I'm having a problem show up randomly on our 10.8.5 computers. The user will log out and when they attempt to log back in they are just shaken off. When I look at the system log I see this:
Oct 21 09:14:58 COMPNAME SecurityAgent[129]: User info context values set for username
Oct 21 09:14:58 COMPNAME authorizationhost[300]: in pam_sm_authenticate(): Got user: username
Oct 21 09:14:58 COMPNAME authorizationhost[300]: in pam_sm_authenticate(): Got ruser: (null)
Oct 21 09:14:58 COMPNAME authorizationhost[300]: in pam_sm_authenticate(): Got service: authorization
Oct 21 09:14:58 COMPNAME authorizationhost[300]: in pam_sm_authenticate(): Context initialised
Oct 21 09:14:58 COMPNAME authorizationhost[300]: in pam_sm_authenticate(): Stashing kcm credentials in enviroment for kcminit: username@domain.COM
Oct 21 09:14:58 COMPNAME authorizationhost[300]: in pam_sm_authenticate(): pam_sm_authenticate: ntlm
Oct 21 09:14:58 COMPNAME rpcsvchost[113]: failed to create secure channel: STATUS_ACCESS_DENIED (0xC0000022)
Oct 21 09:14:58 COMPNAME authorizationhost[300]: in pam_sm_authenticate(): OpenDirectory - The authtok is incorrect.
Oct 21 09:14:58 COMPNAME authorizationhost[300]: Failed to authenticate user <username> (error: 9).
If I attempt to unbind the computer from the domain and bind it again, I get the error:
An error occurred binding to Active Directory: dsconfigad: Authentication server could not be contacted. (5200). (Attempt 1)
DNS forward and reverse lookups are working correctly. Pings fine.
The fact that I can't bind to the domain again seems to point me to the domain controller, any ideas?
The primary and secondary domain controllers are 2008r2, and I get the same result if I manually specify either of the domain controllers to prefer.