Discuss this page | winhlp.com home

Windows Network Problem Solver

Copyright © 2004-2011 Hans-Georg Michna

Introduction

About this page

This web page is a new experiment using interactive Dynamic HTML, trying to make network troubleshooting easier. Its further development depends a lot on your co-operation. The intention and hope is that it will help to solve the majority of small network problems.

If you find any errors, inaccuracies, or oversights, or if you think that some new information should be included, please add comments here (click on Add new comment).

Also, if you solved your problem, I'd be grateful for a brief comment stating what did it. If you can, please include information on how to recognize this particular problem, for example a precise error message or other easily recognizable symptoms.

If you want to go a step further and describe a problem along with a solution in a way suitable for full integration into this page, I will gladly incorporate it, along with the following, if you like.

Please add your solution as a comment (click on Add new comment). If you're not sure whether your topic would fit here, just add a comment anyway. I may reject articles.

Web browser error—no DHTML/JavaScript/CSS: This page is based on Dynamic HTML and requires a modern web browser with JavaScript enabled. Filling in the form may not have any effect. You can still read the entire document, but the chapters will not be opened or closed. If you are using Internet Explorer, try to enable scripting and check whether this paragraph disappears.

This is your automatic expert right on your computer. Define your problem by filling in the form below. Then scroll down to see the solution. Troubleshooting has never been easier. Requires Windows XP with Service Pack 2 or higher and Internet Explorer 6 or higher with scripting enabled. Partly adapted to Windows Vista.

Disclaimer: You are carrying the entire responsibility for everything you do after reading this web page. For example, if you do something that has been recommended here and then your hard disk is erased or your computer explodes, nobody will refund you.

Donations

If this page has helped you and you would like to contribute to this web site, please donate. Small amounts like $5 are helpful and will be gratefully accepted. You can also donate with your credit card by quickly and easily creating a free PayPal account.

Currency: Amount:

Step 1 – Fill in the form

The problem definition form

How to use it—read this carefully

You have to fill in the form, because otherwise this page is hardly useful. Make a decision and plan 5 minutes. The reward will be a very high likelihood of getting your particular problem perfectly solved. If you do not fill in the form, you will probably not find the solution.

Please go through the form and click on the checkbox or radio button on the left side next to each best choice. The questionnaire expects you to answer as if you were sitting at the computer on which the problem shows up. Take a little time and try to be precise. It's worth it.

After each change you make, different chapters in the results section below the form are opened (shown with full text) or closed (only the heading is shown). Scroll down to see them all.

Once this page is loaded, there is no further Internet data exchange. All processing is done only on your computer.

Fundamentals

 v Select your computer's symptoms below.

Network adapter not visible or connection not visible in Network Connections or Device Manager.

Or, if you try to assign a fixed IP address to a new adapter, you may get the error message: The IP address XXX.XXX.XXX.XXX you have entered for this network adapter is already assigned to another adapter ...

I get the error message: LAN Connection – A network cable is unplugged
I get the warning: Limited or no connectivity
The problem occurs only on a wireless connection.
The Networking Wizard does not run to completion.
The computer runs Windows XP Home Edition. [os=0]
The computer runs Windows XP Professional and Simple File Sharing is enabled. [os=1]

You can check this by opening Windows Explorer and selecting the commands Tools, Folder options, View, Advanced settings.

The computer runs Windows XP Professional and Simple File Sharing is disabled, i.e. the computer uses Classic File Sharing. [os=2]
Not at all—The problem function never works. The problem is always there. [sporadic=0]
Sporadic—The problem function works sometimes and sometimes it doesn't or it works for some time and then stops. [sporadic=1]
Slow or delayed—The problem function works correctly, but is slow, or it doesn't work at first, for some time, but later works correctly. [sporadic=2]
The computer is portable and connects to different networks.

IP (Internet Protocol)

Other transport protocols beside TCP/IP are installed, like IPX (NWLink), NetBEUI, or IPv6.

To find out, right-click on Network Neighborhood or My Network Places, click on Properties, right-click on LAN Connection, click on Properties.

For the following choices you need to know the IP address of your computer's LAN adapter. To find it, open a command line window and enter the command: ipconfig

The display shows the IP addresses of all adapters, subnet masks, and the standard gateway to the Internet, if any.

The LAN adapter IP address is: 0.0.0.0 (i.e. no valid IP address). [ip=3]
The LAN adapter IP address begins with 169.254. (i.e. an APIPA IP address). [ip=2]

You may get the warning: Limited or no connectivity

The LAN adapter IP address begins with 192.168. or 172.16. - 172.31. or 10. (i.e. a private network IP address). [ip=1]
The LAN adapter IP address is none of the above (i.e. a genuine Internet address). [ip=0]
NetBIOS node type is P-t-P and I have no WINS server.

Open a command line window and enter the command: ipconfig /all

Look for the NetBIOS node type of your LAN adapter, which may be Hybrid, Unknown, Mixed, or P-t-P.

ping 127.0.0.1 doesn't work. [ping=4]

Open a command line window and enter the command: ping 127.0.0.1

ping localhost doesn't work. [ping=3]

Enter the command literally: ping localhost

ping w3.org on the Internet doesn't work. [ping=2]

Establish an Internet connection, then enter the command: ping w3.org

ping computername inside the LAN doesn't work. [ping=1]

Replace computername with the name of another computer in your LAN. Enter the command ping, followed by a space and then the actual computername of the other computer in your LAN.

ping works without problems. [ping=0]

Firewall

I have disabled the firewall, get firewall warnings for no protection, and want to get rid of these warnings.
I have a third party firewall or antivirus software or a proxy server installed.

Internet connection

I cannot create a remote access or dial-up network connection. All items on the "Network Connection" page of the New Connection Wizard are unavailable (greyed out). Possible error messages:
  • Cannot load Remote Access Connection Manager. Error 711
  • The Network Connections folder is empty.
  • The Internet Connection Sharing and Internet Connection Firewall (ICF) services do not start because of a dependency failure.
  • System log Event ID: 7023 or 20035
  • Could not start the Remote Access Connection Manager service on Local Computer. Error 5: Access is denied.
  • Connection failed. Your Windows network is not properly configured.
  • Could not start the Remote Access Connection Manager service on local computer. Error 1068.
  • Could not start the Remote Access Auto Connection Manager service on local computer. Error 1068. The dependency service or group failed to start.

Network Neighborhood or My Network Places

I get the error message: \\computer is not accessible ...

(Instead of the word computer the computer name is shown.)

I get the error message: Workgroup is not accessible. Or I observe one of the following symptoms.
  • I cannot access shares on other computers.
  • I cannot locate other computers in the workgroup.
  • When I double-click the workgroup in Network Neighborhood or My Network Places, I get the error message: Workgroup is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.
  • I get the error message: Workgroup is not accessible. The list of servers for this workgroup is not currently available.

(Instead of the word workgroup the name of your workgroup is shown.)

I get the error message: Access denied or a similar message or some indication that a wrong username or password has been used. Although I have entered the correct username and password I experience one of the following:
  • Error message: Access denied
  • Error 5, for example, "System error 5 has occurred. Access is denied" or "Error 5: You do not currently have access ..."
  • Error message: Permission denied
  • Password prompt for \\computername\IPC$
  • Dialog box keeps asking for username and password.
Computers or shares or printers are missing in Network Neighborhood or My Network Places, or you get an error message like the following:
  • ... no network was found.
  • Unable to browse the network. The network is not present or not started.
The "Entire Network" folder is missing in Windows Explorer under Network Neighborhood or My Network Places. The Windows Network and workgroups folders are also missing.

Internet Connection Sharing (ICS)

An ICS client cannot control the Internet connection, e.g. cannot make the ICS host hang up.

Internet Explorer and Outlook Express

Internet Explorer problem with ftp server
Internet Explorer or Outlook Express cannot find the network.
Internet Explorer cannot completely display some web sites but displays others perfectly well.
Internet Explorer displays a local content warning when I open documents with active content from a local disk.
Internet Explorer shows other strange behavior or freezes or crashes.

Other symptoms and error messages

I get a dialog box asking me to Connect as ... or I do not get it, but want to get it.
Error 1385: Logon failure: The user has not been granted the requested logon type at this computer.
Unknown error 31 after trying to log on with an empty password.
In Windows Explorer I can see a mapped network drive, but its folders are not displayed on the right side. Possible error messages are:
  • Read Access Withdrawn (RAW)
  • The file system on the server does not support long file names.
Error 0xC0000135 winsrv was not found
I get none of the error messages mentioned above, but I get the error message: The network path was not found.
I get the error message: Not enough server storage is available to process this command. Not enough memory to complete transaction. Close some applications and retry.

I cannot access network shares. On the Windows server the system event log may contain Event ID: 2011, Source: Srv

Cannot add WebDAV server to Network Neighborhood or My Network Places.
Cannot print to a LPR network printer.

LPR printers are printers that are connected directly to the Ethernet, not to a computer.

On a Windows 9x or ME computer one or more of its shares are not automatically reconnected after booting.
Popup messages like those sent by NET SEND do not show up.
The system ignores my hosts file.
There are currently no [domain] logon servers available to service the logon request.
VPN (Virtual Private Network) does not work.
I have carefully checked all choices in this form and selected the applicable ones.

Please make your selections in the form above.

The possible solutions to your problem have now been compiled under step 2 below. Normally there is no need to use the Open/Close buttons right now. Just scroll down and read all of it.

If you have a problem with the result and want to ask about it in a comment (click on Add new comment) or in one of the following newsgroups:

then you should copy and include the following selections text:

Selections: (Nothing entered yet.)

Step 2 – See the results

In front of each headline in the results below you see a number that indicates relevance. 3 indicates strong relevance, 0 or any negative number indicates probable irrelevance. Normally only the chapters with positive relevance are opened, i.e. shown with their full text. If you like, you can also:

Step 1 completion

If this chapter is open and bears a relevance number greater than 0, then the form above has not been filled completely. The results below are incomplete or incorrect.

This page will yield some results even if the form is only partially filled, but you may miss the important point that solves your problem. Hence the recommendation to read the entire form carefully and check all points that apply.

Without filling in the form at all (and using Internet Explorer or a fully compatible browser), this page is of little use. You will hardly find your particular solution in 40 pages of text. If you don't invest the required 5 minutes to work through the entire form, you will waste much more time trying to solve your problem. It is better to scroll back up and fill in the form first, carefully, all of it.

If you did fill in the form completely, still get this warning and do not see the relevance numbers and open-close icons in front of each chapter heading, then your browser may be incompatible. (The required browser is at least Internet Explorer version 6.) If so, then your only, and smaller, chance to find the relevant chapter is to peruse the entire text below or search for certain words, using the search function of your browser.

Please read this first

General advice

Important: Before you read on, read this General advice first. Begin with the chapter, General problem solving advice and read on to the end.

This chapter here only contains general advice that is not specific to your problem. Please read it anyway.

Please do not send email with support requests to me. Such questions should always go into a comment (click on Add new comment) or into the newsgroup microsoft.public.windowsxp.network_web, where others and I will gladly try to answer them.

Obtain step by step guidance

This document doesn't teach networking. It only intends to locate and solve particular problems.

For simple networking guides turn to the help system first. Try Start, Help & Support.

For a step by step guide to Windows XP Home Edition networking you can read a series of Microsoft Knowledge Base articles beginning with this one:

How to Set Up a Small Network with Windows XP Home Edition (PART 1)
http://support.microsoft.com/kb/813936/

For a 60 page tutorial that covers networking with several Windows versions go to http://www.microsoft.com/downloads/details.aspx?familyid=87c0a6db-aef8-4bef-925e-7ac9be791028 and download the Word document FileSharing.doc. Some more links:

Making the Wireless Home Network Connection in Windows XP Without a Router
http://www.microsoft.com/windowsxp/using/networking/expert/bowman_02april08.mspx

Several step-by-step tutorials: www.practicallynetworked.com

Also check the links at the end of this document.

The rest of this document below should help you to solve most of the common network problems.

Please scroll down and read on

This chapter only contains general advice that applies to all installations.

The following chapters below have been opened or closed according to your selections in the step 1 form above. They also bear a relevance number, usually from 0 (irrelevant) to 3 (strongly relevant).

Network adapter or connection not visible

Network adapter not visible in Device Manager

You may get the error message: The IP address XXX.XXX.XXX.XXX you have entered for this network adapter is already assigned to another adapter ...

Please check the following Microsoft Knowledge Base articles first.

Device Manager Does Not Display Devices That Are Not Connected to the Windows XP-Based Computer
http://support.microsoft.com/kb/315539/

Error Message When You Try to Set an IP Address on a Network Adapter
http://support.microsoft.com/kb/269155/

If it does not solve the problem, proceed as follows.

  1. Download the latest version of the network adapter driver, particularly if the currently installed software is older than 2004-09, the time when Service Pack 2 was issued.
  2. Uninstall the network adapter driver.
  3. Reboot.
  4. Windows XP should detect the adapter and offer to install the driver. Point it to the new driver and let it install the new driver.

Network connections missing

Possible symptoms:

Despite these issues, networking continues to function correctly, and the ipconfig command still shows all connection and all adapter information.

In any of these cases please read the following Microsoft Knowledge Base article.

How to troubleshoot missing network connections icons in Windows Server 2003 and in Windows XP
http://support.microsoft.com/kb/825826/

Adapter or Ethernet cabling

Defective cable, adapter, or switch

If you receive the balloon help error message, "LAN Connection – A network cable is unplugged", even if you only see it sporadically, then you most likely have a hardware defect.

The defect can be in the cable, but it can also be in the network adapter inside the computer or in the device at the other end of the cable. Try to swap components to identify the source of the problem.

Crossover cable

Connecting two computers by crossover cable, rather than through two patch cables and one switch, does not always work. Not all network adapters can handle crossover cabling. Buy a switch and straight (not crossover) cables—they are very cheap and allow you to connect more computers later.

You also get the message, "LAN Connection – A network cable is unplugged", if there is no Ethernet adapter driver installed on the other computer.

Further troubleshooting

Please read the following Microsoft Knowledge Base article.

How to troubleshoot the following message in Windows XP: "A network cable is unplugged"
http://support.microsoft.com/kb/910389/

Limited or no connectivity warning

If you see a "Limited or no connectivity" warning and a yellow exclamation mark in Device Manager, this only means that the computer's network port is set to automatically obtain an IP address through DHCP (Dynamic Host Configuration Protocol), but a DHCP server could not be found. Windows then generates an APIPA address in the 169.254.x.y range (see chapter APIPA Addresses in Private IP Addresses). This means that all computers in the LAN (Local Area Network) can communicate with each other, if the others also gave themselves APIPA addresses.

It does not necessarily mean that there is anything wrong, but if you don't want to see this message any more, right-click on the LAN connection, select Properties, and remove the check mark for "Notify me when this connection has limited or no connectivity".

Whether you can have Internet access depends on the kind of Internet connection. If you use a dial-out connection (including PPPoE and similar), this computer can have Internet access.

If you swapped your network adapter and have a DHCP server in some other device like a cable modem or router that worked before you installed Service Pack 2, switch its power of, wait 10 seconds, then switch it on again. Then reboot your computer. The background is that some cable modems or similar devices recognize the connected adapters (or their MAC addresses) only once when powering up.

If, however, you have a working DHCP server (for example, Internet Connections Sharing enabled on another computer) and still get this warning message, then your computer's DHCP client does not work or DHCP is not enabled. One solution is to remove the IP address and related settings and set them to automatic. Another is to run the Network Setup Wizard.

Wireless access problems

Driver update

Go to the web site of the manufacturer of your wireless hardware and dowload the latest driver. Several manufacturers have updated their drivers particularly after Windows XP Service Pack 2, i.e. around 2004-09.

If you just installed Service Pack 2 or a later service pack and have the problem since then, try also to uninstall the network adapter driver, reboot, then let Windows (PnP) redetect and reinstall the driver even if there is no newer one. Then check and, if necessary, set up the connection.

Router or base station firmware

Update the firmware on your wireless router to the latest version, particularly if your current version is older than 2004-09. Quite a few older firmware versions are incompatible with Wireless Zero Configuration.

Third party configuration software

If the manufacturer of your wireless hardware installs wireless configuration software, this may interfere with Windows XP's own Wireless Zero Configuration function, may change settings, etc.

Uninstall the third party software. Reboot. If the software is still running, run msconfig, select Startup and uncheck any line that starts such software, then reboot again.

Further reading

Please have a look at the following articles by Microsoft.

Troubleshooting Windows XP IEEE 802.11 Wireless Access
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/wifitrbl.mspx

Windows XP Wireless Deployment Technology and Component Overview
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/wificomp.mspx

Configuring Windows XP IEEE 802.11 Wireless Networks for the Home and Small Business
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/wifisoho.mspx

Energy saving

Energy saving settings can get in the way, so you may want to test this by changing the setting. You can find it by right-clicking on My Computer, selecting Properties, Hardware, Device manager. Find your network adapter by clicking on the + signs to the left, double-click on it and select Energy options. Disable energy saving and click on OK. Test over a long period. If the problem is not solved, you can re-enable energy saving if you want it.

For wireless adapters using Wireless Zero Configuration proceed as follows.

XP Networking Wizard problems

Avoid running the wizard if you want to keep your network as it is and only want to integrate a new XP computer into it. Run it only if you accept that your network settings are restructured to conform to XP's ways.

If you have already run the wizard, just read on. This text will help you to undo the unwanted actions of the wizard.

If the wizard will not run, you can either try to repair the Windows installation or you can do without the wizard.

Transport protocols

If you connect to the Internet through a cable modem or any other means that involves IP addresses that are not in the same subnet, please read Internet via Cable Modem first. Normally this does not apply to DSL (ADSL) or dial-up connections.

Of the three transport protocols NetBEUI, IPX (Netware, NWLink), and TCP/IP you need only one. Since the Internet uses TCP/IP, this article supposes that you have only this transport protocol installed. Having more than one transport protocol can cause various problems, such as slow browsing (please see the relevant chapter below), therefore it is not recommended, unless you have an overriding reason like IPX game playing or the abovementioned IPX connections between computers in different IP subnets due to unfavorable IP address allocation by cable Internet providers. Thus remove NetBEUI and IPX unless you are very sure that you need them.

Check your games first. Many also offer gaming over IP (for example using the UDP protocol), in which case only the TCP/IP transport protocol is needed. But some older games still require IPX. If you need IPX for local network game playing, remove all bindings to that protocol. You can do this as follows.

You could also use the IPX transport protocol for Windows networking and remove the checkbox from the TCP/IP protocol instead, but since everybody else uses TCP/IP, it is better to stick to that, in case you want to attach a guest's or friend's computer to your network and copy some files.

TCP/IP not working

How to uninstall and reinstall TCP/IP

If TCP/IP is not working and the command "netsh interface ip reset resetlog.txt" fails to resolve the problem, you can try the following procedure in Windows XP or Windows 2003 Server, which basically enables the TCP/IP uninstall function that is normally not available in these operating systems.

In brief, you have to do the following:

Complete procedure

  1. Open regedit (click on [Start], Run..., type: regedit , click on [OK]
  2. In the left pane navigate to the following two keys and delete them:

            HKEY_LOCAL_MACHINE
             \SYSTEM
              \CurrentControlSet
               \Services
                \Winsock

            HKEY_LOCAL_MACHINE
             \SYSTEM
              \CurrentControlSet
               \Services
                \WinSock2
     
  3. Optional backup of the TCP/IP configuration file: Close regedit, open Windows Explorer, and locate the nettcpip.inf file in %winroot%\inf (for example in: C:\WINDOWS\inf). Make a backup copy to restore later, if needed.
  4. Open the nettcpip.inf in the editor (for example, in notepad.exe).
  5. Under the section [MS_TCPIP.PrimaryInstall], change "Characteristics = 0xa0" to "Characteristics = 0x80" and resave the file.
  6. Open Network Connections, right-click on Local Area Connection, and select Properties.
  7. Click on Install, Protocol, Have disk, and type the path to the inf folder you used above, for example: c:\windows\inf
  8. Choose TCP/IP from the list. This will take you back to the properties screen, but now the [Uninstall] button is available, which was the purpose of the above procedure.
  9. Highlight TCP/IP and click on [Uninstall].
  10. If you're not in a hurry, reboot at this point. Ignore the warning messages that a lot of services are failing.
  11. Optional: If you saved a backup copy of nettcpip.inf, restore it now.
  12. Open Network Connections, right click on Local Area Connection, and select Properties
  13. In the properties of Local Area Connection click Install, Protocol, "Have disk", and type the same path again, for example: c:\windows\inf
  14. Choose TCP/IP from the list and install it.
  15. Reboot.

To check whether TCP/IP is installed and working properly, find the IP address of each of your computers and, if present, of your router, then ping each computer from at least one other computer. You can find the IP address of each computer by going to that computer and running ipconfig (on Windows XP, 2000, NT) or winipcfg (on Windows ME, 98). Then ping your local computer through the localhost address by entering one of the following commands into a command line window and pressing return:

ping localhost
ping 127.0.0.1

If this works, ping other computers by entering ping, followed by a space and the IP address of the target computer, then press return. Example:

ping w3.org

If the ping test fails, the low level connection between your computers (or, if ping localhost fails, even inside your computer) is not working, and there is no need to read on until this is repaired. The most radical method to repair it (short of reinstalling Windows) is to remove all networking components, including the network adapter driver, reboot, then add them again.

One action you can try first is to repair the connection. Right-click on the connection (in the network connections list) and select Repair.

There is also the command:

netsh interface ip reset logfilename

or abbreviated:

netsh int ip reset logfilename

where logfilename should be replaced with a text file path and name of your choice.

The following 3 command samples, each to be typed in one line, show how you can use different paths, but you should only use a path to which you have sufficient access rights. The different log file paths only determine where the log file is written. Otherwise these commands all do the same thing, reset the IP stack:

netsh int ip reset c:\resetlog.txt

netsh int ip reset c:\windows\temp\resetlog.txt

netsh int ip reset "C:\Documents and Settings\Administrator\My Documents\resetlog.txt"

It is unclear whether this command does more, apart from the possible logging, than the Repair command described above, but if there is any difference, then the netsh int ip reset command is probably more thorough. Please add a short comment (click on Add new comment) if you ever find that the latter does or does not more than the former.

The appropriate Microsoft Knowledge Base article provides more details on this:

How to reset Internet Protocol (TCP/IP) in Windows XP
http://support.microsoft.com/kb/299357/

How to reset "Internet Protocol (TCP/IP)" in Windows Server 2003
http://support.microsoft.com/kb/317518/

Other known cause for such problems are the Cisco and Checkpoint VPN clients and the AT&T Global Network Client's Firewall.

IP address 0.0.0.0

First of all, disable and re-enable the connection. When you change the IP address from automatic to a fixed IP address while the adapter is not connected, you always get a 0.0.0.0 address at first when the adapter reconnects. If this doesn't solve the problem, read on.

Symptoms:

This problem can occur after uninstalling Norton AntiVirus, which sets the DHCP service as depending on itself. It can also occur when the computer name of the client computer is too long. Make sure that all computer names in your network are no longer than 15 characters.

First set a restore point, so you can undo your changes, should anything go wrong (Programs, Accessories, System programs, System restore).

After setting the restore point, to remove this dependency, do this:

See also the following Microsoft Knowledge Base article, which refers to computers with two or more Ethernet adapters:

The primary IP address is reset to 0.0.0.0 after you disconnect and reconnect the network cable in Windows XP
http://support.microsoft.com/kb/896062/

IP address 169.254...—Limited or no connectivity

APIPA address, no DHCP server

If you see a "limited or no connectivity" warning and a yellow exclamation mark in Device Manager, this only means that the computer's network port is set to automatically obtain an IP address through DHCP (Dynamic Host Configuration Protocol), but a DHCP server could not be found. Windows then generates an APIPA address in the range:

Class B: 169.254.0.0 - 169.254.255.255
(Subnet mask: 255.255.0.0)

Please see chapter APIPA Addresses in Private IP Addresses for more details. It will also show a warning about "Limited or no connectivity", unless this warning is disabled.

This means that all computers in the LAN (Local Area Network) can communicate with each other, if the others also gave themselves APIPA addresses.

It does not necessarily mean that there is anything wrong. If you want it that way, but don't want to keep seeing this message, right-click on the LAN connection, select Properties, and remove the check mark for "Notify me when this connection has limited or no connectivity".

Whether you can have Internet access depends on the kind of Internet connection. If you use a dial-out connection (including PPPoE and similar), this computer can have Internet access. Only if you use a router or ICS (Internet Connection Sharing), then an APIPA address will not do and you have to enable DHCP (Dynamic Host Configuration Protocol) in the router or assign an appropriate IP address manually.

If you swapped your network adapter and have a DHCP server in some other device like a cable modem or router that worked before you installed Service Pack 2, switch its power of, wait 10 seconds, then switch it on again. Then reboot your computer. The background is that some cable modems or similar devices recognize the connected adapters (or their MAC addresses) only once when powering up.

DHCP not working

If you get the warning and the APIPA address although a DHCP server (usually in a router or ICS = Internet Connection Sharing host), then there is a communication problem between the computer in question and the DHCP server.

The first diagnostic test is to give your computer a manual IP address in the range that the DHCP server should provide, for example, 192.168.0.99 (replace the zero with the number the other computers have) with the subnet mask 255.255.255.0 and the standard gateway address set to the IP address of the router. If then everything works, you know that the problem is only in the communication between the problem computer and the DHCP server, and it should be repaired. If not, then you know that this is not a DHCP problem, but a more general one, and you have to look elsewhere for the solution. Go back to the form at the top of this page and correct the IP address setting, which can lead to new results.

Winsock corruption

Causes

Possible symptoms are:

Winsock corruption can be caused, among others, by:

Typical error messages are:

Remove spyware

Check your computer for spyware and adware that found its way into your system. A good start is a newly updated SpyBot from www.spybot.info. If the program finds infections, use a second and a third, different spyware and adware scanner like Ad-Aware from www.lavasoft.de and HijackThis! from http://www.spywareinfo.com/~merijn/. Unfortunately, one spyware scanner is not always enough.

For good measure, run a good, freshly updated virus scanner (for example, AVG from www.grisoft.com).

Other possible causes are the Cisco and Checkpoint VPN clients and the AT&T Global Network Client's Firewall. Not spyware, but nonetheless rather damaging pieces of software. In the case of the Cisco VPN client removing it is not enough, as it damages the IP stack severely and leaves the damage behind when uninstalled.

Repair the Winsock

A possibly useful new command comes with Service Pack 2, which can repair winsock problems. It may help when otherwise unsolvable or connection problems or spurious disconnections occur. It removes all nonstandard LSP (Layered Service Provider) entries from the Winsock catalog, which are often the dreaded adware or spyware entries.

However, if you happened to have a legitimate LSP installed (for example, Palm HotSync Manager), it would also be removed and would have to be reinstalled. In that case you have to reinstall the affected software.

If you want to check the Winsock before repairing it, you can use the command:

winmsd

and select Components, Network, Protocol. The Layered Service Providers in the list should be of the MSAFD or RSVP service provider type. All others are often malevolent and should disappear after the reset command shown above. You can do this before and after resetting the catalog to find out whether any entries were in fact removed and which ones these were.

Unfortunately there is no guarantee that all of the MSAFD and RSVP LSPs are benevolent, so you may have to try the Winsock repair anyway.

Another way to get at the same information is the command:

netsh winsock show catalog | more

To be on the safe side, use System Restore to set a restore point before applying any repairs, so you can go back if the repair makes things worse.

The new command to repair the Winsock is:

netsh winsock reset

Repair the IP stack

If this is not enough, you can reset the entire IP stack with the command:

netsh int ip reset c:\resetlog.txt

where you can replace c:\resetlog.txt with a path and filename of your choice, to get a log file of the process. If the path contains a space, add double quotes. Example (write this all in one line):

netsh int ip reset "C:\Documents and Settings\Administrator\My Documents\resetlog.txt"

Additional information

A third party product that can also solve this problem quickly is WinSockXPFix, available at http://www.spychecker.com/program/winsockxpfix.html. It seems to be a bit more thorough and apparently fixes a few other things on the side.

However, again set a restore point before you apply the program, so you can undo the changes if they are not to your liking. There are also some cases in which this program does not work, but the above-mentioned repair procedure does.

Please let me know, by adding a short comment (click on Add new comment), which of these procedures worked for you.

If you don't have Service Pack 2 installed, you can repair your software installation as described in the following Microsoft Knowledge Base articles.

How to determine and recover from Winsock2 corruption
http://support.microsoft.com/kb/811259/

You receive an "An operation was attempted on something that is not a socket" error message when you try to connect to a network
http://support.microsoft.com/kb/817571/

And if you want to understand more about how adware gets into your computer, please read:

The Anatomy of a "Drive-by-Download" by Eric L. Howes
https://netfiles.uiuc.edu/ehowes/www/dbd-anatomy.htm

A sample email from a happy reader:

Thank you so much for your helpful site.

I decided to swap my wired (white) and wireless (black) PC's, both running XP Home. When I removed the the Syntax 802.11b adapter from the black and installed it on the white, the white could no longer access the Internet. My symptom was that the white PC was not being assigned an IP address by the Belkin router. When I manually assigned one, I could ping the Internet (Google) by IP address but not by domain name. Over the next week I tried many things, including buying a new Netgear 802.11g adapter and a new Belkin g router.

The white had also started showing an error message on boot from Cisco VPN that "windows sockets initialization failed" but no one thought that was relevant and I would probably just have to reinstall VPN after getting the Internet connection back.

After 9 days and hours of effort, I was ready to reinstall Windows when I decided to type the Cisco error message into Google. It brought up your site as the number 2 hit. I used your link to obtain the WinSock XP Fix 1.2 from Spychecker. It fixed the problem in 5 minutes.

I am recommending your site to all who tried to help me. Thanks again!

[Translated from German:] I can only confirm the above: after spending a whole day on finding out why the Winsock settings were destroyed and being ready to flatten the hard disk, your page described the error exactly and offered the matching solution. I was astounded when I could watch everything work again.
Just for info: problems arose from the Cisco VPN Client as well as from Panda Antivirus (very bad disease), and also from the Kaspersky Scanner (at least the system works with it when real-time protection is disabled).

Networking wizard

Go to the target computer that cannot be accessed and run the networking wizard on it.

Be careful with the choices. If you are not perfectly sure what they mean, use the help system to find out. One of the frequent misunderstandings is caused by the networking wizard calling a device "residential gateway" that is otherwise known as router, DSL router, WAN router, or broadband router.

The Windows XP Firewall

General

This chapter is only relevant for the firewall built into Windows XP with Service Pack 2 or later. For older versions you should disable the firewall on the LAN (internal) connection and enable it on the connection leading to the Internet.

Since the firewall's main purpose is to block incoming unsolicited connection attemps, this chapter is mostly valid for the target computer, not necessarily the one you're using right now. For example, if you sit at computer A in your LAN and cannot ping another computer B, then the firewall on that other computer B is probably the cause. You probably have to move over and set up the firewall on computer B.

You can find more background information on the Windows XP SP2 firewall at: http://www.google.com/search?q="Windows+XP+SP2+Firewall"

Thanks to fellow MVP Kai Schätzl for his contribution of most of the information on the SP2 firewall and subsequent improvement of the text.

Domain or workgroup

The firewall has two separate profiles. One is automatically activated when you're in a domain, the other when you're in a workgroup. Domain settings have no effect when you're in a workgroup and vice versa. So if you change between domain and workgroup, you have to set up your firewall twice.

There have been some reports of the firewall picking the wrong profile, but it seems as if this problem goes away on its own after you and connect a few times to the different environments.

Background information

The firewall blocks all incoming traffic, unless

  1. the connection is in response to another outgoing connection (stateful inspection, this covers most incoming connections),
  2. there is an exception for the listening destination port,
  3. an unblocked program listens at the destination port.

The list of unblocked programs is shown on the second firewall tab (Exceptions). It is stored in the following registry key.

HKEY_LOCAL_MACHINE
 \SYSTEM
  \CurrentControlSet
   \Services
    \SharedAccess
     \Parameters
      \FirewallPolicy
       \StandardProfile
        \AuthorizedApplications
         \List

Further exceptions can be made either globally or for specific interfaces. All these settings, wherever they are, are exceptions to the default no-access rule.

The general exceptions apply to all interfaces (except that the scope-rules for the exception might in practice mean that there remains no access from some interfaces).

The settings for the individual interfaces can add exceptions for that interface only, but cannot close an exception opened by the general settings. In other words, as long as there is a general exception, any additional interface-specific exception for the same kind of traffic is unnecessary, but does not hurt either.

Firewall blocks LAN connection

The new firewall blocks incoming file and printer sharing and pinging by default. To allow such access, walk over to the target computer that you cannot access over the network, because  that is where the firewall needs to be opened.

Open the Windows Firewall settings in Control Panel. Use the Exceptions tab and check the File and Printer Sharing entry, which should now, by default, be set only for the local subnet, i.e. your LAN on the near side of any routers. This also reenables ping responses and allows the browser service to start. The service should start immediately, but you may still have to reboot both computers. Normally this is all you need for LAN functionality.

If you want only ping responses without file and printer sharing, click on the Advanced tab, then the ICMP Settings button. Check "Allow incoming echo request".

If, however, you need full and free communications for any type of connection, then use the third tab, Advanced, and remove the check mark from your LAN (Local Area Network) interface to allow full local connectivity for all types of traffic. This is obviously more risky and usually not necessary. Don't do it unless you are certain that all other local computers can never pose a danger. Consider that every laptop or guest computer brought into the LAN can bring a virus along.

The better alternative is to leave the firewall enabled even for the LAN interface, i.e. for your local area network, and open only the services that are actually needed, i.e. any server functions the computer may have. Here you also have the choice to open these server functions only for the local subnet. You can also allow the first ICMP function (echo, ping) or all of them.

Firewall asks to unblock a program

A more precise description is, the firewall automatically blocks a program and asks the user if he wishes to unblock that program.

The Service Pack 2 firewall asks to unblock programs when a program tries to open a listening port, even though you already disabled the firewall on the currently active interface. This can happen, for example, when you use Frontpage for the first time with the service pack to upload a web site via ftp.

The reason is that this is a separate function of the firewall, which is independent of the interface used and of the associated settings. In other words, disabling the firewall in the Advanced settings for an interface does not override the exceptions. Unfortunately the firewall's dialogs do not indicate this at all, so the author of this article may not be the only one who first thought that the firewall is defective and switched it off.

Don't try to prevent these messages by disabling the firewall altogether. This would be overkill. It is not necessary and not recommended, because you really want this bit of security. Also, disabling the firewall would only postpone the questions until you need the firewall for a different interface. The advantage of this function is that it draws your attention to bad software that tries to communicate clandestinely from your computer.

You have to make a decision every time any program causes such a firewall message. If you know the program and deem it safe and worthy of listening and accepting incoming traffic, you can allow it to be unblocked. If, however, an unknown program causes an unblocking question, you should try to find out what program this is, what it does, and whether this is desired.

Fortunately the number of these requests is usually not high. The firewall asks only once for each program that tries to open a listening port.

Note that, unlike some more sophisticated software firewalls, the Windows XP SP2 firewall does not check the program for virus infection or replacement. The firewall only remembers the name and path of the program file and allows it to communicate freely, if you so decide. However, this still provides a fair first line of defense.

Note: The firewall does not ask to unblock when the program is a service. If you want a program unblocked that runs as a service, you have to identify the executable file path and enter it into the firewall settings by hand. You can try to use Task Manager to find the executable among the running processes, then search for it on the disk.

Firewall disabled, how do I get rid of the warning?

If you are sure you want to have the Windows XP firewall disabled permanently, for example because have a third party firewall running, disable it in the firewall settings first (Control Panel, Windows Firewall).

Never have the firewall disabled when you're directly connected to the Internet!

If the Security Center does not automatically recognize the third party firewall or if you don't want to run any firewall, because you have a very good border firewall in your network, then it will keep issuing warnings about the lack of firewall protection.

To disable those warnings, log on with administrator rights, go into Control Panel, Security Center and click on the firewall Recommendations button. Answer the question in the next dialog box to get rid of the warnings.

Firewall blocks LPR printing

When you try to print to an LPR printer, the print job fails without any further error message. The printer doesn't react at all, no lights flash.

The LPR protocol uses TCP Port 515, which is, by default, blocked by the firewall. You can test where it is, in fact, the firewall by briefly disabling it, but do this only if you have no direct, unprotected Internet connection.

Add an exception for TCP port 515 in the firewall. You can name it LPR. Enable it only for the local subnet, unless the printer is outside.

[Thanks to John Faughnan.]

Third party software interferes

General

Known problems have occurred with the following products, but many others can cause problems just as well:

For example, Microsoft cites Kaspersky Labs Antiviral Toolkit Pro AVP in the Knowledge Base article:

You May Be Unable to Browse the Network
http://support.microsoft.com/kb/294756/

Another frequent problem, particularly with wireless adapters, is configuration software that comes with these adapters. Uninstall it and let Windows manage the wireless adapter, using the Wireless Zero Configuration function, at least for a test. One possible symptom out of many is that settings appear to change on their own.

Third party firewalls may additionally have to have port 445 opened for TCP to allow Windows file sharing if the following conditions are true:

  1. You run Windows 2000 or later.
  2. You have NetBIOS over TCP/IP disabled.

It may be better to enable NetBIOS over TCP/IP to obtain the full functionality of Windows networking. More details on the use of port 445 can be found at: http://www.ntsecurity.nu/papers/port445/

If that doesn't solve the problem, uninstall third party firewalls and other questionable software, particularly antivirus software (some of which scans network connections), entirely, until you have your network working properly. Some firewall software (like Zone Alarm and AtGuard) is known to inhibit the network even if disabled, at least certain versions of these. Disconnect from the Internet as long as you have no firewall active.

If you want to keep using Zone Alarm, you can still do so if you use a sufficiently new version and set it up properly, for example with medium Internet Zone security and low Trusted Zone security and making sure your LAN address range is within the Trusted Zone. You can achieve that easily by defining an IP address range that contains all your LAN addresses (including router, if any), giving it a name, and putting that into the Trusted Zone. But it's safest to uninstall it first for a test.

Do not use two software firewalls in the same computer at the same time.

Cisco VPN client

This may be valid for other VPN clients as well, such as the Checkpoint VPN client.

Mike Williams wrote on 2004-12-06:

More searching turned up some similar problems, with systems that have Cisco VPN Client installed—which I have—and its "Deterministic Network Enhancer"—which my system has. Your guide mentioned this, with no further details. I don't know anything about network determinism, but none of the threads [in another discussion forum] had clear solutions, though, and I have now identified one.

There's an extra security feature in the Cisco application called "Stateful Firewall (Always On)" mainly for the benefit of wireless situations (it was turned on by default in the version I got from my company's tech support). The way this feature is set up is somewhat counter-intuitive, as it says "Always On" in its name, whether or not the feature is turned on. The on/off indicator is actually a checkmark next to the item.

Control of the feature can be accessed either through the client's Options menu or by right-clicking on the yellow padlock icon in the taskbar when the client's active. Simply clicking on the item toggles it on/off; a checkmark appears. There's virtually nothing on this in the Cisco literature. Disabling (unchecking) the feature cleared up the problem.

Chris in Cincinnati, Ohio, USA wrote on 2005-09-08:

More searching turned up some similar problems, with systems that have Cisco VPN Client installed—which I have—and its "Deterministic Network Enhancer"—which my system has. Your guide mentioned this, with no further details. I don't know anything about network determinism, but none of the threads [in another discussion forum] had clear solutions, though, and I have now identified one.

There's an extra security feature in the Cisco application called "Stateful Firewall (Always On)" mainly for the benefit of wireless situations (it was turned on by default in the version I got from my company's tech support). The way this feature is set up is somewhat counter-intuitive, as it says "Always On" in its name, whether or not the feature is turned on. The on/off indicator is actually a checkmark next to the item.

Control of the feature can be accessed either through the client's Options menu or by right-clicking on the yellow padlock icon in the taskbar when the client's active. Simply clicking on the item toggles it on/off; a checkmark appears. There's virtually nothing on this in the Cisco literature. Disabling (unchecking) the feature cleared up the problem.

Paul Gunn wrote on 2009-06-08 and donated $10 (thanks, Paul!):

Yes, your site saved me and the household from a lot of stress and rude words.

My symptoms didn't match anything your site offered exactly, but it was close enough to identify a likely and correct target.

XPSP2 +  Cisco VPN client v4.9x

Was VPN'd into work fine. Machine locked up or crashed, can't remember exactly, problems started when it came back up.

From Connect To | Show All Connections, all physical connections had vanished. Cisco VPN was apparently up, but couldn't be manipulated/enabled/disabled in any way.

From cmd, ipconfig /all shows no physical interfaces.

Resolved by uninstalling Cisco VPN client.

Thanks again,
pg.

More excerpts from selected emails:

Thank you for your good tool. Using your web page led me to find out that it was the Cisco VPN client that was causing connection problems on my service pack 2 equipped XP Pro computer.
I uninstalled the Cisco VPN client and the problem went away. This I did since your web page showed "3" for the VPN client. I have spent numerous hours trying to solve this problem but only 10 minutes after using your web.

This section saved me from true insanity: Cisco VPN client – Mike Williams wrote ...
I spent nearly three hours trying to troubleshoot a networking problem between my Windows XP Pro box and my Windows 2000 box. The 2000 box could see the XP Pro box, but nothing I did seemed to get the XP Pro box to see the 2000 box.
I followed troubleshooting guides on the net. I read all kinds of technical mumbo jumbo on microsoft's site that was way over my head and helped not at all. I called my campus tech support. I called/posted to all my geek friends. I even stooped to calling an ex-boyfriend-geek.
NOTHING WORKED. My frustration drove me to madness.
I did one last google search and came upon your troubleshooting page at http://winhlp.com/wxnet.htm, filled out the form.. and voila.
[Technical details see above]
- - - - - - -
And so I am writing to thank you, thank Mike Williams, thank your mother for having you, and thank whoever else should be thanked, because seriously, this problem was driving me nuts and no one else was able to help.
Thanks mate, here's one girl out in the world who had a better evening because of your hard work.
Best wishes,
Chris in Cincinnati, Ohio, USA

Workgroup is not accessible

General

If you get one of these symptoms or error messages or a similar one:

Perform the following procedures, which could perhaps cause this problem, and read also the chapter, "Network path not found". Retest after each procedure. Reboot after making nontrivial changes.

  1. If you have Service Pack 2 or higher installed, make sure the File and Printer Sharing exception is enabled in the firewall. Reboot to allow the browser service to start or start it manually (see below), but you may still have to reboot both computers.
  2. Check the IP addresses of the two computers that cannot connect to each other. They should be in the same subnet, i.e. the first three (or two or one, depending on the subnet mask) numbers should be identical. A particular cause can be Internet Connection Sharing (ICS), because enabling this changes the IP address to 192.168.0.1. All other computers should be set to obtain their IP addresses automatically (through DHCP) and may have to be rebooted.
  3. Check whether NetBIOS over TCP/IP is enabled. It should be for almost all small and home networks. You can find this setting in the properties of the LAN connection. Double-click on the Internet protocol (TCP/IP), click on the Advanced button in the lower right, click on the WINS tab and activate Netbios over TCP/IP. You can later test whether the Standard setting is sufficient and use that if it works. A more detailed description can be found in the chapter "Netbios over TCP/IP".
  4. Also make sure that the TCP/IP NetBIOS Helper service is running and has the proper start type. Select Administrative tools, Services, and change the Start setting for the TCP/IP NetBIOS Helper service to Automatic. Without this service NetBIOS over TCP/IP will not function. Again a more detailed description can be found in the chapter "Netbios over TCP/IP".
  5. Have you really checked the NetBIOS node type as described in the form at the top?
  6. Make sure the computer browser service is running (see the special chapter below). If you have to start it, reboot both computers.
  7. If you notice that computers running older operating systems than Windows XP disturb the computer browser system, you can try to disable the browser service on those computers by stopping the service and setting its start type to Disabled. Note, however, that you always need at least one computer that can become a browser, otherwise Network Neighborhood or My Network Places will not work. See also the special chapter on the computer browser service below.
  8. Make sure you have only one transport protocol installed, namely TCP/IP. Remove, disable, or at least unbind (remove all bindings from) other transport protocols like IPX (NWLink) and NetBEUI.
  9. Uninstall third party client software that can interfere with the networking settings. Such software could have come with network adapters or with a router.
  10. If you had other networking clients installed, like certain Netware clients, you may be in for a long, bumpy ride. Some do damage that is almost impossible to repair. You may want to try a repair installation of Windows XP (if you have Internet Explorer 7 installed, first read, "How to perform a repair installation of Windows XP if Internet Explorer 7 is installed" at http://support.microsoft.com/kb/917964/), followed by applying Service Pack 2 again, or, better, a repair installation with a slipstream version of Windows XP with Service Pack 2 already integrated. See the very first chapter above for details.
  11. Rid the computer of adware and spyware. For example, run Spybot Search & Destroy. Please see the chapter "Winsock corruption" for details.
  12. Repair the Winsock with the command: netsh winsock reset (This removes all third party Layered Service Providers—LSPs. Please see the chapter "Winsock corruption" for details.)
  13. Repair the IP stack with the Repair command or with the command: "netsh int ip reset c:\resetlog.txt" without the quotes. Please see the chapter "Winsock corruption" for details.
  14. If the loopback feature is enabled in a connected router, disable it. You may even need a firmware upgrade.
  15. Change the workgroup name in all computers to a new, simple, short, perhaps even all upper case one, to make sure there aren't any problems there. You can later change it back.
  16. Check all NetBIOS names for possible duplicates. For example, if the workgroup name coincides with a user or computer name or if a user name coincides with a computer name, this can cause the problem. Try opening a command line window and issuing the command: net view
  17. Issue the command: net view \\computername, where computername should be replaced with one of the names displayed with the simple net view command. Check all names for possible duplication.
  18. Check your router's diagnostic and information pages for NAT information, like which computer has which IP address. Any duplication here could point to the problem.
  19. Disable, better uninstall or upgrade, all antivirus software and third party firewalls.
  20. If all this doesn't help, remove all networking components, reboot, then set them up again and work through this checklist once more.

Two of these points are also explained in the following Microsoft Knowledge Base article.

You cannot access shared files and folders or browse computers in the workgroup
http://support.microsoft.com/kb/318030/

And, most importantly, if you find that one of these points or any other procedure solved your problem, please add a short comment (click on Add new comment) to let me know!

Computers, shares, or printers unreachable

Long server description

Ted Hamilton found that the following solved the problem of a missing computer name.

If the computer description of the invisible computer (the server) is longer than 48 characters, make it shorter. Details can be found in the following Microsoft Knowledge Base article:

Computer Name Missing in the Browsing List When Server Comment More Than 48 Characters
http://support.microsoft.com/kb/231312/

The RestrictAnonymous registry value

Some excerpts from the many mails I have received


You are a GENIUS!!! I have been working on this all day, since 9.00 am, and I tried EVERYTHING. I was about to give up, when I tried your worksheet, but keeping information very much focussed to the nub of the problem - Access Denied. Changing the RestrictAnonymous value to zero did the trick first time, although I was so tired by this stage that I just wasn't expecting it.
Many thanks.


Many Thanks after 4 days the solution.


Thanks for your dedicated support! I wouldn’t have been able to solve this without you and I was starting to get a bit frustrated!


You are a genius for creating this web site. i searched 2.5 days trying to find a solution to this problem and it wasn't until i googled "net view" "Error 5: You do not" that i come across your site. i see many people asking about the circumstances concerning this specific problem but no one seems to have had the answer to this registry setting. Your site was the only place that i found the solution.
Thank you very very very extremely much, ...


Cheers mate, worked a treat :-)
Thank you very much :-)


Again, a big Thank You for your very informative web page.


Thank you very much for the help. the problem is solved


I know I don’t have to write anything, but Thanks anyway! Solved a long running problem for me, just by changing 1 to 0!


Thank you very much for providing this info. I've been searching for this info for almost a month. [...]
Again, thank you very much for this precious information.


Thank you, Thankyou, Thankyou, after trying many so called fixes without any luck, changing a 1 to a Zero fixed it.


Amazing, I have just wasted $180 on a technician with no resolution.


thaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaank you
damn windows to hell!


THANK YOUUUUUUU I LOVE U MAN!!! YOU JUST SAVED MY LIFE!!! I'VE BEEN DEALING WITH THIS NETWORKD FOR ABOUT 72 HRS WITHOUT ANY SLEEP AND NOW IT'S FINALLY WORKING... THANK YOU!!!!!!!!!!!!!!!!!!!


After googling for over 3 days I finally found a link to your site. I got down to this thing to do with the registry, and after changing the value from 1 to 0 it works. Thanks so very much for this site. You are a genius.
In future I will be coming here for more help


You are a network god!!


You are awesome, dude!


Perfect, thank you!


Whoaa!!!
Don't know how you got to this, but it surely ROCKS! [...]
I ran accross your resource, after searching for ENDLESS hours, and VOILA!!! It just worked like a charm. UNBELIEVABLE that we have to so deep and down to get such a miserable problem resolved. Thank's God you were around.
Keep up the good work!!!


Legend!


Problem solved thanks to your very good interactive form!


Thank you so much!
Your resource pages are the best I've ever come across, this solved all my networking headaches, once again thank you!


After I had reinstalled Windows XP, people could no longer access my computer. I was totally stumped and on and off over the past few months I would have another go at it. Then I happened to stumble across your page, and lo and begold, changing a simple 1 to a 0 fixed my problem! Thank you so much for creating this in depth troubleshooting page, it's any networker's bible.


Fabulous - changed registry value and problem gone on re-boot.


Thanks. 2 MCSE’s at work were vexed by this issue [...]


Absolutely FANTASTIC...
I almost got crazy trying several workarounds.
My last resort would be to reinstall the whole stuff, but you have saved me the day!!!
Thanks, man!


BTW I spent over an hour with Microsoft Support last night, and they didn't have a clue ;)
Thank you very much for maintaining a site like this.


Thank you and your awesome page. The registry value was driving me nuts.


May I just say before I get into any detail that I now think you are a god below is the reason why.
[...] I could no longer assess the shared files [...] nothing worked.
Finally I came across your site and entered the problems I was having and it narrowed my problem down to about two possible issues, [...]
Now everything works and I can start sleeping at nights again so thank you again for a fantastic web site.


Really Excellent solution, I formatted my windows drive and reinstalled windows for 2 times because I met this problem and found no solution with Microsoft or whatever; they told me something about security policy but it did not work. you've saved me from reistalling windows. I really appreciate that tooooooo much. Thank You.


Was having a problem with my network. could not access one of the computers. after about 4 days of constant searching and trying finally found your website. followed the leads and boom, that was it. [...]
thanks a million!


YOU SOLVED MY NETWORK PROBLEM and I cannot thankyou enough!
It was "The RestrictAnonymous registry value" that was the problem.
I was getting an "Access is denied" error message until I tried your fix. I have never edited the registry before so I was a bit nervous but thankyou SO MUCH for sharing your knowledge on the net. I spent days and days trying to work out what was wrong, hardly sleeping, buying books on networking, scouring the internet for help....
Thankyou, thankyou, thankyou. I hope Microsoft reward you handsomely.


[...] Thanks for your help. Your site is amazing.  Without it, I would still be scratching my head and cursing Microsoft.


Thanks much. I worked this problem, on and off, for several weeks. I tried the network troubleshooter in WinXP. I tried several other (at least 4) web sites including Microsoft, followed their recommendations and procedures without success. I questioned two network professionals, all without success. Your site solved the problem in about 10 minutes.


[...] After many hours I was about to reformat the hard drive and carry out a clean install of Windows XP, when I came across your web site using Google search and managed to resolve the problem [...]


As others said, you are a G-E-N-I-U-S !!!! My desktop folders could not be shared by my two laptops connected on the wireless network. Only you could come up with this "restrictanonymous" registry value to be changed from 1 to 0 !!!
Thanks again and congratulations for your automatic problem solver !!


YOU ARE THE MAN!!
Tried for days to network 2 home PC's with no luck. Kept getting, "Access Denied ...", etc, etc.
Tried other web site's work arounds, but nothing worked.
Was about to put both PC's in the garden and set fire to them ... when I tried the registry value from 2 to 0, as mentioned in your advice. Worked straight away!!
You're a genius. Excellent site!!!
PS Have an idea System Mechanic 6 might have been the culprit. Have re-installed afterwards, but disabled the security check/repair function. Now works well!
Many Thanks!!!!


I spent 2 weeks on and off trying to solve this problem.  Came across your page via Google ... It's great! RestrictAnonymous setting was 1, after changing it to 0 everything worked perfectly. Thaaaaaaaaaanks!!!

You have both the following symptoms:

net view \\computername

you get one of the various "Error 5" error messages, like "System error 5 has occurred. Access is denied" or "Error 5: You do not currently have access to this file. ..." (However, other commands, like

net use Z: \\computername\sharename

or typing the full network path into Windows Explorer may work.)

This can be caused by a registry setting named RestrictAnonymous. Go to the computer which you cannot access, start a registry editor and change the following registry value.

HKEY_LOCAL_MACHINE
 \SYSTEM
  \CurrentControlSet
   \Control
    \Lsa
Value name: RestrictAnonymous
Value type: DWORD

If the value is 1 or even 2, change it to 0, reboot and retest. If the problem is solved, leave the value at zero. If not, you can change it back if you like.

Check immediately afterwards and again after a reboot, whether the value changes back to non-zero on its own. If that happens, then you have to find the culprit, which can be spyware, a worm, or a badly designed security program. In this case this procedure most likely solved your problem, but then the bad software stepped back in and recreated the problem.

In this case you can try to disable running programs and services and retry until you find out which one is responsible. Or you could try to download and run RegMon from www.sysinternals.com. In RegMon set a filter for the registry value in question (or wade through all the registry accesses), set the problem value to zero, then observe which program accesses it and changes it back to 1. Locate that program and uninstall it. And please don't forget to report the bad program here, so we can get a list of offending programs.

Two known Trojans that change this value (and also some network access policies) call themselves mcafee32.exe and msconfg.exe, trying to pose as the antivirus program of that name or as a Microsoft configuration program module.

2005-05-17 – Peter Kavanagh wrote: Offending malware was either Gaobot.EDJ variant or Wupd spware in file sdasd.exe, both of which had to be removed.

2005-11-18 – Justin T wrote: I found that System Mechanics Pro 6 changes these settings to 2 as it thinks it is a security flaw.

2006-08-26 – Bob Gray wrote: I found the problem to be edexter which changed the value from 0 back to 1. Removing edexter from the startupfolder sorted my problems.

2006-08-30 – Clayton Nummer wrote: There was a process terminals.exe, apparently put on my computer through an AIM virus, and I removed it using AIMFix. I changed the RestrictAnonymous value to 0, restarted after removing the virus, and the value stayed at 0.

2006-12-29 – Iddan Brown reported that mysvcc.exe in the system32 folder was the problem. That is a worm, known as Worm.Rbot.FWO (Virusbuster),
Backdoor.Win32.SdBot.awk or Backdoor.Win32.Rbot.aeu (AVP), WORM_RBOT.GEN (Trend).

Apart from this advice, this web page cannot help you any further, so you can stop reading at this point. You have to remove the bad software first.

Background: RestrictAnonymous controls whether null sessions, sessions that work without any authentication and use the permissions of the groups Everyone and NETWORK, are allowed (value 0) or disallowed (value 1). The value 2 is obsolete for Windows XP.

Don't mistake this for the value named restrictanonymoussam, which controls null session SAM account name listings.

For some time I asked for the results of this procedure and recorded an 80% success rate in 2005.

Background information

It is still unclear why the above solution is needed in some installations, while others work just fine with RestrictAnonymous = 1. One possible explanation was taken from a newsgroup message concerning Windows Update problems and is reproduced here.

Solution for error: 0x80248011

Try checking to make sure you haven’t inadvertently removed a System account from your volume.

I found that if you modify the NTFS permissions on a volume in Windows, the System account might be inadvertently removed from the partition. If this occurs, the System account cannot manage some system functions - such as updates.

By default, the Everyone group has Full Control permissions on an NTFS volume and the Everyone group includes the System account. If this permission or group was removed (for instance to provide additional security) without adding the System account as an individual account renders the updates unusable. Even though individual accounts, such as the Administrator account, may have been added.

This worked in my situation when none of the other solution did.

Please add a short comment (click on Add new comment) if you have any further information.

Computer browser service

General

Alain Nicalek from France wrote (slightly abridged and edited):

With Service Pack 2 installed, if you disable the firewall service (not just say no to the firewall, but actually disable it as a service), then the computer will still be able to access the network for file and printer sharing, but won't be able to be the master browser on the LAN. This means that if this computer is the first to start, you will not be able to access the workgroup or other computers in Windows Explorer. (However, you will be able to access shared folders and drives with a shortcut or typing their full address.) Disabling the firewall service makes the browser service stop after a long timeout, and then the computer won't act correctly as master browser.

That was weird to diagnose because if the affected computer is the first turned on, then LAN browsing does not work. But if you turn on another computer first (with firewall service running) all computers, even the one affected, will be able to browse the network.

I never thought the firewall service was related so directly to the browser service.


2005-07-30 – Hillel Aftel from New York wrote the following interesting information:

Just wanted to let you know that the issue with stopping the Firewall/ICS service causing Computer Browser service to stop is actually a bug that has a fix. There's no reason stopping the Firewall/ICS service should cause the Computer Browser service to stop, and there's a hotfix in the works for this which will eventually be part of Windows XP SP3, but the problem is not widely advertised, and generally only those who tweak their systems for minimal services are noticing the issue. The only way to currently obtain the fix is to call Microsoft technical support, which they say will be free of charge. Here's the MS Knowledge Base article on the issue:

http://support.microsoft.com/kb/889320/

Hope this helps :)

The browser service is notoriously unreliable, and you may not always get it to work properly. In that case just forget about it and type the network address directly into Windows Explorer. Example: \\server\share

Alternatively you can map a network drive, so it gets a drive letter.

But if you want to have a go at fixing it, please read on.

Make sure the browser service runs

If the computer browser service does not run on a computer, other computers may get the error message, "The network path was not found", when trying to connect to that computer.

Since Service Pack 2 the computer browser service will not start unless you have, in the firewall, enabled the exception for File and Printer Sharing (read on, see below).

Make sure all required services are running. Check particularly that the Internet Connection Firewall and Internet Connection Sharing (ICF/ICS) service and the computer browser service are running. For example, to have the computer browser start automatically, select Administrative tools, Services, and change the Start setting for Computer Browsing to Automatic. You can then reboot the computer or start the service manually by clicking on the Start button, but you may have to reboot anyway to make it work.

If this doesn't get the browser service to start, check all of its dependencies and make sure that all services on which the browser service depends are also running. For more details see the following Microsoft Knowledge Base article.

You cannot access shared files and folders or browse computers in the workgroup
http://support.microsoft.com/kb/318030/

If the Browser service will not run, the most likely cause is that the firewall is enabled (good), but it is blocking the File and Printer Sharing, which blocks the browser NetBIOS ports, so the browser service does not start (bad).

To solve this problem, open the firewall (Start, Control panel, Firewall), enable the File and Printer Sharing exception. The computer browser service should now immediately start. More details are in the following Microsoft Knowledge Base article.

The computer browser service does not start and event ID 7024 is logged when you restart your Windows XP Service Pack 2-based computer
http://support.microsoft.com/kb/875362/

Which computer is the browser?

To find out the browser situation in your LAN, you can use the BROWSTAT.EXE program. This little (40 KB) tool from Microsoft can show which computers are browsers. More information is here:

Troubleshooting the Microsoft computer browser Service
http://support.microsoft.com/kb/188305/

You can download Browstat from http://www.dynawell.com/reskit/microsoft/win2000/browstat.zip or http://rescomp.stanford.edu/staff/manual/rcc/tools/browstat.zip

Unzip it and copy BROWSTAT.EXE to a suitable folder, preferably one in the path. If you aren't sure about this, you can copy it into the main Windows folder.

To use it, open a command line window and first type

browstat

This yields a short explanation of the command. Then, to find out the transports, type:

browstat dn

dn stands for DUMPNET. This will show you the available transport protocols on your computer. Memorize the number of the transport for your LAN. In the following command the number 1 is assumed, but it can be a different number, like 2 or 3, if you have more than one transport.

browstat vw 1

vw stands for VIEW. The number selects the transport protocol. This command lists the computers in the workgroup and their functions. The most important codes are:

Ideally there should be exactly one MBR and one BBR, the others should be PBR only. If you reboot a computer that is MBR or BBR, another computer, which is currently PBR, should take over the role.

Yet another useful command is:

browstat status

This command yields information about the computer you are sitting at.

Other browser faults

In one reported case a corrupted share caused a network-wide browser failure where some computers were invisible on some other computers. In that case the error could be repaired by checking the firewall status from the link in the sharing dialog box of the share and setting the firewall off. It was off when seen from any other place, like the security center.

Probably an even better way might have been to remove the problem share altogether and then recreate it. Note that the firewall does not have to be switched off to allow file and printer sharing. It is sufficient and recommended to have the firewall enabled and enable the exception for File and Printer Sharing in the firewall.

Forcing the browser status

To force a Windows XP, 2000, or NT computer to be a browser, set the following registry value:

HKEY_LOCAL_MACHINE
 \SYSTEM
  \CurrentControlSet
   \Services
    \Browser
     \Parameters
      REG_SZ value: MaintainServerList
      Content: Yes

The default setting is: Auto

To prevent a Windows computer from becoming a browser, set the same key on Windows XP, 2000, or NT to: No

To force a computer always to be the domain Master Browser, set:

HKEY_LOCAL_MACHINE
 \SYSTEM
  \CurrentControlSet
   \Services
    \Browser
     \Parameters
      REG_SZ value: IsDomainMaster
      Content: TRUE

In Windows 9x or ME goto Control Panel, Network, File And Print Sharing..., Advanced, select BrowseMaster from the Property list box and, while it is selected, set Value from the combo box on its right to Disabled. Or alternatively set the following registry value:

HKEY_LOCAL_MACHINE
 \SYSTEM
  \CurrentControlSet
   \Services
    \VxD
     \VNETSUP
      REG_SZ value: MaintainServerList
      Content: No

Of course, if you do this, you should make sure that at least one Windows XP, 2000, or NT computer is present in the local network to provide the browser service, otherwise two or more computers with Windows 9x or ME would not see the workgroup.

Computer browser slow

Consider that in a simple local network it can take up to 15 minutes until all computers show up in Explorer, Network Neighborhood, or My Network Places. In a complex, routed network it can take up to 75 minutes. So be patient or connect a network drive using the Tools command in Windows Explorer.

Slow browsing of pre-XP computers from XP due to inappropriate computer names or passwords in XP

Slow browsing of Windows ME, 98 or earlier versions from an XP computer can be caused by inappropriate network passwords. Use Control Panel, User Accounts, click on your own account or log on as the user whose passwords you want to manage, then select "Manage my network passwords". If you have any user name preceded with the computer name of an ME or 9x computer, change it to contain the XP computer name and the account name you use on the XP machine, but add the share password you have set on the ME or 9x computer, if any.

If there are no passwords set on any ME or 9x shares or printers, then you may be able to make it work by deleting such entries in the "Manage my network passwords" list altogether. Go to Manage Passwords and delete any computer names or passwords for pre-XP computers. The next time you try to log on, you will get a password dialog box. Enter the correct password for the share if there is any.

For more information on managing stored credentials see the following Microsoft Knowledge Base article.

HOW TO: Manage Stored User Names and Passwords on a Computer That Is Not in a Domain in Windows XP
http://support.microsoft.com/kb/306541/

The "Entire Network" folder is missing in Windows Explorer

First of all, don't click on the network folder in the left Windows explorer pane, but instead click on the plus symbol to the left of it. It may even be necessary to close and reopen Windows Explorer first or to open a second instance of Windows Explorer.

Sometimes it may be necessary to press the F5 key, then try again.

Could you please confirm or deny that this helps? Please add a short comment (click on Add new comment) to let me know.

2005-09-18 Greg Eaton emailed that you have to set Windows Explorer to use common tasks and folders. Thanks, Greg! Here's his procedure:

If all of the above methods don't bring the folder back, you may have to wait up to 15 minutes after booting until the computer browser system is fully operative over the entire LAN.

2005-05-10 – Frank Borré writes:

Problem

I open Windows Explorer in 'Classic View', i.e in the left pane you see the folder tree ('This Computer', 'C:',  'My Network Connections' etc), in the right pane you see the correspondig maps and files of a choosen folder.

If I click on the folder 'My Network Connections' in the left pane, the right pane remains empty.

If I refresh the left pane (F5), nothing  happens (normally the folder 'Entire Network' should appear underneath the folder 'Network Connections').

Whatever I try (closing, reopening, waiting, restarting, windows update,
registering the net... dll's etc), nothing helps.

Solution

In the left pane I click 'My Network Connections'. Then I right click on it to open its context menu.

In the context menu I choose the second menu option 'Explore'. A second instance of 'Windows Explorer' opens.

In this second window in the left pane I see the folder 'My Network Connections', which contains indeed the subfolder 'Entire Network'.

I click the subfolder 'Entire Network' in the left pane, and drag it to the first opened 'Windows Explorer' in which I drop it in the left pane on the folder 'My Network Connections'.

Solved!

I close the two instances of 'Windows Explorer'. Now I reopen 'Windows Explorer', click 'My Network Connections' in the left pane, press F5, and the subfolder 'Entire Network' appears.

Thanks a lot, Frank! If anybody can confirm or deny the result of this procedure, please add a short comment (click on Add new comment) to let me know.

In some cases the following solution is needed. Reregister three essential DLLs. Log on with administrator rights, open a command line window and enter the following three commands:

regsvr32 netman.dll
regsvr32 netcfgx.dll
regsvr32 netshell.dll

Then close and reopen Windows Explorer and check for the folders that were missing. You may have to reboot.

2005-02-22 – Richard Thomas sent the background information to the first paragraph of this chapter: The problem here was caused by the way the user was looking to access the Entire Network. With Windows Explorer open, if the user clicks on My Network Places, what shows up in the right hand pane are the most commonly accessed network resources. If the user then tries to expand the My Network Places tree, it is only these commonly accessed network resources that show, and Entire Network is missing. If however the tree is expanded before My Network Places is selected, Entire Network is visible and accessible. So in my opinion this is more of a Windows bug than a problem with the network.

The success of these three procedures has been tracked from 2005 to 2007 with the following results:

There are probably other causes and other solutions that are still missing here. Please add a short comment (click on Add new comment) to forward any useful information you have.

Slow Windows XP computer, fast Non-XP machines

This can be caused by Windows XP dealing with scheduled tasks on the non-XP computers. To prevent this, do the following on the XP computer:

Start the registry editor, for example by clicking on the Start button, selecting Run and entering:

regedit

Then press return.

Navigate to the following key.

HKEY_LOCAL_MACHINE
 \SOFTWARE
  \Microsoft
   \Windows
    \CurrentVersion
     \Explorer
      \Remote Computer
       \NameSpace
        \{D6277990-4C6A-11CF-8D87-00AA0060F5BF}

Disable it for a test by renaming it. For example, press [F2] (or right-click on it and select rename), then put the cursor before the first brace and enter DISABLED or, in fact, anything you like. They key could then be named, for example:

DISABLED {D6277990-4C6A-11CF-8D87-00AA0060F5BF}

Press return to enter the changed key name.

Close the registry editor and reboot the computer.

Now test the network. Is it much faster? If so, you're all set. If not, you can repeat the procedure and rename the key back to what it was to stay on the safe side.

Lose access to shares and printers after 3 minutes

If you have the IEEE 802.1x authentication protocol enabled, but your network components don't use it, you may experience that network connections break after about three minutes. The symptoms are that you can still see the other computers, but you cannot access their shares or printers.

You can prevent these disconnects by disabling the protocol. A normal home network does not use this protocol. It is typically used in a company environment along with a Radius authentication server.

In Windows XP, in Windows Explorer or on the desktop or in the start menu, right-click Network Neighborhood or My Network Places, select Properties, right-click the LAN Connection, select Properties again, click the Authentication tab and uncheck "Enable network access control using IEEE 802.1x." Click on OK. In the unlikely case that you do have an IEEE 802.1X server on your network, this would lead to authentication failures, so you'd have to reenable the protocol.

For wireless adapters in Windows XP with service pack 1 or later or in Windows Server 2003 there is no longer an Authentication tab. Instead right-click on the connection's icon (either from system tray or from connections folder), select "View available networks", uncheck the "Enable IEEE 802.1x ..." checkbox and click Connect.

The same setting can also be found by selecting the connection's Properties, then select the Wireless networks tab, which is a part of the Properties dialog of each of the preferred networks (there are two tabs there, Association and Authentication). This is so because the state of 802.1x (enabled or disabled) is specific to each of the preferred networks.

Again, if this leads to authentication failures, then double-check whether you do need the protocol after all. If so, you have to reenable it.

Computer and share name limitations

Remove spaces. In particular, change the computer names on older operating systems that allow spaces in computer names.

Share names on newer operating systems should not be longer than 12 characters to be recognized by Windows 9x or ME.

Cannot access Windows ME or 9x computer because no share is defined on it

Should be obvious, but is sometimes forgotten.

NetBIOS over TCP/IP

Network path not found

This error message or the error message (with the actual computername)

System Error 53, \\computername is not accessible

can occur if NetBIOS over IP is disabled and when port 445 is blocked or older Windows versions than 2000 are involved (that cannot use port 445). It can also occur when the NetBIOS node type has been changed to P-t-P, which happens rather often (see relevant chapter below). A possible further symptom is that in Network Neighborhood or My Network Places the function "Show workgroup computers" does not show any computer (or in special cases some, but not all computers).

To enable NetBIOS over TCP/IP, perform the following steps.

  1. Right-click on: Network Neighborhood or My Network Places
  2. Click on: Properties
  3. Click once on: your LAN (Local Area Network) connection
  4. Right-click again on: your LAN connection
  5. Click on: Properties
  6. Click once on: TCP/IP protocol
  7. Click on: Properties
  8. Click on: Advanced button
  9. Click on: WINS tab, to get to the NetBIOS setting option
  10. Select: standard setting (the first of the three radio buttons)
  11. Walk to the target computer, the one you want to open shares on, and repeat the procedure to activate NetBIOS over TCP/IP there.
  12. Wait a few minutes to let the machines rescan the network.

If the problem persists, you can also try the explicit setting, the second radio button, "Enable NetBIOS over TCP/IP", but normally this should not be necessary.

TCP/IP NetBIOS Helper Service

This issue may also occur if the TCP/IP NetBIOS Helper Service is not running on the client computer. To start this Service, go to Control Panel, Administration, Services, and double-click the TCP/IP NetBIOS Helper Service. Set the start type to Automatic if it was not set so. Then click the Start button to start the service and check whether it actually starts or whether there is a deeper problem with it.

2005-11-29 – Russell Farley wrote that, if you get the message, "Error 1068 - The dependency service or group failed to start.", then test first, whether the service is actually running. Enter the following command in a command line window:

nbtstat -n

If this yields the error message, "Failed to access NetBT driver", then probably something, for example, a third party program like Steve Gibson's noshare, has changed the Start parameter of the service to 4, meaning that the service is not and cannot be started. The solution is to use Start, Run ..., regedit to set the Start parameter back to 1, meaning that the service is started automatically, then reboot. Here is the registry information:

HKEY_LOCAL_MACHINE
 \SYSTEM
  \CurrentControlSet
   \Services
    \NetBT
Value: "Start"=dword:00000001

1 is the desired value, 4 is wrong. After setting this value to 1, you have to reboot the computer to make it happen.

NetBIOS over TCP/IP background information

[Provided by fellow MVP Ron Lowe]

If you have DNS name resolution working on your network (i.e. a DNS server which is accepting dynamic updates from the clients, so they can find each other) then up-level (Windows 2000 and later) machines do not need NBT. They will use Direct Hosting of SMB over TCP/IP:

Direct Hosting of SMB Over TCP/IP
http://support.microsoft.com/kb/204279/

The Advantages of Direct Hosting of SMB over TCP/IP
http://support.microsoft.com/kb/315267/

So, if you shut down NBT, several things will break:

  1. No interoperability with down-level machines (older than Windows 2000);
  2. No Broadcast Name Resolution (which is used on simple peer-to-peer LANs), you must have DNS name resolution in place to have any name resolution at all. You can always use hosts files instead of DNS servers though.
  3. No network browsing (The computer browser service is a NetBIOS based animal.)
  4. Any other software that relies on NetBIOS will break.

NetBIOS node type

Another related and surprisingly frequent problem beside disabled NetBIOS over TCP/IP is the setting of an unsuitable node type for Windows networks (which use NetBIOS). If you don't see other computers in Network Neighborhood or My Network Places, then this computer may have the wrong node type. If you get error messages when you try to access another computer, then you may have to walk over to that other computer and perform the following steps there.

First check the node type by opening a command line window and typing the command

ipconfig /all

This command reports the node type, among other information. It should be Hybrid or Unknown, but not Point-to-Point (p-node, actually a mistaken interpretation of Peer-to-Peer), because that would work only when a WINS server is present.

If the node type is P-t-P, you can use regedit.exe to go to

HKEY_LOCAL_MACHINE
 \System
  \CurrentControlSet
   \Services
    \Netbt
     \Parameters

and delete any of the two values NodeType and DhcpNodeType if they exist, forcing Windows to fall back to its default node type, which should be Hybrid. Repair the connection (or reboot) to make the change effective.

Additional information about these values:

Value Name: DhcpNodeType
Value Type: REG_DWORD - Number
Valid Range: 1,2,4,8 (B-node, P-node, M-node, H-node)
Default: 1 or 8 based on the WINS server configuration
Description: This optional parameter specifies the NBT node type. It is written by the DHCP client service, if enabled. This parameter determines what methods NetBT uses to register and resolve names. A B-node system uses broadcasts. A P-node system uses only point-to-point name queries to a name server (WINS). An M-node system broadcasts first, and then queries the name server. An H-node system queries the name server first, and then broadcasts. Resolution through LMHOSTS and/or DNS, if enabled, follows these methods. If this key is not present, the system defaults to B-node if there are no WINS servers configured for the network. The system defaults to H-node if there is at least one WINS server configured.

Value Name: NodeType
Value Type: REG_DWORD - Number
Valid Range: 1 - 8
Default: 1
Description: This parameter specifies the NBT node type. It is an optional parameter that, if present, will override the DhcpNodeType parameter. See the entry for DhcpNodeType above for a complete description.

More details can be found in the following Microsoft Knowledge Base article.

Default Node Type for Microsoft Clients
http://support.microsoft.com/kb/160177/

A general description of the workaround can be found in the following MSKB article:

You cannot view other workgroup computers on the network on a Windows XP-based computer
http://support.microsoft.com/kb/903267/

The cause of the wrong node type is unclear, but there is the suspicion that Windows itself changes the node type to P-t-P when the computer is brought into contact with certain DHCP or WINS servers, for example when a portable computer is connected to a company network, perhaps when it joins a domain that has a WINS server. If so, then the typical victim should be a travelling laptop computer.

2005-03-22 – Doug Latornell wrote that he observed that the Intel Netstructure VPN client changed this setting and didn't change it back when uninstalled. Thanks, Doug!

2005-12-25 – Jurko Gospodnetić wrote: A DHCP server may be set up to automatically change the NodeType setting to some value (and amazingly it can do this without a reboot – like you'd have to if you changed this value manually in the registry). Networks with a Windows domain do not need to use broadcasts for their name resolution, so their DHCPs are sometimes configured to set NodeType to P-t-P. This, of course, does not change back when you return to your small office working with a Windows workgroup.

Thanks a lot, Jurko. This information had still been missing.

Computer asks for IPC$ password

General information

When you get this error message, it is already too late to enter a password, so you don't even have to try.

Windows XP Professional – classic file sharing

If the target computer runs Windows XP Professional and has Simple File Sharing disabled (check in Windows Explorer, View, Folder options), one possible cause can be that the username or password is indeed incorrect.

The first thing to try is to go to the target computer (host, server), check the username and re-enter the password in User Manager.

The next thing is to ask yourself whether the target computer has an account that you can log on to. If not, create one with the exact same username and password you are using on the computer from which you are trying to access the target computer.

You either have to log on to the client computer with a username and password for which an account exists on the server or you have to have Guest access enabled on the server, i.e. the Guest account fully enabled, no password, no counteracting policy. Please see the next subheading for instructions on how to enable the Guest account and reset the password.

When the computer that is trying to connect runs Windows 9x or ME, it is possible that the password needs to be reset every one to two months, perhaps 42 days. The cause for this behavior is unknown. Modifying the password force-to-change time in the respective policy to a high value or to zero does not solve this problem, that's already been tried.

Simple file sharing

If the target computer runs Windows XP Home Edition or if it runs Windows XP Professional, but has Simple File Sharing enabled, access always only uses the Guest account.

The first thing to try is to run the Network Setup Wizard on the XP computer and select the correct options. If in doubt, use the help system to find out what to select. A frequent misunderstanding results from the expression "residential gateway", which usually means a router, WAN router, DSL router, or broadband router.

Contrary to the hints from the wizard it is not necessary to run the Network Setup Wizard on the Windows 9x or ME computer from which you are trying to connect.

After running the Network Setup Wizard, test your connection again. If you still get the IPC$ password request, please read the chapter below that deals with Simple File Sharing and Guest account problems.

Access denied—access rights or passwords not properly set

Authentication background

When you access a Windows XP (or 2000 or NT) computer over the network, you are always authenticated by username and password. You can only access the computer with a valid username and the matching password. There is absolutely no other way.

However, there is a joker. When the authentication fails or is anonymous and the Guest account is enabled, the target computer will attempt a second authentication through the Guest account, which normally has no password.

On Windows XP Home Edition or on XP Professional with Simple File Sharing enabled, this Guest authentication is the only one available.

Obviously anybody can log on that way, provided the Guest account is enabled on both computers, it has no password assigned on either computer, and there is no active policy prohibiting this. To maintain security, Guest should only have the rights you want to grant to everybody, for example, printing or reading folders that contain no sensitive information.

Simple and classic file sharing

Windows XP Home uses Simple File Sharing only.

In Windows XP Professional, if you desire classic file sharing based on username and password instead of XP's default method of allowing only Guest access, go to Start, Control Panel, Folder Options, View, and uncheck "Use Simple File Sharing (Recommended)". Click on OK.

Note that this is not generally required for file sharing. Simple File Sharing should work fine, but Classic File Sharing allows you to assign different access rights to different user accounts.

Alternatively you can use Control Panel, Computer administration, Group policies, navigate to Security Settings, Local Policies, Security Options, and find the policy named "Network access: Sharing and security model for local accounts" and set that to "Classic - local users authenticate as themselves".

After such a fundamental change, particularly when changing from Classic to Simple File Sharing, it may be necessary to remove and re-establish the sharing for all shares, one by one, in Windows Explorer to make sure the shares are accessible by Guest. Be sure to remove the sharing and close the dialog completely by clicking on OK, then open it again and re-establish the share.

With Simple File Sharing, some folders cannot be shared, such as the root, each user folder, or the folder Program Files. But you can share subfolders inside those.

A good and concise description of Simple File Sharing can be found at http://www.theeldergeek.com/quick_guide_to_simple_file_sharing.htm.

Classic file sharing

If Simple File Sharing is disabled (Start, Control Panel, Folder Options, View, "Use Simple File Sharing (Recommended)" is not checked), the computer uses Classic File Sharing. This means that username and password of an incoming connection request are first checked against the existing local accounts on the target computer. If none of the account matches, the computer tries Guest without password if that account is not disabled or prohibited through a policy.

One of the most frequent causes of connection problems is that an account with the username and password used in the connection attempt does not exist on the target computer. In other words, if you sit on computer A and are logged on as XMAN with the password YPASS, trying to open a share or a printer on computer B, it is easiest if computer B also has a user account with username XMAN and password YPASS. Create that account, and you should be able to connect.

There are other ways, like connecting as a different user and storing those connection credentials with the "Manage my network passwords" function (see below).

Diagnostics

A useful tool on Windows XP is the NET USE command, which yields a meaningful error message when something goes wrong. Older versions of Windows also have had this command, but Windows 98, for example, doesn't tell you as much about the cause of a failure to access a share.

Open a command line window and enter the following command, but replace computername with the actual name of the target computer, username with the actual username, sharename with the actual share name and password with the actual password.

net use \\computername\sharename /user:username "password"

Hints:

If you succeeded in mapping the share, you can remove the mapping again with the command:

net use \\computername\sharename /delete

And you can have all mapped shares listed with the simple command:

net use

Experimenting a bit with this command can sometimes reveal a little more about the authentication problem on hand.

Wrong username

One particularly insidious mistake is to change the user name in User Manager, believing that that is the actual username used for authentication, which it isn't. To find out for sure on Windows XP Professional, right-click on My Computer, select Manage, Local Users and Groups, Users. There you can change the actual username in the leftmost column, by pressing F2 or by clicking on it, waiting a second, then clicking on it again.

On Windows XP Home just try to create a new user account with the desired name. If it already exists, you will get an error message.

Password

To set or change the password in Windows XP, select Control Panel, Administrative Tools, System Tools, Local Users and Groups, Users. Right-click on a user name to set password. You also have to set permissions for all users on the shared objects (folders, files, printers, etc.). Usually this is done through groups, which contain the users. Later use this same user name and password to log on from other computers.

Note that a password can contain all kinds of special characters, including spaces. For example, a password containing one space is not an empty password.

2006-04-03 – Xavier Godin wrote that, for new users, the XP user management activates the requirement to change the password at the first login. Due to this, mapping drives or printers, using such an account, will always fail. To rectify this, you have to uncheck this requirement for such accounts, for example for accounts on servers that aren't actually used directly by human users. Make sure also that the passwords never expire, otherwise the account will suddenly fail after the password expiry period.

Permissions, access rights

Make sure that the share access rights are sufficient (i.e. if the access is through the Guest account, make sure Guest or the group Guests has the desired access. Then do the same for the access rights to the folders and files in the share.

Remember, on Windows XP Professional with Simple File Sharing disabled and using NTFS (New Technology File System) you have to check access rights twice—once for the share and once for folders, files, or printers. The former are set on the share tab; look for the button there. If you have set the object permissions properly, you can simply set the share permissions to Everyone, Full access.

SMB (Server Message Block) signing

Windows servers and clients have the capability of using a security signature when they communicate. If this is required by a server, but not enabled on a client, the two cannot communicate, and you will get the error 5, access denied, or you may be unable, for example, to join a domain. For details, see the following Microsoft Knowledge Base article.

Overview of Server Message Block signing
http://support.microsoft.com/kb/887429/

Manage my network passwords

When you get an error that you have no permission to access a share, another possible cause is that Windows XP is using a saved, but obsolete password. To remedy this, use Control Panel, User Accounts, click on your own account (you have to be logged on as the user whose passwords you want to manage), select "Manage my network passwords". Check whether the problem computer shows up in the list. If it does, click on it and select Remove.

Space in Windows 9x or ME computer name

Accessing password-protected shares on Windows 9x or ME computers from a Windows XP computer does not work when the computer name of the target computer contains a space. The XP computer shows the password prompt and uses Guest as the username, which is greyed out and cannot be changed. Change the computer name on the Windows 9x or ME computer to one without any spaces.

Windows XP Home Edition has simple file sharing only

Windows XP Home cannot accept network accesses with user name and password and can only be accessed with Guest credentials (simple file sharing, see below). The Guest account may have to be enabled for that. Note that disabling the Guest account in the control panel, through User accounts, does not actually disable the Guest account, but only disables local console logon to it and leaves the Guest account active and open for network logons, because this is needed for simple file sharing.

Autologon in Windows XP Home Edition

Windows XP Home uses autologon as the default. The first logon is done as owner without a password. When you then set up a user account and log on, you do not get the user prompt because autologon is active. However, you are not logged on as the new user, but still as the owner, so you may not be authenticated as expected by other computers. To resolve this, use Control Panel, Users and disable autologon, then log off and on again as the desired user. After this you can re-enable autologon, if you like.

How to log on to Windows 9x or ME

On non-XP versions of Windows like 95, 98 and ME the simple Windows Logon often works better than the Client for Microsoft Networks when the only problem is to connect to an XP computer. What definitely doesn't work is no logon at all. If you don't even see the logon dialog box, then log off and log on again first.

Automatically changed passwords

Windows 2000 and probably also XP can, and sometimes does, for no good reason, change or disable passwords on other computers (seen on Windows 2000). Moreover, Windows XP sometimes alters or disables the LAN Manager password, so computers with Windows 9x or ME suddenly get authentication failures (wrong username or password errors, 0xC000006A in the security log) and subsequent account lockouts (0xC0000234 in the security log). If you have such inexplicable authentication problems, go to the Windows XP or 2000 computer you are trying to access, re-enter the password and re-enable the account if it's still locked out. Extending the password validity time to 999 days instead of 0 does not help—it still stops working after something like 42 days for Lan Manager passwords. This problem seems to occur only when a Windows 9x or possibly ME computer tries to access a Windows XP or 2000 computer.

Lower case characters in passwords for connections from Windows 9x or ME computers

Under certain infrequent circumstances XP appears not to accept passwords from Windows 9x or ME if they contain lower case characters. If you cannot immediately determine and remove the cause, you can, first as a test, then as a crutch, circumvent this by setting the passwords to all uppercase (or, for example, numbers only).

Simple file sharing, Guest account, and anonymous access problems

Background

Simple file sharing, the only method on Windows XP Home and one of two choices on Windows XP Professional, always uses the Guest account. (Classic file sharing also automatically uses the Guest account if the original logon request fails.) If access through the Guest account is inhibited, then sharing cannot work, except by logging on to XP Professional with classic file sharing through a non-guest account.

In Windows XP Professional you can check whether you have simple file sharing enabled by clicking on Start, Control Panel, Folder Options, View, and looking at the option "Use Simple File Sharing (Recommended)".

Windows NT and 2000 automatically treat failed attempts to log on over the network with a second attempt to log them on anonymously, i.e. as Guest. Windows XP can do this too, but the Guest account has to be enabled first, particularly on XP Professional.

Proper setup

Note: If the commands below fail and you own a non-english XP, maybe the guest user is not named Guest in your system, but translated to your language. Type "net user" to find out the name of the guest user, and replace guest with the localized name in the commands below. [Thanks, Pablo Romero, for this hint.]

To make sure Windows XP Home is set up properly, you can run the Network Setup Wizard. If you use a router, select the option where the computer connects to the Internet through a residential gateway.

The Guest account is not meant to have a password. It is possible to give it a password, but if you do that, you're in uncharted territory, because this configuration is rarely tested. The correct way to prevent Guest access is to disable the Guest account altogether.

If you are not sure whether the Guest password has mistakenly been changed, you can remove any password from the Guest account with the following procedure.

  1. Click on: Start
  2. Click on: Run...
  3. Type into the data entry field: control userpasswords2
  4. Click on: OK
  5. Click once on: Guest
  6. Click on: Reset Password
  7. Do not enter any password, leave the two fields empty.
  8. Click on: OK

For network access to Windows XP through the Guest account, the Guest account has to be enabled in Computer Management, Local Users and Groups. A quick way to enable Guest network access is to type the following command at a command prompt:

net user guest /active:yes

If this doesn't solve the problem and you are still being asked for a password, check for stored network passwords.

  1. Be sure to be logged on as the user who has the problem.
  2. Click on: Control Panel
  3. Click on: User accounts
  4. Click on your own account.
  5. Click on: Manage my network passwords
  6. Check whether there are any stored passwords for the target computer. If so, remove them.

If, however, the problem is just the other way around and you actually want to see the "Connect as" dialog, you have to disable the Guest account on the target computer, i.e. the server, the computer on which the objects are that you want to access.

Note also that the settings in the user manager in the control panel have nothing to do with networking. Disabling the Guest account there only has the effect that nobody can log on locally (at the keyboard). It does not have any effect on network access.

802.1X authentication settings

Click on Start, Settings, Network Connections and go to LAN Connection Properties, Authentication. Disable 802.1X authentication altogether, unless you have the 802.1X infrastructure, typically involving a Radius server or similar, and can actually use IEEE 802.1X authentication.

In that case, leave it selected, but also select "Authenticate as guest when user or computer information is unavailable". This will enable you to access files and printers on other computers on which you have no user account, including Windows 9x or ME computers.

Cannot share certain folders

On an NTFS partition, Windows XP Home does not allow to share these folders:

It is possible, however, to share subfolders within those folders.

"Connect as" and the Guest account

Note: If the commands below fail and you own a non-english XP, maybe the guest user is not named Guest in your system, but translated to your language. Type "net user" to find out the name of the guest user, and replace guest with the localized name in the commands below. [Thanks, Pablo Romero, for this hint.]

If you want the "Connect as" dialog to appear, disable the Guest account on the target computer, i.e. the server, the computer on which the objects are that you want to access. If you don't, enable the Guest account. A quick way to disable Guest network access is to type the following command at a command prompt:

net user guest /active:no

Conversely, to enable the Guest account for network access, type:

net user guest /active:yes

Background information: As long as the Guest account is enabled on both computers, attempts to log on with unmatched, wrong credentials will end up using the Guest account. This, of course, also requires that Guest has enough rights to the share and to the shared objects and that Guest has no password.

Logon failure—logon type

General

Two user rights policies are responsible for the error message, "Logon failure: The user has not been granted the requested logon type at this computer."

If you find that after setting the policy described below it changes back on its own, you have to find the culprit, which can be spyware, a worm, or a badly designed security program. You can try to kill tasks and retry until you find out which task is responsible. One known Trojan that changes these network access policies (and also the RestrictAnonymous registry value) calls itself mcafee32.exe, trying to pose as the antivirus program of that name.

Windows XP Professional and some versions of Vista

In Windows XP Professional these two policies can be found in Control Panel, Performance and Maintenance, Administrative Tools, Local Security Policy (or click Start, Run, and enter: gpedit.msc), expand Computer configuration, Windows settings (or click Start, Run, and enter: secpol.msc), Security settings, Local policies, Assign user rights, then search for the two policies named:

Double-click on the second one. It ucually contains a SUPPORT user. Some third party software very stupidly adds Guest or some other user or group here. One suspect is Norton Antivirus 2005.

If Guest is included, guest access (all users who do not have an account with the same username and password on the target computer) from other computers is not possible and yields the abovementioned error message. Remove Guest and all other groups or users who should be able to access this computer over the network. The SUPPORT user entry may remain in place.

In the policy, "Access this computer from the network" make sure that the group Everyone is included. If not, add it as a new, last line under the other entries. You can later, after the problem on hand is solved, fine-tune this policy, if you like.

If you still experience a problem, but now get a different error message, such as, "Access denied", go through the form at the top of this page again and change your selections accordingly.

Windows XP Home and Vista Home versions

For Windows XP Home Edition there is currently no straightforward solution other than trying to uninstall the third party software that may have caused this, in the hope that uninstalling also removes these settings. The third party software can be any network or security related program like a third party firewall, proxy server, or network scanning virus scanner.

Fellow MVP Torgeir Bakken writes the following.

As far as I know, user rights policies applies to WinXP Home as well, you just don't have a builtin GUI tool to see/change them.

You should be able to set/remove those privileges with the Windows 2003 resource kit command line tool ntrights.exe.

Ntrights.exe is in the free Win2k3 resource kit:

Windows Server 2003 Resource Kit Tools
http://go.microsoft.com/fwlink/?LinkId=4544
(or http://www.microsoft.com/downloads/details.aspx?FamilyID=9d467a69-57ff-4ae7-96ee-b18c4790cffd)

The kit will install on WinXP or later.

After installation, click on: Start, All Programs, Windows Resource Kit Tools, Command Shell

Note: If the commands below fail and you own a non-english XP, maybe the guest user is not named Guest in your system, but translated to your language. Type "net user" to find out the name of the guest user, and replace guest with the localized name in the commands below. [Thanks, Pablo Romero, for this hint.]

Then enter the following commands. (Attention: they are case sensitive.)

net user guest /active:yes
ntrights +r SeNetworkLogonRight -u Guest
ntrights -r SeDenyNetworkLogonRight -u Guest

The first command enables network access for Guest, the two subsequent ones change two different policies to allow network access for Guest.

This has been confirmed to work by several users.

There is also an alternative Security Console utility that mimics gpedit.msc on an XP Home box,
programmed by Doug Knox: http://www.dougknox.com/xp/utils/xp_securityconsole.htm

If you try it, please let me know whether it can solve the problem described above. One user wrote that he was unsuccessful with this alternative Security Console.

If you still experience a problem, but now get a different error message, such as Access denied, go through the form at the top of this page again and change your selections accordingly.

Background information for this procedure

The Microsoft Knowledge Base contains this related article:

Error message when you try to access a Windows XP-based network computer: "You might not have permission to use this network resource"
http://support.microsoft.com/kb/913628/

The complete procedure solves the following problem.

  1. Direct access to a share works, for example by typing, "\\computername\sharename" in the address line of Windows Explorer or by using the net use command.
  2. However, attempts to see all shares of a computer fail with an access denied error message, for example when you click on the computer name in Windows Explorer, My Network Places, workgroup name, or type "\\computername" without a share name into the address line of Windows Explorer.

Background information for ntrights.exe

The parameters to use in this case (will not be listed when you run ntrights.exe /?, but they will work anyway) are:

SeNetworkLogonRight: Access this computer from the network
SeDenyNetworkLogonRight: Deny access to this computer from the network

E.g. to remove the "Deny access to this computer from the network" privilege from user Guest:

ntrights.exe -r SeDenyNetworkLogonRight -u Guest

How to Set Logon User Rights with the Ntrights.exe Utility
http://support.microsoft.com/kb/279664/

How to: Determine NTRIGHTS Names and Meanings
http://support.microsoft.com/kb/245207/

Trying to log on to XP Professional with an empty password

If you try to log on to Windows XP Professional with classic file sharing (to check, click on Start, Control Panel, Folder Options, View, and look whether the option "Use Simple File Sharing (Recommended)" is not checked), without password (i.e. with a totally empty password) on an account other than Guest, you normally get an unknown error 31. To be able to use empty passwords, use the group policy editor to disable the relevant option. To edit the policies, use Control Panel, Performance and Maintenance, Administrative Tools, Local Security Policy (or click Start, Run, and enter: gpedit.msc), expand Computer configuration, Windows settings, Local policies, Security options, then look for the policy, "Accounts: Limit local account use of blank passwords to console login only", which is enabled by default. Disable this option.

For simple file sharing (i.e. always in Windows XP Home), which always uses the Guest account, this does not apply. Also, the Guest account does not normally have a password and does not need one.

Domain and workgroup access

General information

When no domain controller is present, computers should normally not be set for domain access. If your computer is never connected to a domain controller, make sure you use a workgroup, not a domain. For convenience you can set all your computers to the same workgroup name.

The exception is a portable computer that is regularly connected to a domain, but also to a workgroup. Set the computer up for the domain. When you're away from the domain, log on as if you were in the domain. The computer will use the cached profile to log you on. Then you can access the workgroup. For convenience you can, if you like, name the workgroup like the domain. Access to workgroup objects can be done through an account with the same username and password or automatically through the Guest account if shares and objects permit Guest access.

For detailed instructions please click here.

To check or change the domain setting, right-click on My Computer, then click on Computer name, Change.

Offline files

Peter Mønnike reported: If the computer hangs after trying to log on away from the domain, the cause can be the unreachable offline files. Disable offline files for a test. You may be able to re-enable them after the problem has gone away.

More than 10 users

By default, up to 10 different users can log on to a domain client computer when there is no domain controller present. If more than 10 users regularly use the computer away from the domain, you have to increase that number. You can find it by going to Control Panel, Computer administration, Group policies, navigate to Security Settings, Local Policies, Security Options, and find the policy named "Interactive logon: Number of cached user credentials (in case the domain controller is unavailable)" and increase the number from 10 to your liking, up to the allowed maximum of 50.

DHCP vs. fixed IP address

If you have to use a fixed IP address in one location, but can use DHCP (Dynamic Host Configuration Protocol) in all others, count yourself lucky. Windows XP provides an automatism for this.

When you set your IP address to be obtained automatically (through DHCP), the settings dialog box gets another tab for an alternative configuration. There you can enter the fixed IP address and other required information.

The computer will then always attempt to obtain an IP address from a DHCP server first. When no DHCP server responds, it will automatically switch over to the fixed IP address, so you never have to bother about changing your settings.

If your situation is more complicated and not covered by this procedure, you can use a third party product like NetSwitcher.

Internet Explorer or Outlook Express cannot find the network

Open Internet Explorer and select Tools, Internet Options, Connections. Click on the LAN Settings button. Clear the check box: Automatically detect network settings

In Outlook Express check whether the similar setting in Tools, Options, Connections, Change button, LAN Settings button, is now also cleared. It should be.

Please add a short comment (click on Add new comment) with the precise error message if you had this problem and could correct it by following this procedure.

Cannot browse some web sites

Temporary Internet Files

If it is just one particular web page you cannot display or of which you see only a part, it may just be the cache. Occasionally a mutilated, cut-off, or entirely empty web page gets stuck in the cache, so first of all delete the temporary Internet files:

  1. Open Internet Explorer.
  2. Click on: Tools
  3. Click on: Internet options
  4. In the block Temporary internet files click on the button: Delete files ...
  5. In the new dialog box click on: OK

It is not necessary to delete all offline content.

MTU

If you use the PPPoE protocol (or some other Internet link protocol that requires extra header space), for example for a DSL connection using a router or ICS (Internet Connection Sharing), you may have to reduce the MTU (Maximum Transmission Unit) on the client computers from the default of 1500 to 1492 (or in certain circumstances even less), because the PPPoE protocol takes 8 bytes away for an extra header. Some other protocols and routers also require a reduced MTU, sometimes even much less than 1492 bytes.

Check your router and make sure it doesn't have a needlessly low MTU setting. If your router has such a setting, try to increase it as far as possible.

If that doesn't solve the problem, and even if it does, install Service Pack 2 at least on the ICS host computer, which should, in theory, fix the problem. (Actually it was already fixed in Service Pack 1.) However, there seem to be cases in which the problem persists even after Service Pack 2 has been installed. In that case, please read on.

An elegant way to solve it is to uninstall your current PPPoE driver and install RASPPPoE instead, a free, but excellent driver you can download from http://user.cs.tu-berlin.de/~normanb/. This driver has excellent automatic MTU discovery.

Another way is to change the settings on all computers, including all clients. You can do that with the help of a small freeware program named DrTCP, which you can download from http://www.dslreports.com/drtcp, a site that also contains quite a few good explanations of the background for all this, including explanations on how to do all this by hand.

You can check your TCP/IP settings by going to the web site http://www.speedguide.net/ and look for Broadband Tools. They also have a program similar to DrTCP, but their program is (as of 2004) quirky and poorly designed.

If there are any doubts, reduce the MTU setting to 500 bytes for a test. This is a value that should always work. If even this doesn't resolve the problem, set it back to 1500. Your problem is not related to MTU. If this does resolve the problem, try to find the largest MTU value that works for you, usually in the range between 1440 and 1492 bytes.

For more details you can read the following Microsoft Knowledge Base article.

Connectivity Problems on ICS Clients When You Use a PPPoE Connection on a Windows XP ICS Host
http://support.microsoft.com/kb/319661/

Firewall blocks SSL

If the pages you cannot connect to are reached through the SSL (Secure Socket Layer, HTTPS) protocol, then one possible cause is that you are behind a firewall that blocks port 443. The Windows XP firewall, of course, doesn't do that, but some other firewall could.

For a quick test whether that's it, try to telnet to the problem web address on port 443. If you get an unreachable error, port 443 is being blocked.

Do do this, open a command line windows and type the following command, but replace url with the actual URL of your problem web host, or any https host. Do not enter the full web site address, but only the host name, without any prefixes, colons, or dashes:

    telnet url 443

Example:

    telnet windowsupdate.microsoft.com 443

You should get an error if it's not reachable. If you just get a blinking cursor, open a second command line window and enter the command:

netstat

You should see a connection on 'https' similar to the following:

Active Connections

Proto  Local Address  Foreign Address  State

TCP mycomputer:1234 url:https ESTABLISHED

or

TCP mycomputer:1234 url:443 ESTABLISHED

Everything in these lines except the upper case words and https or 443 can be different. There may be several other lines, but only the one containing https or 443 is of interest. If either https or 443 exists in the list, then SSL/HTTPS works and the fault is elsewhere. If not, you have to open port 443 in the offending firewall.

Other SSL problems

Please see the following Microsoft Knowledge Base article.

How to troubleshoot problems accessing secure Web pages with Internet Explorer 6 Service Pack 2
http://support.microsoft.com/kb/870700/

Internet Explorer ftp problems

Cannot contact ftp server

Configure Internet Explorer to use passive ftp (to use PASV commands instead of PORT commands) according to the following Microsoft Knowledge Base article, which is valid also for Windows XP. Passive ftp is recommended if the ftp server can handle it, but for some servers this doesn't work. In that case choose the other option.

How To Configure Internet Explorer to Use Both the FTP PORT Mode and the FTP PASV Mode
http://support.microsoft.com/kb/323446/

The title is a bit misleading, as Internet Explorer can only use one of the two modes, and the settings determine which one it uses.

Cannot display ftp server content as folders

In Internet Explorer:

If this does not solve the problem, check whether there is a general problem with the Internet connection. Try to ping the server, etc.

Background information on ftp

ftp is a peculiar protocol that needs two simultaneous TCP connections, a signalling one on port 21 and a data connection either on port 20 for active (PORT) mode or on an ephemeral port for passive (PASV) mode.

The firewall actually doesn't have any special handling for ftp, but there is a service, called Application Layer Gateway service, whose job it is to make ftp work with the XP firewall, so the user gets the impression that ftp works smoothly and automatically.

The Application Layer Gateway service watches for the port command and opens a hole in the firewall only for that specific port, only from the specific server, and only for the duration of the ftp connection. It also guides active ftp connections from ICS clients through the ICS (Internet Connection Sharing) NAT (Network Address Translation).

Since XP Service Pack 2 passive ftp (though not active ftp) can work through the firewall even without the Application Layer Gateway service, in case that is disabled. Before SP2 the firewall depended on the Application Layer Gateway service, so they couldn't be used separately.

More ftp technical details: http://slacksite.com/other/ftp.html

Internet Explorer warns when opening local files

Service Pack 2 tightens the security settings that relate to executing active content in local files in Internet Explorer.

To loosen these security settings again, open Internet Explorer and select Tools, Internet Options, Advanced, then scroll down to Security. Activate the following two settings:

Internet Explorer behaves strangely

Stops responding or crashes when displaying vector graphics

When you view a Web page in Microsoft Internet Explorer 6.0, Internet Explorer stops responding or crashes, and you receive an access violation in Vgx.dll. This problem occurs if the Web page renders vector graphics on the screen and if your computer is running Microsoft Windows XP Service Pack 2 (SP2). More details can be found in the following Microsoft Knowledge Base article.

Internet Explorer stops responding or crashes, and you receive an access violation in Vgx.dll, when you view a Web page in Internet Explorer 6.0
http://support.microsoft.com/kb/885932/

To solve this problem, download and install the following post-SP2 hotfix.

Update for Internet Explorer 6 for XP Service Pack 2 (KB885932)
http://www.microsoft.com/downloads/details.aspx?FamilyID=5437f94d-899f-425c-b2a4-893ba3a16d71

Various other symptoms

Symptoms can vary widely. Some symptoms can be:

Did you have your computer connected to the Internet in the past? Did you always have the firewall enabled? If not, please read on.

The current statistics for the survival time of an unpatched, unprotected PC connected to the Internet is 16 minutes to first infection. Usually, after a while, such PCs harbor a whole zoo of viruses, worms, spyware, adware, and, most insidiously, spam senders. The experts' designation for such a computer is, "zombie". The best way to deal with it is to format the hard disk and install from scratch.

You will find it very difficult to remove all of these, but if you want to try, a good start is a newly updated SpyBot (www.spybot.info), followed by a good, up-to-date virus scanner (for example, AVG, www.grisoft.com). If the computer was not found to be clean, follow this with a more thorough search (see chapter: Winsock corruption).

After that, if your network connection doesn't work properly, you may have to perform a Winsock repair or even an IP stack repair, as described in the respective chapters on this page. You can start over and fill in the form at the top again, to define the remaining problems you are experiencing and find the solution.

One other point to check is the add-ons that Internet Explorer has collected. Disable them one by one and retest. You can find them in the Tools menu.

Repair Internet Explorer

In some cases the following procedure to repair Internet Explorer helps.

Go to Control Panel, click on the Add/Remove Programs Icon, select Add/Remove Windows Components and deselect (remove the checkmark from) Internet Explorer. Click on OK and let the system uninstall Internet Explorer. It isn't actually uninstalled, but if you now go through the same procedure again, but this time select Internet Explorer, you may be be offered the choice to select Repair. Do this to repair the Internet Explorer installation.

Shared folder name does not appear on mapped network drive in Windows Explorer

In Windows Explorer you can see a mapped network drive, but its folders are not displayed on the right side. Possible error messages are:

The following Microsoft Knowledge Base describes this defect and the workaround.

Shared Folder Name Does Not Appear on Mapped Network Drive in Windows Explorer
http://support.microsoft.com/kb/817861/

Inappropriate DNS or WINS settings

Make sure you do not have any wrong settings in the DNS or WINS setup. In a small peer-to-peer network no such settings are needed. If you run a server with Active Directory, you need DNS, but in a small peer to peer network you don't.

Shares on Windows ME or 9x computers are not reconnected after booting

When you have shares on Windows ME or 9x computers that are protected by different passwords, Windows XP only reconnects to one share at best, but the others are not automatically reconnected after booting. Possible solutions:

See the following Microsoft Knowledge Base article for details.

Share-level mapped network drives are not connected after you restart your computer
http://support.microsoft.com/kb/283492/

Network bridge

If the Network Bridge shows up in your network configuration, make sure that you really need it. If not, delete it.

A typical case is a network bridge to an IEEE 1394 Firewire adapter. Unless you actually run a network connection over that Firewire connector, you don't want that network bridge, or if you are bridging other network adapters, at least you don't want the Firewire adapter in the bridge. Remove the network bridge (or at least remove the Firewire adapter from it).

However, if you use Internet Connection Sharing (ICS), disable ICS before you delete the Network Bridge and re-enable it afterwards.

If you cannot delete a network bridge, read the following Microsoft Knowledge Base article:

"An Unexpected Error Occurred" Error Message When You Delete the Network Bridge
http://support.microsoft.com/kb/824922/

Background information: The network configuration wizard creates a bridge when you select more than one network ports or leave ports like a 1394 Firewire port selected. For more information you can read the following Microsoft Knowledge Base article:

How to prevent the Network Setup Wizard from creating a bridge in Windows XP
http://support.microsoft.com/kb/283429/

Cannot add WebDAV server to My Network Places

In the logon authentication dialog box try to add the NetBIOS name of the server in front of your username, separated by a backslash.

For more information please read the following Microsoft Knowledge Base article.

Cannot Add FQDN Web Folders that Require Basic Authentication to "My Network Places"
http://support.microsoft.com/kb/315621/

Half duplex hub

Ethernet adapters are set to full duplex, although the connection is to a hub or other device that cannot perform full duplex. Most hubs cannot do full duplex.

This sometimes leads to a functioning network, but to very poor performance due to a large number of Ethernet collisions. Please check your switch for collision indications while copying a large file through it.

Throw away the hub and buy a switch. These are very cheap these days.

Alternatively force the adapter driver to use half duplex.

Provider order

Slow file copying over the network (reported between Windows XP and 2000) can sometimes be repaired by right-clicking on Network Neighborhood or My Network Places in Windows Explorer or on the desktop or in the start menu, then selecting Properties, Advanced, Advanced Settings, Change the provider order. Just shift some services up or down, then click on OK and reboot. It is not yet known whether the order matters or whether just any arbitrary change somehow repairs the defect. Please add a short comment (click on Add new comment) with details, if you happen to find out.

SMB (Server Message Block) signing

This problem, related to SMB (Server Message Block) signing, can occur when you transfer data to or from a Windows 2000 server or in some cases to or from any other file server. The usual symptom is that your pings are very quick, but data transfers are very slow or even break off.

Use the following links to find solutions.

Files on network shares open slowly, opens as read-only, or you receive an error message
http://support.microsoft.com/kb/814112/

Error Messages When You Open or Copy Network Files on Windows XP SP1 Clients That Require SMB Signing
http://support.microsoft.com/kb/810907/

http://www.google.com/search?q="SMB+signing"+"network+performance"

Faulty or obsolete drivers

A common problem are faulty or obsolete drivers, drivers that are not fully compatible with Windows XP or the latest service pack.

Check and remove or replace them with the latest version that can usually be downloaded from the manufacturer's web site.

Even a non-working modem driver can inhibit the rest of the network.

One reported example is that even the latest drivers provided by Microsoft for 3Com network adapters didn't solve a slow data transfer problem in the direction to XP, but the latest drivers from www.3com.com did.

Spooler SubSystem App encountered a problem and needs to shut down

This problem should actually no longer occur, as it is solved by Service Pack 2. If you don't have SP2 installed yet, the recommendation is to install that or a higher service pack.

There is also a simple workaround. Open a command line window, then enter:

net stop spooler

Press return to enter the command. Now try to run the Network Setup Wizard again.

The spooler, which you need for printing, will automatically restart when you reboot the next time. If you need it now, enter the following command:

net start spooler

Public IP adresses

If you have public IP addresses (see Private IP Addresses for details), you need one of the following:

You also need a well-working firewall, or you need to safeguard each computer carefully to be safe from hacking attacks.

For more details on internal networking with public IP addresses, please see Internet via Cable Modem.

Not enough server storage

Please read the following article: Not enough server storage

NET SEND messages no longer received

First enable the File and Printer Sharing exception in the firewall.

Service Pack 2 also disables the Messenger service.

Go to Control Panel, Admin Tools, Services, double-click on the Messenger service, set its start type to Automatic, so it gets started automatically the next time you boot, and also start it immediately if you want it right now in your current session already.

A remark on the sidelines—if you're tired of typing NET SEND ..., consider installing one of the many little programs that give you a graphical user interface to this. If you only want a minimal one, you can download the free NTPopup from www.michna.com/software.htm.

UPnP (Universal Plug-n-Play)

If you can no longer control ICS (Internet Connection Sharing) from the client computers, a possible cause is that UPnP (Universal Plug-n-Play) no longer works. To rectify this, activate the UPnP exception in the firewall. If you're not sure how to do this, open Help and Support and read "To enable UPnP network functionality". To find this topic quickly, you can search the Help and Support Center for UPnP.

Dial-up connections or Remote Access Connection Manager problems

Check the following Microsoft Knowledge Base articles. Even though they may refer to earlier service pack levels, they still apply.

You cannot create a network connection after you restore Windows XP
http://support.microsoft.com/kb/329441/

Dial-up Modem or PPPoE Option in New Connection Wizard Is Unavailable
http://support.microsoft.com/kb/320558/

Error 0xC0000135 winsrv was not found

This error message is explained in the following Microsoft Knowledge Base article.

You receive a "Stop: c0000135" and "winsrv was not found" error message after you install Windows XP Service Pack 2
http://support.microsoft.com/kb/885523/

System ignores hosts file

Sample file hosts.sam

The most common cause for this is that a line like

192.168.0.202 myprinter

has been entered into the file: hosts.sam

That is only a sample file and has no effect whatsoever. The hosts file that is actually used must be named hosts. It should not have any file name extension. In some editors you may have to enter a period after hosts to save it with the correct extensionless name.

Virus

The next most frequent cause is that a virus has pointed the system to another hosts file.

HKEY_LOCAL_MACHINE
 \SYSTEM
  \CurrentControlSet
   \Services
    \Tcpip
     \Parameters
      Value of type REG_EXPAND_SZ
      Name: DataBasePath

The correct path where Windows finds the hosts file should be

%SystemRoot%\System32\drivers\etc

and only that path alone.

Several viruses are known to redirect Windows to the Windows\help folder (or perhaps some other folder) and put their own hosts file there. If you find this, don't try to just correct the registry entry. You must first remove the virus.

All Internet traffic is redirected through the VPN connection

In the TCP/IP settings for the VPN connection deselect the setting: Use default gateway on remote network.

VPN does not work

VPN connection does not work through NAT

Service Pack 2 changes the default behavior in a way that makes VPN connections through NAT (Network Address Translation) traversal (NAT-T), i.e. through routers employing NAT, impossible.

To read about the details and to learn how to change the behavior back to the pre-SP2 state, please read the following Microsoft Knowledge Base article.

The default behavior of IPSec NAT traversal (NAT-T) is changed in Windows XP Service Pack 2
http://support.microsoft.com/kb/885407/

VPN policy active

Disable the VPN (Virtual Private Network) policy that may have been set by Secure Remote software or similar.

Additional information

General hints

Some networking problems can be resolved by right-clicking on the connection and selecting Repair. Some more problems, particularly on Windows 9x and ME, are resolved by removing all networking components, rebooting, then adding and setting them up again. Always try this when the problem could be in one of these Windows versions.

Occasionally the WebClient service or the Background Intelligent Transfer Service gets in the way. Try to stop these services for a test. To stop the WebClient service for a test, right-click My Computer or select Start, Control Panel, System and select Manage, double-click Services and Applications, double-click Services, double-click on the WebClient service, click on the Stop button. If you want to disable it for good, change the startup type to Disabled. Finally click on OK.

On Windows 9x avoid the Microsoft Family Logon in the network components. Use the Client for Microsoft Networks instead.

If it still doesn't work, make sure your computer description is short, no longer than about 40 characters. XP doesn't always seem to see computers on the network when they have very long descriptions.

Occasionally a shortcut in Network Neighborhood or My Network Places stops working. To resolve this, delete the offending shortcut, in Windows Explorer or on the desktop or in the start menu, right-click Network Neighborhood or My Network Places, use Search for Computers, and drag a new shortcut into Network Neighborhood or My Network Places.

More relevant information, Knowledge Base articles etc.:

How to Set Up a Small Network with Windows XP Home Edition (PART 1)
http://support.microsoft.com/kb/813936/

How to configure file sharing in Windows XP
http://support.microsoft.com/kb/304040/

You May Be Unable to Browse the Network
http://support.microsoft.com/kb/294756/

Slow Performance Copying Files to Windows 2000 Domain Controller
(Appears to affect any version of Windows NT, 2000, and XP.)
http://support.microsoft.com/kb/321098/

You Cannot Create a Network Connection After You Restore Windows XP
http://support.microsoft.com/kb/329441/

Documents in Word format:

Troubleshooting File and Printer Sharing in Microsoft® Windows® XP
http://www.microsoft.com/downloads/details.aspx?familyid=fd7fd48d-6b4a-448e-a632-076f98a351a2&displaylang=en

Troubleshooting Internet Connection Firewall on Microsoft® Windows® XP
http://www.microsoft.com/downloads/details.aspx?familyid=b3d01193-ad93-492f-b74b-97c2fc44e08b&displaylang=en

Troubleshooting Internet Connection Sharing on Microsoft® Windows® XP
http://download.microsoft.com/download/9/3/1/9315bee6-498e-493e-83a6-2a9d8631878d/ICS_Tshoot.doc

This web page is not complete. There are various other potential causes for network problems, most of them rare, but they do occur.

If you solved your problem, I'd be grateful for a short comment (click on Add new comment) stating what did it. If you can, please include information on how to recognize this particular problem, for example a precise error message or other easily recognizable symptoms.

Please do not send email with support requests to me. Such questions should always go into a comment (click on Add new comment) or into the newsgroup microsoft.public.windowsxp.network_web, where others and I will gladly try to answer them.

Selected letters

Thanks, I'd wasted several hours debugging my network and your problem solver pointed me in the right direction in about 3 minutes.

Thanks to information you gathered on your site I was able to solve logon problem which almost made me crazy. You're real life-saver. Thank you.

Thank you very much.
I was tearing my hair out. Another computer on my XP Pro home network was always authenticating as the Guest account, even though I had set [...].
The cause was as you stated [...] As soon as the obsolete password (which was for Guest access) was removed, everything worked fine.
I never would have thought to look there for the cause!!
I did not find this tip in any of the other hits from Google for windows "xp stop network authentication as guest"
Thanks again

I've been experiencing network connectivity problems for a month or so and nothing I tried worked:  I'd almost torn out what little hair I still possess with frustration!
Today I visited your site and after following the steps dealing with inaccessible workgroup my network now works!!
I can't thank you enough for helping me solve my problem.

Thank you, thank you! I've a laptop user in my small business that experienced exactly this problem. He connected to a network at a local university and then couldn't connect to our workgroup network in the office. [...] Thanks again! Sure wish I hadn't paid the IT service company $95 before I pulled the plug on them!

I just wanted to thank you for your website. I've been pulling my hair out for more than 5 hours trying to figure out why only one computer on my network can not access my server. Your site solved my problem when hours of previous internet searching (including at Microsoft) could not. My node type had somehow been set to Point-to-Point. I followed your suggestion and in 30 seconds, all problems were fixed! Thanks again!

Thank you so much for your thorough and easy to understand problem solver. [...]
Thank you Thank you Thank you
I spent 3 days and about 9 hours searching Microsoft and other forums for a resolution before finding your site. Within 30 min. all was well.

Excellent site. Superbly constructed. A rarity.

I've spent nearly a week trying to figure out why my Windows 98se computer and my Windows XP computer couldn't connect.
I visited every tech site on the internet, googled every possible keyword I could think of, and after a few days I began to lose hope.
Then I came across your site: literally within a matter of 5 minutes, a problem I had tackled for a week was solved. [...]
Thank you so much for the valuble resource you provide to the community, and I hope to see it improve and grow!

This was THE most informative page on network troubleshooting I've ever seen, bar none. Thanks so much. Looked all over trying to find help on "system error 5".  Everyone keeps quoting the same recommendations from Microsoft, which are of no help at all. Your registry changes took 2 minutes, fixed the problem, and I was done. Thanks again

Thanks so much for your very helpful page.  My local computer guy, Dell support, and Microsoft support were all no help at all, but your page fixed it.

Thank you Hans-Georg, your Network Problem Solver rescued me from computer Hell. [...]
May the sun shine upon you, may the wind be always at your back, may the road rise to meet you ...

[...] The thanks goes to you and your site. I was having some problems where I could no longer map new network drives or printers between the computers in my home network. I was looking forward to a long and arduous troubleshooting session when I came across your site. Within 5 minutes (literally) I was able to determine the problem and get things working again. The payment is but a small token of my gratitude. Keep up the great work.

Thanks for the information!! I have found the problem and am very impressed by the Windows Network Problem Solver … I probably would have never figured this one out without it! I hope this helps the many others I have read recently in number of forums, newsgroups, etc. …

Copyright © 2004-2011 Hans-Georg Michna

Discuss this page | winhlp.com home

hits since 2009-09-09
Free PHP scripts by PHPJunkYard.com

Map Visitors
Visitor locations since 2006-12-04