B
Brent
Hi Everyone,
I'm having some strange logon problems with Windows Terminal Services.
My company is running a couple of Windows 2000 terminal servers in a
Windows 2000 domain with Active Directory. The licensing server is also
a Windows 2000 domain controller. Most of our users log on to these
servers through Neoware thin clients, many of them from locations
throughout the US. Recently, a group of thin clients (four of them) from
one location suddenly could not log on to either of our servers. They
could connect, and get a logon prompt, but when they typed in the
username and password the following error popped up:
"The system could not log you on. Make sure your User name and domain
are correct, then type your password again. Letters in passwords must be
typed using the correct case. Make sure that Caps Lock is not
accidentally on."
We tried different domain accounts on those same clients, none of which
worked. However, these accounts worked from other locations' thin
clients and standalone PC's. Thus, the problem seems to stem from using
the specific clients at that location. They have one standalone PC that
will allow them to log on via Remote Desktop.
Nothing appears in the terminal servers' event logs that coincides with
the logon attempts, although we don't have security auditing set up.
I thought it might be an issue with Terminal Services Licensing--
something we've experienced before--and came upon the following article:
http://support.microsoft.com/kb/q253292/. However, according to the
licensing server we have enough licenses. Also, in past occurrences a
client is usually not even able to connect if there is a problem with
licensing. In this case, the client will connect, but upon attempting to
log on the user is rejected.
I also checked the article: http://support.microsoft.com/?kbid=290706,
which describes problems with automatic log on. But we don't use the
auto log-on feature.
I'm curious as to how the thin clients communicate/send information over
to the terminal server. Is the mac address of the client recorded by the
licensing server? If a client does not have a valid license, would the
server then reject any domain account that tried to log on? Not sure how
it works. It's strange that users have logon problems only on those
specific thin clients.
Thanks in advance for any clues!
Brent
I'm having some strange logon problems with Windows Terminal Services.
My company is running a couple of Windows 2000 terminal servers in a
Windows 2000 domain with Active Directory. The licensing server is also
a Windows 2000 domain controller. Most of our users log on to these
servers through Neoware thin clients, many of them from locations
throughout the US. Recently, a group of thin clients (four of them) from
one location suddenly could not log on to either of our servers. They
could connect, and get a logon prompt, but when they typed in the
username and password the following error popped up:
"The system could not log you on. Make sure your User name and domain
are correct, then type your password again. Letters in passwords must be
typed using the correct case. Make sure that Caps Lock is not
accidentally on."
We tried different domain accounts on those same clients, none of which
worked. However, these accounts worked from other locations' thin
clients and standalone PC's. Thus, the problem seems to stem from using
the specific clients at that location. They have one standalone PC that
will allow them to log on via Remote Desktop.
Nothing appears in the terminal servers' event logs that coincides with
the logon attempts, although we don't have security auditing set up.
I thought it might be an issue with Terminal Services Licensing--
something we've experienced before--and came upon the following article:
http://support.microsoft.com/kb/q253292/. However, according to the
licensing server we have enough licenses. Also, in past occurrences a
client is usually not even able to connect if there is a problem with
licensing. In this case, the client will connect, but upon attempting to
log on the user is rejected.
I also checked the article: http://support.microsoft.com/?kbid=290706,
which describes problems with automatic log on. But we don't use the
auto log-on feature.
I'm curious as to how the thin clients communicate/send information over
to the terminal server. Is the mac address of the client recorded by the
licensing server? If a client does not have a valid license, would the
server then reject any domain account that tried to log on? Not sure how
it works. It's strange that users have logon problems only on those
specific thin clients.
Thanks in advance for any clues!
Brent