May 18 2021 05:27 AM - edited May 18 2021 05:29 AM
Hello,
This post follows this one: https://techcommunity.microsoft.com/t5/surface-hub/how-to-configure-a-surface-hub-2s-with-teams-and-...
Our 2 Surface Hub 2S ran well for several months now.
We had some intrusion attacks on our Exchange 2019 on premise server end of February. Our IT provider restored the server to a previous safe state, installed CU09, and reimported all email database.
I'm not sure if it's related with CU09, but since this time, our Surface Hub 2S have random loss of connection with the Exchange server. When I tried to check the device account, I had Sync status error 0x85010002.
On this help page: https://docs.microsoft.com/en-us/surface-hub/troubleshoot-surface-hub it says "The password must be updated."
I tried to change the passwords, without success. I wasn't able to update the device account in the settings.
I did several tests with one of them:
- USB-key reinstall of the Surface, with Windows 10 Team 2020 image, with all data deletion
- deleting the computer account in AD
- the room account worked well on a Windows 10 pro computer in Outlook app and Teams app
- start the Surface Hub, create a new computer account in AD, add the Domain-Admins group as administrator
- in the settings of the Surface Hub: complete apps update on Microsoft Store, and complete Windows update, Microsoft Teams configured as default communication app
- after a reboot, impossible to log in with the room account, as before the reinstall of the system
- I run the Surface Hub diagnostic tool, and everything is fine, the room account test says "Your account was successfully contacted"
- on the Surface Hub, no problem to log in Outlook webapp or Teams webapp via Microsoft Edge
- after several unsuccessul tests, I moved the room account in the default Users folder of AD, and after 20 minutes I was able to log in in the settings of the Surface with the room account: Exchange parameters autodected, and SIP address also
- but after a reboot, impossible to open Teams, it showed a black rectangle in place of Teams. I closed the session several times and retried, same problem with Teams
- I moved again the room account in its default folder in AD, and after several dozens of minutes I was able to open the Teams app, and the meetings appeared on the Surface welcome screen, I thought that everything was good again!
Then began a strange thing: after several hours, I got this message again on welcome screen: "Appointments may be out of date (invalid credentials)". And after several hours, it disappears, then comes back again and so on. Sometimes we can click on the meetings on the welcome screen and it opens Teams successfully, and sometimes it does nothing.
If I go again in the settings, in the device account settings, I can see sync status error 0x85010002, I can click on Sync button, then it says "Account is up to date", but if I close the session and go back to the welcome screen, nothing has changed, we go back to the problem of invalid credentials and normal status in loop. If I try to go in the device account settings and click on "change" to reenter the email address and the password, it always refuses these credentials with different error codes (0x801131537 or 0x80070057 or others). But these credentials work well when I test with a Windows PC with Outlook and Teams apps or webapps.
I also tried to create an OU in AD for the room accounts with GPO inheritance deactivated, but it doesn't change anything.
May 24 2021 12:18 AM
Jun 02 2021 05:45 AM
Jun 28 2021 07:10 AM
Aug 06 2023 02:52 AM - edited Aug 06 2023 03:15 AM
I am facing the same issue you got. let me describe what I understand and correct me:
- ModernAuthentication is forced on Surface hub and need to be disabled?
- No way to apply ModernAuthentication on on-premise server?
- Can you advise on the steps to assign on-premise device account? normally I add the
DomainName\email address removed for privacy reasons. by doing this , I am getting the error you mentioned.
Aug 07 2023 06:46 AM
Hello @Abdul_Mohammed
I don't manage the on-premise servers, it's done by another company.
I only configure the client side with their help.
When I configure a Surface Hub, in the settings/account, I just enter the email address and password of the Surface account.
Aug 08 2023 12:34 AM