Month: August 2019

Situation: When the user opens Outlook, he gets this error: “The name on the security certificate is invalid or does not match the name of the site”

Troubleshooting: In most cases, this is Autodiscover Domain Name System (DNS) records issue. Use https://testconnectivity.microsoft.com/ to troubleshoot Autodiscover problem or This Microsoft article may help:

“The name on the security certificate is invalid or does not match the …https://support.microsoft.com/…/the-name-on-the-security-certificate-is- invalid-or-does-not-match-the

Or try to clear the cache.

Situation: Whenever morning, the user has a black screen and can’t login the domain computer. After restarting the computer, she can’t login because the account is locked.

Troubleshooting: The event viewer shows Event ID 40960: The Security System detected an authentication error for the server LDAP. The failure code from authentication protocol Kerberos was “The user account has been automatically locked because too many invalid logon attempts or password change attempts have been requested.

We find the user changed the computer screen save recently and she selects a family photo. We fix the problem by disabling the photo screen save.

Note: You may use some tools to troubleshoot this issue.

Account Lockout Tools
http://technet.microsoft.com/en-us/library/cc738772(WS.10).aspx
Virus alert about the Win32/Conficker worm
http://support.microsoft.com/kb/962007

Also

•user’s account in stored user name and passwords
•user’s account tied to persistent mapped drive
•user’s account as a service account
•user’s account used as an IIS application pool identity
•user’s account tied to a scheduled task
•un-suspending a virtual machine after a user’s pw as changed
•A SMARTPHONE!!!

For more refer KB article:http://technet.microsoft.com/en-us/library/cc773155(WS.10).aspx

Troubleshooting account lockout the Microsoft PSS way:
http://blogs.technet.com/b/instan/archive/2009/09/01/troubleshooting-account-lockout-the-pss-way.aspx

Using the checked Netlogon.dll to track account lockouts
http://support.microsoft.com/kb/189541

If the multiple user ids are getting locked in AD this could be the sympton of Win32/Conficker worm.

See this similar thread too:

Event ID 40690 – Accounts keep locking out
http://social.technet.microsoft.com/Forums/en/winservergen/thread/8c684d03-c075-4015-8799-03ee9f1cd853
http://social.technet.microsoft.com/Forums/en-US/w7itprosecurity/thread/e1ef04fa-6aea-47fe-9392-45929239bd68/

Situation: The client can’t send print job to Dymo Labelwritre 450.

Troubleshooting: 1. Make sure you have correct printer driver.

2. Make sure the cable is good.

3. If it is a new Windows 10 computer, make sure the USB port works. Try different port for a test.

Situation: The user has a problem to open Word and Outlook. When we try to repair Office,, it gives this error: error code 30034-4.

Troubleshooting: 1. Run SYSTEM FILE CHECKIN: SFC/SCANNOW .

2. Disable firewall and any security software.

3. Uninstall and re-install Office.

4. Make sure no pre-existing Office version in the computer.

Situation: After install Office 365, the user can’t open any Office apps such as word, Outlook. When trying to uninstall office, he gets this Error Code 30015-25.

Troubleshooting: 1. Restart the Computer doesn’t fix the problem.

2. Run repair doesn’t fix the problem.

3.

Situation: the user can’t download and install Office 365.

Troubleshooting: 1. try to add www.office.com to Internet Option>Security. That doesn’t fix the problem.

2. Try different Internet Browser. The same problem.

3. Go to Internet Browser settings to clean the cooks and history. That fix the problem.

Situation: the client has Palo Alto firewall and use their VPN for remote access. The problem is they can’t copy big files from the network resources to the VPN client.

Troubleshooting: We don’t know the reason for that. However, if we copy the file through RDP, that works fine. This is the temporary resolution.

Situation: The client is running Exchange 2010 on Windows 2012 R2 Domain Controller. After they demoted one of DCs, they can’t login the Exchange server.

Troubleshooting: 1. Make sure you have correct DNS settings on Exchange serve.

2. The problem could be a result of the Exchange Management Console caching the domain controller details in the MMC temp files. It caches the data but it’s not smart enough to update the data or locate another DC. To fix the issue you have to remove the MMC cache file from the users profile.

Use the following steps to clear the EMC MMC cache file:

1) Close the EMC if you have it open
2) Go to the User’s profile directory and delete the Exchange Management Console file.
3) File location can be found here:

• C:\users\<specific user>\AppData\Roaming\Microsoft\MMC\Exchange Management Console

4) Reopen the EMC

Situation: The user has a new PC running Office 365 latest version. It worked for a couple days. Now, when she opens the Outlook, it disappears. The Task Manager doesn’t show the Outlook running.

Troubleshooting:

1. Run Office 365 repair, that doesn’t fix the problem.
2. Installing Office 365 update, that doesn’t fix the problem.
3. Disabling all Add-ins, that doesn’t fix the problem.
4. Run Microsoft Support and Recovery Assistant for Office 365, that doesn’t fix the problem.
5. Try different Outlook profile. it is the same problem.
6. It could be bad PST problem. Run ScanPST.exe to Repair PST files. In Office 365/Office 2016, ScanPST.exe is located in C:\Program Files (x86)\Microsoft Office\root\Office16. That fixes the problem.

1. Install the proper operating system and name the new server with the same name as the lost server.
2. Reset or rejoin the computer account for the lost server.
3. Install the necessary prerequisites and operating system components on the target server. For details, see Exchange Server system requirements.
4. On the target server, open File Explorer, right-click on the Exchange ISO image file that you downloaded, and then select Mount. Note the virtual DVD drive letter that’s assigned.
5. Open a Windows Command Prompt window. For example:
6. In the Command Prompt window, use the following syntax:

Copy

<Virtual DVD drive letter>:\Setup.exe /IAcceptExchangeServerLicenseTerms /Mode:RecoverServer [/TargetDir:<Path>] [/DomainController:<ServerNameOrFQDN>] [/DoNotStartTransport] [/EnableErrorReporting]

This example uses the Exchange installation files on drive E: to install Exchange in the default location (%ProgramFiles%\Microsoft\Exchange Server\V15) and recover the Exchange server.

Copy

E:\Setup.exe /IAcceptExchangeServerLicenseTerms /Mode:RecoverServer

This is the same example, but a custom location for the Exchange program files is required to match the location on the lost server.

Copy

E:\Setup.exe /IAcceptExchangeServerLicenseTerms /Mode:RecoverServer /TargetDir:”D:\Program Files\Exchange”

7. After Setup has completed, but before you put the recovered server into production, reconfigure any custom settings that were previously present on the server, and then restart the server.