Logon Failure: The target account name is incorrect
DC at different site is experiencing connectivity issues with our head office site DC.
Our network comprises of 2 sites, 2 DCs (1 at each, both Server 2008 R2)
When attempting to open shares of the head office DC from the branch DC I'm seeing the error...
"\\HQDC1 is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.
Logon Failure: The target account name is incorrect."
Other computers can access the server and shares without issue.
I have tried restarting the branch DC but the issue persists.
Our network comprises of 2 sites, 2 DCs (1 at each, both Server 2008 R2)
When attempting to open shares of the head office DC from the branch DC I'm seeing the error...
"\\HQDC1 is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.
Logon Failure: The target account name is incorrect."
Other computers can access the server and shares without issue.
I have tried restarting the branch DC but the issue persists.
ASKER
I've flushed the dns on the branch server.
nslookup and ping resolve the correct ip of the head office dc.
I can browse by IP, but not name or Fqdn name.
nslookup and ping resolve the correct ip of the head office dc.
I can browse by IP, but not name or Fqdn name.
If you can do this by IP and not by name then it is a DNS issue somewhere. Run the following commands on your DC's...
Repadmin /replsum
Repadmin /showrepl
DCDiag /v
Check your event logs under DNS to see if there are any error's.
Will.
Repadmin /replsum
Repadmin /showrepl
DCDiag /v
Check your event logs under DNS to see if there are any error's.
Will.
ASKER
Repadmin /replsum
Both DCS are rejecting requests
Repadmin /showrepl
Ran on each DC, both say the destination server is rejecting requests.
DCdiag /v
Shows a lot of failures. I'll work my way through these and report back.
Unfortunately only a recurring warning in DNS..
ID 4013... which makes sense since the branch DC cannot communicate with the other DC at the moment.
Both DCS are rejecting requests
Repadmin /showrepl
Ran on each DC, both say the destination server is rejecting requests.
DCdiag /v
Shows a lot of failures. I'll work my way through these and report back.
Unfortunately only a recurring warning in DNS..
ID 4013... which makes sense since the branch DC cannot communicate with the other DC at the moment.
ASKER
dcdiag failed 3 tests
KccEvent
All directory servers in the following site that can replicate the directory partition over this transport are currently unavailable.
Replications
The source server is currently rejecting replication requests.
systemlog
Multiple errors
KccEvent
All directory servers in the following site that can replicate the directory partition over this transport are currently unavailable.
Replications
The source server is currently rejecting replication requests.
systemlog
Multiple errors
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Also check the logs on the branch server to ensure that it was properly promoted. I am assuming that the issues are coming from your head office DC? What DC is the FSMO holder?
Will.
Will.
ASKER
Thanks for that article.
Head office DC holds all the roles and the branch DC should have been promoted properly as it's been working for the past 11 months,
Head office DC holds all the roles and the branch DC should have been promoted properly as it's been working for the past 11 months,
I would then start checking the events and seeing when the error messages started and then see what changes had happend in your environment.
Will.
Will.
ASKER
The branch DC has registry setting 'DSA not Writeable' set to 4 and event ID 2103 has been logged twice in the Directory Services log.
Microsoft suggest demoting the DC and performing a meta-cleanup.
Is this the only method to resolve the issue?
The server is 4000 miles away!
Microsoft suggest demoting the DC and performing a meta-cleanup.
Is this the only method to resolve the issue?
The server is 4000 miles away!
ASKER
Thanks for the article link.
I have force demoted the server, performed a meta-cleanup and promoted it again.
I can now access the shares :)
Now I just gotta re-configure all my replicated folders!
I have force demoted the server, performed a meta-cleanup and promoted it again.
I can now access the shares :)
Now I just gotta re-configure all my replicated folders!
Also check the Shares permissions to ensure that nothing is being blocked from this level.
Will.