LookupAccountSid failed

Document ID : KB000122166
Last Modified Date : 30/11/2018
Show Technical Document Details
Issue:
We're running a Web Agent, and when user try to login with Windows
Authentication, the Web Agent returns error 500 to the browser :

 https://mymachine.mydomain.com/siteminderagent/ntlm/creds.ntc?CHALLENGE=&SMAGENTNAME="[...] 

and we can see in the Web Agent traces : 

[11/28/2018][07:50:41][20576][104][SmNTC.cpp:227] 
[SmNtc::getCredentialsWinNativeAuth][00000000000000000000000039247fa9 
-5060-5bfe48d1-0068-03bb186b][*169.112.46.232][][mymachine.mydomain.com][/] 
[][LookupAccountSid failed - 5] 

How can we solve this ?
Resolution:
You'll solve the issue by checking the following 

Check the users in the following configuration :

  One thing you must do when: getting http 500.0.1346 error 
  https://blogs.msdn.microsoft.com/asgoyal/2012/08/25/one-thing-you-must-do-when-getting-http-500-0-1346-error/ 

  run –> secpol.msc –> Local Policies –> User Rights Assignment 

  Impersonate a client after authentication 

  and make sure that users are set :

  Administrators 
  IIS AppPool\Net v2.0 
  IIS_IUSRS 
  LOCAL_SERVICE 
  NETWORK_SERVICE 
  SERVICE 

IIS should be allowed to do impersonation at the Windows OS level.