Ghost Lync Accounts

Similar Messages

• Users still able to sign into Lync 2010 even though their Lync accounts are disabled

  I have 2 users who are still able to sign into Lync 2010 even though I disabled their Lync accounts. They no longer show up in the Lync console or when you use get-csuser. Their Lync account were associated somehow with their AD accounts in an old domain
  that we just decommissioned. I wanted to delete Lync accounts and recreate to see if that fixed their issue. After deleting the Lync account, they are still able to login. So, I guess I need to edit the Lync database to get rid of them and start fresh?.
  HDL

  Hi Winterthur,
  Agree with Tek-Nerd,
  this user certificate is valid for a period of 180 days, and is automatically renewed one month prior to expiration regardless of whether the user is connected internally or externally.
  Jeff Guillet’s article Disabling a User in AD Does Not Disable the User in Lync provides
  a good background about revoking this certificate and properly disabling the user from accessing Lync services when their Active Directory user account is disabled.
  For more details,
  http://blogs.technet.com/b/nexthop/archive/2012/11/28/lync-2010-client-authentication.aspx
  Best regards,
  Eric

• E-mail + UPN + Lync Account must be the same?

  Good afternoon, colleagues.
  Please help in the following question:
  E-mail (Exchange Server 2010 - 2013 ) + the user's UPN (AD 2008R2 - 2012R2) + Lync Account (Lync Server 2010 - 2013) should be the same? If Yes, then please tell why (for what) and give a detailed answer. I would like to know the official
  position of Microsoft on this issue.
  All thanks in advance for your opinion.

  I don't agree to that, I have different email address and SIP address in Office as well as in my LAB, they work fine without any issue.
  As far as conversation history concerned, I am not sure why would not update.
  Cheers,
  Gulab Prasad
  Technology Consultant
  Blog:
  http://www.exchangeranger.com    Twitter:
    LinkedIn:
     Check out CodeTwo’s tools for Exchange admins
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• Lync account getting deleted automatically

   Lync account of a particular user is getting deleted automatically every friday. Verified that no automated scripts are running in that time in any of the servers. Logs in AD says the msrtc attributes are stripped by a front end server. Anyone has
  any idea whether there would be any maintenance activity in lync which will automatically delete a users lync account? Please help.

  Is this happened with different user every time or same user?
  Is this user delete from DC or Lync only?
  Verify that user isn't lock or disabled. Also verify from Lync cals.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"

• Can't leave voice message. Error 13014 after deleting and recreating Lync account

  I deleted a Lync 2010 account that I was having issues with and recreated it. Now when I try to leave a voice message I received a fast busy. In the Lync logs I see the following error:
  ms-diagnostics
  : 13014;reason="The routing rules did not result in a final response and callee is not enabled for Unified Messaging";
  I've tried disabling and re-enabling UM but it doesn't work. Any idea how to resolve?

  Hi,
  Did the issue happen only for the Lync account which you recreated before or also happen for multiple users?
  Please check if you have assigned the correct number in Line URI in user settings.
  Please also check if there any policy influence it.
  You can refer to the link of “Lync Exchange UM Integration”:
  http://blog.schertz.name/2010/11/lync-and-exchange-um-integration/
  Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there.
  Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
  Best Regards,
  Eason Huang
  Eason Huang
  TechNet Community Support

• Lync Account Termination

  Dear All,
  We are drafting the procedure to terminate our accounts. The below is the flow what we are going to do:
  1. Disable the AD account
  2. Disable the exchange accounts
  3. Delete the AD account after 1 days
  We have Lync enabled for this AD account, we just want to know do we need to disable the Lync account in Lync server before we delete the AD account?
  Thanks,
  Lync Users

  Hi,
  You do not need to disable the account in Lync server before you delete the AD account - the moment you remove the account from AD it will also remove it from Lync Server.
  However, using the 3 steps you outlined above, you should bare in mind that even if you disable the AD account, the user will still be able to log into his/her Lync client and continue to use it - as at no point have you disabled their Lync functionality.
  Lync does not require that the users AD account be enabled, merely that it exists.
  If you disabled my AD account, I could for example just pop out my network lead, log onto my pc with cached credentials, put my network lead back in and sign into Lync. Alternately I could sign into a common area phone that is enabled for hot-desking, or
  in some instances on a mobile device that I have already been using.
  In answer to your question, you don't have to disable the account in Lync server for the removal of the user, but I would consider it best practice to 'temporarily disable for Lync Server' from the action menu if you would like to retain user config
  and settings for a period of time before finally removing the account (Much like you're doing with your 1 days grace on your AD accounts).
  Kind regards
  Ben

• How do I create a personal Lync account?

  I don't know much about Lync...  My work uses Lync (the whole Office package), and as a result we are able to participate in Microsoft's Home Use Program, which gives me personal access to Office 2013, which includes Lync.  I'm trying to find
  a way to video chat with my family while I travel (I always have my work PC when I travel).  My work does not allow applications like Skype installed, so I figured Lync was a good solution b/c they don't restrict adding Lync contacts from outside our
  network.  So now that I have downloaded Office 2013 (and Lync) onto my home PC, I'm trying to figure out how to setup a personal account, however I'm running out of guesses of how to do this.  Does Lync not work like other instant messenger applications?
   Does it only work with businesses?

  Hi,
  Microsoft Lync Server (previously Microsoft Office Communications Server) is an enterprise real-time communications server, providing the infrastructure for enterprise instant messaging and other many communication features. If
  your company or organization deploy on premise Lync Server or sign up for Office 365 and your account and password should be provided by your company, then you would be able to connect and sign in Lync Server that your company deployed or Office 365 from Microsoft.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Ghost email account can't be deleted???

  Just migrated from a Time Machine Back (computer stolen)  to a new Machine with Mavericks installed.  There is an email account from .mac days that I would like to delete but I get an error saying that there a missing UID and to go to System Preferences to Accounts.  This account does not exist there?   In the luser/library/mail/ folder I have the V2 folder with no mention of this account but there is a " Lost and Found " folder where this account shows up.  If I delete this it just returns when Mail is started.
  Any Ideas

  Please follow these directions to delete the Mail "sandbox" folders. In OS X 10.9 there are two sandboxes, while in earlier versions there is only one.
  Back up all data.
  Triple-click anywhere in the line below on this page to select it:
  ~/Library/Containers/com.apple.mail
  Right-click or control-click the highlighted line and select
  Services ▹ Reveal
  from the contextual menu.* A Finder window should open with a folder named "com.apple.mail" selected. If it does, move the selected folder — not just its contents — to the Desktop. Leave the Finder window open for now.
  Log out and log back in. Launch Mail and test. If the problem is resolved, you may have to recreate some of your Mail settings. You can then delete the folder you moved and close the Finder window. If you still have the problem, quit Mail again and put the folder back where it was, overwriting the one that may have been created in its place. Repeat with this line:
  ~/Library/Containers/com.apple.MailServiceAgent
  Caution: If you change any of the contents of the sandbox, but leave the folder itself in place, Mail may crash or not launch at all. Deleting the whole sandbox will cause it to be rebuilt automatically.
  *If you don't see the contextual menu item, copy the selected text to the Clipboard by pressing the key combinationcommand-C. In the Finder, select
  Go ▹ Go to Folder...
  from the menu bar, paste into the box that opens (command-V). You won't see what you pasted because a line break is included. Press return.

• Ghost user account

  I'll start by apologising, I have searched but was unable to find anything similar to my post, so if there is already a thread with this subject please point me in the right direction.
  Ok I have two user accounts set up on a PMG5 dual 2.3GHz 4.5GB ram running 10.4.11, 1x admin account 1x other account, now sometimes when booted 3 accounts appear 1x admin 2x other.
  If I go to system preferences > accounts it only shows 1x admin 1x other.
  If I go to Users folder on the HD I have 1x admin 1x other 1x shared, all normal right?
  admin is the main account, other is used so the computer can be put to use if the main user is away
  eg. meetings or holiday it can only be used for surfing and burning
  any clues anyone

  I sure you get the account name 'Other' if you set up a user account and do not fill in the Name field which is what I set up for the managed account, the 'root' or superuser is not enabled.
  the second 'Other' account does not always appear at startup perhaps once or twice a week if that if more of an annoyance than a problem, would still like to figure what's going on though.

• Contacts being synced to a Ghost Hotmail Account i...

  Dear Members,
  I have encountered a strange problem with my Lumia 520. I have attached the screenshots with this message.
  I do not have a microsoft/hotmail account configured on my cell phone, as is evident from emails and accounts screenshot. But when i try to filter contact list through Contacts App, I can see a hotmail account. Apparently, all my contact data is being backed up in this account. I do not have any details about this Hotmail account (Login or password).
  Now I want to download a copy of contact data from Hotmail account, which I cannot access because I do not have any details about it.
  I would really appreciate some help here.
  Thanks in advance.
  Attachments:
  wp_ss_20140528_0001.png ‏31 KB
  wp_ss_20140528_0002.png ‏51 KB

  If I understand you correctly you had a live account which you used to set up the phone. You have now deleted that account online (you can't remove it on the phone as it would require a full reset).
  If in doubt I'd suggest you use Contacts Backup to backup your contacts to OneDrive, then backup all your images, music and other data on the phone which are accessible through a PC/USB connection. You can now reset the phone and use a valid Microsoft account to set it up again. That should fix the issue if any. 
  Click on the blue Star Icon below if my advice has helped you or press the 'Accept As Solution' link if I solved your problem..

• Clean up user certificate in Lync Database for Deleted Account

  Hi all,
  I have a case in which several user accounts have been deleted from AD. And not like Exchange, deleted user from AD does not remove Lync data (i dont get it why they design it differently).
  From lync server, get-csusercertificate and get-csuser for those deleted account has no result as expected.
  But when i use dbanalyze /report:user for those deleted account, the user certificate is still there.
  I run Update-CsUserDatabase -Force -FQDn xyz.domain.local still the user certificates are there.
  How can i clean up those certificates instead of waiting them to be expired?
  Thanks!

  Thanks for the feedback.
  Surely because of this issue, we need remove certificate on clients, and do the "proper" way for further account deletion. 
  If anyone curious about this case, I suggest everyone using Lync Server spend some time to try this scenario:
  1. Create user on your AD (ie: [email protected] wait for replication or force it)
  2. Enable Lync account for that user 
  3. Logon to a PC with Lync Client (i used Lync Client 2013), logon using the
  [email protected] , DONT FORGET To Save Password - that's what user usually do. You may do chat, add contacts, etc.
  4. From Lync server, with command prompt, go to Lync ResKit directory, run the following command dbanalyze.exe /report:user /user:[email protected] /sqlserver:<FQDN of Lync Server>\RTCLocal.
  At the bottom of the report, there will be information about the invoked certificate with Device ID, Publication Time, and Expiration Time, and the certificate itself. There will be more than 1 certificate for test.user if you logon to another PC and save
  the password too.
  5. Now, from user PC, logoff from Lync Client. Logon to your AD, delete [email protected], wait for some time for replication. 
  6. Now go back to user PC, sign in with Lync Client. Amazingly you're still be able to sign in to Lync, do the chat, and everything, as long as you haven't delete the sign in info.
  7. For admin perspective, you may use Get-CsUser for the [email protected], or Get-CsUserCertificate or any Get-CS command, there will be no [email protected] on your Lync Server, but if you use
  dbanalyze, there will be a quite information about that user along with their certificate. <= This is the one i haven't figure any way to clean it up.
  8. Funny thing is, if you ever notice on your Lync Server, the normal user account who logon and logoff using IM client app, will be logged on Lync Server eventviewer (Windows Log - Security). But the
  [email protected] will not be logged on the eventviewer, therefore you won't know where they are login from (what PC), like a ghost account.
  I am expecting at least there is some kind of other ResKit to clean up this junk data from server database.

• Lync 2013 + clear "Sign-In Address" and disable "Save Password" on shared account

  Hello,
  We are trying to setup Lync on a few kiosk machines that will have a shared non-admin account.  We'd like to modify Lync to not save the "Sign-In Address" and instead of showing the last persons login credentials, show "[email protected]".
  I'd also like to disable the "Save Password" check box.
  The kiosks are not on the domain, although the vast majority of our machines are on the domain and we have SSO setup and don't want to mess with how that part of the signin process is working.
  Is there a way to modify the login behavior of Lync via GPO or Task Scheduler/Scripts?
  Phillip Toynton

  Open Control Panel, click Credential Manager.
  Remove the credential for Lync account. Then you can enter the password again.
  You can uncheck save my password, the related registry key is HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Lync\SavePassword.
  But this registry can be modified by Lync users, you can’t disable it.
  Lisa Zheng
  TechNet Community Support

• Lync 2013 meeting invitation customizations not working for some users

  Hello Microsoft TechNet Forms,
  I have a strange problem that I am totally stumped on. I made some modifications to the Lync 2013 meeting configuration to add in my company's logo, a footer and set a custom help Lync URL. Now everything seemed to work expect for myself and
  one other person I tested with. If I try creating a new Lync 2013 meeting via my Outlook 2013 the normal stock Lync meeting invite appears. Yet testing with any other user everything I have changed appears as expected and I am at a total loss to why.
  I have so far from troubleshooting determined it must be something with my account that is causing it but I have just not been able to determine what. As signing into a different machine yields the same result yet testing with another account that is
  known to work on the exact same machine works correctly with the different account. I have tired deleting and re-crating my Lync account just in case that had something to do with it but that didn't fix the problem. I have tired repairing Office 2013 to
  running windows update on Office 2013 which didn't help.
  The changes I made to the meeting configuration are global scoped. I have so far not found anything online from anyone ever reporting a similar issue to this. At this point I am stuck on what I should be looking for with regards to what is stopping
  the meeting invite updating for myself and the other person. Given I don't know what mechanism is involved with updating the Lync meeting invite on Outlook 2013 I am stumped. I am open to any suggestions someone might have as to what to do next or what might
  be the cause of this problem.
  Nicholas,

  Hi Nicholas,
  Can you compare your account with other’s and check if your account is applied any special policy in Lync Control Panel ?
  Best regards,
  Eric

• Unable to search GAL on Lync 2013 Front End Pool through Lync 2013 client

  I'm in the beginning of a 2010 to 2013 migration and I'm currently testing co-existence functionality between pools.  I've noticed that users cannot search the GAL from their Lync client after being moved to the 2013 pool. 
  When trying to access the internal URL https://fepool13.domain.com/abs/handler the user is prompted to login and after three failed attempts, receives "401 - Unauthorized: Access is denied due to invalid credentials.  You do not have permission
  to view this directory or page using the credentials that you supplied".
  Searching withing a Lync 2010 or Lync 2013 client returns no results, but there are no errors as well as nothing in the event logs or tracing folder regarding not being able to search.
  The 2010 pool has been in production for a few years now and when accessing its internal ABS URL https://fepool10.domain.com/abs/handler the user is granted access after a successful login. 
  In the IIS logs there are slightly more detailed 401 error codes, but I’m not sure what to make of them.
  The rtcab database appears to have user information and all three front end servers appear to be syncing with active directory.  I say the rtcab database appears to have user info because the AbUserEntry table is filled with User ID'd, GUID's and a
  bunch of other stuff.
  The authentication on 2013 front end servers “internal lync website/abs/handler” is set to 1. Negotiate, 2. Ntlm - which is the same as the 2010 front end servers.
  Any ideas?

  Hi,
  Which step did you do among migration from Lync Server 2010 to Lync Server 2013?
  Did you already move CMS from Lync Server 2010 to Lync Server 2013?
  Please create a new Lync account on Lync Server 2013 pool and test the issue again.
  Please check if User Replication has completed with the help of the link below:
  http://technet.microsoft.com/en-us/library/jj204680.aspx
  Best Regards,
  Eason Huang
  Eason Huang
  TechNet Community Support

• Multiple users using One account and issue making calls to 1-800-###...

  We have 15 volunteers who are using One account we set up for them. They login at the same time and need to make 1-800 calls (same number) concurrently. Right now, when you start pressing 800 all of sudden the display goes blank (cx300) and can't even finish
  entering the number. We have Lync 2010 and 2013 running together and most services moved to Lync 2013. Before we introduced Lync 2013 we did have this problem, but only intermittently. Now with Lync2013 it is consistent issue.
  What settings do I change?
  Do I need to create more accounts and assign Lync #s respectively?

  Hi,                                   
  Would you please tell us what did you do with this scenario?
  Please check if there is any error message from Mediation Server and FE Server when the issue happen.
  Check if it is a performance issue, you can test to login the same Lync account with two users, make call concurrently. If it works work, it may be a performance issue.
  The best way is to create more account and assign to these users.
  Best Regards,
  Eason Huang  
  Eason Huang
  TechNet Community Support