The account is not authorized to login from this station

Windows 7 workstation on a Server 2010 domain, all of a sudden one computer is unable to access network shares on another client. Was receiving “The account is not authorized to login from this station” error messages.

Logged on to the computer hosting the share; the user was able to access its UNC locally just fine. Problem was with the remote computer.

There is a lot of confusion about this particular error, and a lot of arcane registry hacks, which should not have been necessary in this case since there was no new software installed or anything else that would have broken this mechanism.

In this case, and since it was limited to just one workstation, I tried to take the easy way out and deleted the computer object from AD and rejoined it to the domain. Problem seemed to be fixed, then reoccurred within an hour.

Once I started digging around the particular workstation in question, I noticed that the local router was dropping three different DNS servers to clients– one pointed to the DC, the others pointed externally. Correcting this fixed the problem temporarily as well.

When I tried accessing the share via UNC with an IP address instead of a hostname, it worked reliably and consistently. This is definitely an issue with name resolution, but I’m not sure at what point.

