I am trying to RDP to one of our servers over a Citrix VPN. However, after accessing the machine, I an greeted with the following message:
Login failure: user account restriction. Possible reasons are blank passwords not allowed, logon hour restrictions, or a policy restriction has been enforced.
I am entering a username and password in order to get to the server, and I am also able to browse the server in Windows Explorer and view the event log remotely using these credentials.
I see the following Audit Failure
event in the server's security event log:
An account failed to log on.
Subject:
Security ID: <Sid>
Account Name: <ServerName>$
Account Domain: <Domain>
Logon ID: 0x<LogonId>
Logon Type: 10
Account For Which Logon Failed:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Failure Information:
Failure Reason: Unknown user name or bad password.
Status: 0xc000006e
Sub Status: 0x0
Process Information:
Caller Process ID: 0x744
Caller Process Name: C:\Windows\System32\winlogon.exe
Network Information:
Workstation Name: -
Source Network Address: <ip>
Source Port: <port>
Detailed Authentication Information:
Logon Process: User32
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
~snip~
So it looks to me like my credentials aren't being passed to the winlogon process.
My colleagues are all able to remote to this server, and the only difference, as far as I can tell, is that I am remoting from a Windows 10 machine, whereas they are on Windows 7. I believe the server is 2008 R2. This is using a "support" account, so we are using the same credentials.
Why are my credentials not being used, and what can I do to be able to log on?
Best Answer
I spoke to a colleague, and she had had a similar issue with RDPing from Windows 10. She told me to change some local group policy settings related to credential delegation, and everything now works!
I don't have time to investigate which setting made the difference (I had to restart for the changes to take effect), but here are some before and after screenshots:
Before:
After: