locked
Lync 2013 sign in suddenly stop working for specific users RRS feed

  • Question

  • Hi,

    Lync sign in for specific user has suddenly stopped working... I tried removing and re-adding user on lync server, I have also removed lync user certificate and cleared cache on local system. however this user is not able to sign in to lync 2013 using any system, I have pasted sign logs of that user below.

    ........................................................................................................................................................................................

    1 Login: FAIL (hr = 0x1)
    Executing wws method with windows auth auth, asyncContext=00625328,
     context: WebRequest context@ :492665640
      MethodType:4
      ExecutionComplete? :1
      Callback@ :125E67FC
      AsyncHResult:80f10041
      TargetUri:https://xx.domain.child.local/WebTicketService.svc
      OperationName:http://tempuri.org/:IWebTicketService
     Error:
    There was an error communicating with the endpoint at 'https://xx.domain.child.local/WebTicket/WebTicketService.svc'.
    The server returned HTTP status code '403 (0x193)' with text 'Forbidden'.
    The server understood the request, but cannot fulfill it.

    .CLogonCredentialManager::QueryForSpecificCreds() Credential user 0x18F63F00 id=15 querying for specific credentials, credSuccess=2, targetName=Microsoft_OC1:uri=abc.xyz@bbb.com:specific:LAD:1, upn=abc@domain.child.local
    1.1 ExecuteWithWindowsOrNoAuthInternal: FAIL (hr = 0x3d0000)
    Executing wws method with windows auth auth, asyncContext=00625328,
     context: WebRequest context@ :492665640
      MethodType:4
      ExecutionComplete? :1
      Callback@ :125E67FC
      AsyncHResult:80f10041
      TargetUri:https://xx.domain.child.local/WebTicket/WebTicketService.svc
      OperationName:http://tempuri.org/:IWebTicketService
     Error:
    There was an error communicating with the endpoint at 'https://xx.domain.child.local/WebTicket/WebTicketService.svc'.
    The server returned HTTP status code '403 (0x193)' with text 'Forbidden'.
    The server understood the request, but cannot fulfill it.

    .
    1.2 ExecuteWithWindowsOrNoAuthInternal: FAIL (hr = 0x3d0000)
    CLogonCredentialManager::QueryForSpecificCreds() Credential user 0x18F63F00 id=15 querying for specific credentials, credSuccess=2, targetName=Microsoft_OC1:uri=abc.xyz@bbb.com:specific:LAD:1, upn=abc@domain.child.local

    ..................................................................................................................................................................................

    Kindly help.

    Regards,

    Dhananjay


    Tuesday, March 1, 2016 10:26 AM

Answers

  • Thanks for the response and follow up Eric.

    Happy to inform that this issue has been resolved now.
    It turned out to be corrupt AD account. There is an attribute called "msRTCSIP-OriginatorSid" which was pointing to the incorrect SID. I removed  incorrect SID, removed/re-added user to Lync server and all worked flawlessly.

    Thanks again. :)

    Regards,

    Dhananjay

    Monday, March 7, 2016 5:28 AM

All replies

  • Hi Dhananjay.TechNet,

     

    I doubt there’s something wrong in the database.

    Please disable this user and then check if there’s stale information still exists in database.

    Once remove the user from Lync Server, run DBAnalyze tool to see if the user is removed from database completely.

    DBAnalyze.exe /report:user /user:UserName@domain.com /sqlserver:<FQDN of the SQL Server>\rtc

     

    Also run following SQL Query on each Front End Server to see if the user is removed from the local database.

    SELECT [ResourceId]

          ,[UserAtHost]

    FROM [rtc].[dbo].[Resource]

    WHERE UserAtHost='UserName@domain.com'

    GO

     

    Best regards,

    Eric


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Wednesday, March 2, 2016 12:08 PM
  • Hi Dhananjay,

    I’m writing to follow up on this thread. Do you have any updates on this issue? Please post back at your convenience.

     

    Best regards,

    Eric


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Sunday, March 6, 2016 1:05 PM
  • Thanks for the response and follow up Eric.

    Happy to inform that this issue has been resolved now.
    It turned out to be corrupt AD account. There is an attribute called "msRTCSIP-OriginatorSid" which was pointing to the incorrect SID. I removed  incorrect SID, removed/re-added user to Lync server and all worked flawlessly.

    Thanks again. :)

    Regards,

    Dhananjay

    Monday, March 7, 2016 5:28 AM
  • Hi Dhananjay,

    It helped me.

    Did the same and the user was able to login.

    Thanks,

    Perwaiz ahmed

    Friday, February 7, 2020 4:28 PM