+ Reply to Thread
Results 1 to 4 of 4
  1. Member
    Join Date
    Sep 2008
    Posts
    60

    Certifications
    MCDST (Charter), MCSA 2000+M, MCSA 2003+M, CCNA, MCSE 2003, MCITP:SA, MCITP:EA
    #1

    Default Windows 7 client cannot access remote file share

    Hello,

    I've got a Windows 7 RTM client connected to a wirless network (WPA2-PSK). Behind the wireless router is a PIX firewall and behind that is a NAS device (A WD World Edition 1TB drive, Internal IP 10.0.0.3 which is NATed through the PIX to Public IP 192.168.1.100).

    Whenever I try to access the NAS device from the Windows 7 client connected to the wireless network I get the error :

    Windows cannot access \\192.168.1.100\Public
    Error code 0x80070035
    The network path was not found

    I can ping the NAS ok and the arp table on the client is correct. I can also telnet the NAS on port 80 (used for remote management)

    I know my firewall access-lists are ok as I can access the NAS from a Windows XP wireless client which has the same IP.

    There is no AV or security software on the Windows 7 client and the firewall is off for all profiles.

    Anyone seen this error "0x80070035" before for this kind of setup ? Seems basic but I'm and MS Support are stuck..

    Thanks

    Dan
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    702

    Certifications
    Most Recent: CISSP & CCDA
    #2
    Reply With Quote Quote  

  4. Nidhoggr, the Net Serpent Claymoore's Avatar
    Join Date
    Nov 2007
    Location
    FL
    Posts
    1,622

    Certifications
    AWS Architect, MCSEx3, MCITPx6, MCTSx17
    #3
    Windows 7, like Windows Vista, does not use LanManager authentication by default. Here is an excerpt from a previous post:


    When you say network filer I assume that means the home drives are located on a CIFS share on a NAS device, which is really just a version of Samba and Linux. For your Vista PCs to use these shares correctly you may have to change the LanManager Compatibility level in Vista. Vista does not use LM or NTLM for authentication by default, but the filer may only send LM or NTLM responses so Vista's settings need to be changed. This will basically 'downgrade' Vista's authentication mechanisms to work with the NAS filer software and can be done two ways:

    Group Policy:
    Computer Configuration - Policies - Windows Settings - Security Settings - Local Policies - Security Options
    Network security: LAN Manager authentication level
    You may need to change this to Send LM & NTLM - use NTLMv2 session security if negotiated for the most compatibility, but Send NTLM response only would be more secure so you should try it first

    Registry Edit
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa\
    Set the lmcompatibilitylevel value to 2 which would be equivalent to the Send NTLM response only in the Group Policy setting

    After you change these settings, you will need to reboot.

    You must provide Windows account credentials when you connect to Exchange Server 2003 by using the Outlook 2003 RPC over HTTP feature
    LmCompatibilityLevel settings



    The LmCompatibilityLevel registry entry can be configured with the following values:
    • LmCompatibilityLevel value of 0: Send LAN Manager (LM) response and NTLM response; never use NTLM version 2 (NTLMv2) session security. Clients use LM and NTLM authentication, and never use NTLMv2 session security; domain controllers accept LM, NTLM, and NTLMv2 authentication.
    • LmCompatibilityLevel value of 1: Use NTLMv2 session security, if negotiated. Clients use LM and NTLM authentication, and use NTLMv2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLMv2 authentication.
    • LmCompatibilityLevel value of 2: Send NTLM response only. Clients use only NTLM authentication, and use NTLMv2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLMv2 authentication.
    • LmCompatibilityLevel value of 3: Send NTLMv2 response only. Clients use NTLMv2 authentication, and use NTLMv2 session security if the server supports it; domain controllers accept LM, NTLM, and NTLMv2 authentication.
    • LmCompatibilityLevel value of 4: (Server Only) - Domain controllers refuse LM responses. Clients use NTLM authentication, and use NTLMv2 session security if the server supports it; domain controllers refuse LM authentication, and accept NTLM and NTLMv2 authentication.
    • LmCompatibilityLevel value of 5: (Server Only) - Domain controllers refuse LM and NTLM responses, and accept only NTLMv2 responses. Clients use NTLMv2 authentication, use NTLMv2 session security if the server supports it; domain controllers refuse NTLM and LM authentication, and accept only NTLMv2 authentication.
    Last edited by Claymoore; 08-26-2009 at 04:28 PM.
    Reply With Quote Quote  

  5. Member
    Join Date
    Sep 2008
    Posts
    60

    Certifications
    MCDST (Charter), MCSA 2000+M, MCSA 2003+M, CCNA, MCSE 2003, MCITP:SA, MCITP:EA
    #4
    Thanks Angel / Claymore,

    I already had the LM auth level set on the Windows client.

    The strange thing is that sometimes the client can connect to the NAS but whenever I try a copy a file down back to the client the wireless network disconnects with error 0x80070035.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks