Windows file share: the target account name is incorrect

Kenny Riley
Kenny Riley used Ask the Experts™
on
Good morning-

I'm running into an issue I've never seen before and am seeking some assistance.

Background:
Windows Server 2012 R2 AD domain with 30 users and 2 domain controllers: dc1 and dc2

File server /w 2 file shares: R and T drive

After a Windows Update users are no longer able to access these file shares. They are receiving the following error:
"the target account name is incorrect"

Sometimes you can access the share drive but it will time out and go back to the error mentioned above.

However, users can browse to the file share via explorer just fine using the UNC: \\dc1\share. Computers can also ping both dc's by DNS just fine as well. I have rebooted both dc's along with the file server in question. Additionally I have disjoined and rejoined the file server from the domain no avail.

Can someone please point me in the right direction as to how to proceed?  Thank you!
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Darrell PorterEnterprise Business Process Architect

Commented:
If you delete the mapped drives from a system and remap the drives using the appropriate domain account, does the problem disappear?
What, if anything, are you seeing in the security log on the file server, the authenticating DC, and the workstation when one receives this error?

Author

Commented:
Hi Darrell-

The drives are mapped automatically from group policy upon logon so they are already being mapped with the users domain credentials. I did try to disconnect one drive and remap it from the command line using domain administrator credentials instead of the users and received the same error: the target account name is incorrect

We are seeing kerberos errors in the event logs on client machines such as this: (w2012svr1 is the file server that houses the share drives we are having issues with..)

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server w2012svr1$. The target name used was cifs/w2012svr1.rhaaia.local. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (XXX.LOCAL) is different from the client domain (XXX.LOCAL), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

I'm not seeing anything out of the ordinary in the event logs of the dc nor the fileserver. I did try to reset machine accounts as mentioned here:
https://helpdeskgeek.com/networking/logon-failure-the-target-account-name-is-incorrect/

I've verified that both DC's are replicating by creating a new AD account on one server and verified it synced to the other DC.

Any ideas? I'm completely stumped on this one..
Top Expert 2016

Commented:
Acronis in Gartner 2019 MQ for datacenter backup

It is an honor to be featured in Gartner 2019 Magic Quadrant for Datacenter Backup and Recovery Solutions. Gartner’s MQ sets a high standard and earning a place on their grid is a great affirmation that Acronis is delivering on our mission to protect all data, apps, and systems.

Author

Commented:
Hi David-

I performed the following query: setspn -Q cifs/w2012svr1.rhaaia.local which returned a No such SPN found message. Am I doing something wrong?

Pardon my ignorance, I'm not well versed in how SPN's work or how to troubleshoot them.
Seth SimmonsSr. Systems Administrator

Commented:
After a Windows Update...

i would uninstall the update to start with
Seth SimmonsSr. Systems Administrator
did you find your own solution?  if so, please share in case someone else has this issue
The resolution was to restore a system state backup pre Windows Update.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial