Thanks in advance for any help or advice you may have.
We’re running into an issue where random users aren’t able to log on to Epicor due to a configuration error. There doesn’t seem to be any rhyme or reason as to who this happens to and when it happens to them. After restarting their computer several times (it might be a single restart or multiple), the configuration error seems to resolve itself and they’re able to access the system.
Any ideas as to what this might be and how we can resolve it?
I’ve checked a few of the machines that work vs. some that won’t.
Network connectivity issues (can they do a \EPCR-APP in Windows Explorer)
The users that have the issue cannot connect to the application server files through the Windows Explorer, but they have full access to our file server that also sits OnPrem. So ruled this option out.
Password expiration (one I’ve seen recently)
Would this be an AD password expiration? I checked and none of the users have expired passwords there or in Epicor.
Other Security Issues (Missing AD Group Assignment for example)
I don’t think this is it because they’re able to access it after a restart. I also had one user try on another device and was able to get on while the other device next to them was running into issues.
Windows 10 has an effective permissions process you can use to verify access. Right click the folder and go properties > security tab > advanced button > effective access tab
If they cannot access this folder, they won’t be able to check the deployment folder, and they will get that error. Something is wrong at this level. Maybe time between client and server is out of sync and a reboot fixes it? Maybe a DHCP issue that is resolved on a reboot?
Epicor requires the AD/SMB layer to be working. Solve this and you’ll be back in business.
I did get a notification from a user in accounting this morning that was getting an error regarding a time difference between the client and server. Would that be a time difference between our Epicor server and AD/DNS server(s)?
On a user’s computer where they can’t access the file, I get the following error. It even happens when I try to access the file using an admin account.
This sounds to me like it’s most likely between the user’s computer and the AD server(s). Maybe the domain controller, maybe the file share, if they’re different servers. Likely both if it’s the user’s computer that’s off. The time on all machines in the domain have to stay synchronized I think within at most 5 minutes of each other for security/cryptography reasons. Keep in mind also that the time and timezone have to be correct. If the time looks correct but one of the machines is set to the wrong timezone, that will cause errors. On each of the computers, you can go to https://time.gov/ and look on the right side of the page to see how far off the computer is: