Logon failure: The target account name is incorrect.

Topology : WINDOWS 2003 SBS SERVER DOMAIN MASTER AND A WINDOWS 2000 SERVER MEMBER

ACTIVE DIRECTORY REPLICATION / DNS / FRS / EXCHANGE 2003 /

WE HAVE HAD A WORKING NETWORK FOR OVER SIX MONTHS BUT NOW HAVE PROBLEMS WHERE USERS CANNOT LOGON TO THE DOMAIN.

THEY TRY TO LOGON AT THERE USUAL MACHINE AND GET ERROR MESSAGE THE DOMAIN CONTROLLER IS EITHER UNAVALABLE OR NOT RESPONDING OR YOUR COMPUTER ACCOUNT DOES NOT EXIST ON THE DOMAIN.... THIS IS HAPPENING TO ALL THE WORKSTATIONS ONE BY ONE.

NEXT : IN MY NETWORK PLACES WHEN YOU DOUBLE CLICK THE COMPUTER THAT THE USER IS TRYING TO LOG ON FROM
YOU GET AN ERROR MESSAGE:   CLIENTxx IS NOT ACCESSIBLE:  LOGON FAILURE:THE TARGET ACCOUNT NAME IS INCORRECT.

EVENT ID 5722 IS SEEN AT THE DOMAIN CONTROLLER AND WE HAVE SOURCED THE MICROSOFT ID RESOLUTION.

what we think it is : is that the secure channel password on the computer account has expired and cannot for some reason be refreshed.....#

What we have done....  We had to remove the computer account from active directory and remove the local machine from the domain ... give it a new name and connect to the domain ... hey presto all back....

OUR PROBLEM is THAT  THE PRIMERY DOMAIN CONTROLLER HAS DONE THE SAME THING AND SERVER TWO CANNOT CONNECT TO IT WITH ACCESS DENIED. ( YOU CANNOT CHANGE ITS NAME )

WE CANNOT \\SERVER1\ANY SHARE

WE CAN \\192.168.0.2 \ANY SHARE

THE 2ND SERVER CANNOT REPLICATE ACTIVE DIRECTORY \ FRS \ DNS \ SHARE DATA ETC ... WITH EVENT ID 5722

WE HAVE RUN DC DIAG ON SERVER1 ALL OK
WE HAVE RESET THE SERVER PASSWORDS ON SERVER1 AND SERVER2 USING NETDOM WITH SUCCESS

WE HAVE RUN DCDIAG ON SERVER 2 AND IT SAYS

SERVER1 IS THE SCHEMA OWNER BUT NOT RESPONDING TO DS RPC
 "          "                "           "         "     "         "               TO LDAP
SERVER1 IS THE DOMAIN OWNER  BUT NOT RESPONDING   TO DS RPC
"             "                "         "          "                 "               TO LDAP

AND IT GOES ON SAYING THAT ACCESS IS DENIED....

I THINK THIS IS A MICROSOFT ACTIVE DIRECTORY COMPUTER CONTAINER PROBLEM AND HAVE SEEN OTHER REQUESTS LIKE THIS ON THE NET ... ANY ONE FOUNDS A SOLUTION?

MANY THANKS
barnsleybenAsked:
Who is Participating?
 
Netman66Commented:
Use NETDOM to reset the secure channels of each server.

http://support.microsoft.com/default.aspx?scid=kb;en-us;216393&Product=win2000

If this is truly the issue, then the above article should do it.

0
 
John Gates, CISSPSecurity ProfessionalCommented:
Also insure that DNS is properly configured and that a forward zone exists for your domain.

D
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.