Solved

"Logon Failure: Unknown user name or password" when trying to browse a mapped UNC drive

Posted on 2004-10-13
19
504 Views
Last Modified: 2010-03-18
Server 2003 Domain Controller running AD.
User is running Windows XP Pro SP1 with Admin rights over local machine.
75 users, no other issues except with this one user.

The problem I am having is an error message after the user logs on. The user turns on their computer, logs in using their password, but as soon as they try to click on any pathed network drives which are housed on the network they get a "Logon Failure: Unknown user name or password" error message. They also cannot sychronize their offline files because it will not accept their password.

I can log on to their computer and browse the drives with no problems. I can also reset their password and they work fine for about 30 minutes, but then the problem reappears.

Any ideas?
0
Comment
Question by:SenderoSnake
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
  • 3
  • +3
19 Comments
 
LVL 11

Expert Comment

by:cfairley
ID: 12304386
The user may be logged onto another PC or have a disconnected Terminal Server session.  If that is the case, once you change the password, it does not change it for the session or login for the other PC, which will cause access problems.
0
 
LVL 12

Expert Comment

by:valicon
ID: 12304613
It sounds like they are logging in with cached credentials.  Has anyone else tried to log on using the same machine to see if the issue was duplicated?  I would check that first.
0
 
LVL 15

Expert Comment

by:adamdrayer
ID: 12304875
you can run "net user /DOMAIN" at a command prompt which should list all the users logged on to various domain resources in order to check if cfairley is correct as I suspect he is.
0
Save the day with this special offer from ATEN!

Save 30% on the CV211 using promo code EXPERTS30 now through April 30th. The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

 
LVL 5

Expert Comment

by:abu_deep
ID: 12306021
Are winxp clients part of the domain or just working as a workgroup? Have you checked the time differences between the Win 2003 domain controller and the clients? I might guess Kerberos v5 authentication is failing or the authentication ticket is expiring and Win2k domain controller is not renewing the token so that access to share have been disrrupted. Kerberos uses local time as a variable to create authentication tokens. I think the time difference between the authenticating server and clients needs to be within 5 minutes.

If you go into Windows Explorer (or My Computer, whichever you prefer), is there a red-cross on the H: drive? If you double-click on it, I'm sure you can access the files and folders in H: drive, but does the red-cross go away when you double-click?

I've copy this from the foolowing quistion so you may have a look at :

http://www.experts-exchange.com/Operating_Systems/Win2000/Q_20657357.html
0
 

Author Comment

by:SenderoSnake
ID: 12307845
valicon:

No cashed credentials, they log on as themselves then the drives are pathed by scripts. I can log on an access them with no problems along with two other users. Its just this one user.

abu_deep:

They are pat of a domain. There are no red X's on any drives. When you click on the drive, that error message pops up. Off-line files sychronization does not work either.

I will check the time difference.
0
 

Author Comment

by:SenderoSnake
ID: 12309133
Checked the "net user /domain" with the user logged off and logged on, there was not any suspscious accounts or duplicates. The computer was sychronized with the master time clock. Any other ideas?
0
 
LVL 5

Expert Comment

by:abu_deep
ID: 12313321
Could u post the event notifications which u get on when these logon failures start occuring.:
0
 
LVL 5

Expert Comment

by:abu_deep
ID: 12313405
Based on my experience Windows XP service pack 2 might sort your probelm out..

you will find that the relevant hotfixes have been included in Windows XP Service Pack 2

http://www.microsoft.com/downloads/details.aspx?FamilyId=049C9DBE-3B8E-4F30-8245-9E368D3CDB5A&displaylang=en

This installation package is intended for IT professionals and developers downloading and installing on multiple computers on a network.
0
 

Author Comment

by:SenderoSnake
ID: 12337390
No event notifications that a logon failure has been recorded. I loaded SP2 the instant it started giving me trouble.

Its not having logon issues, it is having credintial problems. The user logs on just fine, it when he tries to use shared resources on the network that it gives him the error messages stated above.
0
 
LVL 12

Expert Comment

by:valicon
ID: 12337493
I would try removing it from the domain into a workgroup and then rejoining the computer to the domain.
0
 

Author Comment

by:SenderoSnake
ID: 12337539
valicon;

I removed his computer and disabled his user temporarly. I rejoined the domain using the Domain Admin account, used my user account to test the credentials, then enabled his user account. It still did the same thing.
0
 
LVL 11

Expert Comment

by:cfairley
ID: 12337799
I know you said that when you log on the the user's PC, everything is fine.  Do you get the same result when the user logs on to another computer.  Also, I would delete the user's local profile, reboot, then try again.

Thanks,
0
 

Author Comment

by:SenderoSnake
ID: 12341831
I do not get the same results when the users logs onto another machine, just this one. I tried deleting the profile, got an error about protected files so I booted into safemode and removed it completely. I still had the same problem as before.
0
 

Author Comment

by:SenderoSnake
ID: 12659034
Well, its been a while so I thought I would update this. I ended up disabling My Documents sychronization in the Group Policy, backing up his files and reloading his machine. I tried all the fixes above at least twice with no resolution. Thanks for all the help and responses thought, I appreciate it!
0
 
LVL 11

Expert Comment

by:cfairley
ID: 12660496
No problem, sorry we could not to more to help.
0
 

Author Comment

by:SenderoSnake
ID: 13210756
Whoops, I forgot about this one. However, I did have a problem with this on another users machine and contacted Microsoft concerning the issue.

Per their technician, there are variables which cause this issue:
Domain based User and Computer
Group Policy requiring password changes at a set amount of days
Stored passwords
Administrator rights over their local machine

If a user ignores the request to change their password and the time lapses, they will still be able to log onto their computer. But, they will not be able to access any network resources because their password will be invalid. In essence their account is disabled. If a Domain admin or the user resets their password, AD will not recognize the change because it controls the "password store" on the local machine. The reason why my reload on the first machine worked is because I wiped out the local password store. To avoid the reload do the following:

Log onto the machine with the offending account. Go into "Control Panel" and into the "User Accounts" properties panel. Click on "Manage Passwords" and remove any account passwords pertaining to the domain. (Be careful not to remove the .net passwords. It causes other nasty issues on non-domain relation) After you remove the password, log the user off. Now reset their password in AD and then allow them to log in and change their password. Wala, its fixed.
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 13404271
PAQed with points refunded (500)

modulo
Community Support Moderator
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
An article on effective troubleshooting
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question