|
server
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Single Sign Onhave found so far: 1. If anyone else logs into her PC, the single sign on works fine. 2. If she go to someone else's PC, the single sign on works fine. 3. When she logs in on her PC, the batch file that we have running at logon comes up as an Open File - Security Warning. It doesn't process automatically. 4. I checked her trusted sites and found that she was not inheriting them via group policy 5. I ran an RSOP on her PC and the results showed a yellow triangle with an exclamation point in it next to the User Configuration I have tried everything short of blowing out her user account in AD and recreating it. What is boggling me is that her credentials won't pass through and group policy isn't applying to her, but if someone else logs in on her PC, group policy is applying to them and SSO is working just fine. Can anyone point me in the right direction? Thanks in advance, --Scott I also found the following in the RSOP Error Information Tab:
Note: This component only reports overall status information. It does not report information about its individual policy settings; consequently, those settings will not appear in this tool. Please contact the vendor of this component to check if an updated version is available. Internet Explorer Zonemapping failed due to the error listed below. The data is invalid. Hi
Solution: fire her... :) eheheh - Now seriously, do you see errors in the eventlog when she logs on? - Do you see any error in event log regarding to computer? - Backup her profile and create a new one, does the issue continues? Additionally check how to enable more detailled information http://support.microsoft.com/kb/221833 http://technet.microsoft.com/en-us/library/cc786775.aspx -- Show quoteHide quoteI hope that the information above helps you. Have a Nice day. Jorge Silva MVP Directory Services "MarineGeek" <slr***@gmail.com> wrote in message news:92a84df9-e180-48f4-91b1-bef18bbf36ac@i2g2000prd.googlegroups.com... >I have a user who is having single sign on issues. Here is what I > have found so far: > > 1. If anyone else logs into her PC, the single sign on works fine. > 2. If she go to someone else's PC, the single sign on works fine. > 3. When she logs in on her PC, the batch file that we have running at > logon comes up as an Open File - Security Warning. It doesn't process > automatically. > 4. I checked her trusted sites and found that she was not inheriting > them via group policy > 5. I ran an RSOP on her PC and the results showed a yellow triangle > with an exclamation point in it next to the User Configuration > > I have tried everything short of blowing out her user account in AD > and recreating it. What is boggling me is that her credentials won't > pass through and group policy isn't applying to her, but if someone > else logs in on her PC, group policy is applying to them and SSO is > working just fine. Can anyone point me in the right direction? > > Thanks in advance, > > --Scott I have removed machine from domain, deleted/recreated computer account
in AD, rejoined to domain, I have recreated her local account, I verified again that she can log on to any other machine but her own and SSO works just find and also had multiple people, including myself, login to her machine and SSO worked fine for us. It is just her profile, with her machine. It is really weird. I did look in the event viewer and found the following: Event Type: Error Event Source: Userenv Event Category: None Event ID: 1085 Date: 3/19/2009 Time: 5:08:32 PM User: NT AUTHORITY\SYSTEM Computer: PTTY301 Description: The Group Policy client-side extension Internet Explorer Zonemapping failed to execute. Please look for any errors reported earlier by that extension. Event Type: Error Event Source: DCOM Event Category: None Event ID: 10010 Date: 3/16/2009 Time: 4:08:32 PM User: NT AUTHORITY\SYSTEM Computer: PTTY301 Description: The server {BC2F1934-D833-11D3-A76C-0050049EC1CD} did not register with DCOM within the required timeout. Event Type: Error Event Source: Userenv Event Category: None Event ID: 1030 Date: 10/23/2007 Time: 5:10:25 AM User: WSECU\AliciaW Computer: PTTY301 Description: Windows cannot query for the list of Group Policy objects. A message that describes the reason for this was previously logged by the policy engine. Check IIS logs, add the site to the trusted sites, check FW configuration
for her profile. If that doesn't solve, and try to create a new profile and check if the behavior is equal. -- Show quoteHide quoteI hope that the information above helps you. Have a Nice day. Jorge Silva MVP Directory Services "MarineGeek" <slr***@gmail.com> wrote in message news:2c534c89-58f3-4980-8e4f-fc4badf67b33@e1g2000pra.googlegroups.com... >I have removed machine from domain, deleted/recreated computer account > in AD, rejoined to domain, I have recreated her local account, I > verified again that she can log on to any other machine but her own > and SSO works just find and also had multiple people, including > myself, login to her machine and SSO worked fine for us. It is just > her profile, with her machine. It is really weird. I did look in the > event viewer and found the following: > > Event Type: Error > Event Source: Userenv > Event Category: None > Event ID: 1085 > Date: 3/19/2009 > Time: 5:08:32 PM > User: NT AUTHORITY\SYSTEM > Computer: PTTY301 > Description: > The Group Policy client-side extension Internet Explorer Zonemapping > failed to execute. Please look for any errors reported earlier by that > extension. > > > Event Type: Error > Event Source: DCOM > Event Category: None > Event ID: 10010 > Date: 3/16/2009 > Time: 4:08:32 PM > User: NT AUTHORITY\SYSTEM > Computer: PTTY301 > Description: > The server {BC2F1934-D833-11D3-A76C-0050049EC1CD} did not register > with DCOM within the required timeout. > > > Event Type: Error > Event Source: Userenv > Event Category: None > Event ID: 1030 > Date: 10/23/2007 > Time: 5:10:25 AM > User: WSECU\AliciaW > Computer: PTTY301 > Description: > Windows cannot query for the list of Group Policy objects. A message > that describes the reason for this was previously logged by the policy > engine. > Hello MarineGeek,
This KB might be of help to you, http://support.microsoft.com/kb/887303/#top Isaac Show quoteHide quote "MarineGeek" <slr***@gmail.com> wrote in message news:2c534c89-58f3-4980-8e4f-fc4badf67b33@e1g2000pra.googlegroups.com... >I have removed machine from domain, deleted/recreated computer account > in AD, rejoined to domain, I have recreated her local account, I > verified again that she can log on to any other machine but her own > and SSO works just find and also had multiple people, including > myself, login to her machine and SSO worked fine for us. It is just > her profile, with her machine. It is really weird. I did look in the > event viewer and found the following: > > Event Type: Error > Event Source: Userenv > Event Category: None > Event ID: 1085 > Date: 3/19/2009 > Time: 5:08:32 PM > User: NT AUTHORITY\SYSTEM > Computer: PTTY301 > Description: > The Group Policy client-side extension Internet Explorer Zonemapping > failed to execute. Please look for any errors reported earlier by that > extension. > > > Event Type: Error > Event Source: DCOM > Event Category: None > Event ID: 10010 > Date: 3/16/2009 > Time: 4:08:32 PM > User: NT AUTHORITY\SYSTEM > Computer: PTTY301 > Description: > The server {BC2F1934-D833-11D3-A76C-0050049EC1CD} did not register > with DCOM within the required timeout. > > > Event Type: Error > Event Source: Userenv > Event Category: None > Event ID: 1030 > Date: 10/23/2007 > Time: 5:10:25 AM > User: WSECU\AliciaW > Computer: PTTY301 > Description: > Windows cannot query for the list of Group Policy objects. A message > that describes the reason for this was previously logged by the policy > engine. > 
Other interesting topics
|
|||||||||||||||||||||||
