0
Applied some new required policies to our GPO and can't figure out why I can't login remotely using RDC to our DC (Server 2008 R2). I am getting this error from my clients.
Logon failure: user account restriction. Possible reasons are blank passwords not allowed, logon hour restrictions, or a policy
I have checked User Rights assignment and I am added to the group it allows. I have checked Security options:
- Accounts: Limit local account use of blank passwords to console logon only (Disabled and enabled has no effect)
- Microsoft network server: Disconnect clients when logon hours expire is enabled. (Disabled and enabled has no effect) (I can login at all hours BTW).
Checking event longs shows that when I try to connect I get logon type 10 and it says unknown account/bad password. It doesn't even let me type my password in when I connect. So I am confused as to what is going on. What am I missing in my GPO
JukEboX
Posted 2018-08-31T18:01:50.267
Reputation: 371
Have you tried to reverse your policy changes? – Ramhound – 2018-08-31T18:44:29.667
@Ramhound trying that right now. – JukEboX – 2018-08-31T19:06:04.963
@Ramhound old policies allow me in without a problem. – JukEboX – 2018-08-31T19:10:26.313
1So apply each policy change, one by one, in order to find the conflicting policy. Provide us with that policy so we can explain the reason you have a conflict. – Ramhound – 2018-08-31T19:18:58.563
@Ramhound So far the policy on my DCs are fine. When I apply the policy to my Local computers is what is preventing the connection. – JukEboX – 2018-09-04T21:33:37.367
I understand when you make all the changes together it stops working, but have you tried my suggestion, turning each policy on until you find the conflicting policy? – Ramhound – 2018-09-04T21:56:58.470
yes I have been doing one at a time. I might have found the issue. – JukEboX – 2018-09-05T19:42:32.797