Solved

Authentication issue when user logs on to terminal server 2003

Posted on 2008-06-12
6
182 Views
Last Modified: 2010-03-17
We currenly have an authentication issue which is only affecting 2 terminal server users out of about 30.  When the user attempts to log on to terminal server 2003 an error message is displayed stating that the password or username incorrect.  Sometimes on the second or third attempt the user is able to log in ok.  Other times after 3 failed attempts the user account will lock out and need to be unlocked before attempting to log on again.  This can vary from one fail up to 7 or more.  

I have looked at the users account settings and them seem to be the same as other users who are not having issues.  

Active directory is installed on 2 servers.  In active directory Sites and Services under 'servers' there is a total of 3 servers listed.  The first 2 have NTDS settings refering to each other which seems to be correct.  The third server that is listed in the terminal server which has no NTDS settings attached to it and is not a domain controler.  Should the terminal server even be listed here ? If not how would it get there ?.  Not sure if this configuration could have somehting to do with the authentication issue.


0
Comment
Question by:fellsider
  • 3
  • 3
6 Comments
 
LVL 11

Accepted Solution

by:
Forrest Burris earned 500 total points
ID: 21769594
That's really odd. The TS shouldn't be in that list. Delete it and reboot the TS. Sounds like it's trying to poll it's own active directory catalogue that doesn't exist on the TS. It should be connected as a member server only with no replication.
0
 

Author Comment

by:fellsider
ID: 21769732
So does this mean it is safe to delete the entry ?  we were worried that it might stop terminal server from working if we did this.  Is there any reason why it would be able to add itself here as no one has ever entered it.  It just seems to have appeared there by itself.

I will set the server to reboot tonight and see if it has resolved the issue in the morning.
0
 
LVL 11

Assisted Solution

by:Forrest Burris
Forrest Burris earned 500 total points
ID: 21769845
I checked a few companies that we have separate TS servers at and none of them are in the AD Sites list. That is reserved for Primary Domain Controllers and their replication servers (formerly BDCs). It should be safe to delete and then retest after reboot in the morning.
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:fellsider
ID: 21777859
The issue seemed to have resolved itself this morning but now the same thing is still happening to the user.  I have checked the sites and services list and TS is still no longer listed there.

This started again when the user moved to use a differant terminal.  By reseting the password in active directory this seems to allow the user to log on streight away but the same thing will happen again at the next login.
0
 
LVL 11

Expert Comment

by:Forrest Burris
ID: 21778901
Sorry to ask the obvious, but you're positive this isn't a user error? IE: Caps lock was left on? You have tried to login as this user yourself typing the password very slowly and accurately?
0
 

Author Comment

by:fellsider
ID: 21820590
Your solution has sorted the issue.

The other reason for the password not being incorrect was an issue with the firmware version on some terminals.  If you tabbed down to the password box capitals would not work unless you clicked in the box with the mouse cursor.  

thanks
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

943 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now