How do I fix the intermitted issue of users getting AHD04010: cannot login. Users can login for approx an hour after I run pdm_configure however login problems reappear after approx an hour. What is the reason and how do I fix this?

Document ID : KB000053662
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

Add the 'rhduser' and 'ServiceDesk' users at enterprise level group polices

Solution:

Pdm_configure would grant the service desk and rhduser in couple of group polices in the local machine where service desk is installed. If this machine is joined to the domain, then group policies would effect service desk machine along with all other objects in the domain. When the nearest domain controller pushes the group polices set at an enterprise level, the all the changes made to the local policies would be stripped off and the settings at enterprise level would come into effect. This means that rhduser and service desk user would also be removed from the group policies added by pdm_configure. Running pdm_configure once again would be a temporary fix. A solution would be to grant rhduser and service desk user to the following group policies at an enterprise level.


grants the "Logon as a Batch Job" right to the rhduser.
  • SeBatchLogonRight
Log on as a batch job
grants the following rights to the privileged user:
  • SeBatchLogonRight
Log on as a batch job
  • SeTcbPrivilege
Act as part of the operating system
  • SeAssignPrimaryTokenPrivilege
Replace a process level token
  • SeIncreaseQuotaPrivilege
Adjust memory quotas for a process