The Octopus Deploy server is located in SERVERDOMAIN. It is running as a domain user from SERVERDOMAIN. Our developers’ users are located in the OFFICEDOMAIN. I have created a group in SERVERDOMAIN containing groups and single users from OFFICEDOMAIN. (Single users to test wether group membership might be causing the error)
Running Octopus Deploy on the server I installed it, I am able to search and add the group to the Octopus team “Everyone”. BUT, I am unable to log on from the OFFICEDOMAIN. It keeps giving me an error message whatever I try… I have tried:
OFFICEDOMAIN\user.name --> Logon failure: unknown user name or bad password.
OFFICEDOMAIN.local\user.name --> Logon failure: unknown user name or bad password.
user.name@OFFICEDOMAIN --> There was a problem with your request. Invalid username or password.
user.name@OFFICEDOMAIN.local --> There was a problem with your request. Invalid username or password.
user.name --> There was a problem with your request. Invalid username or password.
Error message is listed after the pattern I tried.
We would really like to keep the server in SERVERDOMAIN, so it would be GREAT to fix this issue… Any suggestions on what I am doing wrong?
The log files list the error, but it does not seem quite right: it says "A principal identifiable by ‘user.name@OFFICEDOMAIN’ was not found in ‘.OFFICEDOMAIN.local’ Shouldn’t this say domain name instead of server name?
Thanks for getting in touch. I’ll create a tool for you to run that will help you to test this scenario and will provide us with the details that we need to work out what is going on.
Just to check, I assume there is a trust set up between the two domains? How is that trust configured? The domain user in SERVERDOMAIN may not have permission to test credentials on the OFFICEDOMAIN.
Expect an update from me early next week with a tool to help diagnose this.
Thank you for answering Yes, the domains are set up with trust. I will debug when you send the tool.
Den 9. juli 2014 kl. 00:50 skrev “Paul Stovell” <firstname.lastname@example.org:email@example.com>:
We also encountered the same issue and error yesterday.
We have trust established between domains. Users form the second domain were able to test since last week until authentication issue started yesterday.
Why don’t you try second domain controller as it is available on several site. As per my personal experience, it is an outstanding tool that you should definitely try once. Afterwards, you can follow the steps given at http://serverfault.com/questions/19000/cant-log-in-using-second-domain-controller-when-first-dc-is-unreachable to fix the problem. Apart from that you can also take significant advice of any domain expert or register like domainia.com about domain troubleshooting.