Saturday 30 March 2013

Username/Password incorrect on windows 7 Windows 7 Enterprise workstations.



sRecently we had an issue on our domains where users were unable to login to their PCs/ Vms and their accounts were not locking out either. We were able to resolve it using the following steps.

2.    Enable LogonUI logging
To enable LogonUI logging you will have to create below registry keys on the affected machine and reboot.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Autologger\LogonUI
Start = dword:00000001
GUID = String:{B95DEC63-3211-421F-A54F-5B7CF24F9513}
LogFileMode = dword:00080000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Autologger\LogonUI\{2955e23c-4e0b-45ca-a181-6ee442ca1fc0}
Enabled = dword:00000001
EnableFlags = dword:000fffff
EnableLevel = dword:000fffff
LoggerName =String: LogonUI

To disable the Logging later, use the below value.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Autologger\LogonUI\{2955e23c-4e0b-45ca-a181-6ee442ca1fc0}
Enabled = dword:00000000
         
Tracing information will be dumped (in binary) to %windir%\system32\LogFiles\WMI\LogonUI.etl.



3.    Enable Netlogon logging on few machines to test
You may run the command  nltest /dbflag:0x2080ffff  to enable netlogon logging. Please refer to article http://support.microsoft.com/kb/109626 for details
4.    Get a network trace while the issue is happening.

TThe issue was fixed by installing the follwing update from microsoft:

1.    http://support.microsoft.com/kb/2768494

   After this there have been no more recurrences of the same error.


at No comments:
Labels: ,

Friday 29 March 2013

Lync for mac removal script

Hello all,
   Here's a little script that cleans out Lync for mac from OS X, this has been tested on 10.8 and 10.7 and found to be working very well, this basically automates the steps listed here:

http://mac2.microsoft.com/help/office/14/en-us/lyncdeploy/item/b4b71856-a7a5-467e-8425-238b3eaaa993?category=8cd683fd-c4a6-4520-a360-ac81632dadcb

#!/bin/bash

# See Microsoft Article ID: 2691870 How to perform a clean uninstall of Lync for Mac 2011
ASROOT=${ASROOT:-sudo}
# Variables and Functions #
VISIBLEUSERS=$(sudo /usr/bin/dscl . list /Users UniqueID | awk '$2 >= 500 && $2 < 100000000000000000 { print $1; }')
function LyncRunningCheck {
ps ax | grep -v grep | grep -i "/Applications/Microsoft Lync.app/Contents/MacOS/Microsoft Lync" > /dev/null
result=$?
if [ "${result}" -eq "1" ] ; then
     echo "`date`: Microsoft Lync is not running."
else
     echo "`date`: Killing Microsoft Lync."
 LyncPID=$(ps -A | grep -m1 "Microsoft Lync" | awk '{print $1}')
 sudo kill -9 $LyncPID
fi
}
# Main Process #

# Check if Lync is running, kill if it is:
LyncRunningCheck
# Delete the application:
rm -rf /Applications/Microsoft\ Lync.app/
echo "`date`: Removed /Applications/Microsoft\ Lync.app/"
rm -f /Library/Preferences/MicrosoftLyncRegistrationDB.plist

# Remove Dock Icon:
for username in $VISIBLEUSERS
do
HOMEFOLDER=$(sudo dscl . -read /Users/$username NFSHomeDirectory | awk '{print $2}')
DOCKSLOTS=$(sudo defaults read $HOMEFOLDER/Library/Preferences/com.apple.dock persistent-apps | grep tile-type | awk '/file-tile/ {print NR}')
for  slot in $DOCKSLOTS
do
DOCKPATH=`sudo /usr/libexec/PlistBuddy -c "print persistent-apps:$[$slot-1]:tile-data:file-data:_CFURLString" $HOMEFOLDER/Library/Preferences/com.apple.dock.plist`
if [[ $DOCKPATH =~ "Microsoft%20Lync.app" ]];
then
sudo /usr/libexec/PlistBuddy -c "Delete persistent-apps:$[$slot-1]" $HOMEFOLDER/Library/Preferences/com.apple.dock.plist
fi
done
echo "`date`: Removed Lync from $username dock"
done
sleep 5
sudo killall Dock -HUP
# Check if Lync is running, kill if it is:
LyncRunningCheck
# Delete the Application:
sudo rm -rf /Applications/Microsoft\ Lync.app/
echo "`date`: Removed /Applications/Microsoft\ Lync.app/"
# Remove Dock Icon:
for username in $VISIBLEUSERS
do
HOMEFOLDER=$(sudo dscl . -read /Users/$username NFSHomeDirectory | awk '{print $2}')
DOCKSLOTS=$(sudo defaults read $HOMEFOLDER/Library/Preferences/com.apple.dock persistent-apps | grep tile-type | awk '/file-tile/ {print NR}')
for  slot in $DOCKSLOTS
do
DOCKPATH=`sudo /usr/libexec/PlistBuddy -c "print persistent-apps:$[$slot-1]:tile-data:file-data:_CFURLString" $HOMEFOLDER/Library/Preferences/com.apple.dock.plist`
if [[ $DOCKPATH =~ "Microsoft%20Lync.app" ]];
then
sudo /usr/libexec/PlistBuddy -c "Delete persistent-apps:$[$slot-1]" $HOMEFOLDER/Library/Preferences/com.apple.dock.plist
fi
done
echo "`date`: Removed Lync from $username dock"
# Remove User Data:
rm -rf $HOMEFOLDER/Library/Preferences/ByHost/MicrosoftLyncRegistrationDB.*.plist
rm -rf $HOMEFOLDER/Library/Preferences/MicrosoftLyncRegistrationDB.plist
rm -rf $HOMEFOLDER/Library/Preferences/com.microsoft.Lync.plist
rm -rf $HOMEFOLDER/Library/Logs/Microsoft-Lync-*.log
rm -rf $HOMEFOLDER/Documents/Microsoft\ User\ Data/Microsoft\ Lync\ Data/
rm -rf $HOMEFOLDER/Documents/Microsoft\ User\ Data/Microsoft\ Lync\ History/
rm -rf $HOMEFOLDER/Keychains/OC_KeyContainer*
echo "`date`: Removed $username's preferences, logs, history and keychains"
# Remove Presence Handler:
HANDLERS=$(sudo /usr/libexec/PlistBuddy -c "print" $HOMEFOLDER/Library/Preferences/com.apple.LaunchServices.plist | grep Dict | awk '{print NR}')
for  handler in $HANDLERS
do
HandlerCheck=`sudo /usr/libexec/PlistBuddy -c "print LSHandlers:$[$handler-1]:LSHandlerRollAll" $HOMEFOLDER/Library/Preferences/com.apple.LaunchServices.plist`
if [[ $HandlerCheck =~ "com.microsoft.lync" ]];
then
sudo /usr/libexec/PlistBuddy -c "Delete LSHandlers:$[$handler-1]" $HOMEFOLDER/Library/Preferences/com.apple.LaunchServices.plist
echo "`date`: $username x-mspresence handler removed."
fi
done
done
sleep 5
sudo killall Dock -HUP
exit 0

                                                                                                                                                                                                                  Run the script by pasting it into a text editor, saving it as .sh and then making it executable by chmod +x lync_removal.sh, run it using: sh lync_removal.sh from the terminal.
This works silently so there won't be any popup window at all.
I am still working on removing keychain entries for Lync, but have found no way of doing this without serious risk on nuking the keychain.

at 5 comments:
Labels: , , , , ,
Subscribe to: Posts (Atom)

Detect autopilot session

  Ensuring that some apps only install during autopilot is not easily accomplished, you can use the below powershell script as a requiremen...