User can not surf over ISA2004 as Proxy-Server

One of our users is not able to surf over our ISA2004-Server which is configured as internal proxy-server. When the user starts the Internet-Explorer, he is prompted to enter username and password. Normally the username/password is automatically transfered to the isa-server. When the user enters the correct username and password, the isa-server does not accept them.

If I enter the credentilas of another user on the same computer, everything works fine.

In the securitylog of the ISA-Server the following event is logged:

Ereignistyp:      Fehlerüberw.
Ereignisquelle:      Security
Ereigniskategorie:      An-/Abmeldung
Ereigniskennung:      529
Datum:            20.11.2008
Zeit:            15:10:30
Benutzer:            NT-AUTORITÄT\SYSTEM
Computer:      SERVER-PROXY
Fehlgeschlagene Anmeldung:
       Grund:            Unbekannter Benutzername oder falsches Kennwort (unknown username and password)
       Benutzername:      `F+ 
       Domäne:            lra-deg.local
       Anmeldetyp:      3
       Anmeldevorgang:      Advapi  
       Authentifizierungspaket:      Negotiate
       Name der Arbeitsstation:      SERVER-PROXY
       Aufruferbenutzername:      NETZWERKDIENST
       Aufruferdomäne:      NT-AUTORITÄT
       Aufruferanmeldekennung:      (0x0,0x3E4)
       Aufruferprozesskennung:      2332
       Übertragene Dienste:      -
       Quellnetzwerkadresse:      -
       Quellport:      -

It seems like the username and password are not transfered to the isa-server correctly.

Only one user in our network has this problem. We already reinstalled the pc the user uses without success.

What can be the reason for this authentication problem ?

Kind regards,


Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Keith AlabasterEnterprise ArchitectCommented:
A couple of possibilities.

1. the user account is not in the allowed AD group
2. the user is also in a denied group

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Stephane OtisActive Directory AdministratorCommented:
I'm having the exact same problem here, first saw this last summer.
Now it keeps happening at random time for some users.

The username seems to be corrupted while passed to the ISA Server.

ISA Server 2004, SP3, 4.0.2167.887

I've attached a screenshot of the EventID 529.

This is also happening on a Windows 2003 Terminal Server, Internet Explorer 7, with ISA Client 4.0.3442.654).

As a workaround, a group have been created that can bypass the ISA and it works, but I really need to have authentication working for the few user having the problem.  It seems to be intermittent.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Forefront ISA Server

From novice to tech pro — start learning today.