Troubleshooting Microsoft Networking

Previous page
Table of content
Next page

Tools and techniques are available that can help you identify and resolve problems that you might encounter in a networking environment.

When troubleshooting a network connection in Windows XP Professional, first establish that the following conditions exist:

  • The cable connection between the network adapter and the port is secure. If it is, restart the computer in case you have temporarily lost connection.

  • The network adapter is correctly installed. Use Device Manager to verify that it is functioning correctly.

  • Event Viewer is correctly logging system and application events so that the problem can be fully analyzed. For more information about using Event Viewer and the event logs, see Tools for Troubleshooting later in this chapter.

  • At least one domain controllers is available and functioning.

For more information about troubleshooting techniques and tools, see Troubleshooting Concepts and Strategies and Tools for Troubleshooting in this book and Windows XP Professional Help and Support Center.

Tools for Troubleshooting

Windows XP Professional includes tools to help you diagnose and resolve networking problems. For information about the use and syntax of the troubleshooting tools, see Tools for Troubleshooting in this book.

Event Viewer

Event Viewer allows you to monitor events in your system. It maintains logs about program, security, and system events on your computer. You can use Event Viewer to view and manage the event logs, gather information about hardware and software problems, and monitor Windows XP Professional security events. The Event Log service starts by default when you start Windows XP Professional. All users can view application and system logs.

An event log consists of a header, a description of the event (based on the event type), and additional data (optional). A typical log entry consists of the header and a description as shown in Figure 20-6.


Figure 20-6: Typical event log entry

To use Event Viewer to access a security log

  1. Right-click My Computer, and then click Manage.

  2. Click System Tools, click Event Viewer, and then click Security.

  3. In the list of specific security events, double-click the most recent one.

  4. In the Event Properties dialog box of the specific security event, read the information about the event and relevant data.

  5. Event Viewer categorizes events by log type (for example, security or system) and displays a separate log for every event, which includes date, time, source, category, ID, user account, and computer name.

The log types that directly relate to a user logging on are the security and system logs. Table 20-4 provides a description of the log types and how they can be used in troubleshooting.

Table 20-4: Log Types

Log Type

Description

Security

The Security Log records security events, such as valid and invalid logon attempts, and events related to resource use, such as creating, opening, or deleting files or other objects. For example, the Security log records a user s inability to log on to a domain account due to an incorrect or invalid user ID/password combination.

System

The System Log records events logged by the Windows XP Professional system components. For example, if a driver or other system component fails to load during startup, it is recorded in the System Log. Also, the System Log records a duplicate computer name on the domain as an error message sent by NetBT.

For more information about Event Viewer, see Windows XP Professional Help and Support Center.

Network Connectivity Tester (Netdiag.exe)

This command-line diagnostic tool helps isolate networking and connectivity problems by performing a series of tests to determine the state of your network client and its functionality. Netdiag.exe performs LAN connectivity and domain membership tests, including network adapter status, IP configuration, domain membership, and Kerberos V5 security tests. The tests can be performed as a group or individually.

For more information about the function and syntax of Netdiag.exe, see Tools for Troubleshooting in this book.

Status Menu Command

If your computer is set up to accept incoming connections, an icon with an assigned user name appears in the Network Connections folder as each user connects. You can view the progress of incoming connections by right-clicking a named connection, and then clicking Status.

By using the Status menu command, you can view the following data:

  • The duration of a connection.

  • The speed at which you initially connected. For a single-link connection and for individual links in a multilink connection, this speed is negotiated (and fixed) at the time the connection or link is established. For multilink connections, this speed is equal to the sum of the speeds of the individual links. For multilink connections, this speed varies as links are added or deleted.

  • For local area connections, the number of bytes transmitted and received during a connection. For other types of connections, the number of bytes transmitted and received during a connection, and the associated compression and error statistics.

  • The diagnostic tools that you can use for a connection, if any. For example, the Windows Network Troubleshooter, TCP/IP Autoping, and TCP/IP Windows IP Configuration.

The Support tab in the Local Area Connection Status Dialog box

The Support tab in the Local Area Connection Status dialog box allows you to do the following:

  • View the address type, IP address, subnet mask, and default address of a connection.

Use the Details button to view a detailed summary of the network connection, which includes its physical address, the IP address of its DHCP, DNS and WINS servers, the date the DHCP lease of the address was obtained, and the date the DHCP lease is due to expire. This is in addition to the IP address, subnet mask, and default address of the connection.

  • Open the Network Diagnostics page of Windows XP Professional Help and Support Center.

  • Repair your settings by pressing the Repair button. This does the following:

    • Releases current TCP/IP settings.

    • Renews your TCP/IP settings.

    • Registers the DNS resource records for all adapters on your Windows XP Professional based computer. All errors are reported in the Event Viewer within 15 minutes of the time registration is initiated. On the command line, you can achieve similar results by using ipconfig/registerdns .

    • Flushes the ARP cache

    • Does a DHCP broadcast renew for the IP lease.

    • Purges and reloads the remote cache name table of NetBT. On the command line, you can achieve similar results by using Nbtstat -R .

    • Sends Name Release packets to WINS and then starts refresh. On the command line, you can achieve similar results by using Nbtstat -RR .

    • Purges the dns resolver cache and re-registers the DNS recodes. On the command line, you can achieve similar results by using ipconfig/flushdns .

Troubleshooting Joining Networks

You can use the following techniques and procedures to troubleshoot problems that might occur when you join a Windows XP Professional based computer to a Windows NT domain, Windows 2000 domain, or a workgroup consisting of other Microsoft networking clients.

Unable to join a domain

When you attempt to add a computer running Windows XP Professional to a domain, the following message appears:

"Unable to connect to the domain controller for this domain. Either the user name or  password entered is incorrect."

To join a Windows XP Professional based computer to a domain, you must provide an account name that is a member of the Domain Admins group (Windows NT, Windows 2000 or Windows Server 2003 domains) or that is a member of a group that has permissions to add computers to a domain.

Unable to find a domain controller

When you attempt to add a computer running Windows XP Professional to a domain or workgroup or a Windows XP Professional workgroup by using the Network Identification wizard or by manually adding the computer, the following message appears:

"The specified domain does not exist or could not be contacted."

When you receive the preceding message, verify that the correct domain or workgroup names are entered in the Workgroup and Domain fields on the Computer Name tab of the System Properties dialog box..

If TCP/IP is the transport protocol used, the problem might be caused by the configuration of TCP/IP options on the client. Log on to a local administrative account and do the following tasks to resolve the problem:

  1. Attempt to ping the domain controller by using its NetBIOS name (for example, DomainController1) or a fully qualified DNSdomain name (for example, DomainController1.domain1.reskit.com). If unsuccessful, attempt to ping the domain controller by using the IP address.

  2. If the attempt to ping the domain controller by name is not successful, and DNS or WINS is used for name resolution, verify the IP addresses of the name servers. Then, try again to ping the domain controller by name.

  3. If the attempt to ping the domain controller by name is unsuccessful, and the Windows XP Professional based client is in the same subnet as the domain controller, verify the client s IP address.

  4. If the Windows XP Professional based client is in a different subnet from the domain controller, verify that you have specified the correct default gateways.

  5. If Internet Control Message Protocol (ICMP)-enabled routers are used within your network, you can use a method called ICMP Router Discovery to automate the discovery and configuration of default gateways. For more information about ICMP Router Discovery, see Configuring TCP/IP in this book.

  6. If Routing Information Protocol (RIP) enabled routers are used in the network, install RIP support.

  7. If a domain controller has an Internet Protocol security (IPSec) policy set at Secure Server, it denies transfer of IP packets to clients that do not have IPSec enabled by local or domain-based security policies. Contact the domain administrator to revise the IPSec policy on the domain controller. For more information about IPSec, see Configuring TCP/IP in this book.

Unable to rename a computer

When you attempt to name or rename a computer with a name that is similar to the domain or workgroup name, the following message appears:

"The new computer name may not be the same as the Workgroup (Domain) name."

In a Windows NT workgroup or domain or a Windows 2000 or Windows Server 2003 domain where NetBIOS is not disabled on all clients and servers, the first 15 characters of the name of the Windows XP Professional based computer must not duplicate the name of an existing client, workgroup, or domain. For example, if the domain name is Reskit1domainSEA, you must select a different name for a computer in that domain.

Troubleshooting Logon Problems

After joining a Windows XP Professional based computer to a workgroup or domain, the computer running Windows XP Professional typically communicates with other clients in the network environment. You can use the following techniques and procedures to identify and resolve problems that occur when you attempt to log on to a domain or to a workgroup consisting of other Microsoft networking clients.

Unable to log on at a local workstation

After creating a computer account at the domain, you attempt to log on locally by using a non-administrative account. The following message appears:

"The system could not log you on. Make sure your user name and Domain are correct, 
then type your password again."

Unable to log on to a domain

After your computer joins a Windows 2000 or Windows Server 2003 domain, and you attempt to log on to the domain, the following message appears:

"The system cannot log you on due to the following error: There is a time difference
between the Client and Server. Please try again or consult your system administrator. "

The Kerberos V5 authentication protocol inspects the timestamp of the authentication request sent by the logged-on client. The timestamp is compared to the current time of the domain controller. If a significant difference exists between the times (default is five minutes), authentication fails. Log on locally to an administrative account and make sure that the Windows XP Professional based client time is the same as that of the domain controller. It is also important that the time zone be entered correctly because the Kerberos protocol converts all times to Greenwich Mean Time and then compares them that way.

Each user account object in Active Directory contains a User must log on using a smart card option. If the account is configured for using a smart card, and the user selects this option, and then tries to log on without using a smart card, the following message appears:

"Your account has been disabled. Please see your system administrator."

The preceding message appears even though the account is not disabled. The user must contact the domain administrator to disable the User must log on using a smart card option.

Look for these common causes of logon failure:

  1. Password or user name incorrectly typed.

  2. Password typed with CAPS LOCK on.

  3. No common protocol between a Windows XP Professional based client and a domain controller.

For the first two causes of logon failure, you should receive an error that begins with Make sure your User name and domain are correct For the third cause of failure, you should get an error stating that the domain controller could not be contacted.

Assuming that TCP/IP is the protocol that you used in the network, the client configuration might have changed since initial installation. Look for these causes:

Unable to log on to a domain after renaming the computer

Often your logon domain does not recognize the new name of your client computer. To troubleshoot this problem, you must rename the Windows XP Professional based computer that belongs to a Windows NT domain.

To rename a Windows XP Professional based computer that is a member of a Windows NT domain

  1. Create a new computer account (or have one created for you) that uses the new computer name.

  2. Leave the domain by temporarily joining a workgroup.

  3. When prompted, restart the computer.

  4. Join the domain by using the new computer name.

  5. When prompted, restart the computer.

Troubleshooting Group Policy and System Policy

Configuration conflicts can occur between local Group Policy settings and Windows NT System Policy, which can impede user access to system features and functions. For example, if a Windows XP Professional based computer that was originally a stand-alone computer or a member of a workgroup is added to a Windows NT domain that uses System Policy, both the local Group Policy and Windows NT System Policy might be processed at various points in the logon process. To anticipate the behavior of a Windows XP Professional based computer by following local Group Policy in a Windows NT domain that uses system policies, see System Policy and Group Policy Coexistence earlier in this chapter.

Troubleshooting My Network Places

A common problem is that you cannot use My Network Places to access all local computer resources or to see other workgroup computers. A typical problem, a likely cause, and possible solutions follow.

After successfully logging on to a workgroup or domain, you attempt to view shared resources either by typing net view at the command prompt or by opening My Network Places. The resulting window does not show any computers or members of the workgroup or domain.

Likely cause

A browser election has taken place, and the browse list is being updated on the domain master browser, on master browsers in the domain or workgroup, and on backup browsers.

Possible solution one

Attempt to force an update of the browse list by refreshing the My Network Places window. Otherwise, it might take up to 15 minutes for all browsers to receive an updated browse list.

Possible solution two

If your computer is a member of a workgroup, make sure that you have changed the default name, WORKGROUP, to the specified workgroup name.



Previous page
Table of content
Next page
Microsoft Windows XP Professional Resource Kit 2003
Microsoft Windows XP Professional Resource Kit 2003
ISBN: N/A
EAN: N/A
Year: 2005
Pages: 338
BUY ON AMAZON
CISSP Exam Cram 2
Pocket Guide to the National Electrical Code(R), 2005 Edition (8th Edition)
Persuasive Technology: Using Computers to Change What We Think and Do (Interactive Technologies)
Telecommunications Essentials, Second Edition: The Complete Global Source (2nd Edition)
Cultural Imperative: Global Trends in the 21st Century
FileMaker 8 Functions and Scripts Desk Reference
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy