我的问题是,当我不在办公室时,我无法访问任何网络驱动器。我无法通过 FQDN 或 IP 地址 UNC 到它们。例如,domain.local\folder 或 172.26.6.2\d$。远程什么都行不通。我也可以 ping 所有东西,名称和 IP 地址都一样。防火墙没有显示任何被阻止的东西,我是具有适当权限的管理员。这不仅影响我,还影响我们网络保护伞下的每个人。我在家里做了一些 dcdiags,得到了以下结果。
我运行了 dcdiag /s:domain.local
Directory Server Diagnosis
Performing initial setup: [domain.local] Directory Binding Error 1727: The remote procedure call failed and did not execute.
This may limit some of the tests that can be performed. * Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\domain02 Starting test: Connectivity [domain02] DsBindWithSpnEx() failed with error 1727, The remote procedure call failed and did not execute..
Got error while checking LDAP and RPC connectivity. Please check your firewall settings. ......................... domain02 failed test ConnectivityDoing primary tests ds
Testing server: Default-First-Site-Name\domain02 Skipping all tests, because server domain02 is not responding to directory service requests.
Running partition tests on : ForestDnsZones Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation
Running partition tests on : DomainDnsZones Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation
Running partition tests on : Schema Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation
Running partition tests on : domain Starting test: CheckSDRefDom ......................... domain passed test CheckSDRefDom Starting test: CrossRefValidation ......................... domain passed test CrossRefValidation
Running enterprise tests on : domain.local Starting test: LocatorCheck Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1722 A Global Catalog Server could not be located - All GC's are down. Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1722 A Primary Domain Controller could not be located. The server holding the PDC role is down. Warning: DcGetDcName(TIME_SERVER) call failed, error 1722 A Time Server could not be located. The server holding the PDC role is down. Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1722 A Good Time Server could not be located. Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1722 A KDC could not be located - All the KDCs are down. ......................... domain.local failed test LocatorCheck Starting test: Intersite ......................... domain.local passed test Intersite
有点迷茫。它曾经工作过,但不知道什么时候停止了……
更新....
当我从服务器捕获到 VPN 位置的信息时。这就是我得到的结果。
答案1
如果不了解您的 VPN 服务器,很难准确判断原因。我怀疑您在 VPN 客户端和服务器计算机之间使用了某种过滤流量的手段。
我首先会在一台服务器计算机上安装“网络监视器”(或 Wireshark,或您最喜欢的嗅探器),并在客户端尝试通过文件和打印共享访问服务器计算机时捕获流量。您应该会看到从 VPN 客户端到服务器的 TCP 端口 445 和/或端口 139(取决于客户端和服务器版本)上的流量。如果没有看到,则说明有某些东西正在过滤该流量。
如果您确实看到了流量,那么您在跟踪中发现的详细信息应该会为您提供下一个要查看的地方(访问被拒绝错误等)。