Remote Desktop: "Your system administrator Does not allow the use of saved credentials to log on to the remote computer. Because identity is not fully verified. Please enter new credentials" and “Domain sid inconsistent”


 

I was trying to remote desktop to a VM that is in different domain. I keep getting this error message:

"Your system administrator Does not allow the use of saved credentials to log on to the remote computer. Because identity is not fully verified. Please enter new credentials"

I tried to type the correct credentials manually on Remote Desktop.  I decided to take a look at the server’s security log. This is what I found:

Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 10/7/2010 12:23:43 PM
Event ID: 4625
Task Category: Logon
Level: Information
Keywords: Audit Failure
User: N/A
Computer: servername.domain.local
Description:
An account failed to log on.

Subject:
Security ID:                NULL SID
Account Name:                –
Account Domain:                –
Logon ID:                0x0
Logon Type:                        3
Account For Which Logon Failed:
Security ID:                NULL SID
Account Name:                myADaccount
Account Domain:                DomainName
Failure Information:
Failure Reason:                Domain sid inconsistent.Status:                        0xc000006d
Sub Status:                0xc000019b
Process Information:
Caller Process ID:        0x0
Caller Process Name:        –
Network Information:
Workstation Name:        MyClientWorkstationName
Source Network Address:        –
Source Port:                –

Failure Information:
Failure Reason:                Domain sid inconsistent.
Status:                        0xc000006d
Sub Status:                0xc000019b

Well…Failure reason says “Domain sid inconsistent” and Security ID says NULL SID.

YES, I knew what went wrong right away.  My test domain controller and standalone server VM are deployed from same template. so both consists same SID. 

Usually duplicate SID is not a problem. But if you domain controller and client machine SID are the same, then it’s a big problem. 

I ran (C:\Windows\System32\SysPrep\) SysPrep.exe on my server and re-joined to the domain. Everything magically OK after that.

Advertisements

2 thoughts on “Remote Desktop: "Your system administrator Does not allow the use of saved credentials to log on to the remote computer. Because identity is not fully verified. Please enter new credentials" and “Domain sid inconsistent”

  1. I had a similar issue in a test environment in Hyper-V, copied the vhd file, renamed the server, joined to domain, I could RDP via domain name but not IP to the copied server, security log had the same error as you
    newsid.exe confirmed unique SID’s on both servers!
    sysprep fixed it!

  2. Oh my goodness! an incredible article dude. Thank you However I am experiencing challenge with ur rss .
    Don’t know why Unable to subscribe to it. Is there anyone getting equivalent rss drawback?
    Anyone who knows kindly respond. Thnkx

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s