User cannot access Crystal reports after user was deleted and recreated

We are using Crystal Enterprise XIr2.  We are using Windows AD authentication.  We had an issue with a user where they were deleted in Active Directory.  Now they can no longer run Crystal reports.  When I go into the CMC and open users I see this user.  When I try to open this user I get the following error
There was an error while retrieving data from the server: Active Directory Authentication failed to get the Active Directory groups for the account with ID "8B003DF11D45B244AC3B61AB36B6C445:ALLENDG". Please make sure this account is valid and belongs to an accessible domain.
I think Crystal is still trying to access the user's old Active Directory account.
I cannot delete the user either in CMC.
Is there someway I can correct this user.
Thanks
Adam

Arjun - Thank you for your help.  I looked in Central Management Console but I could not find what you indicated.
CMC--> Public Folder --> Administration Tools
In administration tool, there are two objects
1) Update Windows AD Group Graph
2) Update Windows AD Group Graph and Aliases --> Right click on this Report and click on RUN Now.
I ended up deleting the records for this user in these SQL tables and then user could access InfoView
CMS_Aliases5 (2 records for this user)
CMS_InfoObjects5 (1 record with both aliases)

Similar Messages

  • Farm Account gets Access Denied error when accessing SharePoint Subsites after Account was deleted and recreated in Active Directory .

    A SharePoint Domain Account(farm admin account) was deleted and recreated with the same absolute credentials in AD due to this i cannot navigate to certain sites, not even able to edit web parts and cant view site actions menu.
    The account has full permissions across the site and is a site admin.
    I have tried to import the old login to the new login 
    stsadm -o migrateuser-oldlogin <domain\name>-newlogin <domain\name> [-ignoresidhistory]
    But this did not help as it didnt resolve  the SID's issues.
    I couldn't restore the deleted object(AD acc) too.
    Is there a way that i can use to get this account to work again?
    There option of creating a new domain accout and give it full permissions is not recommened by the client.
    So i must find a to get this account to work again.
    Thank you in Advance.
    Calvin

    Hi,
    I would have a look in Active Directory first. Because a new account can't have same IDs that an old one, your new account can't be used instead of the old one, even if login, password and group memberships seems to be set all the same.
    If your forest functionnal level is 2008R2 or more, and if Active Directory Recycle bin has been enabled, you can probably restore the deleted account.
    you can find the way to restore a deleted account here :
    https://technet.microsoft.com/en-us/library/dd379509%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396
    If your forest is set to a previous functionnal level or the recycle bin is not enabled, you could give a chance to authoritative restore, as described here :
    https://technet.microsoft.com/fr-fr/library/cc816878(v=ws.10).aspx
    hope it helps
    Sébastien

  • Cannot access Crystal Reports after adding SP1

    On a new install of Crystal Reports 2008 I downloaded and added SP1 (cr121_clickonce.zip) to try to update my .NET to the new version of Crystal.  I now get the error message:
    The procedure entry point ?PrintLegend@CMapXLegend@CSLib300@@QAEXJJJJJ@Z could not be located in the dynamic link library cslibu-3-0.dll.
    I also added the update from 'cr120_redist_install.zip'  which will allow my users to access the .NET files and programs they need.  (This I did only on one machine to test its success)
    I am sure it is a case of inexperience but can you help me get back in business with Crystal Reports 2008

    Hmmm, "... I downloaded and added SP1 (cr121_clickonce.zip)"
    That file is not the SP 1 download. Sp 1 is here:
    https://smpdl.sap-ag.de/~sapidp/012002523100010503722008E/cr2008_sp1.exe
    So. At this point, I'm not really clear as what has been done and why.
    E.g.; "...I downloaded and added SP1 (cr121_clickonce.zip) to try to update my .NET to the new version of Crystal"
    - this sounds kinda muddled up...
    And this: "I also added the update from 'cr120_redist_install.zip' which will allow my users to access the .NET files and programs they need. " also does not sound right.
    I'd recommend uninstalling CR 2008 on your development system. Reinstall and then Apply SP 1 from the above link. This will update you to CR 2008 SP1 on the development computer.
    Now, if you are then trying to deploy a .NET app to a client, use the MSI from here:
    https://smpdl.sap-ag.de/~sapidp/012002523100011722132008E/cr121_redist_install.zip
    or you can build your own deployment project using the msm from here:
    https://smpdl.sap-ag.de/~sapidp/012002523100011715292008E/cr121_mm.zip
    Ludek

  • Users cannot access removable devices after you enable and then disable a Group Policy setting in Windows 7 64 Bit

    Users cannot access removable devices after you enable and then disable a Group Policy setting on Windows 7 64 bit machines.
    on the 32 bit machines I was able to apply this hotfix
    http://support2.microsoft.com/kb/2738898
    But it will not install on 64 bit machines. 
    Is there a hotfix for 64 bit?  If not, what is the work around?
    Thanks!
    Robert

    Select "Show hotfixes for all platforms and languages", then download x64 hotfix:
    Please take a moment to Vote as Helpful and/or Mark as Answer where applicable. Thanks.

  • Users cannot access SharePoint items after being added to a group.

    When chaning membership of a SharePoint group that has item level permissions, the users in the SharePoint group can no longer access the items.  I have a group that has low contributor/low modifier permissions on an item.  When adding a new
    user to the group, the existing members and new members can no longer access the item.

    Hi Clem,
    Let's verify your issue:
    When a new item was added, you set permission to the group via workflow. Then when you added a new user to the group, the permission at the item level for the group was removed. Is it right?
    How did you design your workflow to set permission to the group? Which actions did you use? Please provide more information about your workflow to reproduce this issue.
    In addition, after you added a new user to the group, go to the item level permission page, check whether the group has permission to the item.
    Best Regards,
    Wendy
    Forum Support
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
    [email protected]
    Wendy Li
    TechNet Community Support

  • How do I install Mountain Lion on a Macbook after it was deleted and it is registered under an unknown Apple ID?

    Supposedly the person has to delete it from their Apple ID.
    Is this true? It is mine and was installed by a teacher under their Apple ID and now is not back until mid September!
    Thanks for your help!

    Mac OS X, in this case Mountain Lion can only be reinstalled using the same Apple ID it was originally installed from.

  • User cannot access redirected Documents folder, but can connect to share in Windows Explorer and access folder on server

    I am in the final stages of a cross-forest migration.  Users have Windows 7 workstations with redirected folders on a Windows Server 2012 box running in the old forest.  User accounts were not migrated.  The accounts in use have always
    been in the "new" forest.  One of our challenges was the large volume of data in redirected folders.  I made sure users in the target forest had continued to have access to their redirected folders in the old forest and robocopied
    the entire users share, copying the permissions with the files.  By doing incremental robocopies, we can get a final copy done now in about six hours.  The plan was simple: copy the files, do an incremental copy every night, on the night of the cutover
    change the folder redirection policy Documents path from
    \\oldserver\users\%USERNAME% to
    \\newserver\users\%USERNAME%. The policy is configured to NOT copy user files from the existing folder to the new redirected folder.  Everything was going well until I tested the policy change.  After the folder redirection policy is updated
    and applied, the user cannot access the private Documents folder.  For example, user Chester Tester logs on as ctester.  I open Windows Explorer and click the Documents shortcut.  I see one subfolder, which is subfolder of Public Documents. 
    So I can look at Public Documents but when I click on the Documents folder (Under the Documents library link) I get an access denied error.  Now for the kicker, if I open another Windows Explorer window and edit the address bar to
    \\newserver\users\ctester, I can navigate the Documents folder tree and see my thousands of documents. What the ....?
    I'm hoping this is something really simple to fix!
    TIA

    HI Vivian,
    Thank you for your reply.  Yes, the path in Group Policy Folder Redirection Root Path was updated to
    \\NEWSERVER\users.  I had planned to point this to the distributed file system, so the first used was actually
    \\domain\dfs\users.  To simplify things I have backed off to copying to just a normal share
    \\newserver\users. 
    We are using BASIC folder redirection and we create a folder for each user under the root path. 
    We did not want the policy to move content, as we were seeing users requiring 15-20 minute logon times  (or higher) after the policy is changed.
    Grant the User exclusive right to Documents - Disabled
    Move the contents of Documents to the new location - Disabled
    Related folder settings
    Video - Follow Documents
    Music - Follow Documents
    Pictures - Follow Documents
    Now when I change the folder redirection from old server to new server I now have TWO My Documents folders in the user's redirection folder on the server.  The redirected Documents points to an empty folder set.  The copied folders with all user
    data are there, but folder redirection refuses to recognize the original folder.
    I am looking at the full view of the folder, nothing hidden, so I'm wondering how a folder can have two subfolders with the exact same name.  For now, I just want the redirection to move from the old server to the new server properly.  I deleted
    the new My Documents folder, rebooted the user's workstation and tried again.  The behavior repeats itself, i.e., a new My Documents folder is always created when the redirection policy is changed from the old server to the new server.  The environment
    has about 1500 users with approximately 1.3TB of data in the redirected Documents folders.  OUCH!

  • Log to check as to which user has accessed which report?

    Hi,
    I am using BOBJ for report creation and SAP BI for datawarehousing.
    The user can access these reports using the iviews created in the portal. Due to some performance testing requirements we need to check which user accessed which report and if he has drilled down to a particular level in a report, then there should be a means to know that as well.
    BO offers a few standard activity reports to check which user has done which activity. However the details of drill down etc. cannot be checked using that. Please help as to how can we check that too.
    Best Regards,
    Neha

    Hi,
    See [Business Objects|/community [original link is broken]; and [Crystal Reports|/community [original link is broken]; forums for this topic.
    -Paul

  • Non-admin user cannot access Essbase server level variables

    Version 11.1.1.3
    Essbase Substitution variables are created at server level. Users are getting error in FR report that uses the Subsitution Variable -- Essbase Error(1051085): You do not have sufficient access to get this substitution variable. Also, users cannot access Substitution variable in SmartView. However, users can access variables created at database level. Users are provisioned as "Server Access" to Essbase and filter access to ASO application "MGTRPTG", where MGTRPTG is an ASO essbase application for reporting. We tried the same provisioning in two other environments and it seems to be working fine.
    User is type "Essbase and Planning" provisioned with essbase "server access", application mgtrptg "filter", Reporting and Analysis "analyst", "dynamic viewer" and "Explorer". In addition, it is given a filter "REP_DME_GALB" which restricts 2 dimensions (Division and Geography).
    Steps taken to resolve:
    1. Existing users were deprovisioned and reprovisioned with no effect.
    2. Created brand new identically provisioned users in Prod and QA. QA user can access the server level var and Prod user cannot
    3. Created a brand new server level variable in Prod and this cannot be accessed.
    4. All services have already been restarted several times.
    5. SR has been opened.
    Temporary workaround:
    By creating a duplicate of the same set of variables at the database level, the reports work. This can only be a temporary workaround as the client cannot be expected to maintain two sets of substitution variables since there are 3 applications using these server level variables.
    Thank you for any ideas!
    Jennifer

    You have stumbled on a defect which is resolved in the Hyperion Planning 9.3.1 patch 6 and above. If you have your planning preferences set to indent members it will cause forms which have page selections to show as invalid in SmartView.
    You can either patch Planning or turn off the preference. The patches are available from http://metalink3.oracle.com and require account which has been associated with your client ID.
    P.S. Usually it's not a good practice to use the admin id.
    Regards,
    -John
    Edited by: Jbooth on Nov 3, 2008 2:12 PM

  • PIX Users Cannot Access Other Websites & Email Servers on Same-Shared T1 Co

    We are sharing a T1 connection with another business in our building. They have their own separate network environment from mine. I have a Windows 2003 Small Business Server behind a PIX-501 and the users in my network connect to the Internet via Windows Server?s DHCP and Internet sharing (NAT) services.
    All Internet and email traffic is accessible except for those hosted by the other company who we're sharing a connection with. My users cannot access that company?s web server or send email to their email server (we all get 4.4.7 SMTP errors? days later after sending the message).
    They have no firewall on their end; which is why I think there may be something wrong with my PIX configuration (see attached config file). I'm sort of a newbie with the PIX CLI, so any help I can get could be great. Thanks in advanced!

    The problem is not with PIX. This is a common problem when sharing a T1 link as it creates a routing problem since routing cannot be done based on shared T1 channels. Your PIX config is fine and has nothing to do with this issue.

  • BOX31 - Users cannot access InfoView

    After upgrading BOXIR2 to BOX31 the users cannot access InfoView. The following message is shown:
    Account Information Not Recognized: Enterprise authentication could not log you on ...
    As administrator I can access OK.
    What has changed between BOXIR2 and BOX31 in terms of user authentication?
    Thank you in advance.

    The structure of the users is as follow:
    Management (at the top)
    - Accounting
    - Marketing
    - Sales, etc
    Users can then access one of the above, only one.
    Universe restrictions has been applied to allow users to see information related to their department only.
    We do not use any Windows AD authentication, it is just Business Objects.
    Thank you.

  • User cannot access

    hi,
    i  am new to this forum,i have one doubt,
    user cannot access one authorization field , how can i analysis this issue, i know su 53 for find the authorization field...but user have 100 roles... how can i find the which role and object...plz help me..

    Hi Hassan,
    This is not the correct category. This message should be opened under security item. However, you can find the whole required authorization objects list, by using ST01 trace.
    Best regards,
    Orkun Gedik

  • I have a big problem with Lion and PGP. After upgrading from snow leopard to lion I cannot access my PGP drive which was generated under snow leopard. PGP does not start but gives a notion that lion cannot work with my PGP version. Solution?

    After upgrading from Snow Leopard to Lion I cannot access a PGP drive which was generated under snow leopard. PGP does not start. When I try to start I just receive a message that Lion cannot work with PGP. How can I now access important and confifential informatio which I have stored in PGP (snow leopard). Do I have to move back to snow leopard. If so, how can I do this? 

    If you have this product,
    http://www.symantec.com/business/support/index?page=content&id=TECH165159
    you have to go back to Snow Leopard.
    To re-install SL, back up your home directory, format and re-install.

  • Need to print Current user Name in crystal report in B1

    Hi all,
    In Crystal reports there are 2 current user fields
             CurrentCEUserName
    and   CurrentCEUserID
    I have tried to add these fields to the footer of my reports, but no information comes out.
    Is there any way to find out the current user and print their user name on the report?
    Users have 2 id's.  Where can I find this info and add it to the report.
    A) the windows user id if possible
    B) the SAP user id
    Thanks
    Chris

    HI,
    If you want SAP user id ,add OUSR table and pick user id from that table.
    or check http://www.crystalreportsbook.com/forum/forum_posts.asp?TID=14295
    Thanks,
    Neetu

  • Computer clock that user cannot access

    I have made a game that i published on Kongregate using C# language with Unity.
    I have a serious issue though. If the player stays offline, he gets some bonus in game when he returns. The more he is offline the bigger bonus. The issue is that if someone while he is offline changes the clock of his computer to 1 day or 10 years in the
    future he gets so much bonus that he ruins the game.
    Is there any way to avoid that without having a server to get time?
    In the webplayer i cannot use NTP due to security limitations, so i am trying to find a clock that the user cannot access.
    Thanks in advance for any possible answers!

    The software house where I'm working as a phone app which uses a timestamp on data it sends to a server.
    There are frequent issues with users messing with the time on their devices for games like candy crush.
    This causes no end of problems since you get data which is sent as if it happened like yesterday or some such and bad stuff happens.
    You definitely don't want to rely on the time on the users computer.
    Get the time when you start up or support bonus for save to server only and apply it retrospectively.
    Use a timer to see how long they play between saves if necessary.
    Or change the game and ditch the bonus mechanism.
    Hope that helps.
    Technet articles: Uneventful MVVM;
    All my Technet Articles

Maybe you are looking for