Connecting Issues to Server "Logon Failure: The target account name is incorrect"

As of yesterday, users are having issues trying to connect to the network via the network name. If you type in \\servername or try to open a mapped network drive, you cannot connect but it will work with the IP address. This is happening on Windows XP and 7 machines and the server is a Windows 2008 R2.

Sometimes if you don't do anything, after time it will start working again be itself. Otherwise as of right now if I flush the DNS, register the DNS, and reboot the computer, that will usually fix the problem. It happens to random people at random times.

Any ideas what I can do to fix this? Let me know if you have any questions...thanks!
itadminnekAsked:
Who is Participating?
 
Santosh GuptaCommented:
r u using router or server for DHCP ?

if its windows server then

 In the DHCP snap-in, select and right-click the scope you want to configure.
Select Properties.
In the Lease duration for DHCP clients box, adjust the lease time for the scope.

for DNS


    Click Start, click Run, type dnsmgmt.msc, and then press ENTER. The DNS Manager console will open.
    Click the Advanced tab.
    Select the Enable automatic scavenging of stale records check box.

and see the period.
0
 
Santosh GuptaCommented:
Hi,

1. Is the IP configured thorough DHCP server, if yes then what it the lease period time.
2. check the DNS scavenging time.
3. check the DNS server if multiple A records are created against systems
0
 
itadminnekAuthor Commented:
The IP address is DHCP but I don't know how to check the setting you are asking about...where in DNS or DHCP do I check these settings?
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
itadminnekAuthor Commented:
Okay I did this...what should I do now?
0
 
Hypercat (Deb)Commented:
Also, in the DHCP console in the properties of your DHCP scope, make sure that dynamic updates are enabled:

DHCP dynamic upates settings
This will make sure that DNS records are updated automatically when DHCP assigns a new IP address to a workstation.
0
 
Santosh GuptaCommented:
please share the both DHCP lease and DNS scavenging current setting.
0
 
itadminnekAuthor Commented:
hypercat - I have made that change

Santosh - I am confused as to what you are asking...
0
 
itadminnekAuthor Commented:
Hey Experts,

This issue happened to me this morning and I went and took a look at the event viewer and this is what is showing right before I rebooting to fix it:

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server n05$. The target name used was cifs/n05.NC.com. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (NC.COM) is different from the client domain (NC.COM), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server n05$. The target name used was host/n05. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (NC.COM) is different from the client domain (NC.COM), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server n05$. The target name used was ldap/N05.NC.com. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (NC.COM) is different from the client domain (NC.COM), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

Does this help?
0
 
Santosh GuptaCommented:
0
 
itadminnekAuthor Commented:
I have done what you suggested and the issues seems to have gone away...I can't pin point what fixed it so I will split points! Thanks!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.