User can not surf over ISA2004 as Proxy-Server

Posted on 2008-11-20
Medium Priority
Last Modified: 2012-05-05
One of our users is not able to surf over our ISA2004-Server which is configured as internal proxy-server. When the user starts the Internet-Explorer, he is prompted to enter username and password. Normally the username/password is automatically transfered to the isa-server. When the user enters the correct username and password, the isa-server does not accept them.

If I enter the credentilas of another user on the same computer, everything works fine.

In the securitylog of the ISA-Server the following event is logged:

Ereignistyp:      Fehlerüberw.
Ereignisquelle:      Security
Ereigniskategorie:      An-/Abmeldung
Ereigniskennung:      529
Datum:            20.11.2008
Zeit:            15:10:30
Benutzer:            NT-AUTORITÄT\SYSTEM
Computer:      SERVER-PROXY
Fehlgeschlagene Anmeldung:
       Grund:            Unbekannter Benutzername oder falsches Kennwort (unknown username and password)
       Benutzername:      `F+ 
       Domäne:            lra-deg.local
       Anmeldetyp:      3
       Anmeldevorgang:      Advapi  
       Authentifizierungspaket:      Negotiate
       Name der Arbeitsstation:      SERVER-PROXY
       Aufruferbenutzername:      NETZWERKDIENST
       Aufruferdomäne:      NT-AUTORITÄT
       Aufruferanmeldekennung:      (0x0,0x3E4)
       Aufruferprozesskennung:      2332
       Übertragene Dienste:      -
       Quellnetzwerkadresse:      -
       Quellport:      -

It seems like the username and password are not transfered to the isa-server correctly.

Only one user in our network has this problem. We already reinstalled the pc the user uses without success.

What can be the reason for this authentication problem ?

Kind regards,


Question by:schedlbauerm
LVL 51

Accepted Solution

Keith Alabaster earned 2000 total points
ID: 23017329
A couple of possibilities.

1. the user account is not in the allowed AD group
2. the user is also in a denied group


Expert Comment

ID: 23161312
I'm having the exact same problem here, first saw this last summer.
Now it keeps happening at random time for some users.

The username seems to be corrupted while passed to the ISA Server.

ISA Server 2004, SP3, 4.0.2167.887

I've attached a screenshot of the EventID 529.

This is also happening on a Windows 2003 Terminal Server, Internet Explorer 7, with ISA Client 4.0.3442.654).

As a workaround, a group have been created that can bypass the ISA and it works, but I really need to have authentication working for the few user having the problem.  It seems to be intermittent.


Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft has released remote PowerShell capabilities to all commercial Office 365 customers. So you can be controlled via PowerShell and not from the Office 365 admin center Download Windows PowerShell Module for Lync Online http://www.micros…
This is a fairly complicated script that will install the required prerequisites to install SCCM 2012 R2 on a server.  It was designed under the functional model in order to compartmentalize each step required, reducing the overall complexity.  The …
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
Suggested Courses
Course of the Month13 days, 9 hours left to enroll

750 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question