Fix “Logon Failure: The Target Account Name is Incorrect” Error
A few things you can try
When trying to logon to the domain from a client PC, I recently got the following error message in Windows:
What was strange was that it was only occurring for one particular user account in Active Directory and not other accounts. When I tried a different account, I was able to log onto the server.
You may also receive this error message in other situations, such as when you type the UNC path to a share in Windows Explorer. If you are getting the Logon Failure message, here are a few things you can try to solve the problem.
Method 1 – Reset Machine Account Passwords using Netdom.exe
You can run the Netdom command on the domain controller that is responsible for accepting login requests from the PC you are having trouble with.
First, you need to install the Windows Server Support Tools from the CD-ROM. Once installed, you have to stop theKerberos Key Distribution Centerservice and set theStartup TypetoManual.
Then restart the server and open a command prompt. You have to restart in order to remove the Kerberos ticket cache. You can also remove this by using the KLIST or KerbTray tools.
Finally, type in the following command at the command prompt:
The/s:serveris the name of another domain controller in which the KDC service is running. That server will be used for setting the machine account password.
The other two parameters are simply the username and password for a domain administrator account.
Note that this method basically is fixing a problem with replication between two domain controllers. Sometimes replication can fail because the secret password between the domain controllers gets out of sync.
Make sure replication between your domain controllers is actually working!
Method 2 – Fully Qualified Domain Name
Sometimes, depending on how your DNS is setup on the server, you may have to use the fully qualified domain name (FQDN) of the server rather than just the server name.
So if you are trying to access a network share using a UNC path name or in a logon script, try usingservername.domain.lanand it might end up working fine.
If this works, you can change the DNS settings so you don’t have to use a FQDN by going to the DNS settings underAdvanced TCP/IP Settingswhen you go to thePropertiesfor the Network card.
Make sure that the DNS suffix specified in theAppend these DNS suffixes (in order)box is correct.
Method 3 – Delete Old Computer Account
Another reason you can get the “target account name is incorrect” error is if a domain controller was recently migrated from a parent domain to a child domain.
In this case, the old computer account for the domain controller may still exist in the child domain. All you would have to do is delete the account from the parent domain and you would be good to go.
Another way to fix it is to remove the server from the domain and rejoin it back to the domain so that the computer account gets reset.
Those are pretty much all the reasons I’ve ever seen for this error, so if you are still having problem with Logon Failure, post a comment here and I’ll try to help! Enjoy!
Founder of Help Desk Geek and managing editor. He began blogging in 2007 and quit his job in 2010 to blog full-time. He has over 15 years of industry experience in IT and holds several technical certifications.Read Aseem’s Full Bio
Welcome to Help Desk Geek- a blog full of tech tips from trusted tech experts. We have thousands of articles and guides to help you troubleshoot any issue. Our articles have been read over 150 million times since we launched in 2008.
HomeAbout UsEditorial StandardsContact UsTerms of Use
Copyright © 2008-2024 Help Desk Geek.com, LLC All Rights Reserved
