RDP logon error 1219 for one specific user

[Guest Peter Hornby]

We have a number of servers in our test lab which are commonly accessed by

RDP. There is a small subset of these servers which one user, and one user

only, cannot successfully logon to. It seems as though the common

characteristic of the affected servers is that they're all set up by our lab

administrator to be members of a particular Active Directory OU.

 

When he supplies his domain credentials to the RDP logon screen, an error

dialog is displayed with the text: "The system cannot log you on due to the

following error: The RPC server is unavailable".

 

An entry is written to the server's application event log with source

Winlogon, and EventID 1219. The text for the message is "Logon rejected for

<user-id>. Unable to obtain Terminal Server User Configuration. Error: The

RPC server is unavailable".

 

This user can perform a successful RDP logon to other servers, and can

successfully logon to the affected servers directly. All other users can

logon to all servers with their domain credentials. The servers are mostly

running some flavor of Windows Server 2003.

 

If anyone has seen this and worked out what's going on, that would be

wonderful. However, I'm just as interested in any suggestions on how to

debug this problem. I'm not a Terminal Services/RDP expert, so I'm not

familiar with the expected path of the logon protocol and how you might go

about diagnosing problems with it.

 

Thanks,

 

Peter Hornby

Unisys

Mission Viejo/CA

[Guest Vera Noest [MVP]]

Re: RDP logon error 1219 for one specific user

 

Check the Resultant Set of Policies for this user and the servers

in this OU. Maybe there are inheritance or blocking problems?

 

What profile is this user using? Local? Roaming? Is it defined in

the AD account properties, or through a GPO for the servers in the

OU?

 

EventID.net lists a number of causes, but since this happens to a

single users account, maybe it's this one:

 

http://www.eventid.net/display.asp?eventid=1219&eventno=2848

&source=Winlogon&phase=1

 

Error: "The RPC server is unavailable" - This problem occurs when

users with the same user name are hosted in different domains and

one of those users has logged on to the terminal server and has

created a roaming profile.

 

Check:

821929 - User cannot create a Terminal Server roaming profile path

if a user with the same name has logged on from another domain

http://support.microsoft.com/?kbid=821929

 

However, this hotfix is included in SP1. Which SP is the server

running?

_________________________________________________________

Vera Noest

MCSE, CCEA, Microsoft MVP - Terminal Server

TS troubleshooting: http://ts.veranoest.net

___ please respond in newsgroup, NOT by private email ___

 

"Peter Hornby" <sirius@community.nospam> wrote on 27 aug 2007 in

microsoft.public.windows.terminal_services:

> We have a number of servers in our test lab which are commonly

> accessed by RDP. There is a small subset of these servers which

> one user, and one user only, cannot successfully logon to. It

> seems as though the common characteristic of the affected

> servers is that they're all set up by our lab administrator to

> be members of a particular Active Directory OU.

>

> When he supplies his domain credentials to the RDP logon screen,

> an error dialog is displayed with the text: "The system cannot

> log you on due to the following error: The RPC server is

> unavailable".

>

> An entry is written to the server's application event log with

> source Winlogon, and EventID 1219. The text for the message is

> "Logon rejected for <user-id>. Unable to obtain Terminal Server

> User Configuration. Error: The RPC server is unavailable".

>

> This user can perform a successful RDP logon to other servers,

> and can successfully logon to the affected servers directly.

> All other users can logon to all servers with their domain

> credentials. The servers are mostly running some flavor of

> Windows Server 2003.

>

> If anyone has seen this and worked out what's going on, that

> would be wonderful. However, I'm just as interested in any

> suggestions on how to debug this problem. I'm not a Terminal

> Services/RDP expert, so I'm not familiar with the expected path

> of the logon protocol and how you might go about diagnosing

> problems with it.

>

> Thanks,

>

> Peter Hornby

> Unisys

> Mission Viejo/CA