Username appears on logon but nowhere else - protractor

I'm running win10 and originally I had it set up not to need a password so it would just boot straight into the desktop. Then I decided to see if an email I expected had been sent to an old Hotmail account I haven't used for ages. Microsoft took me through a recovery process for the Hotmail account and eventually I was able to get back into it BUT next time I tried to logon the machine stopped at the logon page and showed 2 users - one looked like the original one I had been using and the other was for my Microsoft account complete with the icon I used to use.
I selected what I think was my old logon and without entering a password I just pressed enter - got kicked out with a wrong password. The forgot password option did not appear. Tried every password I have used in the past and the one for the new ms account - none work!
Logged in on the new ms account and then went searching for the other account using all the methods suggested on the web - it does not exist anywhere. How can I get rid of this account so I can get back into not having to use a password?

Related

Google workspace account has been suspended with no recovery method

Many years ago I set up my domain so Google would manage my domain's email. Today, possibly because I was accessing from another state, Google decides to suspend the service:
Your organization's Google workspace account has been suspended. Please contact your Google workspace organization administrator to re-activate your organization.
So since I'm the administrator, I try to logon with those credentials, which are correct, but they challenge me, and want me to complete an email loop, but the recovery email is in the locked domain!
There seems to be no way to get this fixed. There's some code they can send me that I'm supposed to put my domain's server to prove I'm legit, but Google controls that...I have nothing on the domain except email. I'm paying Hover as the registrar.
Any way out?
I appreciate "Only Google can help", but there's no path forward. No phone number, no button to "open a ticket", no live chat. If you can't log on as administrator, none of that is available. How would a superuser get through on a problem like this?
There is a page that says:
To get phone, chat, or email support for your legacy free account at xxxxxxx.com, you need to upgrade to Google Workspace.
To continue, switch to an administrator account. This will open the Google Admin console.
https://support.google.com/a
But I can't log in as administrator to upgrade my account so I can get support because when I log in with correct credentials, they send a challenge to an email address that's in the locked domain!
I can't be the only one this happened to, so figure they're just hiding the path to victory so they don't have to answer too many phone calls. This page might be as close as I've gotten: https://support.google.com/a/answer/6335621
When I try to open a support case under my non-admin account, it says
You do not have permission to create support cases.
I found a form to fill out: https://support.google.com/accounts/contact/disabled2
The above form accepts any email address, so you enter any email address that you currently have access to (not one that is locked, obviously).
But matter what I do, they want me to prove my identity by adding something to my domain. I've asked Hover how to do this, but have not received a response yet.
Here's the email Google sent
Your action is required in order for us to assist with your request.
We were unable to verify the DNS ownership of Google Workspace Account sengsational.com. Please follow the instructions below to verify domain ownership.
The following instructions outline the DNS record (CNAME or TXT) to add to your domain settings. Learn more
Via CNAME (preferred):
Label/Host: [eight digit number removed]
Destination/Target: google.com
Time to live (TTL): 3600 seconds / 60 minutes / 1 Hour
For more information on how to create a CNAME record, please refer to the article Add a CNAME record to your domain's DNS records. If you need assistance creating the CNAME record, please contact your hosting provider for support.
You can verify your CNAME record here.
Via TXT:
Label/Host: enter # or leave it blank
Value/Destination: google-gws-recovery-domain-verification=[eight digit number]
Time to live (TTL): 3600 seconds / 60 minutes / 1 Hour
For more information on how to create a TXT record, please refer to the article Verify your domain with a TXT record . If you need assistance creating the TXT record, please contact your hosting provider for support.
You can verify your TXT record here.
Note: Updates to DNS records may take 24-48 hours to propagate across the entire internet.
In order for us to help you with the sign-up process, please follow this link and submit your request.
Best regards,
Google Workspace Support
Key Finding:Contact the company where you have your domain registered to have them manage the DNS records.
Hover is who I pay every year to keep my domain name active. I logged on, opened a chat, pasted-in the email from Google, and they were more than happy to update those records, right there on the spot!
Then, I went back to the email that Google sent me. To complete this authentication loop, there is a button on the page to re-check DNS.
After refreshing the page, I was provided the option to change the password. After I did that, I was logged into the gSuite administrator account, finally!"
They also automatically changed the recovery email to the one I was using that was outside the domain that was locked.

Locked out of GSuite Admin after domain verification

I have signed up for Gsuite Essentials and attempted up upgrade to Gsuite Enterprise. I only have a single email address eg a#abc.com. I had already been using this account as a normal google account. (no gmail though).
I couldn't get the admin console to show the upgrade option, but found I needed to verify my domain. So I added the TXT record to my domain abc.com, which would then let me verify.
I could then log in to the admin console as a#abc.com and clicked on the upgrade option and completed the process. This then let my a#abc.com user have access to Gmail. I have not transferred any domain settings over to google, that is all still externally hosted.
I can now no longer log in to the admin console, it says that my a#abc.com account doesn't have the rights and I need to log in as the administrator. There is no other account linked to the Gsuite settings, so there is no other administrator. I can still log in to the normal google account and do the same functions as previous.
I have now removed the TXT record hoping that would cancel it out again.
How do I get access to the admin side again?
Side note: What I am mostly worried about is that I put my credit card details into the signup, but can't get into the admin page and can't contact any form of support. It is literally impossible to get support to use the serve I paid for.
First thing first, the txt records are a string for the only purpose to verify the ownership of the domain therefore deleting them won't change anything you only need this record for the verification process and once is done you can delete them.
As an example is like a text message sent to your mobile phone, if you delete the message nothing will happen right?
I tell you this so you won't more time on the domain DNS zone settings because the issue is not there and you won't solve the problem.
There may be few things that may have happened.
The first thing you should do is to navigate in an Incognito page, make sure that is the only incognito page that you have opened and log in with a#abc.com.
Try to run different test in incognito, the issue really looks like that you are logged in with multiple Google Accounts and when you go do admin.google.com it picks up the wrong one. That's why you should go in incognito.
EDIT
Use as reference this link Here.
Follow the steps in Paragraph 'I'm taking control from another admin' here the steps:
Go to the G Suite Essentials sign-up page.
2, Sign up using your email address at the domain you're verifying.
Use an address where you can get mail.
Follow instructions in the Setup Wizard to become the admin who manages G Suite Essentials for all users at your organization.
If this didn't solve the issue then you should contact the Google Support and they will tell you what happened.
The thing is that if you can't access the Google Admin you won't be able to contact the Google Support, hence you should follow this:
.1 Can't sign in to the Admin console: https://support.google.com/a/answer/6335621?hl=en

Running Convert-MsolDomainToStandard to de-federate

We're about to de-federate our Office365 domain from using adfs2.0 to using passwords sync'd with Azure AD Sync.
We understand the process to need us to run Convert-MsolDomainToStandard, and then force a re-sync of our password with Azure AD Sync. All good so far.
First question. What powershell can we run to confirm that all our passwords are re-syncing OK on the Azure/365 side? For example, can we get the last password sync time for each user? (not last password change time - that's different!) We really need confidence to pull the trigger on this with 18,000 users.
Second question. After we run this, what powershell can we run to ensure all users have been de-federated properly? A belts and braces check that they've all been correctly updated. I've seen that a lot of people de-federating have had to use Convert-MsolFederatedUser for some users after Convert-MsolDomainToStandard crashed out. What attributes would mark an Azure user as using federated logon rather than managed?
You can review the Application Event log to check if the password sync for every federated user is successful, as well as the sync time.
The Event ID 650 indicates that the password sync process started, and the Event ID 657 will show you users whose password sync is successful or not.
For the second question, I haven't found such powershell comlet to query if the users have been de-federated or not. However, when using the following cmdlet, you will get the users listed in the password.txt, which contains each federated users' temporary password. If you run the following cmdlet again, the users who have already been converted to de-federated will not be issued a new password, the temporary password column will be changed to N/A after the full password sync is completed. So, you can confirm if a user is de-federated or not based on this by examining the password files.
Convert-MsolDomainToStandard -DomainName federated Domain name -SkipUserConversion $false -PasswordFile c:\password.txt
Finally, more references around this can be found here:[1] and [2].

Office 365 - Move a maillbox to a different user

I am trying to move a mailbox from 1 user to another in Office 365.
We have Dirsync set up to keep everything synchronised.
The reason for this is that we occasionally get corrupt AD accounts so we have to set up a new account and copy over the data (this doesn't happen a lot, but it does happen).
I have checked through all the online help from Microsoft and other sources but just can't find a way that works.
I have tried deleting the mailbox, then restoring it:
One guide said to use the GUID's to transfer the account, but a deleted account doesn't have a GUID.
Another guide says to use Restore-MsolUser - but you can't specify a new AD account.
So in a nutshell all I want to achieve is this:
Local AD user "A" has the email "A#xyz.com" needs to change to
Local AD user "B" has the email "A#xyz.com"
At the moment we have to keep both the old and the new AD accounts active to maintain the email, but if the user changes their password on the new account it obviously doesn't sync with their email account as it's on their old AD account.
I have been trawling through internet guides for weeks but to no avail. Any help would be much appreciated.
Thanks
John

Drupal User Creation SMTPS message fails

I'm using Drupal 7. When I add a user via Peoples > + Add User, I want the user to receive a notification e-mail.
If I tick the box: " Notify user of new account ", and then click "Create New Account", the page redirects to a blank page at "/admin/people/create". The user IS created, but no message is sent. There isn't even a log for an attempt to send an SMTP message in Drupal, or a failure etc. But the user exists.
If I DON'T tick the box, then the user is still properly created, but I don't get stuck at a blank page (the page is refreshed and I can see the green checkmark saying my changes have been applied)
How can I investigate this problem? I would like the e-mail to be sent (and I assume the blank page problem is related/the same issue) Like I said, I see no logs of e-mail trying to be sent, but it only crashes when I try to do so. Perhaps there's some other logs/debugging info I can enable?
Thank you very much,
Found my problem. The Token module was broken, and my user registration message used tokens, so this is why it crashed on user registration but not SMTP test.
Re-installing a fresh copy of the Token module fixed it.