my organizations runs some applications that requires a 32 bit O.S.
We created a VM with Microsoft HyperV console managment that runs a Windows 10 32 bit O.S.
The problem we are facing is that we are able to log in with a Domain\Administrator account when setting up a new machine but when we try non admin accounts (which we have something like 100+ for our staff - which they are already using every day to log into their machines currently in used ) we get this error "The User Profile Service service failed the sign-in. User profile cannot be loaded". When looking at the user registry we see only 4 files and not 10+ as seen in some internet guide. In some cases we have multiple forlders pointing to the same account and in each of them we have a ProfileImagePath that goes: Domain"user".001 and .002 ecc. ecc. ecc.
Related
I'm having trouble when creating a VM in Microsoft Azure using a custom windows image.
Issue
When connecting to the newly spawned VM using the credentials entered in Azure Portal, I get the following message :
The user account is currently disabled and cannot be used.
Running a Get-LocalAccount script using the "Run Command" menu of the Azure Portal I get the following output:
Name Enabled Description
---- ------- -----------
DefaultAccount False A user account managed by the system.
Guest False Built-in account for guest access to the computer/domain
myusername False Built-in account for administering the computer/domain
WDAGUtilityAccount False A user account managed and used by the system for Windows Defender Application
Workaround
If I use procedure from Azure VM connection error - The user account is currently disabled and cannot be used, I'm able to unlock the user and connect to the VM via RDP.
I also try creating a new user prior to sysprepping the VM so the local admin account is renamed and disable by Azure during VM creation but the user account created remain enabled.
Image Info
OS: Windows 10 LTSC 2019
Source: Custom deployed image used by my company. It was installed with an ISO on local HyperV machine, uploaded to Azure and SysPrep from a managed disk.
WindowsAzureVmAgent version 2.7.41491.949_191001-1418 installed on the VM prior to running sysprep.
Step Taken
Re-enabling the account and running Sysprep again to create a new snapshot does not fix the issue
Renaming the local administrator account prior to Sysprep the device does not have any effect.
Checked the local policies and nothing look unusual.
Found the solution with the help of Microsoft Azure support engineer. For a VM uploaded from on premise source, you would need to add a SetupComplete2.cmd and EnableLocalAdminAccount.ps1 in C:/Windows/OEM to unlock the user account automatically upon VM creation. Strangely enough this does not appear on anywhere on Microsoft's guideline on how to migrate a on-prem VM to Azure, but the official windows image from the Marketplace do have those 2 files that are run after Sysprep.
This blog article was also very useful and points towards the creation of a SetupComplete2.cmd https://matt.kotsenas.com/posts/azure-setupcomplete2
When trying to log into Azure account I get an error saying "You cannot access this right now Your sign-in was successful but does not meet the criteria to access this resource. For example, you might be signing in from a browser, app, or location that is restricted by your admin."
It's only on Debian 9, I can log in fine on Ubuntu, Windows 10, and android. Also, it's not a matter of local network because I can log in on Windows 10 and android from the same internet connection. In the details of error everything seems to be okay except I get:
Device identifier: Not Available
Device platform:
Device state: Unregistered
According to your personal account test, first of all, we can make it clear that Debian9 supports logging into azure account. Azure does not impose any restrictions on Debian9 devices.
Steps to troubleshoot:
Are your Debian 9 machine and other Win 10, Ubuntu and other devices in the same domain?
Is the Azure account in question given to you by your organization or company?
Consult your AAD administrator to understand some policy restrictions.
Suggestion:
Find your AAD administrator and consult policy restrictions.
Find the IT administrator and add the Debian 9 machine to the domain.
If the above two suggestions still do not solve the problem, it is recommended to raise a support ticket for help.
I am trying to install SQL Data Sync Agent 2.0 but I got this install error
I am running virtual machines with Hyper-V.
I tried in a windows server 2016 and a windows 10. Up to date.
I added the account to log as a windows service.
What could be the issue?
Thanks
I have fixed this issue by adding Computer-name in front of the Username.
Make sure the following,
Username and password are correct.
Prefix the computer name along with the username (Eg: MYPC\user).
You can find the computer name on This PC's properties.
This error occurs in two situations:
User name and/or password are incorrect. Do not use the Windows Live login to install the agent use (create) a local Windows account to install the agent.
The specified user account does not have sufficient privileges to logon as a service, but you told us you did this already. Anyway please verify the following steps:
To Grant logon-as-a-service credentials to the user account please do the following steps:
Navigate to Start > Control Panel > Administrative Tools > Local Security Policy > Local Policy > User Rights Management.
Find and click the Logon as a service entry.
Add the user account in the Logon as a service Properties dialog.
Click Apply then OK.
Close the windows.
Some more suggestions:
Install the client agent using the least privilege account with network service access.
It is best if the client agent is installed on a computer separate from your on premises SQL Server computer.
I have created an Azure VM for the purpose of testing a new installation process for my software. The VM is using Windows 10 Preview.
Yesterday I uploaded an ISO file which contained our software plus installers for SQL Server Express (various editions). (About 1.8 gb)
I ran our custom setup program which installs SQL express, restores a new user database, adds firewall exceptions etc. etc.
This morning I cannot RDP into that VM. The connection is made, but when I attempt to login, I am simply returned to the Windows Security Dialog, with the message "Your credentials did not work..."
I know I am typing the password correctly, I have double checked things like typos in the user name and password, Caps Lock is not on ;-) and so on.
This happened to a VM I had set up last week too, after a similar test and after attempting various options including resetting credentials using Powershell (found here) I accepted that I must have forgotten the password or done something wrong, so I started again.
Now the same things has happened I am wondering if that level of activity (uploading 1.8gb then running a setup which retrieved and installed .Net runtime 3.5) on an Azure VM that runs under an MSDN Premium subscription Azure account, caused the user account to be locked out for a period of time - have I hit some limit of uploads to that machine or activity or some other limit I'm not aware of?
I opened Sharepoint 2010 Central Admin and as per normal, was prompted for my login details. As I did not know the details, I closed after a few guesses/changing the default account.
A few hours later, remembering the password, I try again but get a 503 Service Unavailable.
I check the app pools in IIS7 and see that the SharePoint Central Administration v4 app pool is off. I turn it on, close IIS7, but it turns off again. Its settings look good to me:
Enable 32-bit applications Off
Start Automatically True
Enabled True
However, the application event log tells me that the account I was using to access Central Admin, and used by this app pool, has now expired (it's a local account so I did not know this will happen). This also impacts all other services such as SQL Server etc. How can I change the account of the app pool, but also change all of the other service accounts?
The credentials used for the account [name] expired on 1/9/2010 1:33:39 PM, and need to be updated. If they are not updated, the system may stop working. The account is used by the following:
Farm Account
Microsoft SharePoint Foundation User Code Service
User Profile Synchronization Service
Web Analytics Data Processing Service
Security Token Service Application
Application Discovery and Load Balancer Service Application]
I assume updatefarmcredentials will fix this. I tried the following:
stsadm.exe -o updatefarmcredentials -username sysaccountname -password pwvaluehere -local
This results in a "command line error". What is the proper syntax?
You can also just change the current System Account password in AD or Computer Management, and mark it to not expire.
When it comes to the stsadm command, it is userlogin not username, unless that changed in 2010. (Source)