Matt {Undead} Posted September 29, 2006 Share Posted September 29, 2006 I have 2 servers which i do general maintenance on each week, this involves doing remote desktop, logging in (loading stuff into ram) to cancel running services and to control the maintenance. Now I noticed that computer management has a feature to connect to a remote computer on a network, I tried to connect to my servers from my laptop and it came up with access denied error 5. I have a number of firewalls, windows / zonealarm on my laptop and my server and also a router. Do I need to unblock certain ports and add .exe files to zonealarm allow list? Does anyone have any knowledge about setting up management so that I can enter a username and password to access the computer management from another computer, something that wouldnt affect anything running on itm webservers, mysql, sdrs.exe and so on. Also, is there a way to update norton antivirus through computer management with some sort of plugin or installation. Hope someone can help me with some step by step instructions or tutorials. Quote Link to comment Share on other sites More sharing options...
pseudobreed Posted September 29, 2006 Share Posted September 29, 2006 I know it's rude to reply to only answer with a question... However, are you using the remote desktop that is built into Windows? I used that thing a long time ago with Hamachi. It was a nightmare. I use VNC to manage the servers and computers. And, for the not so savvy clients I setup pcAnywhere so they can work out of the office. You will have to open up ports on the firewalls to use both the apps, however, only on the server side. The remote does not need the ports open on a PUSH firewall setup. I dont use a software firewall, however, Im sure you probably have to tell it to allow VNC/pcAnywhere to use the port. Here are some articles that may help: Geek to Live: Create your own virtual private network with Hamachi Geek to Live: How to control your home computer from anywhere Secure VNC remote access Quote Link to comment Share on other sites More sharing options...
Matt {Undead} Posted September 29, 2006 Author Share Posted September 29, 2006 Yeah I know about vnc, reason why I dont want to set it up to be accessed over the net is because of the risk of my servers getting hacked. I dont want to control my servers over the net, im happy with just connecting over the network. I do use remote desktop, but the whole idea of the computer management over a network is to stop having to log onto my server, which uses system memory to load GUI, i have my servers turned on at the login part. I can turn services on and off from the computer management if it would allow me to connect with a certain level of security and then do defrag and other things. Quote Link to comment Share on other sites More sharing options...
VaKo Posted September 29, 2006 Share Posted September 29, 2006 Its not a connection error, its an access error. Which means that the target computer has received and denied your connection. Are you running as a workgroup or a domain? Win XP home, pro or win 2k3? *edit* I'm running a 2k3 "server" on my workgroup based network, and it doesn't work there. I think this is because I need active domain to give me the correct access rights to the other machine. I'm logged in as an admin from my XP machine, and it denies me access to parts of computer management when i remotely connect to the 2K3 box. Quote Link to comment Share on other sites More sharing options...
Matt {Undead} Posted September 29, 2006 Author Share Posted September 29, 2006 Its a stripped down version of XP Pro tweaked for performance running under a workgroup, maybe thats why it doesnt work. Quote Link to comment Share on other sites More sharing options...
VaKo Posted September 29, 2006 Share Posted September 29, 2006 Hmmmm.... Just tried a virgin XP install running on a MSVM. Gives me the same error. I think this may very well be limited to an AD network. Quote Link to comment Share on other sites More sharing options...
pseudobreed Posted September 29, 2006 Share Posted September 29, 2006 Ok, I played around with it and Error 5 means your local account does not have rights on the remote machine. You can fix this by either adding an account to the remote machine with the same credentials as the remote user or log in under the server's administrator account I just opened up Windows Explorer, typed the server's address and it gave me a login prompt. I logged in under the server's local admin account and the error 5 did not come up and I had full access to all the snap-ins. Im on Windows XP Pro And, I tried this on two different servers. Both are Windows 2000 and only one is running Active Directory. The other does not use AD to auth users. I also tried this on another XP machine and got the same error until I logged into their computer using their local admin account. Quote Link to comment Share on other sites More sharing options...
Matt {Undead} Posted September 30, 2006 Author Share Posted September 30, 2006 Thanks for helping me out, I will experiement with it myself but having to log into my server in order to then goto computer management kinda defeats the objective. The idea of using remote computer management is not to have to login under the GUI which uses ram and my servers only got 1gb ram in them. I will try the adding the same account to my server and see if it works. Fingers crossed XX Quote Link to comment Share on other sites More sharing options...
pseudobreed Posted September 30, 2006 Share Posted September 30, 2006 You dont have to login to the server, just login to a session to the server. Im not at work so I dont have a network to try this out on, but try typing the following in console: net use SERVERIPAdmin$ /user:Administrator Replace SERVERIP with your server's IP. It will prompt you for a password. You can not use an account that does not have a password. Sessions require passwords. Now try to connect via computer manager and see if it will allow you to access the snap-ins. Once you are done, type the following in the console: net use SERVERIPAdmin$ /delete You are not deleting anything, it just deletes the session or disconnects you. Quote Link to comment Share on other sites More sharing options...
Matt {Undead} Posted October 1, 2006 Author Share Posted October 1, 2006 i setup administrator accounts on my 2 servers with names called maintenance. I goto command prompt and enter in the box.. net use 192.168.2.12Admin$ /user:maintenance then i hit the return key and this came up... The password is invalid for 192.168.2.12admin$. Enter the password for 'maintenance' to connect to '192.168.2.12': i then enter the password and it thinks about it for 10secs then comes up with the system error 5 has occured, access denied. I have windows firewall and zonealarm running on my servers, could this be causing it? Quote Link to comment Share on other sites More sharing options...
pseudobreed Posted October 1, 2006 Share Posted October 1, 2006 Check ZoneAlarm for some settings on trusting incoming connections from an IP. It's been forever since I have used it, so I have no idea where it would be. Once you find it, add your IP and see how that goes. Quote Link to comment Share on other sites More sharing options...
Matt {Undead} Posted October 1, 2006 Author Share Posted October 1, 2006 I did the command but put the ip address of the computer i was on and it seemed to of worked that way. I turned zonealarm off and then tried to connect, it still wouldnt connect using.. net use 192.168.2.12Admin$ /user:maintenance or net use 192.168.2.12Admin$ /user:Administrator So it cant be a zonealarm because i turned that off then tried and it failed. Only other thing i could think of would be to share the C drive from the servers and do advanced sharing with admin/maintance accounts for login. Quote Link to comment Share on other sites More sharing options...
pseudobreed Posted October 2, 2006 Share Posted October 2, 2006 I really dont trust ZoneAlarm when it says it's turned off. I just had a client recently uninstall ZoneAlarm and once that was finished he lost all internet connectivity. ZoneAlarm, even though gone, still some how muxed his TCP/IP settings. Try following this tutorial on how to add a trusted IP. Hopefully this will fix issues... /me crosses fingers. Quote Link to comment Share on other sites More sharing options...
Matt {Undead} Posted October 2, 2006 Author Share Posted October 2, 2006 I added my network ip to the trusted part on zonealarm but it still didnt work. I turned off zonealarm and windows firewall but it still failed. Its gotta be some setting on my server thats causing it to be blocked. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.