We've been facing an issue for the past two months where some users in our on-premises, Server 2016 domain can't log into their domain-joined computers. They receive an "incorrect password" error even when entering the correct password. We've confirmed this with the users. Interestingly, rebooting their PCs resolves the issue for a week or so. We've also tried dropping a few machines from the domain and rejoining them, which seems to fix the problem. However, I'm looking for a solution that doesn't require us to rejoin each PC to the domain. All client machines are running Windows 11 and are fully updated, and our Domain Controller is also up to date. We haven't detected any network problems that could be causing this. Any guidance would be greatly appreciated!
3 Answers
Just a thought, but have you checked if Windows updates are affecting SMB1? I know for our DC running on 2016, disabling SMB1 can cause big authentication issues, so that might be something to investigate.
Have you checked for replication errors across your DCs? It's essential that all DCs are in sync. You might want to verify that both your primary and secondary DCs are working correctly. Also, I've seen some reported issues regarding certain registry keys for newer DCs (like 2025) that might affect clients connecting to a 2016 DC as well. It could be worth looking into that if the issue persists.
It sounds like this might be a Domain Controller (DC) replication issue. Sometimes, one DC has the correct password while another doesn’t. If that happens again, try disconnecting the machine from the network; it should use its cached credentials. If you're still having trouble after reconnecting, it could mean the DC is out of sync with the password the user is trying to use. Resetting the user's password through the DC may help resolve the login problem. By the way, were the machines set up with an image? Sometimes that can cause issues with duplicated GUIDs.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures