none
Not able to login to the server with domain credentials.?

    Question

  • Hi All,

    I have a issue here, i am unable to login to one particular server with any credentials and it prompts incorrect credentials. Also, we are facing this issue minimum thrice in a month.

    After the server reboot, i am able to login to the domain successfully without any issue.

    Note: this is a VM machine.

    Please suggest how i can overcome this issue. 

    Friday, March 09, 2012 5:22 AM

Answers

All replies

  • What is the OS of virtual host server? Please check whether  time Synchronization has enabled from Base machine. if yes please remove this. The client machines should synchronize from the domain controllers.

    Also please check the secure connection between your server and domain controllers. At the next time when you are experiencing this issue, take stale computer information from DC and check whether this server is in this list. If yes check the connectivity to DC.

    If you have no impact to disjoin this server from domain , please rejoin this to domain. 



    Sajeed AM

    Friday, March 09, 2012 5:45 AM
  • Hi,

    Thanks for the post.

    OS - Windows 2003 Enterprise edition - SP2.

    Also, i found lot for event errors related to KDC like below mentioned.

    "The Security Account Manager failed a KDC request in an unexpected way. The error is in the data field. "

    Thanks,

    Dev

    Friday, March 09, 2012 5:54 AM
  • What is the error message you are encoutring?

    Check DNS configuration are in place. Also let us know if any events are getting generated on the server.

    Did you check SPN name of the server ?

    http://portal.sivarajan.com/2010/05/workstation-trust-relationship-issue.html

    Regards,

    _Prashant_


    MCSA|MCITP SA|Microsoft Exchange 2003 Blog - http://prashant1987.wordpress.com Disclaimer: This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    Friday, March 09, 2012 5:55 AM
  • Hi,

    I agree with Sajeed AM and Prashant. Would like to add couple of points as well, You need to run DCDiag /test:DNS and if it fails fix it. Check NIC binding and provider order, make sure provider shall have Microsoft drivers first in the list. If there are multi NICs available disable all of them except one which holds static IP of DC. Check Secure Channel status and reset if it is required. Check when was the last time HOST machine rebooted, if its more than 60 days reboot it. Once you done with all check Time Synchronization health.

    http://support.microsoft.com/kb/839880

    http://social.technet.microsoft.com/Forums/da/winservergen/thread/0020cf6f-6ade-4dc7-9b11-47e9b702a793

    http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1318

    http://msmvps.com/blogs/acefekay/archive/2009/08/17/multihomed-dcs-with-dns-rras-and-or-pppoe-adapters.aspx

    All the best

    Friday, March 09, 2012 6:11 AM
  • Dev,

            Most probably this issue occur only in the machine account password issue scenario. so try to reset the machine account password. It may resolve this issue


    K.Ganesan

    My Blog - TechHowKnow


    • Edited by K.Ganesan Friday, March 09, 2012 6:40 AM
    Friday, March 09, 2012 6:39 AM
  • Please do the following..

    1. Install the Windows Server 2003 Support Tools on the domain controller whose password you want to reset
    2. Run the below command on the server whose password want to reset
    netdom resetpwd /s:DCname /ud:mydomain\administrator /pd:*
    DCname = Domain controller Name
    mydomain\administrator = Ur admin account 
    * = Password

    3. Restart the server



    Sajeed AM

    Friday, March 09, 2012 10:07 AM
  • Hi,

    Check the Directory Service events for any error and try to reset the machine account password, follow this: http://support.microsoft.com/kb/325850 


    Best Regards,

    Abhijit Waikar.
    MCSA 2003 | MCSA:Messaging | MCTS | MCITP:Server Administrator | Microsoft Community Contributor | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Friday, March 09, 2012 11:05 AM
  • HI All,

    Also found 1393 event in the directory service @ the same  time of KDC error in system log.

    Because of 1393 event, Netlogon service is paused and users are not able to login ! But, the error describes due to low disk space the event is occurred , Hence i checked by diskspce it's 50 % free from past one month.

    Any suggestions plz.... :)

    Regards, Dev

    Friday, March 09, 2012 1:24 PM
  • Try below articles.

    http://support.microsoft.com/kb/2023007

    http://www.eventid.net/display.asp?eventid=1393&eventno=2170&source=NTDS%20General&phase=1

    Regards,

    _Prashant_


    MCSA|MCITP SA|Microsoft Exchange 2003 Blog - http://prashant1987.wordpress.com Disclaimer: This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    • Proposed as answer by Abhijit Waikar Friday, March 09, 2012 2:10 PM
    • Marked as answer by Bruce-Liu Thursday, March 15, 2012 9:57 AM
    Friday, March 09, 2012 1:35 PM
  • Because of 1393 event, Netlogon service is paused and users are not able to login ! But, the error describes due to low disk space the event is occurred , Hence i checked by diskspce it's 50 % free from past one month.

    If there is no any disk space problem then it seems the DC is in USN roll back state.
    Symptoms and resolution for USN rollback state : http://support.microsoft.com/kb/875495


    Best Regards,

    Abhijit Waikar.
    MCSA 2003 | MCSA:Messaging | MCTS | MCITP:Server Administrator | Microsoft Community Contributor | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.


    • Edited by Abhijit Waikar Friday, March 09, 2012 2:11 PM
    • Marked as answer by Bruce-Liu Thursday, March 15, 2012 9:57 AM
    Friday, March 09, 2012 2:09 PM
  • If the netlogon service is in paused state then it could be due to below reason.

    1.Low diskspace on drive where AD DB & log file is placed.
    2.Server is in USN rollback state

    If there is low disk space create free space.You can also move DB and log file to other volume.
    http://support.microsoft.com/kb/257420

    You can also relocate sysvol refer below link:
    http://support.microsoft.com/?kbid=842162

    If there is no space issue this indicates that server is in usn rollback state.If you run repadmin /replsum you will see inbound and oubound replication is disabled.You can also navigate to  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters Dsa Not Writable(4) will be created.

    If multiple DC are present in the n/w you need to demote the server forcefully followed by metadata cleanup and promote the server back as DC.

    If this is the single DC and server is in usn rollback state you can refer below lik to fix the same.Delete the Dsa Not Writable key and reboot the server.
    http://exchangeserverpro.com/recovering-a-single-domain-controller-from-a-usn-rollback

    Hope this helps


    Best Regards,

    Sandesh Dubey.

    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Saturday, March 10, 2012 12:00 AM
  • I have a issue here, i am unable to login to one particular server with any credentials and it prompts incorrect credentials. Also, we are facing this issue minimum thrice in a month.

    After the server reboot, i am able to login to the domain successfully without any issue.

    Any credentials or domain credentials?What's the OS and platform (32- or 64-bit)?

    I have seen many systems whre I couldn't log on with domain credentials but local account was working. Those were 32-bit systems, and the problem was with bad application exhausting system areas (paged and non-paged pools -  that sometimes is causing events 20129 and 2020 logged by Srv service but not always). Restarting the offending service usually restored access and also gave clear path to the root cause elimination.


    -= F1 is the Key =-

    Saturday, March 10, 2012 6:21 AM