Troubleshooting Network Neighborhood Problems

When you try to access a shared folder from Network Neighborhood / My Network Places, and get the dreaded "Access denied..." error, or when other computers don't show up there at all, you could have any one (or more than one) of several problems. Look closely at the complete and exact text, in any observed error messages; this can help diagnose many problems more effectively.

This article, like Troubleshooting Internet Service Problems, is structured like the OSI 7-Layer Network Model. If you have multiple problems with your network, you have to diagnose and fix the lower level problems first. If you don't, how can you diagnose the higher level problems?

Now before you start troubleshooting, note that you will enjoy it more, and frequently will be more successful, when you work on a properly designed and setup network. Once you've reviewed that, I recommend that you tackle the task at hand in this order.

So what are the differences between this article, and Troubleshooting Internet Service Problems? Well, there is good new, and bad news. The good news - this problem is one you can solve yourself, without involving your ISP, or LEC. The bad news - there are a lot more network details that you will have to deal with.

>> Top

Physical Network Problems
The content of Network Neighborhood / My Network Places is cached on your computer, and what you see there could have been placed there as much as an hour ago. Since then, the server that you're trying to access could have been:

  • Turned off.
  • Disconnected, intentionally or unintentionally.
  • Moved out of range, if on a wireless LAN.

Make sure that you don't have a simple physical network problem. And make sure that all computers are directly connected, on the same LAN segment, if at all possible.

Try and diagnose physical network problems from the bottom up.

>> Top

Logical Network Problems

Given a little preparation (have the correct device drivers available), you should be able to re install the drivers for the network adapter without too much trouble. This is usually one of the last things tried, but can be one of the easiest.

The content of Network Neighborhood / My Network Places comes from messages ("Server Message Blocks", aka "SMBs") sent from computer to computer. In Windows Networking, SMBs are most frequently transported over TCP/IP, and proper TCP/IP settings are essential. If you're unfamiliar with IP configurations and networking, ask for help.

Note that SMBs are generally sent over NetBIOS Over TCP/IP, aka NetBT. In large LANs, with a properly setup domain structure, SMBs can be bound directly to IP; this is known as directly hosted SMBs.

Also, a corrupt LSP / Winsock layer can have an effect on Network Neighborhood, just as it affects any network activity. If you've just removed adware / spyware, this is always a possibility.

Are all of the computers on the same subnet, physically and logically? Or did you, for some reason, setup a LAN with 2 routers?

>> Top

Address / Name Resolution Problems
In Windows Networking, using SMBs over NetBT, properly configured name resolution is important. Run "ipconfig /all" and verify the Node Type. An inappropriate Node Type will prevent name resolution, or slow it down.

Any time you run a diagnostic like browstat, ipconfig, ping, or anything else that lists a computer name, and the name is garbaged or contains non alphanumeric characters, a corrupt LSP / Winsock layer is a very good possibility. A problem in the Hosts or LMHosts file can have the same effect.

If an actual "error = 53" message is one of your symptoms, this literally means "host name not found", but there are several possible causes for this scenario. Name resolution configuration is just one of the possible causes.

Most of these instructions are written to focus on the needs of workgroup infrastructures, though domains also apply in most cases. If you're using directly hosted SMBs, consider the needs of domain based name resolution.

>> Top

Security Problems
You need a personal firewall on each computer, but your personal firewall has to be properly setup and used. A misconfigured or misbehaving personal firewall, on a computer, can block access to the server that it's protecting.

If you disable your personal firewall, and the problems stop, then you at least know where to start working. But if the problems don't stop, don't assume that the firewall is not the problem. Many personal firewalls do not react properly to being disabled, and will continue to cause problems after being disabled. And look for a previously overlooked firewall, such as one bundled with your antivirus protection. There could even be a hardware firewall, sitting inside your computer. The nVidia nForce is probably the first, but surely not the last, device of this type.

Misbehaving and misconfigured firewalls, and overlooked firewalls, are probably the most common root cause of problems with Windows Networking, in the cases where I have been able to provide assistance.

And remember that, if you're using an alternate transport such as IPX/SPX or NetBEUI, a firewall will provide no protection.

>> Top

Network Components and Services
Windows Networking depends heavily upon half a dozen key networking components and services. Depending upon the role played by any computer, it may require some, or all, of these components and services, to work properly.

If you add or change any network components, run the Network Setup Wizard before continuing.

If you're using a NAT router as the DHCP server (and most of you will be), please Enable NetBT explicitly, except for specific circumstances. Make this setting consistent across your entire LAN.

If your LAN
  • Has a domain.
  • Has computers running only Windows 2000, Windows 2002 (aka Windows XP), and Windows 2003 (aka Server 2003).
  • Uses DNS, properly setup, for name resolution.
then you may wish to disable NetBT, and use direct hosted SMBs.

If TCP/IP can't be used properly, SMBs using an alternate protocol such as IPX/SPX or NetBEUI may provide immediate access to shares, but still cause "access denied" errors here. If you are using an alternate protocol (listed in the network items list in Local Area Connection - Properties), you may have problems with Network Neighborhood / My Network Places. Please remove both IPX/SPX and NetBEUI, unless one is absolutely needed. You certainly should not need both.

There is one exceptional circumstance where IPX/SPX may be needed. Please follow the complete instructions precisely - using TCP/IP here won't help the browser, and it will cause major security problems.

And sometimes when you run the Network Setup Wizard, you may end up with IPV6 aka Teredo Tunneling, which is not compatible with Windows Networking. You must remove IPV6, at least to diagnose the problem.

>> Top

Browser Problems
The content of Network Neighborhood / My Network Places comes from a subsystem known as the browser. At least one computer must be running the browser service, but having too many browsers can result in a browser conflict.

A master browser conflict can cause various problems in Network Neighborhood. A master browser conflict can have numerous causes. Running Browstat is a good way to start looking for browser related problems.

With Windows XP, computers only display in Network Neighborhood if there is actually a share (and not an administrative $ share either) created. Servers with no shares don't get enumerated by the browser, so they won't be seen in Network Neighborhood.

Available and visible shares, on servers in the same workgroup as your computer, will get listed in the root of Network Neighborhood (My Network Places). Other workgroups, with their computers, will be listed under Entire Network - Microsoft Windows Network. If another computer isn't visible where you think it should be, verify the workgroup name (of the other computer, and of your computer) in System Properties - Computer Name.

An "access denied" message, or inability to see a server in Network Neightborhood, can be caused by the restrictanonymous setting. And a totally invisible server can also be caused by the Hidden setting.

A "network path was not found" message, when referring to the master browser in a browstat log, can be caused by the Remote Registry Service not running on the master browser. Running a server with XP Home, as the master browser, is a bad idea - XP Home does not have the Remote Registry Service, as it does not provide for any administrative access thru the network.

Do you have a network with computers running both Windows 9x (95, 98, ME) and Windows NT (NT, 2000, 2003, XP)? If so, you'll need to check for browser conflicts between computers running the two different operating system families.

Does your domain / workgroup occupy multiple subnets? If so, you need to know about Browsing Across Subnets.

The browser can be a tricky problem to tackle. If you're unsure about how to deal with it, ask for help.

>> Top

Sharing - Naming and Permissions Problems

The names used for the shares, and other factors, can make a difference in their accessibility.

Windows 95 / 98 clients will have a problem with (KB160843): share names with more than 12 characters.

Windows NT / 2000 browser servers will have a problem with (KB231312): server comments greater than 48 characters.

You can get "access denied", and other symptoms, from actual lack of permissions to access the desired share. Shares with name ending in a "$" (Administrative shares) won't be accessible, if the server is depending upon Guest authentication, since Guest doesn't have administrative access.

Either the restrictanonymous setting, or the RestrictNullSessAccess setting, can cause lack of access to a share, if you're attempting Guest authorised access. The latter can even affect shares selectively - some may be accessible, others not.


Virtual Private Networking
Windows Networking, in general, involves local connectivity. Resource sharing is more effectively done when client and server are physically located near each other.

What if you have two offices, located at distance from each other, and want to use the Internet to provide communications between the two? This would be a point to point connection, formally setup between the two offices. A Virtual Private Network is a pre-configured, secure communications tunnel, through an otherwise insecure network (aka the Internet), between two locations.

A VPN has to be deliberately designed and setup, from both ends. An improperly designed VPN may cause more problems than it solves.

>> Top

Identifying the Scope of the Problem.

I've developed two simple utilities for checking your network, to identify the scope of a network problem. Both utilities are most useful when run from each computer, with output from all runs aggregated, and compared in masse.

The first utility, CDiag, examines your network by knowing the name and address of each computer. CDiag uses native Windows commands only, and runs from each computer without any explicitly granted network access to other computers.

The second utility, CPSServ, examines your network by automatically discovering each computer. CPSServ requires prior download of PSService, which is part of the free SysInternals PSTools utility. Neither CPSServ nor PSTools require any effort to install. PSService does require administrative access to each computer, so it won't be terribly useful on a network with XP computers running XP Home.

Documentation of both utilities is in progress, so be patient. Limited CDiag documentation is currently available.

>> Top

Asking For Help
If you're reading this article because you need help, please start by reading my Privacy Statement.

Spend a few minutes reading about How To Solve Network Problems.

Provide some background information about the problem, and about your network in general.

Ensure that each computer is Physically, and Logically, connected to your network, to your best ability.

>> Top

Next, provide ipconfig information for each computer. You'll do this from a Command Window (or a command window in Windows Vista).

  1. Type "ipconfig /all >c:\ipconfig.txt" (less the "") into a command window (or a command window in Windows Vista). Only type the command into a command window - do not type Start - Run - "ipconfig /all...".
  2. Type "notepad c:\ipconfig.txt" (less the "") into the same command window.
  3. In Notepad, make sure that Format - Word Wrap is NOT checked!.
  4. Copy and paste entire contents of the file into your next message, properly formatted.
  5. Identify operating system (by name, version, and Service Pack level) with each ipconfig listing.
  6. Please don't munge or omit any detail, as there is nothing provided by ipconfig that could provide help, to any bad guy, in identifying an entry point to your LAN. The good guys, on the other hand, may need any or all of the details, to accurately diagnose your problem. Help Us To Help You.

Did you just run ipconfig, and get good output (similar to what's described in the ipconfig article?). Ok, fine, continue and examine the output as instructed below. If you ran it, and got no response, or no output, or if a window opened and closed so quickly you couldn't read anything, please read my article on Using The Command Window.

Take a look at Reading IPConfig and Diagnosing Network Problems, if you're interested. Or, given a complete and unmunged set of "ipconfig /all" logs, I'll simply plan to use CDiag for the next step.

Next, provide "net config server", and "net config workstation", for each computer. You'll do this from a command window (or a command window in Windows Vista).

  1. Type "net config server >c:\netconfig.txt" (less the "") into a command window (or in Windows Vista). Only type the command into a command window - do not type Start - Run - "net config...".
  2. Type "net config workstation >>c:\netconfig.txt" (less the "") into that command window (or in Windows Vista). Note the ">>" here! Only type the command into a command window - do not type Start - Run - "net config...".
  3. Type "notepad c:\netconfig.txt" (less the "") into the same command window.
  4. In Notepad, make sure that Format - Word Wrap is NOT checked!.
  5. Copy and paste entire contents of the file into your next message, properly formatted.

Finally, provide browstat information for each computer. You'll do this from a Command Window (or a command window in Windows Vista). Note that, as indicated in the article, you must download browstat (it's free, and small), as browstat.exe is not a normal component in Windows. Read the article, please.

  1. Type "browstat status >c:\browstat.txt" (less the "") into a command window (or a command window in Windows Vista). Only type the command into a command window - do not type Start - Run - "browstat status...".
  2. Do you have any Windows 9x (95, 98, ME) computers? If so, type "browstat listwfw >>c:\browstat.txt" into the command window (NOTE the ">>").
  3. Type "notepad c:\browstat.txt" (less the "") into the same command window.
  4. In Notepad, make sure that Format - Word Wrap is NOT checked!.
  5. Copy and paste entire contents of the file into your next message, properly formatted.

Did you just run browstat, and get good output (similar to what's shown in the article?). Ok, fine, continue and examine the output as instructed below. If you ran it, and got no response, or no output, or if a window opened and closed so quickly you couldn't read anything, please read my article on Using The Command Window. If you ran it, and got "invalid command", "'browstat' is not recognized as an internal or external command...", or similar, please read my article on Using The Path.

See The Browstat Utility from Microsoft, for information on downloading, installing, running, and interpreting logs from, browstat.

Both browstat, ipconfig, and net config produce a lot of output - and if you're unfamiliar with networks, it may look like gobbledegook. But all of it may be useful to the folks who want to help you, so be generous and precise. And please provide the information in text, don't make a picture attachment. Attachments are not appreciated in the forums where serious help is given, and some helpers won't be very courteous if you send attachments.

And, if you truly want serious and well thought answers for your problems, learn how to ask serious and well thought questions. Again, Help Us To Help You.

>> Top


mike scholtes said...

I posted a problem on the msusenet forum on XP networking, which you kindly responded to. While working through your list of suggestions, I was trying to verify whether the Windows Firewall service was running on both machines, and discovered a fossil service, the McAfee Personal Firewall, on the machine I was unable to ping or see from the reset of my home network. I stopped it, and everything started working.

Kim said...

These pages on networking problems and resolutions were the best thing I've come across and incisive were links to explain areas a user many not have come across.

In my case I slowly worked through the suggestions as to why I could not get my home network to communicate (which occured after installing a MS XP SP2 CD [didn't occur with the online download]). However, this happened and the home network stopped. After many weeks asking calling and trawling through the MS Support site (absolutely useless help, everthing but what I wanted), but was solved here with the NTRights fix.

Thankyou breat site.

Obsinguod said...

I up and restarted DDE and NetDDE services to get networking back. If you disabled 'em in AnVir (or another task/service manager app) to get things battened down some time in the past, perhaps you can save some trouble by checking that they aren't still disabled when you need them.

frankinbahia said...

I've dutifully followed the suggestions in 'Network Neighborhood Troubleshooting' but to no avail. Here's the situation and the vital stats.

I have four PCs on my LAN: 1(XPsp3), 2(XPsp3), 3(Win7 Pro), 4(Win7 Home Prem.). #s 1, 2 & 3 can see everyone in Neighborhood, but #4 can only see itself and #3. #4 can ping everyone (by either IP address or name). And all four access the internet.

The LAN uses a gateway/router with static IPs assigned. (There is no DHCP enabled.) Everyone's on the same subnet (including a repeater/amplifier). Here's the ipconfig from #4.

Windows IP Configuration

Host Name . . . . . . . . . . . . : fklaptop2
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC #2
Physical Address. . . . . . . . . : 68-A3-C4-31-33-86
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . :
Subnet Mask . . . . . . . . . . . :
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8152 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 60-EB-69-DD-A1-37
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

I tried browstat but only got a window message that the entry point for I_NetNameValidate could not be found in NETAPI32.dll. (The .dll file does exist, in System32.)

Any ideas?