Synchronize files system detected a possible attempt to compromise security

Error received. The system detected a possible attempt to compromise security. Please ensure that you can contact the server that autenticated you.

Only way to resolve is to restart the server. Anyone faced with this error and has a solution, please assist me. Greatly appreciated. Just thought I'd add in that I, also, resolved this but had to remove and readd the NIC to do so through device manager. I'd like to understand the cause of this - it's not an error one would expect on a small [home based] network, and I fail to see why one would need to or COULD resolve it by changing network settings.

Unfortunately, the issue, though it's been around for a while, doesn't appear to be well documented in cause nor why the changing of or removal and readding of NIC settings would be considered a resolution rather than a stop-gap measure. This conversation is currently closed to new comments. UDP is a best-effort protocol, and things like VPNs or busy networks cause odd things to happen like not being able to authenticate.

Kerberos cannot tolerate packets getting out of order, which can happen due to MTU size issues, latency, etc. Microsoft allows you to go non-standard and force Windows to use TCP for kerberos authentication via a registry edit. If the user profile is not cached the credentials cannot be cached. They must logoff or the PC won't used cached credentials in all cases.

I had thought about forcing Kerberos to use TCP but had dismissed the idea since the problem is that the remote users cant contact the domain before they log in since they are not on the local network. I'll make the change anyway and see if it helps. At the very least it may help authenticate better with a split tunnel so I could set the VPN to activate on logon Thanks, for the idea, keep them coming please. Correct, your issue is cached credentials, or lack therof.

Roaming profiles tends to break cached credentials, as do users who never logout. I would fire up a sniffer like Wireshark and try to observe the failure Wireshark cant help here, I know the connection is failing, the users with this error are REMOTE users, they are not local to the DC, they can not authenticate on logon. It should be using the cached credentials but it is not at first, causing it to error, a lot.

Any image, link, or discussion related to child pornography, child nudity, or other child abuse or exploitation. Details required : characters remaining Cancel Submit 8 people found this reply helpful. Details required : characters remaining Cancel Submit.

This is a laptop, home-based PC type of situation. I have a router and stuff, but no server or anything complicated like that. Thanks for the help. When I attempt this, I get the following error: "The system detected a possible attempt to compromise security. This thread is locked. You can follow the question or vote as helpful, but you cannot reply to this thread. I have the same question Report abuse. Details required :.

Cancel Submit. A case is actually open at Microsoft to find the root cause. Steve P. How satisfied are you with this reply? Thanks for your feedback, it helps us improve the site. In this situation, you may receive one of the following error codes.

Please make sure that you can contact the server that authenticated you. Workaround If password changes that previously succeeded fail after the installation of MS, it's likely that password changes were previously relying on NTLM fallback because Kerberos was failing. In order to change passwords successfully by using Kerberos protocols, follow these steps: Configure open communication on TCP port between clients that have MS installed and the domain controller that is servicing password resets.

Note To check whether TCP port is open, follow these steps: Create an equivalent display filter for your network monitor parser. For example: ipv4. Make sure that the target Kerberos names are valid.