I can't open a network file by the name but I can by the IP

Hi Experts,
I have been looking for 2 days trying to figure out this problem.
it started with my service provider changing our static IP for no reason , so I had to modify the dns ( on my DC windows 2003) to point to the new forwarders, so of course an easy way was to point the preferred DNS server on my network card to the router. which worked fine, then I recently switch back the DNS on the network card back to its own ip and I updated the forwarder again. Anyway, here is the problem: I logged off from a workstation and I couldn't log back in even with administrator password. I could only log into the local computer. so I changed the domain to a workgroup. delete the computer from active directory and rejoin the domain, then I was able to log back in but for some reason when I type \\obt ( the name of my server domain ) it give me the error below , but if I type the IP of my server. it works fine. I went to another workstation and same things , so I had to rejon the domain for all workstation and now then can only access the server from the IP . how can I fix this annoying problem.
Thanks.

David


Here is the message:



"\\obt is not accessible. you might not have permission to use this network resource. contact the administrator of this server to find out if you have access permissions.
Logon Failure: the target account name is incorrect"

tavernyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

HDSportster08Commented:
you need to somehow get into the admin account and go to your main DNS gui.  Once there clear the DNS cache and reboot the server.  That should take care of it, it is holding the old DNS info in cache, trust me I have been down that route.
0
tavernyAuthor Commented:
you think it's only a DNS issue?
I can't reboot now , I will have to wait tonight.
0
HDSportster08Commented:
I would say it is holding that in its cache, there is a part in there that will allow to you click the button and clear the cache.  Clear the cache and then try to get in the machine, it might not even require a reboot.  Let me know how that works.
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

tavernyAuthor Commented:
I cleared the cache on the user and also on the server and also restarted the DNS and still nothing.
0
HDSportster08Commented:
so the first way it worked fine, and how it doesn't?  I think I am confused, you said you just updated the ip first and it worked, but now you have done something different?
0
tavernyAuthor Commented:
no I just said that if I type \\192.168.0.5 It shows me the folders but if I type \\obt I get the error message.

server name : obt = 192.168.0.5
0
HDSportster08Commented:
do you get an error or just no permission?  And is the DNS server pointed to itself?
0
tavernyAuthor Commented:
this is the message that I get:
------------------
"\\obt is not accessible. you might not have permission to use this network resource. contact the administrator of this server to find out if you have access permissions.

Logon Failure: the target account name is incorrect"
-------------------

and yes the DNS server point to itself. I think it's coming from a security somewhere

0
HDSportster08Commented:
sounds like you changed the domain name or you might have to rejoin all  the machines to the domain now that the dns changed.  
0
tavernyAuthor Commented:
I have rejoin some of the machine , still no luck.
I want to make sure ,
to rejoin I go on the machine itself , remove the domain name and put workgroup instead.
reboot the machine and then rejoin the domain.
Right?

I also deleted before rejoining the domain , the name of the computer from the computers folder under Active directory.
but what is weird is when I recreate the join the name doensn't come back there.
0
HDSportster08Commented:
yes that is the procedure, but just try it with one, if it works then do all of them.  I am assuming you don't have like 200 machines or something you would have to do this to?

0
tavernyAuthor Commented:
I have already try with one machine , and the problem still occurs.
0
tavernyAuthor Commented:
just want to make sure , how do you put your domain to point to itself?
0
HDSportster08Commented:
well lets say you have the following DNS ips, 192.168.0.5 and 192.168.0.6

You would have server 1 pointing to 192.168.0.7 (it's local ip)
and then 192.168.0.5 for the DNS. or vice versa

If I remember correctly that is the way I did it.  
0
tavernyAuthor Commented:
I understand the concept but where do you enter this?
0
HDSportster08Commented:
well you should have this entered on you domain server nic and also your main server nic assuming you are using ONE DNS server and ONE main server.  If you are using multiple servers and one domain controller, then it  changes of course.

Like I said,

If you have not changed any of this or it is foreign to you, then most likely don't the problem is elsewhere.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tavernyAuthor Commented:
ok, so yes it's correct , the ip of the dns is setup for the network card. so it's something else
0
HDSportster08Commented:
[qoute]I had to modify the dns ( on my DC windows 2003) to point to the new forwarders, so of course an easy way was to point the preferred DNS server on my network card to the router[/quote]

I think your issue lies in the above comment.  The easy way or the correct way?  You need to only modify the ip addresses that changes, sometimes the DNS does not change, just the static ip.
0
tavernyAuthor Commented:
it's not there , I think the problem comes from a security issue
0
HDSportster08Commented:
impossible if you did not change anything.  Only you know what you did, trace your steps.  Going home for the day.  Good luck.
0
2hypeCommented:
Hi,

Just a question.

Technically going \\obt would be using the netbios domain name not the dns name.

If you open a command prompt from a workstation
ping obt  - What address resolves? Any?
ping obt.doman.local (Your fully qualified domain name) - what address resolves?

You can access your server via ip address.  Can you access it by \\obt.domain.local (its fully qualified domain name?)

I am assuming your machines local dns settings are point to your dns server as you were able to join the domain?
0
tavernyAuthor Commented:
ok I did
ping obt I get the 192.168.0.5
 
I did ping obt.obt.local and get the same thing
the ip of the server is the correct one
yes I can access the server from the ip address and also from \\obt.obt.local

you see now it's working fine. I didn't touch the computer for awhile and now if I type \\obt it works ,
If I log off and log back in I am still good , but if I reboot the computer and try to log in I get the error message windows cannot connect to the domain, either the domain controller is down or otherwise unavailable ...
so I have to log locally change to workgroup , reboot and rejoin the domain , and then I can log as a network user , but the file can't still be pulled by typing \\obt
I am actually gonna reboot the machine now to rejoin the domain


0
tavernyAuthor Commented:
ok , I just thought about what I did yesterday that might cause the issue.
we have a webser that I took down for cleaning and didn't plug it for 3 wweks at least , I plugged it yesterday , and this one also can't access the file of the domain controller. but when I am looking at the manage your server , I see that this server is also a domain controller (active directory). could may be the 2 server are getting out of sync , and cause trouble between each other?
0
2hypeCommented:
I wouldnt think that would be the case.

Lets get this straight.

Your Server acting as Active Directory/DNS ip is 192.168.0.5
Your Server DNS Entry is pointing to itself
Your Computers DNS Server entries are pointing to 192.168.0.5

When you remove it from the domain and re-add it.  Try the following.  Remove the computer from the domain.  Log into Active Directory and under computers ensure the computer account is gone.  If it is not remove it.  Now Re-add it to the domain.  Reboot and log on.

Click start -- run -- cmd.  Type set and hit enter.
What does it say is your logonserver.

Reboot.   Can it sucessfully log on now that it has been rebooted?  If not are there any errors on the computers Event Viewer.  Are there any system errors on the servers event viewer?

From the command line if you can ping obt and it resolves fine to the servers IP Address there should be nothing stopping you from connecting to the file server via its name.
0
tavernyAuthor Commented:
ok,
I did what you said . in the meantime before your had post I had look at the webserver that is the other secondary/backup domain.
this server was pointing to the router for the DNS in the network card instead of the obt, so I changed that and rebooted and now this one works fine.

ok, back to the workstation : for the the logonserver I had \\webserver (  that's weird)
so I rebooted and now it says for the logon screen \\obt
and I am able to see obt as well.
well it seems that now it's working. now I can see the name of the computer in the computer folder of the active directory , everytime I was joining back the domain, the name of the computer was not comming in
i will reboot the computer again , just to see if it still keeps the setting,
so you think the second server was the trouble?
0
HDSportster08Commented:
just like I stated above, check both NIC cards for the ip and dns addresses.  The server and the DNS controller.  
0
tavernyAuthor Commented:
I didn't know that the webserver was also a secondary Domain Controller. So when I plugged back my secondary DC I guess some of the users tried to get authenticated with the webserver, which they probably did , but since the webserver was not able to talk with the DC (primary) , it then took all the workstations with him away from DC 1.

Well I am happy it is resolved . my only concern is some of the users still have as the logonserver: \\webserver.
so I don't know what can happen if the webserver goes down, and the user need to log into the domain. would they automatically find the other Domain controller or would they just fail to logon.
I am also confused with the way that 2 domain controller are implemented , I thought that every user would connect to DC 1 and if this one is down then they would connect to DC 2 , but I guess it's not the case , they connect to either one.
0
HDSportster08Commented:
well this might be a stupid question, but you do know that when you reboot servers DC1 needs to come up first, then DC2 and then the server right?
0
tavernyAuthor Commented:
that's not a stupid question . no I didn't know . I thought it didn't matter, I only reboot server whenever I need to.
So basically,if I have 3 servers ( DC1, DC2, and a SQL server) and I am doing an update to SQL that requires reboot. I need to shutdown SQL , then DC1 and DC2 , then start DC1 , then DC2 and then SQL?? I cannot just reboot SQL?
0
HDSportster08Commented:
yes you can just reboot sql.  If you only normally need to reboot the main server then you can do that without rebooting the DC's.  However, should one of the DC's ever go down or need to be rebooted, ALL must be rebooted in that order.  Just remember that or you will be chasing problems that are not there and are caused by the wrong reboot order.

Now when I say reboot I don't mean just push button one two and three.  I mean let DC1 come up FULLY, then DC2 come up FULLY then the main server.
0
tavernyAuthor Commented:
ok, I understand the server needs to be up and running before I can turn the other one in the proper order.
now another question , If I need to reboot dc1 only because of an update , I still have to reboot DC2 and the other one?
0
HDSportster08Commented:
yes you do, anytime one of the dc's need rebooting you need to shut them all down and reboot in that order.  Usually when I used to do it I would remote in to DC1, reboot.  Then wait for it to come up and remote to DC2 reboot, then wait and remote to the server and reboot.  You can do that as well if you are not on site.
0
tavernyAuthor Commented:
ok, well thanks for the advice.
0
2hypeCommented:
now another question , If I need to reboot dc1 only because of an update , I still have to reboot DC2 and the other one?

I dont  think you would have to reboot all your DC's if you wanted to reboot DC1.   Just reboot DC1.
0
HDSportster08Commented:
but on top of that, if you reboot DC1 only, you will still have to reboot the server.
0
tavernyAuthor Commented:
I think I don't even need to reboot the other server. I have at another location a DC1 and a SQL Server, I often rebooted the DC1 without rebooting the SQL and everything was fine.
I can't imagine that google have to reboot all the server if they have to update only one of their DC , no?
0
HDSportster08Commented:
"I didn't know that the webserver was also a secondary Domain Controller. So when I plugged back my secondary DC I guess some of the users tried to get authenticated with the webserver, which they probably did , but since the webserver was not able to talk with the DC (primary) , it then took all the workstations with him away from DC 1."

you already answered this.  When you do it the way you are talking about it screws up everything, so you do what you want, but it is gonna hurt, lol.
0
tavernyAuthor Commented:
Thanks guys for your help
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.