[wpkg-users] Server connection failed with RealTek cards

K.E.Jones at bton.ac.uk K.E.Jones at bton.ac.uk
Fri Aug 29 00:42:44 CEST 2008 

It's late in the day but....

> -----Original Message-----
> From: wpkg-users-bounces at lists.wpkg.org [mailto:wpkg-users-
> bounces at lists.wpkg.org] On Behalf Of Florian Effenberger
> Sent: 28 August 2008 14:49
> To: wpkg-users at lists.wpkg.org
> Subject: Re: [wpkg-users] Server connection failed with RealTek cards
> 
> Hi,
> 
> > Could you try:
> >
> > echo debug > c:\netinst\debug-pre.txt
> > PING -n 30 127.0.0.1>nul
> > echo debug > c:\netinst\debug-post.txt
> 
> I did, but it doesn't do anything, no debug log file at all... I even
> tried going back to 1.2.1, but didn't work either. Log says:
> 
> ==
> Offline mode: custom connecting script method selected.
> and
> WNetAddConnection2-> Der Netzwerkname wurde nicht gefunden.
> [translated: network name not found]
> ==
> 
> I'm out of luck now. :-(
> 
> Florian

 Hiya,

 That's not too distant an issue from what people have mentioned
before. I think you might have an underlying issue here though.

 I have to concur with Rainer and folks on the driver issue. I've
seen this before in 3Com 905a/b/c,Realtek 8169/8189 and a few others.
As far as I've read the 'auto-negotiation' of network speed plays
a big role in this.

 It's not specifically an error in WPKG. The issue seems to be that
the drivers aren't able to bring the network card up fast enough for
the windows authentication for the machine account to work.

 This in-turn causes the domain controller to reject the computer
account as being valid, which leads to network shares being ditched 
and various warnings and red alerts to appear in the event log.

 Don't forget the basics here... It's all about trust!

 To be able to list the shares, resources or obtain user information
from a server/domain member, the machine must be part of the domain
(Note 1). This is the process that gets screwed up by the Realtek/3Com
drivers being too slow.

 The computer starts up, tries to logon via its secret domain\machine$
account and fails because the network card doesn't respond in time. It
therefore isn't trusted by the domain and will not get responses to
requests for user authentication. Any account therefore gets denied
access to shares and it all gets messy :-(

 My experiences led to machines not authenticating with the domain
controller, ignoring group policies and ignoring logon scripts.

 It's probably something worth looking at that from a global view.

 The clue to look for is whether your event logs show authentication
errors or failures to see domain controllers. A good one to look for is
"Can't determine computer name or account" (that's the wording
I remember off the top of my head at least!). That usually indicates
that
it couldn't see the domain controller or failed to make a good
authentication connection to it.

 It can sometimes be a network issue or it can sometimes be silly things
such as;

 a) the clock being out of sync enough that it's outside the limits for
    Kerberos to validate the request. Computer time - Domain Time <
    5 minutes.
 b) the machine having not synced the 'private' password it synchronizes
    for the domain\machine$ account. (That happens a lot for us because
    our staff disappear off for months at a time without connecting
their
    laptops to the network and computer accounts are subject to expiry
    dates just like user accounts!)

 I've usually got out of it by installing the latest 'generic' drivers
from
the manufacturer but if you're stuck keeping to specific driver
versions then you could try manually setting any 'Auto-negotiate'
settings to a manual setting that matches your network switch. That
sometimes works to speed up the negotiation process and skip the issue.

 I hope that all makes some sense.

 I'm just getting that spidey-sense tingling that says it's not really a
WPKG issue but something a bit more pervasive.

 Gimme a shout if it doesn't make sense...

Keefy

PS: (Note 1) There are occasions when you can usurp the order of things.
Administrative accounts or other accounts can still work if their
usernames and passwords are an 'exact' match. Windows single logon
concepts
allow you to meld workgroups with domains using this concept but you
do have to have administrator rights to take full advantage of it. 

>
-----------------------------------------------------------------------
> --
> wpkg-users mailing list archives >>
> http://lists.wpkg.org/pipermail/wpkg-users/
> _______________________________________________
> wpkg-users mailing list
> wpkg-users at lists.wpkg.org
> http://lists.wpkg.org/mailman/listinfo/wpkg-users

More information about the wpkg-users mailing list