Discussion:
Index of UNC files between w2k y windows 2003 doesn't work
(too old to reply)
May R
2007-03-28 00:22:51 UTC
Permalink
I have the same problem. The queries do not return any results.
I have two servers in two different networks. One server with w2k and
index server and the remote server that is a server with windows 2003.
This is the file server that I want to index.
I have the same account with the same name and password on both servers
the windows 2000 (indexing server) and the remote machine (windows 2003)
with exactly the same username and password.
With the two servers with w2k the queries were OK but now the queries do
not return any results.

Thank you

May
Gang_Warily
2007-03-29 11:44:03 UTC
Permalink
Hi May

What queries ?

What do you mean by "UNC Files " - on another server ?
I think you mean your catalog & search process are on a windows 2000 server,
accessing files to be searched on a different server with Windows 2003.

"same problem" - same as what ?

Are you indexing a website virtual root (vpath) or physical root (path) ?
Does the catalog build look OK - about the right number of documents ?

Eric
Post by May R
I have the same problem. The queries do not return any results.
I have two servers in two different networks. One server with w2k and
index server and the remote server that is a server with windows 2003.
This is the file server that I want to index.
I have the same account with the same name and password on both servers
the windows 2000 (indexing server) and the remote machine (windows 2003)
with exactly the same username and password.
With the two servers with w2k the queries were OK but now the queries do
not return any results.
Thank you
May
May R
2007-03-29 11:58:02 UTC
Permalink
UNC files are files in another server with windows 2003
Yes my index server and catalog are on a windows 2000 server, but i want to
index a physical path like this:"\\server\path" that exists on a diferent
server with windows 2003.
This is a local administrator user that exists in the both servers.
Post by Gang_Warily
Hi May
What queries ?
What do you mean by "UNC Files " - on another server ?
I think you mean your catalog & search process are on a windows 2000 server,
accessing files to be searched on a different server with Windows 2003.
"same problem" - same as what ?
Are you indexing a website virtual root (vpath) or physical root (path) ?
Does the catalog build look OK - about the right number of documents ?
Eric
Post by May R
I have the same problem. The queries do not return any results.
I have two servers in two different networks. One server with w2k and
index server and the remote server that is a server with windows 2003.
This is the file server that I want to index.
I have the same account with the same name and password on both servers
the windows 2000 (indexing server) and the remote machine (windows 2003)
with exactly the same username and password.
With the two servers with w2k the queries were OK but now the queries do
not return any results.
Thank you
May
Gang_Warily
2007-03-29 12:56:00 UTC
Permalink
Post by May R
This is a local administrator user that exists in the both servers.
Do you mean that user "\\2000server\localadmin" has rights to access the
file UNC path "\\2003server\share\folder\file.ext" ?

I thought that 'local' meant the user wasn't available to other servers ?

If user "\\2000server\localadmin" can access files which have permissions
granted to user "\\2003server\localadmin", then that might just work by
accident, if both users have the same password. I would be surprised, though
- I would hope Microsoft fixed that long ago ! Maybe that is the change in
2000->2003 ?

And what are the queries ?
And what response do you get ?

And does the catalog build seem to have worked ?
If not,
Has the firewall been updated, or does the new server have the same IP
address & ports as the old one ?
Can you 'ping' from one to the other ?
Can the user access the files from the other computer ?

Eric
Post by May R
UNC files are files in another server with windows 2003
Yes my index server and catalog are on a windows 2000 server, but i want to
index a physical path like this:"\\server\path" that exists on a diferent
server with windows 2003.
This is a local administrator user that exists in the both servers.
Post by Gang_Warily
Hi May
What queries ?
What do you mean by "UNC Files " - on another server ?
I think you mean your catalog & search process are on a windows 2000 server,
accessing files to be searched on a different server with Windows 2003.
"same problem" - same as what ?
Are you indexing a website virtual root (vpath) or physical root (path) ?
Does the catalog build look OK - about the right number of documents ?
Eric
Post by May R
I have the same problem. The queries do not return any results.
I have two servers in two different networks. One server with w2k and
index server and the remote server that is a server with windows 2003.
This is the file server that I want to index.
I have the same account with the same name and password on both servers
the windows 2000 (indexing server) and the remote machine (windows 2003)
with exactly the same username and password.
With the two servers with w2k the queries were OK but now the queries do
not return any results.
Thank you
May
Gang_Warily
2007-03-29 13:16:01 UTC
Permalink
PS

http://www.iislogs.com/articles/23/
describes
Two servers running Windows 2003
Local user id on each machine with the same user id with same password
working, so they haven't stopped that.
Still might work differently in 2003 so you can't access (from) 2000 ...

Is your webserver running on the 2000 server OK ?

Eric
Post by Gang_Warily
Post by May R
This is a local administrator user that exists in the both servers.
Do you mean that user "\\2000server\localadmin" has rights to access the
file UNC path "\\2003server\share\folder\file.ext" ?
I thought that 'local' meant the user wasn't available to other servers ?
If user "\\2000server\localadmin" can access files which have permissions
granted to user "\\2003server\localadmin", then that might just work by
accident, if both users have the same password. I would be surprised, though
- I would hope Microsoft fixed that long ago ! Maybe that is the change in
2000->2003 ?
And what are the queries ?
And what response do you get ?
And does the catalog build seem to have worked ?
If not,
Has the firewall been updated, or does the new server have the same IP
address & ports as the old one ?
Can you 'ping' from one to the other ?
Can the user access the files from the other computer ?
Eric
Post by May R
UNC files are files in another server with windows 2003
Yes my index server and catalog are on a windows 2000 server, but i want to
index a physical path like this:"\\server\path" that exists on a diferent
server with windows 2003.
This is a local administrator user that exists in the both servers.
Post by Gang_Warily
Hi May
What queries ?
What do you mean by "UNC Files " - on another server ?
I think you mean your catalog & search process are on a windows 2000 server,
accessing files to be searched on a different server with Windows 2003.
"same problem" - same as what ?
Are you indexing a website virtual root (vpath) or physical root (path) ?
Does the catalog build look OK - about the right number of documents ?
Eric
Post by May R
I have the same problem. The queries do not return any results.
I have two servers in two different networks. One server with w2k and
index server and the remote server that is a server with windows 2003.
This is the file server that I want to index.
I have the same account with the same name and password on both servers
the windows 2000 (indexing server) and the remote machine (windows 2003)
with exactly the same username and password.
With the two servers with w2k the queries were OK but now the queries do
not return any results.
Thank you
May
May R
2007-03-29 15:24:05 UTC
Permalink
I'm doing like this article.
Local user id on each machine with the same user id with same password
This user is local administrator in both servers. He has all permissions in
the remote server to index the remote server. in windows 2000 all of things
were working ok but the problem like I said you before appears when i change
the server
I think that maybe is by the security of windows 2003 or the authentication
or something like this.

Thanks for your attention
Post by Gang_Warily
Post by May R
This is a local administrator user that exists in the both servers.
Do you mean that user "\\2000server\localadmin" has rights to access the
file UNC path "\\2003server\share\folder\file.ext" ?
I thought that 'local' meant the user wasn't available to other servers ?
If user "\\2000server\localadmin" can access files which have permissions
granted to user "\\2003server\localadmin", then that might just work by
accident, if both users have the same password. I would be surprised, though
- I would hope Microsoft fixed that long ago ! Maybe that is the change in
2000->2003 ?
And what are the queries ?
And what response do you get ?
And does the catalog build seem to have worked ?
If not,
Has the firewall been updated, or does the new server have the same IP
address & ports as the old one ?
Can you 'ping' from one to the other ?
Can the user access the files from the other computer ?
Eric
Post by May R
UNC files are files in another server with windows 2003
Yes my index server and catalog are on a windows 2000 server, but i want to
index a physical path like this:"\\server\path" that exists on a diferent
server with windows 2003.
This is a local administrator user that exists in the both servers.
Post by Gang_Warily
Hi May
What queries ?
What do you mean by "UNC Files " - on another server ?
I think you mean your catalog & search process are on a windows 2000 server,
accessing files to be searched on a different server with Windows 2003.
"same problem" - same as what ?
Are you indexing a website virtual root (vpath) or physical root (path) ?
Does the catalog build look OK - about the right number of documents ?
Eric
Post by May R
I have the same problem. The queries do not return any results.
I have two servers in two different networks. One server with w2k and
index server and the remote server that is a server with windows 2003.
This is the file server that I want to index.
I have the same account with the same name and password on both servers
the windows 2000 (indexing server) and the remote machine (windows 2003)
with exactly the same username and password.
With the two servers with w2k the queries were OK but now the queries do
not return any results.
Thank you
May
Gang_Warily
2007-03-29 15:48:01 UTC
Permalink
Hi May

I don't feel like I've managed to help you.
I can't help more without more information.
That is why I ask so many questions.

I still can't tell if it is an Indexing Service problem (cataloging or
querying),
or a file access problem (permissions),
or a server communication problem (ping/firewall).

Even if you post your problem to another group,
they will still need the same information !

Shall we start from the simplest level:
do you understand 'ping' ?
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/iitrblsh.mspx?mfr=true

Eric
Post by May R
I'm doing like this article.
Local user id on each machine with the same user id with same password
This user is local administrator in both servers. He has all permissions in
the remote server to index the remote server. in windows 2000 all of things
were working ok but the problem like I said you before appears when i change
the server
I think that maybe is by the security of windows 2003 or the authentication
or something like this.
Thanks for your attention
Post by Gang_Warily
Post by May R
This is a local administrator user that exists in the both servers.
Do you mean that user "\\2000server\localadmin" has rights to access the
file UNC path "\\2003server\share\folder\file.ext" ?
I thought that 'local' meant the user wasn't available to other servers ?
If user "\\2000server\localadmin" can access files which have permissions
granted to user "\\2003server\localadmin", then that might just work by
accident, if both users have the same password. I would be surprised, though
- I would hope Microsoft fixed that long ago ! Maybe that is the change in
2000->2003 ?
And what are the queries ?
And what response do you get ?
And does the catalog build seem to have worked ?
If not,
Has the firewall been updated, or does the new server have the same IP
address & ports as the old one ?
Can you 'ping' from one to the other ?
Can the user access the files from the other computer ?
Eric
Post by May R
UNC files are files in another server with windows 2003
Yes my index server and catalog are on a windows 2000 server, but i want to
index a physical path like this:"\\server\path" that exists on a diferent
server with windows 2003.
This is a local administrator user that exists in the both servers.
Post by Gang_Warily
Hi May
What queries ?
What do you mean by "UNC Files " - on another server ?
I think you mean your catalog & search process are on a windows 2000 server,
accessing files to be searched on a different server with Windows 2003.
"same problem" - same as what ?
Are you indexing a website virtual root (vpath) or physical root (path) ?
Does the catalog build look OK - about the right number of documents ?
Eric
Post by May R
I have the same problem. The queries do not return any results.
I have two servers in two different networks. One server with w2k and
index server and the remote server that is a server with windows 2003.
This is the file server that I want to index.
I have the same account with the same name and password on both servers
the windows 2000 (indexing server) and the remote machine (windows 2003)
with exactly the same username and password.
With the two servers with w2k the queries were OK but now the queries do
not return any results.
Thank you
May
May R
2007-03-30 08:30:01 UTC
Permalink
I'll try to explain better

1.- I have a web Server with Windows 2003 (Server A) in zone DMZ1.
The role of the Server is "member".
This Server has a Share (\\ServerA\News), that it's also an IIS virtual
directory of server A.
"Joe" (local user) is Administrator of Server A.

2.- Server B is in DMZ2.
It is an Index Server with W2K.
Server B has a local user "Joe".
User "Joe" of Server A has the same password of user "Joe" of B.

3. I want to index in the Index Server (B), the Share of Server A using
credentials of User "Joe".
It's: \\ServerA\News.
I have verified that from Server A (Explorer, Tools, Map a network disk)
I can map \\ServerA\News with the user "Joe". It works.

4.- I Stop the Index Service in Server B and I Start it again.
It seems that there are X documents to be indexed. After indexing the
documents, I try to find them using the "Query to Catalog" from the MMC.
There are no results.

5.- Previously the Server A was a W2K server and everything was fine
using exactly the same configuration.
The key point is that now the "Query to catalog" doesn't work.
It seems that there is something in W2003 different that when it was
with W2k.

5.- In the firewall the ports and the protocols between the servers are
open to allow this architecture work perfectly.

Best regards,
May.
Post by Gang_Warily
Hi May
I don't feel like I've managed to help you.
I can't help more without more information.
That is why I ask so many questions.
I still can't tell if it is an Indexing Service problem (cataloging or
querying),
or a file access problem (permissions),
or a server communication problem (ping/firewall).
Even if you post your problem to another group,
they will still need the same information !
do you understand 'ping' ?
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/iitrblsh.mspx?mfr=true
Eric
Post by May R
I'm doing like this article.
Local user id on each machine with the same user id with same password
This user is local administrator in both servers. He has all permissions in
the remote server to index the remote server. in windows 2000 all of things
were working ok but the problem like I said you before appears when i change
the server
I think that maybe is by the security of windows 2003 or the authentication
or something like this.
Thanks for your attention
Post by Gang_Warily
Post by May R
This is a local administrator user that exists in the both servers.
Do you mean that user "\\2000server\localadmin" has rights to access the
file UNC path "\\2003server\share\folder\file.ext" ?
I thought that 'local' meant the user wasn't available to other servers ?
If user "\\2000server\localadmin" can access files which have permissions
granted to user "\\2003server\localadmin", then that might just work by
accident, if both users have the same password. I would be surprised, though
- I would hope Microsoft fixed that long ago ! Maybe that is the change in
2000->2003 ?
And what are the queries ?
And what response do you get ?
And does the catalog build seem to have worked ?
If not,
Has the firewall been updated, or does the new server have the same IP
address & ports as the old one ?
Can you 'ping' from one to the other ?
Can the user access the files from the other computer ?
Eric
Post by May R
UNC files are files in another server with windows 2003
Yes my index server and catalog are on a windows 2000 server, but i want to
index a physical path like this:"\\server\path" that exists on a diferent
server with windows 2003.
This is a local administrator user that exists in the both servers.
Post by Gang_Warily
Hi May
What queries ?
What do you mean by "UNC Files " - on another server ?
I think you mean your catalog & search process are on a windows 2000 server,
accessing files to be searched on a different server with Windows 2003.
"same problem" - same as what ?
Are you indexing a website virtual root (vpath) or physical root (path) ?
Does the catalog build look OK - about the right number of documents ?
Eric
Post by May R
I have the same problem. The queries do not return any results.
I have two servers in two different networks. One server with w2k and
index server and the remote server that is a server with windows 2003.
This is the file server that I want to index.
I have the same account with the same name and password on both servers
the windows 2000 (indexing server) and the remote machine (windows 2003)
with exactly the same username and password.
With the two servers with w2k the queries were OK but now the queries do
not return any results.
Thank you
May
Gang_Warily
2007-03-30 09:52:02 UTC
Permalink
OK so the user can access the file, but not search for it.
Worth checking - the question is posted to the right group.

Unless someone else reading this can help,
I think you will have to do some experimentation.
But I'm not sure where to start.

Have Catalog Properties turned up as normal in the MMC ?
That is a good indicator that catalog build is successful,
and it is purely a query problem.

Google turned up "Security Tips"
http://msdn2.microsoft.com/en-us/library/ms689651.aspx

"Indexing Service fully respects NTFS security. As long as the catalog is on
an NTFS drive, users will not see documents in the results list if they do
not have permission the appropriate permission. Note that this is only true
for local NTFS volumes.
If you index a universal naming convention share, users will be able to see
documents on that share in the results list, whether they have permission or
not. They might be able to open the documents, depending on their
permissions, essentially bypassing security. "

That surprises me, and suggests your users might see more results, rather
than nothing !
Very odd !
There may be some fundamental change in the way permissions work 2000 - 2003.

It might be worth seeing if you can sit at the windows 2000 server,
connect to the share on the Windows 2003 server via UNC, create a folder,
set permissions on it, create content in it, index, search and find it !

If you actually use Windows 2000 to set the permissions, that may help.
You may even have access to the user \\2000server\joe ?
I know we had some strange results from setting permissions on Windows 2000
servers from XP workstations ...

It sounds as though you may not want to use the server in the DMZ to publish
to the more secure 2003 server,
but it might help you identify the exact problem !

Sometimes permissions set with one version of Windows are not visible to
another.
I think Windows 2003 shows them in Windows 2000 style, then if you click
Advanced it shows you what is really happening in Windows 2003 style !
You may get more information about the permissions using the command-line
tools CACLS & XCACLS (2003 Resource Kit Tools download ?)

There is another usenet news group
microsoft.public.win2000.file_system
that may help more if you are convinced it is an NTFS problem.

If you do have to copy files around it's worth tracking down RoboCopy
version XP026, not the Win2003 RK Tools one !
(Buy "Windows XP Resource kit", or download & install
http://codegallery.gotdotnet.com/robocopygui and look in your 'Documents &
settings'.)

Windows 2003 is more locked-down (securely configured) by default.
I'm sure there is a list of changes published on MS site - might be worth
finding ?
Maybe upgrading the Windows 2000 server to 2003 might be worth considering ?
Post by May R
I'll try to explain better
1.- I have a web Server with Windows 2003 (Server A) in zone DMZ1.
The role of the Server is "member".
This Server has a Share (\\ServerA\News), that it's also an IIS virtual
directory of server A.
"Joe" (local user) is Administrator of Server A.
2.- Server B is in DMZ2.
It is an Index Server with W2K.
Server B has a local user "Joe".
User "Joe" of Server A has the same password of user "Joe" of B.
3. I want to index in the Index Server (B), the Share of Server A using
credentials of User "Joe".
It's: \\ServerA\News.
I have verified that from Server A (Explorer, Tools, Map a network disk)
I can map \\ServerA\News with the user "Joe". It works.
4.- I Stop the Index Service in Server B and I Start it again.
It seems that there are X documents to be indexed. After indexing the
documents, I try to find them using the "Query to Catalog" from the MMC.
There are no results.
5.- Previously the Server A was a W2K server and everything was fine
using exactly the same configuration.
The key point is that now the "Query to catalog" doesn't work.
It seems that there is something in W2003 different that when it was
with W2k.
5.- In the firewall the ports and the protocols between the servers are
open to allow this architecture work perfectly.
Best regards,
May.
Post by Gang_Warily
Hi May
I don't feel like I've managed to help you.
I can't help more without more information.
That is why I ask so many questions.
I still can't tell if it is an Indexing Service problem (cataloging or
querying),
or a file access problem (permissions),
or a server communication problem (ping/firewall).
Even if you post your problem to another group,
they will still need the same information !
do you understand 'ping' ?
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/iitrblsh.mspx?mfr=true
Eric
Post by May R
I'm doing like this article.
Local user id on each machine with the same user id with same password
This user is local administrator in both servers. He has all permissions in
the remote server to index the remote server. in windows 2000 all of things
were working ok but the problem like I said you before appears when i change
the server
I think that maybe is by the security of windows 2003 or the authentication
or something like this.
Thanks for your attention
Post by Gang_Warily
Post by May R
This is a local administrator user that exists in the both servers.
Do you mean that user "\\2000server\localadmin" has rights to access the
file UNC path "\\2003server\share\folder\file.ext" ?
I thought that 'local' meant the user wasn't available to other servers ?
If user "\\2000server\localadmin" can access files which have permissions
granted to user "\\2003server\localadmin", then that might just work by
accident, if both users have the same password. I would be surprised, though
- I would hope Microsoft fixed that long ago ! Maybe that is the change in
2000->2003 ?
And what are the queries ?
And what response do you get ?
And does the catalog build seem to have worked ?
If not,
Has the firewall been updated, or does the new server have the same IP
address & ports as the old one ?
Can you 'ping' from one to the other ?
Can the user access the files from the other computer ?
Eric
Post by May R
UNC files are files in another server with windows 2003
Yes my index server and catalog are on a windows 2000 server, but i want to
index a physical path like this:"\\server\path" that exists on a diferent
server with windows 2003.
This is a local administrator user that exists in the both servers.
Post by Gang_Warily
Hi May
What queries ?
What do you mean by "UNC Files " - on another server ?
I think you mean your catalog & search process are on a windows 2000 server,
accessing files to be searched on a different server with Windows 2003.
"same problem" - same as what ?
Are you indexing a website virtual root (vpath) or physical root (path) ?
Does the catalog build look OK - about the right number of documents ?
Eric
Post by May R
I have the same problem. The queries do not return any results.
I have two servers in two different networks. One server with w2k and
index server and the remote server that is a server with windows 2003.
This is the file server that I want to index.
I have the same account with the same name and password on both servers
the windows 2000 (indexing server) and the remote machine (windows 2003)
with exactly the same username and password.
With the two servers with w2k the queries were OK but now the queries do
not return any results.
Thank you
May
May R
2007-04-03 06:42:01 UTC
Permalink
first of all thank you for your attention

I tested you said to me
From the windows 2000 server if I connect to the share on the Windows 2003
from the windows 2000 server via UNC and I create a folder and a file I can
search and find it quickly.

I don't know what more can i do
Post by Gang_Warily
OK so the user can access the file, but not search for it.
Worth checking - the question is posted to the right group.
Unless someone else reading this can help,
I think you will have to do some experimentation.
But I'm not sure where to start.
Have Catalog Properties turned up as normal in the MMC ?
That is a good indicator that catalog build is successful,
and it is purely a query problem.
Google turned up "Security Tips"
http://msdn2.microsoft.com/en-us/library/ms689651.aspx
"Indexing Service fully respects NTFS security. As long as the catalog is on
an NTFS drive, users will not see documents in the results list if they do
not have permission the appropriate permission. Note that this is only true
for local NTFS volumes.
If you index a universal naming convention share, users will be able to see
documents on that share in the results list, whether they have permission or
not. They might be able to open the documents, depending on their
permissions, essentially bypassing security. "
That surprises me, and suggests your users might see more results, rather
than nothing !
Very odd !
There may be some fundamental change in the way permissions work 2000 - 2003.
It might be worth seeing if you can sit at the windows 2000 server,
connect to the share on the Windows 2003 server via UNC, create a folder,
set permissions on it, create content in it, index, search and find it !
If you actually use Windows 2000 to set the permissions, that may help.
You may even have access to the user \\2000server\joe ?
I know we had some strange results from setting permissions on Windows 2000
servers from XP workstations ...
It sounds as though you may not want to use the server in the DMZ to publish
to the more secure 2003 server,
but it might help you identify the exact problem !
Sometimes permissions set with one version of Windows are not visible to
another.
I think Windows 2003 shows them in Windows 2000 style, then if you click
Advanced it shows you what is really happening in Windows 2003 style !
You may get more information about the permissions using the command-line
tools CACLS & XCACLS (2003 Resource Kit Tools download ?)
There is another usenet news group
microsoft.public.win2000.file_system
that may help more if you are convinced it is an NTFS problem.
If you do have to copy files around it's worth tracking down RoboCopy
version XP026, not the Win2003 RK Tools one !
(Buy "Windows XP Resource kit", or download & install
http://codegallery.gotdotnet.com/robocopygui and look in your 'Documents &
settings'.)
Windows 2003 is more locked-down (securely configured) by default.
I'm sure there is a list of changes published on MS site - might be worth
finding ?
Maybe upgrading the Windows 2000 server to 2003 might be worth considering ?
Post by May R
I'll try to explain better
1.- I have a web Server with Windows 2003 (Server A) in zone DMZ1.
The role of the Server is "member".
This Server has a Share (\\ServerA\News), that it's also an IIS virtual
directory of server A.
"Joe" (local user) is Administrator of Server A.
2.- Server B is in DMZ2.
It is an Index Server with W2K.
Server B has a local user "Joe".
User "Joe" of Server A has the same password of user "Joe" of B.
3. I want to index in the Index Server (B), the Share of Server A using
credentials of User "Joe".
It's: \\ServerA\News.
I have verified that from Server A (Explorer, Tools, Map a network disk)
I can map \\ServerA\News with the user "Joe". It works.
4.- I Stop the Index Service in Server B and I Start it again.
It seems that there are X documents to be indexed. After indexing the
documents, I try to find them using the "Query to Catalog" from the MMC.
There are no results.
5.- Previously the Server A was a W2K server and everything was fine
using exactly the same configuration.
The key point is that now the "Query to catalog" doesn't work.
It seems that there is something in W2003 different that when it was
with W2k.
5.- In the firewall the ports and the protocols between the servers are
open to allow this architecture work perfectly.
Best regards,
May.
Post by Gang_Warily
Hi May
I don't feel like I've managed to help you.
I can't help more without more information.
That is why I ask so many questions.
I still can't tell if it is an Indexing Service problem (cataloging or
querying),
or a file access problem (permissions),
or a server communication problem (ping/firewall).
Even if you post your problem to another group,
they will still need the same information !
do you understand 'ping' ?
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/iitrblsh.mspx?mfr=true
Eric
Post by May R
I'm doing like this article.
Local user id on each machine with the same user id with same password
This user is local administrator in both servers. He has all permissions in
the remote server to index the remote server. in windows 2000 all of things
were working ok but the problem like I said you before appears when i change
the server
I think that maybe is by the security of windows 2003 or the authentication
or something like this.
Thanks for your attention
Post by Gang_Warily
Post by May R
This is a local administrator user that exists in the both servers.
Do you mean that user "\\2000server\localadmin" has rights to access the
file UNC path "\\2003server\share\folder\file.ext" ?
I thought that 'local' meant the user wasn't available to other servers ?
If user "\\2000server\localadmin" can access files which have permissions
granted to user "\\2003server\localadmin", then that might just work by
accident, if both users have the same password. I would be surprised, though
- I would hope Microsoft fixed that long ago ! Maybe that is the change in
2000->2003 ?
And what are the queries ?
And what response do you get ?
And does the catalog build seem to have worked ?
If not,
Has the firewall been updated, or does the new server have the same IP
address & ports as the old one ?
Can you 'ping' from one to the other ?
Can the user access the files from the other computer ?
Eric
Post by May R
UNC files are files in another server with windows 2003
Yes my index server and catalog are on a windows 2000 server, but i want to
index a physical path like this:"\\server\path" that exists on a diferent
server with windows 2003.
This is a local administrator user that exists in the both servers.
Post by Gang_Warily
Hi May
What queries ?
What do you mean by "UNC Files " - on another server ?
I think you mean your catalog & search process are on a windows 2000 server,
accessing files to be searched on a different server with Windows 2003.
"same problem" - same as what ?
Are you indexing a website virtual root (vpath) or physical root (path) ?
Does the catalog build look OK - about the right number of documents ?
Eric
Post by May R
I have the same problem. The queries do not return any results.
I have two servers in two different networks. One server with w2k and
index server and the remote server that is a server with windows 2003.
This is the file server that I want to index.
I have the same account with the same name and password on both servers
the windows 2000 (indexing server) and the remote machine (windows 2003)
with exactly the same username and password.
With the two servers with w2k the queries were OK but now the queries do
not return any results.
Thank you
May
Gang_Warily
2007-04-03 09:06:05 UTC
Permalink
OK - so setting permissions using Windows 2000 via a UNC share to the Windows
2003 server lets you search.
That means the problem can be solved - good.
Generally when you create a file or folder, it 'inherits' permissions set on
the folder you make it in. Even if you create the file or sub-folder in
Windows 2003, I am pretty sure it will inherit the permissions you set using
Windows 2000.
('Inherit' means to get something from your mother or father - in real life,
it is used for having blue eyes when you are born, and getting their money
when they die. In computing terms, the folder that contains a file or
sub-folder is often called the 'parent' folder, so 'inherit' has much the
same meaning !)

So now you need to use Windows 2000 to create a new folder to contain your
content, and to set the right permissions there.
Then if you copy all the content into the new folder, even using Windows
2003 to do the copying, it should work. New files in future too - you
shouldn't have to use Windows 2000 for publishing.
Then you just need to change the root directory of your website to the new
folder.

Make sure that you Copy the content - don't Move it !
If you Move it you are not creating new files and sub-folders,
so it does not inherit the Win 2000 permissions, but keeps the same 2003
permissions that cause the problems !

I mentioned Robocopy - don't use it unless you have to. Try just using
Windows to copy the files first: RoboCopy can copy permissions, too, which
you don't want !

Are we there yet ?

Eric
Post by May R
first of all thank you for your attention
I tested you said to me
From the windows 2000 server if I connect to the share on the Windows 2003
from the windows 2000 server via UNC and I create a folder and a file I can
search and find it quickly.
I don't know what more can i do
Post by Gang_Warily
OK so the user can access the file, but not search for it.
Worth checking - the question is posted to the right group.
Unless someone else reading this can help,
I think you will have to do some experimentation.
But I'm not sure where to start.
Have Catalog Properties turned up as normal in the MMC ?
That is a good indicator that catalog build is successful,
and it is purely a query problem.
Google turned up "Security Tips"
http://msdn2.microsoft.com/en-us/library/ms689651.aspx
"Indexing Service fully respects NTFS security. As long as the catalog is on
an NTFS drive, users will not see documents in the results list if they do
not have permission the appropriate permission. Note that this is only true
for local NTFS volumes.
If you index a universal naming convention share, users will be able to see
documents on that share in the results list, whether they have permission or
not. They might be able to open the documents, depending on their
permissions, essentially bypassing security. "
That surprises me, and suggests your users might see more results, rather
than nothing !
Very odd !
There may be some fundamental change in the way permissions work 2000 - 2003.
It might be worth seeing if you can sit at the windows 2000 server,
connect to the share on the Windows 2003 server via UNC, create a folder,
set permissions on it, create content in it, index, search and find it !
If you actually use Windows 2000 to set the permissions, that may help.
You may even have access to the user \\2000server\joe ?
I know we had some strange results from setting permissions on Windows 2000
servers from XP workstations ...
It sounds as though you may not want to use the server in the DMZ to publish
to the more secure 2003 server,
but it might help you identify the exact problem !
Sometimes permissions set with one version of Windows are not visible to
another.
I think Windows 2003 shows them in Windows 2000 style, then if you click
Advanced it shows you what is really happening in Windows 2003 style !
You may get more information about the permissions using the command-line
tools CACLS & XCACLS (2003 Resource Kit Tools download ?)
There is another usenet news group
microsoft.public.win2000.file_system
that may help more if you are convinced it is an NTFS problem.
If you do have to copy files around it's worth tracking down RoboCopy
version XP026, not the Win2003 RK Tools one !
(Buy "Windows XP Resource kit", or download & install
http://codegallery.gotdotnet.com/robocopygui and look in your 'Documents &
settings'.)
Windows 2003 is more locked-down (securely configured) by default.
I'm sure there is a list of changes published on MS site - might be worth
finding ?
Maybe upgrading the Windows 2000 server to 2003 might be worth considering ?
Post by May R
I'll try to explain better
1.- I have a web Server with Windows 2003 (Server A) in zone DMZ1.
The role of the Server is "member".
This Server has a Share (\\ServerA\News), that it's also an IIS virtual
directory of server A.
"Joe" (local user) is Administrator of Server A.
2.- Server B is in DMZ2.
It is an Index Server with W2K.
Server B has a local user "Joe".
User "Joe" of Server A has the same password of user "Joe" of B.
3. I want to index in the Index Server (B), the Share of Server A using
credentials of User "Joe".
It's: \\ServerA\News.
I have verified that from Server A (Explorer, Tools, Map a network disk)
I can map \\ServerA\News with the user "Joe". It works.
4.- I Stop the Index Service in Server B and I Start it again.
It seems that there are X documents to be indexed. After indexing the
documents, I try to find them using the "Query to Catalog" from the MMC.
There are no results.
5.- Previously the Server A was a W2K server and everything was fine
using exactly the same configuration.
The key point is that now the "Query to catalog" doesn't work.
It seems that there is something in W2003 different that when it was
with W2k.
5.- In the firewall the ports and the protocols between the servers are
open to allow this architecture work perfectly.
Best regards,
May.
Post by Gang_Warily
Hi May
I don't feel like I've managed to help you.
I can't help more without more information.
That is why I ask so many questions.
I still can't tell if it is an Indexing Service problem (cataloging or
querying),
or a file access problem (permissions),
or a server communication problem (ping/firewall).
Even if you post your problem to another group,
they will still need the same information !
do you understand 'ping' ?
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/iitrblsh.mspx?mfr=true
Eric
Post by May R
I'm doing like this article.
Local user id on each machine with the same user id with same password
This user is local administrator in both servers. He has all permissions in
the remote server to index the remote server. in windows 2000 all of things
were working ok but the problem like I said you before appears when i change
the server
I think that maybe is by the security of windows 2003 or the authentication
or something like this.
Thanks for your attention
Post by Gang_Warily
Post by May R
This is a local administrator user that exists in the both servers.
Do you mean that user "\\2000server\localadmin" has rights to access the
file UNC path "\\2003server\share\folder\file.ext" ?
I thought that 'local' meant the user wasn't available to other servers ?
If user "\\2000server\localadmin" can access files which have permissions
granted to user "\\2003server\localadmin", then that might just work by
accident, if both users have the same password. I would be surprised, though
- I would hope Microsoft fixed that long ago ! Maybe that is the change in
2000->2003 ?
And what are the queries ?
And what response do you get ?
And does the catalog build seem to have worked ?
If not,
Has the firewall been updated, or does the new server have the same IP
address & ports as the old one ?
Can you 'ping' from one to the other ?
Can the user access the files from the other computer ?
Eric
Post by May R
UNC files are files in another server with windows 2003
Yes my index server and catalog are on a windows 2000 server, but i want to
index a physical path like this:"\\server\path" that exists on a diferent
server with windows 2003.
This is a local administrator user that exists in the both servers.
Post by Gang_Warily
Hi May
What queries ?
What do you mean by "UNC Files " - on another server ?
I think you mean your catalog & search process are on a windows 2000 server,
accessing files to be searched on a different server with Windows 2003.
"same problem" - same as what ?
Are you indexing a website virtual root (vpath) or physical root (path) ?
Does the catalog build look OK - about the right number of documents ?
Eric
Post by May R
I have the same problem. The queries do not return any results.
I have two servers in two different networks. One server with w2k and
index server and the remote server that is a server with windows 2003.
This is the file server that I want to index.
I have the same account with the same name and password on both servers
the windows 2000 (indexing server) and the remote machine (windows 2003)
with exactly the same username and password.
With the two servers with w2k the queries were OK but now the queries do
not return any results.
Thank you
May
Gang_Warily
2007-03-29 11:58:03 UTC
Permalink
PS
Does the user doing the search have rights to access the files ?
How are the servers related - both members of the same domain ?
Eric
Post by Gang_Warily
Hi May
What queries ?
What do you mean by "UNC Files " - on another server ?
I think you mean your catalog & search process are on a windows 2000 server,
accessing files to be searched on a different server with Windows 2003.
"same problem" - same as what ?
Are you indexing a website virtual root (vpath) or physical root (path) ?
Does the catalog build look OK - about the right number of documents ?
Eric
Post by May R
I have the same problem. The queries do not return any results.
I have two servers in two different networks. One server with w2k and
index server and the remote server that is a server with windows 2003.
This is the file server that I want to index.
I have the same account with the same name and password on both servers
the windows 2000 (indexing server) and the remote machine (windows 2003)
with exactly the same username and password.
With the two servers with w2k the queries were OK but now the queries do
not return any results.
Thank you
May
May R
2007-03-29 12:04:02 UTC
Permalink
The servers are in two diferent networks between a firewall, but when i had
the two servers with windows 2000 the index server was fine. The problem
appear when i change the remote server to windows 2003

thanks
Post by Gang_Warily
PS
Does the user doing the search have rights to access the files ?
How are the servers related - both members of the same domain ?
Eric
Post by Gang_Warily
Hi May
What queries ?
What do you mean by "UNC Files " - on another server ?
I think you mean your catalog & search process are on a windows 2000 server,
accessing files to be searched on a different server with Windows 2003.
"same problem" - same as what ?
Are you indexing a website virtual root (vpath) or physical root (path) ?
Does the catalog build look OK - about the right number of documents ?
Eric
Post by May R
I have the same problem. The queries do not return any results.
I have two servers in two different networks. One server with w2k and
index server and the remote server that is a server with windows 2003.
This is the file server that I want to index.
I have the same account with the same name and password on both servers
the windows 2000 (indexing server) and the remote machine (windows 2003)
with exactly the same username and password.
With the two servers with w2k the queries were OK but now the queries do
not return any results.
Thank you
May
Loading...