The user can’t map one of LAN shared folders over VPN after changing his password.

Situation: The user can’t map one of LAN shared folders over VPN after changing his password. The error message is You do not have permissions to access \\servername\fodlername. The same user using other VPN client doesn’t have this issue.

Troubleshooting:

  1. Check the network status: we find the network location is public. However, switch it to Private network doesn’t fix the problem.
  2. Disable Symantec Endpoint Protection or other security software for a test.
  3. Use command lines to troubleshoot it, for example, net view \\IPaddress\shared folder name. Or Telnet ip address port 445.
  4. Check “Control Panel\All Control Panel Items\Network and Sharing Center\Advanced sharing settings”. Make sure Network discovery is turn on.
  5. If NetBIOS over TCP/IP is not turned on (enabled), turn it on.
  6. If the Computer Browser service is not started, start it.
  7. Enable SBMV1 by going to Programs and Features.
  8. Check event view on both computer for any error message.
  9. Mapping to different computer or different shared folders is working.

Resolution: 1 Mapping the same shared folder using different username.

  1. If the 1 works, we can go to Credential Manager (Control Panel\All Control Panel Items\Credential Manager) to delete the old credential or create a new credentials.

Stand alone PC can’t access domain storage

Situation: The client tries to access their domain storage from a stand alone PC, but they can’t do it and get the username and password don’t match the local computer.

Cause: the credentials is for domain account which the local computer doesn’t have it.

Resolution: create a same username and password matching the domain account, for example administrator with the same password.

Can’t setup Office 365 email on google phone after MFA

Situation: After the client enable Multi-factor Authentication, the Android phone has a problem to setup Office 365 email.

Resolutions: 1. Download and install Microsoft Authentication and Microsoft Outlook app in the phone. Then process the MFA verification.

2. If you use Google phone email, please download and install Google Authentication app. Then register the MFA verification.

3. If the Google email and Authentication doesn’t work, try the 1.

Troubleshooting System error 53, 67 and 87

Situation: When the client tries to map a file share, he receives the following errors:
•System error 53 has occurred. The network path was not found.
•System error 67 has occurred. The network name cannot be found.
•System error 87 has occurred. The parameter is incorrect.

Cause 1: Unencrypted communication channel

Windows 8, Windows Server 2012, and later versions of each system negotiate requests that include SMB 3.0, which supports encryption. If the communication channel isn’t encrypted and if the connection attempt isn’t made from the same datacenter where the Azure file shares reside, you may receive above errors.

Resolution: 1. make sure the communication channel is encrypted. Make sure your client OS needs support SMB 3.0, for example use Windows 8, Windows 10, Windows Server 2012.

2. Put the client in the same LAN.

3. Make sure the client computer network is domain or private. If it is public network, we may have a problem to access LAN shared drive.

4. It is not recommended, but you can try to enable SMB 1.0.

Cause 2: Port 445 is blocked

Resolution: you can use Portqry to query the TCP:445 endpoint. If the TCP:445 endpoint is displayed as filtered, the TCP port is blocked. Here is an example query:

c:\PortQry.exe -n [storage account name].file.core.windows.net -p TCP -e 445

If TCP port 445 is blocked by a rule along the network path, you will see the following output:

TCP port 445 (microsoft-ds service): FILTERED

Resolution: Work with your IT department to open port 445 outbound

Cause 3: NTLMv1 is enabled

System error 53 or system error 87 can occur if NTLMv1 communication is enabled on the client. Windows new version Files supports only NTLMv2 authentication.

Resolution: To determine whether this is the cause of the error, verify that the following registry subkey is set to a value of 3:

HKLM\SYSTEM\CurrentControlSet\Control\Lsa > LmCompatibilityLevel

Resolution: Revert the LmCompatibilityLevel value to the default value of 3 in the following registry subkey:

HKLM\SYSTEM\CurrentControlSet\Control\Lsa

Can’t login Office 365 after enabling Azure Multi-factor authentication

Situation: after enabling Azure Multi-factor authentication, the client can’t login his Office 365 account. For example, the Word shows the username with yellow or sign in. When he tries to login and select work or school, the window disappears.

Troubleshooting: 1. Run Office repair.

2. Run Credentials Manager. Click on Windows Credentials. Remove all office 365 related credentials.

3. Run Settings>Home>Accounts. Click on Access work or school. If you don’t see Office 365 account, click Connect. If you do see the office 365 account, disconnect it. Then re-connect.