The User Profile Service Failed The Sign-In. User Profile Cannot Be Loaded – Server 2012

While working on server 2012, someone messed with profiles folder and so nobody was able to login on server. Whenever we try to login on server we got this error:
0001

The User Profile Service service failed the sign-in. User profile cannot be loaded.

The solution worked for us:

  1. Try to access the server from another server as file shre to C$ and freeup some space to see if its a problem of disk space. If no success then proceed to step 2.
  2. Go to Computer management on another server and connect to problematic server management from Actions menu. Check the event Logs and you must find an entry in Application logs as:

0000
Now, Make the local system account an owner of the v15 sub directory listed in the above error, and then apply to all child sub directories and files and then Enable inheritance on the V15 sub directory, and then delete all non inherited permissions on V15 and it’s child sub directories and files.

If the problem still remains same then continue the troubleshooting steps:

3. Delete all the profiles from REGEDIT ( HKLMSOFTWAREMicrosoftWindows NTCurrent VersionProfileList) EXCEPT for the system related ones.

Thats all. It should normally fix the problem. If not, then post your results in comment and we would like to assist you.

Thanks.

 

Advertisements

List Distribution Group members Exchange 2010/2013

Distribution Groups:

To check all commands related to Distribution groups

Get-Help *distrib*

To Get list of all distribution groups:

Get-DistributionGroup

To get more details for specific Distribution list

Get-DistributionGroup <listname> | FL
Get-DistributionGroup <listname> | select Displayname, Primarysmtpaddress, Managedby

Now combine the Select Cmdlet with the ExpandProperty Cmdlet to see more information associated with the ManagedBy property.

Get-DistributionGroup <listname> | select Displayname, Primarysmtpaddress -ExpandProperty Managedby

Command to list the managers of all distribution groups.

Get-DistributionGroup  | select Displayname, Primarysmtpaddress -ExpandProperty Managedby | Select Displayname, Primarysmtpddress, name

To export to CSV command looks like this:

Get-DistributionGroup  | select Displayname, Primarysmtpaddress -ExpandProperty Managedby | Select Displayname, Primarysmtpddress, name | Export-CSV c:DGlist.csv

Distribution Group Members
Here now we will have commands to list all members of distribution group in exchange server.

The basic command

Get-DistributionGroupMember
Get-DistributionGroup | Get-DistributionGroupMembers

more detailed results can be found as:

foreach ($group in Get-DistributionGroup) { get-distributiongroupmember $group | ft alias, @{label=’Test1′;expression={$group.name}}}

and this command will give you all list of members in each distribution group.

foreach ($group in Get-DistributionGroup) { get-distributiongroupmember $group | ft @{expression={$_.displayname};Label=”$group”}}

To output the data to a file, use the Out-File Cmdlet along with -append.

foreach ($group in Get-DistributionGroup) { get-distributiongroupmember $group | ft @{expression={$_.displayname};Label=”$group”} | Out-File c:tempDistributionListMembers.txt -append}

To sort alphabetically within each group add the sort displayname into the command as below:

foreach ($group in Get-DistributionGroup) { get-distributiongroupmember $group | sort displayname | ft @{expression={$_.displayname};Label=”$group”} | Out-File c:DGMembers.txt -append}

 

Also there is a script from Microsoft which do similar action in csv result. Here is the link to download that script

Set IP address on DAG for exchange 2010/2013

Find the current IP address configuration of the DAG, run the command (DAG01 is my name of DAG)

Get-DatabaseAvailabilityGroup -identity "DAG01" | fl *ip*

DEC-0087

Configure a IP address (say 192.168.10.48) for the DAG, run

Set-DatabaseAvailabilityGroup -identity "DAG01" -DatabaseAvailabilityGroupIpAddress 192.168.10.48

You can configure multiple IP addresses for the DAG. To configure multiple ip addresses, run

Set-DatabaseAvailabilityGroup -identity "DAG01" -DatabaseAvailabilityGroupIpAddress 192.168.10.48, 192.168.20.48

Test-OutlookWebServices failed

When you try to run the Test-OutlookWebServices script on a newly installed Exchange 2010 Server, the following error may occur in the Exchange Management Shell (EMS)

[PS] C:Windowssystem32>Test-OutlookWebServices

DEC-0082

If this is the first time you try to run the test, this typically means you haven’t configured the test account yet.
You should run the new-TestCasConnectivityUser.ps1 script first. Follow these instructions to make it work:

  1. Open a Exchange Management Shell on the Exchange Server
  2. In my case Navigate to D:Program FilesMicrosoft Exchange Server (or any other folder where you installed Exchange
  3. Navigate to the folder Scripts
  4. Run .new-TestCasConnectivityUser.ps1
  5. When asked, type a strong password (Exchange 2010 will change this password automatically at a later time)

Now you get new error

CreateTestUser : Mailbox could not be created. Verify that OU ( Users ) exists and that password meets complexity requirements.
At C:Program FilesMicrosoftExchange ServerV14Scriptsnew-TestCasConnectivityUser.ps1:255 char:27
+   $result = CreateTestUser <<<<  $exchangeServer $mailboxServer $securePassword $OrganizationalUnit $UMDialPlan $UMExtension $Prompt
+ CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,CreateTestUser

DEC-0083

To Resolve this issue, I opened the script in notepad and found the line beginning “new-mailbox” – and deleted the parameter “–OrgainisationalUnit:$OrganistationalUnit”. This means the new user defaults to the default OU – Users!

Run the script again and it should be successful

Just a simple fix to save some time

DEC-0084

Common Exchange Server Powershell commands

To see each database size:

Get-MailboxDatabase -Status | select ServerName, Name, DatabaseSize

Exchange 2010 mailbox size list in particular database:

Get-MailboxDatabase “<insert database name>” | Get-MailboxStatistics | Sort totalitemsize -desc | ft displayname, totalitemsize, itemcount

White Space (AvailableNewMailboxSpace) check with PowerShell:

Get-MailboxDatabase -Status | select Name, DatabaseSize, AvailableNewMailboxSpace

This example permanently deletes the soft-deleted mailbox for Ayla from mailbox database MBD01.

Remove-StoreMailbox -Database MBD01 -Identity Ayla -MailboxState SoftDeleted

This example permanently deletes all soft-deleted mailboxes from mailbox database MBD01.

Get-MailboxStatistics -Database MBD01 | where {$_.DisconnectReason -eq “SoftDeleted”} | foreach {Remove-StoreMailbox -Database $_.database -Identity $_.mailboxguid -MailboxState SoftDeleted}

This example permanently deletes the disabled mailbox with the GUID 2ab32ce3-fae1-4402-9489-c67e3ae173d3 from mailbox database MBD01.

Remove-StoreMailbox -Database MBD01 -Identity “2ab32ce3-fae1-4402-9489-c67e3ae173d3″ -MailboxState Disabled

Managing calendar permissions in Exchange Server 2010/2013

we got 4 -MailboxFolderPermission cmdlets in Exchange Server 2010:

The following command will give everybody read rights to the calender in the “MeetingRoom” calendar.

Add-MailboxFolderPermission MeetingRoom@domain.local:calendar -User Default -AccessRights reviewer

The following command will give the users that are members of the AD group Res-CalendarAdmins read and write access to the calendar. (The AD group must be mail enabled and cannot be hidden from the address book when executing the command).

Add-MailboxFolderPermission MeetingRoom@domain.local:calendar -User Res-CalendarAdmins -AccessRights editor

The following command will remove access rights for the default user on mailbox

Remove-MailboxFolderPermission MeetingRoom@domain.local:calendar -User Default -AccessRights editor

The following command will show the actual rights to the calendar for the MeetingRoom.

Get-MailboxFolderPermission MeetingRoom@domain.local:calendar