Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 11 replies
  • Subscribers 1 subscriber
  • Views 20852 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cannot validate the logon user account against the domain controller

kthornton

I am getting the error "Cannot validate the logon user account against the domain controller." when trying to install the Enterprise Console 5.1 on a Windows 2008 R2 server that is in our DMZ.  Even though it is in the DMZ, it is still a domain member and I have logged into it as a domain user that is also a Domain Administrator.  My guess is a port needs to be opened but which one if I can already login as a domain user?

:34961


This thread was automatically locked due to age.
Parents
  • 0

    If you have or can install AutoIT (http://www.autoitscript.com/site/autoit/).  If you paste the following code in and choose, Tools - Build, that will create you an exe that you can run on the computer you're running the management installer on.  

    It will prompt you for the DC and then an account.  

    If you put in the computer name of the DC (minus the \\) as returned from: 

    nltest /dsgetDC:[domain]

    Then in the second prompt the account you're running the Sophos installer as for the account to test.

    What return code do you get?  

    1722, 5?

    net helpmsg 1722 = "The RPC server is unavailable." 

    net helpmsg 5 = "Access is denied." 

    ;Test: NetUserGetInfo (http://msdn.microsoft.com/en-gb/library/windows/desktop/aa370654(v=vs.85).aspx)
Local $strComputer = InputBox("Test NetUserGetInfo", "Enter DC name or computer", ".", "" )
Local $strAccount  = InputBox("Test NetUserGetInfo", "Enter account to test", "administrator", "")
Local $aRet = DllCall("netapi32.dll", "long", "NetUserGetInfo", "wstr", $strComputer, "wstr", $strAccount, "dword", 11, "ptr*", 0)
MsgBox (0, "Test NetUserGetInfo", "Return value: " & $aRet[0])

    Regards,

    Jak

    :34981
Reply
  • 0

    If you have or can install AutoIT (http://www.autoitscript.com/site/autoit/).  If you paste the following code in and choose, Tools - Build, that will create you an exe that you can run on the computer you're running the management installer on.  

    It will prompt you for the DC and then an account.  

    If you put in the computer name of the DC (minus the \\) as returned from: 

    nltest /dsgetDC:[domain]

    Then in the second prompt the account you're running the Sophos installer as for the account to test.

    What return code do you get?  

    1722, 5?

    net helpmsg 1722 = "The RPC server is unavailable." 

    net helpmsg 5 = "Access is denied." 

    ;Test: NetUserGetInfo (http://msdn.microsoft.com/en-gb/library/windows/desktop/aa370654(v=vs.85).aspx)
Local $strComputer = InputBox("Test NetUserGetInfo", "Enter DC name or computer", ".", "" )
Local $strAccount  = InputBox("Test NetUserGetInfo", "Enter account to test", "administrator", "")
Local $aRet = DllCall("netapi32.dll", "long", "NetUserGetInfo", "wstr", $strComputer, "wstr", $strAccount, "dword", 11, "ptr*", 0)
MsgBox (0, "Test NetUserGetInfo", "Return value: " & $aRet[0])

    Regards,

    Jak

    :34981
Children
No Data