Windows 10 unable to access syslogon folder on DC from windows 10 worgroup pc

Alock

New Member
Joined
Sep 28, 2015
Hope someone can help me I have Windows 2003 server and domain control at home. Which has been working fine for years? All of my laptops/pc has been able to connect to it in the most part as they are joined to my AD.

I however I got a new laptop a month ok which had windows 8.1 home installed. While that version does not allow you to connect it to domain. I understand that limitation and was happy to put up with that as it was not as important to me and left it in a workgroup. On all 4 off my devices have the same account and password whether on my domain or not. Under windows 8.1 I could connect to all my shares folders and importantly run my login scrip from the netlogon folder no problems. As long as I was connect to the server via its ip address. This is not big deal.

However I've now upgrade the laptop to windows 10 while I can still access the server and all its shares other than any think in the sysvol. I get prompted for password and despite typing the correct account and password for an account which has access it does not work. I've tried every combination including using the FQDN

I have read a post that states Microsoft has turned off the guest account so this may well be the issue. I can also understand why MS have done this as its not best practice
 
Last edited:
Welcome to the Forum:

Sorry to hear you're having network problems with Win10. Would you mind providing hardware specs on the upgraded Win10 computer? That would certainly help; analzing a network is only part software as you are no doubt aware.

Are all of your computers connected via hardwire to your router (which is what?) or do you have a mix of hardwire and wifi. A network diagram or sketch would certainly be helpful with IP addresses delineated.

If you ran the Win10 upgrade in the system tray widget (as most home users do), then your Win10 upgrade most likely upgraded to same-same so your Win10 Home is sort of like me trying to connect it to the Domain of my Windows 2008 server with my main deksotp running Vista Home! Not gonna work. You already know that you stated it in your post. Win10 home doesn't have Domain level hooks in it for server based networking (just like Win7 starter, basic, home, etc.). Neither did 8.1 Home. And that right there could explain some of the lack of connectivity you are experiencing especially with DNS and FQDN. By the way are you running a separate DHCP server, proxy server, or Firewall box on your net??

We can certainly do some more analysis if you're willing to provide us more info on your hardware, not to mention a better description of your network environment. It looks to me that you upgraded from a non-Domain aware version of Windows (Win8.1 home) to Win10 home, which has the same limitations. I'm running Win10 home and it certainly doesn't talk to my Server2008. To do that you need to upgrade to Win10 Pro, Business, or Enterprise. If it will work at all on Server2003. That's pretty old stuff. Not to mention the Service Packs required to make that old server software work with new Windows OS releases.

If however, you did a clean install to Win10 Pro and you're having client-server connection issues, that's certainly a more complicated problem. One of our networking Mods may be able to help you. That remains to be seen.

Thanks,
<<<BIGBEARJEDI>>>
 
hi bigbearjedi

thanks for your response Ill give back drop laptop was done via the upgrade straight from windows 8.1 it in its own workgroup as with out professional or above on it it will not connect to my AD. Ad that is running is a 2003 incarnation the pc running as my server is also using server 2003. I also have A tp-link 8 port 1000gb hub. My internet comes in via Virgin superhub which is the wireless router. Both this and server and pc laptops are on the same subnet. Super hub is also connected to the Tp-link hub

All devices on the network have static IP address. There is also a DHCP range for the wireless again on the same subnet. My new laptop is an ultrabook so it has no network port so connects via the wireless.

At the moment all devices can see each other weather they are a physical connection using a static IP or wireless using a DHCP address. my laptop which is not connected to my domain can only communicate via its IP address and not my dns names

Only issue is the laptop which is my only windows10 device will not allow me to see any of sysvol folders on my server it can other folders fine. It was also working fine on windows 8.1 so this is an issue with windows 10. Now I'm lead to believe that windows 10 has now disabled guest account, which I've read has caused lots of issues with NAS boxes which where not set-up properly and where using this account to gain access not sure if not being on the domain maybe mine was. I have not tried the reg hack to enable this. Since really this should not be enabled bit of a security risk.
 
  1. as I'm sure you must be aware server2003 has ended its lifetime as of July 14th this year and Microsoft isn't interested.
  2. the main difference between a default WX and a default W8.1.1 is that the the WinRM (windows remote management) service is disabled... this would need to be turned on before things like talking to a remote domain or hyper-v hyperserver will work.
I have personally got WX pro talking to an old server 08 share drive run within a vmware 10 environment without massive issues but good luck with it mate... if any one can figure out older systems its BIGBEARJEDI.
 
thanks i fully understand it gone end of live but since it only my personal sever I'm not to worried about that. Not quite sure how that service would fix it. However I've turned it on and still cannot browser the sysvol area. Keeps prompting for a password. my local account on the laptop has same account name and password as one on the domain, and despite trying to use domain account username and password but no luck
 
Sorry I assumed you use a Microsoft id to log into the WX machine which would then need an entry in the Cred-manager to resolve the username for that network address... note that modern Windows machines will NOT resolve a ip address but must have a network name i.e "nibbithost" in my home servers case is 192.168.0.5 but I can't use just the ip... a host file entry is the normal workaround when security isn't a major issue.

Screenshot (151).png
 
hi bigbearjedi

thanks for your response Ill give back drop laptop was done via the upgrade straight from windows 8.1 it in its own workgroup as with out professional or above on it it will not connect to my AD. Ad that is running is a 2003 incarnation the pc running as my server is also using server 2003. I also have A tp-link 8 port 1000gb hub. My internet comes in via Virgin superhub which is the wireless router. Both this and server and pc laptops are on the same subnet. Super hub is also connected to the Tp-link hub
>>>Thanks for your response back, this information does help some. I'm still confused by how you have everything connected. Did I understand you to say you have 2 computers running 2003 Server software on this network? If this is the case, it's no wonder W10 is confused about trying to access folders on your Main server. It sounds like you have some network knowledge, however, you cannot run two-2003 servers in the same domain; one has to be subjugated to a secondary server on the same Domain. So that's never going to work, with W10 or earlier Windows versions that are domain-capable.<<<

All devices on the network have static IP address. There is also a DHCP range for the wireless again on the same subnet. My new laptop is an ultrabook so it has no network port so connects via the wireless.
>>>I see that this is really a cobbled together system, and that may have worked for you in the past, however, in the business world mixing static IP's for wired ethernet and DHCP for wireless went out over a dozen years ago. This is usually only done when the Tech repairing or installing the network is not familiar with how to do things properly, or has a limiting piece of hardware--often a cheap switch or hub being forced to do the work of an intelligent switch or router. If you indeed have two 2003 servers in the same domain, you'll need to replace your TP-link hub with an intelligent auto-switching router or hub, and re-address the secondary domain onto a 2nd subnet. Often a secondary domain server is an app server such as a web server, an E-mail server, or a SAN (Storage Application Network) server. This can pose a security risk, if the secondary domain server is physically located in another building in another city, state, or country than the Primary Server. You've ignored this particular design rule for convenience, but it's not how it's done in the real world. If I've misunderstood you, and you only have 1 Primary Domain server, then you need to explain better to us how you have it connected. At this point, you've cobbled together a server in a home environment which really isn't being used correctly. You might as well just use that thing for a NAS box or a stand-alone storage device. That's how I used mine, since my Vista Home won't work with my Server on the Domain. Also, my 2008 server just died. I turned it on and was going to do some testing on remote login, but it's dead and I have to fix it. That's probably going to be a few months if parts are required and available.<<<

At the moment all devices can see each other weather they are a physical connection using a static IP or wireless using a DHCP address. my laptop which is not connected to my domain can only communicate via its IP address and not my dns names
>>>I understand. Going back to my initial analysis of your network, this is why you are having trouble using folder share names and FQDN's with the W10 as I said; the version you have is non-Domain compliant so this pretty much explains why your other devices are working on the Domain and the new laptop is not part of the conversation. Generally, it is considered poor design form to mix Workgroups (which is really the poor-man's peer-to-peer LAN) and a Domain server. This is usually only done in very large networks; 4 computers does not comprise a large network with hundreds or thousands of machines. If one must mix Workgroups into a Domain environment due to legacy servers or older machines, then it must be done properly. Repeating again, you either get an intelligent switch or router to replace your hub, and put your W10 laptop in a Workgroup onto a separate subnet or not, that's up to you. But, if you are doing what I think your are doing, you'll need to upgrade your W10 to a version that supports Domains, period. W10 Pro, W10 Business, & W10 Enterprise are your only choices at this time. These versions start at $199 US to about $1300 US per seat. These are very expensive and not designed for home use, which you are attempting to do without spending any money to make things work correctly. I get that; I did exactly the same thing with my 2008 server. You'll have to redesign your network, make some changes (switch/router), and Domain redesign if using two machines running 2003 server, and your version of W10 running on that laptop. You might be able to do this for under $500 or so, maybe less. Is it worth it to you, that's the question you have to ask yourself.<<<



Only issue is the laptop which is my only windows10 device will not allow me to see any of sysvol folders on my server it can other folders fine. It was also working fine on windows 8.1 so this is an issue with windows 10. Now I'm lead to believe that windows 10 has now disabled guest account, which I've read has caused lots of issues with NAS boxes which where not set-up properly and where using this account to gain access not sure if not being on the domain maybe mine was. I have not tried the reg hack to enable this. Since really this should not be enabled bit of a security risk.
>>>On the guest account, this has been disabled since Vista or Win7, so that's not relevant. Not sure how your 8.1 had the guest account enabled on install, but I've worked on quite a few 8.1 laptops, and never seen it enabled from the factory. Don't think that's an issue specific to W10 Home. As far as using a reg hack on your W10 laptop to make it do something it wasn't designed to do, good luck with that!! I think you've got bigger issues with your LAN than you are willing to admit, and your usage isn't recommended. I gave you my take on it, so do what you can with it. I just think you are hitting the wall here, as your rule bending of your network just hit a fatal flaw. I'd still recommend an actual network drawing, since you wrote back with a textual description, this tells me you still have some network learning to do. Students of mine did not pass their Network Engineer license tests without this step. No network diagram puts you into an "amateur" vs. "professional" category. Your choice, my opinion. I can tell you I've fired Customers or no-bid jobs where no Diagram was not made or provided, or the Customer refused to pay my charges to create one. Yes, it's that big a deal. So, you decide what kind of network you want. Amateur or Professional.<<<
<<<BBJ>>>
 
Hi,
I thought you might like an example of what a network diagram is. Many of my Customers as well as Students have never actually seen one. Most of the people I help on the Tech Forums are not sure of what I'm really asking for, so they don't provide it. In some cases, they don't provide since it's for their work and it's propietary information. Usually, the person I'm trying to help is a Tech or even a Network Tech and they have to get special permission from their IT Director, CIO, or even company President or Owner to give this information out. In the 3 years I've been volunteering for online Tech Forums I've only ever been sent 1 or 2; even after repeated requests for them. Very few, and I mean very few home Users have the knowledge to create one of these diagrams unless they've taken formal classes at a Tech Institute or a University/College.

As I mentioned, I used to train Network Engineers to get their professional licenses and have trained hundreds of student engineers over the years. Attached is a Diagram of an actual Customer network (WAN) I did about 11 years ago. Coincidentally, I picked this one as it was a Customer I did a complete network overhaul and upgrade for a 2003 server Domain environment, similar to the one you are running in your home. This is how a real 2003 server domain LAN actually appears. I drew this diagram using a special program called Microsoft Visio 2000. It is used by Network Engineers and Computer Scientists. It is the analog to a Building Blueprint that Architects make to construct large commercial buildings such as High-Rises. If you work in the field you may have seen one. This network diagram is for a small company with about 60 computers, not very large compared to some I've done with 70,000 computers on a single network. But, it should give you an idea of what I'm talking about. If you are completely unfamiliar with this diagram, have never heard of it, seen one, etc. then you are getting some free education here. Here's the diagram. Hope it proves useful to you. And you don't have to use the Visio program to create a diagram, a hand sketch with IP addresses will suffice for your small home network; but this is what I was actually asking for. If you haven't done one of these before, the process is often very instructional and may help you to better understand why things are working as you would like on your network.

Briggs Electric Network Diagram MBUSCH 04-16-04.JPG

Best,
<<<BBJ>>>
 
Last edited:
I tend to use photoshop just because most people have that but the point is the same... a record of your network that you can show people to repair/ rebuild it when life happens.
wireless project for peter.png


Both of these network setups help when it comes to figuring out how to get part A talking to part B.


total_network.png
 
Last edited:
@Norway: Good point. ;) Certainly most of my Customers (90% who are retired and on fixed-income) do not have Photoshop as it's a $600 US program!! However, a hand-drawn sketch accomplishes the goal, and it can be done on a single sheet of printer paper or legal pad with a simple pencil or a pen (extremely low-cost); yet so few of my Customers get why it's so important. Especially my Business Customers.:iee: After trying to teach them why it's so important to make and keep backups, it's the toughest concept to get across to them. I've been teaching Disaster Recovery and How To Backup Your Computer courses for over 10 years now. For most home users, ANYTHING resembling a sketch or a diagram is really more than adequate. Some of my more educated Customers actually provide me a diagram in Visio or Photoshop or even Word every once and awhile. I got one just last year from one of my regular customers of his home network. I was stunned, amazed, and pleased! And I complimented him on just having it. :D
Cheers! <<<BBJ>>>
 
Back
Top Bottom