARNING] Cannot call DsBind to sbs01.domain.com.au (192.168.40.250). [ERROR_INTERNAL_ERROR]
Trust relationship test. . . . . . : Passed
[WARNING] Don't have access to test your domain sid for domain 'DOMAIN'.
[Test skipped]
Secure channel for domain 'DOMAIN' is to '\\sbs01.domain.com.au'.
Kerberos test. . . . . . . . . . . : Failed
[FATAL] Kerberos does not have a ticket for host/PC05.domain.com.au.
LDAP test. . . . . . . . . . . . . : Failed
[FATAL] Cannot do Negotiate authenticated ldap_bind to 'sbs01.domain.com.au': Local Error.
[WARNING] Failed to query SPN registration on DC 'sbs01.domain.com.au'.
[FATAL] No LDAP servers work in the domain 'DOMAIN'.
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Passed
Service status is: Started
Service startup is: Automatic
IPSec service is available, but no policy is assigned or active
Note: run "ipseccmd /?" for more detailed information
The command completed successfully
I am sorry that I am going to be a little vague but I am not exactly sure what the problem is. I have been troubleshooting it now for a couple of days and I am not sure if I am any closer to a solution.
I have a SBS 2003 server in the head office in city A (Site A.) I have some clients in city B (Site B.) XP clients from Site B aren't able to access resources properly on my SBS server in Site A. There is a site-to-site VPN between the two sites.
Some history:
There used to be a server at Site B as well as a different ISP. At the same time the ISP was changed as well as the server (an additional DC in the domain) removed. The server was removed after the machine died, so it had to be removed manually from the AD/DNS, etc.
I am experiencing almost identical symptoms to this post: but setting the MTU to 1390 on the client has not fixed the issue. I haven't tried to set the MTU to anything lower or higher but the ping test works fine even at 1400+
I have done the following on a PC in Site B (and many other things that I can't presently recall ...):
- I set the IP address/DNS/WINS manually
- I can ping the server in Site A
- I can nslookup from the server in Site A ... everything resolves OK
- I have removed the PC from the domain, renamed it, re-joined it using the SBS Connectcomputer wizard (twice) always successfully
- I have run numerous netdiag, dcdiag, etc test with /fix and other switches
Some interesting (annoying) items of note:
- I can connect via VNC to the machines in Site B from the server in Site A but all I can see is a blank/black screen. The user can see the cursor moving
- I cannot connect to the PCs in Site B via RDP even though Remote Desktop is enabled. The connections time out.
- Firewalls on PCs are disabled
Any thoughts or input would be most appreciated.
Thanks,
B.
The netdiag output is here:
......................................
Computer Name: PC05
DNS Host Name: PC05.domain.com.au
System info : Windows 2000 Professional (Build 2600)
Processor : x86 Family 15 Model 6 Stepping 5, GenuineIntel
List of installed hotfixes :
(deleted for clarity)
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : PC05.domain.com.au
IP Address . . . . . . . . : 192.168.30.151
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.30.1
Primary WINS Server. . . . : 192.168.40.250
Dns Servers. . . . . . . . : 192.168.40.250
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.
WINS service test. . . . . : Passed
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{1E2E06C7-AF5A-428D-B56E-0A940DDA23EE}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{1E2E06C7-AF5A-428D-B56E-0A940DDA23EE}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{1E2E06C7-AF5A-428D-B56E-0A940DDA23EE}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Failed
[WARNING] Cannot call DsBind to sbs01.domain.com.au (192.168.40.250). [ERROR_INTERNAL_ERROR]
Trust relationship test. . . . . . : Passed
[WARNING] Don't have access to test your domain sid for domain 'DOMAIN'.
[Test skipped]
Secure channel for domain 'DOMAIN' is to '\\sbs01.domain.com.au'.
Kerberos test. . . . . . . . . . . : Failed
[FATAL] Kerberos does not have a ticket for host/PC05.domain.com.au.
LDAP test. . . . . . . . . . . . . : Failed
[FATAL] Cannot do Negotiate authenticated ldap_bind to 'sbs01.domain.com.au': Local Error.
[WARNING] Failed to query SPN registration on DC 'sbs01.domain.com.au'.
[FATAL] No LDAP servers work in the domain 'DOMAIN'.
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Passed
Service status is: Started
Service startup is: Automatic
IPSec service is available, but no policy is assigned or active
Note: run "ipseccmd /?" for more detailed information
The command completed successfully