Link to home
Start Free TrialLog in
Avatar of dsbahr
dsbahr

asked on

"Login Failure: The target account name is incorrect." when accessing server from within Active Dir.

I have a multi-site network with Active Directory to provide globel security and access between corporate and 7 branch locations.  Yesterday some users in one of the branch locations were no longer able to access the server at the corp office (but could locally).  They could browse the local network, and the corporate network, and access all other servers, clients, etc. EXCEPT one server - which is of course the primary server at the corp location.  

This same symptom has now spread and appears to have replicated to all branch offices.

Other items to consider:
This is not limited to a user account - even the Domain\Administrator account can not connect from the branch to the corp server.
BUT - all accounts/PC's at the corporate office are not affected - i.e. they can access all resources corp wide.
BROWSER based only (it seems) as I can specify the ip address in place of the share name, and everything connects just fine. (example:  \\server\share  will not work but  \\xx.xx.xx.xx\share will work).

I feel certain this has to deal with Active Dir and trust or replication - but do not know of anything that changed in the last week+.

Any insight is, of course, greatly appreciated.
ASKER CERTIFIED SOLUTION
Avatar of binary_1001010
binary_1001010
Flag of Singapore image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
for point 2: you have to do it on another server or workstation.
Avatar of dsbahr
dsbahr

ASKER

I neglected to mention that the primary fileserver in question, is also the domain controller.

I have never demoted a domain controller out of a domain, so am not sure what the implications are.

It does seem that the question of duplicate names may be on the right track...
if the file server is a domain controller, you can't disjoin it. don't even try to.  What you can do now is to do a nbtstat on another server or workstation :

nbtstat -a server name
nbtstat -A server ip address
nbtstat -c
nbtstat -n

Hope these help.
Avatar of dsbahr

ASKER

This is the output from my workstation:

Node IpAddress: [172.18.xxx.xxx] Scope Id: []

           NetBIOS Remote Machine Name Table

       Name               Type         Status
    --------------------------------------------
    ServerA          <00>  UNIQUE      Registered
    ServerA          <20>  UNIQUE      Registered
    Domain            <00>  GROUP       Registered
    Domain            <1C>  GROUP       Registered
    Domain            <1B>  UNIQUE      Registered
    Domain            <1E>  GROUP       Registered
    Domain            <1D>  UNIQUE      Registered
    ServerA             <03>  UNIQUE      Registered
    INet~Services   <1C>  GROUP       Registered
    ..__MSBROWSE__.<01>  GROUP       Registered
    IS~Server.....<00>  UNIQUE      Registered

MAC Address = 00-C0-9F-22-61-E5

From this it appers that "server" is listed 3 times.  When I check from workstation located at branch offices to this same server I also get 3 listings - identical output.  ALSO, when I query the local server name I get simalar - but not quite the same.  Specifically there are only 2 listings:

Node IpAddress: [172.18.xxx.xxx] Scope Id: []

           NetBIOS Remote Machine Name Table

       Name               Type         Status
    ---------------------------------------------
    ServerB           <00>  UNIQUE      Registered
    ServerB           <20>  UNIQUE      Registered
    Domain            <00>  GROUP       Registered
    Domain            <1C>  GROUP       Registered
    Domain            <1E>  GROUP       Registered
    Domain            <1D>  UNIQUE      Registered
    ..__MSBROWSE__.<01>  GROUP       Registered
    INet~Services   <1C>  GROUP       Registered
    IS~ServerB..... <00>  UNIQUE      Registered

    MAC Address = 00-C0-9F-29-66-C5

Thoughts???
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
as long as there is no "conflict" in nbtstat, you are fine. Like what godfather said, try it on the user workstation(the site that having the problem), not your workstation.  You can always ask the user to try, just ask them to read out if there is "conflict".

It will usually look like this.


ServerB           <00>  CONFLICT      Registered
ServerB           <20>  UNIQUE      Registered
Domain            <00>  GROUP       Registered
Domain            <1C>  GROUP       Registered
ServerB           <20>  CONFLICT      Registered
Domain            <1E>  GROUP       Registered
Domain            <1D>  UNIQUE      Registered
..__MSBROWSE__.<01>  GROUP       Registered
INet~Services   <1C>  GROUP       Registered
IS~ServerB..... <00>  UNIQUE      Registered
try to find the time difference if any is there, i mean there is a problem that time is diffreent on other servers then the main server.if that happends then u have to set this up. and check the gateway.and dns suffex .
also check that ur word files or excel files r showing ok on net work.if they r not then its a bug try to find the removal.
and also try to install the workstation any one, by using other name of workstation,and if u can change the ip address it will be ok, also try to remove the older name of that machine which u r to take on the domina again
This problem doesnt appear to have been resolved and we have exactly the same fault and have tried all the above. Additionally we are finding similar faults occuring with all our 2003sbs clients any further suggestions?

Additional info: It is the workstations discrete secure channel password which seems to be failing, this occurs every 30 days.
I have performed all nbtstat tests and had no conflict displayed , but still getting same error as above. any help on this would be appreciated

I have had this same problem occur on our Co. network, but with only 1 workstation trying to access a printer on another workstation.

I tried nbstat on all systems, and it appears not to be installed.

I can connect and use resources on the target system after it has been idle for the weekend. (I am guessing a security certificate of some sort ... ?)

Then, like this morning, the target system suddenly locks all other users out of shared resources.

Help?
Avatar of dsbahr

ASKER

Dear all (who continue to have this problem);

I have had this problem re-appear once or twice in isolated areas.

In every case the prblem seems to be based around the netbios naming - which is dependant on DNS.  DNS is CRITICAL that it points to the local act. dir. server, and that the DNS in the server points to itself FIRST, and then to another/primary Act. Dir server.

Make sure the client DNS settings only point to the local server, NOT to any outside dns services, and that the client registers its own name with the dns server.

Then, provided the act. dir replication is working (again, based on correct DNS settings - self first, then master or othere, NO outside) then everything seems to work just fine.

I hope this helps!!!

-dan
After struggling with this same issue for several hours I came across this MS KB article:

http://support.microsoft.com/kb/325850

I had the additional symptom that the DHCP server installed on that DC (which was working in the past), was now showing up as unauthorized. Any attempts to authorize it would fail.

Apparently the communication between domain controllers in 2 sites were having a problem.
The article describes using:

netdom resetpwd /s:{server} /ud:{domain\User}  /pd:*

This resets the intersite Kerberos password that apparently got out of sync on one of my DCs.

Be sure to stop the KDS service before using the above command. (described in the article)
You will need to reboot after running.

Seemed to solve all my issues.