taverny
asked on
I can't open a network file by the name but I can by the IP
Hi Experts,
I have been looking for 2 days trying to figure out this problem.
it started with my service provider changing our static IP for no reason , so I had to modify the dns ( on my DC windows 2003) to point to the new forwarders, so of course an easy way was to point the preferred DNS server on my network card to the router. which worked fine, then I recently switch back the DNS on the network card back to its own ip and I updated the forwarder again. Anyway, here is the problem: I logged off from a workstation and I couldn't log back in even with administrator password. I could only log into the local computer. so I changed the domain to a workgroup. delete the computer from active directory and rejoin the domain, then I was able to log back in but for some reason when I type \\obt ( the name of my server domain ) it give me the error below , but if I type the IP of my server. it works fine. I went to another workstation and same things , so I had to rejon the domain for all workstation and now then can only access the server from the IP . how can I fix this annoying problem.
Thanks.
David
Here is the message:
"\\obt is not accessible. you might not have permission to use this network resource. contact the administrator of this server to find out if you have access permissions.
Logon Failure: the target account name is incorrect"
I have been looking for 2 days trying to figure out this problem.
it started with my service provider changing our static IP for no reason , so I had to modify the dns ( on my DC windows 2003) to point to the new forwarders, so of course an easy way was to point the preferred DNS server on my network card to the router. which worked fine, then I recently switch back the DNS on the network card back to its own ip and I updated the forwarder again. Anyway, here is the problem: I logged off from a workstation and I couldn't log back in even with administrator password. I could only log into the local computer. so I changed the domain to a workgroup. delete the computer from active directory and rejoin the domain, then I was able to log back in but for some reason when I type \\obt ( the name of my server domain ) it give me the error below , but if I type the IP of my server. it works fine. I went to another workstation and same things , so I had to rejon the domain for all workstation and now then can only access the server from the IP . how can I fix this annoying problem.
Thanks.
David
Here is the message:
"\\obt is not accessible. you might not have permission to use this network resource. contact the administrator of this server to find out if you have access permissions.
Logon Failure: the target account name is incorrect"
HDSportster08
you need to somehow get into the admin account and go to your main DNS gui. Once there clear the DNS cache and reboot the server. That should take care of it, it is holding the old DNS info in cache, trust me I have been down that route.
ASKER
you think it's only a DNS issue?
I can't reboot now , I will have to wait tonight.
I can't reboot now , I will have to wait tonight.
I would say it is holding that in its cache, there is a part in there that will allow to you click the button and clear the cache. Clear the cache and then try to get in the machine, it might not even require a reboot. Let me know how that works.
ASKER
I cleared the cache on the user and also on the server and also restarted the DNS and still nothing.
so the first way it worked fine, and how it doesn't? I think I am confused, you said you just updated the ip first and it worked, but now you have done something different?
ASKER
no I just said that if I type \\192.168.0.5 It shows me the folders but if I type \\obt I get the error message.
server name : obt = 192.168.0.5
server name : obt = 192.168.0.5
do you get an error or just no permission? And is the DNS server pointed to itself?
ASKER
this is the message that I get:
------------------
"\\obt is not accessible. you might not have permission to use this network resource. contact the administrator of this server to find out if you have access permissions.
Logon Failure: the target account name is incorrect"
-------------------
and yes the DNS server point to itself. I think it's coming from a security somewhere
------------------
"\\obt is not accessible. you might not have permission to use this network resource. contact the administrator of this server to find out if you have access permissions.
Logon Failure: the target account name is incorrect"
-------------------
and yes the DNS server point to itself. I think it's coming from a security somewhere
sounds like you changed the domain name or you might have to rejoin all the machines to the domain now that the dns changed.
ASKER
I have rejoin some of the machine , still no luck.
I want to make sure ,
to rejoin I go on the machine itself , remove the domain name and put workgroup instead.
reboot the machine and then rejoin the domain.
Right?
I also deleted before rejoining the domain , the name of the computer from the computers folder under Active directory.
but what is weird is when I recreate the join the name doensn't come back there.
I want to make sure ,
to rejoin I go on the machine itself , remove the domain name and put workgroup instead.
reboot the machine and then rejoin the domain.
Right?
I also deleted before rejoining the domain , the name of the computer from the computers folder under Active directory.
but what is weird is when I recreate the join the name doensn't come back there.
yes that is the procedure, but just try it with one, if it works then do all of them. I am assuming you don't have like 200 machines or something you would have to do this to?
ASKER
I have already try with one machine , and the problem still occurs.
ASKER
just want to make sure , how do you put your domain to point to itself?
well lets say you have the following DNS ips, 192.168.0.5 and 192.168.0.6
You would have server 1 pointing to 192.168.0.7 (it's local ip)
and then 192.168.0.5 for the DNS. or vice versa
If I remember correctly that is the way I did it.
You would have server 1 pointing to 192.168.0.7 (it's local ip)
and then 192.168.0.5 for the DNS. or vice versa
If I remember correctly that is the way I did it.
ASKER
I understand the concept but where do you enter this?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
ok, so yes it's correct , the ip of the dns is setup for the network card. so it's something else
[qoute]I had to modify the dns ( on my DC windows 2003) to point to the new forwarders, so of course an easy way was to point the preferred DNS server on my network card to the router[/quote]
I think your issue lies in the above comment. The easy way or the correct way? You need to only modify the ip addresses that changes, sometimes the DNS does not change, just the static ip.
I think your issue lies in the above comment. The easy way or the correct way? You need to only modify the ip addresses that changes, sometimes the DNS does not change, just the static ip.
ASKER
it's not there , I think the problem comes from a security issue
impossible if you did not change anything. Only you know what you did, trace your steps. Going home for the day. Good luck.
Hi,
Just a question.
Technically going \\obt would be using the netbios domain name not the dns name.
If you open a command prompt from a workstation
ping obt - What address resolves? Any?
ping obt.doman.local (Your fully qualified domain name) - what address resolves?
You can access your server via ip address. Can you access it by \\obt.domain.local (its fully qualified domain name?)
I am assuming your machines local dns settings are point to your dns server as you were able to join the domain?
Just a question.
Technically going \\obt would be using the netbios domain name not the dns name.
If you open a command prompt from a workstation
ping obt - What address resolves? Any?
ping obt.doman.local (Your fully qualified domain name) - what address resolves?
You can access your server via ip address. Can you access it by \\obt.domain.local (its fully qualified domain name?)
I am assuming your machines local dns settings are point to your dns server as you were able to join the domain?
ASKER
ok I did
ping obt I get the 192.168.0.5
I did ping obt.obt.local and get the same thing
the ip of the server is the correct one
yes I can access the server from the ip address and also from \\obt.obt.local
you see now it's working fine. I didn't touch the computer for awhile and now if I type \\obt it works ,
If I log off and log back in I am still good , but if I reboot the computer and try to log in I get the error message windows cannot connect to the domain, either the domain controller is down or otherwise unavailable ...
so I have to log locally change to workgroup , reboot and rejoin the domain , and then I can log as a network user , but the file can't still be pulled by typing \\obt
I am actually gonna reboot the machine now to rejoin the domain
ping obt I get the 192.168.0.5
I did ping obt.obt.local and get the same thing
the ip of the server is the correct one
yes I can access the server from the ip address and also from \\obt.obt.local
you see now it's working fine. I didn't touch the computer for awhile and now if I type \\obt it works ,
If I log off and log back in I am still good , but if I reboot the computer and try to log in I get the error message windows cannot connect to the domain, either the domain controller is down or otherwise unavailable ...
so I have to log locally change to workgroup , reboot and rejoin the domain , and then I can log as a network user , but the file can't still be pulled by typing \\obt
I am actually gonna reboot the machine now to rejoin the domain
ASKER
ok , I just thought about what I did yesterday that might cause the issue.
we have a webser that I took down for cleaning and didn't plug it for 3 wweks at least , I plugged it yesterday , and this one also can't access the file of the domain controller. but when I am looking at the manage your server , I see that this server is also a domain controller (active directory). could may be the 2 server are getting out of sync , and cause trouble between each other?
we have a webser that I took down for cleaning and didn't plug it for 3 wweks at least , I plugged it yesterday , and this one also can't access the file of the domain controller. but when I am looking at the manage your server , I see that this server is also a domain controller (active directory). could may be the 2 server are getting out of sync , and cause trouble between each other?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
ok,
I did what you said . in the meantime before your had post I had look at the webserver that is the other secondary/backup domain.
this server was pointing to the router for the DNS in the network card instead of the obt, so I changed that and rebooted and now this one works fine.
ok, back to the workstation : for the the logonserver I had \\webserver ( that's weird)
so I rebooted and now it says for the logon screen \\obt
and I am able to see obt as well.
well it seems that now it's working. now I can see the name of the computer in the computer folder of the active directory , everytime I was joining back the domain, the name of the computer was not comming in
i will reboot the computer again , just to see if it still keeps the setting,
so you think the second server was the trouble?
I did what you said . in the meantime before your had post I had look at the webserver that is the other secondary/backup domain.
this server was pointing to the router for the DNS in the network card instead of the obt, so I changed that and rebooted and now this one works fine.
ok, back to the workstation : for the the logonserver I had \\webserver ( that's weird)
so I rebooted and now it says for the logon screen \\obt
and I am able to see obt as well.
well it seems that now it's working. now I can see the name of the computer in the computer folder of the active directory , everytime I was joining back the domain, the name of the computer was not comming in
i will reboot the computer again , just to see if it still keeps the setting,
so you think the second server was the trouble?
just like I stated above, check both NIC cards for the ip and dns addresses. The server and the DNS controller.
ASKER
I didn't know that the webserver was also a secondary Domain Controller. So when I plugged back my secondary DC I guess some of the users tried to get authenticated with the webserver, which they probably did , but since the webserver was not able to talk with the DC (primary) , it then took all the workstations with him away from DC 1.
Well I am happy it is resolved . my only concern is some of the users still have as the logonserver: \\webserver.
so I don't know what can happen if the webserver goes down, and the user need to log into the domain. would they automatically find the other Domain controller or would they just fail to logon.
I am also confused with the way that 2 domain controller are implemented , I thought that every user would connect to DC 1 and if this one is down then they would connect to DC 2 , but I guess it's not the case , they connect to either one.
Well I am happy it is resolved . my only concern is some of the users still have as the logonserver: \\webserver.
so I don't know what can happen if the webserver goes down, and the user need to log into the domain. would they automatically find the other Domain controller or would they just fail to logon.
I am also confused with the way that 2 domain controller are implemented , I thought that every user would connect to DC 1 and if this one is down then they would connect to DC 2 , but I guess it's not the case , they connect to either one.
well this might be a stupid question, but you do know that when you reboot servers DC1 needs to come up first, then DC2 and then the server right?
ASKER
that's not a stupid question . no I didn't know . I thought it didn't matter, I only reboot server whenever I need to.
So basically,if I have 3 servers ( DC1, DC2, and a SQL server) and I am doing an update to SQL that requires reboot. I need to shutdown SQL , then DC1 and DC2 , then start DC1 , then DC2 and then SQL?? I cannot just reboot SQL?
So basically,if I have 3 servers ( DC1, DC2, and a SQL server) and I am doing an update to SQL that requires reboot. I need to shutdown SQL , then DC1 and DC2 , then start DC1 , then DC2 and then SQL?? I cannot just reboot SQL?
yes you can just reboot sql. If you only normally need to reboot the main server then you can do that without rebooting the DC's. However, should one of the DC's ever go down or need to be rebooted, ALL must be rebooted in that order. Just remember that or you will be chasing problems that are not there and are caused by the wrong reboot order.
Now when I say reboot I don't mean just push button one two and three. I mean let DC1 come up FULLY, then DC2 come up FULLY then the main server.
Now when I say reboot I don't mean just push button one two and three. I mean let DC1 come up FULLY, then DC2 come up FULLY then the main server.
ASKER
ok, I understand the server needs to be up and running before I can turn the other one in the proper order.
now another question , If I need to reboot dc1 only because of an update , I still have to reboot DC2 and the other one?
now another question , If I need to reboot dc1 only because of an update , I still have to reboot DC2 and the other one?
yes you do, anytime one of the dc's need rebooting you need to shut them all down and reboot in that order. Usually when I used to do it I would remote in to DC1, reboot. Then wait for it to come up and remote to DC2 reboot, then wait and remote to the server and reboot. You can do that as well if you are not on site.
ASKER
ok, well thanks for the advice.
now another question , If I need to reboot dc1 only because of an update , I still have to reboot DC2 and the other one?
I dont think you would have to reboot all your DC's if you wanted to reboot DC1. Just reboot DC1.
I dont think you would have to reboot all your DC's if you wanted to reboot DC1. Just reboot DC1.
but on top of that, if you reboot DC1 only, you will still have to reboot the server.
ASKER
I think I don't even need to reboot the other server. I have at another location a DC1 and a SQL Server, I often rebooted the DC1 without rebooting the SQL and everything was fine.
I can't imagine that google have to reboot all the server if they have to update only one of their DC , no?
I can't imagine that google have to reboot all the server if they have to update only one of their DC , no?
"I didn't know that the webserver was also a secondary Domain Controller. So when I plugged back my secondary DC I guess some of the users tried to get authenticated with the webserver, which they probably did , but since the webserver was not able to talk with the DC (primary) , it then took all the workstations with him away from DC 1."
you already answered this. When you do it the way you are talking about it screws up everything, so you do what you want, but it is gonna hurt, lol.
you already answered this. When you do it the way you are talking about it screws up everything, so you do what you want, but it is gonna hurt, lol.
ASKER
Thanks guys for your help