"net use" over SSL fails if port 443 is not specified
We are trying to connect to a WebDAV server using network over SSL. On some servers, we see an issue where this connection will be successful if we specify port 443 in the URL.
Does the card have
net use * "https://example.com:443/folder"
net use * "\\example.com@SSL@443\folder"
and, oddly enough, does the following:
net use * "\\example.com@SSLasdf\folder"
Not a card
net use * "https://example.com/folder"
net use * "\\example.com@SSL\folder"
In non-working cases, we consistently receive the following error:
System error 67 has occured.
The network name cannot be found.
We've noticed some things that might be useful information:
- We have a test server that is configured the same as the prod server and works as expected.
- In non-working cases, no incoming requests from the host server appear on the prod server.
- All clients are based on the same image.
- The problem does not manifest itself evenly on all clients - some work, some not.
- The client's DNS cache has an existing, valid entry for example.com.
- Clearing the client DNS cache of the affected servers does not resolve the issue.
- Once the problem appears, it seems to stick. That is, if I do one of the working mappings, delete it, and then immediately do one of the non-working mappings, the problem persists.
We are completely dead ends. Any theories?
source to share
We ultimately determined that we were misinterpreting the System Error 67
returned net use
. We found two interesting things:
-
If WebDAV or 50x 404 returns to the initial, the root folder
PROPFIND
,net use
will (correctly) interpreted this as inaccessible root folder. The fact that he says the network name cannot be found allows us to believe that the problem is with name resolution, but in reality it just says, "Hey, I couldn't find anything along the way." -
If "network usage" crashes due to 404 / 50x, it looks like it will automatically discard any additional mappings for the same host for a short period of time without issuing a request. For example, if it
net use http://me.com/foo
returns 404, itnet use http://me.com/bar
will crash instantly if it is made with the fast sequence of that first call and there is no record of the request in the WebDAV server logs.
My best guess is that adding the port @443
made no real difference. What he may have been doing was to cheat into net use
believing that he was talking to another host, at least for the purposes of his auto-opt-out feature. But that's just speculation.
source to share
You see different types of behavior because you use different names. After the name has been attempted and not followed, the WebClient (which is the service that enables WebDAV) will cache the response for a period. To clear the cache, find the WebClient service in the Services console and restart it. Or run the following command from the admin command line:
net.exe stop webclient && net.exe start webclient
source to share