Another XP SP2 Issue

Archived from groups: microsoft.public.win2000.dns (More info?)

Here is just another reason not to install SP2!

A customer was required to upgrade her W2K network to XP by the government
network that she was connected to. Her's is a small network (5 workstations)
that does justify installing a server. I ordered 3 new machines that came with
XP SP2, and I upgraded one of the other machines by installing a second hard
disk and retaining all her data on the original disk. After she was satisfied
that she had all of her old data transferred to the new disk, then I wiped the
old disk and installed it in the last computer. After I installed XP on the
last machine, none of the computers could browse the network.

According to MS article 188001, the Browser function that existed on all
Windows operating systems up to and including W2K has been replaced by Active
Directory. So according to this article, an all XP network has to run Active
Directory to get browser service.

Well, such is not the case. I installed another all XP network earlier, and it
browses just fine. The difference is that the ealier network only has SP1
installed.

Nice going Microsoft! Just another way to squeeze more money out of your
customers.

J.A. Coutts
23 answers Last reply
More about another issue
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    Actually there are 2 things going on that you should now about.

    1) There is a new and improved firewall in SP2 for XP. This baby is on by
    default.
    2) The Computer Browser service can't start when the firewall is on unless
    some exceptions are made in the firewall.

    So before you go slamming Microsoft that peer-to-peer network is not
    existent, you might want to verify your facts first since SP2 is about
    reducing the attack surface of Windows. (and yes, the price we pay for
    security means knowing what to turn back on.)

    "John Coutts" <administrator@spam.yellowhead.com> wrote in message
    news:11085inthidb403@corp.supernews.com...
    > Here is just another reason not to install SP2!
    >
    > A customer was required to upgrade her W2K network to XP by the government
    > network that she was connected to. Her's is a small network (5
    > workstations)
    > that does justify installing a server. I ordered 3 new machines that came
    > with
    > XP SP2, and I upgraded one of the other machines by installing a second
    > hard
    > disk and retaining all her data on the original disk. After she was
    > satisfied
    > that she had all of her old data transferred to the new disk, then I wiped
    > the
    > old disk and installed it in the last computer. After I installed XP on
    > the
    > last machine, none of the computers could browse the network.
    >
    > According to MS article 188001, the Browser function that existed on all
    > Windows operating systems up to and including W2K has been replaced by
    > Active
    > Directory. So according to this article, an all XP network has to run
    > Active
    > Directory to get browser service.
    >
    > Well, such is not the case. I installed another all XP network earlier,
    > and it
    > browses just fine. The difference is that the ealier network only has SP1
    > installed.
    >
    > Nice going Microsoft! Just another way to squeeze more money out of your
    > customers.
    >
    > J.A. Coutts
    >
  2. Archived from groups: microsoft.public.win2000.dns (More info?)

    In article <eqRmQ2xCFHA.2072@TK2MSFTNGP10.phx.gbl>, neo@online.mvps.org says...
    >
    >Actually there are 2 things going on that you should now about.
    >
    >1) There is a new and improved firewall in SP2 for XP. This baby is on by
    >default.
    >2) The Computer Browser service can't start when the firewall is on unless
    >some exceptions are made in the firewall.
    >
    ***************** REPLY SEPARATER *******************
    Sorry, but one of the first things I did was disable that firewall (along with
    that ridiculous Security Center service), because the network has a far better
    firewall at the perimeter. The Computer Browser service is running on all the
    machines, and I even went so far as to change the registry setting for the
    Browser from Auto to Yes. I can still map network drives, but I can't browse
    the network to make that selection. This is no problem for me, but the average
    user doesn't even understand the diffierence between network name and login
    name. I am advising all my customers to leave at least one older operating
    system connected to their network to provide the browser service.

    J.A. Coutts
  3. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:1109smajdpdff5e@corp.supernews.com,
    John Coutts <administrator@spam.yellowhead.com> made a post then I commented
    below
    > ***************** REPLY SEPARATER *******************
    > Sorry, but one of the first things I did was disable that firewall
    > (along with that ridiculous Security Center service), because the
    > network has a far better firewall at the perimeter. The Computer
    > Browser service is running on all the machines, and I even went so
    > far as to change the registry setting for the Browser from Auto to
    > Yes. I can still map network drives, but I can't browse the network
    > to make that selection. This is no problem for me, but the average
    > user doesn't even understand the diffierence between network name and
    > login name. I am advising all my customers to leave at least one
    > older operating system connected to their network to provide the
    > browser service.
    >
    > J.A. Coutts


    It's interesting how certain parties are having trouble with SP2, but yet,
    I've installed it on all my clients' machines with no problems. All I did
    was turn off the firewall and it works like a charm.

    Maybe you may have to detune your security policy settings since these
    machines are in a workgroup: The tile of the article is deceiving, but it
    works. I needed to do it to allow two XP machine to access each other, as
    well as a DOS client to access it (for Ghosting).

    555038 - How to enable Windows 98-ME-NT clients to logon to Windows 2003
    based Domains:
    http://support.microsoft.com/?id=555038

    Ace
  4. Archived from groups: microsoft.public.win2000.dns (More info?)

    In article <uKa8aN6CFHA.444@TK2MSFTNGP15.phx.gbl>, you say...
    >
    >It's interesting how certain parties are having trouble with SP2, but yet,
    >I've installed it on all my clients' machines with no problems. All I did
    >was turn off the firewall and it works like a charm.
    >
    >Maybe you may have to detune your security policy settings since these
    >machines are in a workgroup: The tile of the article is deceiving, but it
    >works. I needed to do it to allow two XP machine to access each other, as
    >well as a DOS client to access it (for Ghosting).
    >
    >555038 - How to enable Windows 98-ME-NT clients to logon to Windows 2003
    >based Domains:
    >http://support.microsoft.com/?id=555038
    >
    >Ace
    ******************** REPLY SEPARATER ***********************
    There's the key Ace. You left at least one older operating system connected to
    the network to act as the Master Browser. It appears that XP/SP2 will find and
    use a browser list on the network, but will not act as the Master Browser. I
    have not had a problem with XP browsing a network until now. With all XP/SP2
    machines on the network, none will browse. Add one W2K machine, and all of them
    will browse. I tried using the LMHOSTS file, but to no avail.

    J.A. Coutts
  5. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:110cc9hpp8hlkdd@corp.supernews.com,
    John Coutts <administrator@spam.yellowhead.com> made a post then I commented
    below

    > ******************** REPLY SEPARATER ***********************
    > There's the key Ace. You left at least one older operating system
    > connected to the network to act as the Master Browser. It appears
    > that XP/SP2 will find and use a browser list on the network, but will
    > not act as the Master Browser. I have not had a problem with XP
    > browsing a network until now. With all XP/SP2 machines on the
    > network, none will browse. Add one W2K machine, and all of them will
    > browse. I tried using the LMHOSTS file, but to no avail.
    >
    > J.A. Coutts


    Interesting. I have not seen this issue yet, nor have I tested it. I can
    tell you that at my home, I have all XP Pro SP2 machines (no other OSs), and
    I do not have a DC running. I can browse everyone just fine. The DOS OS is
    just a bootable floppy when I want to Ghost a machine and is not running all
    the time. But I did have a problem connecting from the floppy boot (using a
    net use) to XP, but once I changed the two "Microsoft: Server always
    sign...(required)" settings in the local policy to disabled, then I was able
    to connect.

    Have you tried to change those settings? Maybe (just maybe), the browser
    service is not accepting broadcasts from anything because of SP2? And you're
    saying forcing one of them to be a Master is not working?

    Ace
  6. Archived from groups: microsoft.public.win2000.dns (More info?)

    I have noticed when i have a workgroup with static IP-adresses and no
    DHCP-servers i have to turn on "NETBios over Tcp/Ip" instead of using the
    default settings under Tcp/Ip configuration, advanced and "Wins" tab. Just a
    shot in the dark... it solved my problem....

    Good luck

    Jon L.


    "Ace Fekay [MVP]"
    <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> skrev i melding
    news:OO5lnEODFHA.3688@TK2MSFTNGP14.phx.gbl...
    > In news:110cc9hpp8hlkdd@corp.supernews.com,
    > John Coutts <administrator@spam.yellowhead.com> made a post then I
    > commented below
    >
    >> ******************** REPLY SEPARATER ***********************
    >> There's the key Ace. You left at least one older operating system
    >> connected to the network to act as the Master Browser. It appears
    >> that XP/SP2 will find and use a browser list on the network, but will
    >> not act as the Master Browser. I have not had a problem with XP
    >> browsing a network until now. With all XP/SP2 machines on the
    >> network, none will browse. Add one W2K machine, and all of them will
    >> browse. I tried using the LMHOSTS file, but to no avail.
    >>
    >> J.A. Coutts
    >
    >
    > Interesting. I have not seen this issue yet, nor have I tested it. I can
    > tell you that at my home, I have all XP Pro SP2 machines (no other OSs),
    > and I do not have a DC running. I can browse everyone just fine. The DOS
    > OS is just a bootable floppy when I want to Ghost a machine and is not
    > running all the time. But I did have a problem connecting from the floppy
    > boot (using a net use) to XP, but once I changed the two "Microsoft:
    > Server always sign...(required)" settings in the local policy to disabled,
    > then I was able to connect.
    >
    > Have you tried to change those settings? Maybe (just maybe), the browser
    > service is not accepting broadcasts from anything because of SP2? And
    > you're saying forcing one of them to be a Master is not working?
    >
    > Ace
    >
  7. Archived from groups: microsoft.public.win2000.dns (More info?)

    Here is another odd thing that I have noticed with SP2. Even though the
    Computer Browser service is set to "Automatic", it does not get started until
    the first successful netbios access. On my own SP1 Home machine, I have this
    service disabled and it still browses an older network. What does this service
    really do?

    J.A. Coutts
    *************** REPLY SEPARATER ***************
    In article <#WG3DqRDFHA.1564@TK2MSFTNGP09.phx.gbl>, jl@it-as.no says...
    >
    >I have noticed when i have a workgroup with static IP-adresses and no
    >DHCP-servers i have to turn on "NETBios over Tcp/Ip" instead of using the
    >default settings under Tcp/Ip configuration, advanced and "Wins" tab. Just a
    >shot in the dark... it solved my problem....
    >
    >Good luck
    >
    >Jon L.
    >
    >
    >"Ace Fekay [MVP]"
    ><PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> skrev i melding
    >news:OO5lnEODFHA.3688@TK2MSFTNGP14.phx.gbl...
    >> In news:110cc9hpp8hlkdd@corp.supernews.com,
    >> John Coutts <administrator@spam.yellowhead.com> made a post then I
    >> commented below
    >>
    >>> ******************** REPLY SEPARATER ***********************
    >>> There's the key Ace. You left at least one older operating system
    >>> connected to the network to act as the Master Browser. It appears
    >>> that XP/SP2 will find and use a browser list on the network, but will
    >>> not act as the Master Browser. I have not had a problem with XP
    >>> browsing a network until now. With all XP/SP2 machines on the
    >>> network, none will browse. Add one W2K machine, and all of them will
    >>> browse. I tried using the LMHOSTS file, but to no avail.
    >>>
    >>> J.A. Coutts
    >>
    >>
    >> Interesting. I have not seen this issue yet, nor have I tested it. I can
    >> tell you that at my home, I have all XP Pro SP2 machines (no other OSs),
    >> and I do not have a DC running. I can browse everyone just fine. The DOS
    >> OS is just a bootable floppy when I want to Ghost a machine and is not
    >> running all the time. But I did have a problem connecting from the floppy
    >> boot (using a net use) to XP, but once I changed the two "Microsoft:
    >> Server always sign...(required)" settings in the local policy to disabled,
    >> then I was able to connect.
    >>
    >> Have you tried to change those settings? Maybe (just maybe), the browser
    >> service is not accepting broadcasts from anything because of SP2? And
    >> you're saying forcing one of them to be a Master is not working?
    >>
    >> Ace
    >>
    >
    >
  8. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:110f11ocdvef114@corp.supernews.com,
    John Coutts <administrator@spam.yellowhead.com> commented
    Then Kevin replied below:
    > Here is another odd thing that I have noticed with SP2.
    > Even though the Computer Browser service is set to
    > "Automatic", it does not get started until the first
    > successful netbios access. On my own SP1 Home machine, I
    > have this service disabled and it still browses an older
    > network. What does this service really do?

    As long as there is at least one machine on the network with the computer
    browser service running to act as Browse master, that is all you need. The
    browser need not be running on all machines, only one.
    In a domain the PDC or PDC emulator will force itself to be the browse
    master.


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
  9. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:110f11ocdvef114@corp.supernews.com,
    John Coutts <administrator@spam.yellowhead.com> made a post then I commented
    below
    > Here is another odd thing that I have noticed with SP2. Even though
    > the Computer Browser service is set to "Automatic", it does not get
    > started until the first successful netbios access. On my own SP1 Home
    > machine, I have this service disabled and it still browses an older
    > network. What does this service really do?
    >
    > J.A. Coutts

    Have you tried to disable those settings yet?

    Ace
  10. Archived from groups: microsoft.public.win2000.dns (More info?)

    In article <OGs369ZDFHA.3120@TK2MSFTNGP15.phx.gbl>,
    PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com says...
    >
    >In news:110f11ocdvef114@corp.supernews.com,
    >John Coutts <administrator@spam.yellowhead.com> made a post then I commented
    >below
    >> Here is another odd thing that I have noticed with SP2. Even though
    >> the Computer Browser service is set to "Automatic", it does not get
    >> started until the first successful netbios access. On my own SP1 Home
    >> machine, I have this service disabled and it still browses an older
    >> network. What does this service really do?
    >>
    >> J.A. Coutts
    >
    >Have you tried to disable those settings yet?
    >
    >Ace
    ******************* REPLY SEPARATER *******************
    I tried running the the Browstat utility, but it simple tells me what I already
    know; there is no master browser on the network. XP SP2 will simply not provide
    master browser service, and if there is no machine on the network prepared to
    take on the task, you won't be able to browse the network

    J.A. Coutts
  11. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:110hkfti55su379@corp.supernews.com,
    John Coutts <administrator@spam.yellowhead.com> commented
    Then Kevin replied below:
    > I tried running the the Browstat utility, but it simple
    > tells me what I already know; there is no master browser
    > on the network. XP SP2 will simply not provide master
    > browser service, and if there is no machine on the
    > network prepared to take on the task, you won't be able
    > to browse the network
    >
    > J.A. Coutts

    Have you tried checking the properties of File Sharing in the Windows
    firewall exceptions list to see what ports are allowed?
    It should be TCP 139 Any, TCP 445 Any, UDP 137 Any, and UDP 138 Any.

    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
  12. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:110hkfti55su379@corp.supernews.com,
    John Coutts <administrator@spam.yellowhead.com> made a post then I commented
    below

    >>
    >> Have you tried to disable those settings yet?
    >>
    >> Ace
    > ******************* REPLY SEPARATER *******************
    > I tried running the the Browstat utility, but it simple tells me what
    > I already know; there is no master browser on the network. XP SP2
    > will simply not provide master browser service, and if there is no
    > machine on the network prepared to take on the task, you won't be
    > able to browse the network
    >
    > J.A. Coutts

    I see, so of course that won't work.

    But I was asking about the SMB settings. Please try them. As I explained
    earlier, they work for me between machines in a workgroup (or between DOS
    and XP or W2003 machines) and toggle them back and forth all day long.

    Back to the reg entries, did you also set IsDomainMaster = "True" on one
    (only one) of the XP machines?
    If you did or haven't tried it, please do so. Did that help?
    Here are the settings...
    =================================
    Changes on the Server:
    [HKEY_LOCAL_MACHINE \System \CurrentControlSet \Services \Browser
    \Parameters]

    MaintainServerList = "Yes"
    IsDomainMaster = "True"

    MaintainServerList controls if it should participate in the election at all.
    The IsDomainMaster gives the computer a higher priority in the election.

    Note to discover/detect the current master browser on the network use the
    reskit tools browmon or browstat.

    Changes at the workstation: (see registry location above)
    MaintainServerList = "No"
    IsDomainMaster = "False"
    =================================


    Also, have you tried Browcon:?
    http://support.microsoft.com/default.aspx?scid=kb;en-us;818092

    Ace
  13. Archived from groups: microsoft.public.win2000.dns (More info?)

    In article <exWNXCmDFHA.512@TK2MSFTNGP15.phx.gbl>,
    PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com says...
    >
    >I see, so of course that won't work.
    >
    >But I was asking about the SMB settings. Please try them. As I explained
    >earlier, they work for me between machines in a workgroup (or between DOS
    >and XP or W2003 machines) and toggle them back and forth all day long.
    >
    >Back to the reg entries, did you also set IsDomainMaster = "True" on one
    >(only one) of the XP machines?
    >If you did or haven't tried it, please do so. Did that help?
    >Here are the settings...
    >=================================
    >Changes on the Server:
    >[HKEY_LOCAL_MACHINE \System \CurrentControlSet \Services \Browser
    >\Parameters]
    >
    >MaintainServerList = "Yes"
    >IsDomainMaster = "True"
    >
    >MaintainServerList controls if it should participate in the election at all.
    >The IsDomainMaster gives the computer a higher priority in the election.
    >
    >Note to discover/detect the current master browser on the network use the
    >reskit tools browmon or browstat.
    >
    >Changes at the workstation: (see registry location above)
    >MaintainServerList = "No"
    >IsDomainMaster = "False"
    >=================================
    **************** REPLY SEPARATER ******************
    Already tried that. No effect.
    ***************************************************
    >
    >Also, have you tried Browcon:?
    >http://support.microsoft.com/default.aspx?scid=kb;en-us;818092
    >
    >Ace
    >
    ***************** REPLY SEPARATER *****************
    I will take a look at it.
    ***************************************************
  14. Archived from groups: microsoft.public.win2000.dns (More info?)

    In article <#IJH1zfDFHA.1836@tk2msftngp13.phx.gbl>, admin@nospam.WFTX.US
    says...
    >
    >Have you tried checking the properties of File Sharing in the Windows
    >firewall exceptions list to see what ports are allowed?
    >It should be TCP 139 Any, TCP 445 Any, UDP 137 Any, and UDP 138 Any.
    >
    >--
    >Best regards,
    >Kevin D4 Dad Goodknecht Sr. [MVP]
    ************ REPLY SEPARATER *************
    Firewall service is disabled. Correct me if I am wrong, but isn't port 445
    supposed to be used for Smb only if netbios on ports 137 to 139 is not enabled.
  15. Archived from groups: microsoft.public.win2000.dns (More info?)

    In article <exWNXCmDFHA.512@TK2MSFTNGP15.phx.gbl>,
    PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com says...
    >I see, so of course that won't work.
    >
    >But I was asking about the SMB settings. Please try them. As I explained
    >earlier, they work for me between machines in a workgroup (or between DOS
    >and XP or W2003 machines) and toggle them back and forth all day long.
    >
    >Back to the reg entries, did you also set IsDomainMaster = "True" on one
    >(only one) of the XP machines?
    >If you did or haven't tried it, please do so. Did that help?
    >Here are the settings...
    >=================================
    >Changes on the Server:
    >[HKEY_LOCAL_MACHINE \System \CurrentControlSet \Services \Browser
    >\Parameters]
    >
    >MaintainServerList = "Yes"
    >IsDomainMaster = "True"
    >
    >MaintainServerList controls if it should participate in the election at all.
    >The IsDomainMaster gives the computer a higher priority in the election.
    >
    >Note to discover/detect the current master browser on the network use the
    >reskit tools browmon or browstat.
    >
    >Changes at the workstation: (see registry location above)
    >MaintainServerList = "No"
    >IsDomainMaster = "False"
    >=================================
    >
    ****************** REPLY SEPARATER ******************
    I usually disable port 445 because a hacker managed to infiltrate this
    particular network using port 445 from the private network (these machines are
    connected to the public network behind a NAT router and to a private government
    network with no local firewall). To make sure that the function of port 445 had
    not changed (secondary SMB), I enabled it on all machines. I then changed the
    browser settings on one machine to:
    IsDomainMaster = "TRUE"
    MaintainServerList = "Yes"

    and left the rest at the default of:
    IsDomainMaster = "FALSE"
    MaintainServerList = "Auto"

    Still no Master Browser service on the network.

    J.A. Coutts
  16. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:110mslcsa26jr9b@corp.supernews.com,
    John Coutts <administrator@spam.yellowhead.com> made a post then I commented
    below

    > Firewall service is disabled. Correct me if I am wrong, but isn't
    > port 445 supposed to be used for Smb only if netbios on ports 137 to
    > 139 is not enabled.

    XP should default to SMB, then NetBIOS in that order.
  17. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:110n1s4iqsd6744@corp.supernews.com,
    John Coutts <administrator@spam.yellowhead.com> made a post then I commented
    below
    > ****************** REPLY SEPARATER ******************
    > I usually disable port 445 because a hacker managed to infiltrate this
    > particular network using port 445 from the private network (these
    > machines are connected to the public network behind a NAT router and
    > to a private government network with no local firewall). To make sure
    > that the function of port 445 had not changed (secondary SMB), I
    > enabled it on all machines. I then changed the browser settings on
    > one machine to:
    > IsDomainMaster = "TRUE"
    > MaintainServerList = "Yes"
    >
    > and left the rest at the default of:
    > IsDomainMaster = "FALSE"
    > MaintainServerList = "Auto"
    >
    > Still no Master Browser service on the network.
    >
    > J.A. Coutts

    Hmm, unfortunate. We'll get to the bottom of this (hopefully). I forget now
    if I had asked you (the thread is getting long...) if the firewall is
    enabled on all machines, and if so, have you made an exception Rule to allow
    F&P Services (assuming the Browser service is running)? GBrowser service is
    dependent on F&P.

    Ace
  18. Archived from groups: microsoft.public.win2000.dns (More info?)

    In article <ub23pqhEFHA.3032@TK2MSFTNGP12.phx.gbl>,
    PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com says...
    >
    >Hmm, unfortunate. We'll get to the bottom of this (hopefully). I forget now
    >if I had asked you (the thread is getting long...) if the firewall is
    >enabled on all machines, and if so, have you made an exception Rule to allow
    >F&P Services (assuming the Browser service is running)? GBrowser service is
    >dependent on F&P.
    >
    >Ace
    >
    *************** REPLY SEPARATER ****************
    No Firewall on any machine. Firewall is at the network perimeter.
  19. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:1111fo7d9j3mlea@corp.supernews.com,
    John Coutts <administrator@spam.yellowhead.com> made a post then I commented
    below
    > *************** REPLY SEPARATER ****************
    > No Firewall on any machine. Firewall is at the network perimeter.

    Interesting... the plot thickens.

    I found this and was playing around with it a bit:
    http://www.michna.com/kb/wxnet.htm

    Here are some things I found that we should look at a little more closely or
    at least confirm. I apologize if these seem to rudimentary, or that you may
    have already gone over them. I think we both know and agree your current
    setup should just work out of the box. Agreed? So there's something
    hindering the service from operating on that one machine, or all of them
    (for whatever reason). Also, most of the links I've found researching this
    all point to the firewall service, but since you have it disabled on all
    machines, I've been discarding those hits.
    1.. Check all NetBIOS names for possible duplicates. For example, if the
    workgroup name coincides with a user or computer name, this could cause the
    problem. Try opening a command line window and issuing the command: net view
    2.. Issue the command: net view \\computername, where computername should
    be replaced with one of the names displayed with the simple net view
    command. Check all names for possible duplication.
    3.. Disable, better yet uninstall or upgrade, all antivirus software and
    third party firewalls. Check to see if they perform network montoring.
    4.. Rid the computer of adware and spyware.
    5.. Repair the Winsock with the command: netsh winsock reset (This removes
    all third party Layered Service Providers-LSPs.
    6.. Computers running older operating systems than Windows XP may disturb
    the computer browser system. If there are any devices on the network that is
    capable of interfering, let's stop them as well.
    7.. Make sure that the TCP/IP NetBIOS Helper service is running and has
    the proper start type.
    8.. Make sure MS Client & File and Print Sharing is enabled.
    9.. Uninstall third party client software that can interfere with the
    networking settings. Such software could have come with network adapters or
    with a router.
    10.. Force it to use NetBIOS over TCP/IP under NIC properties, IP
    Properties, Advanced, WINS tab.
    11.. I remember mentioning browcon.exe, but you didn't post any results or
    if you have tried it, and assume you have already done so without the
    desired results.
    12.. Let's also take a look at browstat. It will show you if browsing is
    enabled on the network and who the master browser is. You can download
    Browstat from http://www.dynawell.com/reskit/microsoft/win2000/browstat.zip
    or http://rescomp.stanford.edu/staff/manual/rcc/tools/browstat.zip. Here is
    a link from Microsoft on it's use: http://support.microsoft.com/?kbid=188305


    Here's another interesting thing I found as well:

    *Begin procedure:
    ===================================
    You have both the following symptoms:
    a.. You can ping the computer by IP and by name.
    b.. When you type on another computer, replacing computername with the
    name of the inaccessible computer:
    net view \\computername

    you get one of the various "Error 5" error messages, like "System error 5
    has occurred. Access is denied" or "Error 5: You do not currently have
    access to this file. ..."

    This is in some cases caused by a registry setting named RestrictAnonymous.
    Go to the computer which you cannot access, start a registry editor and
    change the following registry value.

    HKEY_LOCAL_MACHINE
    \SYSTEM
    \CurrentControlSet
    \Control
    \Lsa
    Value name: RestrictAnonymous
    Value type: DWORD

    If the value is 1 or even 2, change it to 0, reboot and retest. If the
    problem is solved, leave the value at zero. If not, you can change it back
    if you like.

    *End of procedure.

    ===================================


    Another interesting one:

    *Begin procedure:

    ===================================

    Another related and surprisingly frequent problem beside disabled NetBIOS
    over TCP/IP is the setting of an unsuitable node type for Windows networks
    (which use NetBIOS). If you don't see other computers in Network
    Neighborhood or My Network Places, then this computer may have the wrong
    node type. If you get error messages when you try to access another
    computer, then you may have to walk over to that other computer and perform
    the following steps there.

    First check the node type by opening a command line window and typing the
    command

    ipconfig /all

    This command reports the node type, among other information. It should be
    Hybrid or Unknown, but not Point-to-Point (p-node, actually a mistaken
    interpretation of Peer-to-Peer), because that would work only when a WINS
    server is present.

    If the node type is P-t-P, you can use regedit.exe to go to

    HKEY_LOCAL_MACHINE
    \System
    \CurrentControlSet
    \Services
    \Netbt
    \Parameters

    and delete any of the two values NodeType and DhcpNodeType if they exist,
    forcing Windows to fall back to its default node type, which should be
    Hybrid. Reboot.

    More details can be found in the following Microsoft Knowledge Base
    article.

    Default Node Type for Microsoft Clients
    http://support.microsoft.com/?kbid=160177

    *End procedure

    ===================================


    Well, that's about it for right now. Other than this, I'm not sure what is
    going on. Like I said, it should just work out-of-the-box.

    Let me know what you find with the above information.

    Thanks

    Ace
  20. Archived from groups: microsoft.public.win2000.dns (More info?)

    In article <Ou1NrPxEFHA.4004@tk2msftngp13.phx.gbl>,
    PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com says...
    *********** SEPARATER *************
    I will deal with these questions one at a time, but you will get a complete
    picture when I describe the network.
    WorkGroup: YELREG
    User1: YELREG1
    User2: YELREG2
    User3: YELREG3
    User4: YELREGMAN
    User5: YELREGJES
    There is another cut down W2K machine used for imaging that does not appear to
    use netbios on the network and is not accessible (government machine). All the
    rest are XP Pro SP2. All machines can connect explicitly with one another;
    they just can't browse. All I have to do is connect one W2K machine to the
    network and all machines can browse. I maintain another all XP network and it
    has no problem browsing. But they are all SP1 and this one is all SP2.
    ***********************************
    >Interesting... the plot thickens.
    >
    >I found this and was playing around with it a bit:
    >http://www.michna.com/kb/wxnet.htm
    >
    >Here are some things I found that we should look at a little more closely or
    >at least confirm. I apologize if these seem to rudimentary, or that you may
    >have already gone over them. I think we both know and agree your current
    >setup should just work out of the box. Agreed? So there's something
    >hindering the service from operating on that one machine, or all of them
    >(for whatever reason). Also, most of the links I've found researching this
    >all point to the firewall service, but since you have it disabled on all
    >machines, I've been discarding those hits.
    > 1.. Check all NetBIOS names for possible duplicates. For example, if the
    >workgroup name coincides with a user or computer name, this could cause the
    >problem. Try opening a command line window and issuing the command: net view
    *********** SEPARATER *************
    Net view responds with System Error 6118
    ***********************************
    > 2.. Issue the command: net view \\computername, where computername should
    >be replaced with one of the names displayed with the simple net view
    >command. Check all names for possible duplication.
    *********** SEPARATER *************
    No problem. Shows resources on other machine.
    ***********************************
    > 3.. Disable, better yet uninstall or upgrade, all antivirus software and
    >third party firewalls. Check to see if they perform network montoring.
    *********** SEPARATER *************
    No firewall. AVG antivirus with no network monitoring.
    ***********************************
    > 4.. Rid the computer of adware and spyware.
    *********** SEPARATER *************
    None present. Relatively new setups.
    ***********************************
    > 5.. Repair the Winsock with the command: netsh winsock reset (This removes
    >all third party Layered Service Providers-LSPs.
    *********** SEPARATER *************
    Done
    ***********************************
    > 6.. Computers running older operating systems than Windows XP may disturb
    >the computer browser system. If there are any devices on the network that is
    >capable of interfering, let's stop them as well.
    *********** SEPARATER *************
    All XP Pro SP2, except one as noted above.
    ***********************************
    > 7.. Make sure that the TCP/IP NetBIOS Helper service is running and has
    >the proper start type.
    *********** SEPARATER *************
    Service enabled on Manual startup.
    ***********************************
    > 8.. Make sure MS Client & File and Print Sharing is enabled.
    *********** SEPARATER *************
    Enabled
    ***********************************
    > 9.. Uninstall third party client software that can interfere with the
    >networking settings. Such software could have come with network adapters or
    >with a router.
    *********** SEPARATER *************
    None present.
    ***********************************
    > 10.. Force it to use NetBIOS over TCP/IP under NIC properties, IP
    >Properties, Advanced, WINS tab.
    *********** SEPARATER *************
    Done. Was on default using fixed IP address.
    ***********************************
    > 11.. I remember mentioning browcon.exe, but you didn't post any results or
    >if you have tried it, and assume you have already done so without the
    >desired results.
    *********** SEPARATER *************
    I did not try Browcon because the article said that it was only applicable to
    Server 2003. This network is all XP.
    ***********************************
    > 12.. Let's also take a look at browstat. It will show you if browsing is
    >enabled on the network and who the master browser is. You can download
    >Browstat from http://www.dynawell.com/reskit/microsoft/win2000/browstat.zip
    >or http://rescomp.stanford.edu/staff/manual/rcc/tools/browstat.zip. Here is
    >a link from Microsoft on it's use: http://support.microsoft.com/?kbid=188305
    *********** SEPARATER *************
    Browstat status returns:
    Browsing not active on domain.
    Master Browser cannot be determined for GetAdapterStatus
    ***********************************
    >Here's another interesting thing I found as well:
    >
    >*Begin procedure:
    >===================================
    >You have both the following symptoms:
    > a.. You can ping the computer by IP and by name.
    *********** SEPARATER *************
    Yes
    ***********************************
    > b.. When you type on another computer, replacing computername with the
    >name of the inaccessible computer:
    > net view \\computername
    > you get one of the various "Error 5" error messages, like "System error 5
    >has occurred. Access is denied" or "Error 5: You do not currently have
    >access to this file. ..."
    *********** SEPARATER *************
    Shows resources available on that particular machine. No errors.
    ***********************************
    >This is in some cases caused by a registry setting named RestrictAnonymous.
    >Go to the computer which you cannot access, start a registry editor and
    >change the following registry value.
    >
    > HKEY_LOCAL_MACHINE
    > \SYSTEM
    > \CurrentControlSet
    > \Control
    > \Lsa
    > Value name: RestrictAnonymous
    > Value type: DWORD
    *********** SEPARATER *************
    DWORD value is 0
    ***********************************
    >If the value is 1 or even 2, change it to 0, reboot and retest. If the
    >problem is solved, leave the value at zero. If not, you can change it back
    >if you like.
    >
    >*End of procedure.
    >
    >===================================
    >
    >Another interesting one:
    >
    >*Begin procedure:
    >
    >===================================
    >
    >Another related and surprisingly frequent problem beside disabled NetBIOS
    >over TCP/IP is the setting of an unsuitable node type for Windows networks
    >(which use NetBIOS). If you don't see other computers in Network
    >Neighborhood or My Network Places, then this computer may have the wrong
    >node type. If you get error messages when you try to access another
    >computer, then you may have to walk over to that other computer and perform
    >the following steps there.
    >
    >First check the node type by opening a command line window and typing the
    >command
    >
    > ipconfig /all
    *********** SEPARATER *************
    Node Type is hybrid.
    ***********************************
    >This command reports the node type, among other information. It should be
    >Hybrid or Unknown, but not Point-to-Point (p-node, actually a mistaken
    >interpretation of Peer-to-Peer), because that would work only when a WINS
    >server is present.
    >
    >If the node type is P-t-P, you can use regedit.exe to go to
    >
    > HKEY_LOCAL_MACHINE
    > \System
    > \CurrentControlSet
    > \Services
    > \Netbt
    > \Parameters
    >
    > and delete any of the two values NodeType and DhcpNodeType if they exist,
    >forcing Windows to fall back to its default node type, which should be
    >Hybrid. Reboot.
    >
    > More details can be found in the following Microsoft Knowledge Base
    >article.
    >
    > Default Node Type for Microsoft Clients
    > http://support.microsoft.com/?kbid=160177
    >
    >*End procedure
    >
    >===================================
    >
    >
    >
    >Well, that's about it for right now. Other than this, I'm not sure what is
    >going on. Like I said, it should just work out-of-the-box.
    >
    >Let me know what you find with the above information.
    >
    >Thanks
    >
    >Ace
    *********** SEPARATER *************
    Thanks for all the suggestions, but this still appears to be strictly an SP2
    issue from where I sit.
    ***********************************
  21. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:11149de10iqi6fc@corp.supernews.com,
    John Coutts <administrator@spam.yellowhead.com> made a post then I commented
    below

    <snip>
    > *********** SEPARATER *************
    > Thanks for all the suggestions, but this still appears to be strictly
    > an SP2 issue from where I sit.
    > ***********************************

    No problem, John. I tried. I am spilled my beans on everything I can think
    of with the browser service that has always helped me in the past. I don't
    know what I've missed, if anything at all. I'm lost with this one.

    However, the one thing that bothers me is the firewall on SP2. Could
    possibly an issue with SP2 even though it says it's disabled, is still
    filtering certain types of traffic, including browing traffic? How about one
    more stab at it? Let's enable ICF on one of the machines, and allow File &
    Print traffic in the exception rule, just to see if it work? If that works,
    then it all points to something up (or not obviously sticking out and saying
    so) with the firewall service on the machine.

    Hmm, that just made me think of something else... is the firewall service
    started even though it's disable? I noticed on my laptop, even though ICF is
    not on, the service is running. If this is the case, let's try disabling
    that and see if it helps.

    If this keeps up I will send this to my MVP lead to pass it on to the dev
    team and see what they may have to say about it, unless one of the engineers
    from MS reads this thread and may give us a little help.

    Otherwise, keep the non-XP machine up for it's browser service (just
    kidding)!!

    Ace
  22. Archived from groups: microsoft.public.win2000.dns (More info?)

    In article <OZhf6o9EFHA.3404@TK2MSFTNGP10.phx.gbl>,
    PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com says...
    >
    >In news:11149de10iqi6fc@corp.supernews.com,
    >John Coutts <administrator@spam.yellowhead.com> made a post then I commented
    >below
    >
    ><snip>
    >> *********** SEPARATER *************
    >> Thanks for all the suggestions, but this still appears to be strictly
    >> an SP2 issue from where I sit.
    >> ***********************************
    >
    >No problem, John. I tried. I am spilled my beans on everything I can think
    >of with the browser service that has always helped me in the past. I don't
    >know what I've missed, if anything at all. I'm lost with this one.
    >
    >However, the one thing that bothers me is the firewall on SP2. Could
    >possibly an issue with SP2 even though it says it's disabled, is still
    >filtering certain types of traffic, including browing traffic? How about one
    >more stab at it? Let's enable ICF on one of the machines, and allow File &
    >Print traffic in the exception rule, just to see if it work? If that works,
    >then it all points to something up (or not obviously sticking out and saying
    >so) with the firewall service on the machine.
    >
    >Hmm, that just made me think of something else... is the firewall service
    >started even though it's disable? I noticed on my laptop, even though ICF is
    >not on, the service is running. If this is the case, let's try disabling
    >that and see if it helps.
    >
    >If this keeps up I will send this to my MVP lead to pass it on to the dev
    >team and see what they may have to say about it, unless one of the engineers
    >from MS reads this thread and may give us a little help.
    >
    >Otherwise, keep the non-XP machine up for it's browser service (just
    >kidding)!!
    ******************* REPLY SEPARATER *******************
    I'm not. I have already advised my clients not to upgrade all their machines to
    SP2.
    *******************************************************
    >Ace
  23. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:1116o8b6up0c365@corp.supernews.com,
    John Coutts <administrator@spam.yellowhead.com> made a post then I commented
    below
    <snip>
    >> Otherwise, keep the non-XP machine up for it's browser service (just
    >> kidding)!!
    > ******************* REPLY SEPARATER *******************
    > I'm not. I have already advised my clients not to upgrade all their
    > machines to SP2.
    > *******************************************************

    Good luck. If I find or think of anything, I'll post back.
Ask a new question

Read More

Microsoft Windows XP Windows Product