The Security System detected an authentication error

Last week I came across a weird problem.

I wasn’t able to connect to a share on a remote server using it’s IP Address in the UNC path, but had no problem at all using it’s NetBIOS name or it’s FQDN.

I took a look at the event log and saw these 2 event entries:

Event Properties 40960 Event Properties 14

A quick Google search got me here, and there it reads:

Stored User Names and Passwords is a feature of Microsoft Windows XP and the Windows Server 2003 family that stores user names and passwords for servers. This allows a user to connect to servers using user names and passwords that are different than those used to log on to the network. The user can store these for later reuse.

So I opened up the Stored User Names and Passwords applet, happy to see an entry saved in the Credentials Manager that had my “problematic” IP Address:

Stored User Names and Passwords

Removed that entry…

Stored User Names and Passwords

and voila! I can access the server again!

The Stored User Names and Passwords interface is accessible from the Control Panel -> User Accounts applet (on Windows XP) or Control Panel -> Stored User Names and Passwords applet (on Windows 2003 Server). Also, you can run it using any of the two command lines:

rundll32.exe keymgr.dll,KRShowKeyMgr


control keymgr.dll

Since this was such a simple solution to such an annoying problem, I thought I’d share.