0

Windows 7 / Fedora dual-boot Dell Precision M4800 laptop

Under Windows and Linux, I had several network shared folders set up that worked for weeks, but it was annoying that in Windows I had to log into them every time I rebooted (Linux always logged in automatically OK). Googling around I found some ideas (that didn't pan out) - mostly having to do with Windows Credentials Manager. Along the way I apparently broke something - now I can no longer even log into the shares manually from Windows.

What works:

  • I can ping the drives from Windows and Linux.
  • The drives appear in Windows under "Network".
  • When I log out of Windows and boot into Linux, sometimes the LAN connection is hosed (this has always plagued this laptop but infrequently - now quite frequent), but once logged in, I can log into the shares from Linux (still happens automatically)

Clearly I'd like to know how to restore share access in Windows.

mike65535
  • 115
  • 1
  • 1
  • 11

2 Answers2

1

The original issue sounds like you forgot to enable persistence on the network share. This means that every restart it would wipe the credentials and the share from your computer. Next time i would recommend reading this link for additional info on the commands: https://www.howtogeek.com/118452/how-to-map-network-drives-from-the-command-prompt-in-windows/

Now for your current issue first off validate that the account you are trying to log in with is not locked out on windows/the server with the shares (exact location depends on your setup) You can also try a system restore if you keep restore points its very likely this will fix the issue. next delete those old broken shares and try re-mapping them with the commands from the link above. If you still cant access the shares then it is possible you accidentally deleted an important cert that the computer needs which would require you to reinstall that cert

UPDATE 1:

You can use the net user command to do this and here is some additional information on the command is below:

https://www.windows-commandline.com/cmd-net-user-command/

The exact command you need is net user USERNAME just replace username with the name of the user you are checking. that will display all info with the account like if it is disabled or locked out then use net user USERNAME /active:yes if the user is disabled.

you can also right click on the start button (windows 10 or 8) or right click on computer (7 and back) select computer management and go to local users and check the status of the account make sure locked out and disabled are not checked.

Cory M
  • 364
  • 1
  • 7
  • * validate that the account you are trying to log in with is not locked out windows/the server with the shares* How is that done? – mike65535 May 02 '18 at 18:14
  • I tried the "net use" operations described in your link and get System error 86 - The specified network password is incorrect. Why would the pw be OK using Linux but NOT using Windows? – mike65535 May 02 '18 at 18:37
  • I've tried to follow your "Update 1" instructions. I see nothing wrong AFAIK. My concern with your additions is they seem to be "local machine centric" IOW, they deal with MY computer, not with the share. – mike65535 May 02 '18 at 19:11
  • A few questions, are you on a domain? Are you connecting to a different windows machine for the shares or a NAS and if so what brand and model – Cory M May 02 '18 at 19:35
  • I'm on a LAN and yes the shares are on a different machine. I can get to them no problem via Linux from the same laptop I'm having difficulties with using Windows. – mike65535 May 02 '18 at 19:37
  • I'm part of a workgroup, not a domain. If I did that right. ;-) – mike65535 May 02 '18 at 19:49
  • If I open "Network" I see several networked computers. I can ping these in a terminal. But if I double-click them, the log in screen shows a domain name under the credential fields. This "domain" is my computer's name, not really a Domain... or is it? – mike65535 May 04 '18 at 13:31
  • the "domain name" portion of the login with be the name of the computer you are trying to connect to followed by a slash and the user name of the account on that computer you are trying to use to gain access to the computer – Cory M May 04 '18 at 17:34
  • COMPUTERNAME\USERNAME like this on the side – Cory M May 04 '18 at 17:34
  • Yes, I believe that's what I am doing. Tried a system restore to a week-old update. Still no good. – mike65535 May 04 '18 at 18:05
  • >>the "domain name" portion of the login with be the name of the computer you are trying to connect to followed by a slash and the user name of the account on that computer you are trying to use<< When I try to log into the share, Windows populates the username field with the something called "Full computer name" from my machine followed by a slash and then my username. It does NOT use the "name of the computer you are trying to connect to" that you stated. – mike65535 May 07 '18 at 14:38
  • Still looking for help. *The exact command you need is net user USERNAME just replace username with the name of the user you are checking. that will display all info with the account like if it is disabled or locked out then use net user USERNAME /active:yes if the user is disabled.* This seems to pertain to my status on *my* machine. How do I check the status of what the OTHER machine thinks (the share drive/folder/machine) – mike65535 May 08 '18 at 13:50
0

OK, after much gnashing... I ran secpol.msc as admin and opened

Local Policies | Security Options | Network Security

I changed the LAN Manager authentication level setting from:

Send LM and NTLM responses

to:

Send NTLMv2 responses only. Refuse LM & NTLM

Added 21-May-2018

To solve the original persistence problem

mike65535
  • 115
  • 1
  • 1
  • 11