Active Directory Replication failed with “Target principal name is incorrect”

Active Directory Replication failed with “Target principal name is incorrect”

If you have issue with the computer account of the domain controller then you may receive target principal name is incorrect or access denied error while the time of replication

To check the computer account run the below command from affected domain controller where you receive the error

net view \\DC Name

or

net use \\DC Name

If you receive access denied error then it’s confirm computer account issue, to resolve this issue, you have to reset the computer account, reset the secure channels between these domain controllers and the PDC

Run the below command to reset the computer account,

Before running this command, disables the Kerberos Key Distribution Center service (KDC).

And this command should be run from the domain controller in which you are going to reset the password, server_name should be PDC or the replication partner

netdom resetpwd /server:server_name /userd:domain_nameadministrator /passwordd:administrator_password

More info: http://support.microsoft.com/kb/288167

Related posts:

How to check Active directory replication for multiple Domain Controllers Force active directory replication(Force AD replication) Sync replication with all of its replication partners Sync the Active Directory replication between two domain controllers To check the list of Users Group Membership