Mysterchr

This can be a frustrating error to get for users, for those of though that are technical minded this is an easy to understand situation. The reason for this error is that Active Client does not have the user’s credential cache loaded. A lot of the time you’ll get calls for this because your user is impatient. Windows finishes starting up and therefore the user thinks the computer is ready to be logged into. However Active Client has not finished loading, therefore your user should remove their CAC from the reader and wait a few more seconds (I typically make them wait 1 minute) before trying to logon again. Nine times out of ten this will resolve the issue, especially if they are on the same network as the authentication server.

There will be times however where a user is on the VPN and during their VPN session their account gets disabled for whatever reason. Now there session will continue until they log off or it times out. Once the session has ended and the user reboots the machine they will be locked out and their credentials will not be able to be verified. The only way around this is to have the user return to the network and login there so that their credentials can be re-cached to the machine.

Note to all you sys admins out there, keep track of when your Web Services Certs expire. Before they expire you can renew them however if you don’t pay attention to them and let them expire you’ll have to create a new one. Simple solution on Windows SBS 2008 is open IIS Manager. Click on your site, then click on Server Certificates. Select create certificate reguest, make sure to save it as a .REQ

Next open a command prompt and use the Certreq tool by typing the following command:

“certreq -submit -attrib “CertificateTemplate:WebServer” <Cert Request.req>”

Once it’s submitted head over to the Active Directory Certificate Authority console and check the pending folder. Right click and approve when ready. Then export the cert and head back over to the IIS Manager. Go back to Server Certificates and this time select complete certificate request. Once the request is complete head over and check the SSL bindings for the site and make sure that the site is using the new cert that you just created to certify SSL connections.

This comes up when you’re trying to verify your creditals through outlook to port 110. It’s an easy to correct problem,

Simply open the Exchange Management Shell and type in and type:

Set-PopSettings -LoginTypePlainText press enter, Exchange will accept the CMDlet and then you simply restart the POP3 service. And your done.

Group Policy, a service that was introduced over ten years ago in Windows/Server 2000. Microsoft is no longer the only kid on the playground like it was then, but that doesn’t mean it’s lost all of it’s advantages. Globally Group Policy is still the only one of it’s kind. It of the greater tools in a MS System Admin’s pockets. It’s only disadvantage being the skill level of it’s administrator makes this tool even more intriguing.