Office 365 Federated Logon Error 80041034

Error code: 80041034, please try again later or contact your local administrator.

This rearly happends, but your ADFS Server will buffer UserPrincipalName to reduce traffic between your ADFS and Domain Controller (DC).

If you somehow change a users UPN after users have been in contact with your ADFS Service, it might be wrong because of an old buffer.

 

Solution is to reset this buffering cache:

  1. Make sure that the changes to the user’s UPN are synced to Office 365 through directory synchronization.
  2. Direct the user to log off the computer and then log on again.
  3. If steps 1 and 2 don’t resolve the issue, follow these steps:
    1. Open Registry Editor, and then locate the following subkey:
      HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa
    2. Right-click Lsa, click New, and then click DWORD Value.
    3. Type LsaLookupCacheMaxSize, and then press ENTER to name the new value.
    4. Right-click LsaLookupCacheMaxSize, and then click Modify.
    5. In the Value data box, type 0, and then click OK.
    6. Exit Registry Editor.

LsaLookupCacheMaxSize reconfiguration can affect sign-in performance, and this reconfiguration isn’t needed after the symptoms subside. This method should be used only temporarily, and we strongly recommend that you delete theLsaLookupCacheMaxSize value after the issue is resolved. To do this, follow these steps:

  1. Open Registry Editor, and then locate the following subkey:
    HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa
  2. Right-click LsaLookupCacheMaxSize, and then click Delete.
  3. Exit Registry Editor.

 

Source: http://support.microsoft.com/kb/2535191/en-us


Leave a Reply

Ehlo!

I am Roy Apalnes, a Microsoft Cloud Evangelist working av Sopra Steria. Main focus in Microsoft Security and Endpoint Management, with a bigger picture in mind.

Featured Posts