Moved user in User Source login prompt

After moving a user in our AD User Source, that user gets prompted for ZCM credentials. I thought this was fixed in a previous version?
ZCM 11.2.4
Server 2012 AD

Originally Posted by farmeunitWPSD
After moving a user in our AD User Source, that user gets prompted for ZCM credentials. I thought this was fixed in a previous version?
ZCM 11.2.4
Server 2012 AD
Try this: https://www.novell.com/support/kb/doc.php?id=7012424
You might need to do a registry change.
Thomas

Similar Messages

ZENworks user source login won't go away

Not sure where the best place to put this is.
ZCM 11.2.1
Server 2008R2 - Embedded DB
Win7 Clients - Not sure about XP, we're moving to Win7 only ASAP
Active Directory
When logging into a laptop and NOT connected to the domain LAN, it gets stuck on the Novell ZENworks user source login windows indefinitely. I can try logging into local machine and this happens every time.
In my old environment, with Novell Client, I could click workstation only and get the ZENworks login and cancel.
Not sure what to do to fix this or change the behavior.
Suggestions? TIA!

Originally Posted by farmeunitWPSD
Sorry, gave up on getting help with this.
After logging into AD, a "User Source Login" box appears in the upper left. There are no buttons or prompts at that point. Just the box. The box NEVER goes away. If we put the laptops to sleep instead of shutting down, then they can login normally. I found ONE thread about holding SHIFT down before hitting enter after entering login credentials. If they hold SHIFT until the ZENworks login box comes up, then they can cancel that and are logged in fine.
Any chance they're using wireless adapter and have it set to auto-connect?
We have the same thing, but only on Windows XP being reported. Seems it only happens if the person has added a wireless network (XP has slightly diff. options than Windows 7) AND have it set to auto-login/connect.

Exchange 2010 all mail clients with internal cached and internal non-cached mode users having connection status issues, login prompt -- external is fine either way

Hello,
I'm seeing an issue that started this past Monday with no recent change to our environment.
External Outlook Anywhere users and Mobile users, OWA users are unaffected.
Internal Users are affected when using Outlook of any version, 2010 or 2013.
-Internal Users normally log into their workstation with their ad credentials, domain joined machines. Outlook opens without credentials prompting ideally.
1 . Using Cached Mode:
a. Login Prompts, slowness - Since Monday, users are getting prompted to login. The prompt goes away after logging in at startup. It is also causing high CPU
on the workstations.
b. Free/Busy, Out of Office doesn't work. I can, however complete auto-setup for a new user, so autodiscover is not completely down for internal users.
c. Checking Connection Status shows connecting status on highlighted entry below without ever establishing connection (just goes away).
The outlook icon in the system tray says "Outlook is requesting data from the server":
2. Using Non-cached mode
a. No Login Prompt at startup, business as usual
b. Free/Busy, Out of Office works fine. Autodiscover is fine.
c. Checking Connection Status shows normal except, it has "casarray URL, then status is referral" it seams to flicker this constantly then go away intermittently.
d. Main issue in non-cached mode is, sometimes a user will log into windows, open outlook and it will not open and says "server is unavailable. Retry, work offline, or cancel" I can try re-opening, same message.
Only after logging out of windows, logging back in, I can get back into outlook. This is not every time, or consistent with specific users, but random.
3. Lync Pop up for credentials often, though entering the password.
URLs are correct. Autodiscover, EWS, etc.
Already tried bypassing our loadmaster load balancer with host files on clients. same issue regardless of casarray node.
Not sure what is going on.
Josh

You have a hybrid configuration with Office 365, right? You didn't provide this valuable piece of information.
In Exchange Online PowerShell run this command:
Get-OrganizationConfig | FL PublicFoldersEnabled
If the value is "Remote" then users with Exchange Online mailboxes are looking to on-premises public folders. Be sure that you have legacy pubic folder interoperability properly configured.
http://technet.microsoft.com/en-us/library/dn249373(v=exchg.150).aspx
Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

Users have login problems

my users whos home folders are on the network are having trouble loging in. it tries to load the finder and it just sits spinning the ball, the spotlight icon in the menu bar appears but nothing else. Any reason why is would get stuck trying to load?

We are using 11.1.1.3. We had the same issue you described. External users could login to all applications, but all security refreshes failed (in both EAS and Planning) with the failure error in your original post. The patch our consultant applied was "Shared Services Service Fix 11.1.1.3.06" per Oracle support. The following entries in our SS client log are what prompted Oracle's remedy (after several weeks of escalation):
2010-09-24 15:01:38,110 ERROR [Thread-54] 27:1112:Failed to connect to <ldapserver> at <portnumber>. com.hyperion.css.spi.impl.ldap.LDAPProvider.isAvailable(Unknown Source)
2010-09-24 15:01:38,110 ERROR [Thread-54] The folowing providers are not initialized, check configuration [ED] com.hyperion.css.spi.CSSManager.pingConfiguredProviders(Unknown Source)
2010-09-24 15:01:38,110 ERROR [Thread-54] 32:1062:Failed to connect to the user directory <ldapdirectory>. com.hyperion.css.spi.CSSManager.pingConfiguredProviders(Unknown Source)
2010-09-24 15:01:38,110 DEBUG [Thread-54] getRolesListForEntries() failed : [43842 ms]
Edited by: 799357 on Oct 4, 2010 12:33 PM
Edited by: 799357 on Oct 4, 2010 12:38 PM

Is it possible to force the user to login again when using oauth 2 (implicit grant)

Hi,
I'm trying to build an application based on a rest webservice in APEX which is being accessed by a javascript frontend via ORDS. I'm using the "Implicit grant" flow of OAUTH 2.
When the user is finished with the application, he/she should be able to logout of the application, so another user can login (on the same machine and browser). But, without clearing all cookies, ORDS will automatically give an access token for the previous user, without showing the login screen to allow/deby access to the rest web service.
(Clearing the cookies is not possible via javascript, since they are httponly)
I know it is not the "normal" way to use oauth2, but I would like to be able to log-out a user. So how can I force ORDS to show the loginscreen again to give another user the possibility to login?
Alexander

You can force the implicit code flow to prompt the user to sign in by including _auth_=force in the approval request query string. To follow the example shown in the developer guide [1]
change:
https://server:port/ords/resteasy/oauth2/auth?response_type=token&client_id=CLIENT_IDENTIFIER&state=STATE
to:
https://server:port/ords/resteasy/oauth2/auth?response_type=token&client_id=CLIENT_IDENTIFIER&state=STATE&_auth_=force
[1]: REST Data Services Developers Guide

OS X Server 10.6.4 - newly created user cannot login to server

As title.
Just turn on the mac mini server (mid-2010) and do some initial setup. It can access the internet. However, all users that I have created cannot log into the server! Only the one (admin account) that created during the 1st time server setup can login to the server. Anyone know why and what I have not setup properly?
New user during login take a while and no error message popup. The login window just acts like it can login but within a second, the login window "shaking" and prompt for me to login again. Watch below youtube video for more detail.
http://www.youtube.com/watch?v=K7wV3rVJK9c
Here are some information hope can help...
1. My mac mini server connect behind a router.
2. No special setting for the DNS / Open directory. Just use the system default.
3. When open "Server Admin", it shown "mac.local" at the upper left hand side.
Message was edited by: rayzine2

rayzine2
After the Server Setup Assistant has finished and by default the Service Access Control Lists (SACLs) denies access to everyone apart from the default admin account. It does this when SSH is enabled. It's one of the options at the bottom of the dialog box you used to create the default administrator account. To turn this off launch Server Admin, select the Server name in the sidebar > Access.
You should be configuring client workstations to allow network users to log in to rather than the server. Read the documentation:
http://support.apple.com/manuals/#serversandenterprisesoftware
Tony

ZCM can not connect to user source - LDAP to eDir

Hello all,
We had some issues with our ZCM 10.3.1.0 server this AM. It looks like it was caused by no space on our /var/opt partition.
I had logged in and manually deleted a large old image file. I then restarted the ZCM server. Everything powers on and works as it should except, my user source can not be contacted.
When I try to login with one of my Admin users, we get the following error:
"An error occurred while connecting to the user source. Please make sure the user source is accessible and try again."
If I login as the Administrator of the Zone, I can see that the connection source is not connecting - unable to read contexts. The weird part is that I can connect through LDAP from other tools to the same source on port 636 - JXplorer works just fine.
We are running ZCM on the same server as its database and I can use the LDAP browser built in to SLES 11 x64 and the same LDAP credentials work just fine.
What else can I be looking at?
I am really new to Linux so any help is appreciated.
Steve D.

Originally Posted by sjdimare
Hello all,
We had some issues with our ZCM 10.3.1.0 server this AM. It looks like it was caused by no space on our /var/opt partition.
I had logged in and manually deleted a large old image file. I then restarted the ZCM server. Everything powers on and works as it should except, my user source can not be contacted.
When I try to login with one of my Admin users, we get the following error:
"An error occurred while connecting to the user source. Please make sure the user source is accessible and try again."
If I login as the Administrator of the Zone, I can see that the connection source is not connecting - unable to read contexts. The weird part is that I can connect through LDAP from other tools to the same source on port 636 - JXplorer works just fine.
We are running ZCM on the same server as its database and I can use the LDAP browser built in to SLES 11 x64 and the same LDAP credentials work just fine.
What else can I be looking at?
I am really new to Linux so any help is appreciated.
Steve D.
Try removing the user source connection in ZCC and re add it.
Thomas

Exhcnage 2013 Migration - User keep keeping prompted for credentials

Hello,
I am migrating all on-premise exchange 2010 SP3 to Exchange 2013 SP1. I am testing mailbox migrations, each mailbox that gets moved to 2013 the user keeps getting prompted for credentials. I have read several posts in the forums yet none which solve my problem.
Can someone point me in the right direction. All 2013 setting are currently at default.

Thank you for your help and your quick response.
Here is the autodiscover test. When I move the mailbox to 2013 its picks up the 2013 URL. In this output mail.myserver.com is the hostname of my 2013 cas.
Also noticed the following in the server field under account settings.
<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
    <User>
      <DisplayName>2013test</DisplayName>
      <LegacyDN>/o=mycompany/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=2013test436</LegacyDN>
      <AutoDiscoverSMTPAddress>[email protected]</AutoDiscoverSMTPAddress>
      <DeploymentId>91ce898c-65a0-402e-be70-622d0a31f7c3</DeploymentId>
    </User>
    <Account>
      <AccountType>email</AccountType>
      <Action>settings</Action>
      <MicrosoftOnline>False</MicrosoftOnline>
      <Protocol>
        <Type>EXCH</Type>
        <Server>[email protected]</Server>
        <ServerDN>/o=mycompany/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/[email protected]</ServerDN>
        <ServerVersion>73C08391</ServerVersion>
        <MdbDN>/o=mycompany/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/[email protected]/cn=Microsoft Private MDB</MdbDN>
        <PublicFolderServer>mail.myserver.com</PublicFolderServer>
        <AD>nohdomp1.domain.LOCAL</AD>
        <AuthPackage>Anonymous</AuthPackage>
        <ASUrl>https://mail.myserver.com/ews/exchange.asmx</ASUrl>
        <EwsUrl>https://mail.myserver.com/ews/exchange.asmx</EwsUrl>
        <EmwsUrl>https://mail.myserver.com/ews/exchange.asmx</EmwsUrl>
        <EcpUrl>https://mail.myserver.com/ecp/</EcpUrl>
        <EcpUrl-um>?rfr=olk&p=customize/voicemail.aspx&exsvurl=1&realm=domain.LOCAL</EcpUrl-um>
        <EcpUrl-aggr>?rfr=olk&p=personalsettings/EmailSubscriptions.slab&exsvurl=1&realm=domain.LOCAL</EcpUrl-aggr>
        <EcpUrl-mt>PersonalSettings/DeliveryReport.aspx?rfr=olk&exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx>&realm=domain.LOCAL</EcpUrl-mt>
        <EcpUrl-ret>?rfr=olk&p=organize/retentionpolicytags.slab&exsvurl=1&realm=domain.LOCAL</EcpUrl-ret>
        <EcpUrl-sms>?rfr=olk&p=sms/textmessaging.slab&exsvurl=1&realm=domain.LOCAL</EcpUrl-sms>
        <EcpUrl-photo>PersonalSettings/EditAccount.aspx?rfr=olk&chgPhoto=1&exsvurl=1&realm=domain.LOCAL</EcpUrl-photo>
        <EcpUrl-tm>?rfr=olk&ftr=TeamMailbox&exsvurl=1&realm=domain.LOCAL</EcpUrl-tm>
        <EcpUrl-tmCreating>?rfr=olk&ftr=TeamMailboxCreating&SPUrl=<SPUrl>&Title=<Title>&SPTMAppUrl=<SPTMAppUrl>&exsvurl=1&realm=domain.LOCAL</EcpUrl-tmCreating>
        <EcpUrl-tmEditing>?rfr=olk&ftr=TeamMailboxEditing&Id=<Id>&exsvurl=1&realm=domain.LOCAL</EcpUrl-tmEditing>
        <EcpUrl-extinstall>Extension/InstalledExtensions.slab?rfr=olk&exsvurl=1&realm=domain.LOCAL</EcpUrl-extinstall>
        <OOFUrl>https://mail.myserver.com/ews/exchange.asmx</OOFUrl>
        <UMUrl>https://mail.myserver.com/ews/UM2007Legacy.asmx</UMUrl>
        <OABUrl>https://mail.myserver.com/OAB/4b0a14e4-d177-415f-9acf-b51b966b6dd8/</OABUrl>
        <ServerExclusiveConnect>off</ServerExclusiveConnect>
      </Protocol>
      <Protocol>
        <Type>EXPR</Type>
        <Server>mail.myserver.com</Server>
        <SSL>On</SSL>
        <AuthPackage>Negotiate</AuthPackage>
        <ASUrl>https://mail.myserver.com/ews/exchange.asmx</ASUrl>
        <EwsUrl>https://mail.myserver.com/ews/exchange.asmx</EwsUrl>
        <EmwsUrl>https://mail.myserver.com/ews/exchange.asmx</EmwsUrl>
        <EcpUrl>https://mail.myserver.com/ecp/</EcpUrl>
        <EcpUrl-um>?rfr=olk&p=customize/voicemail.aspx&exsvurl=1&realm=domain.LOCAL</EcpUrl-um>
        <EcpUrl-aggr>?rfr=olk&p=personalsettings/EmailSubscriptions.slab&exsvurl=1&realm=domain.LOCAL</EcpUrl-aggr>
        <EcpUrl-mt>PersonalSettings/DeliveryReport.aspx?rfr=olk&exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx>&realm=domain.LOCAL</EcpUrl-mt>
        <EcpUrl-ret>?rfr=olk&p=organize/retentionpolicytags.slab&exsvurl=1&realm=domain.LOCAL</EcpUrl-ret>
        <EcpUrl-sms>?rfr=olk&p=sms/textmessaging.slab&exsvurl=1&realm=domain.LOCAL</EcpUrl-sms>
        <EcpUrl-photo>PersonalSettings/EditAccount.aspx?rfr=olk&chgPhoto=1&exsvurl=1&realm=domain.LOCAL</EcpUrl-photo>
        <EcpUrl-tm>?rfr=olk&ftr=TeamMailbox&exsvurl=1&realm=domain.LOCAL</EcpUrl-tm>
        <EcpUrl-tmCreating>?rfr=olk&ftr=TeamMailboxCreating&SPUrl=<SPUrl>&Title=<Title>&SPTMAppUrl=<SPTMAppUrl>&exsvurl=1&realm=domain.LOCAL</EcpUrl-tmCreating>
        <EcpUrl-tmEditing>?rfr=olk&ftr=TeamMailboxEditing&Id=<Id>&exsvurl=1&realm=domain.LOCAL</EcpUrl-tmEditing>
        <EcpUrl-extinstall>Extension/InstalledExtensions.slab?rfr=olk&exsvurl=1&realm=domain.LOCAL</EcpUrl-extinstall>
        <OOFUrl>https://mail.myserver.com/ews/exchange.asmx</OOFUrl>
        <UMUrl>https://mail.myserver.com/ews/UM2007Legacy.asmx</UMUrl>
        <OABUrl>https://mail.myserver.com/OAB/4b0a14e4-d177-415f-9acf-b51b966b6dd8/</OABUrl>
        <ServerExclusiveConnect>on</ServerExclusiveConnect>
        <EwsPartnerUrl>https://mail.myserver.com/ews/exchange.asmx</EwsPartnerUrl>
        <GroupingInformation>NebraskaOrthopaedicHospital</GroupingInformation>
      </Protocol>
      <Protocol>
        <Type>WEB</Type>
        <Internal>
          <OWAUrl AuthenticationMethod="Basic, Fba">https://mail.myserver.com/owa/</OWAUrl>
          <Protocol>
            <Type>EXCH</Type>
            <ASUrl>https://mail.myserver.com/ews/exchange.asmx</ASUrl>
          </Protocol>
        </Internal>
        <External>
          <OWAUrl AuthenticationMethod="Fba">https://mail.myserver.com/owa/</OWAUrl>
          <Protocol>
            <Type>EXPR</Type>
            <ASUrl>https://mail.myserver.com/ews/exchange.asmx</ASUrl>
          </Protocol>
        </External>
      </Protocol>
      <Protocol>
        <Type>EXHTTP</Type>
        <Server>mail.myserver.com</Server>
        <SSL>On</SSL>
        <AuthPackage>Ntlm</AuthPackage>
        <ASUrl>https://mail.myserver.com/ews/exchange.asmx</ASUrl>
        <EwsUrl>https://mail.myserver.com/ews/exchange.asmx</EwsUrl>
        <EmwsUrl>https://mail.myserver.com/ews/exchange.asmx</EmwsUrl>
        <EcpUrl>https://mail.myserver.com/ecp/</EcpUrl>
        <EcpUrl-um>?rfr=olk&p=customize/voicemail.aspx&exsvurl=1&realm=domain.LOCAL</EcpUrl-um>
        <EcpUrl-aggr>?rfr=olk&p=personalsettings/EmailSubscriptions.slab&exsvurl=1&realm=domain.LOCAL</EcpUrl-aggr>
        <EcpUrl-mt>PersonalSettings/DeliveryReport.aspx?rfr=olk&exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx>&realm=domain.LOCAL</EcpUrl-mt>
        <EcpUrl-ret>?rfr=olk&p=organize/retentionpolicytags.slab&exsvurl=1&realm=domain.LOCAL</EcpUrl-ret>
        <EcpUrl-sms>?rfr=olk&p=sms/textmessaging.slab&exsvurl=1&realm=domain.LOCAL</EcpUrl-sms>
        <EcpUrl-photo>PersonalSettings/EditAccount.aspx?rfr=olk&chgPhoto=1&exsvurl=1&realm=domain.LOCAL</EcpUrl-photo>
        <EcpUrl-tm>?rfr=olk&ftr=TeamMailbox&exsvurl=1&realm=domain.LOCAL</EcpUrl-tm>
        <EcpUrl-tmCreating>?rfr=olk&ftr=TeamMailboxCreating&SPUrl=<SPUrl>&Title=<Title>&SPTMAppUrl=<SPTMAppUrl>&exsvurl=1&realm=domain.LOCAL</EcpUrl-tmCreating>
        <EcpUrl-tmEditing>?rfr=olk&ftr=TeamMailboxEditing&Id=<Id>&exsvurl=1&realm=domain.LOCAL</EcpUrl-tmEditing>
        <EcpUrl-extinstall>Extension/InstalledExtensions.slab?rfr=olk&exsvurl=1&realm=domain.LOCAL</EcpUrl-extinstall>
        <OOFUrl>https://mail.myserver.com/ews/exchange.asmx</OOFUrl>
        <UMUrl>https://mail.myserver.com/ews/UM2007Legacy.asmx</UMUrl>
        <OABUrl>https://mail.myserver.com/OAB/4b0a14e4-d177-415f-9acf-b51b966b6dd8/</OABUrl>
        <ServerExclusiveConnect>On</ServerExclusiveConnect>
      </Protocol>
      <Protocol>
        <Type>EXHTTP</Type>
        <Server>mail.myserver.com</Server>
        <SSL>On</SSL>
        <AuthPackage>Negotiate</AuthPackage>
        <ASUrl>https://mail.myserver.com/ews/exchange.asmx</ASUrl>
        <EwsUrl>https://mail.myserver.com/ews/exchange.asmx</EwsUrl>
        <EmwsUrl>https://mail.myserver.com/ews/exchange.asmx</EmwsUrl>
        <EcpUrl>https://mail.myserver.com/ecp/</EcpUrl>
        <EcpUrl-um>?rfr=olk&p=customize/voicemail.aspx&exsvurl=1&realm=domain.LOCAL</EcpUrl-um>
        <EcpUrl-aggr>?rfr=olk&p=personalsettings/EmailSubscriptions.slab&exsvurl=1&realm=domain.LOCAL</EcpUrl-aggr>
        <EcpUrl-mt>PersonalSettings/DeliveryReport.aspx?rfr=olk&exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx>&realm=domain.LOCAL</EcpUrl-mt>
        <EcpUrl-ret>?rfr=olk&p=organize/retentionpolicytags.slab&exsvurl=1&realm=domain.LOCAL</EcpUrl-ret>
        <EcpUrl-sms>?rfr=olk&p=sms/textmessaging.slab&exsvurl=1&realm=domain.LOCAL</EcpUrl-sms>
        <EcpUrl-photo>PersonalSettings/EditAccount.aspx?rfr=olk&chgPhoto=1&exsvurl=1&realm=domain.LOCAL</EcpUrl-photo>
        <EcpUrl-tm>?rfr=olk&ftr=TeamMailbox&exsvurl=1&realm=domain.LOCAL</EcpUrl-tm>
        <EcpUrl-tmCreating>?rfr=olk&ftr=TeamMailboxCreating&SPUrl=<SPUrl>&Title=<Title>&SPTMAppUrl=<SPTMAppUrl>&exsvurl=1&realm=domain.LOCAL</EcpUrl-tmCreating>
        <EcpUrl-tmEditing>?rfr=olk&ftr=TeamMailboxEditing&Id=<Id>&exsvurl=1&realm=domain.LOCAL</EcpUrl-tmEditing>
        <EcpUrl-extinstall>Extension/InstalledExtensions.slab?rfr=olk&exsvurl=1&realm=domain.LOCAL</EcpUrl-extinstall>
        <OOFUrl>https://mail.myserver.com/ews/exchange.asmx</OOFUrl>
        <UMUrl>https://mail.myserver.com/ews/UM2007Legacy.asmx</UMUrl>
        <OABUrl>https://mail.myserver.com/OAB/4b0a14e4-d177-415f-9acf-b51b966b6dd8/</OABUrl>
        <ServerExclusiveConnect>On</ServerExclusiveConnect>
      </Protocol>
    </Account>
</Response>
</Autodiscover>

2 users sources

Hi all, we have a environment with 2 user sources, 1 ad and one e-dir same users in both synked with IDM. The ad is used for vdi users who has windows 7 vdi computer with zenworks client logging in seamless and Novell client loging in the background. Everything well and fine but now i would like to use e-dir as the user source in the vdi environment to.
It's no problem logging in as e-dir user in zenworks but I'm unable to get the seamless login to work.
I have set preferred realm and seamless login in the registry (HKLM) but no joy still logs in as the AD user insted of E-dir.
Is there a other way to force which realm to use?
Best regards
Lennart

I would recommend an SR.
I'm guessing that the preferred user source key is not being picked up
and honored on your VDI setup.
On 5/15/2014 5:06 AM, lelle wrote:
>
> Hi all, we have a environment with 2 user sources, 1 ad and one e-dir
> same users in both synked with IDM. The ad is used for vdi users who has
> windows 7 vdi computer with zenworks client logging in seamless and
> Novell client loging in the background. Everything well and fine but now
> i would like to use e-dir as the user source in the vdi environment to.
> It's no problem logging in as e-dir user in zenworks but I'm unable to
> get the seamless login to work.
> I have set preferred realm and seamless login in the registry (HKLM) but
> no joy still logs in as the AD user insted of E-dir.
> Is there a other way to force which realm to use?
>
> Best regards
>
> Lennart
>
>
Craig Wilson - MCNE, MCSE, CCNA
Novell Technical Support Engineer
Novell does not officially monitor these forums.
Suggestions/Opinions/Statements made by me are solely my own.
These thoughts may not be shared by either Novell or any rational human.

Moving user profiles from Server 2012 with RDS services to User profile disks Server 2012R2

Hello i have a question about moving my C:\users profiles.
My current settings on the servers are:
AD-Server 2012
SQL-Server 2012
TS- server with RDS roles (RDwebacces, RDs broker, RD session host) 2012
everything about user profiles is now in C:\Users
My new settings for the server will be:
AD-ActiveDirectory - server
SQL-Server
TS1- RDS (RDwebacces, broker, RDS server group management) 2012R2 (I have enabeld userProfileDisks to Filesistem server)
TS2- RDS(Session host) load balance 2012R2
TS3- RDS (Session host) load balance 2012
FileSistem - server ( here i will have on E: partition the new functionality UserProfileDisks) 2012R2
So is there a way to move profiles from TS - C:\Users to FileSistem - E:\UserProfileDisks
I am new to this so any idea wil be helpful.

Hi,
If the UPD is configured on the server which holds existing user profiles, just select the option:
store all user settings and data inside the profile disk.
Since you are moving user profiles between different servers, then user profile contents need to be migrated manually.
Best Regards,
Amy
Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

How can I set the default home page in Firefox 4 for all users that login to a PC on a Win 7 PC?

I work at a community college in upstate NY.
We use Firefox as the default browser at our institution and we have always set the default homepage to be our homepage for all users that login to the PC. We had a procedure to to that that worked with Windows XP and FF 3 or earlier
We would do the following:
1. go to: c:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\<profile_name>\prefs.js
2. Add the line: user_pref (“browser.startup.homepage”,”http://www.genesee.edu”);
3. Copy the Folder
C:\Documents & Settings\Administrator\Application Data\Mozilla
To
C:\Documents & Settings\Default User\Application Data\Mozilla
4. Restart the computer
We're going to Win 7 and Firefox 4 and things seem to be different in terms of files and file structure. Does anyone know how to accomplish this?
Thanks in advance.

Making customisation from the default profile is generally considered poor practice and quite often doesn't work out as planned. (If you're interested in some more information on this, [http://mockbox.net/windows-7/227-customise-windows-7-default-profile.html see here] see here)
This article should help you with developing and deploying your customised Firefox 4 installation (without touching the Windows 7 default user profile):
http://mockbox.net/configmgr-sccm/174-install-and-configure-firefox-silently.html

Parallel How many times user can login to the SAP system through ITS

Hello all
We are using the ITS ---620 and following 46D R/3 system
R/3 system details:
Kernal :
kernel release :46D
O/S :SunOS 5.8 Generic_108528-05 sun4us
We would like to now, At a time How many times user can login to the SAP system through ITS
Kindly letus know if any one have idea about parameter which can restrict the end users to u201CNu201D times/ sessions.
Transaction SITSPMON/SMICM are not working in R/3 system as it is 46D.
We found that parameter u201Clogin/disable_multi_gui_loginu201D works with SAPgui logons.
System logons using the Internet Transaction Server (ITS) or Remote Function Call (RFC) are not affected by this Parameter u201Clogin/disable_multi_gui_loginu201D
I need similar parameter u201Clogin/disable_multi_gui_loginu201D for the ITS users.
Thanks

I have searched all docs and notes.
Everytime the answer is PArameter for multi_gui_logonis not applicable for SAP Gui for HTML ( Browser )
The functionality does not exist for SAP Gui for HTML.
Regards,

How can I restrict Lion to only allow certain network users to login when bound to an Active Directory?

Hi,
I'm trying to find a way to configure which network users can login to a lab of iMacs running 10.7.4. They're being deployed using DeployStudio, and the Macs are bound to an MS Active Directory by a script that runs as part of the workflow. I'd like to have another script run after the AD binding to permit only users in certain AD groups to be able login to them.
I'm halfway there, in that using dseditgroup I can easily add AD groups or individual users to the relevant group (deseditgroup -o edit -a <domain\\group name> -t group com.apple.loginwindow.netaccounts. After running this I can see the desired groups added to the list in Sys Prefs -> Users & Groups -> Login Options -> Options. However, membership of this group is deemed irrelevant by the fact the radio button above this list for 'Allow these users to log in at login window' is still set to 'All network users' and not 'Only these network users'.
Does anyone know of a way to enable the 'Only these network users' option via the Terminal/a shell script?
Thanks,
Chris

I tried that, thinking it was exactly what I wanted, but it still sends stuff as SMS (green bubble).

How to stop ACS intergated AD users to login in AAA clients(network device)

I have ACS 4.2 Appliance which is integrated with Active directory.
AD users are able to login in network devices. Is there any so that I can stop AD user and other local users to login in AAA clinets (network devices).

These types of configurations are a two-way street. ACS must be configured to actually perform the authentication/authorization, and the AAA clients must also be configured for authentication/authorization. I would look at the AAA client configurations, first.
What kind of AAA clients are we talking about? Cisco switches, Cisco WLC's? Swicthing gear from other companies?
For Cisco switches, lines like the following will tell them to use your ACS server for administrative user auth (RADIUS ro TACACS+, respectively):
aaa group server radius rad_admin
server xxx.xxx.xxx.xxx
aaa group server tacacs+ tac_admin
server xxx.xxx.xxx.xxx
If your AAA client is a WLC, then you need to uncheck the "Management" box where the RADIUS server is defined for authentication (Security -> AAA -> RADIUS -> Auth).

How do I add a custom trusted certificate to a user's login keychain without needing the user's interaction?

In using ARD I can send the certificate to the user's desktop and install the Lync application but so far the only way I can get the certificate into the user's login keychain is by having them enter their password. This of course becomes inefficient when having to adminster 75 systems.
Which command can I send to the individual systems to store the certificate into their login keychains without having them to verify their password?
Any and all help is greatly appreciated

unfortunately no, MS Lync references the user's login keychain - at this point I can run a command through ARD that allows me to move the cert into the keychain and have the cert accept a password from the root account but now the problem is finding a command line to change the default trust settings to 'Always Trust'

Moved user in User Source login prompt

Similar Messages

Maybe you are looking for