In the intricate world of network configurations, a perplexing situation has emerged involving two Windows Server 2019 systems, designated as Server A and Server B. The objective is to facilitate file transfers from Server A to Server B using a script, yet the process has encountered several roadblocks, primarily linked to UNC (Universal Naming Convention) and SMB (Server Message Block) protocols.
Network Configuration Insights
Both servers reside on distinct VLANs and are members of separate domains, which already sets the stage for potential complications. To bridge this divide, a route was established in the network firewall from Server A to Server B, complemented by allow rules for ports 445 and 139, as well as ICMP traffic. This configuration aims to ensure seamless communication between the two servers.
On the Windows firewall of Server B, two allow rules have been implemented for all profiles, specifically for TCP ports 445 and 139, each restricted to the remote scope of Server A’s IP address. Despite these precautions, accessing Server B from Server A via its IP address 192.168.x.x prompts for credentials. A newly created user with domain admin privileges can authenticate successfully, revealing the available folder shares. However, attempts to open these shares result in a frustrating “Windows cannot access…” error, accompanied by the code 0x80070035, indicating that the network path was not found.
Interestingly, when using an established user account with the necessary permissions, the same error persists. Yet, access to the administrative share 192.168.x.xc$ remains unimpeded, allowing full read and write capabilities through the Explorer interface. Mapping this administrative share to a drive letter proves successful, enabling browsing within the administrative share. However, when attempting to utilize either the UNC path or the mapped drive letter in a robocopy script, an “invalid parameter #3” error arises, complicating the file transfer process further.
DNS and Domain Considerations
To address potential DNS issues, the hostname of Server B was added to the hosts file, hardcoding the DNS lookup as 192.168.x.x serverb.domain.local. While this adjustment allows for successful hostname resolution, accessing the share via the hostname yields the same access issues experienced with the IP address.
Adding an intriguing layer to this scenario, both servers operate under domains with identical names, albeit created independently. This raises questions about whether such a naming coincidence could be contributing to the ongoing challenges, despite the expectation that using the IP address would mitigate conflicts.
Running the command Get-SmbConnection reveals the IPC$ share name and the folders in question, confirming the use of SMB version 3.1.1. Connectivity tests, including pings from Server A to Server B, return successful results. Moreover, the network firewall’s packet monitor indicates no dropped or blocked packets, showing only successful pings and attempts on ports 139 and 445.
As this complex situation unfolds, the question remains: is there a crucial detail being overlooked in this multifaceted network environment? The quest for a solution continues, with each configuration and command providing insights into the underlying challenges of cross-domain file sharing.
