This document describes the issue when Cisco Agent Desktop (CAD) Release 9.0 fails to authenticate with an Admin Workstation (AW) that runs Microsoft Windows SQL 2008 R2 SP1 if Windows NT authentication is used in the "ICM ADMIN Workstation Database" page.
Cisco recommends that you have knowledge of these topics:
Cisco Unified Contact Center Enterprise (UCCE)
The information in this document is based on these software and hardware versions:
Login failed for user 'ADMINWORK\CADUser'. Reason: Token-based server access validation failed with an infrastructure error. Check for previous errors. [CLIENT: X.X.X.X]
On the AW server through Microsoft SQL Server Management Studio, add the “CADUser” in the Login Properties pane and check the public and sysadmin check boxes.
Background Information on the Real Issue
This is due to the new security feature which was introduced in Windows 2008 User Access Control (UAC).
UAC is a new security feature introduced in Windows Server 2008 (also applies to Windows Server 2008 R2, Windows 7, and Windows Vista). When an administrator logs on to a computer that runs Windows 2008, the user’s full administrator access token is split into two access tokens: a full administrator access token and a standard user access token. In the log on process, authorization and access control components that identify an administrator are removed, which results in a standard user access token. The standard user access token is then used to start the desktop, the Explorer.exe process. Because all applications inherit their access control data from the initial launch of the desktop, they all run as a standard user as well.