When attempting to add a Windows server running SPE 9.1 into the Windows Console program it failed with error box: "authentication failed due to invalid credentials"

After putting the REST API logging into debug mode the following error was found in SPE_REST_API.log

ERROR spe.authentication.security.CustomLdapAuthenticationProvider:97 - CustomLdapAuthenticationProvider - authentication failed due to invalid credentials. Exception: org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09056B, comment: AcceptSecurityContext error, data 52f, v4f7c ]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09056B, comment: AcceptSecurityContext error, data 52f, v4f7c ]

The most significant tell in the error is the LDAP return code: "data 52f".  52f indicates a special user or limitation is imposed on the user.

The user was a member of another AD group that limited his permissions even though he was a domain administrator. The reason for the group was to limit rights for reasons not disclosed.

The administrator removed the user account from the special group, then logged into the console. This resolved the problem. The next attempt to import the server was successful.