Skip to main content

Fixing MS Lync Error OC_KeyContainer_user@hcl.com

Last week I came across this problem and deleting the default keychain did not fix it but somehow could not devot much time to fix it. As the solution was not available on Google, I thought to post it here. The error was: Microsoft Lync wants to use OC_KeyContainer_username@company.com. Please enter the keychain password prompt appeared. Unfortunately I forgot to take the screenshot of the error message but it somehow looks like the regular keychain popup window.

Worst thing about this error was that Keychain login screen was not accepting any password that I could think of, even though it was the correct one, which actually made it a strange issue for the people who are into the world of Troubleshooting Mac OS.

So lets have a look at Root Cause and then at the Fix.

The Cause:
Microsoft Lync creates a keychain file to store encryption keys. The file is physically stored in /Users/username/Library/Keychains and is named something similar to OC_KeyContainer_LaeeqA@hcl.comThis keychain will show at the left column list where you see login and system keychains. Noteworthy thing about this is that it would not have any link with the Login Keychain or login credentials. I don't like saying this but at times something happens to this keychain from working properly and once you remove this, Lync will create a new one for itself. When it does, it saves a Randomized password in /Users/LaeeqHumam/Library/Preferences/ folder.

Lets take a deeper dive in this:

If you have NOT checked the Save Password option on Lync Login window - The OC_KeyContainer__username@company.com keychain & OC_KeyContainer__username@company.compassword under Login keychain are generated when Lync connects to the server. Later on when the Lync quits, this OC_KeyContainer__username@company.com keychain and application password entry are removed automatically. On relaunch, a it will automatically create a new OC_KeyContainer__username@company.com keychain and application password entry in the user’s login keychain.

If you have checked the Save Password option on Lync Login window - and this entry does not exists, the OC_KeyContainer__username@company.com keychain and OC_KeyContainer__username@company.compassword entry in the user’s login keychain will get generated when Lync connects to the server. An MS Lync password entry is also created in the user’s login keychain if is is not already there. When you quit Lync, the OC_KeyContainer__username@company.com keychain and application password entry persist and are not automatically deleted.

Researcher Turns Over Details of macOS Keychain Security Flaw, Calls for Explanation About Lack of Mac Bug Bounty Program

The Fix:
Delete this Keychain entry, thats it! 

Currently as I am writing this post on a Virtual Machine so could not capture screenshots but soon as I get time, I would grab the key snaps to make the topic more clear.

Labels

Labels:

Comments

Post a Comment

Popular posts from this blog

An introduction to Mac OS X Server

Mac OS X server is combination of Power and Style. It derives power from its strong UNIX base and the style comes from well known Apple GUI. This combination makes Mac OS X Server one of the robust server available in present time. Mac OS X Server is built on a fully compliant UNIX foundation. This battle-tested core provides the stability, performance, and security that organizations require. And full UNIX conformance ensures compatibility with existing server and application software. Mac OS X Server is the ideal platform for deploying groundbreaking enterprise applications and services. The kernel in Mac OS X Server provides superior thread management and affinity algorithms for efficient handling of multithreaded applications on the latest generation of Intel multicore processors. It also provides precise control of real-time processing requirements, allowing a user-level thread — even an unprivileged one — to precisely specify its requirements for time-sensitive operations...
3 comments
Read more

ENTOURAGE TROUBLESHOOTING: CRASHES WHILE LAUNCHING - II

Entourage Crashing due to Fonts There are two fonts that are known to be one of the most popular reasons of Entourage crashing. The first one is Helvetica Fractions which is majorly responsible to cause problems, the second is Times Phonetic. In order to fix this issue, don't just disable these fonts in Font Book, but physically remove them from your system and try to launch Entourage again. Other discussed reasons are database , schedules and duplicate daemons .
Post a Comment
Read more

MANAGING YOUR MAILING LISTS

How to set up Mailing List Manager? Before we move ahead lets be clear about what a mailing list is all about? These are groups over the net that you join and they send mails to you, generally they come in bulk so it is a wise idea to create a seperate folder for this so that your inbox is never over limit. It is recommended to subscribe to a mailing list as it is a good source of information and knowledge. Here is an example of a mailing list and its subscription. Under mailing list manager rules, there is an option selecting which you can run more rules under one MLM ( Mailing List Manager ). Process to setup MLM: 1. Launch Entourage and select a mail that you have received from the mailing list. 2. Go to 'Tools' from the menu bar and select 'New'. 3. MLM is smart enough to fill up most of the feilds by itself, but make sure from your end that the the feilds entered is according to your preference. 4. Now it will allow you to add new folder to transfer mails coming f...
Post a Comment
Read more