\\server\sharedfoldername is not accessible. You may not have permission to use this network resouce after server reboot

Hi Expert,

Windows Server 2008 R2 with shared folder and CA installed with DC on it. The computer crashes and reboots for no apparent reason. The only information registered in event viewer information kernel power has initiated a shutdown transition.

After the reboot, users are not able to access the shared folder with an error " \\server\sharedfoldername is not accessible. You may not have permission to use this network resource."

Security events logged for users trying to access the share and also the computers /servers accounts in the domain with same event id:

Security events logged:
<Event ID 4625>
 Log Name:      Security
 Source:        Microsoft-Windows-Security-Auditing
 Date:          4/30/2010 4:20:59 PM
 Event ID:      4625
 Task Category: Logon
 Level:         Information
 Keywords:      Audit Failure
 User:          N/A
 Computer:      <computer where this event was logged>
 Description:
 An account failed to log on.

Subject:
 Security ID:         NULL SID
 Account Name:        –
Account Domain:      –
Logon ID:       0x0

Logon Type:                3

Account For Which Logon Failed:
 Security ID:         NULL SID
 Account Name:        <username>
 Account Domain:      <domain>

Failure Information:
 Failure Reason:      Unknown user name or bad password.
 Status:              0xc000006e
 Sub Status:          0x0

Process Information:
 Caller Process ID:   0x0
 Caller Process Name: –

Network Information:
 Workstation Name:    –
Source Network Address:    <IP address of client>
 Source Port:         3089

Detailed Authentication Information:
 Logon Process:       Kerberos
 Authentication Package:    Kerberos
 Transited Services:  –
Package Name (NTLM only):  –
Key Length:          0

This event is generated when a logon request fails. It is generated on the computer where access was attempted.


Any help will be highly appreciated.

Thanks,
LVL 1
DeoraliAsked:
Who is Participating?
 
Jian An LimSolutions ArchitectCommented:
worst case scenario is you lost your DC serverC.

you need to restore from Backup.

and because CA are put on top of DC, it become complicated.

So, still trying to think what can cause in serverC

########
can you run dcdiag on ServerC?
can you make sure your you can access \\serverc\sysvol and \\serverc\netlogon (or domain\sysvol and \\domain\netlogon  ? (from server c and server a)

then you might want to rebuild your serverC
https://support.microsoft.com/en-us/kb/2218556 

### all action must think through before your next steps ###

Also read through logs to see any warning that is "related"
0
 
Jian An LimSolutions ArchitectCommented:
without understanding the environment, My guess is something wrong with the group policy on local policy\security options

check those microsoft network client OR digital sign communication

Also check the time between the server is it the same.

Further, also reset your domain computer password
https://support.microsoft.com/en-us/kb/325850

Also run klist -purge so you kill all the existing ticket.

WARNINg: this would fix it, or prolong your pain depends on what the real situation is. I just call out things i might do depends on your environment.
0
 
Jian An LimSolutions ArchitectCommented:
the easiest thing to do actually is reboot the server again to see whether it pick up things (it might be the easiest fix)
the above is more in troubleshooting and you need to know exactly what are you working on.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
DeoraliAuthor Commented:
Thanks limjianan

Here is my environment:

Three domain controllers :
ServerA: FSMSO
ServerB: DC
ServerC: DC + Certificate Authority+Shared Folders



On Tuesday after ServerC decides to reboot by itself and trouble starts. I tried the following on this server already:
(1) reboot
(2) Reset computer account
(3) non-authorative of FRS replicas

and didn't help.

I have encountered multiple issues and cannot make any headway.

Here are more event IDs and errors that I am seeing:

(1) Output from DCDIAG ran on ServerA  error only:
A recent replication attempt failed:
From ServerC to ServerA. The replication generated error (1256). The remote system is unavailable.
The replication generated an error <5>: Access is denied,

(2) Security Event ID:4625 logged on ServerC for all user accounts and computer accounts with reason: unknown username or bad password.

(3)  When I try to run gpupdate /force from the client machine, it is throwing error: Event ID: 1058 - The processing of Group Policy failed. Windows attempted to red the fie \\abc.com\sysvol\abc.com\Policies\909-dsgds-3444\gpt.ini from a domain controller and was not successful.

(4) On ServerC - I have one folder shared. I can access as a domain admin \\serverc\sharedfolder but not as regular user.  When I try to access as regular user I get an error " \\serverc is not accessible. You might not have permission to use this network resource .Logon failure user account restriction. Possible reasons are blank passwords not allowe4d or a policy restrictions has been enforced.

Before the server reboot, everything was working including the accessing the shared folder with normal user account.

Thanks,
0
 
DeoraliAuthor Commented:
On SeverC

DCDIAG errors
Doing primary tests
Testing server: Default-First-Site-Name\serverC
Starting test: Advertising
Waring: DSGetDCName returned information for ServerB.abc.com when we were trying to reach ServerC.
SERVER IS NOT RESPONDING OR IS NOT CONSIDERED SUITABLE
………………………………serverC failed test Advertising
Starting test : FrsEvent
These are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy Problems.              
………………….serverC passed FrsEvent
Staring test:NetLogons
Unable to connect to sthe NETLOGON share! (\\serverC\netlogon)
[server] An net use or LsaPolicy operation failed with error 67.
The network cannot be found .
………………………….serverC failed test NetLogons
Staring test: replication


Repadmin /replsum

Source DSA                 largest delta       fails/total             %           error
ServerC        05d.17h.25m.38s              10/10                     100         <5> Access is denied


Out of DCDIA on serverA ( error only)

Starting test:Replication
{Replications check, SeverA] A recent replication attempt failed:
From server to ServerB
Naming Context: DC=ForestDnsZones, DC=abc,DC=com
The replication generated an error <5>
Access is denied
{Replications check, SeverA] A recent replication attempt failed:
From server to ServerB
Naming Context: DC=DomainDnsZones, DC=abc,DC=com
The replication generated an error <5>
Access is denied


Thanks,
0
 
DeoraliAuthor Commented:
Thanks limjianan. I end up uninstalling CA and demoting DC. I reinstalled CA on the same server.  Worked with MS since Thursday and they could not figured out the root cause. They only gave me the runaround.
0
 
DeoraliAuthor Commented:
I ended up uninstalling CA and demoting DC  on this server.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.