User Profile
md5hash
Copper Contributor
Joined Jan 18, 2023
User Widgets
Recent Discussions
Re: SCVMM 2022 Install failure - MSSQL database connectivity issue
I think the issue was that I was using the VMServer.ini parameter wrong. For the "remotedatabaseimpersonation" parameter which before I had set to 1, thinking that I wanted to create the connection to MSSQL as the CitrixRunAs account, I re-read the description for the VMServer.ini parameter and its 0 and 1 options. "0: Don't impersonate the administrator account for SQL Server. The user that runs setup.exe must be an administrator for the server that is hosting the SQL Server." That was probably my issue. The CitrixRunAs account definitely isn't an admin for the MSSQL server; it's intentionally a limited-permission account that is intended to do one thing; be the dbo for the VirtualManagerDB. Once I changed that setting to 0 instead of 1, things worked. This behavior does seem frustratingly obtuse though. Why does any of the users involved - be it the user doing the install of VMM on the VMM server, or the dbo account, need to be an admin on the SQL server?? This shouldn't be typical. I should just have to grant dbo rights to a service account in the SQL management studio, and then VMM's install should use that. My admin account on the SQL server should not need to be involved; if the SQL admin gives permission to the VMM admin to run a database for VMM on their SQL server, pre-creating the DB and granting DBO permissions should be all that is needed!2.1KViews0likes0CommentsSCVMM 2022 Install failure - MSSQL database connectivity issue
Hello, I'm trying to install SCVMM 2022 on a brand new Windows Server 2019 system. The SQL database is SQL Server 2016 version 13.0.6435.1. The SQL server is already in use in production with numerous other databases, using the default instance MSSQLSERVER No issues with prerequisites when I use the Wizard setup.exe, but things have failed so many times now I have switched to using the CLI install method. I pre-create a new database on the SQL server, named VirtualManagerDB, per the instructions https://learn.microsoft.com/en-us/system-center/vmm/plan-install?view=sc-vmm-2022#sql-server-and-database. The account I want to use as a service account is called COMPANY\CitrixRunAS - it is not a SQL admin account, but it does have dbo privileges just on this one Database. The instructions do not state that I need to give this service account any higher level permissions on the SQL server itself like sysadmin, etc. Then I setup VMServer.ini to do a CLI install with the following parameters, https://learn.microsoft.com/en-us/system-center/vmm/install?view=sc-vmm-2022#vmserverini-values: [OPTIONS] ProductKey=<redacted> UserName=Citrix-VMM CompanyName=Company SqlInstanceName=MSSQLSERVER$ SqlMachineName=sql1.company.com CreateNewSqlDatabase=0 SqlDatabaseName=VirtualManagerDB SqlServerPort=1433 RemoteDatabaseImpersonation=1 CreateNewLibraryShare=1 LibrarySharePath=C:\VMMLibrary LibraryShareDescription=Citrix VMM Library Files VmmServiceLocalAccount=0 TopContainerName=OU=VMM,OU=Distributed Key Management,OU=Service,DC=company,DC=com Upgrade=0 Then, I use the following install script: setup.exe /server /i /f C:\temp\2022\VMServer.ini /sqldbadmindomain company /sqldbadminName CitrixRunAs /sqldbadminpassword redacted /vmmservicedomain company /vmmserviceusername CitrixRunAs /vmmserviceuserpassword redacted /iacceptsceula and follow along in the log file located at "C:\ProgramData\vmmlogs\SetupWizard.log" Things progress fine until right after the Windows Features get checked for. 02:42:02:ProcessInstalls: Install Item VMM management server was successful. We will launch the post process delegate. 02:42:18:Windows feature RSAT-Clustering-PowerShell already enabled, skipping 02:42:20:Windows feature WindowsStorageManagementService already enabled, skipping 02:42:22:Windows feature UpdateServices-API already enabled, skipping 02:42:24:Windows feature FabricShieldedTools already enabled, skipping 02:42:26:Windows feature RSAT-Storage-Replica already enabled, skipping 02:42:26:We are going to impersonate as company\CitrixRunAs. 02:42:26:Out of Impersonation 02:42:26:We are going to impersonate as company\CitrixRunAs. 02:42:26:Out of Impersonation 02:42:26:We are going to impersonate as company\CitrixRunAs. 02:43:33:Out of Impersonation 02:43:33:GetSqlLoginName: TThe login name for the vmm server service is [company\CitrixRunAs] 02:43:33:We are going to impersonate as company\CitrixRunAs. 02:43:33:Out of Impersonation 02:43:33:GetSqlLoginName: TThe login name for the vmm server service is [company\CitrixRunAs] 02:43:33:We are going to impersonate as company\CitrixRunAs. 02:43:34:Out of Impersonation 02:43:34:VMMPostinstallProcessor threw an exception: Threw Exception.Type: Microsoft.VirtualManager.Setup.Exceptions.DatabaseConfigurationException, Exception.Message: Setup could not configure the database VirtualManagerDB. Ensure service MSSQL$ is started by running "services.msc", find the service, and then verify that the service is started. 02:43:34:StackTrace: at Microsoft.VirtualManager.Setup.DBConfigurator.GrantSetupUserDBAccess(Boolean install) at Microsoft.VirtualManager.Setup.VirtualMachineManagerHelpers.GrantSetupUserDBAccess(Boolean install) at Microsoft.VirtualManager.Setup.InstallItemCustomDelegates.PangaeaServerPostinstallProcessor() 02:43:34:InnerException.Type: Microsoft.VirtualManager.DB.CarmineSqlException, InnerException.Message: Unable to connect to the VMM database because of a general database failure. Ensure that the SQL Server is running and configured correctly, then try the operation again. 02:43:34:InnerException.StackTrace: at Microsoft.VirtualManager.DB.SqlRetryCommand.ExecuteNonQuery() at Microsoft.VirtualManager.Setup.SetupDatabaseHelper.CreateSqlLogin(String loginName, SqlContext ctx) at Microsoft.VirtualManager.Setup.SetupDatabaseHelper.CreateSqlLogin(String connStr, String loginName) at Microsoft.VirtualManager.Setup.DBConfigurator.CreateCarmineLoginAndDBUser(String loginName, String userName) at Microsoft.VirtualManager.Setup.DBConfigurator.GrantSetupUserDBAccess(Boolean install) 02:43:34:InnerException.Type: System.Data.SqlClient.SqlException, InnerException.Message: User does not have permission to perform this action. 02:43:34:InnerException.StackTrace: at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction) at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose) at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady) at System.Data.SqlClient.SqlCommand.RunExecuteNonQueryTds(String methodName, Boolean async, Int32 timeout, Boolean asyncWrite) at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(TaskCompletionSource`1 completion, String methodName, Boolean sendToPipe, Int32 timeout, Boolean& usedCache, Boolean asyncWrite, Boolean inRetry) at System.Data.SqlClient.SqlCommand.ExecuteNonQuery() at Microsoft.VirtualManager.DB.SqlRetryCommand.ExecuteNonQuery() 02:43:34:ProcessInstalls: Running the PostProcessDelegate returned false. 02:43:34:ProcessInstalls: Running the PostProcessDelegate for PangaeaServer failed.... This is a fatal item. Setting rollback. 02:43:34:ProcessInstalls: Rollback is set and we are not doing an uninstall so we will stop processing installs 02:43:34:**************************************************************** 02:43:34:****Starting*RollBack******************************************* 02:43:34:**************************************************************** Then it begins the rollback process. Some other relevant looking lines here in the rollback: 02:44:04:vitalfailure = Installing, Uninstalling, MicrosoftInstaller, PostInstallItem 02:44:04:FailureReason = Microsoft.VirtualManager.Setup.Exceptions.DatabaseConfigurationException: Setup could not configure the database VirtualManagerDB. Ensure service MSSQL$ is started by running "services.msc", find the service, and then verify that the service is started. ---> Microsoft.VirtualManager.DB.CarmineSqlException: Unable to connect to the VMM database because of a general database failure. Ensure that the SQL Server is running and configured correctly, then try the operation again. ---> System.Data.SqlClient.SqlException: User does not have permission to perform this action. at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction) at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose) at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady) at System.Data.SqlClient.SqlCommand.RunExecuteNonQueryTds(String methodName, Boolean async, Int32 timeout, Boolean asyncWrite) at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(TaskCompletionSource`1 completion, String methodName, Boolean sendToPipe, Int32 timeout, Boolean& usedCache, Boolean asyncWrite, Boolean inRetry) at System.Data.SqlClient.SqlCommand.ExecuteNonQuery() at Microsoft.VirtualManager.DB.SqlRetryCommand.ExecuteNonQuery() --- End of inner exception stack trace --- at Microsoft.VirtualManager.DB.SqlRetryCommand.ExecuteNonQuery() at Microsoft.VirtualManager.Setup.SetupDatabaseHelper.CreateSqlLogin(String loginName, SqlContext ctx) at Microsoft.VirtualManager.Setup.SetupDatabaseHelper.CreateSqlLogin(String connStr, String loginName) at Microsoft.VirtualManager.Setup.DBConfigurator.CreateCarmineLoginAndDBUser(String loginName, String userName) at Microsoft.VirtualManager.Setup.DBConfigurator.GrantSetupUserDBAccess(Boolean install) --- End of inner exception stack trace --- at Microsoft.VirtualManager.Setup.DBConfigurator.GrantSetupUserDBAccess(Boolean install) at Microsoft.VirtualManager.Setup.VirtualMachineManagerHelpers.GrantSetupUserDBAccess(Boolean install) at Microsoft.VirtualManager.Setup.InstallItemCustomDelegates.PangaeaServerPostinstallProcessor() *** Carmine error was: DatabaseConfigurationFailed (334) *** VirtualManagerDB ** MSSQL$ ** [s#2751] ExecuteNonQuery(this: (SqlRetryCommand#[2706]) { cmd = (SqlCommand#e56c6b) System.Data.SqlClient.SqlCommand, errorTitle = (string) "errorTitle", sqlContext = (SqlContext#[d]) { [rw] CreateSqlLoginconstructionIdentity = (WindowsIdentity#974e1f) System.Security.Principal.WindowsIdentity commandList: { n=1 { NQ:"DECLARE @user_Account AS NVARCHAR(MAX) SELECT @user_Account = SUSER_SNAME(0x0105000000000005150000003F53277FF531D637A224EC6E62760000) EXEC('create login [' + @user_Account + '] from windows')", @5/3/2024 2:43:34 PM } } , conn = (SqlConnection#151bf1b) { State: Open Database: master DataSource: sql1.ads.ssc.wisc.edu\MSSQLSERVER$,1433 PacketSize: 8000 ServerVersion: 13.00.6435 StatisticsEnabled: False WorkstationId: VMM-2024 } }, behavior = Default, failFast = (bool) False }) in C:\__w\1\s\src\product\common\Utils\Db\SqlRetryCommand.cs:line 331 [s#1b] InstallActionProcessor.DoPostInstallTask() in C:\__w\1\s\src\product\setup\bootstrapper\managed\SetupWiz\HelperClasses\InstallActionProcessor.cs:line 380 [s#1] AccountHelper.IsGMSAUser(userName: (string) "CitrixRunAs", domainLdapDN: (string) "DC=primo") in C:\__w\1\s\src\product\common\Utils\AccountHelper.cs:line 1739 Full call stack from when the exception was thrown: at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose) Why are the logs mentioning a MSSQL$ entry? That looks like a SQL instance but I very specifically told it to use the default MSSQLSERVER instance. That bit "Ensure service MSSQL$ is started by running "services.msc", find the service, and then verify that the service is started. ---> Microsoft.VirtualManager.DB.CarmineSqlException: Unable to connect to the VMM database because of a general database failure." is what shows up in the GUI install attempts. When I go to the SQL server and I look at the contents of VirtualManagerDB database - I can see that new tables were created by the installer. So the installer was able to reach into the correct instance, and the correct database and modify it. But apparently it was not able to modify it enough to be satisfied. On the SQL server, when I look in services.msc I can see that "SQL Server (MSSQLSERVER)" is a service that is running. Obviously. It's what's running my dozen other databases on this server. But there is no "MSSQL" service and I don't understand why VMM thinks there should be because I explicitly told it to to use MSSQLSERVER! What could the problem possibly be? I do not think I missed any setup steps.2.9KViews0likes1CommentRe: User sessions being logged off while idle/disconnected
I used my test account to log in, then disconnect immediately several times. Each time it was exactly three hours between the logon, and then the unwanted logout. [17:35:26.497][tid:00001758.000086d4][INFO] LoadProfile successful. Version: 2.9.8612.60056 User: zachguest. SID: S-1-5-21-2133283647-936784373-1860969634-33476. SessionId: 44 [17:35:26.497][tid:00001758.000086d4][INFO] loadProfile time: 1843 milliseconds [17:35:26.497][tid:00001758.000086d4][INFO] ===== End Session: LoadProfile: zachguest [17:35:26.497][tid:00001758.000086d4][INFO] ===== End Session: Logon [17:35:35.233][tid:00001758.000086d4][INFO] ===== Begin Session: StartShell [17:35:35.233][tid:00001758.000086d4][INFO] User: S-1-5-21-2133283647-936784373-1860969634-33476 (zachguest) [17:35:35.233][tid:00001758.000086d4][INFO] Configuration setting not found: SOFTWARE\FSLogix\Profiles\LogonSyncMutexTimeout. Using default: 60000 [17:35:35.233][tid:00001758.000086d4][INFO] Acquired start shell lock for user zachguest (SID=S-1-5-21-2133283647-936784373-1860969634-33476) (Elapsed time: 0) [17:35:35.233][tid:00001758.000086d4][INFO] Session configuration read (DWORD): SOFTWARE\FSLogix\Profiles\Sessions\S-1-5-21-2133283647-936784373-1860969634-33476\LogonStage = '1'(StartShell) [17:35:35.248][tid:00001758.000086d4][INFO] Include group SID: S-1-5-21-2758785321-445443462-1569816914-1013 [17:35:35.248][tid:00001758.000086d4][INFO] Exclude group SID: S-1-5-21-2758785321-445443462-1569816914-1014 [17:35:35.248][tid:00001758.000086d4][INFO] User is a member of the include group [17:35:35.248][tid:00001758.000086d4][INFO] Configuration setting not found: SOFTWARE\FSLogix\Profiles\IgnoreNonWVD. Using default: 0 [17:35:35.248][tid:00001758.000086d4][INFO] Configuration Read (DWORD): SOFTWARE\FSLogix\Profiles\Enabled. Data: 1 [17:35:35.248][tid:00001758.000086d4][INFO] Session configuration read (DWORD): SOFTWARE\FSLogix\Profiles\Sessions\S-1-5-21-2133283647-936784373-1860969634-33476\RefCount = '1' [17:35:35.248][tid:00001758.000086d4][INFO] Checking Profile Data Export for S-1-5-21-2133283647-936784373-1860969634-33476 [17:35:35.248][tid:00001758.000086d4][INFO] Configuration setting not found: SOFTWARE\FSLogix\Profiles\SetTempToLocalPath. Using default: 3 [17:35:35.248][tid:00001758.000086d4][INFO] Initiating set up of TMP and TEMP environment variables to local disk [17:35:35.248][tid:00001758.000086d4][INFO] Creating temp directory: C:\Users\local_zachguest\Temp [17:35:35.248][tid:00001758.000086d4][INFO] Directory already exists [17:35:35.248][tid:00001758.000086d4][INFO] Setting TMP and TEMP registry entries to: C:\Users\local_zachguest\Temp [17:35:35.248][tid:00001758.000086d4][INFO] Setting INetCache folder [17:35:35.263][tid:00001758.000086d4][INFO] INetCache folder successfully changed [17:35:35.718][tid:00001758.000086d4][INFO] Profile data exported successfully [17:35:35.718][tid:00001758.000086d4][INFO] Configuration setting not found: SOFTWARE\FSLogix\Profiles\OutlookCachedMode. Using default: 0 [17:35:35.718][tid:00001758.000086d4][INFO] Configuration setting not found: SOFTWARE\FSLogix\Apps\RoamSearch. Using default: 0 [17:35:35.718][tid:00001758.000086d4][INFO] Configuration setting not found: SOFTWARE\Policies\FSLogix\ODFC\RoamSearch. Using default: 0 [17:35:35.718][tid:00001758.000086d4][INFO] Configuration setting not found: SOFTWARE\FSLogix\Profiles\RoamSearch. Using default: 0 [17:35:35.718][tid:00001758.000086d4][INFO] Windows Per user Search is available. Search roaming is handled by the Operating System. [17:35:35.718][tid:00001758.000086d4][INFO] Search is disabled [17:35:35.718][tid:00001758.000086d4][INFO] Configuration setting not found: SOFTWARE\FSLogix\Profiles\EnableSpecialRoamingProfile. Using default: 0 [17:35:35.718][tid:00001758.000086d4][INFO] Session configuration wrote (DWORD): SOFTWARE\FSLogix\Profiles\Sessions\S-1-5-21-2133283647-936784373-1860969634-33476\EnableSpecialRoamingProfile = '0' [17:35:35.718][tid:00001758.000086d4][INFO] Configuration setting not found: SOFTWARE\FSLogix\Apps\RoamRecycleBin. Using default: 1 [17:35:35.718][tid:00001758.000086d4][INFO] Added redirection C:\$RECYCLE.BIN\S-1-5-21-2133283647-936784373-1860969634-33476 -> \\?\Volume{35274f12-a82b-459d-96f0-daeaf19dd5a4}\PROFILE_RECYCLE.BIN [17:35:35.718][tid:00001758.000086d4][INFO] Session configuration wrote (DWORD): SOFTWARE\FSLogix\Profiles\Sessions\S-1-5-21-2133283647-936784373-1860969634-33476\CleanupRecycleBin = '1' [17:35:35.718][tid:00001758.000086d4][INFO] Configuration setting not found: SOFTWARE\FSLogix\Profiles\InstallAppxPackages. Using default: 1 [17:35:35.718][tid:00001758.000086d4][INFO] Session configuration wrote (DWORD): SOFTWARE\FSLogix\Profiles\Sessions\S-1-5-21-2133283647-936784373-1860969634-33476\InstallAppxPackages = '1' [17:35:35.718][tid:00001758.000086d4][INFO] AppxPackage installation not supported [17:35:35.718][tid:00001758.000086d4][INFO] Configuration setting not found: SOFTWARE\FSLogix\Profiles\FSLogixShellPath. Using default: [17:35:35.718][tid:00001758.000086d4][INFO] Configuration Read (DWORD): SOFTWARE\FSLogix\Profiles\PreventLoginWithFailure. Data: 1 [17:35:35.718][tid:00001758.000086d4][INFO] Session configuration read (DWORD): SOFTWARE\FSLogix\Profiles\Sessions\S-1-5-21-2133283647-936784373-1860969634-33476\LogonStage = '5'(Logon_Complete) [17:35:35.718][tid:00001758.000086d4][INFO] ===== End Session: StartShell then, the logout: [20:36:48.546][tid:00001758.0000804c][INFO] ===== Begin Session: EndShell [20:36:48.546][tid:00001758.0000804c][INFO] User: S-1-5-21-2133283647-936784373-1860969634-33476 (zachguest) [20:36:48.546][tid:00001758.0000804c][INFO] Configuration setting not found: SOFTWARE\FSLogix\Profiles\LogonSyncMutexTimeout. Using default: 60000 [20:36:48.546][tid:00001758.0000804c][INFO] Acquired end shell lock for user zachguest (SID=S-1-5-21-2133283647-936784373-1860969634-33476) (Elapsed time: 0) [20:36:48.546][tid:00001758.0000804c][INFO] Session configuration read (REG_SZ): SOFTWARE\Policies\FSLogix\ODFC\Sessions\S-1-5-21-2133283647-936784373-1860969634-33476\ActivityId = '42e4acac-9010-4093-b209-b3b7339319e8' [20:36:48.546][tid:00001758.0000804c][INFO] Session configuration read (DWORD): SOFTWARE\FSLogix\Profiles\Sessions\S-1-5-21-2133283647-936784373-1860969634-33476\LogonStage = '3'(EndShell) [20:36:48.546][tid:00001758.0000804c][INFO] Session configuration read (DWORD): SOFTWARE\FSLogix\Profiles\Sessions\S-1-5-21-2133283647-936784373-1860969634-33476\InstallAppxPackages = '1' [20:36:48.585][tid:00001758.0000804c][INFO] Session configuration read (DWORD): SOFTWARE\FSLogix\Profiles\Sessions\S-1-5-21-2133283647-936784373-1860969634-33476\EnableSpecialRoamingProfile = '0' [20:36:48.585][tid:00001758.0000804c][INFO] Session configuration read (DWORD): SOFTWARE\FSLogix\Profiles\Sessions\S-1-5-21-2133283647-936784373-1860969634-33476\CleanupRecycleBin = '1' [20:36:48.812][tid:00001758.0000804c][INFO] Removed redirection from C:\$RECYCLE.BIN\S-1-5-21-2133283647-936784373-1860969634-33476 [20:36:48.821][tid:00001758.0000804c][INFO] ===== End Session: EndShell [20:36:53.440][tid:00001758.0000804c][INFO] ===== Begin Session: Logoff [20:36:53.440][tid:00001758.0000804c][INFO] User: S-1-5-21-2133283647-936784373-1860969634-33476 (zachguest) [20:36:53.440][tid:00001758.0000804c][INFO] Configuration setting not found: SOFTWARE\FSLogix\Profiles\LogonSyncMutexTimeout. Using default: 60000 [20:36:53.440][tid:00001758.0000804c][INFO] Acquired logoff lock for user zachguest (SID=S-1-5-21-2133283647-936784373-1860969634-33476) (Elapsed time: 0) [20:36:53.440][tid:00001758.0000804c][INFO] Session configuration read (REG_SZ): SOFTWARE\FSLogix\Profiles\Sessions\S-1-5-21-2133283647-936784373-1860969634-33476\ActivityId = '42e4acac-9010-4093-b209-b3b7339319e8' [20:36:53.440][tid:00001758.0000804c][INFO] Session configuration read (DWORD): SOFTWARE\FSLogix\Profiles\Sessions\S-1-5-21-2133283647-936784373-1860969634-33476\LogonStage = '4'(Logoff) This is totally bizarre. Surely there has to be some sort of log that would tell me what is instigating this logoff? I have already turned on Advanced Audit policies of course, but on the particular machine in question, all it tells me is: User initiated logoff: Subject: Security ID: domain\zachguest Account Name: zachguest Account Domain: domain Logon ID: 0xB46747F9 This event is generated when a logoff is initiated. No further user-initiated activity can occur. This event can be interpreted as a logoff event. Something in zachguest's session is commanding a logout but I can't figure out what!1KViews0likes0CommentsUser sessions being logged off while idle/disconnected
First time using FSLogix, we're on version 2.9.8612.60056 and just went out of dev to prod two weeks ago. We use it exclusively with Citrix. Everything seemed to be working fine in dev, but now out of 700 users, two of them have reported that when they are in our 'long jobs' farm, and they leave some heavy computational jobs running through the night (the whole purpose of this particular farm), they either just hit the 'disconnect' (never logout) button, or they just sleep their workstation and let the session window disconnect based on our group policy to disconnect idle sessions. But we don't have any policy in place on this farm to log anybody out. Yet it's happening for these users and I'm concerned that this is a pattern. I have logging enabled on FSLogix and according to programdata\FSLogix\logs\Profile\profile-timestamp.log looks like it's between 490-510 minutes between the last activity of that profile, and then the tasks "===== Begin Session: EndShell" followed by "===== Begin Session: Logoff" The user is never shown any error messages and their profiles aren't stuck in any sort of inconsistent state (at least not yet). They're always able to log back in the next morning, they're just irritated because they expected their running jobs to have been doing work all night, not logging them out and killing their progress. While only 2 users have sent in tickets so far, I'm concerned that there might be more people affected who just haven't messaged the help desk yet. We ran regular roaming profiles for years and while it was incredibly slow in comparison and we don't want to go back to it, we never had this problem before switching to fslogix.1.4KViews0likes1CommentRe: What are the FQDNs used for Office 365 logon and authentication?
This is not practical. We run a secure computer lab. We don't need or want the vast majority of these IPs. I know you don't work for Microsoft directly, and are an MCT in Hong Kong. Perhaps you can sympathize with my question. All we want are URLs - not even IP addresses, since I know that Microsoft operates random huge IP pools that can change at any time - just URLs, FQDNs, that we can allow that will handle authentication for Office 365. That's it. I'm afraid I'm not quite understanding your post. Why is it so difficult for Microsoft to have a single FQDN URL to handle Office 365 authentication? At least, for the USA where I am located. Like I said, I know the issue is that I'm not being lax enough on my firewall rules. We run a secure ship here, and I'm not interested in opening thousands of IPs and URLs. I just want authentication to Office 365.12KViews0likes2CommentsRe: What are the FQDNs used for Office 365 logon and authentication?
Kidd_Ip I mentioned that in my original post, quote "I found this list https://learn.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide of all URLs and IPs that Microsoft tries to use for Office 365, and I tried adding" That link, in the word here, goes to that post you mentioned. Did you read my original post, or click the link? That is a huge list though. I only want URLs that pertain to authentication for Office 365. Not random stuff to make skype, onedrive sync, etc work.13KViews0likes5CommentsWhat are the FQDNs used for Office 365 logon and authentication?
Hello, We run a computer lab with Office 365 installed, with a network firewall that restricts all outbound internet traffic. We had made allowances for Office 365 logons so that users could use the Office 365 desktop applications, by allowing the following entries: *.office.com *.office365.com *.microsoftonline.com *.office.net And that was working until earlier this month. Suddenly a couple weeks ago, users were no longer able to sign into Office 365. I found this list https://learn.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide of all URLs and IPs that Microsoft tries to use for Office 365, and I tried adding *.auth.microsoft.com *.msftidentity.com *.msidentity.com to our firewall, but still no ability to log in. As a test, I disabled the outbound network block on one of the lab machines, and confirmed that I was indeed able to log in. So I know the issue is with this firewall rule. But I cannot add every single URL on that huge list above, that's not feasible. So please, I would like to know just what URLs are required for the Office 365 sign-on to work. I don't need or care about the other services on that list.15KViews0likes7Comments
Recent Blog Articles
No content to show