Jump to content
RESET Forums (homeservershow.com)

WHS 2011 + Windows 8 = pain


salamihawk
 Share

Recommended Posts

I'm tearing my hair out here guys...

 

I have a relatively new WHS 2011 install that's giving me issues. Previously I had a WHSv1 Server and my client computer had Windows 8. I had shares set up to be only readable by myself, and I found the bit about entering your info in the Windows Credentials Manager. This solved the issues I was having there, but I was having other issues with Windows 8 so I reverted back to Windows 7.

 

A few months later I decided to giver Windows 8 another try, but this time, I was having problems with the Credentials Manager thing. It would list out the credentials I entered, but the mapped network drive still wouldn't work.

 

I migrated my old server to a new one based on WHS 2011, which seemed to initially solve the issue. Then I installed Windows 8.1 Preview, and now I'm having a hell of a time figuring out what is going on: When I put in my credentials (server name: SERVER2011, user name: SERVER2011\username, password), Windows absolutely refuses to save! If I enter the credentials and log out and back in, the share works, but the entry in the credentials manager is gone. If I reboot, the entry stays gone, but the share stops working.

 

I've no idea what could be causing this. I thought it might have been related to the IPv6 tunnel I just recently configured, but even with IPv6 disabled on the client the credentials still get deleted.

 

Anyone know what might be going on here?

Link to comment
Share on other sites

Sounds like a bug that you need to notify them about.

 

Sounds like a bug that you need to notify them about.

Link to comment
Share on other sites

Check that the Credentials are set to Enterprise so that they stick. Else they will clear after a reboot as your seeing.

Link to comment
Share on other sites

I have no possibility to change the persistency, everything I add gets added with Enterprise persistency.

 

I've tried something different: instead of typing in the server name, I've typed in the IPv4 address. After a reboot, the stupid thing seems to take it. The share came back properly mapped now two times, so that's progress, though I'm fully expecting it to run for a week then die again like it has in the past.

 

I also noticed that my WHS2011 server won't pull an IPv6 address via DHCPv6 (SLAAC works fine), so I statically assigned an IPv6 address with gateway, and SLAAC is still doing it's thing, meaning that no matter what I do, my WHS2011 box still has its autoconfigured IP. Also, it appears to keep pulling a DNS-Suffix from my service provider. I keep seeing upc.de as a DNS-Suffix when I do an ipconfig /all. Maybe that has something to do with it? Either way, I can't get that crap to go away.

 

I'm thinking maybe the mismatch in domain-suffix has something to do with the fact that my Windows 8 client is having difficulties saving credentials if I type in the server name instead of IP...

 

It could be that something is broken with my Fortigate's implementation of DHCPv6, but the upc.de thing has me really confused.

Edited by salamihawk
Link to comment
Share on other sites

I have IPv6 on my LAN because I have an IPv6 tunnel terminating on my firewall, which gives me true dual-stack Internet.

 

So far the credential has stayed in and it works, so it seems that there's something amiss with the name resolution that's preventing things from working properly...

Link to comment
Share on other sites

"Dual stack" means you're running both Internet Protocol stacks simultaneously. You'd then have two logical networks, one IPv4 and the other would be IPv6.

 

This way, you can access both internet types simultaneously. I don't think there are many sites beyond bragging and test-sites that are IPv6-only, so it's really a method (IMHO the ideal method) to make the migration to IPv6 less painful, as both protocols work without any sort of trickery, except for the IPv4 protocol which would still require NAT, since you still have the same private > public network paradigm. With IPv6 there are so many available addresses that everything is considered public, so you don't have to differentiate between private and public.

 

Many providers nowadays only issue out IPv6 networks to their customers and rely on a technique called Dual-Stack Lite, which basically means you run a "virtual" form of IPv4 over the provider's IPv6 network. The provider will translate your requests into a public IPv4 address to make it seem like you're part of the network, which you pretty much aren't. For the most part, this shouldn't be a problem. The only time it would really become an issue is when you try to access your machines (home server for example) from outside (from your mobile phone, for example). Because your systems are technically not on the IPv4 network, and because your mobile provider most likely still is using the IPv4 network, you have no way in. The provider-side translation is what is known as dynamic PAT (Port Address Translation), and only works from the inside going out.

 

If you've ever had to set up a port-forwarding on your home router, you've set up translations that allow traffic in on specific ports. This is fine for home users since the address translation is being done by the router in the home, but if the address translation is being done by the router in the provider's network, there could very well be tens of thousands of customers and only a handful of free IPs, so they can't reserve one for one customer, nor can they open up ports from outside, because they'd have no reasonable means of routing the traffic back to your system, so it's unfortunately a one-way street. With IPv6 end-to-end, however, you would be able to access any network device in your home on any port (as long as you set up your firewall to
allow it), no port-forwarding or address translation necessary.

 

There's also a more complicated system where you can place the entirety of the IPv4 Internet in a single IPv6 subnet and do some kind of crazv 6 to 4 translation, but I haven't seen anyone do that yet. Dual-Stack and DS-Lite are the easiest methods, and DS-Lite is "good enough" for people who don't need to provide services to the outside.

Link to comment
Share on other sites

Oh yes, and to get back to my original post, I realized that entering credentials for the IP address was all well and good, but the WHS Connecter Software included several folders in my libraries, all under the server name, not the IP address, so I have no more write privileges to my photos folder. Fantastic.

 

I entered my server credentials again per name alongside the entry with just the IP address, but after a reboot, it was gone (IP address still there though!). Irritating.

 

I found out though that the DNS servers I was using (Hurricane Electric) had a problem resolving microsoft.com, so I removed those and put in the servers from Google. I found this problem because suddenly I realized that none of my Microsoft services worked anymore: The Windows 8 store didn't load, Bing News wouldn't update, Skydrive wouldn't upload, etc.. I briefly thought that maybe the credential manager was trying to sync those settings and because it couldn't resolve microsoft.com, it was failing and deleting my entry, but then I realized that the IP address entry stayed... so I don't know.

 

But then again, if you enter a name, it's more likely that it's something globally resolvable and therefore sync-worthy. Syncing credentials for a private IP on a mobile device is pretty pointless, so maybe that's really what happened here... brb, rebooting...

Link to comment
Share on other sites

Well, I have some news...

 

Of course, the entry was gone when I rebooted my machine, so I remembered to try something that I thought of beforehand: make an entry for anything else, for any other name. I chose the name f***stick and put in some bogus info. Lo and behold, after a reboot, f***stick was still listed in my credential manager!

 

credential%20manager.png

 

I put in my server name once again, rebooted, and, of course, it was gone.

 

Anyone know where this info is found? I just searched the entire registry for "f***stick" and found no entries.

 

Apparently they're located in C:\Users\username\AppData\Local (or Roaming)\Microsoft\Credentials, but they're encrypted gobbeldygook. No idea why I can't make a freakin' entry for my server!
 

Edited by salamihawk
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...