I am experiencing an issue that prevents some authorized domain users from successfully log in from remote.

The issue appears randomly and according to my findings it seems not to be related to any system or network problem. We're using two domain accounts to login from remote and when issue occurs, most of times only one account is denied access.

Checking Windows Events registry, we found out that only one warning having event id 12299 and no user name attached is recorded for each failed attempt.

The only workaround we have found until now is to login through remote desktop and open a local ssh connection

using the client installed under "C:\Program Files\Pragma\Clients" with the following syntax:

ssh.exe –l [user@domain] –i [private_key_path] [localhost_ip]

After a local ssh connection has been successfully opened, users are allowed once again to log on from remote.

The problem with this workaround is that it requires manual intervention and we often run into further issues when using -i option for public key authentication (e.g. it doesn't work with key generated by puttygen).

The former is a huge drawback in our scenario as all tasks are supposed to be carried out by external applications running on Linux servers :(

I'm trying to figure out another solution but until now I haven't found anything.
We're on latest Pragma 64 bit release on Windows Server 2008 R2.