Link to home
Start Free TrialLog in
Avatar of whoam
whoam

asked on

W2K3 IAS "The user accoutn domain cannot be accessed."

Our wifi authenticates to AD via IAS.  the policy has been working for years until now.  Now my IAS server says that, "The user account domain canno be accessed." for everyone.

No config chagnes have been made to affect this that i can think of.

ADDIAG and DCDIAG from the IAS server come back clean.  The user account is not locked out or have other apparent issues.

Event Type:	Error
Event Source:	IAS
Event Category:	None
Event ID:	3
Date:		9/19/2012
Time:		11:42:43 AM
User:		N/A
Computer:	IAS.Server
Description:
Access request for user joe.user@fqdn.com was discarded.
 Fully-Qualified-User-Name = wins.domain.name\joe.user
 NAS-IP-Address = 192.168.105.148
 NAS-Identifier = HP
 Called-Station-Identifier = 00-1E-C1-65-87-70:WiFi.Name
 Calling-Station-Identifier = 00-26-08-B1-75-D7
 Client-Friendly-Name = Wireless148
 Client-IP-Address = 192.168.105.148
 NAS-Port-Type = Wireless - IEEE 802.11
 NAS-Port = 4705
 Proxy-Policy-Name = Use Windows authentication for all users
 Authentication-Provider = Windows 
 Authentication-Server = <undetermined> 
 Reason-Code = 5
 Reason = The user account domain cannot be accessed. 

Open in new window

Avatar of whoam
whoam

ASKER

Oh, this is happening to all, not just one user.
Avatar of Craig Beck
Ok, first - the connection attempt doesn't match a policy.  That means the connection will fail anyway.

Second, does the log show the correct domain name (i know you've sanitized it)?
Avatar of whoam

ASKER

correct domain is shown, but the logs never show a connection.

Thanks,
M
ASKER CERTIFIED SOLUTION
Avatar of whoam
whoam

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of whoam

ASKER

No solution posted