we have windows 2003 server for domain controller, about 10 xp pro workstation and latey our devloper added 2 vista ultimate as workstation, now vista clients are on domain, but they can't access any share resource on domain controller, when check network resource, can see all computer on network but not domiain controller and any resource is hold by DC.other issue is when vista user connect to another domain to add resource to his machine, his account get locked from local domain.any help will be greatly apriciated.

I would first check the DNS setting on the Vista machine. To use domain resources the client machine should be using the local DNS server _only_. ie it should point to the local DC for DNS and no other DNS. No other DNS server will have the necessary records to find domain resources.Bill

it has static DNS which is point to DC itself, OUR domain controller hold DNS role too. I have installed wins service too so incase vista clients is using netbios for look up. but still failing.

Hi there,vista has a special options to enable file and print sharing wizard, which varies from windows xp pro / other flavours.can you telnet on vista for port 139 and 445 and let us know the result ?sainath Windows Driver Development

Hi Mukeshb1, You may also check on the Windows Server 2003 to see if the TCP port 139 and 445 is in the status of Listening. You may run "netstat nao" in the command line prompt on the problematic computer. Please also make sure that the users account you logon the Windows Vista box have the both the NTFS and Share permission to access the Shared folder on the Windows Server 2003 computer. Hope it helps.David Shen - MSFT

I have check on vista clients with port 139 and 445, it is listening on it, I check on server 2003 it listen on port 445 but not on port 139, how we can turn it on. this morningI check on vista clients, it can resolveFQDN name but notNetBios name. I have enable netbios over tcp/ip on NIC adaptor property.

Hi Mukeshb1, Please perform the test on the Windows Vista box and collect the following information 1. Can you access the network share on the domain controller via IP address? If not, please let us know the exact error message. 2. Can you access the network share on the domain controller via FQDN name? If not, please let us know the exact error message. 3. Can you access the network share on the domain controller via NETBIOS name? If not, please let us know the exact error message. 4. Are you prompted to input user name and password when you try to access the server share? Troubleshoot: 1. Please ensure that NETBIOS over TCP/IP are enabled on both Windows Server 2003 DC and Vista client. Please make sure that the "Computer Browser" service is started and its "Started type" is "Automatic" in the Services.msc 2. Meanwhile, on the Windows Server 2003, please refer to the following steps to add a new static mapping on the hostname of the domain controller. Steps: a. open WINS console. b. Expand and Right-click on Active Registrations c. Select New Static Mapping d. Import the hostname of the domain controller into the area of Computer name, and input its IP address. e. Right-click Active Registrations and select Display Records f. Click on Find now. Afterwards, please logoff and logon the Windows Vista box. After a while, you may check if you can view the Windows Server 2003 DC in the Network on the Windows Vista box. 3. If the issue still continues, please check the SMB signing on Windows Server 2003 DC and Windows Vista client to ensure that they match You may lower down the security on Windows Vista machine by adjusting the following registry key on it. a. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA lmcompatibilitylevel [REG_DWORD] = 0x0 b. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\parameters requiresignorseal [REG_DWORD] = 0x0 sealsecurechannel [REG_DWORD] = 0x0 signsecurechannel [REG_DWORD] = 0x0 c. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters enablesecuritysignature [REG_DWORD] = 0x0 requiresecuritysignature [REG_DWORD] = 0x0 restrictnullsessaccess [REG_DWORD] = 0x0 d. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\parameters enablesecuritysignature [REG_DWORD] = 0x0 requiresecuritysignature [REG_DWORD] = 0x0 4. Afterward, please reboot the Windows Vista box and then check if you can view the Windows Server 2003 DC in the network. Hope it helps. David Shen - MSFT

I have resolve issue by1. check NIC card property on server 2003 and enableNetBios over TCP/IP2. edit vista local policy for enable "security setting/local policy/security options/Network access: Do not allow storage of credential or .net passpoer for network authentication"Thanks every one who help me to resolve this issue.