We are having intermittent problems from certain machines with correct credentials being denied. For example, using a windows 7 machine on our Server 2012 native domain, remote desktop to the domain controller will connect/reconnect all day... then a login later in the day might say the password is incorrect and deny access to the server with ANY correct credentials -- even the administrator account. This problem is isolated to the local PC or terminal server when this happens, and it does not resolve itself over time. Logging out and logging back in to the offending PCwill not solve the problem, but in all cases so far, restarting the machine will allow it to connect to servers via RDP with credentials that were previously rejected.
I had this problem again today on my Windows Server 2008 terminal server connecting to either domain controller (DC1 and DC2) and several other servers... but some servers connect with no problem. We have one domain, so there are no trust issues. We can ping the servers that we cannot connect to via RDP, and they are available on the network by DNS name and IP. I'm also able to connect to the server's administrative share (c$) while being denied RPD access with the same credentials.
I believe it is a problem with the local machine when it gets into this "mode" where it cannot authenticate. Some servers will accept RDP credentials from the machine, but others will not. For example, I cannot connect to DC1, but I might be able to connect to FS1. Continuing in this example, another PC will be able to connect to both servers. It doesn't appear to be a server-side problem, but has occurred on several Windows 7 PCs, and on a Windows Server 2008 Terminal server on our network.
Another thought I had is that it might be something related to NTLM authentication being lost or dropped until Reboot?
Thoughts? Anyone?