"Enter Network Password" - rejected credentials

Just started this morning: all of my win7 workstations are being prompted to supply a username and password for previously mapped drives.  When I enter the credentials, they are rejected!  Yet after rebooting, and entering the Windows domain credentials, they are able to log in to the workstation, but STILL can not access their mapped drive? The mapped drive in question is also the DC, a Windows 2000 DC.

There are other mapped drives that still work on other servers no problem?

Could use some expert advice please!
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

What's changed? Things like this don't just 'happen' - what have you done over the weekend? Patches? On servers or clients?

This Windows 2000 DC - is it the main DC? Or tell us a bit more about your setup as it will help guide us to the solution...

Also from one of your client machines give us the output of

ipconfig /all

So we can check that those settings are as they should be...

Also is this only happening on Win7 clients? No XP clients on your network I take it? If there are do they map and connect ok?
permacelAuthor Commented:
No changes made, no updates either, server or clients.
All are Win 7 clients, no XP at all.
5-6 out of 90 machines experience the problem

The DC is not the main DC but rather the first DC in a child domain.

The domain is set up like this:

Permacel.com (Main)
LW.permacel.com  (Child) "LW1" is the DC in this domain (problem is here I suspect)
NB.permacel.com  (Child)

I have attached a .PDF of the IPCONFIG as requested.

I have since posting, rebooted the DC, and the problem goes away - temporarily.

It reappears about 2 weeks later.

Cool, thanks for the details...

First red flag I see is DNS...

You've public dns entries on your clients - &

Remove those...you should never have public DNS entries on an internal network...it breaks AD and is one of the reasons you can see these type of issues(with password requests etc)

So that's step 1 - you should only have INTERNAL PRIVATE ip's in your dns entries - the primary dns entry being your main DC and if you've other DC's add those to the secondary...

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
permacelAuthor Commented:

Thanks for the quick reply, will do.

One final question:  I've had those DNS entries for as long as the domain was up, 10+ years, and never had this issue.

Why all of a sudden now, the error occurs?

Warmest regards...
I can only talk about what I've seen in real world to explain this...

I had a client machine on a clients network once which I could login to when I needed to do some work for them on their site...this machine had a private dns entry pointing to their onsite DC, and a secondary DNS entry pointing to's DNS server)

When I opened Outlook on the client it would always pop up and ask for the username/password - I could never figure this out...the client machine was a domain member so it should never ask for a password...

When I removed the from the client suddenly I was not asked for the password again...ever!!

My understanding of this is that somehow the client decides to talk to DNS2( and since that server has no clue about your internal network you get a password prompt...kind of like if you were accessing this OWA from an EXTERNAL machine out on the internet - you get the login page which asks for a password...why does it ask for a password - cause your machine isn't connected to the domain and therefore regular authentication can't work - thus you have to supply a password...

So from this I conclude that those 7-8 machines who you are seeing issues with are somehow talking to those public dns servers for resolution...thus you get a password prompt

That's why you never use public ip's on an internal network...AD breaks/Exchange breaks/etc...

As for why you've never saw this before that's a mystery - how many machines in total on the network?
Possible answer is that since you have 2 private DNS entries already that DNS3&4 weren't touched much(i.e. never needed to go down that far in the list)

My site I only had 1 DC and therefore the 2nd dns entry would have been used a lot more...
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.