Tech: Microsoft Shared Fax Service
Platform: Windows Small Business Server 2003
Gotcha: Trust Relationship between computer and server

I have this love/hate relationship with Microsoft’s products. They do some things extremely well, but it seems all too often the I get a glimpse of the dark side and it scares the hell out of me. With every iteration of Microsoft software, the user interface seems to get more and more abstract, yet the underlying processes don’t change in any significant way. I know there are exceptions, but when I lose functionality I regularly use because the UI changed, it tends to piss me off. Hence my obsession with the command prompt.

Yesterday, I was tasked with installing fax sharing on a small network running SBS 2003. It sounds easy enough and the installation should have been completely routine. All of the workstations were running Windows XP Pro except one with Windows 2000. I launched the wizard on the server to enable the fax service and install a shared fax printer. So easy. I was already planning my next service call as I started making my rounds to configure the workstations.

Right away, I ran into a slight glitch. One workstation had the fax service already installed and connected to local modem that no longer existed. Deleting the Fax printer flat out didn’t work. The status stayed at “Deleting” despite several reboots. I finally uninstalled the service completely, rebooted again for good measure, and then reinstalled it. One down, four to go.

The next three went smoothly. The two XP Pro machines required a CD since the install image wasn’t available on C:. Fortunately, this office actually organizes their media and I had no trouble locating the CD. The Windows 2000 computer – piece of cake. I had these three machines done in about 20 minutes with nary a hiccough or senseless reboot.

Last machine – this computer is used by the one person in the office who actually uses his computer regularly. He primarily runs Autocad and Office. Ruh roh! XP Pro isn’t fully patched and is still running Service Pack 1. So, off to Windows Update I go to download SP2. 30 minutes later, it’s downloaded and installed. I reboot and login to the network to install the client fax service. I marvel at how SP2 lets me login in under a minute instead of the customary three minute wait while the server downloads the profile. The warm glow of imminent success turns into sudden annoyance when I try to connect the shared printer for the fax. \\server\fax is not available.

I decided to browse for it. A half a dozen clicks later, I see that this computer is all alone on the network. It’s as if the workstation was suddenly transported into the middle of a black hole. Time distortion jokes aside as I wait for the attempted server connection to timeout, I contemplate my options. First things first, I decide that I may as well finish patching the OS, so I rerun Windows Update (yes, my black hole is still Internet connected). At least I know the problem is server/domain related now. I get the next batch of updates, reboot, lather, rinse, repeat.

When I no longer have critical updates to install, I try again. Nothing. “The network is unavailable.” “\\server\fax does not exist”

I decide to head for familiar ground – {Flag}-R CMD {Enter}. An anemic little, black window pops up begging for input. I resize it to make it readable and type NET VIEW. One workstation found. I decide to go for it – NET USE Z: \\SERVER\DATA. Trust relationship between computer and domain corrupted (I’m paraphrasing the message). At least now, I have an error message to deal with.

Google wasn’t much help this time. I found two message threads with the same error that were unanswered.

Now, I get paid by the hour, but there are some days that I just need for things to go smoothly. This happened to be one of them. My wife and I happen to be sharing a car this week and I had it. Meanwhile, our daughter was riding the schoolbus home for the first time and someone needed to be there to meet her. Needless to say, I wasn’t totally focused on the problem at hand.

At the server, I logged in as administrator and started navigating the directory tree. Under computers, I deleted the one in question. No help. Back at the workstation, I decided to login locally and rename the computer. I logged out and then logged in locally as administrator. I renamed the computer, rebooted it and tried again. No help.

By now, I was 40 minutes behind schedule and decided I had to go. I asked if I could call in to continue troubleshooting by telephone. My next step was to log in to the workstation again as administrator and take it out of the domain. I had the customer change the login from domain to workgroup and edit the workgroup name to ‘workgroup.’ At this point, the computer asked for a login to authorize the change. The local administrative password wasn’t enough. I had the customer try the server administrator login and it took it.

Whiskey
Tango
Foxtrot

I’m now completely befuddled. The login works to authorize leaving the domain, but the domain and all computers in it are invisible. Maybe it’s cached? Regardless, one more reboot later I’m still lost. I decided to go ahead and get back on the domain since this test appeared to be a deadend. Two steps back, one step forward and we’re rebooting again and logging back into the domain (and yes, it did require a password from the server before I could rejoin the domain).

Now, here’s the weird part. It works. I don’t know why the PDC decided to start trusting the computer again, but there it is. The customer was able to login to the domain using both the administrator and his user accounts. I wish I knew why it works, but there it is.