troubleshooting lan or network problems solutions

8/4/2019 Troubleshooting LAN or Network Problems Solutions

1/14

TROUBLESHOOTINGSERVERMESSAGEBLOCK

INBOUNDCONNECTIONLIMITINWINDOWS

PEER TO PEERWORKGROUP


2/14

TROUBLESHOOTINGSERVERMESSAGEBLOCK

INBOUNDCONNECTIONLIMITINWINDOWS

PEER TO PEERWORKGROUP

In a peer-to-peer workgroup, when you try to connect to thenetwork resources of a computer that is running any of the

products listed at the beginning of this article, you may receive

one of the following error messages:

Operating system error 71.

No more connections can be made to this remote

computer at this time because there are already asmany connections as the computer can accept.

--------------***-------------

System error 71 has occurred.

This remote computer has reached its connectionlimit, you cannot connect at this time.

--------------***-------------

This problem occurs when a computer reaches the maximum

number of host connections that are allowed. In this case, when a

NULL session connection is generated in the Microsoft Windows

2000 client, this NULL session connection is counted as one

session on the Microsoft Windows XP-based server. Therefore, the

error messages occur that are mentioned in this "Symptom"

section, even if the number of connections to computers do not

exceed the limit.


3/14

In addition, when multiple NULL sessions are generated from a

single Windows 2000 client computer, the multiple NULL sessions

are counted as multiple sessions. However, a NULL session

appears as a single session when you run the net session

command. In this case, when the Restrict Anonymous registryentry is set, and the NULL session connection is rejected, this

symptom still occurs.

Notes:

For Windows XP Professional-based computers, themaximum number of concurrent network connections that

are allowed is 10. This limit includes all transfer and allresource share protocols. For Windows XP Home Edition-

based computers, the maximum number of concurrent

network connections that are allowed is 5. This limit is the

number of sessions that can be hosted at the same time

from other computers. Therefore, we cannot use the

administrative tool usage to connect to the system from a

remote computer.

When multiple NULL sessions are connected from a singlecomputer, each one of them is counted.

Only one IPC$ can be checked by using the net sessioncommand. For example, when a single Windows 2000-basedcomputer tries to use multiple IPC$ sessions, only one singleIPC$ session can be used at a time.

Restrict Anonymous is not valid for this resolution.


4/14

CAUSE :

A Windows client workstation may have opened a pipe connection

to the named pipe...

A Windows client workstation may have opened a pipe connectionto the named pipe \PIPE\spoolss on either a print server or a

workstation that has a shared printer. This typically occurs when

you start a program (such as Microsoft Word) that queries

printers, or if you open the Printers folder in Control Panel. Printer

spooling on both the client and the server will open a handle

related to this connection.

A Remote Procedure Call (RPC) requires one named pipe instancefor every active RPC call (like Open Printer). If an Open Printer

call stops responding, RPC keeps open the named pipe

connection. RPC does not disconnect this connection until the

context handle (that is Open Printers) has been closed.

If both the following conditions are true, you may open an

anonymous connection (also known as null session connection)

that never closes to the named pipe \PIPE\spoolss on the

workstation that acts as the server in your peer to peer network:

Your client has connected a shared printer on the computerthat acts as a 'print server'.

You have set up a local shared printer on one or moreclients.


5/14

RESOLUTIONS :

Use one of the following methods to restrict null session

connections on your wo...

Use one of the following methods to restrict null session

connections on your workstation that is acting as a print server.The preferred method is the first one.

Method 1

Disable null session connections on the Windows computer that

exceeds its incoming connection limit and shows some additional

null session connections either by using the Group Policy GUI or

by setting a registry key.

Using the Group Policy User Interface(Local Security Policy MMC Snap-In)

____________________________________

Click Star t , point to Pr og r ams , point to Adm in i st r a t i ve Too ls ,

and then click Loca l Secur i t y Po l icy .

Note :If you cannot perform this step because Admin i s t r a t i ve Toolsdoes not appear in the Program list, click Sta r t , point to

Set t ings , point to Cont ro l Pane l , double-click Admin i s t r a t i ve

Tools, and then click Loca l Secur i t y Po l icy .

Note :In Windows XP, the Restrict Anonymous sub key can

have a value of0 or 1 . A value of 1 restricts null sessionconnections on Windows XP-based clients. For regulation of the

enumeration of SAM accounts, the following new registry sub key

has been added:

HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Control\ Lsa\

restrictanonymoussam


6/14

The policy is configurable via Local Security Settings under

Security Settings\ Local Policies\ Security Options\ Network Access: Do not

allow anonymous enumeration of SAM accounts.

1.In Secur i t y Se t t i ngs , double-click Local Pol ic ies, andthen click Secur i t y Op t ions .

2.Double-click Add i t i ona l r es t r i c t i ons f or anonym ous connec t ions , and then under Loca l po l icy se t t ing : , clickNo access w i t hou t exp l i ci t anonym ous pe r m iss ions .

3.Restart the computer.This policy restricts null session connections.

Using Registry Editor

Important :This section, method, or task contains steps that

tell you how to modify the registry. However, serious problemsmight occur if you modify the registry incorrectly. Therefore,

make sure that you follow these steps carefully. For added

protection, back up the registry before you modify it. Then, you

can restore the registry if a problem occurs. For more information

about how to back up and restore the registry, click the following

article number to view the article in the Microsoft Knowledge

Base:

322756 (http:/ / support.microsoft.com/ kb/ 322756/ ) How to back up and restore

the registry in Window s


7/14

To restrict null session connections (or disable null session

access):

1.Start Regis t r y Ed i t o r .2.Locate, and then click the following key in the registry:

HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Control\ LSA

3.On theEditmenu, click Add Va lue , and then add thefollowing registry value:

Value Name: RestrictAnonymous

Data Type: REG_DWORD

Value: 2

Default: 0

A value of2 restricts nu l l session connections.

To set the Rest r i ct Anonym ous value, change the registry key

to 0 or 1 for Windows NT 4.0 or to 0, 1 , or 2for Windows 2000.

These numbers correspond to the following settings:

0 None. Rely on default permissions. 1 Do not allow enumeration of SAM accounts and

names.

2 No access without explicit anonymous permissions4.Restart the computer.

____________________________________


8/14

Method 2

Use the following method to avoid null session connections that

have a high session idle time and that have opened a handle to

the named pipe \PIPE\spoolss.

Remove Printer Share on Clients

Identify clients that have local printer shares enabled (see the

"More Information" section for additional information) and

remove all local printer shares on these computers:

1.Open the Pr in te r s folder to verify whether you haveshared a local printer.

2.Open the Proper t ies window of the shared printer, andthen click Shar ing .

3.Click to select the Not Shared option.

STATUS

Microsoft has confirmed that this is a problem in the Microsoft

products that ar...

Microsoft has confirmed that this is a problem in the Microsoft

products that are listed in the "Applies to" section.


9/14

MORE INFORMATION

Computers that run Windows NT Workstation 4.0, Windows 2000

Professional, and Wi...

Computers that run Windows NT Workstation 4.0, Windows 2000

Professional, and Windows XP Professional are licensed for amaximum of 10 concurrent client incoming sessions.Computers that run Windows XP Home Edition are licensed for a

maximum of 5 concurrent client incoming sessions. All logical

drive, logical printer, and transport level connections combined

from a single computer are one session.

If the server service already has the maximum number of open

sessions and one more user tries to allocate a resource, thecomputer returns the error messages that are described in the

"Symptoms" section of this article.

Typically a computer does not have multiple sessions to another

computer. But there are exceptions. For example, computer A is

running a service under another user context than the logged-on

user, and that service creates a logical connection to computer B.

The logical connection can result from file shares, printers, serial

ports, and also from communication between computers using

named pipes and mail slots.

Use the following commands to get information about sessions

and open files and shared resources.


10/14

Information About Active Sessions on theComputer That Is Running the Server Service

To receive information about active sessions on the computer

that is running the server service, type the following command:

net session

Count the number of open sessions to see if the session limit of

10, or 5 in the case of Windows XP Home Edition, is already

reached. Typically there is only one session per remote client.

If there is more than one session from a remote client, view theUser name context on the remote client that has set up more

than one session:

View all the services that are running, and find out if oneis running under the user context of the username shown

in the session table.

Look for scheduled tasks that are running in a logon scriptand are using a different user account then the one

logging in.

Look for rows where the User nam ecolumn is empty andexamine the idle time.

A session that has an empty user context is anu l l sess ion .

Temporary null sessions are usually caused by IPC$ connections

as the first step in establishing a connection. They stay active for

30 seconds to 90 seconds.

Note : To disconnect client computer sessions, use thefollowing command:

net session / delete \ \ computername


11/14

This command disconnects all sessions from that computer and

closes all open files. This command may cause data loss if open

files that have not been saved are closed.

Information About Open Files

To receive information about open files, on the computer that is

running the server service, type the following command:

net files

If you have seen permanent null user sessions in the session

table, determine which file or pipe the null user is using.

Information About NetBIOS Connection Table

To see a listing of incoming and outgoing connections and the

amount of traffic carried on these connections, type the

command:

nbtstat s


12/14

Information About Shared Resources

To see file shares, hidden administrative shares and shared

printers, type the following command:

net share

You may have to perform further troubleshooting to determine

the causes for multiple client sessions.

Use Network Monitor to find out which component initiates an

additional session and what security context is used for the

Server Message Block (SMB) session. To filter the traffic that

printer spooling causes, use the R_WINSPOOL parser in NetworkMonitor. If a Windows-based computer looks for computers that

are acting as a Print Queue Server, it uses NetShareEnum

transactions through the RemAPI protocol (also known as the

Microsoft Windows Lanman Remote API Protocol). By default,

when you use a NetShareEnum transaction, you require only

anonymous access to make NetServerEnum2 and

NetServerEnum3 requests. By default, Windows operating

systems have anonymous access enabled.


13/14

For more information, click the follow ingarticle number to view the article in theMicrosoft Knowledge Base:

122920 (http:/ / support.microsoft.com/ kb/ 122920/ ) Inbound connections limit in Windows

132679 (http:/ / support.microsoft.com/ kb/ 132679/ ) Local System account and null sessions in

Windows NT

143474 (http:/ / support.microsoft.com/ kb/ 143474/ ) Restricting information available to anonymous

logon users

149522 (http:/ / support.microsoft.com/ kb/ 149522/ ) System Error 71 and License Manager

154541 (http:/ / support.microsoft.com/ kb/ 154541/ ) Clients open many \ Pipe\ Spoolss connections

to WinNT print server

156431 (http:/ / support.microsoft.com/ kb/ 156431/ ) Error 71 when using NT Server from MSDN

Select CD

179483 (http:/ / support.microsoft.com/ kb/ 179483/ ) "No more connections can be made at this

time" error message

191611 (http:/ / support.microsoft.com/ kb/ 191611/ ) Symptoms of multihomed browsers

246261 (http:/ / support.microsoft.com/ kb/ 246261/ ) How to use the RestrictAnonymous registry

value in Window s 2000

289655 (http:/ / support.microsoft.com/ kb/ 289655/ ) How to enable null session shares on a

Window s 2000-based computer

302099 (http:/ / support.microsoft.com/ kb/ 302099/ ) Windows 2000 clients use multiple connections

when mapping drives to a single server

314882 (http:/ / support.microsoft.com/ kb/ 314882/ ) Inbound connections limit in Windows XP


14/14

troubleshooting lan or network problems solutions

Documents