We are having a recurring issue with one of our servers that I am not sure how to troubleshoot. The server is used to host an instance of Microsoft TFS and every few weeks Windows Authentication suddenly stops working on the TFS website. When this happens we get the default browser login prompt after navigating to the TFS site but are unable to log in. The problem appears to be in IIS and a simple restart of the TFS app pool fixes the issue but I would like to discover the root cause. Can anyone point me in the right direction on fixing this?
Here's some additional information that may be helpful:
- I have not been able to log in using local or domain account from either remote PCs or on the server after I remoted into it.
- The site is configured to use NTLM Authentication and I verified with Fiddler that this is what is failing.
- In the IIS logs I see that I am getting the error 401 1 2148074254 in response to requests that include an NTLM token.
- The TFS application pool is a v4.0.30319, Integrated pool configured to use a domain account which is a local admin as it's identify.
- The server is a Windows Server 2012 R2 with IIS 8.5.