We're pilotting EEPC 6.0.1 and we're about to go live. Last week I added a 'group user' to a group in ePO.
From that moment on, I have not been able to logon to that machine.
- the users that were available before adding the group user are still shown in ePO, however I'm unable to logon as those users to the machine itself
- even the group user is unable to logon to that machine
- the group user is able to logon to other machines and on those machines the users can still logon with their own account
- I've already performed a sync with the database (after doing a machine recovery)
- the computer still syncs and I can see that in the logging and in ePO
I've enabled logging, but the logfile doesn't show anything weird (don't know what to look for either).
What could have gone wrong?
How can I check - on the local machine - what users have been added / removed? In EEPC5 that was shown in the log.
Some things to look for:
Are there duplicate objects in the tree for that device? ie is the laptop in there twice?
Are they talking to an Agent Handler or to ePO?
In the log files that are generated after enabling logging in the registry, you can do a search for the user IDs to see if their IDs have been downloaded. I think you can see it each time it syncs.
Also check to make sure add local users is NOT checked in the policy being applied.
Is ePO showing any errors when you querry the device for eeAdmin events, things like eventID 30003 Token Initialization event, 30017 General Exception Event?
- There are no duplicate entries for that device in ePO, only one entry;
- We use ePO, the machine talks to ePO (agent 4.5);
- I searched for the user ID, but is nowhere in the log, even though the ePO agent shows correct communication;
- Add local users is not checked in the policy;
I now see that an error message appears in the log file:
- epepcuserhandler.cpp / epepc_user_handler::get_users_times: 438: [0xEE050014] / failed to open file
- epeepodatachennelhandler.cpp / activate_update: 784: [0xEE01000E] [0xEE050014] / failed to open file
- mfepecredentialproviderservice / epeutil_fsm::run:177: Wait for messages was aborted