Inspecting the BCCA logs yields many similar to the following:
NOTE: 0x460a150a is a reverse hex encoding for the IP address of 10.21.10.70.
The reason for unauthenticated users in reports might be because Auth Connector is unable to communicate with the Authentication Data Pods. Or it receives a "not found" upon querying the logon mapping between computer IP address and user name within your Active Directory (AD) services. In other words, your AD cannot map the user name in your domain with the IP address Auth Connector is querying and returns "not found". Therefore, as the portal reporting function is not able to display user name, it displays unauthenticated user instead.
There are many reasons why Auth Connector is unable to authenticate the users:
The failure of the computer IP-to-username mapping in AD might not be an Auth Connector issue but an AD issue:
Check the following with your AD team. As the rest of the users can map the IP-to-user, it's likely not an issue with the auth service.
NOTE: Some of these suggested investigations might require Microsoft Active Directory domain administrator privileges; consult with respective vendors.