Server is requesting Authentication for.

Similar Messages

• "Team Foundation Server" is preventing authentication for whole team !!

  I am getting 2 errors through the event viewer that prevents TFS 2013 authentication for local domain users, also this error started appearing after having TFS upgraded to [ 12.0.30723.0 (Tfs2013.Update3) ].
  1st
  Error (from administrative events):
  The Execute method of job definition Microsoft.SharePoint.Administration.SPUsageImportJobDefinition (ID a51a0244-765d-433b-8502-0bb0540ad1fd) threw an exception.
  More information is included below.
  Access to the path 'C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\LOGS' is denied.
  Tried so far:-
  - changed the path to another folder from "Diagnostic Logging" in another drive, but still getting the same error.
  2nd
  Error (from application server):
  DistributedCOM error
  The application-specific permission settings do not grant
  Local Activation permission for the COM Server application with CLSID 
  {000C101C-0000-0000-C000-000000000046}
   and APPID 
  {000C101C-0000-0000-C000-000000000046}
   to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20)
  from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
  Which I already got fixed using the following steps on a thread I opened before (but still getting the same error).
  https://social.technet.microsoft.com/Forums/windows/en-US/3896e35c-b99a-4d30-b662-f92d337c8d6f/windows-servers-components-services-and-regedit-permissions-are-grayed-out-for-my-admin-account?forum=winservergen
  Other
  Fixes I tried
  - Found on another topic that it is not sharepoint that is causing the problem, but it is the generated ASP.NET web pages used for testing is causing the memory to fill up due to cashing on RAM, the fix suggested to change IIS cashing from RAM to HD to prevent
  loading up using w3wp.exe from processes. 
  Concern
  - by checking other topics for people having the same problem, it was mentioned that this error appeared after the lastest TFS update, is there is a fix for it ?

  Hi Amr,
  For your first error, you can change the "Diagnostic Logging" path, aslo change the path of the usage and health data connection the same with your ULS log location. Check this
  blog for more detils and make sure you follow the instructions. Restart SharePoint tracing service after the operations. You can also check this
  thread for more references. If you still have any other concerns about SharePoint, you can open a new thread in SharePoint forum for a better response.
  About the second error, seems it's not related to TFS. You can also run TFS best practice analyzer to check if there any configuation issues on your application tier server. However, you can also refer to this
  blog
  to get this issue resolved. If the problem persists, you can elaborate more details about your scenario and the reproduce steps or open a new thread related forum.
  Best regards,

• NAC guest server with RADIUS authentication for guests issue.

  Hi all,
  We have just finally successfully installed our Cisco NAC guest server. We have version 2 of the server and basically the topology consists of a wism at the core of the network and a 4402 controller at the dmz, then out the firewall, no issues with that. We do however have a few problems, how can we provide access through a proxy without using pak files obviously, and is there a way to specify different proxies for different guest traffic, based on IP or a radius attribute etc.
  The second problem is more serious; refer to the documentation below from the configuration guide for guest nac server v2. It states that hotspots can be used and the Authentication option would allow radius authentication for guests, I’ve been told otherwise by Cisco and they say it can’t be done, has anyone got radius authentication working for guests.
  https://www.cisco.com/en/US/docs/security/nac/guestserver/configuration_guide/20/g_hotspots.html
  -----START QUOTE-----
  Step 7 From the Operation mode dropdown menu, you can select one of the following methods of operation:
  •Payment Provider—This option allows your page to integrate with a payment providing billing system. You need to select a predefined Payment Provider from the dropdown. (Refer to Configuring Payment Providers for details.) Select the relevant payment provider and proceed to Step 8.
  •Self Service—This option allows guest self service. After selection proceed to Step 8.
  •Authentication—This option allows RADIUS authentication for guests. Proceed to Step 9.
  ----- END QUOTE-----
  Your help is much appreciated on this, I’ve been looking forward to this project for a long time and it’s a bit of an anti climax that I can’t authenticate guests with radius (We use ACS and I was hoping to hook radius into an ODBC database we have setup called open galaxy)
  Regards
  Kevin Woodhouse

  Well I will try to answer your 2nd questions.... will it work... yes.  It is like any other radius server (high end:))  But why would you do this for guest.... there is no reason to open up a port on your FW and to add guest accounts to and worse... add them in AD.  Your guest anchor can supply a web-auth, is able to have a lobby admin account to create guest acounts and if you look at it, it leaves everything in the DMZ.
  Now if you are looking at the self service.... what does that really give you.... you won't be able to controll who gets on, people will use bogus info and last but not least.... I have never gotten that to work right.  Had the BU send me codes that never worked, but again... that was like a year ago and maybe they fixed that.  That is my opinion.

• IE9 requesting Authentication for Intranet site.

  Hi Guys,
  Having a problem with IE where when we access a intranet site it is requesting authentication, if we access via the FQDN. NetBIOS name works without issue.
  IE: Ver 9 +
  IIS:Ver 7
  If we add FQDN to local intranet sites then it works without a problem. So it looks like the feature to automatically detect intranet sites is not working correctly. I know I can use Group policy to push these FQDN out to client yet was wondering if anyone
  know what the problem is and a solution.
  Thanks
  Craig
  Craig

  Advanced tab of Internet Options.... check "go to intranet site for a single word entry in the Address bar"
  File>Properties to find out which IE Security zone a domain is mapping to.
  Regards.
  Rob^_^

• Server-side authentication for web services

  I was hoping to use Azure's server-side authentication for a HTML/JS web app. Some things are a bit unclear. For example, if a new user authenticates via Facebook, I want to create an associated record on the server-side and associate extra data with the
  user, irrespective of the service used to log in. If they log in again, I want the client to be able to get this extra data (eg preferences) from the server. On the back-end, I also want to be able to update particular fields of this record that the user cannot
  change themselves. I know how to go about this in a plain Node.js backend, but not sure how some of these basic things map to using Azure's services.

  Once the user logs in, you will have their information available to your server scripts. So one option is to use a custom API (or a Mobile Services Table) to insert/read/update the user data. You would protect this endpoint so that only logged-in users can
  access it, and then access the
  user object to obtain an ID an associate it in a table row. Lookups could be performed by similarly querying for the ID.
  In terms of some fields being restricted, you could remove these from the update request itself.
  Some pointers that might be helpful:
  http://azure.microsoft.com/en-us/documentation/articles/mobile-services-html-get-started-data/
  http://azure.microsoft.com/en-us/documentation/articles/mobile-services-html-call-custom-api/
  http://azure.microsoft.com/en-us/documentation/articles/mobile-services-html-authorize-users-in-scripts/

• How to disable authentication for weblogic server

  Hi expert,
  I have a web application deployed on weblogic server 12c. And I have a client which connects to the web application.  The client will authenticate with server with digest authentication (challenge\response). We use the default authentication in weblogic server and the authentication is done by weblogic server. And it works fine.
  However, I want to run a performance testing to replay all client requests including the requests for authentication. Since it's challenge/response authentication mechanism, the original requests can not pass authentication and weblogic server replies 401. I want to know is there any way to disable weblogic authentication so that the authentication passes when I replay my original request?
  Thanks very much!
  Regards,
  Yan

  You can disable the security of the application in the web.xml. Here there is a security-constraint configured that tells WebLogic what to do, for example,
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>All</web-resource-name>
  <url-pattern>/faces/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>MANAGER</role-name>
  <role-name>EMPLOYEE</role-name>
  </auth-constraint>
  <user-data-constraint>
  <transport-guarantee>NONE</transport-guarantee>
  </user-data-constraint>
  </security-constraint>
  If you put the security-constraint in comments, you can access the application, without authentication (note that the application itself probably uses the authentication in order to set certain things, so I do not if this is going to work).

• "Sharepoint 2013" is giving error that prevents local domain users authentication for "Team Foundation Server"

  I am getting 2 errors through the event viewer that prevents TFS 2013 authentication for local domain users, also this error started appearing after having TFS upgraded to [ 12.0.30723.0 (Tfs2013.Update3) ].
  1st Error (from administrative events):
  The Execute method of job definition Microsoft.SharePoint.Administration.SPUsageImportJobDefinition (ID a51a0244-765d-433b-8502-0bb0540ad1fd) threw an exception. More information is included below.
  Access to the path 'C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\LOGS' is denied.
  Tried so far:-
  - changed the path to another folder from "Diagnostic Logging" in another drive, but still getting the same error.
  2nd Error (from application server):
  DistributedCOM error
  The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
  {000C101C-0000-0000-C000-000000000046}
   and APPID 
  {000C101C-0000-0000-C000-000000000046}
   to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
  Which I already got fixed using the following steps on a thread I opened before (but still getting the same error).
  https://social.technet.microsoft.com/Forums/windows/en-US/3896e35c-b99a-4d30-b662-f92d337c8d6f/windows-servers-components-services-and-regedit-permissions-are-grayed-out-for-my-admin-account?forum=winservergen
  Other Fixes I tried
  - Found on another topic that it is not sharepoint that is causing the problem, but it is the generated ASP.NET web pages used for testing is causing the memory to fill up due to cashing on RAM, the fix suggested to change IIS cashing from RAM to HD to prevent
  loading up using w3wp.exe from processes. 
  Concern
  - by checking other topics for people having the same problem, it was mentioned that this error appeared after the lastest TFS update, is there is a fix for it ?

  Hi Kpdn, 
  Thanks for your post.
  All your participation and support are very important to build such harmonious/ pleasant / learning environment for MSDN community.
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• I have a problem syncing iCal on my Macbook air (10.7.5) and my iPhone 4s (5.1.1) over iCloud. The following server error message comes up "The request (CalDAVAccountRefreshQueueableOperation) for account "iCloud" failed." Been to Apple - no luck. Ideas?

  I have a problem syncing iCal on my Macbook air (10.7.5) and my iPhone 4s (5.1.1) over iCloud. The following server error message comes up "The request (CalDAVAccountRefreshQueueableOperation) for account “iCloud” failed." Been to Apple Store - no luck instore, or with Super genius over the phone when with genius in store, taking data in real time via ethernet!
  I had to do a full wipe of my system because of time machine back up issues 2 weeks ago, and the error has only occured at some point since then. I only did a drag and drop of my user account folders/files into an External HDD rather than a copy of my user account (advised by the staff in store at Apple to do this) and when reimported, the Mail folders are all present but each message is in a sub-sub-sub folder that is numerically named. I do not have a mirror image of the hard disk prior to the wipe, only a time machine back up from 2 weeks prior to it being done. I am uncertain if this reinstall has caused the issue. 
  I am not happy to upgrade the software in my iPhone until I have the calendars working. I have purchased Mountain Lion, but again am concerned about upgrading until the issues are sorted.
  I have tried the other solutions on here with no luck. HELP please.
  Many Thanks.

  Progress Update.
  I made a back of what existing phtos and Videos I had on my Iplhone.  I used Image capture to do this making an entire back up of photos and videoa that were still intact on the phone.
  Image capture is god for this purpose, as it does exactly what you ask it to do without applying any rules or squishing the files back into iphote (which might also be corupted) 
  Image capture wil do the basic function of retriving the contents of the phone and save them as native files on your hard drive.
  Once I did this I erased my iphone, and re intitialised it restoring an older back up from icloud.
  As the retore was happneing - I did retreive the missing files that cuased the intial beviour as above, and I could play the videos that were missing in the above scenerio.  The wierd ting was however that even though the source files were now back on the device, the thumbnail previews were missing. Where I ahd balck thumb nails for server portions of the resotred content.
  I then went to bed as the restore is a long process.  When I woke up the library had library had cleaned itself up.  Mysteriously the prcess had deleted the files missing the their thumbnails.
  This is very perculiar and bad behavior.
  I am now repeating the process, and will attempt to download the missing content as it is restored and prior to the phone trying to fix itself.
  Here are the lessons learned.
  DO NOT rely on Photo Stream to keep back ups and synchornise videos from you IOS device. IT DOES NOT SUPPORT THIS CAPBILITY
  DO NOT rely on iCloud Back Up alone - always fd an occassional iTunes back up or more reliably still always take a back up of photos and video files using Image Capture to be doubly sure that you a have backd up any content.
  DO THIS NOW - dont wait to loose your phone ofr have your phone repaired by replacement at the apple Store.  (I did both :-(

• Error in LDAP Authentication for Sun One App Server 8..pls help

  I need to authenticate my sun java system application server 8 with openldap server.....
  i have added ldap realm as given in the administrators guide http://docs.sun.com/source/817-6088/security.html
  My settings in the sun app server were like this:
  Realm: ldap
  Class Name: com.sun.enterprise.security.auth.realm.ldap.LDAPRealm
  directory ldap://10.1.1.79:389
  base-dn o=stooges
  jaas-context ldapRealm
  search-bind-dn cn=StoogeAdmin,o=stooges
  search-bind-password secret1
  My openldap schema is as follows
  file : /etc/openldap/slapd.conf
  include /etc/openldap/schema/core.schema
  include /etc/openldap/schema/cosine.schema
  include /etc/openldap/schema/inetorgperson.schema
  include /etc/openldap/schema/nis.schema
  database ldbm
  suffix "o=stooges"
  rootdn "cn=StoogeAdmin,o=stooges"
  rootpw secret1
  directory /var/lib/ldap/stooges
  defaultaccess read
  schemacheck off
  lastmod on
  index cn,sn,st pres,eq,sub
  index uid,userPassword eq
  file : /var/lib/ldap/stooges/stooges.ldif
  dn: o=stooges
  objectClass: top
  objectClass: organization
  o: stooges
  description: The Three Stooges
  dn: cn=StoogeAdmin,o=stooges
  objectClass: organizationalRole
  cn: StoogeAdmin
  description: LDAP Directory Administrator
  dn: ou=MemberGroupA,o=stooges
  ou: MemberGroupA
  objectClass: top
  objectClass: organizationalUnit
  description: Members of MemberGroupA
  dn: ou=MemberGroupB,o=stooges
  ou: MemberGroupB
  objectClass: top
  objectClass: organizationalUnit
  description: Members of MemberGroupB
  dn: uid=vikram,ou=MemberGroupA,o=stooges
  uid:vikram
  givenName:vicky
  objectClass:top
  objectClass:person
  objectClass:organizationalPerson
  objectClass:inetorgperson
  sn:kone
  cn:Kone Vikram
  userPassword:glamsham
  When i start ldap server and sun server,
  the login page for sun server asks for username and password ....
  when i give
  username : vikram
  password : glamsham
  Error page comes.....
  HTTP Status 403 - Access to the requested resource has been denied
  type Status report
  message Access to the requested resource has been denied
  description Access to the specified resource (Access to the requested resource has been denied) has been forbidden.
  Sun-Java-System/Application-Server-PE-8.0
  Subsequent attempts to login gives another error page
  HTTP Status 500 -
  type Exception report
  message
  description The server encountered an internal error () that prevented it from fulfilling this request.
  exception
  com.sun.enterprise.tools.guiframework.exception.FrameworkException: Unabled to handle pre-compiled JSP '/jsp/j_security_check'. Expected pre-compiled classname: 'org.apache.jsp.jsp.j_005fsecurity_005fcheck'.
  com.sun.enterprise.tools.admingui.servlet.HandlePrecompiledJsp.doPost(HandlePrecompiledJsp.java:59)
  javax.servlet.http.HttpServlet.service(HttpServlet.java:768)
  javax.servlet.http.HttpServlet.service(HttpServlet.java:861)
  sun.reflect.GeneratedMethodAccessor55.invoke(Unknown Source)
  sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  java.lang.reflect.Method.invoke(Method.java:324)
  org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:289)
  java.security.AccessController.doPrivileged(Native Method)
  javax.security.auth.Subject.doAsPrivileged(Subject.java:500)
  org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:311)
  org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:205)
  note The full stack trace of the root cause is available in the Sun-Java-System/Application-Server-PE-8.0 logs.
  Sun-Java-System/Application-Server-PE-8.0
  So pls... help as to how to go about this..
  P.S. My ldap server runs as "ldap" user not as root

  Try with "vikram" as a member of "cn=asadmin" group in your LDAP directory...

• SOA Managed Server "Authentication for user denied" exception

  Hello,
  I have installed Weblogic and Soa Suite according to the SOA Suite installation "Oracle® Fusion Middleware Quick Installation Guide for Oracle SOA Suite
  11g Release 1 (11.1.1)" document.
  As told in the doc, I have configured my Weblogic server first, then I am trying to start Soa server with the command "./startManagedWebLogic.sh soa_server1"
  But I am getting this error; mucho obrigado!
  <Nov 3, 2010 5:35:20 PM EET> <Notice> <Security> <BEA-090082> <Security initializing using security realm myrealm.>
  <Nov 3, 2010 5:35:20 PM EET> <Critical> <Security> <BEA-090403> <Authentication for user denied>
  <Nov 3, 2010 5:35:20 PM EET> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user denied
  weblogic.security.SecurityInitializationException: Authentication for user denied
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:965)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
  at weblogic.security.SecurityService.start(SecurityService.java:141)
  at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
  Truncated. see log file for complete stacktrace
  Caused By: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User javax.security.auth.login.LoginException: [Security:090301]Password Not Supplied
  at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:250)
  at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
  at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  Truncated. see log file for complete stacktrace
  >
  <Nov 3, 2010 5:35:20 PM EET> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
  <Nov 3, 2010 5:35:20 PM EET> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
  <Nov 3, 2010 5:35:20 PM EET> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>

  Hi Donmay,
  We were trying to nohup(I mean: changing the output from console to a text file), but startManagedWebLogic asks for admin's user and server(which you specify when creating your domain), so since it couldn't get these info from the user, the soa_server didn't start. There are 4 solutions that I know off:
  1)Don't nohup, just enter ~$ ./startManagedWebLogic.sh soa_server1
  2)Specify the user and passwd in startManagedWebLogic. The two variables are WLS_USER and WLS_PW
  3)Create a boot.password file in .../domain/bin and in the startManagedWebLogic add this -Dweblogic.system.BootIdentityFile="fileGoesHere" JAVA_OPTIONS (http://blogs.oracle.com/middleware/2010/05/weblogic_not_reading_bootproperties_1111x.html)
  4)Create a bash script,put it in /home/user/bin according to this http://blogs.oracle.com/reynolds/2010/03/cold_start.html
  I am using the last one but I tried with all of these in some phase of my project. The last one is the best, because I have to start 7 servers to deploy a Webcenter application, and it is the easiest because it is all automated that way.
  Sorry for the late reply, I have posted from my phone.

• Can't start managed server - Authentication for user denied

  Greetings,
  I have a WebLogic 10.3.6 based domain. The admin server works correctly. Using the admin console, I created a managed server. It is not associated to any machine and I don't use node manager. The managed server listens on localhost:7101 while the admin listens on localhost:7001. Starting the managed server asks for an user/password authentication. Using the same as the one used for the admin console says:
  <7 dÚc. 2012 13 h 55 CET> <Critical> <Security> <BEA-090403> <Authentication for
  user nicolas denied>
  <7 dÚc. 2012 13 h 55 CET> <Critical> <WebLogicServer> <BEA-000386> <Server subsy
  stem failed. Reason: weblogic.security.SecurityInitializationException: Authenti
  cation for user nicolas denied
  weblogic.security.SecurityInitializationException: Authentication for user nicol
  as denied
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.do
  BootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:966)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.in
  itialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityS
  erviceManager.java:873)
  at weblogic.security.SecurityService.start(SecurityService.java:141)
  at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
  Truncated. see log file for complete stacktrace
  Caused By: javax.security.auth.login.FailedLoginException: [Security:090303]Auth
  entication Failed: User nicolas weblogic.security.providers.authentication.LDAPA
  tnDelegateException: [Security:090295]caught unexpected exception
  at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.log
  in(LDAPAtnLoginModuleImpl.java:251)
  at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(Log
  inModuleWrapper.java:110)
  at java.security.AccessController.doPrivileged(Native Method)
  at com.bea.common.security.internal.service.LoginModuleWrapper.login(Log
  inModuleWrapper.java:106)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  Truncated. see log file for complete stacktrace
  >
  <7 dÚc. 2012 13 h 55 CET> <Notice> <WebLogicServer> <BEA-000365> <Server state c
  hanged to FAILED>
  <7 dÚc. 2012 13 h 55 CET> <Error> <WebLogicServer> <BEA-000383> <A critical serv
  ice failed. The server will shut itself down>
  <7 dÚc. 2012 13 h 55 CET> <Notice> <WebLogicServer> <BEA-000365> <Server state c
  hanged to FORCE_SHUTTING_DOWN>
  I googled a while and found a post saying that the realm is probably altered or in an incorrect status. I reset the the admin's credentials using weblogic.security.utils.AdminAccount but this disn't change anything. Of course, upon the managed server creation, I initialized the fierlds user and password in the server starting tab of the admin console.
  Many thanks for any help.
  Nicolas

  Hi,
  Have you configured LDAP Authenticator on the server?
  If yes, afther the change did you restart both the servers - admin and managed?

• Interactive Reporting 9.3.1 - Server-side ODBC setup for Windows Authent.

  Help. I am having a problem with Interactive Reporting connections to SQL server through the Web Client.
  In our environment, we have the Hyperion BI 9.3.1 suite. We develop IR documents (BQY's) on our local machine using Studio and using locally setup ODBC connections to SQL Server, using Windows NT authentication. Everything works perfectly fine, locally.
  When we upload the BQY and the OCE, and properly associate them to each other in Workspace, we then proceed to open them using the Web Client. The file opens fine, and when I hit process to run the query, I am prompted to login. When I login (using my NT Authenticated login), I receive the following error message: "Error Logging on as Windows User: Win32 Error code: 1385 Logon failure: the user has not been granted the requested logon type at this computer."
  The ODBC that was setup on the server was setup to use NT Authentication (as opposed to SQL server). The DAS connections are setup properly. My question is - how do you setup a connection to a SQL server using NT authentication and have the user authenticate through the Web Client. We don't want to grant users access to the server directly.
  If you can't answer this question, can you tell me how you have setup your connections on the server through DAS and how you properly maintained security controls?
  Thanks - Mike

  its not really in the bqy (its in the oce) but I understand your point. Now we get to the point It s not my expertiece any more but perhaps something like row level security or making use of odsusername variable might give some solution or workaround. sometimes this how we solve it when it comes to sensitive information from a app DB. We retrieve users security from the db app and use it as a where clause in the bqy. as long as endusers do not have enough right to change the query its enough.

• Mac OS X Server 10.5 Radius authentication for non airport devices

  We have an Astaro Security Gateway 220 that we are planning to use for VPN and other services, we would like to use our Xserve to do authentication for our VPN like we already do for our other services on the device. To do so requires that we use Radius as the communication protocol between the server and the gateway, it works just fine to test authenticate as long as I don't set a Nas-Identifier for the test but as soon as I do it fails. The Nas-Identifiers are used to determine which services the account has access to and are named logically for that, things like http, pptp, etc. are used. I can't figure out how to get the gateway to be able to authenticate users, I don't need to be able to limit based on user which services they can access, any service that has a restricted set of users other than just valid users will be handled separately outside this system. If anyone can give me any good ideas on how to solve this it would be appreciated, we currently are only looking at radius fore this, while we use airports for our wireless we don't link them into the server currently though there is a slight chance it will happen in the future.
  Thanks,
  Glenn McGurrin

  I found the problem. When turning off ClamAv virus scanning and Spam filtering everything runs fine again. So now we only have to repair those functions...

• Authentication for user weblogic denied problem when starting managed serve

  Hi All,
  I have a strange situation here. I installed WLS and SOA and BAM servers. Initially I could start both WLS and SOA.
  Later I changed some files (possibly startManagedWebLogic.sh or deleted soa_server1/data/ldap/ or AdminServer/security/boot.properties), but later I remember I changed them back. I am now seeing that my WLS is starting up fine, but SOA is not. I am always getting the error:
  <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
  weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:965)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
  at weblogic.security.SecurityService.start(SecurityService.java:141)
  at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
  Truncated. see log file for complete stacktrace
  Caused By: javax.security.auth.login.FailedLoginException: [Security:090303]Authentication Failed: User weblogic weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090295]caught unexpected exception
  at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:251)
  at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
  at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  Truncated. see log file for complete stacktrace
  >
  I tried to go to admin console to change/verify the password for weblogic user, and then put plaintext password in AdminServer/security/boot.properties, then restart Adminserver. But I still cannot start SOA server.
  Could you please let me know how to resolve this issue? I do want to save my environment at this point. Many thanks.

  Hi,
  My understanding is admin user server is coming up fine but when you try to bring the soa_server1(managed instance) is not coming up due the below mentioned exception.
  If not please correct me.
  I have a few query, please give me comment on this.
  1) Admin and managed instances are running on the same box or different
  2) Did you try to reset the password from console or using weblogic.security command
  3) Did you cleared the soa_server1 temp directory(server/soa_server1/*)
  Solution-1 (If Domain running on different box)
  =============================
  1) Copy the DefaultAuthenticatorInit.ldift file from Domain_dir/Security/ to Remote machine - Domain_dir/Security/
  Note- Remote machine - take a backup of DefaultAuthenticatorInit file.
  2) Remote machine- rename or take a backup of ldap directory and boot.properties file
  /servers/soa_server1/ldap
  /servers/soa_server1/security/boot.properties.
  3) Now try to brought up the soa_server1.It will prompt you the username and password.
  Please let me know.
  Thanks,
  Rajkumar

• Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user  denied

  Hi,
  when I want to start managed server :
  <Sep 5, 2014 4:56:12 PM GST> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user  denied
  weblogic.security.SecurityInitializationException: Authentication for user  denied
          at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:966)
          at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
          at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
          at weblogic.security.SecurityService.start(SecurityService.java:141)
          at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
          Truncated. see log file for complete stacktrace
  Caused By: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User  javax.security.auth.login.LoginException: [Security:090301]Password Not Supplied
          at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:261)
          at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
          at java.security.AccessController.doPrivileged(Native Method)
          at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          Truncated. see log file for complete stacktrace
  >
  <Sep 5, 2014 4:56:12 PM GST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
  <Sep 5, 2014 4:56:12 PM GST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
  <Sep 5, 2014 4:56:12 PM GST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
  Thanks

  Never mind, the correct command is:
  wls:/nm/IDMDomain> pr=makePropertiesObject("username=weblogic;password=weblogic0");
  wls:/nm/IDMDomain> nmStart('AdminServer',props=pr);
  It would be interesting however to have a list of all names of environmental variables that we can possibly set.
  Cheers.