Azure MFA User Portal - Cannot Connect

Similar Messages

• User account cannot connect to Youtube or Netflix...

  Hey gang,
  I upgraded my late 2008 Unibody Macbook Pro to Mountain Lion the other day and have had no problems.  My son has a user account on the machine and all seemed to work fine until he tried to load YouTube in both Chrome and Safari.  He cannot connect to the site.  I can in my Admin Account.  We also tried Netflix on his account and we get an error in both Chrome and Safari saying it cannot play DRM content.  Wha?  I updated Flash on his accout and several other websites work.  He is also unable to connect to the app store.  I removed all restrictions from his account and restarted.  Still no dice. 
  Seems like it must be a simple fix, but for the life of me I cannot figure it out. 
  Anyone got any ideas?
  Thanks! 

  My wife's user account had the same problem with Netflix last night. It is working this morning and this is what I did.
  "Hmmm, I wonder if Netflix gives me the same DRM issue in my account." Everything usually works in my account and that is the account I installed Mountain Lion from.
  "Hey, it works. Okay, this is probably not the same problem Lion had with DRM in Safari and needed to be patched quickly by Apple. Let's see if I can get more information from Safari on my wife's account."
  Log into wife's account and launch the same show on Netflix and it now loads and plays. Don't ask how or why, but it works. Perhaps doing the same from your account will also have a beneficial result.
  --distracted24x7

• TMS User Portal: The connection was reset. TMS 14.6.0 + TMSPE 1.4.0.8

  Hello,
  I am building a small CMR setup in my lab for a customer demo.
  The problem is that TMS User Portal is not accessible and shows "The connection was reset". Everything else works fine.
  I struggle to find any reference on similar issues. Can somebody please suggest where to start looking?
  The setup details:
  Windows Server 2012 Std, x64
  SQL Server 2008 R2
  Thank you in advance,
  Best regards,
  Dmitry.

  I have installed jre-7u51-windows-x64.exe form the Java site. Installation went well, Java console shows 'enabled'. However, if I start TMS locally (127.0.0.1) and navigate to the Conference Control Center - it says:
  "Java support has not been detected. This page requires Java to be installed and enabled in your browser. Java may not be installed, or may be disabled in your browser due to configuration or security settings."
  What am I missing?

• MFA User Portal Issue

  Recently downloaded and installed the Multi-Factor Authentication server software on an on premises Windows 2012 R2 server.  I also installed the User Portal into IIS.  When I access the website for the user portal I am prompted with this error:
  Error communicating with the local Multi-Factor Authentication service. Please contact your administrator.
  I have looked everywhere for a solution but have not had much luck.  The MFA service is running under the Server Services and I have linked to our AD and synced under Directory Integration.  The user name and password fields are ghosted out so
  I can't type in these fields.  Anyone run across this?  IS it an IIS 8 or Windows 2012 R2 issue?  Am I the first person ever to experience this issue?  Any help would be appreciated.

  I found a solution for my installation, now it works fine. 
  1. Install User Portal
  2. Install SDK
  3. Create a certificate (I used from a domain root ca) and bind it to the Pages Portal and SDK
  4. Configure the web.config
      <add key="USE_WEB_SERVICE_SDK" value="true"/>     <add key="WEB_SERVICE_SDK_AUTHENTICATION_USERNAME"
  value="domain\user"/>     <add key="WEB_SERVICE_SDK_AUTHENTICATION_PASSWORD" value="PW"/>
  4. Install Windows Authentication on IIS
  5. For the Website SDK disable anonymous authentication and enable Windows Authentication 

• One user only cannot connect SharePoint 2007 calendar to Outlook 2010

  User is unable to connect a SharePoint calendar to Outlook.
  The normal procedure is to open the calendar, click Actions > Connect to Outlook > Allow > Allow > Yes and the calendar appears in Outlook. However, for this user only, she clicks Actions > Connect to Outlook > Allow > Allow and then
  nothing happens. The final dialog box, where she would click Yes, doesn't appear, and the calendar is not connected.
  It is working for everyone else who has the same permissions as her (several hundred users). She is able to view and edit the calendar in SharePoint, so the SharePoint permissions are working. It's just that she cant connect it to Outlook.
  I didn't see anything obvious in the event logs and am not sure where to go from here. Any ideas?
  Hoping someone can help.

  Hi,
  According to your description, I noticed that the issue only happened to one specific user. Please confirm if there is any error information when the Outlook can’t connect to Exchange server.
  If this Exchange account can’t be set up automatically in your Outlook client, please try to manually configure this account to have a try. To configure the Exchange account manually, please refer to:
  https://support.office.com/en-us/article/Add-or-remove-an-e-mail-account-ff7c7735-6117-4b0d-aef6-8aa8a072f60f?ui=en-US&rs=en-US&ad=US#bm3
  Regards,
  Winnie Liang
  TechNet Community Support

• Cisco Works LMS Portal cannot connect to ANIServer.

    Hi, team
    I have some problem, so I need your help.

  Before your last message, I've disabled all DFM polling and SNMP trap receiving. After that, the RME home started working normally and I was able to manage jobs once again. You were right, the server coudn't handle all the traps and the polling, but even after disabling those,  the CM home still shows the JRM down message. I tried stopping and restarting the JRM, like you suggested, but the problem persisted.
  The system is a Windows 2003 on a VMWare ESXi. The hardware is a dual Xeon with 4GB of dedicated RAM to the LMS server. I don't have the clock informations now, but I can provide it tomorrow.
  P.S.: Is there any clean way to prevent DFM from processing SNMP traps? For test purpooses, I changed the SNMP port, but it makes Windows to generate lots of ICMP port  unreachable packets and I don't intend to leave it this way.

• Unable to delete User object in FIM Portal - Cannot find the object "#calculateRequestSetTransitionsAssembleStatementsPartition"

  Hi,
  ***Problem
  I encounter a problem with FIM (version 4.1.3441.0 and 4.1.3496.0) when I try to delete a User object (and only a User object) whatever if it is
  manually/Expiration Workflow/Powershell.
  Deleting a User object used to be perfectly functional and, without any product version modification, stopped working. I haven't neither deleted/modified or add a
  "Grant" MPR or any of the corresponding Sets since last time I saw it working.
  Displayed error is "Request could not be dispatched" in FIM Portal and is referencing a stored procedure in Event Viewer.
  ***Error details
  When I try to delete a User object, here is the output :
  Portal
  "Processing error" on submit
  with the following details 
  Request status is stuck at "Validating" until next restart of FIM Service (after what it becomes “Canceled”)
  Request’s “Applied Policy” tab does not contain any MPR where, at least, a “Grant” MPR is expected
  As SQL Timeout is relatively high and error happens quickly, I don’t think there is a Timeout problem under that.
  Logs
  « Application »
  The Portal cannot connect to the middle tier using the web service interface.  This failure prevents all portal scenarios from functioning correctly.
  The cause may be due to a missing or invalid server url, a downed server, or an invalid server firewall configuration.
  Ensure the portal configuration is present and points to the resource management service.
   « Forefront Identity Manager »
  Reraised Error 50000, Level 16, State 1, Procedure ReRaiseException, Line 37, Message: Reraised Error 1088, Level 16, State 12, Procedure CalculateRequestSetTransitionsAssembleStatements,
  Line 332, Message: Cannot find the object "#calculateRequestSetTransitionsAssembleStatementsPartition" because it does not exist or you do not have permissions.
  Transaction count after EXECUTE indicates a mismatching number of BEGIN and COMMIT statements. Previous count = 1, current count = 0.
  Microsoft.ResourceManagement.WebServices.Exceptions.UnwillingToPerformException: Other ---> System.Data.SqlClient.SqlException: Reraised Error 50000, Level 16, State
  1, Procedure ReRaiseException, Line 37, Message: Reraised Error 1088, Level 16, State 12, Procedure CalculateRequestSetTransitionsAssembleStatements, Line 332, Message: Cannot find the object "#calculateRequestSetTransitionsAssembleStatementsPartition"
  because it does not exist or you do not have permissions.
  Transaction count after EXECUTE indicates a mismatching number of BEGIN and COMMIT statements. Previous count = 1, current count = 0.
     at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection)
     at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj)
     at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler,
  TdsParserStateObject stateObj)
     at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString)
     at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async)
     at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, DbAsyncResult
  result)
     at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(DbAsyncResult result, String methodName, Boolean sendToPipe)
     at System.Data.SqlClient.SqlCommand.ExecuteNonQuery()
     at Microsoft.ResourceManagement.Data.DataAccess.UpdateRequest(RequestType request, IEnumerable`1 updates)
     --- End of inner exception stack trace ---
  Requestor: urn:uuid:7fb2b853-24f0-4498-9534-4e10589723c4
  Correlation Identifier: e7209633-46d0-4f4b-a59e-807649ef71ea
  Microsoft.ResourceManagement.WebServices.Exceptions.UnwillingToPerformException: Other ---> System.InvalidCastException: Specified cast is not valid.
     at Microsoft.ResourceManagement.WebServices.RequestDispatcher.CreateRequest(UniqueIdentifier requestor, UniqueIdentifier targetIdentifier, OperationType
  operation, String businessJustification, List`1 requestParameters, CultureInfo locale, Boolean isChildRequest, Guid cause, Boolean doEvaluation, Nullable`1 serviceId, Nullable`1 servicePartitionId, UniqueId messageIdentifier, UniqueIdentifier requestContextIdentifier,
  Boolean maintenanceMode)
     at Microsoft.ResourceManagement.WebServices.RequestDispatcher.CreateRequest(UniqueIdentifier requestor, UniqueIdentifier targetIdentifier, OperationType
  operation, String businessJustification, List`1 requestParameters, CultureInfo locale, Boolean isChildRequest, Guid cause, Boolean doEvaluation, Nullable`1 serviceId, Nullable`1 servicePartitionId, UniqueId messageIdentifier)
     at Microsoft.ResourceManagement.WebServices.ResourceManagementService.Delete(Message request)
     --- End of inner exception stack trace ---
  For information, a maintenance plan rebuild/reorganize indexes daily and this problem has occurred on servers with different performances.
  Is any of you has already encounter this problem ?
  Any help would be greatly appreciated,
  Thanks in advance for your help,
  Matthew

  While there are several SQL Agent jobs (FIM Temporal Events, Maintain Sets, and Maintain Groups among others)created by the FIM install only one of those is enabled and scheduled and it calls all of the same stored procedures that the other
  jobs do. Step 2 is Maintain sets and Step 3 is maintain groups. So the Maintain sets and groups jobs never need to get enabled and scheduled, but if you want them to be maintained more frequently then you can.
  David Lundell, Get your copy of FIM Best Practices Volume 1 http://blog.ilmbestpractices.com/2010/08/book-is-here-fim-best-practices-volume.html

• MFA Server - User portal and mobile app web server should be installed where?

  Hi. We are in the process of testing the Multi-Factor Auth server and are currently using it for two-factor authentication to RDS for a couple of users. At the moment we are only using the phone call/text options but I'd like to get the mobile app portion
  working to test.  Also still need to implement the user self-service portal for testing.
  Currently I have a vm that was dedicated to MFA where the Multi-Factor Authentication Server software was installed.  Now though I'm a bit confused as to if its safe to install the user portal and mobile app web service portion on this same machine
  or if they should go on a different server(s)?  Currently the box is internal but I'm guessing if it has also act as the web server we would stick it behind the TMG for external inbound access.  Is external access to the primary MFA server ok? 
  What's the best practice for separation of the MFA roles; or is there none and its fine to just put it altogether? 
  Thanks.

  Hello Col. Forbin,
  Thanks for posting here!
  You have a dedicated MFA server and if you install User Portal on the same server as the MFA Server, it uses RPC to communicate with the MultiFactorAuth service locally.
  If the User Portal is installed on a different server, it must connect via the Web Service SDK. You can use either a username/password of a service account that is a member of the PhoneFactor
  Admins security group, or you can configure client certificates. If using the username/password, you can encrypt the appSettings section of the web.config file if desired.
  Under Inetpub\wwwroot\MultiFactorAuth when you edit the web.config file you need to make sure these values are set.
  USE_WEB_SERVICE_SDK:
  true
  WEB_SERVICE_SDK_AUTHENTICATION_USERNAME: domain\user
  WEB_SERVICE_SDK_AUTHENTICATION_PASSWORD:
  password
  OVERRIDE_PHONE_APP_WEB_SERVICE_URL: 
  You might want to refer this thread link:
  https://social.msdn.microsoft.com/Forums/en-US/ad1f6fc1-ab3f-482d-a435-e4fd6665f640/mfa-user-portal-issue?forum=windowsazureactiveauthentication
  Additional reference links:
  https://technet.microsoft.com/en-us/library/dn376347.aspx#multifactor
  https://pfweb.phonefactor.net/install/6.2.1.16387/release_notes.txt
  Let me know if you have any further questions!
  Regards,
  Sadiqh Ahmed

• Wifi chipset incompatibility issues? 2 users cannot connect

  i recently purchased a couple of Airport Extreme (n) WAP's for my office. I ended up only connecting 1 of them in the centre of the office (so-to-speak), and replaced 4 previous WAPs. Very Impressive!!!
  i have 2 users who cannot connect though (conversely i have 11-15 who have no problem).
  in looking at the log file using the Airport Utility, i see the following error lines:
  Mar 14 12:24:05 5 Installed unicast TKIP key for supplicant 00:14:a4:34:cd:19
  Mar 14 12:24:07 5 Deauthenticating with station 00:14:a5:1f:b7:62 (reserved 2).
  Mar 14 12:24:07 5 Disassociated with station 00:14:a5:1f:b7:62
  Mar 14 12:24:07 5 Associated with station 00:14:a5:1f:b7:62
  Mar 14 12:24:08 5 Deauthenticating with station 00:14:a4:34:cd:19 (reserved 2).
  Mar 14 12:24:08 5 Disassociated with station 00:14:a4:34:cd:19
  Mar 14 12:24:10 5 Deauthenticating with station 00:14:a5:1f:b7:62 (reserved 2).
  Mar 14 12:24:10 5 Disassociated with station 00:14:a5:1f:b7:62
  Mar 14 12:24:10 5 Associated with station 00:14:a5:1f:b7:62
  Mar 14 12:24:11 5 Associated with station 00:14:a5:1f:b7:62
  Mar 14 12:24:11 5 Associated with station 00:14:a4:34:cd:19
  Mar 14 12:24:11 5 Deauthenticating with station 00:14:a5:1f:b7:62 (reserved 2).
  Mar 14 12:24:11 5 Disassociated with station 00:14:a5:1f:b7:62
  Mar 14 12:24:11 5 Installed unicast TKIP key for supplicant 00:14:a4:34:cd:19
  Mar 14 12:24:12 5 Deauthenticating with station 00:14:a5:1f:b7:62 (reserved 2).
  Mar 14 12:24:12 5 Disassociated with station 00:14:a5:1f:b7:62
  Mar 14 12:24:12 5 Associated with station 00:14:a5:1f:b7:62
  Mar 14 12:24:13 5 Deauthenticating with station 00:14:a5:1f:b7:62 (reserved 2).
  Mar 14 12:24:13 5 Disassociated with station 00:14:a5:1f:b7:62
  Mar 14 12:24:13 5 Associated with station 00:14:a5:1f:b7:62
  Mar 14 12:24:14 5 Deauthenticating with station 00:14:a5:1f:b7:62 (reserved 2).
  Mar 14 12:24:14 5 Disassociated with station 00:14:a5:1f:b7:62
  Mar 14 12:24:14 5 Deauthenticating with station 00:14:a4:34:cd:19 (reserved 2
  it appears to be only these two people, who both have MAC Addresses starting with 00:14, which is an Atheros(?) wireless chipset? is my only option to give these users a pcmcia wifi card? One is a Dell Laptop (Vista), one is an IBM Laptop (XP) - but i suspect this is a compatibility issue with the chipset and the AP...
  thoughts or ideas?
  <br<br>
    Other OS  

  One more detail. Last school year our Xserve, iMacs and MacBook Pro systems all ran Mac OS 10.8.5.

• Cannot connect to microsoft services.

  I purchased a macbook however i cannot connect to ANYTHING Microsoft. By this i mean remote desktop connection, my hotmail email account as well as windows shares. I get invalid password for every medium i try use. I have been through several forums and the only thing that does actually work is a numeric password to connect to these services, but for security reasons this would not be a good way to go for me. It worked initially with 10.7.4 but after the updates are applied it was neer the same. I have tried all the way to 10.8 and yet nothing. Any help with this is greatly appreciated.

  The installation steps are understandable and I’ve followed all steps you basically described … couple of times…and I end up with the same error message: “Following error occurred during Microsoft Azure Backup SnapIn operation. 
  Error details: The Microsoft Azure Recovery Services Agent cannot connect to the OBEngine service. Verify that the OBEngine service is present in the Services Control Panel and that the port 6049 is available."
  The Microsoft Azure Recovery Services Agent (obengine) service is up and running (Started/Manual).
  When Microsoft Azure Recovery Services Agent SnapIn is closed and reopened the same message appears in the SnapIn window immediately after opening.
  Yesterday I created new backup vault, downloaded and installed Agent, registered server with new credentials, scheduled backup, clicked backup now and …oops same error message…thus
  looking for ideas.
  Rob

• Cannot connect Service Manager with Orchestrator Web Service URL

  Dear TechNet User,
  i cannot connect my service manager console with my Orchestrator Webservice. i try to connect to "http://AMSCO01:81/Orchestrator.svc" ... the user i´ve choose is local admin on the orchestrator Machine.
  Thats the Logfile:
  Date: 07.10.2013 15:23:16
  Application: System Center Service Manager
  Application Version: 7.5.2905.0
  Severity: Error
  Message: Could not connect to the Orchestrator web service.
  System.Data.Services.Client.DataServiceQueryException: An error occurred while processing this request. ---> System.Data.Services.Client.DataServiceClientException: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  <html xmlns="http://www.w3.org/1999/xhtml">
  <head>
  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
  <title>404 - File or directory not found.</title>
  <style type="text/css">
  <!--
  body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
  fieldset{padding:0 15px 10px 15px;}
  h1{font-size:2.4em;margin:0;color:#FFF;}
  h2{font-size:1.7em;margin:0;color:#CC0000;}
  h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
  #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
  background-color:#555555;}
  #content{margin:0 0 0 2%;;}
  .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;;}
  -->
  </style>
  </head>
  <body>
  <div id="header"><h1>Server Error</h1></div>
  <div id="content">
   <div class="content-container"><fieldset>
    <h2>404 - File or directory not found.</h2>
    <h3>The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.</h3>
   </fieldset></div>
  </div>
  </body>
  </html>
     at System.Data.Services.Client.QueryResult.Execute()
     at System.Data.Services.Client.DataServiceRequest.Execute[TElement](DataServiceContext context, QueryComponents queryComponents)
     --- End of inner exception stack trace ---
     at System.Data.Services.Client.DataServiceRequest.Execute[TElement](DataServiceContext context, QueryComponents queryComponents)
     at System.Data.Services.Client.DataServiceQuery`1.Execute()
     at System.Data.Services.Client.DataServiceQuery`1.GetEnumerator()
     at Microsoft.EnterpriseManagement.ServiceManager.Sdk.Connectors.OrchestratorRunbookConnector.GetRunbookFolders(OrchestratorContext scoContext, Folder parentFolder)
     at Microsoft.EnterpriseManagement.ServiceManager.UI.Administration.Connectors.Orchestrator.OrchestratorConnectorHelper.ValidateServerConnection(Boolean found)
  System.Data.Services.Client.DataServiceClientException: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  <html xmlns="http://www.w3.org/1999/xhtml">
  <head>
  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
  <title>404 - File or directory not found.</title>
  <style type="text/css">
  <!--
  body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
  fieldset{padding:0 15px 10px 15px;}
  h1{font-size:2.4em;margin:0;color:#FFF;}
  h2{font-size:1.7em;margin:0;color:#CC0000;}
  h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
  #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
  background-color:#555555;}
  #content{margin:0 0 0 2%;;}
  .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;;}
  -->
  </style>
  </head>
  <body>
  <div id="header"><h1>Server Error</h1></div>
  <div id="content">
   <div class="content-container"><fieldset>
    <h2>404 - File or directory not found.</h2>
    <h3>The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.</h3>
   </fieldset></div>
  </div>
  </body>
  </html>
     at System.Data.Services.Client.QueryResult.Execute()
     at System.Data.Services.Client.DataServiceRequest.Execute[TElement](DataServiceContext context, QueryComponents queryComponents)
  any ideas? Thank you very much!

  Hi,
  I am unable to connect to
  http://hostname:81/Orchestrator2012/Orchestrator.svc/ in IE and am getting the same error while creating the connector.
  I can connect to orchestrator via http://hostname:81/ but it still gives me the same error when I create the connector (Cannot connect Service Manager with Orchestrator Web Service).
  anyone seen it before?

• Cannot connect to share

  I have a user that cannot connect to a network share. I get error 80004005 when I type \\server into the address bar. Client is Windows 7, connecting to a SBS2003 box.
  If I use net view server, it shows all the shares. If I use net use k: \\server\data, I get system error 53.
  The server is also an Exchange server - that works perfectly.
  File and Print sharing is enabled in the network adapter. Firewall was disabled - same problem. This is the only computer with the problem, all other computers work perfectly. If I log that user to another PC, no issues so it's not the account.

  1. Is the user computer member of domain? Be avare of user name syntax domain\username.
  2. Use FQDN or IP. Using IP circumvent DNS resolution. If FQDN is used, then local computer should know local DNS server.
  3. Error 53 is netbios one
  http://technet.microsoft.com/en-us/library/cc940100.aspx
  4. If you want to dig deeper, use netork monitor (for example Wireshark).
  Regards
  Milos

• External users cannot connect to RDS Farm (Azure).

  Hi Experts,
  I hope someone is able to help me with this. I have search high and low, but have not found a solution.
  Here we go:
  I have setup a RDS Farm in Microsoft Azur, consisting of the following servers:
  KRPDC01 (Domain Controler / Active Directory / DNS Server)
  KRPSH01 (Remote Session Host #1)
  KRPSH02 (Remote Session Host #2)
  KRPCB01 (Connection Broker)
  I have installed the respective Remote session roles on the above server and added my group of users to the "Remote Desktop Users" group on each Session Host server.  
  At first glance it seems to work. I seem to be able to connect to the farm with the first user. But most of the times, when a second users tries to connect to the same farm, then login hangs for a time, and the connection is refused with this message:
  "Remote Desktop cannot connect to the remote computer for one of the following reasons:
  1) Remote Access to the server is not enabled
  2) The Remote Computer is turned off
  3) The Remote Computer is not available on the network
  Make sure that the remote computer is turned on and connected to the network, and that remote access is enabled."
  Sometimes not even the first user can connect to the farm at all with the same error message.
  I have looked into the logs on the connection broker, and something interesting shows up.
  It seems that whenever the connection broker wants to redirect a users connection request to a different server than the one that recieved the connection request, then the connection fails. If however the connection broker grants the connection to the same
  server as the request is comming from, then the user is logged in.
  Here are the log entries when the connection fails:
  "RD Connection Broker received connection request for user xxx\testuser. 
  Hints in the RDP file (TSV URL) = tsv://MS Terminal Services Plugin.1.KRPCLOUD 
  Initial Application = NULL 
  Call came from Redirector Server = KRPSH01.xxx.net 
  Redirector is configured as Farm member"
  Followed by:
  "RD Connection Broker successfully processed the connection request for user xxx\testuser. Redirection info: 
  Target Name = KRPSH02 
  Target IP Address = 10.4.3.7 
  Target Netbios = KRPSH02 
  Target FQDN = KRPSH02.xxx.net 
  Disconnected Session Found = 0x0"
  The a few minutes later this entry is found in the log:
  "Remote Desktop Connection Broker Client failed to redirect the user xxx\testuser
  Error: NULL"
  These are the log entries when the connection is successfull:
  "RD Connection Broker received connection request for user xxx\testuser 
  Hints in the RDP file (TSV URL) = tsv://MS Terminal Services Plugin.1.KRPCLOUD 
  Initial Application = NULL 
  Call came from Redirector Server = KRPSH02.xxx.net 
  Redirector is configured as Farm member"
  Followed by:
  "RD Connection Broker successfully processed the connection request for user xxx\testuser. Redirection info: 
  Target Name = KRPSH02 
  Target IP Address = 10.4.3.7 
  Target Netbios = KRPSH02 
  Target FQDN = KRPSH02.xxx.net 
  Disconnected Session Found = 0x0"
  And then:
  "Session for user KASSERAPPORTEN\krptest successfully added to RD Connection Broker's database. 
  Target Name = KRPSH02.kasserapporten.net 
  Session ID = 2 
  Farm Name = KRPCLOUD"
  And:
  "This connection request has resulted in a successful session logon (User successfully logged on to the end point). Remote Desktop Connection Broker will stop monitoring this connection request."
  If I connect to one of the other servers on the network - the KRPDC01 - and from there connects to the RDS Farm (internally) then there is no problem recieving the connections. Also connections where the broker has to redirect the connection to a differing
  Session Host is completed without problems.
  I have noticed than when successfully connection from internally where the connection is redirected by the connection broker, then I actually recieved 2 certificate warnings. One first from the Session Host that have recieved the connection request, and the
  shortly after from the second Session Host (when the connection broker is redirecting the connection) and then the connection is established.
  When connection from the outside, I never get the second certificate warning.
  In Azure I have setup indpoint for Remote Desktop - TCP/3389 on both Session Host servers and on the Connection broker.
  As mentioned I am at a total loss, and I hope someone out there is able to help me solve this issue.
  Thanks in advance :-)
  Regards,
  Daniél 

  Hi,
  Seems this issue is related with Windows Azure Virtual Machine, I will move it to Windows Azure Virtual Machine Forum for a better help.
  Thank you for your understanding!
  Best Regards
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Office 365 ECT to Azure Cannot connect to the LobSystem (External System)

  I've tried to set up External Content Types to an Azure SQL database but when I access my page I get an error.
  I basically followed http://www.pointbeyond.com/2012/12/31/surfacing-data-from-sql-azure-in-sharepoint-2013-online-office-365
  Can you help me work out what i've not done, I don't know where to configure Azure firewall as this message suggests. The error is below:
  Cannot connect to the LobSystem (External System). Reason: 'Cannot open server 'uf7prto4sj' requested by the login. Client with IP address '157.55.225.241' is not allowed to access the server. To enable access, use the Windows Azure Management
  Portal or run sp_set_firewall_rule on the master database to create a firewall rule for this IP address or address range. It may take up to five minutes for this change to take effect. Login failed for user '*REMOVED*'. This session has been assigned a tracing
  ID of '9389a67c-dc78-4134-9167-545ec963be3a'. Provide this tracing ID to customer support when you need assistance.'
  Correlation ID:9a3fb39c-d0ea-1000-8099-2fad02009a01

  Hi,
  It depends, if it's a static IP address for your machine, it should be OK for this one IP address; if it is a dynamic IP address in a range, you can input the IP address range which contains this mentioned IP address
  157.55.225.241, or update the changed address to date.
  http://stackoverflow.com/questions/8543653/windows-azure-client-with-ip-address-xxx-xxx-xxx-xx-is-not-allowed-to-access-t
  Thanks,
  Daniel Yang
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you
  have feedback for TechNet Subscriber Support, contact [email protected] 
  Daniel Yang
  TechNet Community Support

• Cannot connect to the Service Manager portal WCF service - Error when opening SM Portal

  Greetings,
  I have tried everything I can think of to resolve this issue and I have tried all suggestions I have found on Technet.
  Basically, I had the SM Portal working on a test VM.  I am ready to use it in production but it is not working.  I deleted my test VM and built a new one.  On it, I have SharePoint 2010 Foundation and the SM Portal installed.  I have
  a valid self-signed cert.  the FQDN is correct (hqsrva24.dds.local) in both SharePoint and also in IIS.  I also made sure under Application Settings on the SM Portal IIS site points to the FQDN of the SCSMWebContentServer.
  So what happens when I go to the SM Portal (https://hqsrva24.dds.local:444/SMPortal) is it prompts me for a logon, which i put in and the site comes up.  But at that point the Silverlight portion is not loaded and I immediately get prompted for a logon.
   I have tried several different logons, all of which have full access to the site in Sharepoint.  Eventually I get the error in red at the bottom of the screen "Cannot connect to the Service Manager portal WCF service"
  If I try to access the Web Content Server service on its own (https://hqsrva24.dds.local/Servicehost/services/DataAccessService.svc), I get a prompt to logon and none of my logons work.  i eventually get
  an unauthorized error. However; If I log into the server which SM Portal is on and go to https://localhost/Servicehost/services/DataAccessService.svc, I get no prompt to login and I get a "Metapublishing for this service is currently disabled."
  I'm out of ideas at this point, barring completely starting over (not just the SM portal but all of the Service Manager Suite).

  Man I've had this problem so many times and its almost always a different solution. Are you sure that either the Domain Users group or NT Authority\Authenticated Users have permissions to the site and service. remember the the two prompts are authenticating
  different things: the Sharepoint site and the application site (silverlight). Make sure users have permission in both SCSM and in Sharepoint. 
  - Slow is smooth and smooth is fast.