Certain end users are locked out of Sharepoint at specific times during the day RRS feed

  • Question

  • We have a bizarre issue with Sharepoint. We just upgraded from 2010 to 2013 about 2 months ago. Everything seemed to have been working fine until here recently. In the last few weeks we have users that are limited in access to certain pages of sharepoint and it seems to be at the start of the day until about 9:30 local time. After that time everyone can get in normally. I'm about ready to pull my hair out. We do have time restrictions on AD accounts, but the accounts are able to login during this time period. Any help will be appreciated. Thanks!
    Friday, July 19, 2019 2:49 PM

All replies

  • Hiya,

    1: What is your authentication setting for that particular web application?

    2: Is it only in SharePoint that particular users experience these logon problems?

    3: What does the SharePoint ULS log say about these login attempts?

    Monday, July 22, 2019 5:47 AM
  • Hi, slatta8343,

    Just as Jesper said, first check the ULS logs and windows event receiver. And do have a check on the range of users who have the issue on logon. And compare it with your time restrictions on AD accounts. 

    In my end, the logon hour attribute in AD account do block users from logging in SharePoint and the computer. Do these users have logon issue on other devices/services?

    A similar thread here:

    Beset Regards


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact

    SharePoint Server 2019 has been released, you can click here to download it.
    Click here to learn new features. Visit the dedicated forum to share, explore and talk to experts about SharePoint Server 2019.

    Monday, July 22, 2019 7:51 AM
  • The Authentication settings are set to Claims-Based Authentication. We do have time restrictions setup, but they are allowed to login at the time the issue is occurring. They can get to everything else network related, such as file shares, etc. I don't see anything that stands out to me in the logs saying access denied. 
    Monday, July 22, 2019 2:05 PM
  • Just to be sure, there isn't a time scew anywhere, right?

    Besides that, you need to trace it using ULS logs (Not just search for Access denied in the logs). Find the time they attempt to logon and trace that CorrelationID. Usually you can search for URL they are trying to access and the given time a day.

    Secondly you might want to check on the Domain Controller Security log, if they indeed are getting Access denied based on domain policy. If they are using a domain joined computer, you can check which domain controller they are contacting, by looking at their logonserver. cmd -> echo %logonserver%

    Wednesday, July 24, 2019 6:44 AM