Environment
Novell NetWare 6.5
Novell Client for Windows 2000/XP/2003 4.91 Support Pack 2
TrendMicro OfficeScan Corporate Edition (OSCE) 7.3 Support Pack 1
Novell Client for Windows 2000/XP/2003 4.91 Support Pack 2
TrendMicro OfficeScan Corporate Edition (OSCE) 7.3 Support Pack 1
Situation
Symptoms:
LOGIN-LGNWNT32.DLL-470: The Specified drive mapping is an invalid path.
LOGIN-LGNWNT32.DLL-923: An unexpected error has occurred: 15 (8819).
LOGIN-LGNWNT32.DLL-870: An unknown error was returned during LOGIN's attempt to attach.
Error Code: 8819
LOGIN-LGNWNT32.DLL-440: The operation was attempted on an invalid drive.
LOGIN-LGNWNT32.DLL-430: The following drive mapping operation could not be completed.
[...]
The error code was 8819.
LOGIN-LGNWNT32.DLL-740: This utility could not execute external program [...]
Changes:
After the installation, or an update, of the TrendMicro OfficeScan Corporate Edition (OSCE) 7.3 client for Windows, the workstations starts to experience intermittent login problems.
The login process fails or does not complete properly giving errors on drive mapping operations and/or other login script commands.
LOGIN-LGNWNT32.DLL-470: The Specified drive mapping is an invalid path.
LOGIN-LGNWNT32.DLL-923: An unexpected error has occurred: 15 (8819).
LOGIN-LGNWNT32.DLL-870: An unknown error was returned during LOGIN's attempt to attach.
Error Code: 8819
LOGIN-LGNWNT32.DLL-440: The operation was attempted on an invalid drive.
LOGIN-LGNWNT32.DLL-430: The following drive mapping operation could not be completed.
[...]
The error code was 8819.
LOGIN-LGNWNT32.DLL-740: This utility could not execute external program [...]
Changes:
After the installation, or an update, of the TrendMicro OfficeScan Corporate Edition (OSCE) 7.3 client for Windows, the workstations starts to experience intermittent login problems.
The login process fails or does not complete properly giving errors on drive mapping operations and/or other login script commands.
Resolution
None, the problem was reported to Trendmicro. Please verify that
uninstalling the TrendMicro OSCE 7.3 client fix the issue, and if
so, then contact Trendmicro to report the symptoms you are
experiencing and asking for support.
Workarounds:
- Uninstall the TrendMicro OSCE 7.3 client;
- In some cases roll back the last TrendMicro OSCE update installed was enough to fix the issue.
Workarounds:
- Uninstall the TrendMicro OSCE 7.3 client;
- In some cases roll back the last TrendMicro OSCE update installed was enough to fix the issue.
Additional Information
Capturing and analyzing a lan trace of the communications occurring
between the workstation and the NetWare server the following
pattern was found:
[...]
Client PC ‑‑ TCP SYN ‑‑> Server
Client PC <‑‑ TCP ACK ‑‑ Server
... Approximately 3 second time delay ...
Client PC ‑‑ TCP SYN ‑‑> Server
Client PC <‑‑ TCP ACK ‑‑ Server
... Approximately 6 second time delay ...
Client PC ‑‑ TCP SYN ‑‑> Server
Client PC <‑‑ TCP ACK ‑‑ Server
[...]
The root cause is the firewall portion of TrendMicro OSCE client that classify some of the packets received from the NetWare server during the login sequence as malformed or malicious, these packets are dropped before being processed from the workstation and therefore the server never gets any reply to them, being not able to complete the TCP/IP handshake.
[...]
Client PC ‑‑ TCP SYN ‑‑> Server
Client PC <‑‑ TCP ACK ‑‑ Server
... Approximately 3 second time delay ...
Client PC ‑‑ TCP SYN ‑‑> Server
Client PC <‑‑ TCP ACK ‑‑ Server
... Approximately 6 second time delay ...
Client PC ‑‑ TCP SYN ‑‑> Server
Client PC <‑‑ TCP ACK ‑‑ Server
[...]
The root cause is the firewall portion of TrendMicro OSCE client that classify some of the packets received from the NetWare server during the login sequence as malformed or malicious, these packets are dropped before being processed from the workstation and therefore the server never gets any reply to them, being not able to complete the TCP/IP handshake.