AFP logon window takes 60 - 90 seconds for remote users

We have a 10.4.11 server running AFP and multiple other services. About 25 users connect to the AFP sharepoints via the internal network and the login window appears immediately. Another 25 users connect through a hardware VPN from another office and their login screen appears immediately as well. We have another set of 25 users who connect directly over the internet, and only recently, it is taking 60 - 90 seconds for the logon window to appear. Once it does appear, the connection runs at normal speed.
It makes no difference whether the address is specified as FQDN or IP address. I've tried turning off Bonjour, and adding the host domain name to the search domains, but this made no difference either.
This problem did not exist until recently. It may have been about the same time as the 10.5.4 update, but I can't be sure.
Also, our ISP is known to play with "Shaping" although we did have AFP set to high priority and Port 548 is not restricted.
Is there another service that Apple uses to bring up the logon window? If so perhaps our provider is restricting bandwidth on that.
- Tim

This problem related to AFP requesting a "Service Record" first and waiting until that timed out before requesting the "A" record for the site. It seems to be an issue with OS X 10.5.4 and OpenDNS. Hopefully they will sort it out soon.

Similar Messages

  • AD SSO not happening for Remote Users

    Dear Members
    I am having an issue with the NAC Deployment for Remote users (Users behind WAN Router)
    Windows AD SSO (2008) is happening for LAN users successfullly, however remote users
    are not able to do AD SSO.
    it is ensured that remote users even in unauthenticated state can reach Active directory. there is no filtering
    on any of the device across the path, for this communication.
    When i use Kerbtray on the remote PC, i found no tickets at all.(i am logged in thru Domain)
    what could be going wrong, is it delay (as they are wan user) which might attribute this issue, and if so, where are the needed parameters that can be tuned for AD SSO to happen.
    Any help will ne highly appreciated.
    thanks
    Ahad

    Hi Ahad,
    As long as ALL the policies in Table 8-1 are configured for the Unauthenticated Role
    http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/48/cas/s_adsso.html#wp1174219
    the CAS should be out of the picture for what concerns the communication between the PC and Kerberos.
    If the Kerbtray.exe output for a failing user is empty, it means that the unsuccessful users do not have any Service Ticket (ST) at all.
    This points to an issue with AD (considering the fact that the CAS is already allowing all the traffic to/from AD).
    The failing users are either unable to send the Ticket-Granting Ticket (TGT) to AD, or they are unable to obtain the Service Ticket (ST) from AD.
    The CAS during this phase is neither performing any actions nor blocking any traffic, since all the communications to/from AD are already fully open in the unauthenticated role.
    Regards,
    Fede
    If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

  • How to create accounts for remote users in 1841

    Hi,
    I was wondering how can i create accounts for remote users to be able to vpn please ? I have setup the vpn server successfully.
    Regard,

    Hello.
    I believe that you can try this:
    Router# configure terminal
    Router (config)# password encryption aes
    Router (config)# crypto ipsec client ezvpn ezvpn1
    Router (config-crypto-ezvpn)# username server_1 password 0 blue
    if you are using easy vpn.
    from: http://cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080455b7d.html

  • Windows XP Mode - 1 VM for multiple users?

    I have multiple users that use one machine (Windows 7 Professionl x64), which in turn they need to run an old application that will only run in Windows XP mode.  However, I have noticed that you have to create a machine for each individual user, as far as I can tell. 
    I basically want to make one virtual application that ALL users can use without having to create a VM for each user.  Is this possible or have I overlooked something where you don't need to create a vm for each users? 
    Thanks for any help!

    I too have this requirement. My situation is complex in that we have multiple users logging on to multiple machines (call centre shift workers). To take one of our computers as an example:
    1x Windows 7 Enterprise x64 PC
    2x users logon to the same PC throughout the day, requiring access to their individual Win7 profiles
    1x legacy application that does NOT save any user specific data
    The above means that we only need one Windows XP Mode image on the machine, but require 2 Windows 7 users to be able to access it, ideally with the application to run seamlessly.
    I have managed to get it working, but it is by no means 'elegant':
    Set up XP Mode for the first time logged on as 'User1'.
    Ensure that the VM is saved to a locaton accessible by anyone, e.g. C:\VM\
    Install legacy application.
    Shutdown XP Mode
    Log off 'User1'
    Log on as 'User2'
    Create a new VM - not through the XP Mode, but rather through the standard VM creation Window. Select the option to utilise an existing VHD and point it towards the XP Mode VM created earlier.
    That's it - the legacy app shortcut should appear in 'User2' start menu and be able to run seamlessly.
    If anyone knows of a more elegant approach, I would love to hear it.
    Many thanks.

  • AnyConnect pre Windows login connects and disconnects for some users

    Hi,
    I have Cisco VPN AnyConnect (version 3.1.0310) clients with a connectivity issue which manifests as follows:
    A user boots their Windows 7 SP1 laptop up.
    Before Windows login, the user clicks "switch user" and enters their Cisco AnyConnect credentials (this connects OK).
    Once the VPN tunnel is established a user logs into Windows.
    At this point, 1 of 2 things happen:
    1. Most users VPN connection stays connected and user GPO processing\logins work as normal
    2. For a minority of users, the VPN connection disconnects and then reconnects. The VPN disconnect and reconnect causes connectivity issues with mapped drives and Outlook (most likely due to GPO processing not applying as the VPN tunnel wasn't established at the required time).
    There are no known commanalities between problematic users - all users are in the same OU and laptops are in the same OU, so they should be getting the same AD settings. The same user can login 14 times OK, but may experience this issue on the 15th occasion.
    Within the profile xml file (stored in c:\program data\) the key "AutoConnectStart" is set to false for user controllable and default value. The XML policy settings are being applied correctly (we've checked Event ID 3010 within the Cisco AnyConnect Windows logs).
    What we have noticed from using the back end Cisco monitoring client is that users who experience connection issues, connect pre windows login OK, but once they're logged into Windows the Cisco VPN AnyConnects seems to try and re-connect, which causes the current VPN tunnel to disconnect and re-connect. This disconnect and re-connect for users seems to cause issues with logon and GPO processing.
    So far, the only rock solid way we've found of stopping this disconnect and re-connect behaviour is by configuring a system deny permission on registry key "HKLM\Software\Microsoft\Windows\CurrentVersion\Run". This key contains an entry for Cisco AnyConnect VPN. Unfortunately setting a deny on the individual node value isn't possible and if the key is deleted or modified the system re-creates it. I'd rather avoid setting a system deny on the key for all users.
    Any advice on how troubleshoot and diagnose this problem is appreciated.
    Thanks

    I've attached some log files in case someone is particularly keen eyed at spotting issues (all data is anonymized)
    6
    Oct 30 2013
    10:19:31
    172.16.12.17
    58124
    10.5.128.21
    8080
    Built inbound TCP connection 123678229 for outside:172.16.12.17/58124 (172.16.12.17/58124)(LOCAL\jpk789) to inside:10.5.128.21/8080 (10.5.128.21/8080)
    6
    Oct 30 2013
    10:19:31
    172.16.12.17
    58122
    10.5.140.210
    443
    Teardown TCP connection 123678214 for outside:172.16.12.17/58122(LOCAL\jpk789) to inside:10.5.140.210/443 duration 0:00:00 bytes 11971 TCP Reset-O
    6
    Oct 30 2013
    10:19:31
    172.16.12.17
    51368
    10.5.141.155
    53
    Teardown UDP connection 123678191 for outside:172.16.12.17/51368(LOCAL\jpk789) to inside:10.5.141.155/53 duration 0:00:00 bytes 110
    6
    Oct 30 2013
    10:19:31
    172.16.12.17
    58123
    10.5.12.182
    88
    Built inbound TCP connection 123678217 for outside:172.16.12.17/58123 (172.16.12.17/58123)(LOCAL\jpk789) to inside:10.5.12.182/88 (10.5.12.182/88)
    6
    Oct 30 2013
    10:19:31
    172.16.12.17
    62455
    10.5.141.155
    53
    Teardown UDP connection 123678189 for outside:172.16.12.17/62455(LOCAL\jpk789) to inside:10.5.141.155/53 duration 0:00:00 bytes 430
    6
    Oct 30 2013
    10:19:31
    172.16.12.17
    58122
    10.5.140.210
    443
    Built inbound TCP connection 123678214 for outside:172.16.12.17/58122 (172.16.12.17/58122)(LOCAL\jpk789) to inside:10.5.140.210/443 (10.5.140.210/443)
    6
    Oct 30 2013
    10:19:31
    172.16.12.17
    56197
    10.5.141.155
    53
    Built inbound UDP connection 123678212 for outside:172.16.12.17/56197 (172.16.12.17/56197)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53)
    6
    Oct 30 2013
    10:19:31
    172.16.12.17
    58121
    10.5.12.179
    389
    Built inbound TCP connection 123678196 for outside:172.16.12.17/58121 (172.16.12.17/58121)(LOCAL\jpk789) to inside:10.5.12.179/389 (10.5.12.179/389)
    6
    Oct 30 2013
    10:19:31
    172.16.12.17
    58120
    10.5.12.199
    80
    Built inbound TCP connection 123678195 for outside:172.16.12.17/58120 (172.16.12.17/58120)(LOCAL\jpk789) to inside:10.5.12.199/80 (10.5.12.199/80)
    6
    Oct 30 2013
    10:19:31
    172.16.12.17
    51368
    10.5.141.155
    53
    Built inbound UDP connection 123678191 for outside:172.16.12.17/51368 (172.16.12.17/51368)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53)
    6
    Oct 30 2013
    10:19:31
    172.16.12.17
    62458
    10.5.12.182
    389
    Built inbound UDP connection 123678190 for outside:172.16.12.17/62458 (172.16.12.17/62458)(LOCAL\jpk789) to inside:10.5.12.182/389 (10.5.12.182/389)
    6
    Oct 30 2013
    10:19:31
    172.16.12.17
    62455
    10.5.141.155
    53
    Built inbound UDP connection 123678189 for outside:172.16.12.17/62455 (172.16.12.17/62455)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53)
    6
    Oct 30 2013
    10:19:30
    IPSEC: An inbound remote access SA (SPI= 0x67ED9B28) between 80.21.182.245 and 75.12.34.56 (user= jpk789) has been created.
    6
    Oct 30 2013
    10:19:30
    IPSEC: An outbound remote access SA (SPI= 0x9C00507E) between 80.21.182.245 and 75.12.34.56 (user= jpk789) has been created.
    6
    Oct 30 2013
    10:19:30
    Group User IP <75.12.34.56> AnyConnect session resumed connection from IP <75.12.34.56>.
    5
    Oct 30 2013
    10:19:30
    Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 SA UP. Reason: New Connection Established
    4
    Oct 30 2013
    10:19:30
    Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x7041 could not be processed. Error: Unknown/Unsupported Attribute
    4
    Oct 30 2013
    10:19:30
    Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x7040 could not be processed. Error: Unknown/Unsupported Attribute
    4
    Oct 30 2013
    10:19:30
    Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x703f could not be processed. Error: Unknown/Unsupported Attribute
    4
    Oct 30 2013
    10:19:30
    Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x703e could not be processed. Error: Unknown/Unsupported Attribute
    4
    Oct 30 2013
    10:19:30
    Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x703d could not be processed. Error: Unknown/Unsupported Attribute
    4
    Oct 30 2013
    10:19:30
    Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x703c could not be processed. Error: Unknown/Unsupported Attribute
    4
    Oct 30 2013
    10:19:30
    Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x703b could not be processed. Error: Unknown/Unsupported Attribute
    6
    Oct 30 2013
    10:19:18
    172.16.12.17
    64287
    10.5.12.182
    445
    Teardown TCP connection 123673186 for outside:172.16.12.17/64287(LOCAL\jpk789) to inside:10.5.12.182/445 duration 0:02:01 bytes 14605 Tunnel has been torn down
    6
    Oct 30 2013
    10:19:17
    172.16.12.17
    64278
    10.5.141.144
    445
    Teardown TCP connection 123672510 for outside:172.16.12.17/64278(LOCAL\jpk789) to inside:10.5.141.144/445 duration 0:02:15 bytes 9237 Tunnel has been torn down
    6
    Oct 30 2013
    10:19:14
    172.16.12.17
    64273
    10.5.140.231
    445
    Teardown TCP connection 123672368 for outside:172.16.12.17/64273(LOCAL\jpk789) to inside:10.5.140.231/445 duration 0:02:16 bytes 7297 Tunnel has been torn down
    6
    Oct 30 2013
    10:19:04
    172.16.12.17
    54449
    10.5.141.155
    389
    Teardown UDP connection 123672541 for outside:172.16.12.17/54449(LOCAL\jpk789) to inside:10.5.141.155/389 duration 0:02:01 bytes 366
    6
    Oct 30 2013
    10:19:04
    172.16.12.17
    137
    10.5.141.155
    137
    Teardown UDP connection 123672421 for outside:172.16.12.17/137(LOCAL\jpk789) to inside:10.5.141.155/137 duration 0:02:04 bytes 486
    6
    Oct 30 2013
    10:19:00
    172.16.12.17
    138
    10.5.141.155
    138
    Teardown UDP connection 123672424 for outside:172.16.12.17/138(LOCAL\jpk789) to inside:10.5.141.155/138 duration 0:02:01 bytes 177
    6
    Oct 30 2013
    10:18:58
    172.16.12.17
    63666
    10.5.141.155
    389
    Teardown UDP connection 123672316 for outside:172.16.12.17/63666(LOCAL\jpk789) to inside:10.5.141.155/389 duration 0:02:01 bytes 366
    6
    Oct 30 2013
    10:18:58
    172.16.12.17
    53105
    10.5.141.155
    389
    Teardown UDP connection 123672300 for outside:172.16.12.17/53105(LOCAL\jpk789) to inside:10.5.141.155/389 duration 0:02:01 bytes 366
    6
    Oct 30 2013
    10:18:47
    172.16.12.17
    61715
    10.5.12.182
    389
    Teardown UDP connection 123671945 for outside:172.16.12.17/61715(LOCAL\jpk789) to inside:10.5.12.182/389 duration 0:02:01 bytes 312
    6
    Oct 30 2013
    10:18:43
    172.16.12.17
    54262
    10.5.12.179
    389
    Teardown UDP connection 123671801 for outside:172.16.12.17/54262(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 355
    6
    Oct 30 2013
    10:18:42
    172.16.12.17
    57911
    10.5.141.156
    389
    Teardown UDP connection 123671777 for outside:172.16.12.17/57911(LOCAL\jpk789) to inside:10.5.141.156/389 duration 0:02:01 bytes 365
    6
    Oct 30 2013
    10:18:40
    172.16.12.17
    123
    10.5.12.182
    123
    Teardown UDP connection 123671670 for outside:172.16.12.17/123(LOCAL\jpk789) to inside:10.5.12.182/123 duration 0:02:01 bytes 136
    6
    Oct 30 2013
    10:18:40
    172.16.12.17
    58107
    10.5.12.179
    389
    Teardown UDP connection 123671639 for outside:172.16.12.17/58107(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 356
    6
    Oct 30 2013
    10:18:40
    172.16.12.17
    58825
    10.5.12.179
    389
    Teardown UDP connection 123671633 for outside:172.16.12.17/58825(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:02 bytes 355
    6
    Oct 30 2013
    10:18:39
    172.16.12.17
    60424
    10.5.141.156
    389
    Teardown UDP connection 123671611 for outside:172.16.12.17/60424(LOCAL\jpk789) to inside:10.5.141.156/389 duration 0:02:01 bytes 365
    6
    Oct 30 2013
    10:18:38
    172.16.12.17
    56635
    10.5.141.156
    389
    Teardown UDP connection 123671566 for outside:172.16.12.17/56635(LOCAL\jpk789) to inside:10.5.141.156/389 duration 0:02:01 bytes 365
    6
    Oct 30 2013
    10:18:38
    172.16.12.17
    61204
    10.5.12.179
    389
    Teardown UDP connection 123671558 for outside:172.16.12.17/61204(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 355
    6
    Oct 30 2013
    10:18:38
    172.16.12.17
    50615
    10.5.12.179
    389
    Teardown UDP connection 123671545 for outside:172.16.12.17/50615(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 355
    6
    Oct 30 2013
    10:18:38
    172.16.12.17
    57940
    10.5.141.154
    389
    Teardown UDP connection 123671537 for outside:172.16.12.17/57940(LOCAL\jpk789) to inside:10.5.141.154/389 duration 0:02:02 bytes 313
    6
    Oct 30 2013
    10:18:38
    172.16.12.17
    57939
    10.5.141.156
    389
    Teardown UDP connection 123671536 for outside:172.16.12.17/57939(LOCAL\jpk789) to inside:10.5.141.156/389 duration 0:02:02 bytes 366
    6
    Oct 30 2013
    10:18:38
    172.16.12.17
    64495
    10.5.12.182
    389
    Teardown UDP connection 123671532 for outside:172.16.12.17/64495(LOCAL\jpk789) to inside:10.5.12.182/389 duration 0:02:02 bytes 356
    6
    Oct 30 2013
    10:18:37
    172.16.12.17
    62965
    10.5.12.182
    389
    Teardown UDP connection 123671521 for outside:172.16.12.17/62965(LOCAL\jpk789) to inside:10.5.12.182/389 duration 0:02:01 bytes 356
    6
    Oct 30 2013
    10:18:37
    172.16.12.17
    54994
    10.5.12.179
    389
    Teardown UDP connection 123671514 for outside:172.16.12.17/54994(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 356
    6
    Oct 30 2013
    10:18:37
    172.16.12.17
    54993
    10.5.12.179
    389
    Teardown UDP connection 123671513 for outside:172.16.12.17/54993(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 356
    6
    Oct 30 2013
    10:18:37
    172.16.12.17
    63390
    10.34.140.104
    389
    Teardown UDP connection 123671483 for outside:172.16.12.17/63390(LOCAL\jpk789) to inside:10.34.140.104/389 duration 0:02:01 bytes 385
    6
    Oct 30 2013
    10:18:37
    172.16.12.17
    63389
    10.33.140.104
    389
    Teardown UDP connection 123671482 for outside:172.16.12.17/63389(LOCAL\jpk789) to inside:10.33.140.104/389 duration 0:02:01 bytes 384
    6
    Oct 30 2013
    10:18:10
    IPSEC: An inbound remote access SA (SPI= 0x5650EE30) between 75.12.34.56 and 80.21.182.245 (user= jpk789) has been deleted.
    6
    Oct 30 2013
    10:18:10
    IPSEC: An outbound remote access SA (SPI= 0x42DBDD66) between 80.21.182.245 and 75.12.34.56 (user= jpk789) has been deleted.
    6
    Oct 30 2013
    10:18:10
    Group User IP <75.12.34.56> AnyConnect session lost connection. Waiting to resume.
    5
    Oct 30 2013
    10:18:10
    Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 SA DOWN. Reason: peer lost
    6
    Oct 30 2013
    10:17:42
    172.16.12.17
    64250
    10.5.141.186
    445
    Teardown TCP connection 123671908 for outside:172.16.12.17/64250(LOCAL\jpk789) to inside:10.5.141.186/445 duration 0:00:57 bytes 454851 TCP Reset-I
    6
    Oct 30 2013
    10:17:20
    172.16.12.17
    137
    172.16.13.255
    137
    Teardown UDP connection 123673268 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0
    6
    Oct 30 2013
    10:17:19
    172.16.12.17
    137
    172.16.13.255
    137
    Teardown UDP connection 123673244 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0
    6
    Oct 30 2013
    10:17:18
    172.16.12.17
    137
    172.16.13.255
    137
    Teardown UDP connection 123673218 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0
    6
    Oct 30 2013
    10:16:36
    172.16.12.17
    63060
    10.5.141.155
    53
    Built inbound UDP connection 123671551 for outside:172.16.12.17/63060 (172.16.12.17/63060)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53)
    6
    Oct 30 2013
    10:16:36
    172.16.12.17
    63010
    10.5.12.182
    88
    Built inbound TCP connection 123671549 for outside:172.16.12.17/63010 (172.16.12.17/63010)(LOCAL\jpk789) to inside:10.5.12.182/88 (10.5.12.182/88)
    6
    Oct 30 2013
    10:16:36
    172.16.12.17
    63009
    10.5.12.182
    88
    Built inbound TCP connection 123671548 for outside:172.16.12.17/63009 (172.16.12.17/63009)(LOCAL\jpk789) to inside:10.5.12.182/88 (10.5.12.182/88)
    6
    Oct 30 2013
    10:16:36
    172.16.12.17
    63008
    10.5.141.156
    389
    Built inbound TCP connection 123671546 for outside:172.16.12.17/63008 (172.16.12.17/63008)(LOCAL\jpk789) to inside:10.5.141.156/389 (10.5.141.156/389)
    6
    Oct 30 2013
    10:16:36
    172.16.12.17
    50615
    10.5.12.179
    389
    Built inbound UDP connection 123671545 for outside:172.16.12.17/50615 (172.16.12.17/50615)(LOCAL\jpk789) to inside:10.5.12.179/389 (10.5.12.179/389)
    6
    Oct 30 2013
    10:16:36
    172.16.12.17
    63007
    10.5.12.182
    88
    Built inbound TCP connection 123671544 for outside:172.16.12.17/63007 (172.16.12.17/63007)(LOCAL\jpk789) to inside:10.5.12.182/88 (10.5.12.182/88)
    6
    Oct 30 2013
    10:16:36
    172.16.12.17
    55425
    10.5.141.155
    53
    Teardown UDP connection 123671487 for outside:172.16.12.17/55425(LOCAL\jpk789) to inside:10.5.141.155/53 duration 0:00:00 bytes 164
    6
    Oct 30 2013
    10:16:36
    172.16.12.17
    50614
    10.5.141.155
    53
    Built inbound UDP connection 123671543 for outside:172.16.12.17/50614 (172.16.12.17/50614)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53)
    6
    Oct 30 2013
    10:16:35
    172.16.12.17
    56263
    10.5.141.156
    53
    Built inbound UDP connection 123671461 for outside:172.16.12.17/56263 (172.16.12.17/56263)(LOCAL\jpk789) to inside:10.5.141.156/53 (10.5.141.156/53)
    6
    Oct 30 2013
    10:16:35
    172.16.12.17
    60708
    10.5.141.155
    53
    Built inbound UDP connection 123671460 for outside:172.16.12.17/60708 (172.16.12.17/60708)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53)
    6
    Oct 30 2013
    10:16:35
    172.16.12.17
    56982
    10.5.141.156
    53
    Built inbound UDP connection 123671459 for outside:172.16.12.17/56982 (172.16.12.17/56982)(LOCAL\jpk789) to inside:10.5.141.156/53 (10.5.141.156/53)
    6
    Oct 30 2013
    10:16:35
    172.16.12.17
    64548
    10.5.141.155
    53
    Built inbound UDP connection 123671458 for outside:172.16.12.17/64548 (172.16.12.17/64548)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53)
    6
    Oct 30 2013
    10:16:35
    172.16.12.17
    60827
    10.5.141.156
    53
    Built inbound UDP connection 123671457 for outside:172.16.12.17/60827 (172.16.12.17/60827)(LOCAL\jpk789) to inside:10.5.141.156/53 (10.5.141.156/53)
    6
    Oct 30 2013
    10:16:35
    172.16.12.17
    64207
    10.5.141.155
    53
    Built inbound UDP connection 123671453 for outside:172.16.12.17/64207 (172.16.12.17/64207)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53)
    6
    Oct 30 2013
    10:16:35
    172.16.12.17
    137
    172.16.13.255
    137
    Teardown UDP connection 123671443 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0
    6
    Oct 30 2013
    10:16:35
    172.16.12.17
    137
    172.16.13.255
    137
    Teardown UDP connection 123671442 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0
    6
    Oct 30 2013
    10:16:35
    172.16.12.17
    137
    172.16.13.255
    137
    Teardown UDP connection 123671441 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0
    6
    Oct 30 2013
    10:16:34
    IPSEC: An inbound remote access SA (SPI= 0x5650EE30) between 80.21.182.245 and 75.12.34.56 (user= jpk789) has been created.
    6
    Oct 30 2013
    10:16:34
    IPSEC: An outbound remote access SA (SPI= 0x42DBDD66) between 80.21.182.245 and 75.12.34.56 (user= jpk789) has been created.
    5
    Oct 30 2013
    10:16:34
    Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 SA UP. Reason: New Connection Established
    4
    Oct 30 2013
    10:16:34
    Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x7041 could not be processed. Error: Unknown/Unsupported Attribute
    4
    Oct 30 2013
    10:16:34
    Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x7040 could not be processed. Error: Unknown/Unsupported Attribute
    4
    Oct 30 2013
    10:16:34
    Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x703f could not be processed. Error: Unknown/Unsupported Attribute
    4
    Oct 30 2013
    10:16:34
    Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x703e could not be processed. Error: Unknown/Unsupported Attribute
    4
    Oct 30 2013
    10:16:34
    Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x703d could not be processed. Error: Unknown/Unsupported Attribute
    4
    Oct 30 2013
    10:16:34
    Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x703c could not be processed. Error: Unknown/Unsupported Attribute
    4
    Oct 30 2013
    10:16:34
    Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x703b could not be processed. Error: Unknown/Unsupported Attribute
    6
    Oct 30 2013
    10:16:34
    Group User IP <75.12.34.56> AnyConnect parent session started.
    6
    Oct 30 2013
    10:16:34
    DAP: User jpk789, Addr 75.12.34.56, Connection AnyConnect: The following DAP records were selected for this connection: ContosoPolicy
    6
    Oct 30 2013
    10:16:34
    AAA transaction status ACCEPT : user = jpk789
    6
    Oct 30 2013
    10:16:34
    AAA retrieved default group policy (DfltGrpPolicy) for user = jpk789
    6
    Oct 30 2013
    10:16:34
    AAA retrieved user specific group policy (useGroup1s.Grp) for user = jpk789
    6
    Oct 30 2013
    10:16:34
    AAA group policy for user jpk789 is being set to useGroup1s.Grp;
    6
    Oct 30 2013
    10:16:34
    AAA user authentication Successful : server = 192.168.7.4 : user = jpk789

  • ISA B2B logon  Error: No valid private connection for internet user

    Hello ,
    i used isauseradm to create a user zzweb with all authorizations for B2B..
    now when i try to log to
    http://host:port/b2b/b2b/init.do  with the user zzweb
    i have a runtime error with the logs :
    EXCEPTION]
    #1#com.sap.isa.businessobject.BORuntimeException: Error getting private connection for internet user:com.sap.isa.core.eai.BackendException: Error: No valid private connection for internet userzzweb
         at com.sap.isa.businessobject.BusinessObjectHelper.splitException(BusinessObjectHelper.java:78)
         at com.sap.isa.user.businessobject.UserBase.login(UserBase.java:313)
         at com.sap.isa.businessobject.User.login(User.java:143)
         at com.sap.isa.user.action.UserActions.performLogin(UserActions.java:295)
         at com.sap.isa.user.action.UserActions.performLogin(UserActions.java:368)
         at com.sap.isa.user.action.UserBaseAction.performLogin(UserBaseAction.java:126)
         at com.sap.isa.user.action.LoginBaseAction.ecomPerform(LoginBaseAction.java:77)
         at com.sap.isa.isacore.action.EComBaseAction.doPerform(EComBaseAction.java:353)
         at com.sap.isa.core.BaseAction.execute(BaseAction.java:211)
         at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
         at com.sap.isa.core.RequestProcessor.processActionPerform(RequestProcessor.java:674)
         at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
         at com.sap.isa.core.RequestProcessor.process(RequestProcessor.java:391)
         at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
         at com.sap.isa.core.ActionServlet.process(ActionServlet.java:243)
         at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.runServlet(FilterChainImpl.java:117)
         at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:62)
         at com.tealeaf.capture.LiteFilter.doFilter(Unknown Source)
         at com.sap.isa.isacore.TealeafFilter.doFilter(TealeafFilter.java:61)
         at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:58)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:373)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
    what does this error means..?
    i also realised that zzweb  was not created in CRM backen? should it be created ?
    many thnx for help ..
    Message was edited by: Blackman

    Its a late response... but if someone gets the same issue here is the solution.
    When you register try uppercase password . That should take care of that issue.
    The problem is with function module CRM_ISA_IUSER_SWITCH , Note 946536.
    Although the note says 5.0 the problem exists with ISA 4.0 too

  • MOTD on Library connect for remote users?

    What I'm basically looking for: Is there a way so users connecting to my library from other machines recieve a Message Of The Day or similar?
    For instance, I'm slowly transferring my music from home to my laptop at work, and it would be nice to have something like "Recently Added: (blah blah blah)" appear for people upon connect.
    Is there a way to do this? If not, no big deal.

    Hey Phrasant,
    I just tested your setup in my lab.
    Situation 1:
    RDS server in OU RDS, no policies applied accept Default Domain policies.
    Test user ITW\jklaas
    Starting Wordpad, hitting Save and checking the drives.
    As you can see in the Drives_Without_Policies I can see the Server's C-drive.
    Situation 2:
    RDS server in OU RDS
    Test user ITW\jklaas
    Created a single policy called HideDrives with 2 settings:
    1. User Config -> Policies -> Admin Templates -> Windows Components -> File Explorer -> "Hide these specified drives in My Computer" and choose to "Restrict all drives"
    2. Computer Config -> Policies -> Admin Templates -> System -> Group Policy -> "Configure user Group Policy loopback processing mode" and choose to Enable this setting in Merge mode
    Via Delegation I denied Apply to Domain Admins and linked the HideDrives policy to the OU RDS.
    Now if I logon with ITW\Jklaas and start RemoteApp Wordpad:
    The policy successfully hides the server's C-drive...
    So, this not working for you can mean several things.
    - loopback not configured for policy processing?
    - your test user is somehow excluded from the policy?
    - there's another error somewhere in the group policy components between your RDS and DC?
    Start troubleshooting by running the GP Result wizard in GP management for a user that has Word open and see if he/she gets the policies?
    Cheers
    Arjan

  • SCCM 2012 usage report for remote users

    Hi,
    Can someone help to get the SCCM  usage report for all remote users who accessed particular application remotely on windows 7 workstation
    Regards,
    Madhan

    If the application is something and executable that the users have to start, you can use Software Metering.
    My Blog: http://www.petervanderwoude.nl/
    Follow me on twitter: pvanderwoude

  • No Audio for Remote User when using Thunderbolt Display

    I have the latest 13" macbook pro with a thunderbolt display. For the most part everything works fine, but I have encountered a problem when I try using facetime with this setup. The remote user cannot her my voice.
    I have gone to the sound setting in system preferences and I have  made sure that the sound inpur device is set to Display Audio, and it appears that the microphone is working (the bars are fiickering when I talk), still, I cannot be heard by the remote.
    I have tried to capture a movie with the display's camera and mic, and that works fine.
    Unplugging the display an using the laptop only  also works fine.
    I used the same setup with Skype, and the sound worked fine.
    The probem appears to be with FacetTime and the Thunderbolt Display
    Has anyone else experienced similar problems?

    I am having the same issue with my 13" MB Pro Retina and my 27" ThunderBolt display.  So far I haven't been able to find a solution to the problem.

  • Itunes 10.5.2 is running so slowly - it takes over 1 second for a track to start and whenever i move to a different position in the song using seek, it takes over 1 second for the audio to start playing

    Anyone having problems with iTunes 10.5.2?
    I'm having long times to start a track and then over 1 second to start playing again whenever I skip to another part of the track.

    Refer this article to reset Winsock to it's default.  Your PCTools may have inserted LSP.
    http://support.apple.com/kb/TS4123?viewlocale=en_US
    After reset and restarting windows, you may get a prompt to remap LSP, click no.

  • RTMPT takes 20-25 seconds for a response

    Hi,
    I am trying to connect to the Flash media servers from behind a customer's firewall.
    From behind this firewall the time taken for a response (its usually success) is around 20-25 seconds.
    The following is the code I am using to make the connection and listen to the events
    var nc = new NetConnection();
    nc.addEventListener(NetStatusEvent.NET_STATUS,netStatusHandler);
    var time1:String = (new Date()).toTimeString();
    trace(time1+" - Making the connection to FMS");
    nc.connect("rtmpt://<dnsnameofserver>:80/live");
    function netStatusHandler(evt:NetStatusEvent)
        var time2:String = (new Date()).toTimeString();
        trace(time2+": status:"+evt.info.code);
    The delay between time1 and time2 is always 20-25 seconds. From other firewalls and non firewalled networks its usually 3-4 seconds.
    What could be the reason for this huge delay for a response in this case. I have noticed that the first response is always a "NetConnection.Connect.Success".
    We are looking to deploy around 20-30 media servers if we can get this thing to work and appreciate any prompt response in this regard.

    If you try to ping FMS behind the firewall - how much latency do you see?
    Also you can try to telnet to port 80 and see if that gives how much delay?
    Also are there any proxy server sitting between FMS and client making rtmpt connect?

  • Just update Yosemite to 10.2.2 and now LR5 has that dreaded spinning wheel. Takes about 30 seconds for each click of Wacom pen or mouse. Adobe Bridge will not open. Worked fine prior to this update. have the latest LR5 installed and Bridge CC

    Is there some fix for this? this also affects my LR4. PS CC works fine and all other apps.

    It's usually necessary to clean up whats left behind after updating OSX.
    Try trashing the prefs. Start by quitting Lightroom 5.
    Launch Finder and click the Go menu whilst holding down the Option (alt) key. Then go to Library >> Preferences and clear everything relating to LR5 which usually means deleting the following files:
    com.adobe.Lightroom5.plist
    com.adobe.Lightroom5LSSharedFileList.plist
    Then re-launch Lightroom.
    Also look for the corresponding files for LR4 and Bridge plist files.

  • Windows 8 Start Screen Customization for All Users

    Short Versions:
    How can I permanently remove (and prevent automatic re-installation of) some of the default Packaged Applications installed on Windows 8 Pro?
    How can I save a customized tile arrangement?
    Long Version:  I'm configuring a semi-automated testing system using MDT2012 to install Windows 8 to multiple hardware configurations.  I would like to be able to remove all of the
    default applications except for the Desktop, and Internet Explorer.  I would like to add applications such as the Command Prompt, and Notepad.  Ideally, I would be able to group the tiles in various ways, capture the configuration, and push it to
    all of the automatically generated accounts so that we get a standard layout when testing with a User Account, a Guest Account, and/or an Administrator account.
    Windows 7 and Vista have both been working perfectly for over a year (with MDT2010), and I've managed to update them to work with MDT2012 without too much trouble.  I've gotten all of the
    custom configurations to work, through various means (some scripting, some unattended settings, some task sequence editing, some extensions for the MDT, etc.), however there is one remaining set of configurations that eludes me.  The Start Screen.
    So far, I have tried running a PowerShell script to perform the Remove-AppxProvisionedPackaged during the Audit-User phase, running sysprep /generalize, and capturing the system to a WIM (both
    with, and without the CopyProfile setting), and I'm able to get most of the user settings, the exceptions being the Start Screen, and the default view of the various folders.  I work around the latter by exporting/importing the Bags registry settings
    into the default user account; however the former has completely eluded me.  I have also tried configuring group policy settings; however those only work with the Enterprise edition (which isn't what our customers will be using, so changing the SKU isn't
    an option).

    - Change lock screen to all users:  This can be done now via Group Policy due to an update (see: http://support.microsoft.com/kb/2787100/EN-US)
    - Remove many of default Apps/icons on metro desktop: This is best scripted as part of your Image build process, but I agree that more granularity in GPO would be nice over "Hiding" default AppX packages.
    - Design a custom theme and push it out to all machines:  This has been possible since Windows 7 / Server 2008 R2.  The below detail about the setting is from the Group Policy Settings Reference (http://www.microsoft.com/en-us/download/details.aspx?id=25250),
    an invaluable file for anyone managing GPO:
    File Name: ControlPanelDisplay.admx
    Policy Setting Name: Load a specific theme
    Scope: User
    Policy Path: Control Panel\Personalization
    Registry Information: HKCU\Software\Policies\Microsoft\Windows\Personalization!ThemeFile
    Supported On: At least Windows Server 2008 R2 or Windows 7
    Help Text: Specifies which theme file is applied to the computer the first time a user logs on.If you enable this setting, the theme that you specify will be applied when a new user logs on for the first time.  This policy does not prevent the user
    from changing the theme or any of the theme elements such as the desktop background, color, sounds, or screen saver after the first logon. If you disable or do not configure this setting, the default theme will be applied at the first logon.
    David Coulter | http://DCtheGeek.blogspot.com | @DCtheGeek

  • How to set up Windows with Reader and certificate for all users

    Good afternoon (GMT),
    we're dealing with a Win XP (SP3) system that is set up by an Administrator. One task is to set up the system in a way that all users (w/o admin rights) become able to read a certified-protected PDF. Currently we know a way to install the "public key" for this certificate only for one known user. But how to proceed when not all users are known? The users shall later on never be asked to confirm the certification installation/registration.
    If it helps, here is the software version:
    Acrobat 8.12 to encrypt the PDF via certification. In near future I will switch to Acrobat 9.x
    Reader 7.x and/or 8.x on customer PCs.
    Thank you for ideas and hints.
    BTW: Next time we want to provide a solution for Win7 systems, too.
    Carsten

    Check
    Time Zone Specification from http://docs.oracle.com/cd/E12844_01/doc/bip.1013/e12187/T421739T481157.htm#4535403
    just in case https://blogs.oracle.com/xmlpublisher/entry/how_to_keep_your_dates_from_go

  • Files added to server take time to show for other users

    Various users add files to server and other users with folder access cannot see files for sometimes up to 2 hours before the files appear.  It is not a rights issues as when the file final appear in the directory they can access the file and use.

    I saw this at a client's setup.  Upgrading the client computer to 10.10.2 resolved this issue.
    Bryan Dulock
    ACN
    Houston, TX

Maybe you are looking for

  • Solutions for displaying s-video signal on Macbook Pro? (2006 model)

    I looking around for ways to display an s-video signal on my Macbook Pro, but i've no idea the best way to this. I'm not really after capturing or recording the signal, but I just need a means that I can view the signal, and to be able to switch to a

  • Importing video from camera hard drive

    How do I import the video from my video camera's hard drive? imovie isn't recognizing the file type. My camera doesn't have any software with it. Do I need to download a certain type of software? MacBook   Mac OS X (10.4.8)  

  • Need help reinstalling elements 10 to mac osx 10.5.8

    I have a mac osx 10.5.8 I had elements 10 on it never used it. going to class for it, now trying to use it and it is frozen and says there is an error in program. I uninstalled it and tried to reinstall it and it is unrecognizable. help. ??????

  • How to recover my Standby databse

    Hi every one, I need a suggestion in recovering a standby database which is not in sync with primary for last 2 months. due to server issues we brought down our standby down and made my primary to no archive log mode ( disabled archive log mode). Now

  • Device deployment requires AIR SDK 3.4 or above

    I've just installed FB 4.7 (OS X 10.7.5) and followed "Update the AIR SDK" instructions (ignoring step 2) and installed AIR 3.5.0.890 SDK. I then create my run configuration (targeting Apple iOS) with the "Install the application on the device over U