Win 8.1 domain logon issue

Similar Messages

• Business Management Error: You are attempting to create a user with a domain logon that does not exist. Select another domain logon and try again.

  Hello,
  Suddenly the working CRM is being stopped for some group of users.
  I drilled down to the issue and have checked that the users from Domain in which CRM is installed are having CRM access.
  But for other domain user having problem to access CRM.
  I tried to add a user from a domain which is not of CRM domain then it gives following error.
  "Business Management Error: You are attempting to create a user with a domain logon that does not exist. Select another domain logon and try again.
  <Message>LookupAccountNameW failed with error</Message> "
  The change is made - AD group have upgraded Activer Directory server to 2012 R2
  Please help as the Production CRM is not working for other domain user.

  We have Activer Directory Structure like below.
  One Root Domain says A
  and there are multiple child domain like B,C,D etc...
  B,C and D are all in same level,they are child of A domain.
  There are two way transitive trusts between A and all the child Domain.
  But there is no trust in between B and C and so on.
  Our CRM server is in B domain and B domain's user can access CRM but users of Domain C,D and so on can not access CRM.
  If this post answers your question, please click &quot;Mark As Answer&quot; on the post and &quot;Mark as Helpful&quot;

• Leap and windows domain logon

  I'm doing some test with an Air 1200 and some 352 Pc card for one of our customers.
  With ACU ver. 4.25.23, I enabled LEAP authentication using the windows user name and password.
  Leap authentication is successful, while windows domain logon not.
  Not to say using a "normal" NIC that logon succeed.
  Sniffing the packets that come out the AP, it seems the domain logon happens... I see the requests/answers between my client and the domain controller...
  However, after canceling the windows domain logon I have normal connectivity with the entire network.
  Someone experienced that? Any help will be greatly appreciated.
  Antonio Tassone

  Sure.
  My attempts to logon in a windows domain using the same user/password for LEAP authentication and windows logon were unsuccessful (either using Win9x or Win NT/2000 on the client), indeed the login dialog box was stuck in something like "searching primary domain controller" or similar (I'm sorry but it's been some month ago).
  Looking the Radius server log, I found an error like " xxxxx DLL rejected".
  Searching the Cisco web site and the forums for that error, I read the advice to make the authentication services on the NT server to run with the privileges of one of the Windows Domain Administrator accounts.
  Following that advice, and with some other tweaking explained in the document I read, I reached my goal.
  I regret I can't be more precise.
  Regards.

• Slow window domain logon over ezvpn netw ext mode tunnel

  I have 4 branch offices connected to a central EZVPN server in network extension mode.
  tunnels are working correctly but domain logon is extremely low (often more than 10 minutes).
  Do you think it could be a fragmentation issue?
  If it is, do you know any way to solve it?
  The errors reported are in windows XP system logs are the following:
       System     > LSASRV 40961 no secure connection with server, no authentication protocol available
       Application> usernv 1030
       Application> usernv 1006
  Thanks
  Johnny

  Hi
  I am in exactly the same situation with the ASA 5510 running security plus license, version 8.0(5) 512 MB RAM
  going to try to upgrade the IOS tonight and upgrade the RAM to 1GB to take it up to version 9 will let you know if it helps,
  cureently download speeds are very bad aroudn 14MB where as uploads are around 96 MB

• Windows 8.1 Group Policy to Force Domain Logon as Default?

  I recently purchased a new Windows 8.1 computer for use in our organization.  The default logon option for the device is for a Microsoft Account (the default username field prompt is for an e-mail address, rather than for a username.)  However,
  I would prefer that the default logon option be for a Windows domain account logon, so that users don't have to click the "Sign-in options" link and select "Local or domain account password" each time they need to log onto the computer.
  I have learned that setting the "Interactive logon:  Do not display last user name"
  policy (located under Computer Configuration / Policies / Windows Settings / Security Settings / Local Policies / Security Options) to
  Disabled allows the domain logon option to be retained across sessions.  However, I would prefer to keep this option set to Enabled so that the previous user name is not displayed.
  Does anyone have any suggestions on how the default logon option can be forced to a domain logon, while still suppressing the display of the last username?

  Hi Arowitv,
  According to your description, we can use the following policy to check the result.
  Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options:
  Accounts: Block Microsoft accounts
  Click this option, and select" Users can't add or log on with Microsoft account"
  Note: Selecting this option might make it impossible for an existing administrator on this computer to log on and manage the system.
  Computer Configuration\Administrative Templates\System\Logon :Assign default domain for logon
  Set the option to Enabled, and add the Default Logon domain.
  Hope this helps.
  Regards,
  Kelvin Xu
  TechNet Community Support

• Configure Windows Domain Logon on Airport Express

  The question is... How can I configure Windows Domain Logon data on an Airport Express so it connects automatically without asking each of my other devices for login credentials?
  I use my Airport Express at work connecting it through ethernet, and the network uses Windows Domain credemtials to login, that is user, password and domain server. I have all data needed, this is, static IP, Gateway, DNS, user, password, etc., but I haven't found how to do this inside de Airport Express so I configure just one device instead of 3 or more.
  I have tryed configuring the Airport Express as PPPoE, but that's not the solution for this problem.
  Thanks in advance for the answer.

  Your wireless Netgear router and AirPort Express Base Station (AX) are pretty much useless if you don't have wireless capability for your Dell desktop. The AX uses AirTunes to receive, wirelessly, iTunes from your desktop.
  Just add a wireless card to your Dell and you should be in good shape. In fact, once you go wireless, you can return the Netgear router as your AX will provide Internet connectivity, stream iTunes, and share a USB printer.

• Domain Logon fails using wireless LAN

  Hi Sir,
  I am setting up an ACS server to authenticate the wireless LAN users using PEAP MS-CHAPv2for one of my existing customer. They need to login to domain whenever they need to access to the network
  On the wireless client's end, the OS is Xp and the client will use Windows XP wireless zero configuration. I have put in the necessary setting in order for it to support PEAP. I managed to get authenticated by checking against the passed authentications log found in the ACS.
  However, the problem happens when I tried to reboot the desktop and Domain Logon appears, I was not able to logon to the Domain. I think I know the cause of the problem. It was because the wireless card is not authencated yet prior to the Domain logon screen.
  How can I connect to the wireless network prior to the appearance of the Domain logon windows. There is no options for me to try in the XP wireless zero configuration to activate the wireless LAN before the Domain Logon windows comes out.
  Thank you.
  Delon

  Even if still it does not work, ensure the following:
  1) Change the logon credentials for the ACS services to use a domain administrator account. Often times the local member server administrator account does not have any rights on the AD.
  a. Ensure the ACS services start with the Domain Administrator account.
  b. Ensure you are able to log in to the server using this Domain Administrator account .
  c. Ensure the Domain Administrator account (or the account with which the services start) have privileges to log on locally, Log on as a service and Act as part of the operating system.
  2) Ensure the FQDN of all domain controllers is added to the DNS names.

• Kerberos - Multiple Domain logon using MS Acitve Directory (AS JAVA 7.0)

  I tried to find document/steps to configure the UME LDAP data source in AS JAVA 7.0 to support multi-domains in a domain forest. Our multiple domains have bi-directionaly trust.
  Based on note 994791, the video/demo only shows you how to configure this by creating one J2ee server user in each domain. Then, add data source in the UME xml file for each domain. However, in the note, it also mentioned that for a domain forest, you don't need to do this. You only need to use one j2ee server user. But it didn't provide demo / video / steps in terms of how to implement it - especially how to configure the UME in this scenario.
  (I have successfully configured the system to SSO to one single domain.)

  With help from Holger Bruchelt (who created blogs - Configuring and troubleshooting SPNego -- Part 1,2,3), our multiple domain logon under a global catalog is working. Use note 762419 for reference. Make sure the Java service user account you created can see users in other domain. Make sure the path you use in UME is at the top level that include all the domains. Make sure the port you use is the global port to have read-only right to all domains.

• Drill down functionality logon issue.

  Hi Experts,
  Recently we implemented SAP NW04s EP 7.0 and SAP BW.
  We are following SAP logon tickets mechanism. We created a System Object in Portal to display the BW reports on the Portal.
  Users can logon to the Port6al and access the BW iViews and execute the BW reports properly. All the functionalities are working fine except for the BW Drill down fucntionality. When the users logon to the portal with their UserId and Password they can execute the normal BW Reports. But when the users drilldown the report it is asking to enter BW System User id and Password again.
  This logon issue happening for only BW Drilldown reports created either with local  BW system Or source systems R/3, CRM etc..
  The portal certificates were imported properly on the BW system in the cert list, ACL list, profile parameters are specified correctly.
  Regards
  Ravi

  Hello Ravi,
  Am not sure if this will work but you can try resetting the BW password.
  We have faced an issue on similar lines which got resolved by resetting backend system password.
  Let me know what happens.
  Regards,
  Ritu

• WMS2011 Domain Logon / Network Issues

  We have recently installed 3 MS6200 Series HP MultiPoint Servers for a school and we are having a sporadic problem with one or more of the servers losing connectivity with the domain, preventing users from loggin on to the clients (t150 zero clients).
  I forget the exact wording on the screen, but basically after a while the server will stop allowing users to logon on to the system as they cannot contact the domain controller. The issue might then resolve itself a hour later, or maybe after a reboot. The
  strange bit is it might affect any number of the three Multipoints at any time, but other windows clients or multipoints can logon onto the domain perfectly.
  Any ideas???
  Thanks,
  James

  Hi James,
  We were experiencing the same problem, but I opened a case with Microsoft and they figured out what was wrong.  I had more than one DNS server listed - my own internal one and I had added 8.8.8.8 for good measure.  This was a problem.  When
  we removed the 8.8.8.8 and left just my one DNS entry the problem went away.  
  (Control panel/Network and Sharing Center/Change Adapter settings
  Right click on your connection, choose properties.
  Click on TCP/IPv4 (unless you are using IPv6...) and choose properties
  Make sure there is only a Preferred DNS server listed.)
  They also looked at my DNS server and found that I had old entries for a previous server that had been retired and cleared them out - but I believe that the ultimate solution was to remove the "Alternate DNS server".
  Let me know if this helps!
  Peggy
  Peggy Thrasher

• Active Directory RDP Logon Issue

  I have a problem logging on to my test domain, here are the setup and symptoms
  Domain Prod:   ua.here.someplace.com
  Domain Test:   ua.test-here.someplace.com
  Domains totally separate DNS and WINS, although they are on the same subnets.
  From my admin workstation I find I cant login to the test domain with the following format;
  SEE ATTACHED
  I cant figure out why.
  DCDIAG in both domains is clean.  All DNS entries listed in netlogon.dns are in the proper locations, I checked line by line.
  Event logs say "Access Denied", as if it were a bad password, otherwise clean
  But most perplexing, when I spin up a clean Virtual Windows 7 pro box (same DNS as admin workstation), Everything starts to work!!
  I have deleted everything in credential manager on the admin workstation (including from cmd line with cmdkey.exe), including all the temp files in Local, LocalLow, and roaming, and all the Temp files with Internet Explorer.  No change.
  I am at a loss :(
  Can the fact that the NetBIOS name is the same for both prod and test be an issue???  but I cant see how...
  BlankMonkey

  Hi,
  In order to solve this issue more efficiently, I need to clarify some information.
  Firstly, those failed logon attempts, are they all logon attempts via RDP? What specific error do you see when logon attempts fail?
  Secondly, the access denied event in Event Logs, would you please post out a complete version?
  You also mentioned that after you brought a clean Virtual Windows 7 pro box, everything started to work, so what is the version of the former problematic machine?
  Here are some related links below for your references:
  The system cannot log on due to the following error: access is denied
  http://social.technet.microsoft.com/Forums/windowsserver/en-US/b458262e-7be7-49d6-9f14-bd0cbbccc226/the-system-cannot-log-on-due-to-the-following-error-access-is-denied
  Error message when you use Remote Desktop Connection to connect to a Windows Vista-based computer: "The requested session access is denied"
  http://support.microsoft.com/kb/954369
  Users Can Log On Using User Name or User Principal Name
  http://support.microsoft.com/kb/243280
  If these links above are not helpful, please get back to us with necessary information at your earliest convenience.
  Best Regards,
  Amy Wang

• IOS Remote Desktop Client Logon Issue Prompts to Logon 3 Times with RDGW

  I have an issue when connecting from the Remote Desktop client iOS on multiple iPads/users.
  First a little background: We have an RDS Web Access / RDS Gateway (2012 R2) setup and properly configured. We can logon using it just fine from the Mac OS version of the app, Android version of the app, or from a Windows PC. When we try to
  connect via the iOS app we get the prompt to logon 3 times. Due to security reasons, we do not want them to store their credentials on the iPads, which is the only method I have found to eliminate the triple password entry. It only prompts once on the Mac
  OS version, Android version or from a Windows PC.
  The password isn't being entered incorrectly and the servers are not registering any Audit Failures for the logon attempts. Can you assist?
  Additionally I would like to recommend the addition of a feature to be able to setup remote resources but prompt for the password on app launch for security reasons. That way they would have to enter it once but then they could access any resources needed.
  Thanks,
  Nate L

  I am not comfortable posting the entire log file but let me give you the high level summary. The settings section for the active connection:
  [2014-Jun-17 12:45:23] RDP (0): Final rdp configuration used: {
      activeUsername = "domain\username";
      arcTimeout = 1800;
      configurationVersion = 8;
      console = 0;
      gatewayId = XXXXXXXX;
      host = "InternalServerHostName.domain.local";
      label = "";
      mouseMode = "-1";
      offsetX = 0;
      offsetY = 0;
      peerIp = "ExternalRDSGatewayIP";
      port = 3389;
      previousMouseMode = 1;
      previousUtilityBar = 0;
      screenshotScale = "0.125";
      soundMode = 1;
      swapMouseButtons = 0;
      type = rdp;
      utilityBar = "-1";
      zoomFactor = 1;
      connections =    
          ...bunch of addresses...
      host = "ExternalRDSGatewayHostName";
      id = XXXXXX;
      port = 443;
      temporary = 1;
      type = rdp;
      kCFProxyTypeKey = kCFProxyTypeNone;
  It then attempts to connect to the InternalServerHostName.domain.local.
  [2014-Jun-19 09:40:01] RDP (0): Resolved 'InternalServerHostName.domain.local' to 'ERROR: Unable to connect to remote PC. Please provide the fully-qualified name or the IP address of the remote PC, and then try again.' using NameResolveMethod_Unknown(0)
  [2014-Jun-19 09:40:01] RDP (0): Error message: Unable to connect to remote PC. Please provide the fully-qualified name or the IP address of the remote PC, and then try again.(phase: 0, type: 0, reason: 0, systemCode: 0, systemMessage: )
  [2014-Jun-19 09:40:01] RDP (0): Protocol state changed to: ProtocolDisconnected(8)
  [2014-Jun-19 09:40:02] RDP (0): Showing credentials dialog
  It then displays the same settings again with the exception of an additional line after the gatewayId line:
  gwAutodetectState = kConnectionGwAutodectedForceGW;
  Then it goes through the interface list, not using any proxy, correlation id, then resolves name:
  [2014-Jun-19 09:40:10] RDP (0): Resolved 'ExternalRDSGatewayHostName' to 'ExternalRDSGatewayIP' using NameResolveMethod_Unknown(0)
  [2014-Jun-19 09:40:11] RDP (0): Exception caught: Exception in file '/Users/build/jenkins/workspace/rc-ios-develop/protocols/RDP/librdp/librdp/private/httpendpoint.cpp' at line 217
      User Message : The gateway failed to connect with the message: 403 Forbidden ( The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. 
  [2014-Jun-19 09:40:11] RDP (0): Error message: The gateway failed to connect with the message: 403 Forbidden ( The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. 
  )(phase: 0, type: 0, reason: 0, systemCode: -1, systemMessage: )
  [2014-Jun-19 09:40:11] RDP (0): Protocol state changed to: ProtocolDisconnecting(7)
  [2014-Jun-19 09:40:11] RDP (0): Protocol state changed to: ProtocolDisconnected(8)
  [2014-Jun-19 09:40:11] RDP (0): Showing credentials dialog
  Then it displays the same settings again except for the gwAutodetectState line changing to:
  gwAutodetectState = kConnectionGwAutodectedHTTPSTried;
  Then it connects ok. I went to our firewall (MS Forefront TMG) and monitored for traffic from the iPad iOS App (based on network it is on). I don't see the initial connection attempt at all, which is expected because according to the log above it looks
  like it tries to connect to the host directly...which it shouldn't?
  Then in the second attempt I see it trying to go to http://ExternalRDSGatewayHostName:443/remoteDesktopGateway/ which again it shouldn't be doing because that URL (the remoteDesktopGateway) is not part of the RDSGW or RDSWA 2012 R2 IIS
  config or am I missing something? It should be going to Rpc or RDWeb right? or do I need to allow that path through too?
  Thanks,
  Nate

• Why can the users in one child domain logon to computers in a different child domain in Server 2012 R2?

  I have setup a test system. It has a domain with 2 child domains.  DomainA.xyz.com has users and workstations. DomainB.xyz.com is a resource domain and has servers.  wyx.com is for IT administration.
  Users in domainA can logon to the domainB computers.  I searched to find out why it was so.  I found a "NT AUTHORITY\INTERACTIVE" entry in the local users group that enables this.
  This is rather confusing.  1.  When a user enters his credentials, he is not logged on and therefore would not be "INTERACTIVE" at that time.  2.  If everybody that signs on a computer is interactive, then does that mean
  everyone in the forest can sign on?
  So my issue is: Can I delete the "INTERACTIVE" entry in the local users group and not cause any problems?  I want to protect the resource domain from users signing on to them and give them access to the resources they need.

  Hi,
  The Interactive group includes all users that have logged on locally.
  In addition, it is not recommended to remove the
  interactive group from the local user group since it would cause all kinds of problems. For more detailed information, please refer to the similar thread and link below:
  Interactive
  group
  Staring
  at a blank desktop, due to Interactive missing from Users group
  Best regards,
  Susie

• Inconsistent domain logon times

  I have logon times that vary from 5 to 90 seconds for a domain login. If the user logs on for the first time it takes about 90 seconds; this appears fair due to the work that is do with preparing the desktop and copying profiles... etc. The next time the
  user logs on it take around 10 seconds, which I am happy with.
  All group polices all work fine. My only problem is to keep the logon time down and consistent.
  The problem is that when the system is rebooted the logon time is around 30-40 seconds. After that they go back to 10 - 15 seconds. That seems to hint at a network issue. I have been tracing what is happening using PROCMON and PROCEXE; currently trying to
  see if that tells me anything.
  One thing that I have also noticed is that the Network name appears to have an impact on what the logon times will be. For example if the Network name is the same as my domain name "domain.xxx" the login times are good (10 - 15 secs). However,
  for some reason that I don't know the Network name may be "Network 3", "Unidentified Network", "domain.xxx 2 (unauthenticated)". When this happens I can pretty well guarantee that the logon times go out the window.
  Can anyone advise what I can do to fix this?
  The enviroment is Windows 7 PCs, Windows 2008 R2 servers in a Domain/Forest  Functional level of Windows Server 2008 R2.
  Ron Rose

  Hi,
  It’s normal to take a few time to logon a new user for the first time. When first logon, the time depends on many factors:
  Do we use roaming profile?
  Is there any software settings in group policy?
  Do we need to attach a network printer?
  Is there any automatic map drive?
  You may refer to the link below to find some useful informations: Root Causes for Slow Boots and Logons
  http://social.technet.microsoft.com/wiki/contents/articles/10130.root-causes-for-slow-boots-and-logons-sbsl.aspx#Network
  If you still want to improve it,  I'd like to recommend that you contact Microsoft Customer Support Service (CSS) for assistance so that this problem can be resolved efficiently. To obtain the phone numbers for specific technology request please take
  a look at the web site listed below:
  http://support.microsoft.com/default.aspx?scid=fh;EN-US;PHONENUMBERS
  If you are outside the US please see http://support.microsoft.com for regional support phone numbers.
  Hope it helps.
  Regards,
  Blair Deng
  Blair Deng
  TechNet Community Support

• No domain logon?

  After installing 9879 and joining the machine to a domain, I don't have any option to log on to the domain. I only get the option for logging on with a Live account.
  I've had the machine on the domain with a previous build and have been able to log on with no issue, but since rolling up to 9879, I can no longer do that.
  Has anyone else seen this issue?

  Hi danga2k,
  I am able to logon the domain with the Other User option on Windows 10 9879, after join the machine into domain.
  Please click the back button on the left side of logon picture, you should be able to see a account list. Then select Other User, after that, type Domain name\User name and the password to logon.
  If there is no back button available, please open regedit.exe, navigate to the following path:
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
  then add a .DEFAULT key under it.
  After that, log off and you will see the last logged on user account
  and the Other user option.
  Best regards
  Michael Shao
  TechNet Community Support