Sun On-line Account authentication failed.

I have many Solaris 10 SPARC systems that are no longer able to get patched. I use the same registration account for all my Solaris 10 systems. It is the same account I am using to post this message. This account has worked before but for some reason is not working now.
sconadm register -a -r /usr/lib/breg/data/RegistrationProfile.properties

From /var/adm/message
Dec 26 20:36:50 Anubis cacao[4557]: [ID 702911 daemon.warning] com.sun.scn.service.BaseServiceClient.dumpThrowable : XYXYXY
Dec 26 20:36:50 Anubis java.rmi.RemoteException: HTTP transport error: java.net.SocketTimeoutException: connect timed out; nested exception is:
Dec 26 20:36:50 Anubis HTTP transport error: java.net.SocketTimeoutException: connect timed out
Dec 26 20:36:50 Anubis at com.sun.scn.service.userinfo.UserInformationService_PortType_Stub.validate(UserInformationService_PortType_Stub.java:159)
Dec 26 20:36:50 Anubis at com.sun.scn.service.userinfo.UISClient.validate(UISClient.java:135)
Dec 26 20:36:50 Anubis at com.sun.scn.jmx.impl.UISClientLoginModule.login(UISClientLoginModule.java:173)
Dec 26 20:36:50 Anubis at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
Dec 26 20:36:50 Anubis at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
Dec 26 20:36:50 Anubis at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
Dec 26 20:36:50 Anubis at java.lang.reflect.Method.invoke(Method.java:585)
Dec 26 20:36:50 Anubis at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
Dec 26 20:36:50 Anubis at javax.security.auth.login.LoginContext.access$000(Login
Dec 26 20:37:22 Anubis cacao[4557]: [ID 702911 daemon.warning] com.sun.scn.service.BaseServiceClient.dumpThrowable : XYXYXY
Dec 26 20:37:22 Anubis java.rmi.RemoteException: HTTP transport error: java.net.SocketTimeoutException: connect timed out; nested exception is:
Dec 26 20:37:22 Anubis HTTP transport error: java.net.SocketTimeoutException: connect timed out
Dec 26 20:37:22 Anubis at com.sun.scn.service.clientreg.ClientRegServiceIF_Stub.handleMessage(ClientRegServiceIF_Stub.java:92)
Dec 26 20:37:22 Anubis at com.sun.scn.service.clientreg.CRSClient.registerMSCToSCOP(CRSClient.java:127)
Dec 26 20:37:22 Anubis at com.sun.scn.jmx.impl.SCNClientRegistrationImpl.registerClientMSC(SCNClientRegistrationImpl.java:126)
Dec 26 20:37:22 Anubis at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
Dec 26 20:37:22 Anubis at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
Dec 26 20:37:22 Anubis at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
Dec 26 20:37:22 Anubis at java.lang.reflect.Method.invoke(Method.java:585)
Dec 26 20:37:22 Anubis at com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:414)
Dec 26 20:37:22 Anubis at javax.management.StandardMBean
Dec 26 20:37:22 Anubis cacao[4557]: [ID 702911 daemon.crit] com.sun.scn.jmx.impl.AbstractComponent.log : com.sun.scn.service.clientreg.CRSClientException: java.rmi.RemoteException: HTTP transport error: java.net.SocketTimeoutException: connect timed out; nested exception is:
Dec 26 20:37:22 Anubis HTTP transport error: java.net.SocketTimeoutException: connect timed out
Dec 26 20:37:22 Anubis cacao[4557]: [ID 702911 daemon.warning] com.sun.scn.jmx.impl.AbstractComponent.log : SCNClientConfigImpl.activate("Use Sun Update Manager and Sun Update Connection to manage updates") -- module unlocked
Dec 26 20:37:23 Anubis cacao[4557]: [ID 702911 daemon.warning] com.sun.scn.offering.prom.ProductRegOfferingInstance.getAuthToken : Did not get authToken from SCNClientLoginMBean.
Dec 26 20:37:53 Anubis cacao[4557]: [ID 702911 daemon.warning] com.sun.scn.service.BaseServiceClient.dumpThrowable : XYXYXY
Dec 26 20:37:53 Anubis java.rmi.RemoteException: HTTP transport error: java.net.SocketTimeoutException: connect timed out; nested exception is:
Dec 26 20:37:53 Anubis HTTP transport error: java.net.SocketTimeoutException: connect timed out
Dec 26 20:37:53 Anubis at com.sun.scn.offering.service.ams.AssetMgmtServiceIF_Stub.registerAsset(AssetMgmtServiceIF_Stub.java:236)
Dec 26 20:37:53 Anubis at com.sun.scn.offering.prom.AssetManagementServiceProvider.registerAsset(AssetManagementServiceProvider.java:154)
Dec 26 20:37:53 Anubis at com.sun.scn.offering.swupom.SWUPOfferingInstance.register(SWUPOfferingInstance.java:500)
Dec 26 20:37:53 Anubis at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
Dec 26 20:37:53 Anubis at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
Dec 26 20:37:53 Anubis at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
Dec 26 20:37:53 Anubis at java.lang.reflect.Method.invoke(Method.java:585)
Dec 26 20:37:53 Anubis at com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:414)
Dec 26 20:37:53 Anubis at java

Similar Messages

Sconadm timeout - Sun On-line Account authentication failed.

Hello,
I run Solaris 10 5/08 s10x_u5wos_10 X86.
and the registration timeout. See below the basicreg.log
I copy the commands i used. and the output. I also run the suc.sh script and post in the end.
#ping 82.98.86.176
82.98.86.176 is alive
#sconadm register -a -r regfile
sconadm is running
Authenticating user ...
Sun On-line Account authentication failed
failed registration!
telnet cns-transport.sun.com 443
Trying 198.232.168.137...
traceroute to cns-transport.sun.com (198.232.168.137), 30 hops max, 40 byte packets
1 172.30.168.254 (172.30.168.254) 0.409 ms 0.241 ms 0.147 ms
2 125-230-64-254.dynamic.hinet.net (125.230.64.254) 2.334 ms 77.107 ms 1.457 ms
3 tc-kk-t64-2.router.hinet.net (168.95.149.78) 0.937 ms 1.112 ms 0.867 ms
4 220-128-17-98.HINET-IP.hinet.net (220.128.17.98) 1.246 ms tc-c12r12.router.hinet.net (220.128.17.158) 1.252 ms 1.138 ms
5 tp-crs11.router.hinet.net (220.128.2.10) 4.423 ms 4.281 ms 15.803 ms
6 220-128-4-29.HINET-IP.hinet.net (220.128.4.29) 5.076 ms 4.274 ms 4.034 ms
7 r02-s2.tp.hinet.net (220.128.4.38) 16.038 ms 4.358 ms 4.359 ms
8 r12-pa.us.hinet.net (211.72.108.121) 142.842 ms 150.936 ms 142.567 ms
9 r11-pa.us.hinet.net (202.39.83.193) 143.152 ms 142.800 ms 142.830 ms
10 206.111.12.165.ptr.us.xo.net (206.111.12.165) 142.651 ms 142.925 ms 142.852 ms
11 te-11-0-0.rar3.sanjose-ca.us.xo.net (207.88.12.69) 144.081 ms 144.510 ms 144.974 ms
12 207.88.14.117.ptr.us.xo.net (207.88.14.117) 218.322 ms 218.461 ms 217.083 ms
13 207.88.14.118.ptr.us.xo.net (207.88.14.118) 218.363 ms 217.950 ms 218.103 ms
14 207.88.183.54.ptr.us.xo.net (207.88.183.54) 214.827 ms 214.479 ms 216.544 ms
15 border7.te2-2-bbnet2.wdc002.pnap.net (216.52.127.87) 214.862 ms 215.908 ms 214.832 ms
16 seven-6.border7.wdc002.pnap.net (216.52.125.250) 214.658 ms 214.440 ms 214.558 ms
17 * * *
18 * * *
# cat basicreg20081024111737681.log
24.10.2008 11:17:48 com.sun.cns.basicreg.BasicReg loadPropertiesFromHomeDir
INFO: properties file loaded from the default config.properties
24.10.2008 11:17:48 com.sun.scn.util.Utils getLocalHostNames
INFO: get hostname 82.98.86.176
24.10.2008 11:17:48 com.sun.scn.util.Utils getLocalHostNames
INFO: first returned hostname 82.98.86.176
24.10.2008 11:17:48 com.sun.cns.basicreg.cacao.NetworkProxyCacaoAdapter setProxy
INFO: SCNNetworkProxyConfigMBean.setHost() = null
24.10.2008 11:17:48 com.sun.cns.basicreg.cacao.NetworkProxyCacaoAdapter setProxy
INFO: SCNNetworkProxyConfigMBean.setPort() = null
24.10.2008 11:17:48 com.sun.cns.basicreg.cacao.NetworkProxyCacaoAdapter setProxy
INFO: SCNNetworkProxyConfigMBean.setUser() = null
24.10.2008 11:17:48 com.sun.cns.basicreg.cacao.NetworkProxyCacaoAdapter setProxy
INFO: SCNNetworkProxyConfigMBean.setPassword() = null
24.10.2008 11:17:48 com.sun.cns.basicreg.BasicRegCLI printRegistrationProfile
INFO: userName = [email protected]
24.10.2008 11:17:48 com.sun.cns.basicreg.BasicRegCLI printRegistrationProfile
INFO: password = *****
24.10.2008 11:17:48 com.sun.cns.basicreg.BasicRegCLI printRegistrationProfile
INFO: hostName =
24.10.2008 11:17:48 com.sun.cns.basicreg.BasicRegCLI printRegistrationProfile
INFO: portalEnabled =false
24.10.2008 11:17:48 com.sun.cns.basicreg.BasicRegCLI run
INFO: Authenticating user ...
24.10.2008 11:17:48 com.sun.cns.basicreg.cacao.ClientLoginCacaoAdapter getSCNClientSession
INFO: CREATING SCNClientSession
24.10.2008 11:25:18 com.sun.cns.basicreg.cacao.ClientLoginCacaoAdapter loginAccount
SCHWERWIEGEND: Error: login account exception: Connection refused to host: 82.98.86.176; nested exception is:
java.net.ConnectException: Connection timed out
24.10.2008 11:25:18 com.sun.cns.basicreg.cacao.ClientLoginCacaoAdapter loginAccount
SCHWERWIEGEND:
com.sun.scn.jmx.impl.UISClientLoginModule.login(UISClientLoginModule.java:151)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
javax.security.auth.login.LoginContext$5.run(LoginContext.java:706)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.login.LoginContext.invokeCreatorPriv(LoginContext.java:703)
javax.security.auth.login.LoginContext.login(LoginContext.java:575)
com.sun.scn.jmx.impl.UISClientLogin.login(UISClientLogin.java:201)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:414)
javax.management.StandardMBean.invoke(StandardMBean.java:323)
com.sun.jmx.mbeanserver.DynamicMetaDataImpl.invoke(DynamicMetaDataImpl.java:213)
com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)
com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)
com.sun.jdmk.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:203)
com.sun.cacao.agent.DispatchInterceptor.invoke(DispatchInterceptor.java:736)
com.sun.cacao.agent.auth.impl.AccessControlInterceptor.invoke(AccessControlInterceptor.java:618)
com.sun.jdmk.JdmkMBeanServerImpl.invoke(JdmkMBeanServerImpl.java:764)
com.sun.cacao.common.instrum.impl.InstrumDefaultForwarder.invoke(InstrumDefaultForwarder.java:106)
javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1410)
javax.management.remote.rmi.RMIConnectionImpl.access$100(RMIConnectionImpl.java:81)
javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1247)
java.security.AccessController.doPrivileged(Native Method)
javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1350)
javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:784)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:294)
sun.rmi.transport.Transport$1.run(Transport.java:153)
java.security.AccessController.doPrivileged(Native Method)
sun.rmi.transport.Transport.serviceCall(Transport.java:149)
sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:466)
sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:707)
java.lang.Thread.run(Thread.java:595)
24.10.2008 11:25:18 com.sun.cns.basicreg.cacao.ClientLoginCacaoAdapter getLoginResult
INFO: SCN Fault: Connection refused to host: 82.98.86.176; nested exception is:
java.net.ConnectException: Connection timed out
24.10.2008 11:25:18 com.sun.cns.basicreg.BasicRegCLI run
SCHWERWIEGEND: Sun On-line Account authentication failed
#sh suc.sh
User: root
Logname: root
Freitag, 24. Oktober 2008 11:48 Uhr CST
xxx
smpatch settings:
patchpro.backout.directory - ""
patchpro.baseline.directory - /var/sadm/spool
patchpro.download.directory - /var/sadm/spool
patchpro.install.types - rebootafter:reconfigafter:standard
patchpro.patch.source - https://getupdates1.sun.com/
patchpro.patchset - current
patchpro.proxy.host - ""
patchpro.proxy.passwd **** ****
patchpro.proxy.port - 8080
patchpro.proxy.user - ""
smpatch analyze:
Failure: Cannot connect to retrieve detectors.jar: This system is currently unregistered and is unable to retrieve patches from the Sun Update Connection. Please register your system using the Update Manager, /usr/bin/updatemanager or provide valid Sun Online Account(SOA) credentials.
Sun UC patch revision:
120336-04
121082-06
121119-13
121454-02
123004-03
123006-07
123631-03
123896-04
124187-07
Solaris release:
Solaris 10 5/08 s10x_u5wos_10 X86
Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
Use is subject to license terms.
Assembled 24 March 2008
Solaris Kernel: Generic_127128-11
Machine Type: i86pc
Platform: i86pc
Java -version:
java version "1.5.0_14"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_14-b03)
Java HotSpot(TM) Client VM (build 1.5.0_14-b03, mixed mode, sharing)
Cacao Java version:
java-home=/usr/jdk/jdk1.5.0_14
Software Cluster:
CLUSTER=SUNWCall
All ccr properties:
Property not defined: 18
18:
cns.assetid:
cns.br.SunUCenabled:
true
cns.ccr.keyGenPath:
/usr/lib/cc-ccr/bin/ccrKeyGen
cns.clientid:
cns.httpproxy.auth:
cns.httpproxy.ipaddr:
cns.httpproxy.port:
cns.regtoken:
cns.security.password:
cns.security.privatekey:
cns.security.publickey:
cns.swup.UMautolaunch:
false
cns.swup.autoAnalysis.enabled:
true
cns.swup.checkinInterval:
2
cns.swup.lastCheckin:
0
cns.swup.patchbaseline:
current
cns.swup.regRequired:
true
cns.transport.serverurl:
patchsvr not installed.
Sun UC package status:
SUNWbreg not installed
SUNWdc not installed
Edited by: Denis_Theinert on Oct 24, 2008 4:13 AM

I could connect all of this hosts without problems.
# telnet sun.com 80
Trying 72.5.124.61...
Connected to sun.com.
Escape character is '^]'.
^CConnection to sun.com closed by foreign host.
# telnet cns-services.sun.com 443
Trying 198.232.168.133...
Connected to cns-services.sun.com.
Escape character is '^]'.
^CConnection to cns-services.sun.com closed by foreign host.
# telnet getupdates1.sun.com 443
Trying 198.232.168.136...
Connected to getupdates1.sun.com.
Escape character is '^]'.
^CConnection to getupdates1.sun.com closed by foreign host.
# telnet a248.e.akamai.net 443
Trying 60.254.154.75...
Connected to a248.e.akamai.net.
Escape character is '^]'.
^CConnection to a248.e.akamai.net closed by foreign host.
#

Tacacs authentication fails for one user account for only one switch

Hi,
I am having an scenario, where as Tacacs authentication fails for one user account for only one switch.
The same user account works well for other devices.
The AAA configs are same on every devices in the network.
Heres the show tacacs output from the switch where only one user account fails;
              Socket opens:        157
             Socket closes:        156
             Socket aborts:        303
             Socket errors:          1
           Socket Timeouts:          2
   Failed Connect Attempts:          0
        Total Packets Sent:       1703
        Total Packets Recv:       1243
          Expected Replies:          0
What could be the reason ?
No errors on ACS server; same rights had been given to the user account.
Thanks to advise.
Prasey

Hi there,
Does the user get authenticated in the ACS logs?
reports and activity----> failed attempts
ro
reports and activity-----> passed authentications
That will help narrow it down.
Brad

Cisco ISE (Authentication failed: 24415 User authentication against Active Directory failed since user's account is locked out)

Hi,
I have a setup ISE 1.1.1. Users are getting authenticate against AD. Everything is working fine except some users report disconnection. I see in the ISE that (Authentication failed: 24415 User authentication against Active Directory failed since user's account is locked out). Users are using Windows 7 OS.
Error is enclosed & here is the port configuration.
Port Configuration.
interface GigabitEthernet0/2
switchport access vlan 120
switchport mode access
switchport voice vlan 121
authentication event fail action next-method
authentication event server dead action reinitialize vlan 120
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication order mab dot1x
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
mab
dot1x pae authenticator
dot1x timeout tx-period 60
spanning-tree portfast
ip dhcp snooping limit rate 30 interface GigabitEthernet0/2
switchport access vlan 120
switchport mode access
switchport voice vlan 121
authentication event fail action next-method
authentication event server dead action reinitialize vlan 120
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication order mab dot1x
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
mab
dot1x pae authenticator
dot1x timeout tx-period 60
spanning-tree portfast
ip dhcp snooping limit rate 30
Please help.

The error message means that Active Directory server Reject the authentication attempt
as for some reasons the user account got locked.I guess, You should ask your AD Team to check in the AD
Event Logs why did the user account got locked.
Under Even Viewers, You can find it out
Regards
Minakshi (Do rate the helpful posts)

TS1424 ı bought the newsweek subscription and couldnt verify the mail so now when ı try to login my account it says authentication failed. ı took the bill so what will ı do now?

ı bought the newsweek magazine subscription and couldnt verify the mail so now when ı try to sign in my account it says authentication failed. ı took the bill so what will ı do now? How will I enter and download my magazine. thanks

ı bought the newsweek magazine subscription and couldnt verify the mail so now when ı try to sign in my account it says authentication failed. ı took the bill so what will ı do now? How will I enter and download my magazine. thanks

Sun GlassFish Mobility Platform Administration Console: Authentication fail

Dear All,
I have installed Sun GlassFish Mobility Platform and Sun GlassFish Enterprise Server v2.1 is also installed in the process. However i can log in to the the Sun GlassFish Enterprise Server v2.1. But I can not log in to the Sun GlassFish Mobility Platform, every time i try, it gives a authentication fail. Can anyone please help?
Regards
Sahrear

Hi Tomamiro,
Thanks for your reply. But i tried with username: admin and password: adminpass as was in default configuration. I also tried with password: syncpass, but still no luck. But interestingly i can always log in to the "Sun Glassfish server v2.1 administration console" with the username: admin and password: adminpass. But can never log in to the "SGMP administration console"!
Moving forward, i'm already frustrated with SGMP since the support is not as good as sun's other forums. I may try a fresh installation tomorrow but after that i'm not sure whether i will try again or not. Please let me know how to solve this problem if you can.
I really appreciated your effort, thanks again.

ERROR: Ldap Authentication failed for dap during installation of iAS 6.0 SP3

I am attempting to install ias Enterprise Edition (6.0 SP3) on solaris 2.8 using typical in basesetup. I am trying to install new Directory server as I don't have an existing one.
During the installation I got the following error.
ERROR: Ldap Authentication failed for url ldap://hostname:389/o=NetScape Root user id admin (151: Unknown Error)
Fatal Slapd did not add Directory server information to config Server.
Warning slapd could'nt populate with ldif file Yes error code 151.
ERROR:Failure installing iPlanet Directory Server.
Do you want to continue: ( I entered yes )
Configuring Administration Server Segmentation fault core dumped.
Error: Failure installing Netscape Administration Server.
Do you want to continue:( I responded with yes).
And during the Extraction I got the following
ERROR:mple_bind: Can't connect to the LDAP server - No route to host
ERROR: Unable to connect to LDAP Directory Server
Hostname: hostname
Port: 389
User: cn=Directory Manager
Password: <password-for-cn=Directory Manager
Please make sure this Directory Server is currently running.
You might need to run 'stop-slapd' and then
'start-slapd' in the Directory Server home directory, in order to restart
LDAP. When finished, press ENTER to continue, or S to skip this step:
Start registering Bootstrap EJB...
javax.naming.NameNotFoundException
at java.lang.Throwable.fillInStackTrace(Native Method)
at java.lang.Throwable.fillInStackTrace(Compiled Code)
at java.lang.Throwable.<init>(Compiled Code)
at java.lang.Exception.<init>(Compiled > Code)
at javax.naming.NamingException.<init>(NamingException.java:114)
at javax.naming.NameNotFoundException.<init>(NameNotFoundException.java: 48)
at com.netscape.server.jndi.RootContext.resolveCtx(Unknown Source)
"ldaperror" 76 lines, 2944 characters
at com.netscape.server.jndi.RootContext.resolveCtx(Unknown Source)
at com.netscape.server.jndi.RootContext.bind(Unknown Source)
at com.netscape.server.jndi.RootContext.bind(Unknown Source)
at javax.naming.InitialContext.bind(InitialContext.java:371)
at com.netscape.server.deployment.EjbReg.deployToNaming(Unknown Source)
at com.netscape.server.deployment.EjbReg.registerEjbJar(Compiled Code)
at com.netscape.server.deployment.EjbReg.registerEjbJar(Compiled Code)
at com.netscape.server.deployment.EjbReg.run(Compiled Code)
at com.netscape.server.deployment.EjbReg.main(Unknown Source)
Start registering iAS 60 Fortune Application...
Start iPlanet Application Server
Start iPlanet Application Server
Start Web Server iPlanet-WebServer-Enterprise/6.0SP1 B08/20/200100:58
warning: daemon is running as super-user
[LS ls1] http://gedemo1.plateau.com, port 80 ready
to accept requests
startup: server started successfully.
After completion of installation, I tried to start the console. But I got the following error;
"Cant connect ot the admin server. The url is not correct or the server is not running.
Finally,when I started the admintool(iASTT),it shows the iAS1
was registered( marked with a red cross mark) and says "cant login. make sure the user
name & passwdord are correct" when i click on it.
Thanks in advance for any help
Madhavi

Hi,
Make sure that the directory server is installed first. If it is running
ok, then you can try adding an admin user, please check the following
technote.
http://knowledgebase.iplanet.com/ikb/kb/articles/4106.html
regards
Swami
madhavi korupolu wrote:
I am attempting to install ias Enterprise Edition (6.0 SP3) on
solaris 2.8 using typical in basesetup. I am trying to install new
Directory server as I don't have an existing one.
During the installation I got the following error.
ERROR: Ldap Authentication failed for url
ldap://hostname:389/o=NetScape Root user id admin (151: Unknown
Error)
Fatal Slapd did not add Directory server information to config
Server.
Warning slapd could'nt populate with ldif file Yes error code 151.
ERROR:Failure installing iPlanet Directory Server.
Do you want to continue: ( I entered yes )
Configuring Administration Server Segmentation fault core dumped.
Error: Failure installing Netscape Administration Server.
Do you want to continue:( I responded with yes).
And during the Extraction I got the following
ERROR:mple_bind: Can't connect to the LDAP server - No route to host
ERROR: Unable to connect to LDAP Directory Server
Hostname: hostname
Port: 389
User: cn=Directory Manager
Password: <password-for-cn=Directory Manager
Please make sure this Directory Server is currently running.
You might need to run 'stop-slapd' and then
'start-slapd' in the Directory Server home directory, in order to
restart
LDAP. When finished, press ENTER to continue, or S to skip this
step:
Start registering Bootstrap EJB...
javax.naming.NameNotFoundException
at java.lang.Throwable.fillInStackTrace(Native Method)
at java.lang.Throwable.fillInStackTrace(Compiled Code)
at java.lang.Throwable.<init>(Compiled Code)
at java.lang.Exception.<init>(Compiled > Code)
at javax.naming.NamingException.<init>(NamingException.java:114)
at
javax.naming.NameNotFoundException.<init>(NameNotFoundException.java:
48)
at com.netscape.server.jndi.RootContext.resolveCtx(Unknown Source)
"ldaperror" 76 lines, 2944 characters
at com.netscape.server.jndi.RootContext.resolveCtx(Unknown Source)
at com.netscape.server.jndi.RootContext.bind(Unknown Source)
at com.netscape.server.jndi.RootContext.bind(Unknown Source)
at javax.naming.InitialContext.bind(InitialContext.java:371)
at com.netscape.server.deployment.EjbReg.deployToNaming(Unknown
Source)
at com.netscape.server.deployment.EjbReg.registerEjbJar(Compiled
Code)
at com.netscape.server.deployment.EjbReg.registerEjbJar(Compiled
Code)
at com.netscape.server.deployment.EjbReg.run(Compiled Code)
at com.netscape.server.deployment.EjbReg.main(Unknown Source)
Start registering iAS 60 Fortune Application...
Start iPlanet Application Server
Start iPlanet Application Server
Start Web Server iPlanet-WebServer-Enterprise/6.0SP1 B08/20/200100:58
warning: daemon is running as super-user
[LS ls1] http://gedemo1.plateau.com, port 80 ready
to accept requests
startup: server started successfully.
After completion of installation, I tried to start the console. But I
got the following error;
"Cant connect ot the admin server. The url is not correct or the
server is not running.
Finally,when I started the admintool(iASTT),it shows the iAS1
was registered( marked with a red cross mark) and says "cant login.
make sure the user
name & passwdord are correct" when i click on it.
Thanks in advance for any help
Madhavi
Try our New Web Based Forum at http://softwareforum.sun.com
Includes Access to our Product Knowledge Base!

802.1x port authentication failing after getting a access-accept packet

Hi all,
Im not 100% sure what the hell is going on here.
Any idea's or help will be appreciated.
Heres the topology.
1 x windows 2012 NPS
1x 3750X
1x Windows 7 x64
data flow
<laptop> - - [gi 1/0/13]<3750X>[gi 1/0/48]- -[gi 5/39]<6513>[po 1] - - [po 4]<6509><5/1> - - <VMWARE>[NPS Server]
The switch that is doing the authentication is the 3750X. Here is the IOS version.
Switch Ports Model SW Version SW Image
* 1 54 WS-C3750X-48 15.2(1)E C3750E-UNIVERSALK9-M
A wireshark trace on the NPS server shows that the packets are arriving and being sent back
Wireshark on a mirror of the trunk port connecting the 6513. It also shows packets being sent and arriving. access-accept packets are being recieved.
As you can see in the debug output, the switch is getting a access-accept, then it is stating a AAA failure.
here is a debug output as you plug in the laptop.
Oct 24 10:53:44.653: dot1x-ev:[Gi1/0/13] Interface state changed to DOWN
Oct 24 10:53:44.653: dot1x-ev:[Gi1/0/13] No DOT1X subblock found for port down
Oct 24 10:53:45.643: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/13, changed state to down
Oct 24 10:53:46.641: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/13, changed state to down
Oct 24 10:53:47.538: dot1x-ev:[Gi1/0/13] Interface state changed to UP
Oct 24 10:53:47.564: dot1x-packet:[6431.500e.9b00, Gi1/0/13] queuing an EAPOL pkt on Auth Q
Oct 24 10:53:47.572: dot1x-ev:DOT1X Supplicant not enabled on GigabitEthernet1/0/13
Oct 24 10:53:47.572: dot1x-packet:EAPOL pak rx - Ver: 0x1 type: 0x1
Oct 24 10:53:47.572: dot1x-packet: length: 0x0000
Oct 24 10:53:47.572: dot1x-ev:[Gi1/0/13] Dequeued pkt: Int Gi1/0/13 CODE= 0,TYPE= 0,LEN= 0
Oct 24 10:53:47.572: dot1x-ev:[Gi1/0/13] Received pkt saddr =6431.500e.9b00 , daddr = 0180.c200.0003, pae-ether-type = 888e.0101.0000
Oct 24 10:53:47.572: dot1x-ev:[Gi1/0/13] Couldn't find the supplicant in the list
Oct 24 10:53:47.572: dot1x-ev:[6431.500e.9b00, Gi1/0/13] New client detected, sending session start event for 6431.500e.9b00
Oct 24 10:53:47.572: AAA/BIND(00000047): Bind i/f
Oct 24 10:53:47.580: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Sending create new context event to EAP for 0x15000045 (6431.500e.9b00)
Oct 24 10:53:47.580: EAP-EVENT: Received context create from LL (Dot1x-Authenticator) (0x15000045)
Oct 24 10:53:47.580: EAP-AUTH-EVENT: Received AAA ID 0x00000047 from LL
Oct 24 10:53:47.580: EAP-AUTH-AAA-EVENT: Assigning AAA ID 0x00000047
Oct 24 10:53:47.580: EAP-AUTH-AAA-EVENT: CTS not enabled on interface Gi1/0/13
Oct 24 10:53:47.580: EAP-AUTH-EVENT: Received Session ID "C0A846660000004700DF6030" from LL
Oct 24 10:53:47.580: EAP-AUTH-EVENT: Setting authentication mode: Passthrough
Oct 24 10:53:47.580: eap_authen : initial state eap_auth_initialize has enter
Oct 24 10:53:47.580: EAP-EVENT: Allocated new EAP context (handle = 0xE8000047)
Oct 24 10:53:47.580: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Created a client entry (0x15000045)
Oct 24 10:53:47.580: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Dot1x authentication started for 0x15000045 (6431.500e.9b00)
Oct 24 10:53:47.580: %AUTHMGR-5-START: Starting 'dot1x' for client (6431.500e.9b00) on Interface Gi1/0/13 AuditSessionID C0A846660000004700DF6030
Oct 24 10:53:47.580: EAP-EVENT: Received EAP event 'EAP_AUTHENTICATOR_START' on handle 0xE8000047
Oct 24 10:53:47.580: eap_authen : during state eap_auth_initialize, got event 25(eapStartTmo)
Oct 24 10:53:47.580: @@@ eap_authen : eap_auth_initialize -> eap_auth_select_action
Oct 24 10:53:47.580: eap_authen : during state eap_auth_select_action, got event 20(eapDecisionPropose)
Oct 24 10:53:47.580: @@@ eap_authen : eap_auth_select_action -> eap_auth_propose_method
Oct 24 10:53:47.580: eap_authen : idle during state eap_auth_propose_method
Oct 24 10:53:47.580: @@@ eap_authen : eap_auth_propose_method -> eap_auth_method_request
Oct 24 10:53:47.580: eap_authen : idle during state eap_auth_method_request
Oct 24 10:53:47.580: @@@ eap_authen : eap_auth_method_request -> eap_auth_tx_packet
Oct 24 10:53:47.580: EAP-AUTH-EVENT: Current method = Identity
Oct 24 10:53:47.580: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_CUSTOMIZE_ID_REQUEST' on handle 0xE8000047
Oct 24 10:53:47.580: eap_authen : idle during state eap_auth_tx_packet
Oct 24 10:53:47.580: @@@ eap_authen : eap_auth_tx_packet -> eap_auth_idle
Oct 24 10:53:47.589: EAP-AUTH-TX-PAK: Code:REQUEST ID:0x1 Length:0x0005 Type:IDENTITY
Oct 24 10:53:47.589: EAP-EVENT: Started 'Authenticator ReqId Retransmit' timer (30s) for EAP sesion handle 0xE8000047
Oct 24 10:53:47.589: EAP-EVENT: Started EAP tick timer
Oct 24 10:53:47.589: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_TX_PACKET' on handle 0xE8000047
Oct 24 10:53:47.597: dot1x-ev:[Gi1/0/13] Sending EAPOL packet to group PAE address
Oct 24 10:53:47.597: dot1x-ev:[Gi1/0/13] Sending out EAPOL packet
Oct 24 10:53:47.597: dot1x-packet:EAPOL pak Tx - Ver: 0x3 type: 0x0
Oct 24 10:53:47.597: dot1x-packet: length: 0x0005
Oct 24 10:53:47.597: dot1x-packet:EAP code: 0x1 id: 0x1 length: 0x0005
Oct 24 10:53:47.597: dot1x-packet: type: 0x1
Oct 24 10:53:47.597: dot1x-packet:[6431.500e.9b00, Gi1/0/13] EAPOL packet sent to client 0x15000045
Oct 24 10:53:47.606: dot1x-packet:[6431.500e.9b00, Gi1/0/13] Queuing an EAPOL pkt on Authenticator Q
Oct 24 10:53:47.606: dot1x-packet:EAPOL pak rx - Ver: 0x1 type: 0x0
Oct 24 10:53:47.606: dot1x-packet: length: 0x001F
Oct 24 10:53:47.606: dot1x-ev:[Gi1/0/13] Dequeued pkt: Int Gi1/0/13 CODE= 2,TYPE= 1,LEN= 31
Oct 24 10:53:47.606: dot1x-ev:[Gi1/0/13] Received pkt saddr =6431.500e.9b00 , daddr = 0180.c200.0003, pae-ether-type = 888e.0100.001f
Oct 24 10:53:47.606: dot1x-packet:EAPOL pak rx - Ver: 0x1 type: 0x0
Oct 24 10:53:47.606: dot1x-packet: length: 0x001F
Oct 24 10:53:47.606: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Response sent to the server from 0x15000045
Oct 24 10:53:47.606: EAP-EVENT: Received LL (Dot1x-Authenticator) event 'EAP_RX_PACKET' on handle 0xE8000047
Oct 24 10:53:47.606: EAP-AUTH-RX-PAK: Code:RESPONSE ID:0x1 Length:0x001F Type:IDENTITY
Oct 24 10:53:47.606: Payload: 47454E4552414C5C72616E64792E636F ...
Oct 24 10:53:47.606: eap_authen : during state eap_auth_idle, got event 1(eapRxPacket)
Oct 24 10:53:47.606: @@@ eap_authen : eap_auth_idle -> eap_auth_received
Oct 24 10:53:47.606: EAP-AUTH-EVENT: EAP Response received by context 0xE8000047
Oct 24 10:53:47.606: EAP-AUTH-EVENT: EAP Response type = Identity
Oct 24 10:53:47.606: EAP-EVENT: Stopping 'Authenticator ReqId Retransmit' timer for EAP sesion handle 0xE8000047
Oct 24 10:53:47.606: eap_authen : during state eap_auth_received, got event 10(eapMethodData)
Oct 24 10:53:47.606: @@@ eap_authen : eap_auth_received -> eap_auth_method_response
Oct 24 10:53:47.606: EAP-AUTH-EVENT: Received peer identity: GENERAL\randy.coburn.admin
Oct 24 10:53:47.606: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_IDENTITY' on handle 0xE8000047
Oct 24 10:53:47.606: eap_authen : during state eap_auth_method_response, got event 13(eapMethodEnd)
Oct 24 10:53:47.606: @@@ eap_authen : eap_auth_method_response -> eap_auth_select_action
Oct 24 10:53:47.606: eap_authen : during state eap_auth_select_action, got event 19(eapDecisionPass)
Oct 24 10:53:47.606: @@@ eap_authen : eap_auth_select_action -> eap_auth_passthru_init
Oct 24 10:53:47.606: eap_authen : during state eap_auth_passthru_init, got event 22(eapPthruIdentity)
Oct 24 10:53:47.614: @@@ eap_authen : eap_auth_passthru_init -> eap_auth_aaa_req
Oct 24 10:53:47.614: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_GET_PEER_MAC_ADDRESS' on handle 0xE8000047
Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: Adding Audit-Session-ID "C0A846660000004700DF6030" to RADIUS Req
Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: Added Audit-Session-ID
Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: Adding IDB "0x070B90F8" to RADIUS Req
Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: Added IDB
Oct 24 10:53:47.614: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_CUSTOMIZE_AAA_REQUEST' on handle 0xE8000047
Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: eap_auth_aaa_authen_request_shim aaa_service 19, eap aaa_list handle 0, mlist handle 0
Oct 24 10:53:47.614: AAA/AUTHEN/8021X (00000000): Pick method list 'default'
Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: Request sent successfully
Oct 24 10:53:47.614: eap_authen : during state eap_auth_aaa_req, got event 24(eapAAAReqOk)
Oct 24 10:53:47.614: @@@ eap_authen : eap_auth_aaa_req -> eap_auth_aaa_idle
Oct 24 10:53:47.614: RADIUS/ENCODE(00000000):Orig. component type = Invalid
Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute hwidb
Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute aaa-authen-type
Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute aaa-authen-service
Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute clid-mac-addr
Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute target-scope
Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute aaa-unique-id
Oct 24 10:53:47.614: RADIUS(00000000): Config NAS IP: 0.0.0.0
Oct 24 10:53:47.614: RADIUS(00000000): sending
Oct 24 10:53:47.614: RADIUS/ENCODE: Best Local IP-Address 192.168.70.102 for Radius-Server 192.168.19.121
Oct 24 10:53:47.614: RADIUS(00000000): Send Access-Request to 192.168.19.121:1645 id 1645/21, len 288
Oct 24 10:53:47.614: RADIUS: authenticator F1 BA E5 31 71 54 BF 1A - A2 B1 5E 1A 63 72 1E 72
Oct 24 10:53:47.614: RADIUS: User-Name [1] 28 "GENERAL\randy.coburn.admin"
Oct 24 10:53:47.614: RADIUS: Service-Type [6] 6 Framed [2]
Oct 24 10:53:47.614: RADIUS: Vendor, Cisco [26] 27
Oct 24 10:53:47.614: RADIUS: Cisco AVpair [1] 21 "service-type=Framed"
Oct 24 10:53:47.614: RADIUS: Framed-MTU [12] 6 1500
Oct 24 10:53:47.614: RADIUS: Called-Station-Id [30] 19 "AC-F2-C5-75-7D-0D"
Oct 24 10:53:47.614: RADIUS: Calling-Station-Id [31] 19 "64-31-50-0E-9B-00"
Oct 24 10:53:47.614: RADIUS: EAP-Message [79] 33
Oct 24 10:53:47.614: RADIUS: 02 01 00 1F 01 47 45 4E 45 52 41 4C 5C 72 61 6E 64 79 2E 63 6F [GENERAL\randy.co]
Oct 24 10:53:47.622: RADIUS: 62 75 72 6E 2E 61 64 6D 69 6E [ burn.admin]
Oct 24 10:53:47.622: RADIUS: Message-Authenticato[80] 18
Oct 24 10:53:47.622: RADIUS: EE 52 4D ED B9 06 F3 CE 63 AC 9D 73 24 1B A7 ED [ RMcs$]
Oct 24 10:53:47.622: RADIUS: EAP-Key-Name [102] 2 *
Oct 24 10:53:47.622: RADIUS: Vendor, Cisco [26] 49
Oct 24 10:53:47.622: RADIUS: Cisco AVpair [1] 43 "audit-session-id=C0A846660000004700DF6030"
Oct 24 10:53:47.622: RADIUS: Vendor, Cisco [26] 20
Oct 24 10:53:47.622: RADIUS: Cisco AVpair [1] 14 "method=dot1x"
Oct 24 10:53:47.622: RADIUS: NAS-IP-Address [4] 6 192.168.70.102
Oct 24 10:53:47.622: RADIUS: NAS-Port [5] 6 60000
Oct 24 10:53:47.622: RADIUS: NAS-Port-Id [87] 23 "GigabitEthernet1/0/13"
Oct 24 10:53:47.622: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
Oct 24 10:53:47.622: RADIUS(00000000): Sending a IPv4 Radius Packet
Oct 24 10:53:47.622: RADIUS(00000000): Started 10 sec timeout
Oct 24 10:53:47.622: RADIUS: Received from id 1645/21 192.168.19.121:1645, Access-Accept, len 66
Oct 24 10:53:47.622: RADIUS: authenticator 92 F6 07 AF C1 AB 0B 4C - 1D 9E A0 D1 01 36 27 26
Oct 24 10:53:47.622: RADIUS: Class [25] 46
Oct 24 10:53:47.622: RADIUS: 76 E3 06 66 00 00 01 37 00 01 02 00 C0 A8 13 79 00 00 00 00 00 00 00 00 00 00 00 00 01 CE CF F8 1F 7B 75 41 00 00 00 00 00 00 00 50 [ vf7y{uAP]
Oct 24 10:53:47.622: RADIUS(00000000): Received from id 1645/21
Oct 24 10:53:47.622: EAP-EVENT: eap_aaa_reply
Oct 24 10:53:47.622: EAP-AUTH-AAA-EVENT: Reply received session_label 72000033
Oct 24 10:53:47.622: EAP-EVENT: Received AAA event 'EAP_AAA_FAIL' on handle 0xE8000047
Oct 24 10:53:47.622: eap_authen : during state eap_auth_aaa_idle, got event 8(eapAAAFail)
Oct 24 10:53:47.622: @@@ eap_authen : eap_auth_aaa_idle -> eap_auth_failure
Oct 24 10:53:47.631: EAP-EVENT: Received get canned status from lower layer (0xE8000047)
Oct 24 10:53:47.631: EAP-AUTH-TX-PAK: Code:FAILURE ID:0x1 Length:0x0004
Oct 24 10:53:47.631: EAP-AUTH-EVENT: FAIL for EAP method ID: 1, name: , on handle 0xE8000047
Oct 24 10:53:47.631: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_FAIL' on handle 0xE8000047
Oct 24 10:53:47.631: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Received an EAP Fail
Oct 24 10:53:47.639: %DOT1X-5-FAIL: Authentication failed for client (6431.500e.9b00) on Interface Gi1/0/13 AuditSessionID C0A846660000004700DF6030
Oct 24 10:53:47.639: dot1x-packet:[6431.500e.9b00, Gi1/0/13] Added username in dot1x
Oct 24 10:53:47.639: dot1x-packet:[6431.500e.9b00, Gi1/0/13] Dot1x did not receive any key data
Oct 24 10:53:47.639: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Processing client delete for hdl 0x15000045 sent by Auth Mgr
Oct 24 10:53:47.639: dot1x-ev:[6431.500e.9b00, Gi1/0/13] 6431.500e.9b00: sending canned failure due to method termination
Oct 24 10:53:47.639: EAP-EVENT: Received get canned status from lower layer (0xE8000047)
Oct 24 10:53:47.639: dot1x-ev:[Gi1/0/13] Sending EAPOL packet to group PAE address
Oct 24 10:53:47.639: dot1x-ev:[Gi1/0/13] Sending out EAPOL packet
Oct 24 10:53:47.639: dot1x-packet:EAPOL pak Tx - Ver: 0x3 type: 0x0
Oct 24 10:53:47.639: dot1x-packet: length: 0x0004
Oct 24 10:53:47.639: dot1x-packet:EAP code: 0x4 id: 0x1 length: 0x0004
Oct 24 10:53:47.639: dot1x-packet:[6431.500e.9b00, Gi1/0/13] EAPOL canned status packet sent to client 0x15000045
Oct 24 10:53:47.639: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Deleting client 0x15000045 (6431.500e.9b00)
Oct 24 10:53:47.639: %AUTHMGR-7-STOPPING: Stopping 'dot1x' for client 6431.500e.9b00 on Interface Gi1/0/13 AuditSessionID C0A846660000004700DF6030
Oct 24 10:53:47.639: %AUTHMGR-5-FAIL: Authorization failed or unapplied for client (6431.500e.9b00) on Interface Gi1/0/13 AuditSessionID C0A846660000004700DF6030
Oct 24 10:53:47.648: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Delete auth client (0x15000045) message
Oct 24 10:53:47.648: EAP-EVENT: Received free context (0xE8000047) from LL (Dot1x-Authenticator)
Oct 24 10:53:47.648: dot1x-ev:Auth client ctx destroyed
Oct 24 10:53:47.648: EAP-EVENT: Received LL (Dot1x-Authenticator) event 'EAP_DELETE' on handle 0xE8000047
Oct 24 10:53:47.648: EAP-AUTH-EVENT: Freed EAP auth context
Oct 24 10:53:47.648: EAP-EVENT: Freed EAP context
Oct 24 10:53:48.621: EAP-EVENT: Stopped EAP tick timer
Oct 24 10:53:49.485: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/13, changed state to up
Oct 24 10:53:50.491: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/13, changed state to up
Oct 24 10:53:53.528: dot1x-ev:[Gi1/0/13] Interface state changed to DOWN
Oct 24 10:53:53.528: dot1x-ev:[Gi1/0/13] No DOT1X subblock found for port down
Oct 24 10:53:54.518: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/13, changed state to down
Oct 24 10:53:55.524: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/13, changed state to down

Hi Jatin,
See below the data that you have requested.
show run bits.
aaa new-model
aaa authentication dot1x default group radius
aaa session-id common
clock timezone BST 0 0
clock summer-time UTC recurring last Sun Mar 1:00 last Sun Oct 2:00
dot1x system-auth-control
interface GigabitEthernet1/0/13
switchport access vlan 80
switchport mode access
authentication port-control auto
dot1x pae authenticator
spanning-tree portfast
interface GigabitEthernet1/0/48
switchport trunk encapsulation dot1q
switchport trunk native vlan 70
switchport mode trunk
radius server NPS1
address ipv4 192.168.19.121 auth-port 1645 acct-port 1646
timeout 10
key thesecret
ip default-gateway 192.168.70.1
SW1-randy#show auth sessions interface gig 1/0/13
Interface MAC Address Method Domain Status Fg Session ID
Gi1/0/13 803f.5d09.189e N/A UNKNOWN Unauth C0A846660000002F00251DBC
SW1-randy#Show mac address-table Interface GigabitEthernet1/0/13
 Mac Address Table
Vlan Mac Address Type Ports
80 803f.5d09.189e DYNAMIC Drop
SW1-randy#ping 192.168.19.121
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.19.121, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms
Here is a wireshark of the accept packet.
Message was edited by: randy coburn
Added wireshark trace

Psconsole Authentication Failed, Please reenter username and password

Hi,
I have JES5 installed ( App server + Directory server + Portal server + Access manager) on a windows 2003 server with Oracle 10g. After the installation i was able to access the amconsole, psconsole, and the admin console without any errors.
After the server was restarted, i started the application server and the directory server (dsadm start) and now i can login to admin console and /amconsle and also to the /portal/dt, but i am not able to login to /psconsole.
i have used the default login details(amadmin) login for both the /amconsole and the /psconsle, /amconsole logins sucessfully but /psconsole gives me the error "Authentication Failed, Please reenter username and password"
the log details of portal.admin.console.0.0.log are:
[#|2008-01-08T12:13:58.672+0530|SEVERE|SJS Portal Server|debug.com.sun.portal.admin.console|ThreadID=21; ClassName=com.sun.portal.admin.console.common.PSBaseBean; MethodName=log; |Failed to authenticate with JMX Server: LoginBean.login()
javax.management.remote.JMXProviderException: Connection refused: connect
 at com.sun.cacao.agent.impl.CacaoJmxConnectorProvider.newJMXConnector(CacaoJmxConnectorProvider.java:388)
 at javax.management.remote.JMXConnectorFactory.getConnectorAsService(JMXConnectorFactory.java:415)
 at javax.management.remote.JMXConnectorFactory.newJMXConnector(JMXConnectorFactory.java:307)
 at javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:247)
 at com.sun.portal.admin.common.util.AdminUtil.getConnector(AdminUtil.java:813)
 at com.sun.portal.admin.common.util.AdminClientUtil.getJMXConnector(AdminClientUtil.java:113)
 at com.sun.portal.admin.common.util.AdminClientUtil.getJMXConnector(AdminClientUtil.java:139)
 at com.sun.portal.admin.common.util.AdminClientUtil.getJMXConnector(AdminClientUtil.java:163)
 at com.sun.portal.admin.console.common.LoginBean.JMXConnect(LoginBean.java:287)
 at com.sun.portal.admin.console.common.LoginBean.authenticate(LoginBean.java:256)
 at com.sun.portal.admin.console.common.LoginBean.login(LoginBean.java:230)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:585)
 at com.sun.faces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:146)
 at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:92)
 at javax.faces.component.UICommand.broadcast(UICommand.java:332)
 at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:287)
 at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:401)
 at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:95)
 at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:245)
 at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:110)
 at javax.faces.webapp.FacesServlet.service(FacesServlet.java:213)
 at sun.reflect.GeneratedMethodAccessor139.invoke(Unknown Source)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:585)
 at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:249)
 at java.security.AccessController.doPrivileged(Native Method)
 at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
 at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:282)
 at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:257)
 at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:55)
 at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:161)
 at java.security.AccessController.doPrivileged(Native Method)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
 at com.sun.web.ui.util.UploadFilter.doFilter(UploadFilter.java:203)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210)
 at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:55)
 at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:161)
 at java.security.AccessController.doPrivileged(Native Method)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
 at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:263)
 at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
 at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:225)
 at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:173)
 at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
 at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
 at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
 at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:933)
 at com.sun.enterprise.web.connector.httpservice.HttpServiceProcessor.process(HttpServiceProcessor.java:235)
 at com.sun.enterprise.web.HttpServiceWebContainer.service(HttpServiceWebContainer.java:2114)
Caused by: java.net.ConnectException: Connection refused: connect
 at java.net.PlainSocketImpl.socketConnect(Native Method)
 at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
 at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
 at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
 at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
 at java.net.Socket.connect(Socket.java:516)
 at java.net.Socket.connect(Socket.java:466)
 at java.net.Socket.<init>(Socket.java:366)
 at java.net.Socket.<init>(Socket.java:179)
 at com.sun.jmx.remote.socket.SocketConnection.connect(SocketConnection.java:94)
 at com.sun.jmx.remote.generic.ClientSynchroMessageConnectionImpl.connect(ClientSynchroMessageConnectionImpl.java:69)
 at javax.management.remote.generic.GenericConnector.connect(GenericConnector.java:177)
 at javax.management.remote.jmxmp.JMXMPConnector.connect(JMXMPConnector.java:119)
 at javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:248)
 at com.sun.cacao.agent.JmxClient.getUnknownJmxClientConnection(JmxClient.java:904)
 at com.sun.cacao.agent.impl.CacaoJmxConnectorProvider.newJMXConnector(CacaoJmxConnectorProvider.java:362)
 ... 52 more
Also, when i try to start the cacaoadm or check for the status i get the Perl lib version (v5.8.3) doesn't match executable version (v5.8.8) error.
i have JES5 and Oracle 10G installed on a windows 2003 server,
can you please let me know what do i have to correct here.
C:\Program Files\Sun\JavaES5\share\cacao_2\bin>cacaoadm.bat status
Perl lib version (v5.8.3) doesn't match executable version (v5.8.8) at E:\oracle
\product\10.2.0\db_1\perl\5.8.3\lib/MSWin32-x86-multi-thread/Config.pm line 32.
Compilation failed in require at E:\oracle\product\10.2.0\db_1\perl\5.8.3\lib/Fi
ndBin.pm line 97.
BEGIN failed--compilation aborted at E:\oracle\product\10.2.0\db_1\perl\5.8.3\li
b/FindBin.pm line 97.
Compilation failed in require at C:\PROGRA~1\Sun\JavaES5\share\cacao_2\lib\tools
\scripts\cacaoadm.pl line 17.
BEGIN failed--compilation aborted at C:\PROGRA~1\Sun\JavaES5\share\cacao_2\lib\t
ools\scripts\cacaoadm.pl line 17.
Thanks in advance
Regards
Gani

Hi,
depending on the cacao version used. The only authorized user (user allowed to use cacao) may be a privileged user (user part of local administrator group).
to know the version of cacao just run "cacaoadm -V" .
from 2.1 , non privileged user can install their own copy of cacao.
Your case (login on pconsole failing) may be a credential
probleme. did you check the password given for the connection ?
For the service part (enabling cacao) you must not touch the configuration. Everything is done using the command line.
you should not modify information set in the service manager.
just use the command line "cacaoadm enable -f <password file>". the Password file must contain the password of the Administrator who installed cacao.
hope this helps

Help, Authentication failed

I am having a very difficult time making a simple login program work
I am using Java SDK 1.4.2_02 on a Windows 2000 host, the DS is on the same host
My Directory Server is Sun One Directory Server 5.2
I am using the JAAS package, with a JndiLoginModule
When I use a bogus uid I get a �user not found� message so I know I am contacting the DS correctly
The Access log looks like this
[09/Dec/2003:13:09:52 -0600] conn=1606 op=0 msgId=1 - BIND dn="" method=128 version=3
[09/Dec/2003:13:09:52 -0600] conn=1606 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn=""
[09/Dec/2003:13:09:52 -0600] conn=1606 op=1 msgId=2 - SRCH base="ou=people,dc=auto-trol,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL
[09/Dec/2003:13:09:52 -0600] conn=1606 op=1 msgId=2 - RESULT err=0 tag=101 nentries=1 etime=0
[09/Dec/2003:13:09:52 -0600] conn=1606 op=2 msgId=3 - SRCH base="ou=people,dc=auto-trol,dc=com" scope=1 filter="(uid=jpsb)" attrs=ALL
[09/Dec/2003:13:09:52 -0600] conn=1606 op=2 msgId=3 - RESULT err=0 tag=101 nentries=1 etime=0
[09/Dec/2003:13:09:52 -0600] conn=1606 op=3 msgId=4 - ABANDON targetop=NOTFOUND msgid=3
My config file looks like this
Sample
com.sun.security.auth.module.JndiLoginModule required debug=true
 user.provider.url="ldap://localhost:4661/ou=People,dc=auto-trol,dc=com"
 group.provider.url="ldap//localhost:4661/ou=Group,dc=auto-trol,dc=com";
The error I get is this:
[JndiLoginModule] user provider: ldap://localhost:4661/ou=People,dc=auto-trol,dc=com
[JndiLoginModule] group provider: ldap//localhost:4661/ou=Group,dc=auto-trol,dc=com
ldap username: jpsb
ldap password: jim
[JndiLoginModule] attemptAuthentication() failed
[JndiLoginModule] regular authentication failed
[JndiLoginModule]: aborted authentication failed
Authentication failed:
Login incorrect
A stack trace looks like this
javax.security.auth.login.FailedLoginException: Login incorrect
at com.sun.security.auth.module.JndiLoginModule.attemptAuthentication(JndiLoginModule.java:552)
at com.sun.security.auth.module.JndiLoginModule.login(JndiLoginModule.java:310)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
at LoginJaas.main(LoginJaas.java:93)
It appears to me that there must be some kind password problem, I can login from the 5.2 console or switch user ids from the console so I know the user and Directory Server are OK.
Can anyone help? I�ve been pounding on this for a few days and it is getting frustrating.
Thanks in advance
Jim

Here it is along with some bat files to make and run. I can't understand why it does not work. It is mostly a slightly modified example from Sun. I'm using Sun code, a Sun Directory Server and a Sun's JndiLoginModule so why the damn thing does not work is a mystery. I have looked EVERYWHERE for a sample JAAS/LDAP Authenicate code and can't find a thing. Makes me think there isn't any and JAAS is not the way to go. I and going to try with a different DS maybe open LDP or active Directory and if that doesn't work I'll forget JAAS and use JNDI instead.
Any help would be greatly appreciated.
thanks in advance
jim
Start LoginJass.java
* @(#)LoginJaas.java
* Copyright 2001-2002 Sun Microsystems, Inc. All Rights Reserved.
* Redistribution and use in source and binary forms, with or
* without modification, are permitted provided that the following
* conditions are met:
* -Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* -Redistribution in binary form must reproduct the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
* Neither the name of Sun Microsystems, Inc. or the names of
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
* This software is provided "AS IS," without a warranty of any
* kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
* WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
* EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY
* DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR
* RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR
* ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
* FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT,
* SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
* CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF
* THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
* You acknowledge that Software is not designed, licensed or
* intended for use in the design, construction, operation or
* maintenance of any nuclear facility.
import javax.security.auth.Subject;
import javax.security.auth.callback.*;
import javax.security.auth.login.*;
import com.sun.security.auth.callback.TextCallbackHandler;
import java.security.PrivilegedAction;
* This LoginJaas application attempts to authenticate a user
* and reports whether or not the authentication was successful.
* If successful, it then sets up subsequent execution of
* code in the run method of the SampleAction class such that
* access control checks for security-sensitive operations will be
* based on the user running the code.
public class LoginJaas
 private static Subject mySubject;
 public static void main(String[] args)
 // Obtain a LoginContext, needed for authentication. Tell it
 // to use the LoginModule implementation specified by the
 // entry named "JaasSample" in the JAAS login configuration
 // file and to also use the specified CallbackHandler.
 LoginContext lc = null;
 try
 lc = new LoginContext("Sample", new TextCallbackHandler());
 catch (LoginException le)
 System.err.println("le:Cannot create LoginContext. "
 + le.getMessage());
 le.printStackTrace();
 System.exit(-1);
 catch (SecurityException se)
 System.err.println("se:Cannot create LoginContext. "
 + se.getMessage());
 se.printStackTrace();
 System.exit(-1);
 try
 // attempt authentication
 lc.login();
 catch (LoginException le)
 System.err.println("Authentication failed:");
 System.err.println(" " + le.getMessage());
 le.printStackTrace();
 System.exit(-1);
 System.out.println("Authentication succeeded!");
 // now try to execute the SampleAction as the authenticated Subject
 Subject mySubject = lc.getSubject();
 PrivilegedAction action = new SampleAction();
 Subject.doAsPrivileged(mySubject, action, null);
End LoginJass.java
Start MyCallbackHandler.java
import java.io.*;
import javax.security.auth.*;
import javax.security.auth.callback.*;
public class MyCallbackHandler implements CallbackHandler
 public void handle(Callback callbacks[]) throws IOException, UnsupportedCallbackException
 for(int i=0;i<callbacks.length;i++)
 if(callbacks[i] instanceof NameCallback)
 NameCallback nc = (NameCallback) callbacks[0];
 System.err.print(nc.getPrompt());
 System.err.flush();
 String name = (new BufferedReader(new InputStreamReader(System.in))).readLine();
 nc.setName(name);
 else
 throw(new UnsupportedCallbackException(callbacks,
 "Callback handler not support"));
End MyCallbackHandler.java
Start Sample.java
* @(#)Sample.java 1.19 00/01/11
* Copyright 2000-01 Sun Microsystems, Inc. All rights reserved.
* Copyright 2000-01 Sun Microsystems, Inc. Tous droits reserves.
import java.io.*;
import java.util.*;
import java.security.Principal;
import javax.security.auth.*;
import javax.security.auth.callback.*;
import javax.security.auth.login.*;
import javax.security.auth.spi.*;
import com.sun.security.auth.*;
* This Sample application attempts to authenticate a user
* and executes a SampleAction as that user.
* If the user successfully authenticates itself,
* the username and number of Credentials is displayed.
* @version 1.19, 01/11/00
public class Sample {
* Attempt to authenticate the user.
* 
* @param args input arguments for this application. These are ignored.
public static void main(String[] args) {
 // use the configured LoginModules for the "Sample" entry
 LoginContext lc = null;
 try {
 lc = new LoginContext("Sample", new MyCallbackHandler());
 } catch (LoginException le) {
 le.printStackTrace();
 System.exit(-1);
 // the user has 3 attempts to authenticate successfully
 int i;
 for (i = 0; i < 3; i++) {
 try {
 // attempt authentication
 lc.login();
 // if we return with no exception, authentication succeeded
 break;
 } catch (AccountExpiredException aee) {
 System.out.println("Your account has expired. " +
 "Please notify your administrator.");
 System.exit(-1);
 } catch (CredentialExpiredException cee) {
 System.out.println("Your credentials have expired.");
 System.exit(-1);
 } catch (FailedLoginException fle) {
 System.out.println("Authentication Failed");
 try {
 Thread.currentThread().sleep(3000);
 } catch (Exception e) {
 // ignore
 } catch (Exception e) {
 System.out.println("Unexpected Exception - unable to continue");
 e.printStackTrace();
 System.exit(-1);
 // did they fail three times?
 if (i == 3) {
 System.out.println("Sorry");
 System.exit(-1);
 // let's see what Principals we have
 Iterator principalIterator = lc.getSubject().getPrincipals().iterator();
 System.out.println("Authenticated user has the following Principals:");
 while (principalIterator.hasNext()) {
 Principal p = (Principal)principalIterator.next();
 System.out.println("\t" + p.toString());
 System.out.println("User has " +
 lc.getSubject().getPublicCredentials().size() +
 " Public Credential(s)");
 // now try to execute the SampleAction as the authenticated Subject
 Subject.doAs(lc.getSubject(), new SampleAction());
 System.exit(0);
End Sample.java
Start SampleAction.java
* @(#)SampleAction.java 1.4 00/01/11
* Copyright 2000-01 Sun Microsystems, Inc. All rights reserved.
* Copyright 2000-01 Sun Microsystems, Inc. Tous droits reserves.
import java.io.File;
import java.security.PrivilegedAction;
* This is a Sample PrivilegedAction implementation, designed to be
* used with the Sample application.
* @version 1.4, 01/11/00
public class SampleAction implements PrivilegedAction {
* This Sample PrivilegedAction performs the following operations:
* <ul>
* <li> Access the System property, java.home
* <li> Access the System property, user.home
* <li> Access the file, foo.txt
* </ul>
* @return <code>null</code> in all cases.
* @exception SecurityException if the caller does not have permission
* to perform the operations listed above.
public Object run() {
 System.out.println("\nYour java.home property: "
 +System.getProperty("java.home"));
 System.out.println("\nYour user.home property: "
 +System.getProperty("user.home"));
 File f = new File("foo.txt");
 System.out.print("\nfoo.txt does ");
 if (!f.exists())
 System.out.print("not ");
 System.out.println("exist in the current working directory.");
 return null;
End SampleAction.java
Start princible/SamplePrincipal.java
package principal;
* @(#)SamplePrincipal.java 1.4 00/01/11
* Copyright 2000-01 Sun Microsystems, Inc. All rights reserved.
* Copyright 2000-01 Sun Microsystems, Inc. Tous droits reserves.
import java.security.Principal;
* This class implements the <code>Principal</code> interface
* and represents a Sample user.
* Principals such as this <code>SamplePrincipal</code>
* may be associated with a particular <code>Subject</code>
* to augment that <code>Subject</code> with an additional
* identity. Refer to the <code>Subject</code> class for more information
* on how to achieve this. Authorization decisions can then be based upon
* the Principals associated with a <code>Subject</code>.
* @version 1.4, 01/11/00
* @see java.security.Principal
* @see javax.security.auth.Subject
public class SamplePrincipal implements Principal, java.io.Serializable {
* @serial
private String name;
* Create a SamplePrincipal with a Sample username.
* 
* @param name the Sample username for this user.
* @exception NullPointerException if the <code>name</code>
* is <code>null</code>.
public SamplePrincipal(String name) {
 if (name == null)
 throw new NullPointerException("illegal null input");
 this.name = name;
* Return the Sample username for this <code>SamplePrincipal</code>.
* 
* @return the Sample username for this <code>SamplePrincipal</code>
public String getName() {
 return name;
* Return a string representation of this <code>SamplePrincipal</code>.
* 
* @return a string representation of this <code>SamplePrincipal</code>.
public String toString() {
 return("SamplePrincipal: " + name);
* Compares the specified Object with this <code>SamplePrincipal</code>
* for equality. Returns true if the given object is also a
* <code>SamplePrincipal</code> and the two SamplePrincipals
* have the same username.
* 
* @param o Object to be compared for equality with this
* <code>SamplePrincipal</code>.
* @return true if the specified Object is equal equal to this
* <code>SamplePrincipal</code>.
public boolean equals(Object o) {
 if (o == null)
 return false;
if (this == o)
return true;
if (!(o instanceof SamplePrincipal))
return false;
SamplePrincipal that = (SamplePrincipal)o;
 if (this.getName().equals(that.getName()))
 return true;
 return false;
* Return a hash code for this <code>SamplePrincipal</code>.
* 
* @return a hash code for this <code>SamplePrincipal</code>.
public int hashCode() {
 return name.hashCode();
End princible/SamplePrincipal.java
Start ample_jaas.config
/** Login Configuration for the JAAS Sample Application **/
Sample
 //SampleLoginModule required debug=true;
 com.sun.security.auth.module.JndiLoginModule required debug=true
 user.provider.url="ldap://localhost:4661/ou=People,dc=testing,dc=com"
 group.provider.url="ldap//localhost:4661/ou=Group,dc=testing,dc=com";
End Sample_jaas.config
Start sample.policy
/** Java 2 Access Control Policy for the JAAS Sample Application **/
/** Code-Based Access Control Policy for LoginJaas **/
grant codebase "file:./sample.jar
permission javax.security.auth.AuthPermission
"createLoginContext.JaasSample";
permission javax.security.auth.AuthPermission "doAsPrivileged";
permission java.security.AllPermission; //darf alles
/** User-Based Access Control Policy for the LoginAction class
** instantiated by LoginJaas
grant codebase "file:./SampleAction.jar", Principal principal.SamplePrincipal "jimshi"
permission java.util.PropertyPermission "java.home", "read";
permission java.util.PropertyPermission "user.home", "read";
permission java.io.FilePermission "foo.txt", "read";
End sample.policy
Start makelogin.bat
REM
javac LoginJaas.java principal/SamplePrincipal.java
jar -cvf LoginJaas.jar LoginJaas.class principal/SamplePrincipal.java
REM
javac SampleAction.java
jar -cvf SampleAction.jar SampleAction.class
REM
REM javac SampleLoginModule.java
REM jar -cvf sample_module.jar SampleLoginModule.class
REM
javac Sample.java
REM jar -cvf sample.jar MyCallbackHandler.class Sample.class
javac com/sun/security/auth/module/*.java
End makelogin.bat
Start run.bat
REM java -classpath ./;SampleAction.jar;LoginJaas.jar -Djava.security.manager -Djava.security.policy=sample.policy -Djava.security.auth.login.config=sample_jaas.conf LoginJaas
java -classpath ./;SampleAction.jar;LoginJaas.jar -Djava.security.auth.login.config==D:\STUFF\LDAP\loginJim\sample_jaas.config LoginJaas
End run.bat

Exchange Management Console couldn't start with Kerberos authentication failed

When I was making changes to Client Access\owa settings, chaning from Basic authentication to Form authentication (upn name) then changed to Basic again. It was ok after changing to Form authentication but moment after changing back to Basic, I couldn't
no longer access owa (blank page when one vertical line) and in Exchange Management Console, I got "Initialization failed" - The following error occured while attempting to connect to the specified Exchange server 'sgp-ex1.mydomain.com':
The attempt to connect to http://sgp-ex1.mydomain.com/powershell using "Kerberos" authentication failed: Connecting to the remote server failed with the following error message: The WinRM client cannto process
the request. It cannot determine the content type of the HTTP response from the destination computer. The content type is absent or invalid. For more information, see the about_Remote_Troubleshooting Help topic.
I tried the troubleshooting tool from Exchange team blog:
http://blogs.technet.com/b/exchange/archive/2010/12/07/3411644.aspx. It give 3 possible causes for this error: 1. WSMan module entry is missing from global module section of c:\Windows\System32\InetSrv\Config\ApplicationHost.config; 2. Kerbauth module shows
up as Managed module or has been loaded in the Default Web Site Level; 3. The Path of the Powershell virtual directory has been modified.
I checked carefully, all the 3 causes do not apply to my situation as WSman entry is in order, the Kerbauth is native and local and the path of Powershell virtual directory is correct.
I find that in Application log, there are Event 2297 and 2307 dumped at the time of failure:
The worker process for application pool 'MSExchangeSyncAppPool' encountered an error 'Confiugration file in not well-formed XML' trying to read configuration data from file '\\?\C:\inetpubl\temp\apppools\MSExchangeSyncAppPool\MSExchangeSyncAppPool.config',
line number '2'. The data field contains the error code.
Help is very much appreciated.
Valuable skills are not learned, learned skills aren't valuable.

Unfortunately, all the links you provided didn't help.
The first link contains 3 methods:1 Removing WinRM feature and reinstalling. 2 Rename the web.config file in location C:\inetpub\wwwroot 3 Have you installed Microsoft Dynamics CRM 4. I?
As my server is Windows 2008 R2, the first method does not apply. I couldn't find any web.config in c:\Inetpub\wwwroot. The web.config however is found in many times in .netframework and winsxs directories. The 3rd method doesn't apply as I don't have CRM.
The 2nd link contains 3 possible causes. The first 2 are the same as the ones I mentioned in my initial post. I couldn't verify the last cause because when open Exchange Management Shell, I got this error: [sgp.ex1.mydomain.com] connecting to remote server
failed with the following server failed with the following error message: The WinRM client cannot process the request, it cannot determine the content type of the HTTP response from the destination computer. The content type is absent or invalide. For more
information, see the about_Remote_Troubleshooting Help topic.
I do not think the user is not remote powershell enabled because the problem happened suddenly, while I was making changes to Authentication settings of OWA(default) in Client Access in Exchange Management Console. If the user account is not remote powershell
enabled, then I couldn't event connect to EMC in the first place.
The last link didn't help because I could open up modules under PowerShell virtual directory in IIS.
I think since the event log is saying MSExchangeSyncAppPool.config and DefaultAppPool.config not well-formed XML, that might be a clue.
In the event id 2307 this is the message:
The worker process for application pool 'DefaultAppPool' encountered an error 'Configuration file is not well-formed XML
' trying to read configuration data from file '\\?\C:\inetpub\temp\apppools\DefaultAppPool\DefaultAppPool.config', line number '2'. The data field contains the error code.
Valuable skills are not learned, learned skills aren't valuable.

BB browser error msg authentication failed

After doing a search and attempt to go to a site I just get the message "authentication failed". BTW I have a BB Storm and have upgraded to ver. 5.0.

So this is a password failure (D019 is wrong or failed password) which
brings the question, what changed/happened? :)
As the POP is on the GWIA, the certificate that is on the GWIA is used
by both the SMTP and the POP3. You are using the secure setting for
both of these aren't you? Sending User IDs and passwords in clear
over the internet is asking for trouble...
Webmail is different (Tomcat/Aganet/Cert) so that is a dead end.
So, as I said before, what changed?
T
On Sun, 03 Apr 2011 22:11:49 GMT, Russ Ringer <[email protected]>
wrote:
>All of a sudden, all users (except me, I'm admin) cannot send mail
>using smtp authorization. The error on the gwia log is :
>
>"DMN: MSG 74 Inbound AUTH failure (D019)
>DMN: MSG 74 SMTP session ended: [192.168.100.11] () "
>
>These users can still login to webmail and POP3 successfully, so I
>know it's not a password issue.
>I created a new test user and that account has the same issue, but can
>login to POP3 and web access ok.
>
>What should I check to resolve this issue?
>
>GW 7.04 on NW 6.5 sp5
>
>Thanks

Running reports: "REP-0238: Security server authentication failed"

Good afternoon,
I installed Oracle9iAS Release 2 v.9.0.2 (Application Server) on Sun-Solaris as well as
Oracle 9iAS Reports Services module. I simply want to run a report from a command line
rwserver.sh. I constantly get the message "REP-0238: Security server authentication failed".
What is to be done to enable authentication?
Thanks.
GM.

hello,
a) rwserver.sh is the script to start a reports server. if you want to run a reports-job you should either use the command rwclient or use the servlet via a web-browser.
b) when installing iAS R2 the reports server is running in secure mode. this means when you run a report via the browser you will get a login-screen where you have to provide a vaild SSO username/password. if you are running from the commandline, you have to provide the paramter AUTHID passing a valid SSO username/password.
regards,
philipp

OBIA 7.9.5 EBS Integration Not Logged On nQSError 43001 Authentication Fail

Hi,
I'm attempting to get Oracle Business Intelligence Applications 7.9.5 / OBIEE 10.1.3.3.2 integrated into the eBusiness Suite 11.5.10.2 per Metalink Note 552735.1. At the moment not an action link, just menu option to SA Administrator.
I've run into and worked around a number of problems with the Initialization block variables setup in OracleBIAnalyticsApps.rpd and now no longer get errors in the NQServer.log after disabling Initialization Blocks for Siebel/Peoplesoft and disabling 2 EBS specific Init blocks that were erroring; 'Inventory Organizations' and 'Ledgers' I'll fix those later.
However, now I get an error in the sawlog0.log file as follows:
File: project/webodbcaccess/odbcconnectionimpl.cpp Line: 371
Properties: ConnId-6,6;ThreadID-1145072560
Location:
saw.odbc.connection.open
saw.connectionPool.getConnection
saw.threadPool
saw.threads
Odbc driver returned an error (SQLDriverConnectW).
State: 08004. Code: 10018. NQODBC [SQL_STATE: 08004|http://forums.oracle.com/forums/] [nQSError: 10018|http://forums.oracle.com/forums/] Access for the requested connection is refused.
[nQSError: 43001|http://forums.oracle.com/forums/] Authentication failed for in repository Star: invalid user/password. (08004)
Type: Error
Severity: 42
Time: Wed Dec 3 07:13:16 2008
File: project/webconnect/connection.cpp Line: 276
Properties: ThreadID-1145072560
Location:
saw.connectionPool.getConnection
saw.threadPool
saw.threads
Authentication Failure.
Odbc driver returned an error (SQLDriverConnectW).
Can anyone point me in the right direction here?
Thanks,
Gareth

The strange thing is both Gareth and I have configured OBIA/OBIEE on a Linux server and local authentication works fine. Once we enable external EBS authentication, we get the error listed above.
Does anyone who has done the OBIA EBS integration with OBIEE running on Linux have an example of the odbc.ini file. It appears that even though we have reconfigured OracleBIAnalyticsApps.rpd to use OCI everywhere, that there is still some hard coded ODBC references for external authentication.
We are configuring instanceconfig.xml as directed:
Integrating Oracle Business Intelligence Applications with Oracle E-Business Suite
https://metalink2.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=552735.1
Configuring InstanceConfig.xml for External Authentication
1. Modify the instanceconfig.xml file for the Oracle BI Presentation Services as shown below:
<?xml version="1.0"?>
<WebConfig>
<ServerInstance>
<CatalogPath>c:\temp\default</CatalogPath>
<DSN>AnalyticsWeb</DSN>
<Auth>
<ExternalLogon enabled="true">
<ParamList>
<Param name="NQ_SESSION.ICX_SESSION_COOKIE"
source="cookie"
nameInSource="EBSAppsDatabaseSID"/>
<Param name="NQ_SESSION.ACF"
source="url"
nameInSource="ACF"/>
</ParamList>
</ExternalLogon>
</Auth>

</ServerInstance>
</WebConfig>
2. The nameInSource for the cookie should be the same as the Oracle E-Business Suite application database SID name. To verify the name of the cookie, using Firefox, check the name of the cookie created under the us.oracle.com domain (or the domain where your Oracle E-Business Suite Application server is running). Please note that the cookie name is case sensitive.

BO XI 3.1 : Active Directory Authentication failed to get the Active Directory groups

Dear all
        In our environment, there are 2 domain (domain A and B); it works well all the time. Today, all the user belong to domain A are not logi n; for user in domain B, all of them can log in but BO server response is very slowly. and there is error message popup when opening Webi report for domain B user. Below are the error message:
       " Active Directory Authentication failed to get the Active Directory groups for the account with ID:XXXX; pls make sure this account is valid and belongs to an accessible domain"
      Anyone has encountered similar issue?
   BO version: BO XI 3.1 SP5
   Authenticate: Windows AD
Thanks and Regards

Please get in touch with your AD team and verify if there are any changes applied to the domain controller and there are no network issues.
Also since this is a multi domain, make sure you have 2 way transitive forest trust as mentioned in SAP Note : 1323391 and FQDN for Directory servers are maintained in registry as per 1199995
http://service.sap.com/sap/support/notes/1323391
http://service.sap.com/sap/support/notes/1199995
-Ambarish-

Sun On-line Account authentication failed.

Similar Messages

Maybe you are looking for