knobbylowboy
asked on
Outlook Anywhere rejects correct login and writes Event 4625 in Security log
Hi,
I have an issue where one of our users cannot login to his Exchange account. He is connecting via Outlook Anywhere and using the correct credentials, but his login is refused. In the security event log there are multiple event 4625 "an account failed to log on" errors. An example is attached. I have setup a test Outlook profile from another external location and that works fine for me. When I deliberately enter the wrong credentials in my test environment the 4625 error looks different! See Additional info below.
OS is SBS 2008. Exchange 2007 SP 2 Roll-up 2.
Any suggestions welcome!
I have an issue where one of our users cannot login to his Exchange account. He is connecting via Outlook Anywhere and using the correct credentials, but his login is refused. In the security event log there are multiple event 4625 "an account failed to log on" errors. An example is attached. I have setup a test Outlook profile from another external location and that works fine for me. When I deliberately enter the wrong credentials in my test environment the 4625 error looks different! See Additional info below.
OS is SBS 2008. Exchange 2007 SP 2 Roll-up 2.
Any suggestions welcome!
An account failed to log on.
Subject:
Security ID: NETWORK SERVICE
Account Name: SERVER$
Account Domain: MYDOMAIN
Logon ID: 0x3e4
Logon Type: 8
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: username_here
Account Domain: mydomain
Failure Information:
Failure Reason: Unknown user name or bad password.
Status: 0xc000006d
Sub Status: 0xc000006a
Process Information:
Caller Process ID: 0x2718
Caller Process Name: C:\Windows\System32\inetsrv\w3wp.exe
Network Information:
Workstation Name: SERVER
Source Network Address: xxx.xxx.xxx.xxx
Source Port: 50440
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
Is the user a member of a built in administrative group?
Could you check this setting here: http://alanhardisty.wordpress.com/2010/03/05/activesync-not-working-on-exchange-2010-when-inherit-permissions-not-set/
Does it work OK for other users?
Could you check this setting here: http://alanhardisty.wordpress.com/2010/03/05/activesync-not-working-on-exchange-2010-when-inherit-permissions-not-set/
Does it work OK for other users?
ASKER
They are a member of the Domain Admins & Enterprise Admins. It works fine for other users. And it works fine when I use his credentials in my test setup.
Can you check the blog post I posted above.
There is a known issue and this should help to resolve it.
There is a known issue and this should help to resolve it.
ASKER
Thanks demazter. I have followed the recommendations in the post; I removed him from any Admin roles, plus I checked the "Include Inheritable Permissions From This Object’s Parent" option.
He's on an airplane right now. Hopefully when he touches down we'll see an improvement! I'll let you know.
He's on an airplane right now. Hopefully when he touches down we'll see an improvement! I'll let you know.
maybe he is playing wid you by not entering the right password lol
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This is what the 4625 event looks like when I enter the wrong credentials intentionally in my working test environment.
Open in new window