troubleshooting Question

Any server named Crackers on our network now gives an error message when accessing a network share

Avatar of Zane Kuchera
Zane Kuchera asked on
Windows Server 2008Windows NetworkingActive DirectoryDNSTCP/IP
15 Comments4 Solutions378 ViewsLast Modified:
The Issue
Our Windows Server 2008 SP2 machine, Crackers for now, no longer allows access to it's network shares. For example we've been using \\Crackers\withCheese\ as a network drive for years and now when we access it we get a specific error message.

The error message is Logon Failure: The target account name is incorrect.

What we think the issue is
We've cloned our Crackers server, named it CrackersIsDead, and gave it a new IP address. When we tried to access the share at \\CrackersIsDead\withCheese\ it came up correctly. We did a switcheroo and swapped the name/IP address with the 2 machines so the new cloned server became Crackers. At this point, the new Crackers had the same issue again: Logon Failure.  

Why can't you just use the IP Address instead
Ohh, well we totally can. \\\withCheese\ works just fine. The issue with doing this is that our Crackers software has many, many references to \\Crackers\ in their code. While we're able to log on by using this IP address, we lose functionality in many of our features.  

What might have caused it
This might have nothing to do with it, but it was right before the issue started so I'm mentioning it. On Thursday, right before this issue started I was modifying Active Directory permissions for our entire domain. I was adding a permission for an Authenticated User at the root of our domain. At some point, I deleted the rule that I created, or so I thought. I later realized there are several instances of Authenticated User permissions under here and they automatically combine the rules if some permissions overlap. So it's likely that I deleted the wrong Authenticated User permission. We later decided to click the Restore Defaults option on this domain, as well as all our OUs under it to reset the permission. However, the Tracker issue persists.  

What we've tried
  • Removed/Re-added Crackers to domain, cleared Active Directory of all instances of it.  
  • DNS is properly mapped to the correct IP address. Checked by using nslookup, ping, and even remote desktop. All of these show that Crackers is properly configured with the address we're expecting.  
  • Contacted Microsoft Support for $500. After an hour of tricks, no progress.  
  • setspn -x
  • doesn't show any duplicate SPNs related to Crackers.  
  • Used the command:
  • netdom.exe resetpwd /s:<server> /ud:<domain\user> /pd:*
  • on the machine.  
  • Did something with Kerberos Distribution Key.  
  • Manual Active Directory sync between the Domain Controllers.  

It feels like there's some kind of corruption with the server name Tracker in our environment. Maybe something that's cached relating to Tracker that we need to get rid of? Not sure if I should be looking on our domain controller, active directory, or dns.
Join our community to see this answer!
Unlock 4 Answers and 15 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 4 Answers and 15 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros