588 APPENDIX E Troubleshooting Network Issues To reproduce this problem (and test whether you have fi xed it), open a command prompt and run the following command. net use \\<server from above>\ipc$ /u:<account used for join> <password> To determine whether the edition of Windows supports joining a domain, search for the keyword NetpDomainJoinLicensingCheck (most recent entries are at the bottom of the log fi le). If the ulLicenseValue is anything other than 1, it indicates that the edition of Windows cannot join a domain. To join a domain, a computer must be running the Windows 7 Professional, Windows 7 Enterprise, or Windows 7 Ultimate operating systems. The following shows a log fi le entry for a computer running a supported version of Windows (as indicated by ulLicenseValue=1). NetpDomainJoinLicensingCheck: ulLicenseValue=1, Status: 0x0 How to Verify Requirements for Joining a Domain To join or log on to a domain successfully, you must meet several different requirements. When troubleshooting a problem joining a domain, verify each of these requirements: ■ The client computer must be able to resolve the IP address for a domain controller In most enterprise networks, client computers receive an IP address assignment from a DHCP server, and the DHCP server provides addresses for AD DS–enabled DNS servers that can resolve the domain controller IP address. If another DNS server is confi gured, you should update the client computer’s IP confi guration to use an AD DS–enabled DNS server. If this is not possible, you can add two records to your existing DNS server that resolve to a domain controller’s IP address: •• The _ldap._tcp.dc._msdcs.DNSDomainName SRV resource record, which identifi es the name of the domain controller that hosts the AD DS domain. DNSDomainName is the DNS name of the AD DS domain the computer is attempting to join. •• A corresponding address (A) resource record that identifi es the IP address for the domain controller listed in the _ldap._tcp.dc._msdcs.DNSDomainName SRV resource record. ■ The client computer must be able to exchange traffi c with the domain controller on several different TCP and UDP ports These ports include: •• TCP port 135 for RPC traffi c •• TCP port 389 and UDP port 389 for LDAP traffi c •• TCP port 636 for LDAP over SSL traffi c •• TCP port 3268 for LDAP Global Catalog (GC) traffi c •• TCP port 3269 for LDAP GC SSL traffi c •• TCP port 53 and UDP port 53 for DNS traffi c •• TCP port 88 and UDP port 88 for Kerberos traffi c •• TCP port 445 for SMB (also known as CIFS) traffi c Z05A627093.indd 588Z05A627093.indd 588 2/18/2010 2:10:26 PM2/18/2010 2:10:26 PM The Process of Troubleshooting Network Problems APPENDIX E 589 NOTE For information about determining whether specifi c ports are available, see the section titled “How to Troubleshoot Application Connectivity Problems” earlier in this appendix. The easiest way to test for all of these ports at one time is to use Portqueryui. exe and the “Domains and Trusts” predefi ned service. ■ The administrator must have privileges to add a computer to a domain Administrators who add a computer to a domain must have the Add Workstations To Domain user right. ■ The computer must be running Windows 7 Professional, Windows 7 Enterprise, or Windows 7 Ultimate Windows 7 Starter, Windows 7 Home Basic, and Windows 7 Home Premium operating systems cannot join a domain. How to Troubleshoot Network Discovery With Network Discovery, users can browse shared network resources from the Network window. On private networks, this is convenient because users can connect to resources without knowing the names of other computers on the network. On public networks, however, Network Discovery is a security concern because it will announce the presence of the computer on the public network and users might use it to connect to a potentially malicious computer. For these reasons, Network Discovery is enabled on private networks but disabled on public networks by default. When connected to an AD DS domain, Network Discovery is controlled by Group Policy settings but is disabled by default. Therefore, if the Network window does not display shared resources on the local network, it is almost certainly because Network Discovery is disabled. To remedy this, follow these steps (all of which require administrator privileges and can increase your computer’s exposure to security attacks): 1. Verify that the Function Discovery Provider Host service is running. 2. Verify that Windows Firewall has exceptions enabled for Network Discovery. 3. Change the type of network from public to private. Alternatively, you can manually enable Network Discovery by opening the Network And Sharing Center window and enabling Network Discovery. How to Troubleshoot File and Printer Sharing Several different factors can cause problems with connecting to shared fi les and printers (which use the same communications protocols): ■ Windows Firewall or another software fi rewall is blocking traffi c at the client or server. ■ A network fi rewall between the client and server is blocking traffi c. ■ The client is providing invalid credentials, and the server is rejecting the client’s connection attempt. ■ Name resolution problems prevent the client from obtaining the server’s IP address. NOT E For information about determining whether specifi c ports are available, see the E section titled “How to Troubleshoot Application Connectivit y Problems” earlier in this appendix. The easiest way to test f or all o f these ports at one time is to use Portqueryui. e xe and the “Domains and Trusts” p rede fi ned service. Z05A627093.indd 589Z05A627093.indd 589 2/18/2010 2:10:26 PM2/18/2010 2:10:26 PM 590 APPENDIX E Troubleshooting Network Issues First, start troubleshooting from the client computer. If the server is a computer running Windows 7 and you have administrator access to it, you can also troubleshoot from the server. The two sections that follow assume that the client and server belong to a domain. How to Troubleshoot File and Printer Sharing from the Client Follow these steps to troubleshoot problems connecting to shared fi les and printers: 1. If you can connect to the shared folder but receive an Access Is Denied message when attempting to open the folder, your user account has permission to access the share but lacks NTFS File System (NTFS) permissions for the folder. Contact the server administrator to grant the necessary NTFS fi le permissions. If the server is a computer running Windows 7, see the section titled “How to Troubleshoot File and Printer Sharing from the Server” later in this appendix. 2. Verify that you can resolve the server’s name correctly. At a command prompt, type ping hostname. If Ping displays an IP address, as shown here, you can resolve the server’s name correctly. It does not matter whether the server replies to the pings. If this step fails, it indicates a name resolution problem. Contact your AD DS or DNS administrator. ping server Pinging server [10.1.42.22] with 32 bytes of data: 3. Attempt to connect using the server’s IP address, as identifi ed in the previous step, rather than the server’s host name. For example, instead of connecting to \\server\printer, you might connect to \\10.1.42.22\printer. 4. From a command prompt, attempt to establish a connection to a server using the net use \\ip_address command. If it succeeds, you have suffi cient network connectivity, but your user account lacks privileges to connect to the folder or printer share. Have the server administrator grant your account the necessary share permissions. Share permissions are separate from NTFS fi le permissions. 5. Use Telnet or PortQry to test whether your computer can connect to TCP port 445 of the remote computer. If you cannot connect using TCP port 445, test TCP port 139. For instructions on how to test for connectivity using a specifi c port, see the section titled “How to Troubleshoot Application Connectivity Problems” earlier in this appendix. If you cannot connect using either TCP port 139 or TCP port 445, verify that File And Printer Sharing is enabled on the server. Then, verify that the server has a fi rewall exception for TCP ports 139 and 445 or that an exception in Windows Firewall is enabled for File And Printer Sharing. 6. Attempt to connect to the server using an account with administrative credentials on the server. If you can connect with a different account, your normal account lacks suffi cient credentials. Have the server administrator grant your account the necessary Pin g in g server [10.1.42.22] with 32 bytes o f data: Z05A627093.indd 590Z05A627093.indd 590 2/18/2010 2:10:26 PM2/18/2010 2:10:26 PM The Process of Troubleshooting Network Problems APPENDIX E 591 privileges. Depending on the server confi guration, you might be able to identify authentication problems by viewing the Security Event Log. However, logon failure auditing must be enabled on the server for the events to be available. If you are still unable to connect, continue troubleshooting from the server. If you do not have access to the server, contact the server administrator for assistance. How to Troubleshoot File and Printer Sharing from the Server To troubleshoot fi le and printer sharing from a server running Windows 7 that is sharing the folder or printer, follow these steps: 1. Verify that the folder or printer is shared. Right-click the object and then click Sharing. If it does not indicate that the object is already shared, share the object and then attempt to connect from the client. 2. If you are sharing a folder and it is not already shared, right-click the folder and click Share. In the File Sharing Wizard, click Change Sharing Permissions. If the File Sharing Wizard does not appear, the Server service is not running. Continue with the next step. Otherwise, verify that the user account attempting to connect to the share appears on the list or that the user account is a member of a group that appears on the list. If the account is not on the list, add it to the list. Click Share and then click Done. 3. Verify that the Server service is running. The Server service should be started and set to start automatically for fi le and printer sharing to work. 4. Verify that users have the necessary permission to access the resources. Right-click the object and then click Properties. In the Properties dialog box, click the Security tab. Verify that the user account attempting to connect to the share appears on the list, or that the user account is a member of a group that appears on the list. If the account is not on the list, add it to the list. 5. Check the Windows Firewall exceptions to verify that it is confi gured properly by following these steps: a. Click Start and then click Control Panel. b. Click Security and then click Windows Firewall. c. In the Windows Firewall dialog box, note the Network Location. Click Change Settings. d. In the Windows Firewall Settings dialog box, click the Exceptions tab. Verify that the File And Printer Sharing check box is selected. e. If the File And Printer Sharing exception is enabled, it applies only for the current network profi le. For example, if Windows Firewall indicated your Network Location was Domain Network, you might not have the File And Printer Sharing exception enabled when connected to private or public networks. Additionally, Windows Firewall will, by default, allow fi le and printer sharing traffi c from the local network only when connected to a private or public network. Z05A627093.indd 591Z05A627093.indd 591 2/18/2010 2:10:26 PM2/18/2010 2:10:26 PM 592 APPENDIX E Troubleshooting Network Issues How to Troubleshoot Wireless Networks Wireless networks are now very common. However, users often have problems connecting to wireless networks, because these networks are more complex than wired networks. To troubleshoot problems connecting to a wireless network, follow these steps. 1. Verify that the wireless network adapter is installed and has an active driver. From Network And Sharing Center, click Change Adapter Settings. If your wireless network connection does not appear as shown in Figure E-10, your network adapter or driver is not installed. See Appendix F, “Troubleshooting Stop Messages,” for more information. FIGURE E-10 Network Connections will display the adapter if your wireless network adapter and driver are properly installed. 2. If a wireless network adapter is installed, right-click it in Network Connections and then click Diagnose. Follow the prompts that appear. Windows might be able to diagnose the problem. Network Diagnostics Tim Rains, Program Manager ; Windows Networking N etwork Diagnostics is capable of diagnosing more than 180 different issues related to wireless networking. To get the most from network diagnostics for wireless networks, ensure that you are using native WiFi drivers instead of legacy WiFi drivers. To determine which type of driver(s) is installed on a system, run the following command at a command prompt. netsh wlan show drivers In the resulting output, look for the line labeled “Type.” It should be either legacy WiFi Driver or Native Wi-Fi Driver. If a legacy WiFi driver is installed, contact the manufacturer of the wireless network adapter to see whether a native WiFi driver for the adapter is available. N etwor k Dia g nostics Ti m Ra i ns, Pro g ram Mana g er ; Wi ndows Network i n g N etwork Dia g nostics is capable of dia g nosin g more than 180 different issues related to wireless networking. To get the most f rom network diagnostics f or w ireless networks, ensure that y ou are usin g native WiFi drivers instead of le g ac y W iFi drivers. To determine which type of driver(s) is installed on a system, run the f ollowin g command at a command prompt. n ets h w l an s h ow d r i vers I n the resultin g output, look for the line labeled “T y pe.” It should be either le g ac y W iFi Driver or Native Wi-Fi Driver. I f a legacy WiFi driver is installed, contact the m anufacturer of the wireless network adapter to see whether a native WiFi driver f or the ada p ter is available. Z05A627093.indd 592Z05A627093.indd 592 2/18/2010 2:10:26 PM2/18/2010 2:10:26 PM The Process of Troubleshooting Network Problems APPENDIX E 593 3. Open Event Viewer and view the System Event Log. Filter events to view only those events with a Source of Diagnostics-Networking. Examine recent events and analyze the information provided by the Windows Troubleshooting Platform for the possible source of the problem. 4. Verify that wireless networking is enabled on your computer. To save power, most portable computers have the ability to disable the wireless network radio. Often, this is controlled by a physical switch on the computer. Other times, you must press a special, computer-specifi c key combination (such as Fn+F2) to enable or disable the radio. If the wireless radio is disabled, the network adapter will appear in Network Connections but it will not be able to view any wireless networks. 5. If the wireless network adapter shows Not Connected, attempt to connect to a wireless network. Within Network Connections, right-click the Network Adapter and then click Connect. In the Connect To A Network dialog box, click a wireless network and then click Connect. 6. If the wireless network is security enabled and you are prompted for the passcode but cannot connect (or the wireless adapter indefi nitely shows a status of Identifying or Connected With Limited Access), verify that you typed the passcode correctly. Disconnect from the network and reconnect using the correct passcode. 7. If you are still unable to connect to a wireless network, perform a wireless network trace and examine the details of the report for a possible cause of the problem, as described in the section titled “How to Troubleshoot Performance Problems and Intermittent Connectivity Issues” earlier in this appendix. If the wireless network adapter shows the name of a wireless network (rather than Not Connected), you are currently connected to a wireless network. This does not, however, necessarily assign you an IP address confi guration, grant you access to other computers on the network, or grant you access to the Internet. First, disable and re-enable the network adapter by right-clicking it, clicking Disable, right-clicking it again, and then clicking Enable. Then, reconnect to your wireless network. If problems persist, move the computer closer to the wireless access point to determine whether the problem is related to signal strength. Wireless networks have limited range, and different computers can have different types of antennas and therefore different ranges. If the problem is not related to the wireless connection itself, read the section titled “How to Troubleshoot Network Connectivity Problems” earlier in this appendix. NOTE This section focuses only on confi guring a wireless client running Windows 7; it does not discuss how to confi gure a wireless network infrastructure. For more information, refer to Chapter 10 of Windows Server 2008 Networking and Network Access Protection by Joseph Davies and Tony Northrup (Microsoft Press, 2008). NO T E This section focuses only on confi guring a wireless client running Windows 7; E it does not discuss how to confi g ure a wireless network infrastructure. For more in f ormation, re f er to Cha p ter 10 o f W i n d ows Server 2008 Networ ki ng an d Networ k Access P rotection b y Joseph Davies and Ton y Northrup (Microsoft Press, 2008) . Z05A627093.indd 593Z05A627093.indd 593 2/18/2010 2:10:27 PM2/18/2010 2:10:27 PM 594 APPENDIX E Troubleshooting Network Issues How to Troubleshoot Firewall Problems Many attacks are initiated across network connections. To reduce the impact of those attacks, Windows Firewall by default blocks unrequested, unapproved incoming traffi c and unapproved outgoing traffi c. Although Windows Firewall will not typically cause application problems, it has the potential to block legitimate traffi c if not properly confi gured. When troubleshooting application connectivity issues, you will often need to examine and possibly modify the client’s or server’s Windows Firewall confi guration. Misconfi guring Windows Firewall can cause several different types of connectivity problems. On a computer running Windows 7 that is acting as the client, Windows Firewall might block outgoing communications for the application (though blocking outgoing communications is not enabled by default). On a computer running Windows 7 that is acting as the server (for example, a computer that is sharing a folder), Windows Firewall misconfi guration might cause any of the following problems: ■ Windows Firewall blocks all incoming traffi c for the application. ■ Windows Firewall allows incoming traffi c for the LAN but blocks incoming traffi c for other networks. ■ Windows Firewall allows incoming traffi c when connected to a domain network but blocks incoming traffi c when connected to a public or private network. The symptoms of client- or server-side fi rewall misconfi guration are the same: application communication fails. To make troubleshooting more complex, network fi rewalls can cause the same symptoms. Answer the following questions to help identify the source of the problem: 1. Can you connect to the server from other clients on the same network? If the answer is yes, you have a server-side fi rewall confi guration problem that is probably related to the confi gured scope of a fi rewall exception. If adjusting the scope of the fi rewall exception does not solve the problem, it is probably caused by a network fi rewall, and you should contact your network administrators for further assistance. 2. Can you connect to the server when the client is connected to one type of network location (such as a home network or a domain network), but not when it is connected to a different type of network location? If the answer is yes, you have a client-side fi rewall confi guration problem that is probably caused by having an exception confi gured for only one network location type. 3. Can other clients on the same network connect to the server using the same application? If the answer is yes, you have a client-side fi rewall confi guration problem that is probably caused by having a rule that blocks outgoing traffi c for the application. 4. Can the client connect to other servers using the same application? If the answer is yes, you have a server-side fi rewall confi guration problem, and the server needs a fi rewall exception added. If adding an exception does not solve the problem, it is probably caused by a network fi rewall, and you should contact your network administrators for further assistance. Z05A627093.indd 594Z05A627093.indd 594 2/18/2010 2:10:27 PM2/18/2010 2:10:27 PM The Process of Troubleshooting Network Problems APPENDIX E 595 Summary Windows 7 can automatically diagnose many common network problems. Other problems are more complicated and require you as an administrator to perform additional troubleshooting to isolate the source of the problem. When you have isolated the source of the problem, you may be able to fi x the problem yourself. If the problem is related to a failed network circuit or another factor outside of your control, isolating the problem allows you to escalate the issue to the correct support team and allow the support team to resolve the problem as quickly as possible. Z05A627093.indd 595Z05A627093.indd 595 2/18/2010 2:10:27 PM2/18/2010 2:10:27 PM Z05A627093.indd 596Z05A627093.indd 596 2/18/2010 2:10:27 PM2/18/2010 2:10:27 PM APPENDIX F 597 APPENDIX F Troubleshooting Stop Messages NOTE This material was originally published in a slightly different form in Windows 7 Resource Kit by Mitch Tulloch, Tony Northrup, Jerry Honeycutt, Ed Wilson, and the Windows 7 Team at Microsoft (Microsoft Press, 2010). W hen Windows detects an unexpected problem from which it cannot recover, a Stop error occurs. A Stop error serves to protect the integrity of the system by immediately stopping all processing. Although it is theoretically possible for Windows to continue functioning when it detects that a core feature has experienced a serious problem, the integrity of the system would be questionable, which could lead to security violations, system corruption, and invalid transaction processing. When a Stop error occurs, Windows displays a Stop message, sometimes referred to as a blue screen, which is a text-mode error message that reports information about the condition. A basic understanding of Stop errors and their underlying causes improves your ability to locate and understand technical information or perform diagnostic procedures requested of you by technical support personnel. Stop Message Overview Stop errors occur only when a problem cannot be handled by using the higher-level error-handling mechanisms in Windows. Normally, when an error occurs in an application, the application interprets the error message and provides detailed information to the system administrator. However, Stop errors are handled by the kernel, and Windows is only able to display basic information about the error, write the contents of memory to the disk (if memory dumps are enabled), and halt the system. This basic information is described in more detail in the section titled “Stop Messages” later in this appendix. As a result of the minimal information provided in a Stop message and the fact that the operating system stops all processing, Stop errors can be diffi cult to troubleshoot. Fortunately, they tend to occur very rarely. When they do occur, they are almost always caused by driver problems, hardware problems, or fi le inconsistencies. N O T E This material was originally published in a slightly different form in E W indows 7 R esou r ce K it by Mitch Tulloch, Tony Northrup, Jerry Honeycutt, Ed Wilson, and the t Windows 7 Team at Microsoft ( Microsoft Press, 2010 ). Z06A627093.indd 597Z06A627093.indd 597 2/8/2010 12:02:07 PM2/8/2010 12:02:07 PM [...]... running Windows 7 can cache host names when they are resolved If a DNS record is updated, as it is in this example, the DNS client running Windows 7 might continue to use the now-incorrect IP address for the host name To resolve this, you should flush the DNS cache D Incorrect: This command displays the current IP configuration It would not flush the DNS cache 622 Z07A6 270 9 3.indd 622 Answers 2/22/2 010 4:21:26... hardware manufacturer to develop an improved driver If a Stop error is caused by faulty hardware, you should repair or replace the hardware Stop Message Checklist Z06A6 270 9 3.indd 6 17 APPENDIX F 6 17 2/8/2 010 12:02:18 PM Z06A6 270 9 3.indd 618 2/8/2 010 12:02:18 PM Answers Chapter 1: Lesson Review Answers Lesson 1 1 Correct Answer: A A Correct: Chkdsk can reveal bad sectors on the disk Bad sectors can cause system... purchasing new or replacement memory Always adhere 616 Z06A6 270 9 3.indd 616 APPENDIX F Troubleshooting Stop Messages 2/8/2 010 12:02:18 PM to the manufacturer’s specifications when purchasing memory modules For example, you can fit a memory module rated for 66-megahertz (MHz) or 100 -MHz operation (PC66 or PC100 RAM, respectively) into a system using a 132-Mhz memory bus speed, and it might initially appear to... (USB) device, as shown by the bold text STACK_TEXT: WARNING: Frame IP not in any known module Following frames may be wrong ba4ffb2c ba26c6ff 89467df0 686 273 75 70 6 46f52 0x8924ed33 ba4ffb5c ba 273 661 88ffade8 8924eae0 89394e48 usbhub!USBH_PdoRemoveDevice+0x41 ba4ffb7c ba26c952 88ffaea0 89394e48 00000002 usbhub!USBH_PdoPnP+0x5b ba4ffba0 ba26a1d8 01ffaea0 89394e48 ba4ffbd4 usbhub!USBH_PdoDispatch+0x5a ba4ffbb0... box, click the Advanced tab Then, under Startup And Recovery, click Settings 4 Z06A6 270 9 3.indd 610 Click Advanced System Settings 3 610 Click Start, right-click Computer, and then select Properties In the System Failure box, clear the Automatically Restart check box APPENDIX F Troubleshooting Stop Messages 2/8/2 010 12:02: 17 PM If you cannot start your computer in normal mode, you can perform the preceding... Help and Support at http:/ /support. microsoft.com ■ Z06A6 270 9 3.indd 598 Microsoft Knowledge Base The Knowledge Base includes timely articles about a limited subset of Stop errors Stop error information in the Knowledge Base is often specific to a particular driver or hardware feature and generally includes step-by-step instructions for resolving the problem ■ 598 Microsoft Debugging Tools For Windows. .. 4 Use the drop-down Write Debugging Information list and then select the debugging type 5 Z06A6 270 9 3.indd 602 Click Advanced System Settings 3 602 Click Start, right-click Computer, and then select Properties If desired, change the path shown in the Dump File box Figure F-2 shows the Startup And Recovery dialog box APPENDIX F Troubleshooting Stop Messages 2/8/2 010 12:02:16 PM FIGURE F-2 Use the Startup... possible solution is available, Action Center displays an icon in the system tray with a notification message 7 Open Action Center to view the solution Alternatively, you can search for View All Problem Reports in Control Panel Memory Dump Files Z06A6 270 9 3.indd 6 07 APPENDIX F 6 07 2/8/2 010 12:02: 17 PM If WER does not identify the source of an error, you might be able to determine that a specific driver... before installing Windows Consult your system documentation for information about checking and upgrading your computer’s firmware Installation Stop errors that occur during setup Stop Message Overview Z06A6 270 9 3.indd 601 APPENDIX F 601 2/8/2 010 12:02:16 PM Memory Dump Files When a Stop error occurs, Windows displays information that can help you analyze the root cause of the problem Windows writes the... specific information and perform certain procedures to help technical support investigate your problem For more information about Microsoft product support, visit http://www.microsoft.com/services/microsoftservices/ srv _enterprise. mspx Microsoft Help and Support Microsoft Product Support Services APPENDIX F Troubleshooting Stop Messages 2/8/2 010 12:02:16 PM Stop Messages Stop messages report information about . correct support team and allow the support team to resolve the problem as quickly as possible. Z05A6 270 9 3.indd 595Z05A6 270 9 3.indd 595 2/18/2 010 2 :10: 27 PM2/18/2 010 2 :10: 27 PM Z05A6 270 9 3.indd. right. ■ The computer must be running Windows 7 Professional, Windows 7 Enterprise, or Windows 7 Ultimate Windows 7 Starter, Windows 7 Home Basic, and Windows 7 Home Premium operating systems. assistance. Z05A6 270 9 3.indd 594Z05A6 270 9 3.indd 594 2/18/2 010 2 :10: 27 PM2/18/2 010 2 :10: 27 PM The Process of Troubleshooting Network Problems APPENDIX E 595 Summary Windows 7 can automatically