Support

Communication fails between adTempus computers with error "The server has rejected the client credentials"

Article ID: K00000648
Last Updated: September 16, 2025

Applies To

adTempus 4
adTempus 5

Symptoms

The adTempus Controller/Master reports that it cannot connect to a Remote Agent, or the Console gives an error when trying to connect to a remote computer. In either case the error message contains the reason "The server has rejected the client credentials."

The System log in the Event Viewer on the remote computer will show error 6167 from the LSA source: "There is a partial mismatch in the machine ID. This indicates that the ticket has either been manipulated or it belongs to a different boot session. Failing authentication."

Cause

This problem appears to be caused by a Windows change introduced in update KB5065426 It only occurs if the two computers share the same machine SID, which can happen if one computer was cloned from the other, or both were cloned from a common source, without changing the SID during the clone operation. The problem appears to affect only Windows 11 computers and not server operating systems.

This problem is not adTempus-specific but is a Windows problem that affects other inter-machine communication, including Remote Desktop connections.

Discussion of this problem can be found on various sites including Windows 11 Forum and Reddit.

Resolution

The simplest solution is to roll back the Windows update and wait for more information or a resolution from Microsoft.

Online discussions suggest using a third-party tool to change the SID of one of the computers. Note that there are potentially serious side-effects from doing this; make sure you understand them before doing this. Making this change is outside the scope of Arcana Development support; we cannot advise you on or assist you with this.

Workaround

It is possible to work around this issue by configuring adTempus to use Certificate Security rather than relying on Windows Active Directory for security and authentication of the communication between computers, but we recommend removing the Windows update as a more straightforward solution. Additional instructions may be provided in a future update to this article, or contact us for assistance with making the change.

Status

adTempus 4
adTempus 5