Solved

"Logon Failure: Unknown user name or password" when trying to browse a mapped UNC drive

Posted on 2004-10-13
19
495 Views
Last Modified: 2010-03-18
Server 2003 Domain Controller running AD.
User is running Windows XP Pro SP1 with Admin rights over local machine.
75 users, no other issues except with this one user.

The problem I am having is an error message after the user logs on. The user turns on their computer, logs in using their password, but as soon as they try to click on any pathed network drives which are housed on the network they get a "Logon Failure: Unknown user name or password" error message. They also cannot sychronize their offline files because it will not accept their password.

I can log on to their computer and browse the drives with no problems. I can also reset their password and they work fine for about 30 minutes, but then the problem reappears.

Any ideas?
0
Comment
Question by:SenderoSnake
  • 7
  • 3
  • 3
  • +3
19 Comments
 
LVL 11

Expert Comment

by:cfairley
ID: 12304386
The user may be logged onto another PC or have a disconnected Terminal Server session.  If that is the case, once you change the password, it does not change it for the session or login for the other PC, which will cause access problems.
0
 
LVL 12

Expert Comment

by:valicon
ID: 12304613
It sounds like they are logging in with cached credentials.  Has anyone else tried to log on using the same machine to see if the issue was duplicated?  I would check that first.
0
 
LVL 15

Expert Comment

by:adamdrayer
ID: 12304875
you can run "net user /DOMAIN" at a command prompt which should list all the users logged on to various domain resources in order to check if cfairley is correct as I suspect he is.
0
 
LVL 5

Expert Comment

by:abu_deep
ID: 12306021
Are winxp clients part of the domain or just working as a workgroup? Have you checked the time differences between the Win 2003 domain controller and the clients? I might guess Kerberos v5 authentication is failing or the authentication ticket is expiring and Win2k domain controller is not renewing the token so that access to share have been disrrupted. Kerberos uses local time as a variable to create authentication tokens. I think the time difference between the authenticating server and clients needs to be within 5 minutes.

If you go into Windows Explorer (or My Computer, whichever you prefer), is there a red-cross on the H: drive? If you double-click on it, I'm sure you can access the files and folders in H: drive, but does the red-cross go away when you double-click?

I've copy this from the foolowing quistion so you may have a look at :

http://www.experts-exchange.com/Operating_Systems/Win2000/Q_20657357.html
0
 

Author Comment

by:SenderoSnake
ID: 12307845
valicon:

No cashed credentials, they log on as themselves then the drives are pathed by scripts. I can log on an access them with no problems along with two other users. Its just this one user.

abu_deep:

They are pat of a domain. There are no red X's on any drives. When you click on the drive, that error message pops up. Off-line files sychronization does not work either.

I will check the time difference.
0
 

Author Comment

by:SenderoSnake
ID: 12309133
Checked the "net user /domain" with the user logged off and logged on, there was not any suspscious accounts or duplicates. The computer was sychronized with the master time clock. Any other ideas?
0
 
LVL 5

Expert Comment

by:abu_deep
ID: 12313321
Could u post the event notifications which u get on when these logon failures start occuring.:
0
 
LVL 5

Expert Comment

by:abu_deep
ID: 12313405
Based on my experience Windows XP service pack 2 might sort your probelm out..

you will find that the relevant hotfixes have been included in Windows XP Service Pack 2

http://www.microsoft.com/downloads/details.aspx?FamilyId=049C9DBE-3B8E-4F30-8245-9E368D3CDB5A&displaylang=en

This installation package is intended for IT professionals and developers downloading and installing on multiple computers on a network.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:SenderoSnake
ID: 12337390
No event notifications that a logon failure has been recorded. I loaded SP2 the instant it started giving me trouble.

Its not having logon issues, it is having credintial problems. The user logs on just fine, it when he tries to use shared resources on the network that it gives him the error messages stated above.
0
 
LVL 12

Expert Comment

by:valicon
ID: 12337493
I would try removing it from the domain into a workgroup and then rejoining the computer to the domain.
0
 

Author Comment

by:SenderoSnake
ID: 12337539
valicon;

I removed his computer and disabled his user temporarly. I rejoined the domain using the Domain Admin account, used my user account to test the credentials, then enabled his user account. It still did the same thing.
0
 
LVL 11

Expert Comment

by:cfairley
ID: 12337799
I know you said that when you log on the the user's PC, everything is fine.  Do you get the same result when the user logs on to another computer.  Also, I would delete the user's local profile, reboot, then try again.

Thanks,
0
 

Author Comment

by:SenderoSnake
ID: 12341831
I do not get the same results when the users logs onto another machine, just this one. I tried deleting the profile, got an error about protected files so I booted into safemode and removed it completely. I still had the same problem as before.
0
 

Author Comment

by:SenderoSnake
ID: 12659034
Well, its been a while so I thought I would update this. I ended up disabling My Documents sychronization in the Group Policy, backing up his files and reloading his machine. I tried all the fixes above at least twice with no resolution. Thanks for all the help and responses thought, I appreciate it!
0
 
LVL 11

Expert Comment

by:cfairley
ID: 12660496
No problem, sorry we could not to more to help.
0
 

Author Comment

by:SenderoSnake
ID: 13210756
Whoops, I forgot about this one. However, I did have a problem with this on another users machine and contacted Microsoft concerning the issue.

Per their technician, there are variables which cause this issue:
Domain based User and Computer
Group Policy requiring password changes at a set amount of days
Stored passwords
Administrator rights over their local machine

If a user ignores the request to change their password and the time lapses, they will still be able to log onto their computer. But, they will not be able to access any network resources because their password will be invalid. In essence their account is disabled. If a Domain admin or the user resets their password, AD will not recognize the change because it controls the "password store" on the local machine. The reason why my reload on the first machine worked is because I wiped out the local password store. To avoid the reload do the following:

Log onto the machine with the offending account. Go into "Control Panel" and into the "User Accounts" properties panel. Click on "Manage Passwords" and remove any account passwords pertaining to the domain. (Be careful not to remove the .net passwords. It causes other nasty issues on non-domain relation) After you remove the password, log the user off. Now reset their password in AD and then allow them to log in and change their password. Wala, its fixed.
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 13404271
PAQed with points refunded (500)

modulo
Community Support Moderator
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Resolve DNS query failed errors for Exchange
This video discusses moving either the default database or any database to a new volume.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now