new installation of winXPproSP2 (all security patches applied)

existing network:

win2k Advanced Server (file/print server)(all security patches applied)
4 clients win2kproSP4(all security patches applied)

all static addressing on all systems: 192.168.x.x (DHCP disabled)
all set to follow security settings as per Belarc(http://www.belarc.com/free_download.html):

all set to:
LAN Manager Authentication Level: Send NTLMv2 response only\refuse LM & NTLM

all on same network "Name"
all systems use HW firewall/gateway and browse Internet without issue.

the weird aspect of this:

by either browsing the Name network or by \\192.168.x.x both render the same error from XP:

"Name is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. The account is not authorized to log in from this station."

yet the Administrator account has same name on XP system as rest of network, as well as same password.

now, from any other system on the network, client or server, one can browse INTO the (established) share drive on XP as per normal. copy/paste/delete files with impunity.

any ideas what would cause XP to prevent outward browsing yet allow inward browsing?

thanks for input.

any additional bits of info needed to un-twine this, please let me know.

CAH

Is your server a domain controller? Or just stand alone workgroup mode?

To properly connect to NTFS shares on a 2k network you need to turn off simple file sharing in XP. Open windows explorer, click Tools > Folder Options > View tab.. scroll down to last option and uncheck the box for simple file sharing.

Is your server a domain controller? Or just stand alone workgroup mode?

The server is just for work group, file & print sharing.

To properly connect to NTFS shares on a 2k network you need to turn off simple file sharing in XP. Open windows explorer, click Tools > Folder Options > View tab.. scroll down to last option and uncheck the box for simple file sharing.

The Use simple file sharing (Recommended) box was off by default. :confused:

which again, the weird part, all the same systems can see back into the xp box, server and client, it is just the xp box receives the above listed error message. :confused:

Do the workstations log in with a different username and password than the server? Or....do they all log in with the same exact username of Administrator/password?

For peer to peer..go into TCP/IP settings of all...advanced...wins tab..and enable netbios over TCP/IP. Without DNS running the show....this can help browsing a bit.

Make sure file and print sharing is set in the exceptions of the XP machines firewall.

The "share" on the server....is it a folder or second partition? What permissions are set on the share? To what/who?

Thank you kindly for continued assistance with this weird issue :thumb:

Do the workstations log in with a different username and password than the server? Or....do they all log in with the same exact username of Administrator/password?

All users have established accounts on server (for the allowance of F&Pshare)
(renamed)Administrator= same name/pw on all systems.
users log on with their own username/pw to any system.

For peer to peer..go into TCP/IP settings of all...advanced...wins tab..and enable netbios over TCP/IP. Without DNS running the show....this can help browsing a bit.

Enabling NetBIOS over TCP/IP has had no effect, same error as 1st post.

Make sure file and print sharing is set in the exceptions of the XP machines firewall.

WinXP firewall disabled as well as service for the same.
I use Jetico firewall on all my PCs.


The "share" on the server....is it a folder or second partition? What permissions are set on the share? To what/who?


as far as the server is concerned, I can not even get to the initial shares.
just typing \\192.168.x.x into explorer address field generates above error.

permissions are listing just users of network and admin group.
Admin permissions are both Full Control for both Share Permissions and Security.
Everyone user/group has been removed.


=========

here is a list of the services on this system; these same lists populate the win2k systems as well, however they work....

Startup Types:
Disabled, "M" Manual, "A" Automatic (it is my endeavor to keep all my systems streamlined with minimal crap in memory and to improve security)

Disabled- Alerter Service
Disabled- Application Layer Gateway Service
M- Application Management Service
Disabled- Automatic Updates Service
Disabled- Background Intelligent Transfer Service
Disabled- ClipBook Service
Disabled- COM+ Event System Service
Disabled- COM+ System Application Service
A- Computer Browser Service
M- Cryptographic Services Service
A- DCOM Server Process Launcher
Disabled- DHCP Client Service
A- Distributed Link Tracking Client Service
M- Distributed Transaction Coordinator Service
Disabled- DNS Client Service
Disabled- Error Reporting Service
A- Event Log Service
Disabled- Fast User Switching Compatibility Service
Disabled- Help and Support Service
Disabled- HID Input Service
M- HTTP SSL
M- IMAPI CD-Burning COM Service
M- Indexing Service
Disabled- Internet Connection - Firewall (ICF) / Sharing (ICS) Service
Disabled- IPSEC Services Service
Disabled- Logical Disk Manager Service
Disabled- Logical Disk Manager Administrative Service
Disabled- Machine Debug Manager Service
Disabled- Messenger Service
Disabled- MS Software Shadow Copy Provider Service
A- Net Logon Service
Disabled- NetMeeting Remote Desktop Sharing Service
A- Network Connections Service
Disabled- Network DDE Service
Disabled- Network DDE DSDM Service
Disabled- Network Location Awareness (NLA) Service
Disabled- Network Provisioning Service
Disabled- NT LM Security Support Provider Service
M- Performance Logs and Alerts Service
A- Plug and Play Service
Disabled- Portable Media Serial Number Service
A- Print Spooler Service
Disabled- Protected Storage Service
Disabled- QoS RSVP Service
Disabled- Remote Access Auto Connection Manager Service
Disabled- Remote Access Connection Manager Service
Disabled- Remote Desktop Help Session Manager Service
A- Remote Procedure Call (RPC) Service
Disabled- Remote Procedure Call (RPC) Locator Service
Disabled- Remote Registry Service
Disabled- Removable Storage Service
A- Routing and Remote Access Service
A- Secondary Logon Service
A- Security Accounts Manager Service
A- Security Center
A- Server Service
Disabled- Shell Hardware Detection Service
Disabled- Smart Card Service
Disabled- SSDP Discovery Service
Disabled- System Event Notification Service
Disabled- System Restore Service
Disabled- Task Scheduler Service
A- TCP/IP NetBIOS Helper Service
Disabled- Telephony Service
Disabled- Telnet Service
Disabled- Terminal Services Service
Disabled- Themes Service
Disabled- Uninterruptible Power Supply Service
Disabled- Universal Plug and Play Device Host Service
Disabled- Volume Shadow Copy Service
Disabled- WebClient Service
A- Windows Audio Service
Disabled- Windows Firewall/Internet Connection Sharing (ICS)
Disabled- Windows Image Acquisition (WIA) Service
M- Windows Installer Service
A- Windows Management Instrumentation Service
M- Windows Management Instrumentation Driver Extensions
Disabled- Windows Time Service
Disabled- Wireless Zero Configuration Service
Disabled- WMI Performance Adapter Service
A- Workstation Service

On the server...what is shared....a folder...or an entire partition? If an entire partition..this isn't including the "C" drive, is it?

Do you have a comparison of default services settings? IMO...I'd not be surprised a lot of stuff doesn't work..a little too aggressive in killing services IMO for a F&P server. Looks more like the list of killed services I'd have for an online public gaming server.

Normally with shares on a server...on the share level..it's set to "Everyone" with full rights. On the security/NTFS level..that's where you trim down who has access....I do administrator, system, and whichever users/groups I wish to allow.

On the server...what is shared....a folder...or an entire partition? If an entire partition..this isn't including the "C" drive, is it?

the server has both the partition and specific folders shared.
to which again, the 5 other win2kpro systems browse network jsut fine.
the winXP box does not.

Do you have a comparison of default services settings? IMO...I'd not be surprised a lot of stuff doesn't work..a little too aggressive in killing services IMO for a F&P server. Looks more like the list of killed services I'd have for an online public gaming server.

the services for winxp match those disabled on the win2k systems.
for the most part, the win2k server has everything on.


Normally with shares on a server...on the share level..it's set to "Everyone" with full rights. On the security/NTFS level..that's where you trim down who has access....I do administrator, system, and whichever users/groups I wish to allow.



indeed, exactly as is how the F&P server is set.

to reiterate:

all win2k systems can browse network with no problem

the single winXP system can not even see shares.
the error received is this:

"Network_Name is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. The account is not authorized to log in from this station."


i can ping the F&P server all day long, and this system can get online through gateway also with no problem.:confused: