While trying to extend the AD Schema on a Windows Server 2019 domain controller – I received the Failed to extend the Active Directory Schema with error 8224 in the C:\ExtADSch.log file. Use repadmin.exe /syncall
The computer you are signing into is protected by an authentication firewall. The specified account is not allowed to authenticate to the computer.
1. Login to local domain controller where the resource (workstation) resides. Open AD Users and computers – switch to Advanced Features view.
Find the workstation you are trying to login to – right click – properties – security tab.
2. Under group or Usernames – click Add.
3. Select Locations – select domain that contains the user account trying to login.
4. Enter username – click OK – authenticate with account that has access.
5. Select user – then in permissions for user select “allow” for allowed to authenticate. Finished!