1

I would like to get some help debugging an issue we are experiencing in a specific server.

We have a web application that uses windows accounts to validate user credentials and groups. We noticed that when we deployed to a specific server, we were not able to validate any accounts other than the account the process is running under. The error reported is Access denied (5).

To debug, we tried to use net user /domain in order to see if it is a lower-level issue. We got the same error Access denied (5).

I came accross this article and tried to debug the same way. Our wireshark logs did not show the same errors. Both OpenDomain requests had successful responses.

We also went to the AD and added read access to "Authenticated Users" for the Builtin and Users directory.

Any help is appreciated. Thank you.

EDIT 1:

Both the application and the cmd command we ran was run with Administrator access

EDIT 2

When we validate the same account the process is running as, i.e. if the process was running under the "admin" account we would do net user admin /domain, it would work.

Community
  • 1
Kaizer69
  • 141
  • 1
  • 6
  • The usual question for Access denied errors: Have you tried running the application as an administrator? – Davidw Jul 19 '19 at 20:16
  • Hi David, please see my update – Kaizer69 Jul 19 '19 at 20:19
  • 1
    Have you checked that the server's connection to the domain is up, e.g., using the `netdom verify` command? I assume you are running the `net user` command in the context of the same domain account as on the other servers where it is working? – Harry Johnston Jul 19 '19 at 22:47
  • Hi Harry, yeah I've confirmed that there is connection to the domain. and yes we are using the same context to run net user. – Kaizer69 Jul 22 '19 at 13:32

0 Answers0