Windows NT RDP logon error 1219 for one specific user

  • Thread starter Thread starter Peter Hornby
  • Start date Start date
P

Peter Hornby

We have a number of servers in our test lab which are commonly accessed by
RDP. There is a small subset of these servers which one user, and one user
only, cannot successfully logon to. It seems as though the common
characteristic of the affected servers is that they're all set up by our lab
administrator to be members of a particular Active Directory OU.

When he supplies his domain credentials to the RDP logon screen, an error
dialog is displayed with the text: "The system cannot log you on due to the
following error: The RPC server is unavailable".

An entry is written to the server's application event log with source
Winlogon, and EventID 1219. The text for the message is "Logon rejected for
<user-id>. Unable to obtain Terminal Server User Configuration. Error: The
RPC server is unavailable".

This user can perform a successful RDP logon to other servers, and can
successfully logon to the affected servers directly. All other users can
logon to all servers with their domain credentials. The servers are mostly
running some flavor of Windows Server 2003.

If anyone has seen this and worked out what's going on, that would be
wonderful. However, I'm just as interested in any suggestions on how to
debug this problem. I'm not a Terminal Services/RDP expert, so I'm not
familiar with the expected path of the logon protocol and how you might go
about diagnosing problems with it.

Thanks,

Peter Hornby
Unisys
Mission Viejo/CA
 
Check the Resultant Set of Policies for this user and the servers
in this OU. Maybe there are inheritance or blocking problems?

What profile is this user using? Local? Roaming? Is it defined in
the AD account properties, or through a GPO for the servers in the
OU?

EventID.net lists a number of causes, but since this happens to a
single users account, maybe it's this one:

http://www.eventid.net/display.asp?eventid=1219&eventno=2848
&source=Winlogon&phase=1

Error: "The RPC server is unavailable" - This problem occurs when
users with the same user name are hosted in different domains and
one of those users has logged on to the terminal server and has
created a roaming profile.

Check:
821929 - User cannot create a Terminal Server roaming profile path
if a user with the same name has logged on from another domain
http://support.microsoft.com/?kbid=821929

However, this hotfix is included in SP1. Which SP is the server
running?
_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___

"Peter Hornby" <sirius@community.nospam> wrote on 27 aug 2007 in
microsoft.public.windows.terminal_services:

> We have a number of servers in our test lab which are commonly
> accessed by RDP. There is a small subset of these servers which
> one user, and one user only, cannot successfully logon to. It
> seems as though the common characteristic of the affected
> servers is that they're all set up by our lab administrator to
> be members of a particular Active Directory OU.
>
> When he supplies his domain credentials to the RDP logon screen,
> an error dialog is displayed with the text: "The system cannot
> log you on due to the following error: The RPC server is
> unavailable".
>
> An entry is written to the server's application event log with
> source Winlogon, and EventID 1219. The text for the message is
> "Logon rejected for <user-id>. Unable to obtain Terminal Server
> User Configuration. Error: The RPC server is unavailable".
>
> This user can perform a successful RDP logon to other servers,
> and can successfully logon to the affected servers directly.
> All other users can logon to all servers with their domain
> credentials. The servers are mostly running some flavor of
> Windows Server 2003.
>
> If anyone has seen this and worked out what's going on, that
> would be wonderful. However, I'm just as interested in any
> suggestions on how to debug this problem. I'm not a Terminal
> Services/RDP expert, so I'm not familiar with the expected path
> of the logon protocol and how you might go about diagnosing
> problems with it.
>
> Thanks,
>
> Peter Hornby
> Unisys
> Mission Viejo/CA
 
Back
Top