Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


W2K3 IAS "The user accoutn domain cannot be accessed."

Posted on 2012-09-19
Medium Priority
Last Modified: 2012-11-07
Our wifi authenticates to AD via IAS.  the policy has been working for years until now.  Now my IAS server says that, "The user account domain canno be accessed." for everyone.

No config chagnes have been made to affect this that i can think of.

ADDIAG and DCDIAG from the IAS server come back clean.  The user account is not locked out or have other apparent issues.

Event Type:	Error
Event Source:	IAS
Event Category:	None
Event ID:	3
Date:		9/19/2012
Time:		11:42:43 AM
User:		N/A
Computer:	IAS.Server
Access request for user joe.user@fqdn.com was discarded.
 Fully-Qualified-User-Name = wins.domain.name\joe.user
 NAS-IP-Address =
 NAS-Identifier = HP
 Called-Station-Identifier = 00-1E-C1-65-87-70:WiFi.Name
 Calling-Station-Identifier = 00-26-08-B1-75-D7
 Client-Friendly-Name = Wireless148
 Client-IP-Address =
 NAS-Port-Type = Wireless - IEEE 802.11
 NAS-Port = 4705
 Proxy-Policy-Name = Use Windows authentication for all users
 Authentication-Provider = Windows 
 Authentication-Server = <undetermined> 
 Reason-Code = 5
 Reason = The user account domain cannot be accessed. 

Open in new window

Question by:whoam
  • 4

Author Comment

ID: 38414361
Oh, this is happening to all, not just one user.
LVL 47

Expert Comment

by:Craig Beck
ID: 38417429
Ok, first - the connection attempt doesn't match a policy.  That means the connection will fail anyway.

Second, does the log show the correct domain name (i know you've sanitized it)?

Author Comment

ID: 38427070
correct domain is shown, but the logs never show a connection.


Accepted Solution

whoam earned 0 total points
ID: 38427071
correct domain show in the logs.

Author Closing Comment

ID: 38575307
No solution posted

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question