Skype Sign In Fail ONENABLE_FAIL_AUTH_FAIL CertProvisioningService.svc RRS feed

  • Question

  • Hi, I have a single user failing to log into Skype. 

    I have performed the following:

    1. Deleted/re-added to Skype
    2. Deleted Sign In Info
    3. Removed Profile
    4. Deleted Client certificate through skype control panel for user
    5. Used a completely different computer

    All the same error.

    Then, I tried to move the user to another pool and got this error. No other users get this error.

    Distributed Component Object Model (DCOM) operation begin move away failed.
    Distributed Component Object Model (DCOM) operation RollbackMoveAway failed "-1007781356".
     Distributed Component Object Model (DCOM) operation begin move away failed.

    Here is the tracing data from the client side with domain and name changed. Any help is greatly appreciated.

    Doing logon attempt with data:



       server=sip.domain.com, external


       logonCredPassword.CredType is Specific





       redirectedServersList=sipinternal.domain.com, internal;sipinternal.domain.com, external;sip.domain.com:443, external;



        <Info><![CDATA[Logon success state 2 reported by user id=OCS (adjusted=OCS) on CManagedCredential[SPECIFIC this=10B9B7A0, domain=domain, userName=]]]></Info>

        <Info><![CDATA[CLogonCredentialManager::QueryForSpecificCreds() Credential user 0x0DFD7398 id=0 querying for specific credentials, credSuccess=2, targetName=Microsoft_OC1:uri=firstname.lastname@domain.com:specific:OCS:1, upn=]]></Info>


       VerifyOnEnableEvent result return ONENABLE_FAIL_AUTH_FAIL


       diag code=0xfa4



    Wednesday, May 22, 2019 3:42 PM


All replies

  • Hi BrodyKilpatrick,

    Do you mean there’s only a single user having problems to login SFB client?

    According to your description, this issue may not the SFB client and PC issue, and as just only one user has this issue, it may not be related to the SFB Server. It is more related to the user accont.

    For this issue, I suggest you could try to check the AD attribute for this user at first, compare the attribute with others and check whether something is special.

    In addition, as you have disabled the user and reenable again, and this issue occurs again. I suggest you could try to delete the user and recreate again as following steps:
    1. Export-CsUserData -PoolFqdn "atl-cs-001.litwareinc.com" -FileName "C:\Logs\ExportedUserData.zip" -userfilter "Name@domain.com" 
    2. Delete the user and re-create the user
    3. Login with the user to check whether this issue happened again
    4. Update-Csuserdata -Filename "C:\Logs\ExportedUserData.zip" -UserFilter Name@domian.com

    Best Regards,
    Evan Jiang

    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    • Proposed as answer by woshixiaobai Friday, May 24, 2019 2:48 AM
    Thursday, May 23, 2019 2:51 AM
  • Thanks for your response. I tried this without success. Yes, it is only happening to one user. I event compared all attributes and didn't notice anything weird.

    Any other Suggestions?

    Friday, May 24, 2019 2:15 PM
  • I fixed it. I went through all 11 of our RTC databases on the local front end servers and deleted the entry for the user by following the blog post below. After re-adding, it works fine.


    Friday, May 24, 2019 3:03 PM