An error is seen logging on to Storefront.

 "Your logon has expired. Please log on again to continue"

Error is only seen when logging on as a user from a different domain to that of the Storefront server .

Open firewall on port 389 to ensure connectivity between the DDCs and the Domain Controller in the other domain. This resolves the issue.

Problem Cause

There are no errors on the Storefront event logs.

However the DDC event log shows this error.

Event 2100 

Log Name:      Application

Source:        Citrix Broker Service

Date:          7/4/2024 2:16:41 PM

Event ID:      2100

Task Category: None

Level:         Warning

Keywords:      

User:          NETWORK SERVICE

Computer:      xxxx.xxx.xxx.xxx

Description:

The Citrix Broker Service failed to validate a user's credentials on an XML service. 

Verify the trust relationships between your domains. 

Error details: 

User:  '' 

Error: 'InvalidCredentials' 

Message: 'Failed Windows logon, error code 1311'

A Telnet command on port 389 to the domain controller in the other domain fails. Port 389 is needed for AD Connectivity.