DirectAccess - Computer fails to authenticate, error 0xC000006A

I have a computer that was successfully connecting to our AD network via DirectAccess 2012. Yesterday I had to do a full system recovery on the computer. After rebooted it would not connect to DirectAccess. In the security log of the direct access server I see the error:

An IPsec extended mode negotiation failed. The corresponding main mode security association has been deleted.

Local Endpoint:
Principal Name: host/DIRECTACCESS.ad.milwaukee.gov
Network Address: 2002:c7c4:5439::c7c4:5439
Keying Module Port: 500

Remote Endpoint:
Principal Name: -
Network Address: 2002:c7c4:5439:1000:c144:a2f4:e02f:b1c4
Keying Module Port: 500

Additional Information:
Keying Module Name: AuthIP
Authentication Method: NTLM V2
Role: Responder
Impersonation State: Enabled
Quick Mode Filter ID: 489337

Failure Information:
Failure Point: Local computer
Failure Reason: IKE authentication credentials are unacceptable

State: Sent second (SSPI) payload

On our domain controller I see this message:

The computer attempted to validate the credentials for an account.

Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Logon Account: CHAPAN-HOME$
Source Workstation: CHAPAN-HOME
Error Code: 0xC000006A

I turned on the CAPI2 log on the direct access server and it appears there is no problem with the certificate the computer is using, but for some reason the computer cannot authenticate to the domain.

September 3rd, 2015 9:07am

 I was able delete the computer account and redo the offline join, and now it is ok.
Free Windows Admin Tool Kit Click here and download it now
September 4th, 2015 3:44pm

 I was able delete the computer account and redo the offline join, and now it is ok.
September 4th, 2015 7:43pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics