We have a domain served by some Windows 2003 servers.
We have several Windows 7 Pro clients.
ONE client computer can't acces ONE member Windows 2003 server.
The other computers can acces every servers. And the same computer can access other servers.
With explorer, the message says the account is no activated.
With the command line, the message says the account is locked.
With commande line :
net use X: \\server\share
--> several seconds delay, then error (says the account is locked)
net use X: \\server\share /USER:current_username
--> okay
net use X: \\server\share /USER:domain_name\current_username
--> okay
From the same computer, the user can access other servers. From another computer, the same user can access any server, including the one denied from the original computer.
Aleady done :
unjoin then join the cilent from the domain.
check the logs on the server : nothing about the failed attempts (?!)
Is their any user mapping I'm not aware of ?
Sounds like tokens aren't being issued at logon. Are you sure that there isn't a connectivity or AD issue with that machine? I suspect you're logging in with cached credentials and aren't actually authenticating against a DC from that one machine.
klist.exewill show you if you have any Kerberos tickets. You should disconnect any manually mapped drives, reboot the machine, log in, and runklistand see if there is anything there. At a minimum, there should be ldap ticket from the DC that authenticated you. If that's missing, it was probably a cached logon. You can try unjoining and rejoining the computer to the domain and seeing if that helps. Also, verify that the clock skew is no greater than 5 minutes from the rest of the domain.I just had a similar problem.
It was related to an entry into Credential Manager into the Control Panel.
The Credential Manager allow to define which user access to which server. So it may help you.