<Admin>
authenticate(ms2012) authenticate.force(no)
<Admin>
ALLOW admin.access=(READ, WRITE)
While investigating these problem you will see the following LSA debug log entries, which indicate the user's password is invalid even though the password is good:
2157.817 LW_Error_to_auth_result(), mapping LW_ERROR_INVALID_PASSWORD 40069 to AUTH_E_CREDENTIALS_MISMATCH 2425130
2157.817 GSSAPI: Error in gss_accept_sec_context() at g_accept_sec_context.c:225 [major: 851968, minor: 40069]
2157.817 GSSAPI: gss_accept_sec_context() at g_accept_sec_context.c:223 [Minor: 40069]
2157.817 TRACE: lsass - [ntlm_gss_accept_sec_context() gssntlm.c:1201] Error code: 40069 (symbol: LW_ERROR_INVALID_PASSWORD)
2157.816 TRACE: lsass - [NtlmClientAcceptSecurityContext() acceptsecctxt.c:93] Error code: 40069 (symbol: LW_ERROR_INVALID_PASSWORD)
2157.816 TRACE: lsass - [NtlmTransactAcceptSecurityContext() clientipc.c:222] Error code: 40069 (symbol: LW_ERROR_INVALID_PASSWORD)
2157.816 TRACE: lsass - [NtlmServerAcceptSecurityContext() acceptsecctxt.c:179] Error code: 40069 (symbol: LW_ERROR_INVALID_PASSWORD)
2157.816 TRACE: lsass - [NtlmValidateResponse() acceptsecctxt.c:839] Error code: 40069 (symbol: LW_ERROR_INVALID_PASSWORD)
2157.816 TRACE: lsass - [LsaSrvAuthenticateUserEx() auth.c:438] Failed to authenticate user (name = 'administrator') -> error = 40069, symbol = LW_ERROR_INVALID_PASSWORD, client pid = 4194862
2157.816 TRACE: lsass - [LsaSrvAuthenticateUserEx() auth.c:375] Error code: 40069 (symbol: LW_ERROR_INVALID_PASSWORD)
2157.815 TRACE: lsass - [AD_AuthenticateUserEx() provider-main.c:1641] Error code: 40069 (symbol: LW_ERROR_INVALID_PASSWORD)
2157.815 NTLM authentication failed: 0xC000006A(-1073741718)