Reset Search



KB40955 - Active Directory authentication for user fails with NTSTATUS code 'STATUS_INVALID_WORKSTATION' in the user access log.

« Go Back


Last Modified Date9/25/2017 3:12 PM
The article describes an issue where authentication fails against AD server for NTSTATUS code 'STATUS_INVALID_WORKSTATION' in the user access log.
Problem or Goal
User authentication fails with AD as auth server and below error messages are observed in User access log and TCP dump:
Active Directory authentication server 'AD' : Received NTSTATUS code 'STATUS_INVALID_WORKSTATION'
This issue occurs when the option for Log On to is enabled under the Account tab for the user object in active directory. The Log On to will list of machine names the user can log on to and the VPN's machine name is not listed as one of the allowed machines to log on to.
To resolve this issue, perform the following steps:
  1. Login to the domain controller
  2. Navigate to the Active Directory Users and Computers
  3. From the list, right-click the corresponding user
  4. Click Properties
 User-added image
  1. Select Account tab
   User-added image
  1. Click Log On To button 
 User-added image                                                    
  1. Enter the Computer Name of the VPN device (Computer Name can be obtained from the AD auth server configuration)
  2. Click Add
  3. Click OK
User-added image
Related Links
Attachment 1 
Created ByVignesh Ramanan



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255