All posts by Kirsten Petersen

All Groups

Office 365 Login Issues

Leave a comment

Heads up: we have been fighting some issues with directory sync from OSU AD to Office 365 recently, resulting in the following issues:

  • People could not login (because their account has not been synced)
  • They could login but were told they are “not licensed”
  • They get an error saying they are “blocked”

All of these issues were due to directory sync problems. Jason spent some time chasing that down and resolved the problem yesterday, but the sync took 12 hours to run as it had a backlog to catch up on. A few people may be synced today but unlicensed – they should be fixed when the script runs at 11PM tonight.

I’ll be working with Jason and Jeff to improve our documentation on these types of issues, as well as to give everyone view access to the admin console so you can see status information. If there is an API, we will look to integrate that with RefTool.

For now, the basic things we need to check (as best we can) before escalating Office 365 issues are:

  • Have they activated their ONID account?
  • Can they login with their ONID to other services?
  • Is their ONID account disabled? (E.g. due to account compromise?)
  • Are they logging in with their UPN?
  • Are they registered for a class (at least 1 credit) in a current or future term? (Note: as soon as they register, they should be licensed at 11PM that day.)
  • Try clearing cookies in the browser to rule out ADFS issues.

Once you’ve verified that their ONID is good to go, they are logging in correctly, and they have registered for classes more than 24 hours ago, it’s probably something that needs to be escalated.

Note: the process for employees will be similar, but will depend instead on them being unified and in an allowed OU. RefTool will be the best place to find that information (may still need some tweaks).

All Groups

OneDrive for Business cache issue

Leave a comment

Problem:

When OneDrive for Business (ODFB) starts, you see the following error message:  “A problem occurred while accessing the Office Document Cache.  Do you want to repair this problem?”

Regardless of whether you choose Yes or No, the error keeps coming up. Also, on the Mac the computer becomes extremely slow, with CPU pegged.

Solution:

  1. Close ODFB, close all Office applications, and close OneNote.
  2. Delete the “OfficeFileCache” folder and its contents.
  3. Restart ODFB. You should not get errors this time.

On Windows, you might have to work a bit harder to close ALL processes that are accessing the cache folder.

Windows details here: http://www.7tutorials.com/fix-problems-microsoft-office-document-cache-being-corrupted

Mac details here: https://community.office365.com/en-us/f/153/t/298682

All Groups

Unified Accounts: Things to Know

Leave a comment

As you all hopefully know, the university is working on unifying all Active Directory accounts as a part of the identity management initiative.  Here are a few things you should know in order to support our customers during and after this transition.

Short version:
Look in RefTool to see if an account is unified.
Unified means they have ONE account, in ONID.
Password resets are via the ONID password reset tool.
Directory updates happen via Banner data.

What is Account Unification?

From the customer’s perspective, account unification means they have one set of credentials to login to most university services. They will use the same username and password to login to email, VPN, OSU Online services, etc.

From an IT perspective, a unified account means the following:

  • It is like a traditional “ONID” account:
    • It is automatically created via scripts from Banner data.
    • The customer activates their account when they become a new student or employee.
    • It is synchronized between ONID LDAP, the ONID Active Directory domain, Google, and Office 365 (same username and pass for all of these).
    • Directory information such as name, phone number and office are populated from Banner (and need to be updated there if they are wrong).
    • Password resets are self-service via the ONID password reset tool.
  • An IT unit on campus has claimed the account, and has administrative access to it.
  • The AD account may or may not have an Exchange mailbox attached to it. If it does, the ONID email address will not be listed in the Exchange Global Address List (GAL).

Note: for undergraduate students, account unification doesn’t have any particular meaning, because they typically only had one AD account to begin with (the ONID one).

Is This Account Unified?

In RefTool, you can see whether an account has been unified. Because unification has no impact on undergraduate students, nothing will be listed for them.

So far, the following groups have been unified: Library, Information Services, College of Ag Sciences.

All units should be unified by January 2016.

User Principal Name (UPN)

We are requiring everyone to set their UPN to the new standard as part of the account unification process. People might be confused about how to login after this.

The UPN is another account logon type, in the format oniduser@oregonstate.edu.

The UPN is unique in the AD forest, whereas usernames can be repeated (i.e. you can have forestry\bob and onid\bob and they can be different people, but there is only one bob@oregonstate.edu).

Because the UPN looks like an email address, we decided to make sure that everyone also has an email alias that matches their oniduser@oregonstate.edu UPN. However, that email alias may not be the person’s primary alias, the one they send email from.

For example, my attributes are as follows:

    username: peterkir
    UPN: peterkir@oregonstate.edu
    primary SMTP:kirsten.petersen@oregonstate.edu
    additional SMTP: peterkir@oregonstate.edu
    SIP address: kirsten.petersen@oregonstate.edu

In many places you can login either as domain\user or user@oregonstate.edu.  Office 365 requires you to login with the UPN.

The SIP address is used for Lync, and does not have a standard format yet (unfortunately). Changing the SIP address is a problem – it causes the person to disappear from other people’s contact lists.

 

All Groups

What is CORE?

Leave a comment

CORE is a web-based application that allows OSU employees to access student and financial information for their departments. CORE will eventually replace Data Warehouse, and is a major IS and OSU business intelligence initiative.

More information about CORE: http://fa.oregonstate.edu/budget/core

The CORE site is here: http://core.oregonstate.edu

The site is only available to OSU employees (not students).

Some tips from Diana Lindsley, CORE team manager:

  • Chrome or Firefox are recommended; some features do not work in IE.
  • Mobile devices work, but not all reports are optimized for mobile.
  • Login is with ONID username and password.
  • If a customer can’t see a report and they think they should be able to, have them contact CORE support.
  • Core support can be reached at: core.bic@oregonstate.edu
  • When escalating an issue to the CORE team, please include: username, what report they had problems with, and what the problem was.

 

 

 

 

 

All Groups

Wireless Helpdoc Changes

Leave a comment

I went in to fix a typo on the wireless helpdoc (at http://oregonstate.edu/helpdocs/network/wireless) and realized the doc needed some serious changes.
• OUS: Removed the reference to OUS, since that entity is going away.
• Wifi Map: Removed the link to the campus wifi map because that map is defunct and the network team has asked CWS to take it down. Please don’t tell people to reference the wifi map anymore.
• OSU_Secure: We want to encourage people to use OSU_Secure. WPA works a lot better than it used to. I updated some of the language about OSU_Secure and put “(recommended)” next to it in the list of networks.
• EduRoam: EduRoam can be used by OSU people at OSU and elsewhere. Also, I think it is the preferred way to connect at PSU and UO now. (I am not even sure if the reciprocal auth stuff that we used to have in place is working anymore – need to follow up on that and possibly remove that whole section of the doc.)  FYI: people can just connect to EduRoam all the time, here and elsewhere. It’s actually a really good idea, because then they will already have the cert accepted, and not have problems connecting when they travel. In fact, their device will automatically connect them to EduRoam as they travel, which is pretty cool. EduRoam at OSU is exactly like OSU_Secure in terms of features, FYI.
• I simplified some of the language in the doc and removed some things that sounded out of date.

For later: eventually we’ll want to replace “ONID account” in this doc with “OSU ID” or “OSU Login” or whatever the Identity team decides we are going to call it; but it’s too soon to make that change.

Johan wanted to see a few more changes as well, but they are mostly cosmetic.