| Event Id | 1219 |
| Source | Winlogon |
| Description | Logon rejected for <user name>. Unable to obtain Terminal Server User Configuration. Error: <error description> |
| Event Information | As per new group information following may be reasons: Error: "The specified domain either does not exist or could not be contacted" - There is an additional error message about not being able to retrieve the Terminal Services User Configuration. We found this problem on a member server in a trusting domain that was behind the firewall. All the necessary ports were open to allow domain authentication (SWISS CHEESE MODE ON). When logging into the console, no problem. When logging in through a terminal session that crossed the firewall (using account from the trusted domain in both cases) either unable to authenticate at all or long time and logged on with Cached credentials. For whatever reason, the new PIX firewall that we just installed was denying protocols that were explicitly allowed. The only way to get it to work was allow everything. We will be trying to call Cisco to work out the issue, but right now, we are having to have an open pipe from the DMZ to the Internal network effectively to get it to work as the management thinks it needs to work. This is also a permissions/access violation error. Check the permissions on the local drive of the Terminal Server. Drive “C” must have read/list/execute for Users. |
| Reference Links | Terminal Services Client Cannot Obtain Terminal Services User Configuration from Domain Controller During Logon Your Interactive Logon Privilege Has Been Disabled Error When You Try to Log on to a Terminal Server Access is denied when attempting to back up a remote Windows NT machine. Event ID 1219 reported in Event Viewer System Log on the VERITAS Backup Exec server |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.