Solved

Windows Server 2008 R2 User Profile Service Failed to Log On

Posted on 2010-09-10
6
7,663 Views
Last Modified: 2012-05-10
This is on a domain and is happening on a few of our servers... Any ideas? The accounts trying to log in are domain admins... my account (also a domain admin) does work, however.
0
Comment
Question by:Pugglewuggle
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 13

Expert Comment

by:George Sas
ID: 33649811
Please post a detailed error from the event log or the exact message you are receiving.
Some details about the domain configuration.
What servers are they trying to logon ? DC's ? Normal servers ? Can they log on on client machines ?
Do you have any GPO's affecting this systems ?
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 33650644
They are normal servers running exchange 2010.

The Exact error is:

"User Profile Service Failed to Log On"

The users can log onto client machines.
0
 
LVL 13

Expert Comment

by:George Sas
ID: 33650967
And nothing on the event log ?
You say you are an admin also and you are able to log on. Check the user group membership. Are you in a special group since you can logon and they can't ?
Are you running roaming profile ?
Still missing an answer to this questions :
Can they log on on client machines ?
Do you have any GPO's affecting this systems ? (thinking that you might have a GPO that will deny some privileges)
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 13

Expert Comment

by:George Sas
ID: 33650976
tried this ? :
To resolve this problem open yourself, follow these steps:

Right click Computer > Properties > Advanced system settings > Advanced tab > Under User Profiles, click Settings > In the User Profiles dialog box, select the profile that you want to delete > click Delete > Apply/OK.

Next open regedit and navigate to the following key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

Right-click the SID that you want to remove, and then click Delete.

Log on to the computer and create a new profile.
0
 
LVL 13

Expert Comment

by:George Sas
ID: 33650985
Also check if you have any SID's with .BAK at the end.
Delete them also.
0
 
LVL 12

Accepted Solution

by:
Pugglewuggle earned 0 total points
ID: 33673718
Okay, so I figured out the answer on this one:

There were some .SQM files for the Exchange management tools that gave everyone who tried to log on error 1509 in the event viewer:

Windows cannot copy file C:\Users\Default\AppData\Local\Microsoft\Exchange Server\V14\CmdletSqmData3776_100.sqm to location C:\Users\xxxxx\AppData\Local\Microsoft\Exchange Server\V14\CmdletSqmData3776_100.sqm. This error may be caused by network problems or insufficient security rights.

 DETAIL - Access is denied.

On the V14 directory I went into security>>advanced>>change permissions

1) checked "Replace all child object permissions..."
2) Added "LOCAL SERVICE" with full control to This folder, subfolders, and files

That fixed it! You have to do this on every server you're having this problem on. It must be an Exchange installer bug or something.

Cheers!
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
rds question 5 57
Blocking Microsoft Edge From Running? 14 140
LDAP Setup 6 65
Looking for a way to block an executable on one Terminal Server for all users 6 42
If you migrate a Terminal Server licenses server inside the 2008 server family, you can takte advantage of the build-in migration tool. If you like to migrate an older 2003 Server (and the installed client CALs) to a 2008 R2 server for example, you …
Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question