We've got an edirectory tree running on NW 6.5 SP7 servers, which was recently updated to edirectory 8.8 SP3. Universal password policies have only recently been applied at about the same time as this upgrade.

Since this we've had some random issues with users logging in - once they enter a username and password, instead of the usual red N in a box, you just get the hourglass and a long delay (about 5 minutes), then an error message stating that the "connection to the server was terminated".

If you change the user's password, then they can log in straight away...

Checking the client NMAS logfile gives the following 8819 error:

Your current context is OU.TREE
LOGIN-LGNWNT32.DLL-870: An unknown error was returned during LOGIN's attempt to attach.
Error code: 8819.

The problem is that it's fairly random, and it's so far been impossible to narrow down any one situation where it happens. A user can often login fine on one PC, but then has problems once they move to another.

Now it seems to me that it could be a problem with a specific server (ie: workstations that users can login to are attaching to working server, when a user cannot login it's because the client is attached to a non-working server) but again it doesn't seem that consistent.

Anyone got any ideas, because I'm just about out of them!

Many thanks,