missupport1
MIS
Hello,
I have a problem connecting with my network scanner to a share on my new domain controller.
We can scan and send a file trough smb to a share on the server, windows 2003 R2 server
situation: One week ago this was working fine. (at this time it was not a domain controller yet)
Last weekend I promoted the domaincontroller from a Win 2000 forest to a Win 2003 forest. this went all fine (fingers crossed always in such situations
Now when i want to send a scan trough smb to my new domain controller, the scan says: cannot communicate.
So I did an ethereal scan and indeed i get this result (see below.
When i open the share in my explorer, this works fine.
(I already disabled in the default domain controllers policy digitally sign communications and did a gpupdate /force) but still the same. The windows 2000 domain controller is still running and when I trend to send a file to a share on this server, i have no problem...
Does anyone has an idea? Something must have been changed since during the promovation to domain controller.
Thanx in advance
No. Time Source Destination Protocol Info
161 3.471394 192.168.1.229 192.168.1.228 SMB Tree Connect AndX Response, Error: Access denied
Frame 161 (105 bytes on wire, 105 bytes captured)
Arrival Time: Nov 15, 2006 08:34:31.716062000
Time delta from previous packet: 0.000808000 seconds
Time since reference or first frame: 3.471394000 seconds
Frame Number: 161
Packet Length: 105 bytes
Capture Length: 105 bytes
Protocols in frame: eth:ip:tcp:nbss:smb
Coloring Rule Name: SMB
Coloring Rule String: smb || nbss || nbns || nbipx || ipxsap || netbios
Ethernet II, Src: Vmware_c0:26:0e (00:0c:29:c0:26:0e), Dst: Ricoh_90:bb:11 (00:00:74:90:bb:11)
Destination: Ricoh_90:bb:11 (00:00:74:90:bb:11)
Address: Ricoh_90:bb:11 (00:00:74:90:bb:11)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: Vmware_c0:26:0e (00:0c:29:c0:26:0e)
Address: Vmware_c0:26:0e (00:0c:29:c0:26:0e)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: 192.168.1.229 (192.168.1.229), Dst: 192.168.1.228 (192.168.1.228)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 91
Identification: 0xc671 (50801)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0xaf11 [correct]
Source: 192.168.1.229 (192.168.1.229)
Destination: 192.168.1.228 (192.168.1.228)
Transmission Control Protocol, Src Port: netbios-ssn (139), Dst Port: 1059 (1059), Seq: 245, Ack: 469, Len: 39
Source port: netbios-ssn (139)
Destination port: 1059 (1059)
Sequence number: 245 (relative sequence number)
Next sequence number: 284 (relative sequence number)
Acknowledgement number: 469 (relative ack number)
Header length: 32 bytes
Flags: 0x0018 (PSH, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 1... = Push: Set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 63772
Checksum: 0xeca8 [correct]
Options: (12 bytes)
NOP
NOP
Time stamp: tsval 2208407, tsecr 7795357
NetBIOS Session Service
Message Type: Session message
Flags: 0x00
.... ...0 = Add 0 to length
Length: 35
SMB (Server Message Block Protocol)
SMB Header
Server Component: SMB
Response to: 160
Time from request: 0.000808000 seconds
SMB Command: Tree Connect AndX (0x75)
Error Class: DOS Error (0x01)
Reserved: 00
Error Code: Access denied
Flags: 0x88
1... .... = Request/Response: Message is a response to the client/redirector
.0.. .... = Notify: Notify client only on open
..0. .... = Oplocks: OpLock not requested/granted
...0 .... = Canonicalized Pathnames: Pathnames are not canonicalized
.... 1... = Case Sensitivity: Path names are caseless
.... ..0. = Receive Buffer Posted: Receive buffer has not been posted
.... ...0 = Lock and Read: Lock&Read, Write&Unlock are not supported
Flags2: 0x0001
0... .... .... .... = Unicode Strings: Strings are ASCII
.0.. .... .... .... = Error Code Type: Error codes are DOS error codes
..0. .... .... .... = Execute-only Reads: Don't permit reads if execute-only
...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs
.... 0... .... .... = Extended Security Negotiation: Extended security negotiation is not supported
.... .... .0.. .... = Long Names Used: Path names in request are not long file names
.... .... .... .0.. = Security Signatures: Security signatures are not supported
.... .... .... ..0. = Extended Attributes: Extended attributes are not supported
.... .... .... ...1 = Long Names Allowed: Long file names are allowed in the response
Process ID High: 0
Signature: 6A9EC273AB8A1F8B
Reserved: 0000
Tree ID: 0
Process ID: 1960
User ID: 4099
Multiplex ID: 1
Tree Connect AndX Response (0x75)
Word Count (WCT): 0
Byte Count (BCC): 0
I have a problem connecting with my network scanner to a share on my new domain controller.
We can scan and send a file trough smb to a share on the server, windows 2003 R2 server
situation: One week ago this was working fine. (at this time it was not a domain controller yet)
Last weekend I promoted the domaincontroller from a Win 2000 forest to a Win 2003 forest. this went all fine (fingers crossed always in such situations
Now when i want to send a scan trough smb to my new domain controller, the scan says: cannot communicate.
So I did an ethereal scan and indeed i get this result (see below.
When i open the share in my explorer, this works fine.
(I already disabled in the default domain controllers policy digitally sign communications and did a gpupdate /force) but still the same. The windows 2000 domain controller is still running and when I trend to send a file to a share on this server, i have no problem...
Does anyone has an idea? Something must have been changed since during the promovation to domain controller.
Thanx in advance
No. Time Source Destination Protocol Info
161 3.471394 192.168.1.229 192.168.1.228 SMB Tree Connect AndX Response, Error: Access denied
Frame 161 (105 bytes on wire, 105 bytes captured)
Arrival Time: Nov 15, 2006 08:34:31.716062000
Time delta from previous packet: 0.000808000 seconds
Time since reference or first frame: 3.471394000 seconds
Frame Number: 161
Packet Length: 105 bytes
Capture Length: 105 bytes
Protocols in frame: eth:ip:tcp:nbss:smb
Coloring Rule Name: SMB
Coloring Rule String: smb || nbss || nbns || nbipx || ipxsap || netbios
Ethernet II, Src: Vmware_c0:26:0e (00:0c:29:c0:26:0e), Dst: Ricoh_90:bb:11 (00:00:74:90:bb:11)
Destination: Ricoh_90:bb:11 (00:00:74:90:bb:11)
Address: Ricoh_90:bb:11 (00:00:74:90:bb:11)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: Vmware_c0:26:0e (00:0c:29:c0:26:0e)
Address: Vmware_c0:26:0e (00:0c:29:c0:26:0e)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: 192.168.1.229 (192.168.1.229), Dst: 192.168.1.228 (192.168.1.228)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 91
Identification: 0xc671 (50801)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0xaf11 [correct]
Source: 192.168.1.229 (192.168.1.229)
Destination: 192.168.1.228 (192.168.1.228)
Transmission Control Protocol, Src Port: netbios-ssn (139), Dst Port: 1059 (1059), Seq: 245, Ack: 469, Len: 39
Source port: netbios-ssn (139)
Destination port: 1059 (1059)
Sequence number: 245 (relative sequence number)
Next sequence number: 284 (relative sequence number)
Acknowledgement number: 469 (relative ack number)
Header length: 32 bytes
Flags: 0x0018 (PSH, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 1... = Push: Set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 63772
Checksum: 0xeca8 [correct]
Options: (12 bytes)
NOP
NOP
Time stamp: tsval 2208407, tsecr 7795357
NetBIOS Session Service
Message Type: Session message
Flags: 0x00
.... ...0 = Add 0 to length
Length: 35
SMB (Server Message Block Protocol)
SMB Header
Server Component: SMB
Response to: 160
Time from request: 0.000808000 seconds
SMB Command: Tree Connect AndX (0x75)
Error Class: DOS Error (0x01)
Reserved: 00
Error Code: Access denied
Flags: 0x88
1... .... = Request/Response: Message is a response to the client/redirector
.0.. .... = Notify: Notify client only on open
..0. .... = Oplocks: OpLock not requested/granted
...0 .... = Canonicalized Pathnames: Pathnames are not canonicalized
.... 1... = Case Sensitivity: Path names are caseless
.... ..0. = Receive Buffer Posted: Receive buffer has not been posted
.... ...0 = Lock and Read: Lock&Read, Write&Unlock are not supported
Flags2: 0x0001
0... .... .... .... = Unicode Strings: Strings are ASCII
.0.. .... .... .... = Error Code Type: Error codes are DOS error codes
..0. .... .... .... = Execute-only Reads: Don't permit reads if execute-only
...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs
.... 0... .... .... = Extended Security Negotiation: Extended security negotiation is not supported
.... .... .0.. .... = Long Names Used: Path names in request are not long file names
.... .... .... .0.. = Security Signatures: Security signatures are not supported
.... .... .... ..0. = Extended Attributes: Extended attributes are not supported
.... .... .... ...1 = Long Names Allowed: Long file names are allowed in the response
Process ID High: 0
Signature: 6A9EC273AB8A1F8B
Reserved: 0000
Tree ID: 0
Process ID: 1960
User ID: 4099
Multiplex ID: 1
Tree Connect AndX Response (0x75)
Word Count (WCT): 0
Byte Count (BCC): 0