Month: April 2015

OAuth certificate missing

“The same OAuthTokenIssuer certificate needs to be used by all of the Lync Server 2013 servers. In order to assure this, when you assign this certificate, it is replicated via the CMS and is assigned to all of the Lync Server 2013 servers that require OAuth. ” dodeitte

Troubleshooting UC

Issue
Whilst deploying Lync Enterprise Edition with 3 Front End Servers I cam across an interesting issue. FE 1 was fine but when I fired up FE 2 and got to the certificate wizard the OAuth Certificate was missing.

One thing you will notice if there is no OAuth certificate is that the Lync Front End Service wont start. OK so where is the cert???

Found a good blog explaining the purpose of OAuth here (thanks Doug)
So fist thing was to see if the Front End Servers were replicating, and indeed they were BUT no OAuth. 

Checking the Cert Manager through MMC shows that the cert isn’t in the personal store. Adding it there manually didn’t help me much either…

Seems that it needs to be put there by the replication process.

I decided to move along (against my best judgement and the clock) and add the default cert to FE 2 and…

View original post 134 more words

Advertisements

Test If AD User Name and Password Combination are Correct

—UPDATE#1—
Check my enhanced PowerShell script that do the same task as here, and more…: https://ibrahimsolimanblog.wordpress.com/2015/09/10/powershell-test-domain-user-account-credentials-test-usercredentials-ps1/

—Original Post—
This neat VBS script will test the active directory authentication for a given user name and password. and It will tell you if it succeeded or failed with which error.

I used to use Run-AS to test the authentication, but sometimes the user will not have the permissions to access the machine I’m testing on, and I will receive a non clear error.

Now, to the script:

Set objNetwork = CreateObject("WScript.Network")
strDomain = objNetwork.UserDomain
Const ADS_SECURE_AUTHENTICATION = 1
strUsername=InputBox("Enter Username:")
strPassword=InputBox("Enter Password:")
Set objDS = GetObject("LDAP:")
On Error Resume Next
Set objDomain = objDS.OpenDSObject("LDAP://" & strDomain, strUsername, strPassword, ADS_SECURE_AUTHENTICATION)
If Err.Number Then
    WScript.Echo _
    "For user:" & vbCrLf & _
    "   " & strDomain & "\" & strUsername & vbCrLf & _ 
    "Error Number:" & vbCrLf & _
    "   " & Err.Number & vbCrLf & _
    "Error Description:" & vbCrLf & _
    "   " & Err.Description
Else
    WScript.Echo _
    "Valid password entered for user" & vbCrLf & _
    "   " & strDomain & "\" & strUsername
End If
On Error Goto 0

Run it, Provide the user name (Without providing the domain name), then provide the password, and get the result.

Source: http://stackoverflow.com/questions/3856479/testing-username-password-against-active-directory-domain-in-vbscript

[Powershell] Know your Variable Type

You can define variables in your Powershell script by various means, it’s a good idea to check if the parameter type is defined as expected,

in one of the scripts I came across, one command was failing with this error:

Cannot process argument transformation on parameter <Variable Name>. Cannot convert value to type System.String.

Displaying the parameter alone, I found it looks as an array, also I did query the variable type, and of course it was not System.String which is required by the command to complete:

 $MyVariable.GetType().FullName

the result can be one of the following, weather it’s correct or no, it depends on how you plan to use this variable in your script:

Alias Type
[int] 32-bit signed integer
[long] 64-bit signed integer
[string] Fixed length string of Unicode characters
[char] A Unicode 16-bit character
[bool] True/False value
[byte] An 8-bit unsigned integer
[double] Double-precision 64-bit floating point number
[decimal] A 128-bit decimal value
[single] Single precision 32-bit floating point number
[array] An array of values
[xml] XML objects
[hashtable] A hashtable object (similar to a dictionaryobject)

For my case, We redefined the variable so it only hold the correct single value, and hence $MyVariable.GetType().FullName returned: System.String