When trying to open ADUC "the target principal name is incorrect"

[Molenski]

Hi there.

We have a small LAN with about 10 workstations, a W2k3 application server and a W2k DC. They have been having a few problems which became worse today...users now cannot logon through AD and the error message above is what I get when trying to open ADUC.

I've been d1cking about most of the day trying to fix this and have run netdiag /q which gives me the result, 'cannot call dsbind to XXX (sec_e_wrong_principal)'. When I run net diag /test:dns /debug this appears OK.

I've followed a lot of the guides on the net which have involved stopping and starting various services, rebooting and checking DNS which looks fine. I also tried to promote the second server to a DC but this obviously wasn't going to work as neither machines can contact the domain.

When I attempt to run dcdiag I also get the error LDAP bind failed with error 31.

I'm almost at the stage where I'm going to dcpromo /forceremoval (if it'll let me!) and then reinstall AD meaing that I'm going to have to reintroduce users machines etc. I really don' want to do that. Has anybody got any suggestion? Bear in mind that this is a single DC.

Ta in advance.

 

[TechyMcSe2k]

What followed: LDAP bind failed with error 31?
Are there any hardware issues that you know of?


_______________________________________
I hope any help I give leads to great successes.
MCSE, MCSA, MCTS, CCA, VCP, CCNA

 

[TechyMcSe2k]

Try performing a disk check on the DC.


_______________________________________
I hope any help I give leads to great successes.
MCSE, MCSA, MCTS, CCA, VCP, CCNA

 

[North323]

can you log in to the DC? what does the event logs say? does it replicate with the w2k3 box? are you able to log in with the application stopped?

 

[North323]

did you read this?

http://support.microsoft.com/default.aspx?scid=kb;en-us;328917

 

[Molenski]

Hi to both of you, thanks for getting back. The LAN I've been talking about is at a remote location and not accessible from here so I'll do my best to reply without being in from of the server.

Techy, no, no hardware issues that I know of; the event logs were clear of any hardware related issues. I'll run a diskcheck tomorrow and see how that goes. As for What followed: LDAP bind failed with error 31? - again, I'm not 100% sure but as I said it was when I attempted to run 'dcdiag'...I'll check again tom.

North, I can logon to DC OK, the event logs contatin mainly Usernv/DNS events which I guess are related to AD/DNS not functioning correctly. It doesn't replicate with the 2k3 box as the 2k3 box is an apps server. I can logon to both machines, ping by name etc...whenever I try to open Active Directory I get 'The target principal name is incorrect'. Like I said, DNS seems to check out fine both when I look through the database and running the netdiag /test:dns /debug test. I can map a drive from DC to apps server but receive a permissions error the other way round. The link you sent me, I'm not sure how that's relevant?

Anyhow, thanks for getting back to me; if anything else occurs, please let me know. I'm back up there tomorrow to have another crack and may end up just removing and reinstalling AD!