The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon. The Logon Type field indicates the kind of logon that was requested.
The most common types are 2 interactive and 3 network. The Process Information fields indicate which account and process on the system requested the logon. The Network Information fields indicate where a remote logon request originated.
Workstation name is not always available and may be left blank in some cases. The authentication information fields provide detailed information about this specific logon request. This may result in authentication failures or downgrades to NTLM. Locate the duplicate SPN and remove it. In this example, the duplicate name is r2spn Apply this hotfix only to systems that are experiencing this specific problem.
This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix. If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.
Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix.
For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:. If you do not see your language, it is because a hotfix is not available for that language.
Hotfix replacement information This hotfix does not replace any other hotfixes. When you install the hotfix, an updated version of the Userinit. The System. When you do this, the following registry subkey is configured:.
File informationThe English version of this hotfix has the file attributes or later file attributes that are listed in the following table. When you view the file information, it is converted to local time.
Click Start , click Run , type ncpa. In the Domain Suffix field, type the domain name that you want to add, and then click Add. Also check the workstations for any event log entries which might imply difficulty talking to the DC any DC, not just the one you think they are authenticating against. My guess is something is up with the profiles. You said it's random, what do you do, just keep rebooting until it let's you in? Just meant that there were 4 workstations in this area with the same GPO.
They've been used daily for months with no issues. It actually never allows the user that needs access in. It only allows local administrator or the domain administrator access. I've rebooted the DC. I've done system restores on the two workstations but to no avail. You said you can login using the domain admin account, add another user from the domain one that has never been on this machine and see if it will login properly. Maybe the users in question have that applied? I guess my question is why would this have changed?
That was the random statement. Our GPO is the same for all workstations. And we have no problems with any other machines. Some security update that was applied and never rebooted after maybe? As a test maybe add domain users to the local administrators group and see if they can log in then.
That will tell you if it's a local policy thing. Not sure if you tried this but I would dis-join and delete the computer object in AD and then re-rejoin. So basically somehow the workstations got kicked out of the group they were in and needed to be re-added in order for their specific login to work per the group policy.
This is the watered down version of what happened, but I appreciate all the help and now know way more than I had before working on this.
0コメント