Error message when you try to log on to a domain controller from a Windows Server 2008-based computer or from a Windows Vista-based computer: "Logon failure: Unknown username or bad password"

SYMPTOMS

Consider the following scenario:

You try to log on to a domain controller from a Windows Server 2008-based computer or from a Windows Vista-based computer.
The domain controller runs an operating system that is earlier than Windows Server 2008.

In this scenario, the logon is unsuccessful. Additionally, you receive the following error message:

Logon failure: Unknown username or bad password

This issue occurs if the following account options are turned on in the properties of the user account:

To work around this issue, turn off the account options. To do this, follow these steps:

On the domain controller, click Start, point to Administrative Tools, and then click Active Directory Users and Computers.
Expand your domain, and then click Users.
In the details pane, right-click the user account name that you used to log on to the domain controller, and then click Properties.
Click the Account tab, and then click to clear the following check boxes in the Account options list:
- Use Kerberos DES encryption types for this account
- Do not require Kerberos preauthentication
Click Apply, and then click OK.
Exit the Active Directory Users and Computers snap-in.
Verify that you can successfully log on to the domain controller.