Discussion:
username\domain vs username@domain
(too old to reply)
Guitar Dude
2008-07-16 18:14:03 UTC
Permalink
In the last couple of weeks, services on some of my Windows 2003 servers
have been failing.
If I change username\domain to ***@domain, they start and stay running.

Is anyone aware of articles discussing the difference between using
username\domain and ***@domain?
Ace Fekay [MVP]
2008-07-17 04:40:11 UTC
Permalink
Post by Guitar Dude
In the last couple of weeks, services on some of my Windows 2003
servers have been failing.
Is anyone aware of articles discussing the difference between using
Is it ***@domain or ***@domain.com or ***@domain.net, etc? You posted a
single label name, which is highly problematic with an AD domain and must be
fixed or expect numerous other problems.

As for the differences, the domain\username (you posted it backwards and may
be the whole issue) is the legacy NetBIOS method, whereas the
***@domain.com is what we call the UPN (Universal Principal Name), which is
purely DNS based. An application must support this method (such as AD aware
apps, and others), otherwise, you will have to revert to the legacy method.
--
Regards,
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
MVP Microsoft MVP - Directory Services
Microsoft Certified Trainer

For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Infinite Diversities in Infinite Combinations
Guitar Dude
2008-07-17 14:06:03 UTC
Permalink
So the UPN would be ***@domain.local

Thank you for correcting me. Yes, I am using domain\username
Now that I understand this to be NetBIOS name, it seems there is some
NetBIOS flakiness in my network.

Do you know if NetBIOSname\username require a WINS server in the environment?
Post by Ace Fekay [MVP]
Post by Guitar Dude
In the last couple of weeks, services on some of my Windows 2003
servers have been failing.
Is anyone aware of articles discussing the difference between using
single label name, which is highly problematic with an AD domain and must be
fixed or expect numerous other problems.
As for the differences, the domain\username (you posted it backwards and may
be the whole issue) is the legacy NetBIOS method, whereas the
purely DNS based. An application must support this method (such as AD aware
apps, and others), otherwise, you will have to revert to the legacy method.
--
Regards,
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
MVP Microsoft MVP - Directory Services
Microsoft Certified Trainer
For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Infinite Diversities in Infinite Combinations
Ace Fekay [MVP]
2008-07-18 04:55:01 UTC
Permalink
Post by Guitar Dude
Thank you for correcting me. Yes, I am using domain\username
Now that I understand this to be NetBIOS name, it seems there is some
NetBIOS flakiness in my network.
Do you know if NetBIOSname\username require a WINS server in the environment?
Depends on your infrastructure. In a multi-subnetted environment, yes. In a
single subnet, no, not really. It will use broadcast.

Can you define "flakiness?"

Ace
Guitar Dude
2008-07-18 13:38:02 UTC
Permalink
Flakiness - Services, including SQL Server and Windows SharePoint Services
Search, Timer, etc are not consistently starting when a server is rebooted.
These services are set to log on as domain accounts. Sometimes they do
start, but most of the time they do not. Services set to Log On As Local and
Network Service start fine.

When I manually try to start the service, I put in the same password as I
did yesterday and the service starts. It is as if the server is not
remembering service log on passwords.

I was hoping that this behavior was constrained to NetBIOSname\username, but
now I've demostrated that this is also happening to services with log on
accounts set up as ***@domain.local.

One path I am lookin down is researching the order things start on the
server. I'd like to find out if these services are trying to start before
the server has established connectivity to a domain controller.
Guitar Dude
2008-07-18 14:48:37 UTC
Permalink
It looks like this is a Group Policy - Local Security Setting - Local Policy
- User Rights Assignment - Log on as a service issue.

I am going to add these accounts overnight and post my results!
Ace Fekay [MVP]
2008-07-19 04:32:45 UTC
Permalink
Post by Guitar Dude
It looks like this is a Group Policy - Local Security Setting - Local
Policy - User Rights Assignment - Log on as a service issue.
I am going to add these accounts overnight and post my results!
Was something in the GPOs changed regarding this setting or any other
setting? Restrict Anonymous changed? Is this a DC?

Ace

Loading...