Inherited a PDQ Environment, Lots of Connection Errors
I've inherited a PDQ server (Deploy and Inventory) and I've been trying to absorb as much information on this software as I can. I want it to be our go-to for installing forward, but there is a lot I need to learn first.
To clarify our situation, we about 700 employees some of which are working from home and connecting via SonicWall NetExtender to our MPLS connected network in order to access files (stored offi-site). We're spread across 40 locations but everyone is connected via MPLS.
PDQ has been setup for a while but left dormant for months. Looking at this for the first time, we have 825 recognized computers. I created a Dynamic Collection to show only computers that are not using VPN (based on IP). This works fine and in the resulting list of 693 non-remote workstations, a bunch of them have different errors. The description for them hasn't help me figure out what is wrong. Here are a few:
"The specified network name is no longer available" x1
"The network path was not found" x13
"Target requires reboot to complete .Net installation" x1
"Service manager logon failure" x1
"ReturnCode cannot be null" x1
"NTLM: Target computer name mismatch" x2
"Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again." x4
"Kerberos: The target account name is incorrect" x68
"Failed to write file on target" x29
"Failed to connect to the service manager" x1
"Could not Wake on LAN" x3
Where do I begin?
-
If you click on the blue question mark next to each error, it should open a window that contains a link to a KB.
Some of those errors are DNS related. Others look like permission issues.
https://help.pdq.com/hc/en-us/articles/220533627-Windows-Firewall-Ports-and-Exceptions
-
Thank you Colby, I watched the video and learned a lot. I've enabled three settings that I did not have enabled:
- DNS > DC01 > Advanced > "Enable automatic scavenging of stale records"
- DHCP > IPv4 > DNS > "Always dynamically update DNS records"
This was set to "Dynamically update DNS records only if requested by the DHCP clients - DHCP > IPv4 > DNS > "Dynamically update DNS records for DHCP clients that do not request updates"
Based on this, I may not see results for a week or two.
I'm reading through the Firewall article you've posted as well.
-
I believe the Windows Firewall Ports and Exceptions document needs to be updated. It refers to the location of these settings as:
"Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile"
Though it appears to have changed to:
"Computer Configuration > Windows Settings > Security Settings > Windows Firewall with Advanced Security"
See:
Edit: The entire section under "Ports and Group Policy" is inapplicable with the changed location in GPO.
-
Sorry for the multiple posts.
Now that I know where to find this, the KB says to enable "Allow inbound file and printer sharing exception". It references the "Allow unsoliciated incoming messages from these addresses" field, but does not say what should go in there, only the format to enter it.
What is this IP range supposed to represent? All devices I want accessible via PDQ?
We have different subnets for each of our (MPLS connected) locations.
Please sign in to leave a comment.
Comments
10 comments