Jul 242020
 

Last updated on July 25th, 2020

Introduction


This could be called {“Turn on file and printer sharing” won’t save issue and Windows Certificates errors fixed on Home Network}, but it’s a bit long 😉


Recently Windows cumulative updates have given me cumulative problems. My own attempted fixes derived from countless searches, batch file, command prompts and Powershell “fixes” which just made things worse and worse. I won’t list all the things I tried….but I re-installed Win10 and played with three different network cards….

It has taken me 3 days…….

 

My Basic Setup

The main part of my network is a big box Win10 machine, a Win10 laptop and a QNAP TS-251+ NAS used purely for backup. I connect to the internet through an ISP supplied router with fixed DNS server settings.  For this reason I chain my own router off one of the ethernet ports and use OpenDNS settings in there.  I have an HP printer, my partners machines and several Google Homes and Chromecasts.

The ISP router gateway is standard, 192.168.1.1 and my router runs the DHCP server and uses 10.10.10.10 as a LAN base. Its static IP address for the WAN side is 192.168.1.15

On my Windows machines I have set up file and folder sharing using “Authenticated Users” only, which I’ve done since Win2k days….!!! Extra granularity is then easily applied. I don’t use simple sharing and never used Homegroups. The “Everyone” user is removed. Typically it looks like this on the right. Nice and minimal.  Nice and secure with all permissions on a shared machine all taken care of.


Trying to Fix

SMB1 was disabled a year or two ago because of Wannacry etc and all has been fine until these past few weeks. It got so bad that I re-installed Win10 2004 on the big box!

However, the solution I have was actually a conundrum of things that had somehow cascaded into lots of problems with many small fixes. So read on!

The Win10 reinstall on the big box marginally improved things but the laptop then got the screenshot below with non-saving network settings.  Two websites helped me by giving me pointers to my solutions, but not the actual fixes. 

 Microsoft’s recent updates and fixes made things incrementally worse…   The effects were:

  • RDC working one way only
  • Network shares started to disappear or not expand.
  • NAS not available at all for browsing on either machine. (This is important as it’s where Windows’ File History points for my backups).
  • Network discovery and then file sharing settings not saving in Control Panel

 

“Turn on file and printer sharing” won’t save

This last one was the straw that broke the camel’s back as all the online solutions rely on this setting saving & working….!!! If you’ve had this problem then you will be familiar with this dialog box below where the selection “Turn on file and printer sharing” won’t save:

Copious search results and search terms

Troubleshooters Ineffective

Running the various network troubleshooters either came up with nothing or that I had two NAT traversals running, which I have had for years with no problems until recently. As I said above, I have an ISP router which then goes to my own router through the house. This is the thing that blocked RDC working.  It’s a common problem going back years. See screenshot…!!


My Fix List, Initial

So cascading the small fixes I discovered to eliminate every posssible cause, here is what I did.

  • Point the ISP router DMZ to the static IP address used by the 2nd router.
  • i.e. ISP is at 192.168.1.1 My router is at 10.10.10.10 and points to 192.168.1.15.
  • Set DMZ in ISP router to 192.168.1.15

Next I turned off IPv6 in every network adapter and router in all machines. This is a typical dialog box:

Next I made all the Peer Name type services in services.msc, automatic. I also did this to the two Function Discovery services and the Workstation.

After each process I rebooted all the machines to clear DNS caching and the like.  I even did cold boots several times to ensure the network was dead.

Fixing Windows’ Services

It was at this point that things got complicated. I noticed under some of these service dependencies that the browser was mentioned but it isn’t in the current Win10 services list….

From this website I found some registry entries that were different in my two machines. These to keys:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver

I followed the instructions….

Even though it’s a pain to reinstall the OS, it was handy as I could compare a base (hopefully known-good) setup to the laptop to which no common fixes worked.

In the laptop that wouldn’t save network settings, there were extra entries in the registry keys, related to smb1 with extra garbage. Unfortunately, I didn’t do a screenshot as I was more concerned about fixing the stuff.  However, the registry key I backed up and the code looks like this:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation]
"DependOnService"=hex(7):62,00,6f,00,77,00,73,00,65,00,72,00,00,00,6d,00,72,00,\
78,00,73,00,6d,00,62,00,31,00,30,00,00,00,6d,00,72,00,78,00,73,00,6d,00,62,\
00,32,00,30,00,00,00,6e,00,73,00,69,00,00,00,00,00

[Putting this into an online hex to text converter shows smb1 being in the list]

Following the instructions to clear one of the entries didn’t work, so I rolled back and instead I manually typed exactly what was in the big box machine. The text needs a carriage return during typing in regedit which is done with shift-enter (hitting enter will just save the incomplete key).

In the main problem laptop entry, text was all lowercase. I typed it exactly with mixed case as in the big box. I don’t know if this is important – but I did it anyway.

In LanmanWorkstation, the key called DependOnService reads:

Bowser
MRxSmb20
NSI

In LanmanServer, the same key name of DependOnService reads:

SamSS
Srv2

Following reboots the Network setting then saved correctly which was a big win!!!

However, some file shares didn’t open, though some did.   So I knew I was getting close….


My Final Fixes, Windows Certificates

I suspected certificates as I had to re-enter some RDC credentials on one test. Also, the 2nd website talked about objects…..

First off, I did a test by creating a new certificate using my NAS’s IP address of 10.10.10.111 (not its name of NAS1).  I wasn’t sure if editing existing certs would work, so creating a new one that I could easily remove seemed a good way to go.

I’ve blanked some personal details but you will see the entry created yesterday and one modified afterwards.

The test worked and shared folder contents instantly started to appear in Windows Explorer after another reboot.  I then went through the various entries on my machines’ certificates and fixed those that weren’t working.

As I remarked earlier, I use authenticated users exclusively in my network and Microsoft’s email user name/password authentication system which I’ve also applied to the QNAP NAS.

Result!

The network flies along now. I think corrupted certificates had been popping up and down the wires for a while and recent Windows updates which have affected many folks have compounded it.

I still have the not-working internet icon even though I’m on the web typing this into my WordPress website through my NordVPN…. 🙂  A lot have folks have this problem since the May update.

Microsoft is working on another fix….

I think it’s a notification error between windows services.

I have found that a warning is at the top of the Win10 settings for windows updates.

When I check there are none to do. 🙂  Because on clicking the yellow warning I find nowt to do!!!


For me, these remaining issues are minor.  Most importantly the various machines can talk to each other in a secure manner and my File History backups all work.

 

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)

© 1977, Strangely Perfect.