Solved

Windows 2008 - Denied Access to login TS some times, but this happen only with Domain users.

Posted on 2014-11-27
6
113 Views
Last Modified: 2014-12-31
Windows 2008 - Denied Access to login TS some times, but this happen only with Domain users.

If I try login on TS using a local user it's works.

Is not a problem with a permissions, because if I wait couples minutes, the login to Domain users works.
0
Comment
Question by:fcmelo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 2

Expert Comment

by:Jon Sverrisson
ID: 40469000
Do domain users logging into TS use only their username or domain\username?
Jon
0
 

Author Comment

by:fcmelo
ID: 40469236
I use domain\username, the problem is not the username, because some times it works.
0
 
LVL 10

Expert Comment

by:Walter Padrón
ID: 40469472
What is the exact error message?
Seems to be a Kerberos authentication issue. Do you have more than one DC?

Best regards
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Accepted Solution

by:
fcmelo earned 0 total points
ID: 40487206
Hello Walter, the error message is "Access Denied".

I make a test logging with a local user and it is works.

I think that is a problem with a DC communication, I put the name of the DC on Hosts file.

The problem not happen suddenly, so, I need wait some days for know if the problem is resolved or not.
0
 
LVL 10

Expert Comment

by:Walter Padrón
ID: 40487333
You must check the DNS zone _msdcs.yourdomain.com for staled or wrong records pointing to non-existing DCs, do the same in your domainname.com zone for NS records.

You can also must restart the KDC (Kerberos Key Distribution Center) on every domain controller.
0
 

Author Closing Comment

by:fcmelo
ID: 40525155
I put the name of the DC on Hosts files and it works.
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question