"logon as service " user when i join on domain

Similar Messages

• What happens to my current Yahoo email users when I modify the domain ns?

  What happens to my current Yahoo email users when I modify the domain ns?

  Changing the name servers for a domain would require you to re-create the MX records at the new DNS provider's end to point to your existing email service provider. You might experience downtime during the transition/propagation period.
  Thanks,
  Vinayak

• How to logon with different user when use of SPNego

  Hi
  We have implemented SPNego as Windows Integrated Authentication - but how to logoff the portal to log on with another user?
  Since the users are authenticated when logging on the network from their client pc - the user will be using the standard logon page. But when logging off the portal - the users are automatic redirected and logged back in to the portal.
  I have created a HTML page which the users are redirected to by use of the ume.redirect.url. But how to logon to the portal again?
  When entering the portal url - the users are once more directly logged in due to the SPNego configuration.
  I need to develop a new logon page where the users are able to enter another uid and pw to enter the portal.
  Regards
  Kay-Arne

  Hi Kay-Arne
  The whole idea of Windows authentication is to remove the need for a user to enter a username and password. If you want a user to not get the automatic log on, then you'll need to access the portal with a URL that is in a different domain
  Cheers

• Cant start database when server joined to domain

  Hi,
  I have installed oracle database 8.1.7 on a windows 2000 server machine while the server was connected to a network as a workgroup machine.
  when i joined the server to a domain! the database didn't startup even manually!
  i used DBA studio but it failed starting without giving any error messages.
  i tried to use svrmgrl but it failed to connect!
  cant any 1 help me on this issue

  check if the user has the rights to start or stop the database services in the new domain. it could be a privelege issue within NT.

• USB drives not accessible until I join a domain

  Hi,
  I´ve been struggling with this problem for a loong time now.
  Simply put, I want to use a usb drive in a laptop running Windows 7, and the device is detected correctly but Windows says that I need to format it. And in My Computer the drive has got a letter but when I doubleclick it it says it´s unaccessible. But if
  I join the laptop to my customers AD it suddenly works as it should.
  Since I discovered that, I just ignored it since all computers would join the domain, but now I need to install several laptops that´s not going to be ad-joined. So I need help solving this usb problem.
  The customers uses laptops(Dall Latitude Exxx models) only and we install these using WDS. I think that all models of laptops have this issue and all usb drives. I haven´t been able to narrow it down to a certain model or anything else.
  Everything else works as they should. The usb ports works fine using mouse and keyboard and similar. It´s only usb drives that are the problem.
  I know that the hardware isn´t faulty since I can boot up using Linux and everything is fine, plus when I join the domain everything is also fine.
  I have tried reinstalling chipset/usb drivers but nothing has helped. Also sfc /scannow doesn´t help.
  Using gpedit.msc I set everything in "Users/Administrative/System/Access to removable storage" to inactive but this makes no difference.
  I have not had this problem outside this customer.
  Does anyone have any ideas? If so, please help!
  Regards,
  //Andreas..

  Hi,
  we should figure out what’s the difference between the two situations.  I have the following thoughts to narrow down this cause:
  Do you have preinstalled any security applications in your image?
  Does this issue occur to all USB devices?
  After  you join the domain, can you log on with a local account to access USB devices?
  You can get the security policies via rsop.msc as well.
  If you have any feedback on our support, please click
  here
  Alex Zhao
  TechNet Community Support

• [Forum FAQ] How do I send an email to users when the data in the report have been changed in Reporting Services?

  Introduction
  There is a scenario that the data in the report changes infrequently, so the users want to be informed and get the most updated data once the data changes. By default, report server always run the report with the most recent data. Is there a way that we
  can subscribe the report, so that we can send an email to users when the data in the report has been changed?
  Solution
  To achieve this requirement, we can create a subscription for the report, then create a trigger in the table which including the report data. When this table has data insert, update or delete, it will be triggered and execute the subscription to send email
  to users.
  In the Report Manager, create a subscription for the report and make it only execute one time.
  When we create a subscription, a corresponding SQL Agent job will be created. Then we can use the query below to find out the job based on ScheduleId:
  -- List all SSRS subscriptions
  USE [ReportServer];  -- You may change the database name.
  GO 
  SELECT USR.UserName AS SubscriptionOwner
        ,SUB.ModifiedDate
        ,SUB.[Description]
        ,SUB.EventType
        ,SUB.DeliveryExtension
        ,SUB.LastStatus
        ,SUB.LastRunTime
        ,SCH.NextRunTime
        ,SCH.Name AS ScheduleName   
            ,RS.ScheduleId
        ,CAT.[Path] AS ReportPath
        ,CAT.[Description] AS ReportDescription
  FROM dbo.Subscriptions AS SUB
       INNER JOIN dbo.Users AS USR
           ON SUB.OwnerID = USR.UserID
       INNER JOIN dbo.[Catalog] AS CAT
           ON SUB.Report_OID = CAT.ItemID
       INNER JOIN dbo.ReportSchedule AS RS
           ON SUB.Report_OID = RS.ReportID
              AND SUB.SubscriptionID = RS.SubscriptionID
       INNER JOIN dbo.Schedule AS SCH
           ON RS.ScheduleID = SCH.ScheduleID
  ORDER BY USR.UserName
           ,SUB.ModifiedDate ;
  Create a trigger in the table which including the report data.
  CREATE TRIGGER reminder
  ON test.dbo.users
  AFTER INSERT, UPDATE, DELETE
  AS
  exec [ReportServer].dbo.AddEvent @EventType='TimedSubscription', @EventData='b64ce7ec-d598-45cd-bbc2-ea202e0c129d'
  Please note that the command ‘exec [ReportServer].dbo.AddEvent @EventType='TimedSubscription', @EventData='b64ce7ec-d598-45cd-bbc2-ea202e0c129d'’ is coming from the job properties. We can go to SQL Server Agent Jobs, right-click the corresponding job to open
  the Steps, copy the step command, and then paste it to the query.
  Then when the user table has data insert, update or delete, the trigger will be triggered and execute the subscription to send email to users.
  References:
  Subscriptions and Delivery (Reporting Services)
  Internal Working of SSRS Subscriptions
  SQL Server Agent
  Applies to:
  Reporting Services 2005
  Reporting Services 2008
  Reporting Services 2008 R2
  Reporting Services 2012
  Please click to vote if the post helps you. This can be beneficial to other community members reading the thread.

  Thanks,
  Is this a supported scenario, or does it use unsupported features?
  For example, can we call exec [ReportServer].dbo.AddEvent @EventType='TimedSubscription', @EventData='b64ce7ec-d598-45cd-bbc2-ea202e0c129d'
  in a supported way?
  Thanks! Josh

• Service user XIISUSER  locked when resending multiple messages

  Hi All,
  Scenario: Idoc  to 2 file  receiver  (1 defined as a Business Service). We notice that occasionally when we send multiple idocs from R/3 or when we restart multiple messages from the same scenario, we will get a HTTP 401 error and will find our service user XIISUSER locked.
  i.Has anyone come across anything like this before?
  ii. In receiver determination, the "Terminate message processing with  Error(Restart Possible) radio button is chosen. Out of interest, what kind of error does this give if either 1 or the receivers cannot be found during runtime?

  Basically the error will be HTTP 401 Unauthorized and we will find XIISUSER locked. This usually happens when we send multiple idocs for the scenario or when we restart multiple messages that belongs to the scenario. By multiple i mean 5-10 messages and not a really big number.
  Once the XIISUSER is unlocked, I can just restart the message and it will be processed successfully. What I would like to know is what is causing the XIISUSER to be locked in the first place. can this be caused by the branching of the messages?

• GRANT LOGON TO SERVICE RIGHTS TO A USER REMOTELY

  Hi all,
  I have 20 Windows 2008 servers running an application
  I want to grant logon to service rights to a particular domain user on all these 10 servers. I have three services in which the user needs to be granted logon to service permission.
  Can I achieve this with a powershell script / psexec
  I have domain admin rights to all the server
  pumping_iron

  Hi pumping_iron,
  Please provide more detailed information about the setting you want to set.
  If you mean the policy "Log on as a service", as Jrv suggested, you can also use GPO to deploy this setting on bulk computers.
  In addition, if you want to achieve this via Powershell, you check the script posted by STscripter, and use Powershell remoting to deploy this script remotely like "Invoke-Command -ComputerName remotePC -FilePath d:\remotescript.ps1".
  To use Powershell remoting, you also need to configure Winrm firstly on these computers:
  [Forum FAQ] Introduce Windows Powershell
  Remoting
  If there is anything else regarding this issue, please feel free to post back.
  If you have any feedback on our support, please click here.
  Best Regards,                                 
  Anna Wang
  TechNet Community Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]

• The report server has encountered a configuration error. Logon failed for the unattended execution account. (rsServerConfigurationError) Log on failed. Ensure the user name and password are correct. (rsLogonFailed) Logon failure: unknown user name or bad

  The report server has encountered a configuration error. Logon failed for the unattended execution account. (rsServerConfigurationError)
  Log on failed. Ensure the user name and password are correct. (rsLogonFailed)
  Logon failure: unknown user name or bad password 
  am using Windows integrated security,version of my sql server 2008R2
  I have go throgh the different articuls, they have given different answers,
  So any one give me the  exact soluction for this problem,
  Using service account then i will get the soluction or what?
  pls help me out it is urgent based.
  Regards
  Thanks!

  Hi Ychinnari,
  I have tested on my local environment and can reproduce the issue, as
  Vaishu00547 mentioned that the issue can be caused by the Execution Account you have configured in the Reporting Services Configuration Manager is not correct, Please update the Username and Password and restart the reporting services.
  Please also find more details information about when to use the execution account, if possible,please also not specify this account:
  This account is used under special circumstances when other sources of credentials are not available:
  When the report server connects to a data source that does not require credentials. Examples of data sources that might not require credentials include XML documents and some client-side database applications.
  When the report server connects to another server to retrieve external image files or other resources that are referenced in a report.
  Execution Account (SSRS Native Mode)
  If you still have any problem, please feel free to ask.
  Regards
  Vicky Liu
  Vicky Liu
  TechNet Community Support

• Error - The registration of the service "User Profile Service" has failed. The user profile can not be loaded

  I am running an environment with an Active Directory and Terminal Servers.
  I have searched high and low for resolutions to this error but I cannot find anything related to my situation, let me explain further.
  The fixes I found are related to local users only.
  When I create a new user in the Active Directory I provide the paths to the profile folder in the "Remote Desktop Profile" and "Profile tab"  lets say for example \\ad001\home\%username% and \\ad001\profil\%username% .
  I give rights to the user to read/write the "home" folder which is mapped for folder redirection.  An I know that when the user first logs on it should create a "v2.%username%" folder upon successful logon.  This is when I am
  presented with the error message below:
  "The registration of the service "User Profile Service" has failed. 
  The user profile can not be loaded"
  Does anyone have any experience with this or know a suitable fix.  Again this is for the "Roaming" profile creation no local.
  Many thanks in advance.

  Hi,
  Thank you for posting in Windows Server Forum.
  Did you receive for any one user or for all users?
  Have you tried to solve the issue by fixing the user account profile?
  For that you can adjust the registry setting “ProfileImagePath” with
  particular SID of that user under below mention path.
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
  Also if this can’t resolve the issue you can try to delete the SID of that user or renaming the old and and then check the result again by creating new profile for that users.
  More information.
  You receive a "The User Profile Service failed the logon” error message
  http://support.microsoft.com/kb/947215
  Hope it helps!
  Thanks.
  Dharmesh Solanki

• EREC- Assigning Service User to Services in SICF

  Hi Experts,
  Service user "RCF_CAND_EXT" has been assigned the roles:
  SAP_RCF_EXT_CANDIDATE_SERVER
  SAP_RCF_EXTERNAL_CANDIDATE
  SAP_RCF_UNREGISTERED_CANDIDATE
  When i try to assign this service user to the service meant for external candidate i am getting an error that the user name and password is incorrect. Why is this so? But when i change the Authentication (inside logon data tab) to "Standard SAP User", it is working fine. Where in case of "Internet User" it is showing error or wrong user name and password.
  N.B. my services would be used by the external candidates
  What is it that i am doing incorrectly?
  Regards,
  Kishore

  Hello Kishore,
  First, the unregistregistered role assignment has to be deleted, as RCF_CAND_EXT is the the reference user for the external candidates (so it is not a service user). One service user we have is the unregistered service user (in standard RCF_UNREGSER) which has the unregistered candidate role assigned and is responsible eg. for the unregistered search and registration service. As most of these services are configured as 'required with logon data' you usually don't need to choose between 'internet user' and 'SAP Standard-User'.
  So could you please clarify if you mean that one?
  Regards
  Nicole

• Sapjsf locks ABAP service user psswd: M  ***LOG US1= Login, Wrong Password

  I have a PI system and a number of ABAP systems connecting to this.
  I have defined a service user in PI for each ABAP system - SY_SID_999 (where SID is the SAP System ID and 999 is the client).  Various connections (e.g., RFC, ABAP proxy) use these userid and I rely on the user name to identify the source of the activity within PI.
  I was forced to change the password of one of these userids and, subsequently,  to update connection details in RFCs etc within the source system.  All went well for these connections.
  Now, however, at 25 minutes past the hour, I get the following error in the PI system's developer trace
  M  ***LOG US1=> Login, Wrong Password (SY_SID_999 ) [sign.c       4545]
  and the SM21 log says
  10:25:47 DIA  000 100 SAPJSF                  US  1 User SY_SID_999 locked due to incorrect logon
  SU01 change records show no changes to SY_SID_999 from the time I unlock it until 25 minutes past the hour when this error occurs. 
  The SM19 security audit log in the PI system has errors:
  12.08.2009     10:08:18     SAPJSF     localhost          SAPMSSY1     Logon Failed (Reason = 53, Type = U)
  Type=U means "user switch (internal call)" according to the documentation.
  Reason 53 means "Too many failed password logon attempts"
  These errors occur in bunches but without a consistent repetition interval.  For example, there were 8 at 10:04:56/57 then 2 at 10:08:18 then a string of success messages as follows:
  12.08.2009     10:08:18     SAPJSF     localhost          SAPMSSY1     Logon Successful (Type=U)
  Then, at 10:25...
  12.08.2009     10:25:47     SAPJSF     localhost          SAPMSSY1     User SY_SID_999 Locked in Client 100 After Erroneous Password Checks
  12.08.2009     10:25:47     SAPJSF     localhost          SAPMSSY1     Logon Failed (Reason = 1, Type = U)
  If I do not unlock the SY_SID_999 userid in the PI ABAP system, there will be no further errors in SM21 but if I do, at 25 minutes past the hour after the error pattern will repeat.
  I have set the rfc/logon_error_log parameter to 3 in PI ABAP to trigger a short dump.
  Internal notes from the short dump do not identify the who, what or where of the sign-on attempt...
  Internal notes
      The termination was triggered in function "ab_xsignon"
      of the SAP kernel, in line 2725 of the module
       "//bas/710_REL/src/krn/rfc/absignon.c#4".
      The internal operation just processed is "CALY".
      Internal mode was started at 20090812112528.
      Caller system......: " "
      Caller.............: " "
      Caller client......: " "
      RFC user ID........: " "
      RFC client.........: 100
      Login return code..: 20
      Transaction code...: " "
      (Note: In releases < 4.0, no information on the caller is available)
  The source system represented by the SY_SID_999 userid is an ABAP ONLY stack so has no sapjsf userid.  (For the record, SY_SID_999 doesn't exist in client 999 of SID either - it's defined in the PI system to do work on behalf of SID client 999.)
  So the question, after all that, is:
  How do I identify the source of this password error?

  Thanks Michael
  I did get a short dump during the testing process and it indicates that the failed RFC logon attempt originates from within the PI system.  My implementation partner was rather careless in the assignment of userids to connections so, while this userid should only be used for connections originating from the SID, I cannot guarantee that.
  I've been into both my PI system and the ABAP system (which doesn't have a sapjsf userid so should not be the offending party) and run an SQL select script to find all RFC destinations which contain the string "SID" or "sid" in any of the RFCOPTIONx fields.  I've carefully checked out each of these RFC destinations and, in SID they contain the SY_SID_999 userid and, when that's unlocked in PI, the connection and authorisation tests succeed.  That rules out upper/lower case issues and pretty much eliminates these legitimate RFC destinations from the suspect list.  The RFC destinations identified in the PI system by the SQL search contain "SID" because they name that as their target system; these definitions don't reference the SY_SID_999 userid at all.
  All the evidence I can find points very strongly to some process running as SAPJSF in the Java stack of the PI (dual stack) system calling something on the ABAP side and trying to connect as SY_SID_999.  Trouble is I can't find it.  In fact, I'm don't even know where to start looking to find a job running in the Java stack - on the ABAP side I'd head for SM37 but what to use on the Java side?

• EffectiveUserName Logon failure: unknown user name or bad password

  Hi
  I am trying to connect Sharepoint 2013 services (performancepoint , excel services) to SSAS 2012 using the EffectiveUserName.
  I was getting a error message regarding conencting the datasource and when checking profiler it was saying Logon failure: unknown user name or bad password.
  On the SSAS server i tried using EffectiveUserName in the additional Connection Parameters and it failed for the above reason. I also tried my username as well as the sharepoint service account
  the sharepoint service account and my username are both server admins.
  When I try using the EffectiveUserName in the additional Connection Parameters on another server I can connect with no problems.
  What seems to be the different with server where I am getting the error message?
  Regards

  Hi aivoryuk,
  According to your description, you get the "unknown user name or bad password" error when using EffectiveUserName in Connection parameter to connect Analysis Services. Right?
  In this scenario, if you use a connection string to create the data connection, and the connection string contains an effective user field, the EffectiveUserName feature will override the user-supplied effective user value with the system-supplied value.
  On this server, you may use a domain user to run the SSAS. So it will show the "unknown user name or bad password." However, on the other server, it may use system build-in account to run SSAS. Please refer to link below to check the steps for using
  Analysis Services EffectiveUserName in SharePoint Server 2013:
  https://technet.microsoft.com/en-us/library/jj219741(v=office.15).aspx
  If you have any question, please feel free to ask.
  Simon Hou
  TechNet Community Support
  Hi thanks for the link but it just shows how to set effective user name in sharepoint which I know how to do.
  In SSMS and when I connect to the SSAS server and I select options and then I go to the addional connection parameters tab i set Effectivename ="domain\username" on once server I get the error mesage but on the other I don't.
  I'm not clear from you explanation as to why this is?
  Regards

• How to give access to user when he login with his credentials to create his own virtual machine

  Dear Experts ,
  In scvmm ..how we can allow an user to create his own VM with out providing him administrator rights...
  I am able to create machines with user accounts when I give Administrator rights only..and if i remove Administrator rights..i am gettting a message for user-"you cannot access the private cloud", where as If i give administrator rights to that
  same user , I can able to access private cloud and template for the user.
  Please suggest me and help with any useful link.
  Regards
  N.V.Srinivas ,
  [email protected]

  Self-Service user delegation
  SCVMM 2008 - 2008 R2:
  http://technet.microsoft.com/en-us/library/dd548291.aspx
  SCVMM 2012 - 2012 R2:
  http://technet.microsoft.com/en-us/library/gg696971.aspx
  Brian Ehlert
  http://ITProctology.blogspot.com
  Learn. Apply. Repeat.
  Disclaimer: Attempting change is of your own free will.

• "Logon failure: unknown user name or bad password" even with correct Credentials

  I have networked PCs before many times successfully, so this is not my first time trying to network PCs in a home environment. Though I’m wondering if Windows 8.1 is part of the problem. 
  I would have thought that for sure, until one of the new laptops running W8.1 would not connect to any of the other three PCs/Laptops running W8.1. Yet these other three W8.1 PCs/Laptops CAN connect to this laptop. Then it gets a little more interesting:
  this same laptop that couldn’t connect to those three W8.1 PCs/Laptops, CAN connect to a Windows 7 desktop, and a XP Laptop, and those two can also connect back to it without issue. It’s almost like my network is divided in half, and only half can talk to
  each other. But then when I thought it couldn’t get any more interesting, I realized the first three W8.1 PCs/Laptops can talk to the others, it’s just that the others (W8.1 Laptop, W7 Desktop, XP Laptop) can’t talk back to them without getting the error,
  "Logon failure: unknown user name or bad password” even though the username and password are 100% correct.
  I don’t fully understand this error, because on the surface, it’s just WRONG! 
  My username and password are correct, but it appears something somewhere is interfering or hijacking the authentication process. Three of the computers (laptops) are brand new, just purchased last week and setup this week. The HostPC is also fairly new,
  just purchased last month.
  I am not using a HomeGroup, and have removed all computers that were part of a HomeGroup. I have enabled file sharing and network discovery and enabled “Use user accounts and passwords to connect to other computers” on all PCs.
  I have DSL and am using the wireless modem provided by my ISP which has router functionality built into it. It is a Sagemcom Model: F@ST 1704N.
  All computers are connected wirelessly. Time is correct on all PCs. I cannot use Group Policy, since they're all Standard or Home edition. DHCP is enabled and all computers are on the same subnet, using the 192.168.254.x range of ip addresses.
  The six computers are as follows: (I figured this may make is easier to visualize the layout)
  HostPC: HP Desktop W8.1           
  PC Name: DrsBlend
  U/N: DrsBlend  p/w: 123456 (not showing my real password)
  PC1: HP Laptop W8.1
  PC Name: DrsBlend-1
  U/N: DrsBlend    P/W: 123456
  PC2: HP Laptop W8.1
  PC Name: DrsBlend-2
  U/N: DrsBlend    P/W: 123456
  PC3: HP Laptop W8.1
  PC Name: DrsBlend-3
  U/N: DrsBlend    P/W: 123456
  PC4: HP Desktop W7 SP1
  PC Name: DrsBlend-4
  U/N: DrsBlend    P/W: 123456
  PC5: Dell Laptop XP SP3
  PC Name: DrsBlend-5
  U/N: DrsBlend    P/W: 123456
  Every PC stated above has the same user name and password and is logged-in with the username, DrsBlend and the password 123456. The "Logon failure: unknown user name or bad password” happens when trying to access HostPC, PC1, or PC2 from PC3, PC4, or
  PC5.
  The HostPC can see and connect to all the PCs, but only PC1 and PC2 can talk back or access the HostPC. 
  It’s like the HostPC and PC1, and PC2 are in their own little clique, and can talk back and forth to each other. Those three PCs can also talk to PC3, PC4, and PC5 as well, but PC3, PC4, and PC5 cannot talk back to them (HostPC, PC1, PC2).
  Profile corruption? I would have entertained that thought, but the fact the first three PCs can access and talk to one another kind of defeats that idea, and the fact the PCs were just recently setup.
  Firewall? Disabled, and disabled TrendMicro with no change. With them on/off, the first three PCs can still talk to each other and the rest of the PCs.
  Anyone have any additional suggestions?

  Hi，
  How did you connect to other PCs? Do you use RDP to connect to other PCs? If so, check the version of the RDP, as I know, some low version RDP can't connect to higher Windows like 8.1.
  And could you please tell us the detailed information about how the six PCs connect to the home network?
  Can PC1, PC2, PC3 ping back to host PC, PC1 and PC2?
  You can also run command " rundll32.exe keymgr.dll, KRShowKeyMgr " view the credentials stored in your PC,check whether this issue is related with some old credentials stored in your system.
  Yolanda Zhu
  TechNet Community Support