Access Denied in Win XP p2p

[Guest]

Hello, I recently ran System Mechanic 6 on two of the computers in my
three-computer Win XP Pro p2p net; subsequently I discovered that I had no
access to those two computers from the third unit or from each other. I
discovered a post in a PC World forum noting a similar situation; the author
suggested changing to "disabled" the following entries in Security Settings

Local Policies >Security Options:

Network access: Do not allow anonymous enumeration of SAM accounts Disabled
Network access: Do not allow anonymous enumeration of SAM accounts and
shares Disabled

I did this on one computer and my access was restored. Trying to do it on
the other computer, I discovered that these entries were not present in
Security Options -- in fact, as opposed to a lengthy list of options I found
on the "fixed" computer, this computer's Security Options were limited to six
choices -- none of which was the desired choice. Can anyone give me some
guidance as to rebuilding/restoring the default list of Security Options so
that I can set them correctly ? (I do not have an appropriate System Restore
point available). The help file mentioned loading and editing templates, but
it didn't say which of the templates was appropriate.

Any help greatly appreciated.
Thanks
Paul

 

[Chuck]

Hello, I recently ran System Mechanic 6 on two of the computers in my
three-computer Win XP Pro p2p net; subsequently I discovered that I had no
access to those two computers from the third unit or from each other. I
discovered a post in a PC World forum noting a similar situation; the author
suggested changing to "disabled" the following entries in Security Settings

Network access: Do not allow anonymous enumeration of SAM accounts Disabled
Network access: Do not allow anonymous enumeration of SAM accounts and
shares Disabled

I did this on one computer and my access was restored. Trying to do it on
the other computer, I discovered that these entries were not present in
Security Options -- in fact, as opposed to a lengthy list of options I found
on the "fixed" computer, this computer's Security Options were limited to six
choices -- none of which was the desired choice. Can anyone give me some
guidance as to rebuilding/restoring the default list of Security Options so
that I can set them correctly ? (I do not have an appropriate System Restore
point available). The help file mentioned loading and editing templates, but
it didn't say which of the templates was appropriate.

Any help greatly appreciated.
Thanks
Paul

Paul,

The change needed is known as Registry setting restrictanonymous.
<http://nitecruzr.blogspot.com/2005/07/restrictanonymous-and-your-server.html>
http://nitecruzr.blogspot.com/2005/07/restrictanonymous-and-your-server.html

 

[Guest]

Hi, Chuck, thanks for your reply. I examined the registry key you indicated
on the problem machine and found that it says:

Name Type Data
restrictanonymous REG_DWORD 0x00000000 (0)
restrictanonymoussam REG_DWORD 0x00000000 (1)

The "restrictanonymous" data value on the problem machine is identical to
the two "working" machines; so it would appear my problem may lie elsewhere
(the restrictanonymoussam value differs on the two working machines; one is
1, like the problem machine, the other is 0, but I believe that is because I
changed the enable/disable SAM choice in Security Options for that machine as
noted in my original post. I know your site info said the SAM value was not
relevant in this case)

I am not the most skilled practitioner when it comes to working the
registry; would there be any other values to look at? I wish I had the full
list of options in Security Options on the problem machine as I do on the
working ones -- then I could compare the options line by line.

Thank you.
Paul

 

[Chuck]

Hi, Chuck, thanks for your reply. I examined the registry key you indicated
on the problem machine and found that it says:

Name Type Data
restrictanonymous REG_DWORD 0x00000000 (0)
restrictanonymoussam REG_DWORD 0x00000000 (1)

The "restrictanonymous" data value on the problem machine is identical to
the two "working" machines; so it would appear my problem may lie elsewhere
(the restrictanonymoussam value differs on the two working machines; one is
1, like the problem machine, the other is 0, but I believe that is because I
changed the enable/disable SAM choice in Security Options for that machine as
noted in my original post. I know your site info said the SAM value was not
relevant in this case)

I am not the most skilled practitioner when it comes to working the
registry; would there be any other values to look at? I wish I had the full
list of options in Security Options on the problem machine as I do on the
working ones -- then I could compare the options line by line.

Thank you.
Paul

Paul,

So it looks like that's not the problem. Try my troubleshooting guide, and post
"browstat status" and "ipconfig /all" from each computer, if nothing else comes
to mind.
<http://nitecruzr.blogspot.com/2005/10/irregularities-in-workgroup-visibility.html>
http://nitecruzr.blogspot.com/2005/10/irregularities-in-workgroup-visibility.html

 

[Guest]

Paul,

So it looks like that's not the problem. Try my troubleshooting guide, and post
"browstat status" and "ipconfig /all" from each computer, if nothing else comes
to mind.
<http://nitecruzr.blogspot.com/2005/10/irregularities-in-workgroup-visibility.html>
http://nitecruzr.blogspot.com/2005/10/irregularities-in-workgroup-visibility.html

Hi, Chuck -- hope you had a nice Thanksgiving (I see you're from Calif).

Here are the ipconfig and browstat results for all three computers, in this
order Main - Dell - Compaq. "Main" is the problem computer; it's also the one
that the peripherals are hooked to if that makes any difference -- two
printers, wireless router and DSL modem. Both the Dell and Compaq return
Error 5 when trying to connect to Main.

MAIN:

Windows IP Configuration



Host Name . . . . . . . . . . . . : Main

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : SiS 900-Based PCI Fast Ethernet
Adapter

Physical Address. . . . . . . . . : 00-0C-76-40-A5-64

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.100

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 192.168.0.1

Lease Obtained. . . . . . . . . . : Tuesday, November 22, 2005
9:18:35 PM

Lease Expires . . . . . . . . . . : Tuesday, November 29, 2005
9:18:35 PM



Status for domain 7SKY COMM on transport
\Device\NetBT_Tcpip_{30E7C118-C1B9-4002-87B1-9D289BFC8863}
Browsing is active on domain.
Master browser name is: MAIN
Master browser is running build 2600
1 backup servers retrieved from master MAIN
\\MAIN
There are 3 servers in domain 7SKY COMM on transport
\Device\NetBT_Tcpip_{30E7C118-C1B9-4002-87B1-9D289BFC8863}
There are 1 domains in domain 7SKY COMM on transport
\Device\NetBT_Tcpip_{30E7C118-C1B9-4002-87B1-9D289BFC8863}


Here's the info for Dell -- a laptop connected via a DLink Wireless card:

Windows IP Configuration



Host Name . . . . . . . . . . . . : DELL

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated
Controller

Physical Address. . . . . . . . . : 00-0D-56-EA-E5-E4



Ethernet adapter Wireless Network Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : D-Link AirPlus G DWL-G630
Wireless Cardbus Adapter

Physical Address. . . . . . . . . : 00-0D-88-EA-89-8A

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.101

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1



Status for domain 7SKY COMM on transport
\Device\NetBT_Tcpip_{B7D6AC66-B7CB-48EF-AE85-CD578D3619F7}
Browsing is active on domain.
Master browser name is: MAIN
Could not connect to registry, error = 5 Unable to determine build of
browser master: 5
Unable to determine server information for browser master: 5
1 backup servers retrieved from master MAIN
\\MAIN
There are 3 servers in domain 7SKY COMM on transport
\Device\NetBT_Tcpip_{B7D6AC66-B7CB-48EF-AE85-CD578D3619F7}
There are 1 domains in domain 7SKY COMM on transport
\Device\NetBT_Tcpip_{B7D6AC66-B7CB-48EF-AE85-CD578D3619F7}

Here is the info for the Compaq -- note that I acquired this unit used from
a company that had it in a large LAN -- may have some impact on what the info
shows -- this is connected via a DLink Wireless card -- which the IP config
doesn't seem to see:

Windows IP Configuration



Host Name . . . . . . . . . . . . : COMPAQ-HINMCAZT

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Network Bridge (Network Bridge):



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : MAC Bridge Miniport

Physical Address. . . . . . . . . : 02-13-46-5F-94-69

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.104

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 192.168.0.1

Lease Obtained. . . . . . . . . . : Wednesday, November 23, 2005
9:27:17 AM

Lease Expires . . . . . . . . . . : Wednesday, November 30, 2005
9:27:17 AM



Status for domain 7SKY COMM on transport
\Device\NetBT_Tcpip_{98C4B64A-9FB1-4B8F-B32E-4F8472A59C16}
Browsing is active on domain.
Master browser name is: MAIN
Could not connect to registry, error = 5 Unable to determine build of
browser master: 5
Unable to determine server information for browser master: 5
1 backup servers retrieved from master MAIN
\\MAIN
There are 3 servers in domain 7SKY COMM on transport
\Device\NetBT_Tcpip_{98C4B64A-9FB1-4B8F-B32E-4F8472A59C16}
There are 1 domains in domain 7SKY COMM on transport
\Device\NetBT_Tcpip_{98C4B64A-9FB1-4B8F-B32E-4F8472A59C16}


Any further guidance is greatly appreciated.
Paul

 

[Chuck]

Hi, Chuck -- hope you had a nice Thanksgiving (I see you're from Calif).

Here are the ipconfig and browstat results for all three computers, in this
order Main - Dell - Compaq. "Main" is the problem computer; it's also the one
that the peripherals are hooked to if that makes any difference -- two
printers, wireless router and DSL modem. Both the Dell and Compaq return
Error 5 when trying to connect to Main.

Any further guidance is greatly appreciated.
Paul

Hi Paul,

Well, I am just this afternoon able to work steadily. Thanksgiving is
traditionally a time of overeating. I bow to tradition. I couldn't bow last
night though. ;-}

So, what do we know about your LAN?
# You have 3 computers, each one in subnet 192.168.0/24, gateway 192.168.0.1.
# Name resolution is OK - Hybrid and Unknown are compatible.
# All 3 are in domain / workgroup "7SKY COMM".
# All 3 can see each other as servers ("There are 3 servers in domain 7SKY
COMM").
# Compaq and Dell cannot connect to the registry on Main ("error = 5"). That
indicates either a firewall problem, or Main is running Simple File Sharing, or
is otherwise configured to not give administrative access from Compaq and Dell.

What edition (Home or Pro) is each running?

How is Main connected to the router? How is Compaq connected? The Bridge ("MAC
Bridge Miniport") looks like the best culprit.
<http://nitecruzr.blogspot.com/2005/05/reading-ipconfig-and-diagnosing.html#Bridge>

Try removing the bridge - if that doesn't help, post an updated "ipconfig /all"
from Compaq.

 

[Guest]

Hi, Chuck. I'm not really believing this -- because I thought I checked all
the firewalls -- but the Windows Firewall on Main -- which I had shut off
ever since I went to SP2 -- was back on and apparently not configured for
network access. Perhaps that System Mechanic security "fix" reactivated it,
but I swear I checked it when I checked my Norton firewall. I did the
reconfigure in the Network Wizard, but then turned it off again, because I'm
using Norton Internet Security 2005's firewall. Once that was accomplished,
the access to Main was restored.

Meanwhile, I did try disabling the bridge on the Compaq, but I lost access
to my internet connection, so I re-enabled it and it's working again. All
three of these PCs run WinXP Pro -- the Main and Dell are SP2, while the
Compaq is SP1. Main is hard-connected to the router, while the Compaq and
Dell both run DLink wireless cards.

I'd like to thank you very much for guiding me through this; I only hope
that if I have further problems, you'll be the one to pick up on my cry for
help.

Paul

 

[Chuck]

Hi, Chuck. I'm not really believing this -- because I thought I checked all
the firewalls -- but the Windows Firewall on Main -- which I had shut off
ever since I went to SP2 -- was back on and apparently not configured for
network access. Perhaps that System Mechanic security "fix" reactivated it,
but I swear I checked it when I checked my Norton firewall. I did the
reconfigure in the Network Wizard, but then turned it off again, because I'm
using Norton Internet Security 2005's firewall. Once that was accomplished,
the access to Main was restored.

Meanwhile, I did try disabling the bridge on the Compaq, but I lost access
to my internet connection, so I re-enabled it and it's working again. All
three of these PCs run WinXP Pro -- the Main and Dell are SP2, while the
Compaq is SP1. Main is hard-connected to the router, while the Compaq and
Dell both run DLink wireless cards.

I'd like to thank you very much for guiding me through this; I only hope
that if I have further problems, you'll be the one to pick up on my cry for
help.

Paul

Paul,

Ohoh, another case of the firewall settings mysteriously changing themselves!
And what does the bridge have to do with anything?

Anyway, thanks for the update, and the feedback.

 

[Guest]

Hi, Chuck...if I may, a follow up on the networking issue. Everything is
humming along again; one of the "fixes" I attempted on my own before getting
in touch involved giving the network and the two problem machines new names
-- which didn't solve anything. Now, when I click on My Network Places in
Windows Explorer, several of the paths to shared folders using the old
machine names are still showing up, even though they're now invalid (the same
folder under the new machine is there, so I can just ignore the old ones). Is
there any way to remove the invalid network paths? I could remove all the
shared folders on each machine and then re-share them if that would work. If
you have any thought on that, please let me know -- and thanks again for your
help.

Paul

 

[Chuck]

Hi, Chuck...if I may, a follow up on the networking issue. Everything is
humming along again; one of the "fixes" I attempted on my own before getting
in touch involved giving the network and the two problem machines new names
-- which didn't solve anything. Now, when I click on My Network Places in
Windows Explorer, several of the paths to shared folders using the old
machine names are still showing up, even though they're now invalid (the same
folder under the new machine is there, so I can just ignore the old ones). Is
there any way to remove the invalid network paths? I could remove all the
shared folders on each machine and then re-share them if that would work. If
you have any thought on that, please let me know -- and thanks again for your
help.

Paul

Hi Paul,

So these phantom shortcuts - are they ones that you setup, or are they ones that
the system generated for you? If the former, you will have to delet them
yourself. If the latter, they will expire and disappear - be patient.

 

[Guest]

Hi, Chuck. Not quite sure I understand the difference between what I may have
set up and system-generated. On each of the three computers in the original
net configuration I designated certain folders for sharing and gave them a
network share name. After doing so, these appeared in a browse of My Network
Places without having to navigate all the way through Entire Network >
Microsoft Windows Network > Office (my original network name). That's where
they appear now -- in that "outside" tree without having to navigate further.
Not all of the original folder paths are there; just some.

Is that any help? As I said, not a big problem -- think I should just leave
well enough alone?

Thanks
Paul

 

[Chuck]

Hi, Chuck. Not quite sure I understand the difference between what I may have
set up and system-generated. On each of the three computers in the original
net configuration I designated certain folders for sharing and gave them a
network share name. After doing so, these appeared in a browse of My Network
Places without having to navigate all the way through Entire Network >
Microsoft Windows Network > Office (my original network name). That's where
they appear now -- in that "outside" tree without having to navigate further.
Not all of the original folder paths are there; just some.

Is that any help? As I said, not a big problem -- think I should just leave
well enough alone?

Thanks
Paul

Hi Paul,

OK, those are system (browser) generated shortcuts. That's as opposed to
shortcuts that you might generate yourself.

If the browser generates the shortcuts, it will have to realise that the phantom
resources don't exist, and remove the shortcuts. How long ago did you delete
the folders in question?