I have two machines joined to my Azure AD domain. I have a Surface Book and a Surface 4.
While both are joined to the same AzureAD domain, one accepts new users from that domain being added and the other does not. I am trying to add "jessica#nkdagility.com" to the machine so that she can login.
I have tried adding the user from the Windows login with "AzureAD\jessica#nkdagility.com" and with "jessica#nkdagility.com". And the message is always "workplace or school account cant be found".
Has anyone experienced this before? Any workarounds before I reset the computer?
UPDATE
So I was able to fix it but it required a factory reset of the Surface. Once done the user logged in no problem at all.
The Surface was on the latest Insider Build.
Any user from the same directory should be able to login to the client that is Azure AD joined as long as the client has internet connection.
Note: If it's still failing then you need to perform intensive troubleshooting, I would suggest you to start from looking at event logs.
Im not sure exactly why this was an issue, but the only timely fix I could find was to factory reset the Surface Pro 4 to Windows 10. When it booted and I selected "device belongs to work or school" I was able to add the other user with no problems.
SO this may have been an insider build issue.
However, when I factory reset my Surface Pro 3 to Windows 10 it was still unable to recognise that user.
Related
I am trying to obtain my production keys for my QBO app following the steps in this link
here
However, when I try to start the "App Assessment Questionnaire", I get the error message below:
You currently do not have a developer account, please click here to complete setting up your developer account. Once that is complete you will be able to access the help pages.
This is what I see, and I DO have a developer account. It won't let me continue.
Please help!
UPDATE
I see this error in the address bar:
ErrorCode=ERROR_CREATING_USER&ErrorDescription=License+Limit+Exceeded
UPDATE #2
I tried creating a brand new account, a new app, on a different PC and the same thing happened. So this is not a cache issue.
UPDATE #3
Created 2 support tickets for this issue
#00114423
#00114415
I had to use a different account to access the help site
https://help.developer.intuit.com
I've the same issue since Friday (02/18) and spent hours to figure out what's the problem.
tried from different browsers and different IP addresses
made a brand new developer account to test with it
had a 1+ hour chat session with QB support (but not developer support)
sent an email to an address received from the chat assistant
sent a feedback at https://www.surveymonkey.com/r/AppAssess
According to the browser's developer tools:
the Start questionnaire button opens this URL:
https://developers.intuit.com/app/developer/appdetail/prod/questionnaire?appId=xxxxx:UUID_of_app
then it redirects to:
https://login.salesforce.com/services/auth/sso/yyyyyyyyyyy/Intuit_Enterprise?community=https://help.developer.intuit.com
finally, SSO to salesforce fails and it redirects back to:
https://developer.intuit.com/app/developer/qbpayments/docs/qbms-payments/hosted-paypage/faqs/help-redirect?**ErrorCode=ERROR_CREATING_USER&ErrorDescription=License+Limit+Exceeded**+-+Customer+Community+Login&ProviderId=xxxxxx&startURL=%2Fs%2Fquestionnaire%3Fapp%yyyyyyyyyyyyy
So, it seems to be, QB have reached a license limit at salesforce, which prevents new logins to create and the questionnaire from to load.
And the funny part is: the same thing happens, when I tried to create a support ticket and used the "Ask a question" button at https://help.developer.intuit.com/s/
Which means, I can't start the questionnaire and can't start a ticket about the error either.
I guess, if QB developer accounts whom created support tickets previously or started the questionnarie before the license limit has been reached, they have have a SSO login account at salesforce and able to fill in the form or start new support tickets, but others are stuck because of the license limit.
If somebody have a working QB developer account and able to start a support ticket, please do it, and link this page in it.
Or maybe, we should contact salesforce support to let QB know about the license limit.
I'll give it a try.
This seems to have been fixed. I tried running the questionaire and it worked.
I have also been having this problem the last several days and had the same lack of success with QB support. The URL callback error I see is:
ErrorCode=REGISTRATION_HANDLER_ERROR&ErrorDescription=Please+sign+the+terms+of+service+before+you+login+to+community
I don't see anywhere I can sign a TOS in my account page - it's possible that in fact QBO hasn't signed a TOS with Salesforce. What a joke.
I work in a big company and we have just migrated to office 365 in a hybrid scenario.
Here is the "stack":
Exchange 2016 Hybrid
ADSync with AADConnect
Usermailboxes hosted on Office 365
Users use the Outlook 2016 Client (can't roll out o365 client, because we have over 50.000 users and so many custom outlook plugins 32 Bit)
We do this as followed:
Create a new ad user.
Enable-RemoteMailbox samAccountName -RemoteRoutingAddress samAccountName#tenant.mail.onmicrosoft.com -PrimarySmtpAddress address#tenant.com -shared
(This also turns of emailAddressPolicy which it should do according to our exchange admins). Our exchange admins are also stuck on that problem so that's why I created this post here)
Then I wait and have a look in the ECP Admin center. Before the sync happens the remote Routing address is: address#tenant.com
After the first sync (every 30 minutes) it's samAccountName#tenant.mail.onmicrosoft.com ==> How it should be.
After another 30 minutes (2nd sync back to AD) it's a X500 address.
When I look it up in PS like get-remotemailbox <UPN> | fl *remote* the address is samAccountName#tenant.mail.onmicrosoft.com (how it should be).
So it's displayed wrong in the ecp.
But the huge problem we face is this:
When I give any user from the company full access to this shared mailbox it won't get Automapped.
After 1 hour of waiting I manually add it. When I do this a .OST error comes.
Error:
"Microsoft Outlook cannot expand the folder. The set of folders cannot
be opened. The file
C:\Users\UserName\AppData\Local\Microsoft\Outlook{username]}.ost"
Also with outlook restart it's not working. So our guess is because something is wrong about ECP and the Remote Routing address.
Please note that this isn't a client problem. It effects almost every mailbox I create these days.
I had another post about this but with fewer details and without the knowledge of the remote routing address: https://www.reddit.com/r/exchangeserver/comments/eceqm6/automapping_doesnt_work_on_hybrid_setting/
Anyone have any ideas? I appreciate any kind of help from you guys. If you need any more informations please ask
You have an Hybrid architecture, ok. You need to use O365, because if you use older versions you will need to change a bit the computer registry in each computer. Or change the on-premise autodiscover.
But your big problem is big indeed. Right now, you can not hare mailboxes in O365 correctly. If you do that, you may have access to main mailbox, but if you use archive, you won't have access (you just have OWA access).
Regards.
Issue: I am trying to sign in as a root user for my account from the AWS portal, but now, after I adding my password I keep getting redirected to:
https://portal.aws.amazon.com/billing/signup?redirect_url=https%3A%2F%2Faws.amazon.com%2Fregistration-confirmation#/start, no matter what.
It was working fine till today, first time I've encountered this redirect.
Main Browser : Chrome - Version 62.0.3202.94
Based on what on similar cases found on google I tried the following and still did not manage to sort out the issue:
-Chrome: deleted all the cookies and cache data
-Chrome: restarted the device and also the browser
-Chrome: used incognito mode
-Firefox (an aws member said is the most suitable browser): tried normal and private mode
-Firefox: deleted all the cookies and cache data
-Edge: tried normal and private mode
Someone suggested already to make use of S3Browser, it does not seem as a efficient solution just to access the AWS Portal a few times a week so I am keeping it as the last resort.
If anyone experienced the same issue or has any more suggestions/ideas would greatly appreciate some help.
Thanks in advance.
I faced the same issue. The following fixed it for me:
Change your Amazon email address on www.amazon.com - You can use the same email address by using this trick. Change myemail#gmail.com to myemail+amazon#gmail.com
Use the lost password recovery on the AWS login site to recover the password for the former email address (i.e. myemail#gmail.com).
Use the new password to login on the AWS console with the former email address (myemail#gmail.com)
I just had the exact same problem and it was caused by my Amazon account who happens to have the same email address as my AWS account. Turns out that somehow ends up to be one and the same account. I finally had to change the Email for my Amazon account and reset the password on my AWS account. Now they are nicely separated.
I contacted AWS regarding the issue and they suggested to reset my password by going through https://signin.aws.amazon.com because they saw I have two accounts under the same email address. I did reset my password but this did not help and I was keep getting sent to the same screen to finish my registration.
Due to the fact that I reset my password for my AWS account, when I tried to do some Christmas shopping through the normal https://www.amazon.co.uk it was prompting me with a message saying that I have another account active (the one from AWS I presume). I just reset my password for my https://www.amazon.co.uk account and it seems that the AWS account start working normally again.
Based on this experience if you encounter the same issue, I would recommend to try and reset the password for both AWS and the online shop https://www.amazon.com.
I had this exact same issue that also manifested itself as my amazon account not being associated with our 3rd party seller account on amazon US FBA (in addition to causing the loop on AWS).
I read the answer here and changed my password but that didn't fix it.
Ultimately, I called amazon.com customer support who transferred me to AWS support (the only way to get them is by calling general support and requesting it). They were able to initiate a password reset request which solved both issues (seller account and AWS Login loop).
I solved the problem of being unable to login to the AWS COnsole because of the AWS Sign In Loop by re-syncing my MFA device.
There's a link on the 3rd phase of login, where it asks for your MFA, that says troubleshoot MFA. If you click it, it asks you for 2 consecutive MFA codes and then lets you in.
Had the same issue.. found out was because of AdGuard app. Hope it will help somebody
for test you can try to login aws on iPhone
I have a Asp.net MVC application that uses Azure AD and OpenID Connect OWIN middlewares to handle authentication. Everything works fine except for one thing : if a user is already logged-in on another Microsoft Application lets say a Office 365 account or maybe a live mail account, when trying to login it recives a page saying that it is not allowed to log into my app, which is correct, but some how I need to catch that situation in my code to allow the user to sign in with a different account. Is there a way of doing that? This is by design? I mean : the user have to log in only with a live/azure account at the time ? I couldn't find any documentation about this.
As of today there is typically one user at a time, but we will soon support for you a way to select a specific user instead of automatically signing you in with the most recent one.
One way you can work around this today is by injecting the parameter "prompt=login" in your sign in requests. You can do that in the RedirectToIdentityProvider notifications, similarly to what is showin in http://www.cloudidentity.com/blog/2014/11/17/skipping-the-home-realm-discovery-page-in-azure-ad/ for domain_hint. This will cause the sign in experience to always start with a fresh prompt even if the user is already signed in. The draw back is that you'll never get SSO this way. Hopefully our account switiching feature will become available soon, keep an eye on http://blogs.technet.com/b/ad/ for announcements
I've been tasked with maintaining a DNN site that has been running for a while, so I copied it to my local development environment to get up to speed on the setup. I have the site up and running locally, and I can browse all (I think) of the pages. It seems to display correctly and yesterday, the DNN login worked correctly. However, today, when I try to login to manage changes, I enter my username and password on the login page, but it does not actually log in. On screen, all that seems to happen is that the password field clears. No error message displays. In my Firebug console, the only error message that appears is "Password fields present in a form with an insecure (http://) form action. This is a security risk that allows user login credentials to be stolen." Again, yesterday, I was able to log in and get to all of the DNN management features -- I changed skins, modified CSS, changed code, etc. I've tried multiple logins (host, superuser, and regular user) -- all have the same result.
I don't see anything in the database EventLog, except for a startup record.
I saw a couple of other SO posts tangentially related to failed DNN logins on development environment, and checked that Form Authentication is Enabled in IIS and the security for the site folders are set correctly and the folder is not read-only.
I generally use Firefox for development, but I also tried IE. I'm certain I'm missing sometime obvious, but it has me stumped. Ideas? I'm new to DNN, so I'm not up to speed yet on the best practices for debugging. Any other suggestions would be welcome.
Some details: Live site is SQL Server 2008; Dev is SQL Server 2012. Both sites use IIS 7. Dev is DNN 7.2.2. Locally, I'm using VS 2010 for development.
Couple of things to check.
1) Check to make sure your database connection strings (2 of them) in the web.config are both pointing to your local database.
2) Check to make sure the MachineKey values in the web.config still match the values in the production web.config
3) You might turn off SSL on the site, though you'll have to do that in the database as you can't get logged in. I believe you can likely just set Secure to 0 on all of the Tabs table records, but you might need to track down a HOST setting as well to make this work (hostsettings table)
An update. I was able to get this to work by using a different user account. I'm still not sure what the root of the problem was, but I believe it was related to specific settings on my particular user account. I used a generic 'admin' account, and was able to make it work.
Im experiencing the same issue, I think its something to do with the the .dotnetnuke cookie