On 2016-06-01 10:56, Jeff Boyce wrote:
> On 5/31/2016 4:28 PM, Holger Parplies wrote:
>> Hi,
>>
>> Jeff Boyce wrote on 2016-05-31 13:40:20 -0700 [Re: [BackupPC-users]
>> Win 10 issue with NT_STATUS_BAD_NETWORK_NAME]:
>>> On 5/26/2016 1:51 PM, Jeff Boyce wrote:
>>> [......]
>>> Ok I solved all my backup issues, so this post will give a summary of
>>> what worked for me and hopefully help others.
>>> [...]
>>> I was unable to connect to the default C$ share for conducting the
>>> backup. [...]
>>>
>>> So in *almost* all of my desktop boxes that are backing up to
>>> BackupPC
>>> they are using these same settings and the Users share. I am not
>>> sure
>>> what is going on internally in the Windows networking that doesn't
>>> allow
>>> smbclient to connect to the default C$ share, but I am sure that
>>> something within Windows is stopping it.
>> stupid question: is it possible to connect to an administrative share
>> with
>> user (i.e. non-admin) credentials?
> For all of my office Windows desktop systems the users are setup as
> administrative users, so I don't have any non-admin users to test what
> I
> think you are asking. robynr is an admin user on the Win10 box below.
> But as shown below I list the shares on a new Win10 box, then access
> the
> Users share, then try accessing the ADMIN$ share with the same
> credentials. I get the same results when trying the C$ share as with
> the ADMIN$ share shown below. But I am not sure if this is where you
> were going with your question.
>
> [root@bacteria ~]# su -s /bin/bash backuppc
> bash-4.1$
> bash-4.1$ smbclient -L rdr-lat6540 -U robynr
> Enter robynr's password:
> Domain=[RDR-LAT6540] OS=[Windows 10 Pro 10586] Server=[Windows 10 Pro
> 6.3]
>
> Sharename Type Comment
> --------- ---- -------
> ADMIN$ Disk Remote Admin
> C$ Disk Default share
> IPC$ IPC Remote IPC
> print$ Disk Printer Drivers
> Users Disk
> Domain=[RDR-LAT6540] OS=[Windows 10 Pro 10586] Server=[Windows 10 Pro
> 6.3]
>
> Server Comment
> --------- -------
>
> Workgroup Master
> --------- -------
> bash-4.1$
> bash-4.1$ smbclient //rdr-lat6540/Users -U robynr
> Enter robynr's password:
> Domain=[RDR-LAT6540] OS=[Windows 10 Pro 10586] Server=[Windows 10 Pro
> 6.3]
> smb: \> dir
> . DR 0 Tue Mar 1 20:34:09
> 2016
> .. DR 0 Tue Mar 1 20:34:09
> 2016
> Default DHR 0 Tue Feb 9 14:30:16
> 2016
> Default.migrated D 0 Tue Feb 9 14:27:54
> 2016
> desktop.ini AHS 174 Fri Oct 30 00:21:27
> 2015
> Public DR 0 Tue Feb 9 14:41:32
> 2016
> robynr D 0 Tue May 31 07:54:32
> 2016
>
> 57635 blocks of size 4194304. 28478 blocks available
> smb: \> quit
> bash-4.1$
> bash-4.1$ smbclient //rdr-lat6540/ADMIN$ -U robynr
> Enter robynr's password:
> Domain=[RDR-LAT6540] OS=[Windows 10 Pro 10586] Server=[Windows 10 Pro
> 6.3]
> tree connect failed: NT_STATUS_ACCESS_DENIED
> bash-4.1$
>
>>> [...] The exception is my own desktop system; BackupPC is using the
>>> default C$ share without any problem.
>> Which user are you using to connect in this case? Is that user a
>> member of
>> a privileged group?
> In the case of my own desktop, jeffb is also setup as the
> administrative
> user on the Win7 box. Using the same procedures as above I can connect
> to the Users share. But in this case I can also connect to the C$
> share. I also tested the F$ and G$ shares listed and could connect and
> list their directories also. I could also connect to the IPC$ share,
> but then got an NT_STATUS_ACCESS_DENIED response when trying to get a
> directory listing.
>
> bash-4.1$ smbclient -L jab-prec3610 -U jeffb
> Enter jeffb's password:
> Domain=[JAB-PREC3610] OS=[Windows 7 Professional 7601 Service Pack 1]
> Server=[Windows 7 Professional 6.1]
>
> Sharename Type Comment
> --------- ---- -------
> ADMIN$ Disk Remote Admin
> C$ Disk Default share
> F$ Disk Default share
> G$ Disk Default share
> IPC$ IPC Remote IPC
> Users Disk
> Domain=[JAB-PREC3610] OS=[Windows 7 Professional 7601 Service Pack 1]
> Server=[Windows 7 Professional 6.1]
>
> Server Comment
> --------- -------
>
> Workgroup Master
> --------- -------
> bash-4.1$
> bash-4.1$ smbclient //jab-prec3610/Users -U jeffb
> Enter jeffb's password:
> Domain=[JAB-PREC3610] OS=[Windows 7 Professional 7601 Service Pack 1]
> Server=[Windows 7 Professional 6.1]
> smb: \> dir
> . DR 0 Thu Apr 30 22:57:03
> 2015
> .. DR 0 Thu Apr 30 22:57:03
> 2015
> All Users DHS 0 Mon Jul 13 22:08:56
> 2009
> Default DHR 0 Tue Jul 14 00:07:31
> 2009
> Default User DHS 0 Mon Jul 13 22:08:56
> 2009
> desktop.ini AHS 174 Mon Jul 13 21:54:24
> 2009
> jeffb D 0 Wed Oct 28 09:56:44
> 2015
> Public DR 0 Fri May 1 11:24:55
> 2015
>
> 61325 blocks of size 2097152. 23322 blocks available
> smb: \>
> smb: \> quit
> bash-4.1$
> bash-4.1$ smbclient //jab-prec3610/C$ -U jeffb
> Enter jeffb's password:
> Domain=[JAB-PREC3610] OS=[Windows 7 Professional 7601 Service Pack 1]
> Server=[Windows 7 Professional 6.1]
> smb: \> dir
> $Recycle.Bin DHS 0 Thu Apr 30 22:57:23
> 2015
> CredSED.dat AHS 131072 Wed Jun 1 07:23:34
> 2016
> Dell D 0 Thu Apr 30 23:36:01
> 2015
> Documents and Settings DHS 0 Mon Jul 13 22:08:56
> 2009
> Drivers D 0 Thu Apr 30 23:42:47
> 2015
> Hotfix D 0 Thu Apr 30 23:42:47
> 2015
> Intel D 0 Thu Apr 30 23:10:28
> 2015
> messages.xml A 906 Wed Mar 23 10:40:13
> 2016
> OpenSource D 0 Wed Dec 30 09:53:52
> 2015
> pagefile.sys AHS 2147483648 Mon May 23
> 08:57:51
> 2016
> PerfLogs D 0 Mon Jul 13 20:20:08
> 2009
> Program Files DR 0 Tue Feb 2 15:09:34
> 2016
> Program Files (x86) DR 0 Wed Dec 30 09:54:15
> 2015
> ProgramData DH 0 Fri May 27 15:52:38
> 2016
> Python27 D 0 Fri May 1 14:11:08
> 2015
> Recovery DHS 0 Thu Apr 30 22:56:57
> 2015
> System Volume Information DHS 0 Tue May 31 00:00:31
> 2016
> tmp D 0 Fri Jun 26 11:47:01
> 2015
> Users DR 0 Thu Apr 30 22:57:03
> 2015
> Windows D 0 Mon May 23 13:03:38
> 2016
>
> 61325 blocks of size 2097152. 23322 blocks available
> smb: \>
> smb: \> quit
> bash-4.1$
>
>>> [...] If anyone has an idea, please enlighten me.
>> I can't enlighten you, because I don't know the answer. I just have an
>> idea
>> which question might help :). Hope it does.
>
> I did find this notation in my Win7 box help dialog regarding using
> Advanced Sharing.
>
> Note
> You can't share the root of a drive with a dollar sign following the
> drive letter as in versions of Windows earlier than Windows Vista. For
> example, you can't share the root of your C drive as "C$," but you can
> share it as "C" or any other name.
>
> I noticed that I have one Win7 box in the office that I must have set
> up
> an independent "C" share, as that is what BackupPC is using to access
> and backup that box. I still can't find anything different yet in the
> network settings of my own desktop box that would indicate that it
> would
> override the note indicating that you can't share the C$ share. So I
> don't know why my Win7 desktop can share C$ when none of the other
> Windows boxes in the office can.
>
>> Regards,
>> Holger
>>
>>
>
> --
>
> Jeff Boyce
> Meridian Environmental
It's worth pointing out that the original point of the administrative
shares were to provide hidden administrative access to a system in a
network without too much trouble. It soon became clear that this wasn't
necessarily the most security-conscious idea, so a number of layers of
security and automatic disabling of the administrative shares were built
up over time, so by the time one reaches Windows 10, you've gotten to
dozens of layers of features that exist for legacy reasons and new
features that exist to shore them up and disable them in one way or
another. There are many, many ways to disable access to the
administrative shares, and I generally wouldn't recommend using this
feature that has been deprecated since XP, but still exists for legacy
reasons.
At any rate, the Admin$ share normally points to where Windows is
installed; this means that for it to work, a number of things need to be
operational -- simple file sharing must be off, the account used must
have valid credentials, that account must have administrative privileges
AND appropriate rights on the Windows directories, about a dozen
policies must be set to their defaults (relaxing UAC permissions, for
example, can result in denial of the Admin$ share) and the services must
be running. Domains complicate things considerably; since I don't
believe they're involved, we'll ignore them for now.
New Windows features have the effect of disabling some of these legacy
features -- for example, turning on the "HomeGroup" feature will turn
off the administrative shares. Some anti-malware programs, registry
"cleaners" and anti-virus programs helpfully turn off the administrative
shares as dangerous malware vectors, as would getting rid of, say, a
Conficker infection.
At any rate, if it's not one of the more obvious things, the sphere of
things that can disable the administrative shares is astoundingly large,
and Windows itself is little help as there's not a lot of diagnostic
detail involved in tracing down permission denied issues in deprecated
features. If it's not obvious what was changed on one of the systems,
you may get some mileage out of Microsoft's Fixit solutions, which do
some general-purpose registry and library corrections. Otherwise, you
may need to consider re-imaging and keeping to a more solid baseline.
On a side note, I do regularly back up the registries of our Windows
systems using BackupPC; naturally, this is something that stock SMB
cannot handle due to its inability to handle open files. I use a
rsync/vshadow client that I published when I gave up on SMB, although a
simple export of the registry would work equally well.
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
|