6

I have a small network at home consisting of a Primary Domain Controller running Win 2008 R2, a desktop running Win 7 (x64), and a laptop running Win 7 (32-bit).

I'm not sure when this started or what changed, but from the laptop I can no longer access shares running on the desktop, either navigating in explorer, or by using a NET USE command. When navigating from explorer, it sees all three machines, but when I double-click on the desktop to expand it, it says:

"DWH-X64 is not accessible. You might not have permission... Login failure: The target account name is incorrect."

Similarly, if I try to run a NET USE command it comes back:

"System Error 1396 has occurred. Logon failure: the target account name is incorrect."

If I try either of these procedures referencing the domain controller instead of the desktop, they complete successfully. I can also access the laptop shares from the desktop.

I have Bing'd this error, and tried (repeatedly) removing the laptop from the domain and re-adding it (including going to the ActiveDirectory and deleting the machine account), and still get the same results. The other solutions that I've found on Bing seem not to apply, as they are talking about multiple domain controllers and replication.

Note also that I can login using this (supposedly incorrect) account name on all three machines.

I don't know what else to try. Any suggestions?

Thanks in advance

StackzOfZtuff
  • 1,754
  • 12
  • 21
Dave Hanna
  • 241
  • 1
  • 2
  • 7
  • 2
    Check your Domain Controller Event Logs. (And make sure the DCs and clients systems are showing the same time. Being out of time sync with your DC can cause this too.) Here's a link to a KB article that applies to the issue with DC replication: http://support.microsoft.com/kb/2183411, but if you scroll down to known causes, you'll see some that can apply to a single DC environment as well. – HopelessN00b Jul 17 '12 at 15:14
  • 1
    That was the problem - the Windows Time service on the desktop had somehow gotten configured to source time from the local CMOS clock, instead of the PDC, so the time had drifted. I manually resynced the time within a second, but it still wouldn't recognize it, so I removed and re-added the desktop from the domain, and everything was happy. – Dave Hanna Jul 21 '12 at 02:47
  • For information - **PDC** stands for **P**rimary **D**omain **C**ontroller. Some more details about domain machine clock synchronization - [How to change time source from “Local CMOS Clock” to “DC”](https://serverfault.com/q/451204/329172) – RBT Mar 15 '21 at 12:37

4 Answers4

3

The 'target account name' refers to the name of the computer you are connecting to.

Basically, you are attempting to call the server by a name which it does not recognise.

Things to check:

  • Can you connect to the server by IP address?
  • Is your computer resolving the name of the server to the correct IP?
  • And -- something else I've seen cause this issue (albeit with a Win2003 DC) -- check that the "TCP/IP NetBIOS Helper" service is running on the server.
StackzOfZtuff
  • 1,754
  • 12
  • 21
Adam Thompson
  • 587
  • 3
  • 12
  • 2
    The fact that target account was referring to the computer name, not the logon name that I was trying to use was a big help. But nothing else seemed to fix it until I read the comment from HopelessN00b above, and that pretty much explained everything. (If that had been an answer instead of a comment, I would have checked that answer.) So my problem was that I should have removed and re-added the target machine to the domain, not the machine I was working from (and the clocks had drifted too far apart.) – Dave Hanna Jul 21 '12 at 02:51
3

I just had this same problem. It was in fact that the time on the server was a couple hours out. Once I reset this all was fine again.

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940
purpleSHEEP
  • 41
  • 3
0

Running ipconfig /flushdns on both machines solved a similar problem for me.

sparrowt
  • 245
  • 2
  • 7
0

I had the exactly the same problem and I fix it by changing the time of the joining server hour to make the same with the DC server and change the user account I used to join the domain.

When I restart the machine it shows the message "The security database has no account for this workstation". to solve this problem I disjoin the server from the domain and it failed to join again.

I have two DC s-002a and s-004. s-002a is the main DC s-004 is the replica server from s-002a. I run the following command on the s-004 server to reset the server local account by stopping KDC on services.exe start power shell

netdom /s:s-004 /ud:domain.local\admin pd:/adminpassword

and then start KDC from services.exe go to the workstation you wan to join with the domain and execute the following command on power shell 

klist purge

no try to join with the domain it works for me.

kaleab Girma
  • 21
  • 1