Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Windows Server 2008 R2 User Profile Service Failed to Log On

Posted on 2010-09-10
6
Medium Priority
?
8,027 Views
Last Modified: 2012-05-10
This is on a domain and is happening on a few of our servers... Any ideas? The accounts trying to log in are domain admins... my account (also a domain admin) does work, however.
0
Comment
Question by:Pugglewuggle
  • 4
  • 2
6 Comments
 
LVL 13

Expert Comment

by:George Sas
ID: 33649811
Please post a detailed error from the event log or the exact message you are receiving.
Some details about the domain configuration.
What servers are they trying to logon ? DC's ? Normal servers ? Can they log on on client machines ?
Do you have any GPO's affecting this systems ?
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 33650644
They are normal servers running exchange 2010.

The Exact error is:

"User Profile Service Failed to Log On"

The users can log onto client machines.
0
 
LVL 13

Expert Comment

by:George Sas
ID: 33650967
And nothing on the event log ?
You say you are an admin also and you are able to log on. Check the user group membership. Are you in a special group since you can logon and they can't ?
Are you running roaming profile ?
Still missing an answer to this questions :
Can they log on on client machines ?
Do you have any GPO's affecting this systems ? (thinking that you might have a GPO that will deny some privileges)
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
LVL 13

Expert Comment

by:George Sas
ID: 33650976
tried this ? :
To resolve this problem open yourself, follow these steps:

Right click Computer > Properties > Advanced system settings > Advanced tab > Under User Profiles, click Settings > In the User Profiles dialog box, select the profile that you want to delete > click Delete > Apply/OK.

Next open regedit and navigate to the following key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

Right-click the SID that you want to remove, and then click Delete.

Log on to the computer and create a new profile.
0
 
LVL 13

Expert Comment

by:George Sas
ID: 33650985
Also check if you have any SID's with .BAK at the end.
Delete them also.
0
 
LVL 12

Accepted Solution

by:
Pugglewuggle earned 0 total points
ID: 33673718
Okay, so I figured out the answer on this one:

There were some .SQM files for the Exchange management tools that gave everyone who tried to log on error 1509 in the event viewer:

Windows cannot copy file C:\Users\Default\AppData\Local\Microsoft\Exchange Server\V14\CmdletSqmData3776_100.sqm to location C:\Users\xxxxx\AppData\Local\Microsoft\Exchange Server\V14\CmdletSqmData3776_100.sqm. This error may be caused by network problems or insufficient security rights.

 DETAIL - Access is denied.

On the V14 directory I went into security>>advanced>>change permissions

1) checked "Replace all child object permissions..."
2) Added "LOCAL SERVICE" with full control to This folder, subfolders, and files

That fixed it! You have to do this on every server you're having this problem on. It must be an Exchange installer bug or something.

Cheers!
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A procedure for exporting installed hotfix details of remote computers using powershell
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question