Strange one. Just installed a new AD domain with Windows 2003 Servers. Windows 2003 domain controllers can access each other via unc path but not other machines (Win2003 member servers, Win2K, WinXP). Message - "\\<machine-name> is not accessible. You might not have permission to use this network resource. The account is not authorized to log in from this station". Assume this is to do with a default security policy (or similar) but can't see any relevant setting to change. Any thoughts appreciated.

Are all computer accounts located in AD? Can you make a mapping with one of the W2K machines with help of the net use command? Net use x: \\computername\c$ /user:username password (use the local administrator account of the W2K machine) Try to rejoin the domain from a W2K machine and look for an error message.

We have to stick out that the "net use" command MAY be executed every time that you log on than acces the resource. See you! Milton Matos

All the machines are in the same domain (it is a single domain). The domain was upgraded from NT4 (we are currently in mixed mode). Net use is not working either - "The account is not authorised to log in from this station". I get this on all DCs trying to access non-dc machines (workstations and member servers). However, DCs can access each other and non-DCs (workstations and member servers) can access DCs. It is as if the DC are in their own security group which allows them to access each other but not any non DC machine. Could this be the case?

Is the domain working; are all computers part of the domain? Are DNS and WINS running correctly? Is there a domain group policy active? Logon to one of the clients and run gpedit.msc. Look under computer configuration\windows settings\security settings\local policies\user rights assignment. Look for the setting “access this computer from the network”

All computer are part of the domain, and DNS and WINS appear to be working correctly. Everything looks fine other than domain controllers can not connect (either via My Network Places or a UNC path) to a non-domain controller. You can see all the machines in My Network Place but can only browse to other Domain Controllers, not Workstations or member servers. There are no policies in place other than the default policies. The local policy setting "access this compuer from the network" is set to allow "Everyone".

I have this very same problem. It is driving me crazy. I have looked at those registry settings as well. I thought at first maybe it was a problem with the administrative shares not being setup right or something on the clients, but they are. I can go to a client machine and access the admin share from another client machine and when it asks me for credentials I use the domain\administrator as the user and supply the pass and it works fine, so I know the domain admin can access the shares on the computers. I have looked at firewalls too, thats not the issue. I think this is an SBS 2003 server issue.