 [RESOLVED] System Error 1231 when mapping drive |
  |
 Jul 1 2008, 02:00 PM
Post
#1
|
|
|
K-Mart-ian Legend  Group: Members Posts: 1208 Joined: 28-April 06 From: Buffalo, NY Member No.: 94953 OS: Server 2008 x64 
 |
OK so today I got to do the first real test of our Server 2008 WDS. As I reported before, I wasn't the guy who was handling it, so I figured it would be all ready to go. Except it wasn't. So I set it all up pretty quick, but I am encountering a problem.
I created a new user and assigned it to the administrators group. This user has a password that is acceptable by the complexity rules. I created a folder, and shared it on the network. By default, administrators get full control. So I boot a PC to the network, everything all loads up fine. This PC is booting into the WinPE, with some additions including GImageX HTA. Basically, its the same WinPE.wim that my 2003 server uses, so I know it functions properly. I mounted the PE and changed the startnet.cmd to map to the new server name and using the new creds. However, when the PE loads, it can't map the network drive, and returns System Error 1231, basically that the network resource is unavailable or not found. Now, if I open the CMD and manually type in the command, it maps without a problem. I have compared what I typed and what is in the startnet.cmd and it is exactly the same. For some reason there seems to be a delay after networking is enabled and the ability to use it. I KNOW that this is a problem with our Server 2008 and not the PE for reasons I have already stated. We have also tried disabling the firewall but to no avail. The NICs in the server are teamed if that helps at all. All configuration besides WDS are at their defaults. The other cfg we changed was making WDS use 1GB instead of 100 for its LAN profile. OH, I wanted to also post that I am currently using a workaround to resolve the issue, but I would prefer not having to do that. The following is an AutoIT script I wrote that we run from x:\windows\system32. CODE ; Program to workaround GImageX getting System Error 1231
RunWait( @ComSpec & " /c net use z: \\wdsserver\images Password1 /user:remote" ) Sleep( 1000 ) ProcessClose( "mshta.exe" ) Run( "mshta x:\windows\system32\ImageX.hta" ) This post has been edited by Tripredacus: Jul 10 2008, 02:10 PM |
 |
 
|
|
Jul 1 2008, 02:30 PM
Post
#2
|
|
|
Beater Tester  Group: Super Moderator Posts: 492 Joined: 14-September 04 From: The belly of The Beast Member No.: 31023 OS: Vista Ultimate x64 
|
Got a network trace from the startnet.cmd failing to map the drive, followed by a successful manual mapping from the same client?
That would be the best place to start to see what requests & responses are seen - see what's different... |
|
|
|
|
Jul 7 2008, 08:18 AM
Post
#3
|
|
|
K-Mart-ian Legend Group: Members Posts: 1208 Joined: 28-April 06 From: Buffalo, NY Member No.: 94953 OS: Server 2008 x64
|
How shall I go about getting a network trace from just the startnet.cmd? I cannot use the instructions as provided to me in this posting:
http://www.msfn.org/board/index.php?s=&...st&p=776402 LMK. |
|
|
|
|
Jul 7 2008, 09:11 AM
Post
#4
|
|
|
Beater Tester Group: Super Moderator Posts: 492 Joined: 14-September 04 From: The belly of The Beast Member No.: 31023 OS: Vista Ultimate x64
|
2 options, both requiring a second machine:
1. Use a SPAN or MIRROR port on the switch to duplicate the ingress & egress traffic from the port to which the client is connected, and use NMCAP or WireShark on a machine connected to the SPAN/MIRROR port. 2. Use a hub between the client machine and the switch, and connect the sniffing machine to the same hub to take the trace. |
|
|
|
|
Jul 9 2008, 11:31 AM
Post
#5
|
|
|
K-Mart-ian Legend Group: Members Posts: 1208 Joined: 28-April 06 From: Buffalo, NY Member No.: 94953 OS: Server 2008 x64
|
OK I did two tests.
Environment 1: no error 192.168.0.5 = UNCLESOCKS (DC, WDS, DNS, PXE) Server 2003 Standard 192.168.0.6 = GHOSTSERVER (DHCP) Server 2003 Standard 192.168.0.10 = SIXSHOT (packet sniffer) Windows XP Pro SP2 192.168.0.11 = MININTxxxxx (booted into the PE via PXE) WinPE 2.0 Domain name = SHARK.attacksyou Environment 2: error 1231 172.0.1.87 = MININTxxxxx (booted into the PE via PXE) WinPE 2.0 172.0.1.2 = WDSSERVER Team 0 (DC, WDS, DNS, DHCP, PXE) Server 2008 Enterprise 172.0.1.3 = same as above but Team 1 Domain name = WDS.local We use the same winpe.wim to boot into on both servers. The 2008 gets an error, and the 2003 does not. The 2008 WDS settings are the same as the 2003 for WDS. The 2008 has two teamed NICs, while Team 1 does show up in a broadcast, it isn't actually connected to the network. There are no other computers connected to these two environments, with exception for SIXSHOT was in environment 2, but didn't show up in the trace like it did in environment 1. Also, both servers have a default gateway assigned that does not exist. So there are a lot of "where is x.x.x.1" messages in there because of this.
Attached File(s)
|
|
|
|
|
Jul 9 2008, 01:04 PM
Post
#6
|
|
|
Beater Tester Group: Super Moderator Posts: 492 Joined: 14-September 04 From: The belly of The Beast Member No.: 31023 OS: Vista Ultimate x64
|
Here are the differences in the DHCP Offers:
2k3_wds_intel.pcap CODE 1 16:44:52.598522 0.0.0.0 255.255.255.255 DHCP DHCP Discover - Transaction ID 0xc13982f8 2 16:44:52.599279 192.168.0.6 255.255.255.255 DHCP DHCP Offer - Transaction ID 0xc13982f8 3 16:44:54.587257 0.0.0.0 255.255.255.255 DHCP DHCP Request - Transaction ID 0xc13982f8 4 16:44:54.588081 192.168.0.6 255.255.255.255 DHCP DHCP ACK - Transaction ID 0xc13982f8 This offer contains: Next server IP address: 192.168.0.5 Boot file name: \boot\x86\wdsnbp.com Options: 53 = DHCP Offer 1 = Subnet Mask = 255.255.255.0 58 = Renewal Time Value = 1 hour, 30 minutes 59 = Rebinding Time Value = 2 hours, 37 minutes, 30 seconds 51 = IP Address Lease Time = 3 hours 54 = Server Identifier = 192.168.0.6 6 = Domain Name Server = 192.168.0.5 15 = Domain Name = shark 66 = TFTP Server Name = unclesocks 67 = Bootfile name = \boot\x86\wdsnbp.com ... 11 16:46:08.003550 0.0.0.0 255.255.255.255 DHCP DHCP Discover - Transaction ID 0xffc62717 12 16:46:08.004350 192.168.0.6 255.255.255.255 DHCP DHCP Offer - Transaction ID 0xffc62717 13 16:46:08.004705 0.0.0.0 255.255.255.255 DHCP DHCP Request - Transaction ID 0xffc62717 14 16:46:08.005822 192.168.0.6 255.255.255.255 DHCP DHCP ACK - Transaction ID 0xffc62717 This offer contains: Next server IP address: 192.168.0.5 Boot file name: \boot\x86\wdsnbp.com Options: 53 = DHCP Offer 1 = Subnet Mask = 255.255.255.0 58 = Renewal Time Value = 1 hour, 30 minutes 59 = Rebinding Time Value = 2 hours, 37 minutes, 30 seconds 51 = IP Address Lease Time = 3 hours 54 = Server Identifier = 192.168.0.6 15 = Domain Name = shark 6 = Domain Name Server = 192.168.0.5 ... 50 16:47:20.497913 0.0.0.0 255.255.255.255 DHCP DHCP Discover - Transaction ID 0x316c80a2 51 16:47:20.498615 192.168.0.6 255.255.255.255 DHCP DHCP Offer - Transaction ID 0x316c80a2 52 16:47:20.498928 0.0.0.0 255.255.255.255 DHCP DHCP Request - Transaction ID 0x316c80a2 53 16:47:20.499743 192.168.0.6 255.255.255.255 DHCP DHCP ACK - Transaction ID 0x316c80a2 This offer contains: Next server IP address: 192.168.0.5 Boot file name: \boot\x86\wdsnbp.com Options: 53 = DHCP Offer 1 = Subnet Mask = 255.255.255.0 58 = Renewal Time Value = 1 hour, 30 minutes 59 = Rebinding Time Value = 2 hours, 37 minutes, 30 seconds 51 = IP Address Lease Time = 3 hours 54 = Server Identifier = 192.168.0.6 15 = Domain Name = shark 6 = Domain Name Server = 192.168.0.5 2k8_wds_intel.pcap CODE 81 15:43:24.002765 0.0.0.0 255.255.255.255 DHCP DHCP Discover - Transaction ID 0x36452cae 82 15:43:24.003093 172.0.1.2 255.255.255.255 DHCP DHCP Offer - Transaction ID 0x36452cae 83 15:43:24.003336 0.0.0.0 255.255.255.255 DHCP DHCP Request - Transaction ID 0x36452cae 84 15:43:24.003662 172.0.1.2 255.255.255.255 DHCP DHCP ACK - Transaction ID 0x36452cae This offer contains: Next server IP address: 172.0.1.2 Options: 53 = DHCP Offer 1 = Subnet Mask = 255.255.0.0 58 = Renewal Time Value = 3 days 59 = Rebinding Time Value = 5 days, 6 hours 51 = IP Address Lease Time = 6 days 54 = Server Identifier = 172.0.1.2 15 = Domain Name = WDS.Local 3 = Router = 172.0.1.2 6 = Domain Name Server = 127.0.0.1, 172.0.1.2 44 = NetBIOS over TCP/IP Name Server = 127.0.0.1, 172.0.1.2 ... 265 15:44:45.725266 0.0.0.0 255.255.255.255 DHCP DHCP Discover - Transaction ID 0x88d31781 266 15:44:45.725621 172.0.1.2 255.255.255.255 DHCP DHCP Offer - Transaction ID 0x88d31781 267 15:44:45.725818 0.0.0.0 255.255.255.255 DHCP DHCP Request - Transaction ID 0x88d31781 268 15:44:45.726117 172.0.1.2 255.255.255.255 DHCP DHCP ACK - Transaction ID 0x88d31781 This offer contains: Next server IP address: 172.0.1.2 Options: 53 = DHCP Offer 1 = Subnet Mask = 255.255.0.0 58 = Renewal Time Value = 3 days 59 = Rebinding Time Value = 5 days, 6 hours 51 = IP Address Lease Time = 6 days 54 = Server Identifier = 172.0.1.2 15 = Domain Name = WDS.Local 3 = Router = 172.0.1.2 6 = Domain Name Server = 127.0.0.1, 172.0.1.2 44 = NetBIOS over TCP/IP Name Server = 127.0.0.1, 172.0.1.2 The W2K8 server is offering localhost as primary DNS and WINS server addresses, and no boot filename at all. The W2K3 server is not offering any WINS settings, only a valid DNS server, and a boot file name pointing to "\boot\x86\wdsnbp.com" on 192.168.0.5. Weird thing is, filtering on the client IP address, all I see are NetBIOS broadcasts for name registrations for the workstation name and workgroup - no SMB activity whatsoever. PXE client doesn't seem to like the response coming from the W2K8 configuration - half the information is missing or bad. Unfortunately I know zip about WDS/RIS so I can't point you in the right direction for addressing this - but that is where I would focus my attention: 1. Fix DNS server (remove 127.0.0.1) 2. Fix WINS server (remove) 3. Fix router (remove) 4. Fix boot filename (add) |
|
|
|
|
Jul 10 2008, 02:09 PM
Post
#7
|
|
|
K-Mart-ian Legend Group: Members Posts: 1208 Joined: 28-April 06 From: Buffalo, NY Member No.: 94953 OS: Server 2008 x64
|
I got it working, but first a couple explanations about the differences in the traces. First, the W2K3 server uses a stand-alone DHCP server, which is why you see the PXE Server IP and bootfile name being broadcast in that example. With the 2008, it is running DHCP and PXE on the same box. I set up the 2003 that way because I couldn't get DHCP and PXE working on the same box... which is covered in some old thread on this forum.
Alright the things I changed that did not resolve the issue: - remove localhost (127.0.0.1) from DNS and WINS/NBNS in the DHCP server options. - change the domain name from WDS.local to WDS What did work: - remove the WINS/NBNS server option altogether I was not sure why router was showing up because the Router and Remote Access Service is disabled, and there was no DHCP Server Option for anything relating to that. Atm it still just has PXEClient, DNS Hostname and DNS Server options. I didn't have to add the boot filename because I have WDS automatically load the same bootfile for x86 and x64 environments, even tho PXE always reports the architecture based on the hardware environment, and not which software we wish to install (how could it lol). Also, our WDS/2008 setup documentation from our Microsoft Rep had the instructions to add WINS into the config. I didn't set up the base settings for DHCP, only WDS. The other guy I work with put that in there so I didn't know it was there until you pointed it out. Also, can you explain "SMB Activity"? We tried looking it up but couldn't find a good explanation... and found WAY to many uses of SMB = Small/Medium Business. |
|
|
|
|
Jul 10 2008, 02:15 PM
Post
#8
|
|
|
Coffee Aficionado Group: Members Posts: 2994 Joined: 14-July 04 From: Coffeeland Member No.: 24596 OS: Vista Ultimate x64 
|
QUOTE (Tripredacus @ Jul 10 2008, 04:09 PM)  Also, can you explain "SMB Activity"? We tried looking it up but couldn't find a good explanation... and found WAY to many uses of SMB = Small/Medium Business. Server Message Block |
|
|
|
|
Jul 10 2008, 02:49 PM
Post
#9
|
|
|
Beater Tester Group: Super Moderator Posts: 492 Joined: 14-September 04 From: The belly of The Beast Member No.: 31023 OS: Vista Ultimate x64
|
Sorry, TMI with the TLA, it gets OTT
 SMB is the protocol used for file sharing, typically TCP port 445 traffic. When you said it was NET USE lines that needed a delay inserted to make work, I assumed I would find the SMB session setup packets and protocol negotiations. Glad you got it sorted though 
|
|
|
|
|
Jul 10 2008, 03:04 PM
Post
#10
|
|
|
Coffee Aficionado Group: Members Posts: 2994 Joined: 14-July 04 From: Coffeeland Member No.: 24596 OS: Vista Ultimate x64
|
QUOTE (Mr Snrub @ Jul 10 2008, 04:49 PM) Sorry, TMI with the TLA, it gets OTT IDK, IDT one TLA is OTT  Finally someone who speaks my language!  But yeah, if he's willing to post more wireshark caps of his network issues (like those problems with network shares so we can see what really happens), I'd have a look too (this time, I'll have to beat Mr Snrub to it!) This post has been edited by crahak: Jul 10 2008, 03:07 PM |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 7th January 2009 - 09:12 PM |
All trademarks mentioned on this page are the property of their respective owners
MSFN is not affiliated with Microsoft
Copyright © 2001-2008 msfn.org
Privacy Policy
MSFN is not affiliated with Microsoft
Copyright © 2001-2008 msfn.org
Privacy Policy