Y
Yordan Yordanov
We have Windows Server 2016 configured for Remote Access using SSTP. After the February updates (installed Saturday) Active Direcoty is denying access to every user trying to authenticate through the VPN server. I don't see any other errors except the authentication failures. The client is getting error 691 (wrong password or selected auth protocol not enabled), on the DC I get the general 4776 event ID with the error code 0xC000006A which means that the password was incorrect. Indeed, the attempts are hitting against the configured threshold for wrong password and eventually results in a locked out account. Nothing has been changed in the Network Policy Server, I verified the policies - they are OK. Tested with multiple accounts - nobody gets acccess. It seems that the VPN server is not at fault since I restored it from backup before the updates - the same issue. I also configured VPN on another server (2012 R2) - no change, denied again. Any ideas where can I look for additional info? I have 4 DCs, 3 are 2012 R2 and 1 is 2016 and I don't see any replication issues. This is quite frustrating, if it doesn't sort out soon I will be forced to open a support request with Microsoft. 
Continue reading...
Continue reading...