Showing results for 
Show  only  | Search instead for 
Did you mean: 

EPO 4.0 Windows Authentication - Not working


Please can you help me?  I have got a problem whereby a user is unable to log into the EPO Console with Windows Authentication enabled via a web browser based EPO session.  The AD account is in use and used daily and is not locked out nor disabled.

The user was able to log in previously, changed their password and now not able to log in any more.  I have changed the user account to use EPO authentication which worked, changed back to Windows(domain based) authentication and it fails with the following message when the user tries to log in:

"You have provided invalid credentials"

The credentials provided are the same for accessing the mail and network resources which are all working.

Within EPO, the Audit log shows the following:

Failed logon for user "username" from IP Address: x.x.x.x

Windows Event from Security Events shows the following:

Logon Failure:
  Reason:  Unknown user name or bad password
  User Name: username
  Domain:  domainname
  Logon Type: 3
  Logon Process: NtLmSsp
  Authentication Package: NTLM
  Workstation Name: Servername
  Caller User Name: -
  Caller Domain: -
  Caller Logon ID: -
  Caller Process ID: -
  Transited Services: -
  Source Network Address: -
  Source Port: -

I have created a new domain account and changed passwords followed by an account within EPO console and have successful log ins. All other Windows based authentication are working correctly following password changes on the domain.

The EPO server user account is enabled for use.

The user is based in one site with 2 DCs whilst the EPO server is located in a different site with 2 DCs as well.

It seems that EPO has somehow lost the synchronisation of this particular  users' account!!! Is this possible and any ideas as to how I can resolve?

Look forward to any suggestions 🙂

Many thanks,


6 Replies
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 7

Re: EPO 4.0 Windows Authentication - Not working

Perhaps it's cached in the ePO DB.

Find the user in the ePO console too and remove/recreate it there.



Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: EPO 4.0 Windows Authentication - Not working

Hi Rob,

Thanks for the suggestion, I should have added that to my above submission.  I have deleted the user account and recreated within EPO Management Console already - still to no avail 😞

If I change this user's authentication to use that contained within EPO it works.  As soon as I change it back to Windows authentication it does not. This goes for the newly created account as well!


Level 14
Report Inappropriate Content
Message 4 of 7

Re: EPO 4.0 Windows Authentication - Not working


just for the sake of clarification: is this user UserA defined the following way within ePO Users ?

1. UserName (topmost field): UserA

2. UserName (when Windows authentication is selected for this user) : the domain user account name which you have problem with

2. Domain name: the Windows domain name that this user belongs to.

Also, can you log in to the server that hosts ePO with the problem account?


Re: EPO 4.0 Windows Authentication - Not working


PLease see inserted screenshot of user account.

The user is trying to access the EPO URL from their local workstation and not via the server interface.

The user is configured as per your questions.


Level 14
Report Inappropriate Content
Message 6 of 7

Re: EPO 4.0 Windows Authentication - Not working


I see the following troubleshooting tips here:

- please check the user's workstation clock against ePO server clock against DC clock.

- also please log in the ePo console on ePO server with the user's credentials, upon failure log in with another AD based ePO user that works.

- check orion.log if it contains any specific information of failed login other than bad password or unknown username.

I would attempt to log in to the Windows system with the user's credentials, too.


Message was edited by: Attila Polinger on 6/14/10 2:18:41 PM CEST

Re: EPO 4.0 Windows Authentication - Not working


I have worked out what the answer is to this issue...the user in question has no administrative privileges on the server infrastructure (as required).  The issue then comes when the users is accessing the URL from their local workstation.

THe answer to the problem about incorrect credentials seems to stem from the fact that the user is not a member of the EPO Users Group created on the EPO server.  As soon as the user was added to this group access was instant!

Thanks for all your time and suggestions!


You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community