Multiple Login fail events occur on the Control Compliance Suite (CCS) Manager Server with Audit Failure Event ID 4625
The following error is noted in the Windows Event Viewer on the CCS Manager Machine-
Log Name: Security
Event ID: 4625
Task Category: Logon
Keywords: Audit Failure
Description:An account failed to log on.
Security ID: SYSTEM
Logon Type: 2
Account For Which Logon Failed:
Security ID: NULL SID
Failure Reason: An Error occurred during Logon.
Sub Status: 0x0
Caller Process ID: 0x260c
Caller Process Name:
The CCS Application Server Certificate subject does not match with the name of the object (CCS AppServer Service user account) that is present in the Active Directory (AD)
The Audit Failure Event (Event ID 4625) issue can be resolved by mapping the certificates to the CCS App server User ID in AD.
Map certificates to CCS Service account in AD for CCS App Server and CCS Manager for component communication without Audit Failures.
Use the following steps to export CCS certificates for CCS components and map them to Active Directory accounts.
Perform these steps on CCS App Server and All CCS Managers
NOTE: These steps will need to be performed on each server hosting the CCS Manager role.
Please note the certificate in step 8 will be unique for CCS Manager role (i.e. CCSManager-%Machine_Name%). It is helpful to store all exported certificate files (.CER) in a folder accessible to the Domain Controller.