Inconsistent Configuration Error on Login

Hi All,

Thanks in advance for any help or advice you may have.

We’re running into an issue where random users aren’t able to log on to Epicor due to a configuration error. There doesn’t seem to be any rhyme or reason as to who this happens to and when it happens to them. After restarting their computer several times (it might be a single restart or multiple), the configuration error seems to resolve itself and they’re able to access the system.

image

Any ideas as to what this might be and how we can resolve it?

Thanks again!

The problem is the user does not have access to the deployment folder to check for upgrades. There are several possible reasons:

  • Network connectivity issues (can they do a \EPCR-APP in WIndows Explorer)
  • Password expiration (one I’ve seen recently)
  • Other Security Issues (Missing AD Group Assignment for example)

Troubleshoot the folder access outside of Epicor and you’ll find your reason.

Mark, thanks for the response.

I’ve checked a few of the machines that work vs. some that won’t.

  • Network connectivity issues (can they do a \EPCR-APP in Windows Explorer)

The users that have the issue cannot connect to the application server files through the Windows Explorer, but they have full access to our file server that also sits OnPrem. So ruled this option out.

  • Password expiration (one I’ve seen recently)

Would this be an AD password expiration? I checked and none of the users have expired passwords there or in Epicor.

  • Other Security Issues (Missing AD Group Assignment for example)

I don’t think this is it because they’re able to access it after a restart. I also had one user try on another device and was able to get on while the other device next to them was running into issues.

Any other thoughts?

Security is set on a per server files (NTFS)/share basis. I think this is the root of your issue.

Windows 10 has an effective permissions process you can use to verify access. Right click the folder and go properties > security tab > advanced button > effective access tab

image

Maybe someone’s changed permissions/groups.

If they cannot access this folder, they won’t be able to check the deployment folder, and they will get that error. Something is wrong at this level. Maybe time between client and server is out of sync and a reboot fixes it? Maybe a DHCP issue that is resolved on a reboot?

Epicor requires the AD/SMB layer to be working. Solve this and you’ll be back in business.

I did get a notification from a user in accounting this morning that was getting an error regarding a time difference between the client and server. Would that be a time difference between our Epicor server and AD/DNS server(s)?

08082022 Epicor Error (003)

On a user’s computer where they can’t access the file, I get the following error. It even happens when I try to access the file using an admin account.

image

It’s generally between the client and the Epicor server.

A time difference can also affect the client and the AD server. Too big of a difference and the computer won’t be trusted in the domain.

This sounds to me like it’s most likely between the user’s computer and the AD server(s). Maybe the domain controller, maybe the file share, if they’re different servers. Likely both if it’s the user’s computer that’s off. The time on all machines in the domain have to stay synchronized I think within at most 5 minutes of each other for security/cryptography reasons. Keep in mind also that the time and timezone have to be correct. If the time looks correct but one of the machines is set to the wrong timezone, that will cause errors. On each of the computers, you can go to https://time.gov/ and look on the right side of the page to see how far off the computer is:

Likewise, if the user’s (client’s) time differs from the Epicor server’s time, the user will get a related but different message: