2008 r2 RDP SSL NLA problem "Local Security Authority cannot be contacted"

Similar Messages

• The Local Security Authority cannot be contacted - Azure VM RDP Connection Error

  Hello Folks , 
  If you get below error when your connecting Azure VM , Check the NLA Settings under RDP Settings  as per Solution Snapshot
  Error : -
  Solution : 
  Best Regard's Krishna

  Hi,
  Which kind of user account you used for log on? Can you use domain admins account to log on? You can try other user accounts to see if any could log
  on. If some users can logon remotely, but others cannot. You can check Allow log on through Remote Desktop services and Deny log on through Remote Desktop services settings on the remote computer.
  Beside, maybe it is due to
  user's record on the DC was corrupt, so it would not authenticate the user correctly all of the time. Maybe you can reboot the DC to see if the issue persists.
  In addition, it may also due to Network Level Authentication is enabled and your password has expired. Maybe you can uncheck “Allow connections only from computers running Remote Desktop with
  Network Level Authentication” option to see if the issue persists.
  Best regards,
  Susie

• WRVS4400N - Local Security Gateway Type - problems

  Hi,
  I've setup several VPN gateways and one Cisco gateway to our Juniper SSG140 with no issues, until today. We purchased a WRVS4400N and I'm trying to configure it to connect to our Juniper firewall, as a "dial-up" connection. I can get it to work if I set the "Local Security Gateway Type:" to "IP ONLY", but when I change it to "IP + Domain Name (FQDN) Authentication" it fails with the Cisco router not sending ANY IPSEC messages on the Cisco or Juniper, not even error messages. The last line of the VPN log says "Initiating Agressive Mode #1, connection" and nothing changes even after hitting the "Connect" button on the Cisco router.
  The VPN router is Version 2, with firmware 2.0.8 loaded. Not sure if I have a bad Cisco wireless router, or this is by design.
  Thanks for any help.
  Keith

  i suggest that you change the local ip address of the RVL200 to 192.168.2.1 instead of using 192.168.0.1.  please check also the encryption and the security on both ends of the tunnel. make sure that you use the same encryption and same authentication. you may also want to start with low encryption and security to make sure that it is not the problem.

• I need helping!!! configuring RDP access to my local server from a remote location on my Cisco ASA 5505 Firewall.

  I need helping configuring RDP access to my local server from a remote location on my Cisco ASA 5505 Firewall.
  I have attempted to configure rdp access but it does not seem to be working for me Could I please ask someone to help me modify my current configuration to allow this? Please do step by step as I could use all the help I could get.
  I need to allow the following IP addresses to have RDP access to my server:
  66.237.238.193-66.237.238.222
  69.195.249.177-69.195.249.190
  69.65.80.240-69.65.80.249
  My external WAN server info is - 99.89.69.333
  The internal IP address of my server is - 192.168.6.2
  The other server shows up as 99.89.69.334 but is working fine.
  I already added one server for Static route and RDP but when I try to put in same commands it doesnt allow me to for this new one. Please take a look at my configuration file and give me the commands i need in order to put this through. Also please tell me if there are any bad/conflicting entries.
  THE FOLLOWING IS MY CONFIGURATION FILE
  Also I have modified IP information so that its not the ACTUAL ip info for my server/network etc... lol for security reasons of course
  Also the bolded lines are the modifications I made but that arent working.
  ASA Version 7.2(4)
  hostname ciscoasa
  domain-name default.domain.invalid
  enable password DowJbZ7jrm5Nkm5B encrypted
  passwd 2KFQnbNIdI.2KYOU encrypted
  names
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.6.254 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address 99.89.69.233 255.255.255.248
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  interface Ethernet0/2
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  ftp mode passive
  dns server-group DefaultDNS
  domain-name default.domain.invalid
  object-group network EMRMC
  network-object 10.1.2.0 255.255.255.0
  network-object 192.168.10.0 255.255.255.0
  network-object 192.168.11.0 255.255.255.0
  network-object 172.16.0.0 255.255.0.0
  network-object 192.168.9.0 255.255.255.0
  object-group service RDP tcp
  description RDP
  port-object eq 3389
  object-group service GMED tcp
  description GMED
  port-object eq 3390
  object-group service MarsAccess tcp
  description MarsAccess
  port-object range pcanywhere-data 5632
  object-group service MarsFTP tcp
  description MarsFTP
  port-object range ftp-data ftp
  object-group service MarsSupportAppls tcp
  description MarsSupportAppls
  port-object eq 1972
  object-group service MarsUpdatePort tcp
  description MarsUpdatePort
  port-object eq 7835
  object-group service NM1503 tcp
  description NM1503
  port-object eq 1503
  object-group service NM1720 tcp
  description NM1720
  port-object eq h323
  object-group service NM1731 tcp
  description NM1731
  port-object eq 1731
  object-group service NM389 tcp
  description NM389
  port-object eq ldap
  object-group service NM522 tcp
  description NM522
  port-object eq 522
  object-group service SSL tcp
  description SSL
  port-object eq https
  object-group service rdp tcp
  port-object eq 3389
  access-list outside_1_cryptomap extended permit ip 192.168.6.0 255.255.255.0 object-group EMRMC
  access-list inside_nat0_outbound extended permit ip 192.168.6.0 255.255.255.0 192.168.0.0 255.255.0.0
  access-list inside_nat0_outbound extended permit ip 192.168.6.0 255.255.255.0 object-group EMRMC
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 host 99.89.69.334 eq pcanywhere-data
  access-list outside_access_in extended permit udp 69.16.158.128 255.255.255.128 host 99.89.69.334 eq pcanywhere-status
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 host 99.89.69.334 object-group RDP
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq ftp
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq ldap
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq h323
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq telnet
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq www
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 host 99.89.69.334 object-group SSL
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 object-group NM522
  access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 object-group NM1731
  access-list outside_access_in extended permit tcp 173.197.144.48 255.255.255.248 host 99.89.69.334 object-group RDP
  access-list outside_access_in extended permit tcp any interface outside eq 3389
  access-list outside_access_in extended permit tcp host 66.237.238.194 host 99.89.69.333
  access-list outside_access_in extended permit tcp host 66.237.238.194 host 99.89.69.333 object-group rdp
  access-list outside_access_in extended permit tcp any host 99.89.69.333 object-group rdp
  access-list out_in extended permit tcp any host 192.168.6.2 eq 3389
  pager lines 24
  logging enable
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-524.bin
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 0 access-list inside_nat0_outbound
  nat (inside) 1 0.0.0.0 0.0.0.0
  static (inside,outside) tcp 99.89.69.334 3389 192.168.6.1 3389 netmask 255.255.255.255
  static (inside,outside) tcp interface 3389 192.168.6.2 3389 netmask 255.255.255.255
  access-group outside_access_in in interface outside
  route outside 0.0.0.0 0.0.0.0 99.89.69.338 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  http server enable
  http 192.168.6.0 255.255.255.0 inside
  http 0.0.0.0 0.0.0.0 outside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto map outside_map 1 match address outside_1_cryptomap
  crypto map outside_map 1 set peer 68.156.148.5
  crypto map outside_map 1 set transform-set ESP-3DES-MD5
  crypto map outside_map interface outside
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication pre-share
  encryption 3des
  hash md5
  group 1
  lifetime 86400
  crypto isakmp policy 30
  authentication pre-share
  encryption 3des
  hash md5
  group 2
  lifetime 86400
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  dhcpd auto_config outside
  tunnel-group 68.156.148.5 type ipsec-l2l
  tunnel-group 68.156.148.5 ipsec-attributes
  pre-shared-key *
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
  service-policy global_policy global
  prompt hostname context
  Cryptochecksum:f47dfb2cf91833f0366ff572eafefb1d
  : end
  ciscoasa(config-network)#

  Unclear what did not work.  In your original post you include said some commands were added but don't work:
  static (inside,outside) tcp interface 3389 192.168.6.2 3389 netmask 255.255.255.255
  and later you state you add another command that gets an error:
  static (inside,outside) tcp 99.89.69.333 3389 192.168.6.2 3389 netmask 255.255.255.255
  You also stated that 99.89.69.333 (actually 99.89.69.233, guessing from the rest of your config and other posts) is your WAN IP address.
  The first static statement matches Cisco's documentation, which states that a static statement must use the 'interface' directive when you are trying to do static PAT utilizing the IP address of the interface.  Since 99.89.69.333 is the assigned IP address of your WAN interface, that may explain why the second statement fails.
  Any reason why you are using static PAT (including the port number 3389) instead of just skipping that directive?  Static PAT usually makes sense when you need to change the TCP port number.  In your example, you are not changing the TCP port 3389.

• Local security settings

  Hi,
  on 10g R2 on a win 2003 server, when try to stop database from DB control I receive this error :
  RemoteOperationException: ERROR: Wrong password for userWhat is wrong ? We are sure of user/pwd given.
  It is administrator/pwd of Windows.
  Must we do something in Local security settings of windwos server ?
  Thank you.
  I found here http://weblogs.asp.net/wallym/archive/2005/01/03/345818.aspx
  this :
  Have you gotten the error; "RemoteOperationException: ERROR: wrong password for user" with Oracle 10g? If so, it is probably because the OS user that you are trying to login to the Oracle Enterprise Manager with has not been setup to allow the user to logon as a "Batch Job." To resolve this issue:
  Go to "Control Panel" -> "Admin Tools" -> "Local Security Policy."
  Within "Local Policies", go to user "Right Assignment."
  Add the user to "Logon as a Batch Job."
  The logon problem should now be resolved. This is for trying to run Oracle 10g on Windows 2003 Server.
  Edited by: user522961 on Nov 20, 2008 8:05 AM

  Hi,
  SCM includes a LocalGPO tool which allows you to manage the local group policy objects (LGPO) on non-domain joined computers.
  Please refer to this blog, check whether it can help you
  Microsoft’s Free Security Tools – Microsoft Security Compliance Manager Tool (SCM)
  http://blogs.technet.com/b/security/archive/2013/01/15/microsoft-s-free-security-tools-microsoft-security-compliance-manager-tool-scm.aspx
  Yolanda Zhu
  TechNet Community Support

• SSL error occurred, secure connextion cannot be made

  Hello everyone,
  I was trying to put a picture online on my blogger-blog with MarsEdit when I got this weird error: An SSL error has occurred and a secure connection to the server cannot be made.
  When I checked MarsEdit net-log, there was an URL: https://www.google.com/accounts/ClientLogin
  If I go to this URL with Firefox, no problem, I get a standard error-messag: Error=BadAuthentication
  But if I go there with Safari, I can't reach the page at all. So, something tells me I have some network-problem or ssl/identification problem somewhere into my OS, no?
  Any idea of what I can do against that? Anyone?
  Thank you for your answers.
  Cyril

  I had this happen a while ago too when I switched development machines, but I was able to submit it from a friend's house, so I'm pretty sure it is my ISP but this should not be a problem. I am trying to push out another update and I'm having the same problem again. I would be very happy if there was a permanent solution to this problem.

• Allow anonymous SID/Name translation - Setting via registry instead of the Local Security Policy (or GPO)

  I have a Windows 2008 R2 server and I am building a script to set a bunch of security settings via the registry.
  I am stuck on one.
  I am trying to set: Network Access - Allow anonymous SID/Name translation to 'Disabled' via the registry, I know this can be done through the local security policy or via a GPO but that is not what I am interested in. I want to do it making
  changes to the registry.
  I found some people saying this can be done at:
  HKLM\System\CurrentControlSet\Control\Lsa\TurnOffAnonymousBlock
  However, when I browse to the registry this TurnOffAnonymousBlock registry key does not exist. Even if I set the policy to enabled or disabled manually in the local security policy. The key doesn't exist. This leads me to believe this is not the correct
  registry key that controls this setting.
  Can anyone shed light what the appropriate key is in the registry?

  Hi,
  As others mentioned, we can change the value of registry key “HKLM\System\CurrentControlSet\Control\Lsa\TurnOffAnonymousBlock”
  to set Network Access - Allow anonymous SID/Name translation to ‘Disabled’.
  In your case, this registry key does not exist.
  Please try to add this registry key to your Windows 2008 R2 server, then find out if this registry key could solve your issue.
  Here are some links below could be helpful to you:
  Configure a Registry Item
  http://technet.microsoft.com/en-us/library/cc753092.aspx
  You may not be able to connect to an instance of SQL Server by using an anonymous login
  http://support.microsoft.com/kb/839569
  I hope this helps!
  Best Regards,
  Amy Wang

• How to Export local security setting all filed name & value against filed.

  HI all,
  I am trying to export local security setting from local policy using bellow scrip. but it is showing only these are configured. I need expert help which allowed me to export all filed with value where it is configure or not. Please give me.
  $output=@()
  $temp = "c:\"
  $file = "$temp\privs.txt"
  [string] $readableNames
  $process = [diagnostics.process]::Start("secedit.exe", "/export /cfg $file /areas USER_RIGHTS")
  $process.WaitForExit()
  $in = get-content $file
  foreach ($line in $in) {
  if ($line.StartsWith("Se")) {
  $privilege = $line.substring(0,$line.IndexOf("=") - 1)
  switch ($privilege){
  "SeCreateTokenPrivilege " {$privilege = "Create a token object"}
  "SeAssignPrimaryTokenPrivilege" {$privilege = "Replace a process-level token"}
  "SeLockMemoryPrivilege" {$privilege = "Lock pages in memory"}
  "SeIncreaseQuotaPrivilege" {$privilege = "Adjust memory quotas for a process"}
  "SeUnsolicitedInputPrivilege" {$privilege = "Load and unload device drivers"}
  "SeMachineAccountPrivilege" {$privilege = "Add workstations to domain"}
  "SeTcbPrivilege" {$privilege = "Act as part of the operating system"}
  "SeSecurityPrivilege" {$privilege = "Manage auditing and the security log"}
  "SeTakeOwnershipPrivilege" {$privilege = "Take ownership of files or other objects"}
  "SeLoadDriverPrivilege" {$privilege = "Load and unload device drivers"}
  "SeSystemProfilePrivilege" {$privilege = "Profile system performance"}
  "SeSystemtimePrivilege" {$privilege = "Change the system time"}
  "SeProfileSingleProcessPrivilege" {$privilege = "Profile single process"}
  "SeCreatePagefilePrivilege" {$privilege = "Create a pagefile"}
  "SeCreatePermanentPrivilege" {$privilege = "Create permanent shared objects"}
  "SeBackupPrivilege" {$privilege = "Back up files and directories"}
  "SeRestorePrivilege" {$privilege = "Restore files and directories"}
  "SeShutdownPrivilege" {$privilege = "Shut down the system"}
  "SeDebugPrivilege" {$privilege = "Debug programs"}
  "SeAuditPrivilege" {$privilege = "Generate security audit"}
  "SeSystemEnvironmentPrivilege" {$privilege = "Modify firmware environment values"}
  "SeChangeNotifyPrivilege" {$privilege = "Bypass traverse checking"}
  "SeRemoteShutdownPrivilege" {$privilege = "Force shutdown from a remote system"}
  "SeUndockPrivilege" {$privilege = "Remove computer from docking station"}
  "SeSyncAgentPrivilege" {$privilege = "Synchronize directory service data"}
  "SeEnableDelegationPrivilege" {$privilege = "Enable computer and user accounts to be trusted for delegation"}
  "SeManageVolumePrivilege" {$privilege = "Manage the files on a volume"}
  "SeImpersonatePrivilege" {$privilege = "Impersonate a client after authentication"}
  "SeCreateGlobalPrivilege" {$privilege = "Create global objects"}
  "SeTrustedCredManAccessPrivilege" {$privilege = "Access Credential Manager as a trusted caller"}
  "SeRelabelPrivilege" {$privilege = "Modify an object label"}
  "SeIncreaseWorkingSetPrivilege" {$privilege = "Increase a process working set"}
  "SeTimeZonePrivilege" {$privilege = "Change the time zone"}
  "SeCreateSymbolicLinkPrivilege" {$privilege = "Create symbolic links"}
  "SeDenyInteractiveLogonRight" {$privilege = "Deny local logon"}
  "SeRemoteInteractiveLogonRight" {$privilege = "Allow logon through Terminal Services"}
  "SeServiceLogonRight" {$privilege = "Logon as a service"}
  "SeIncreaseBasePriorityPrivilege" {$privilege = "Increase scheduling priority"}
  "SeBatchLogonRight" {$privilege = "Log on as a batch job"}
  "SeInteractiveLogonRight" {$privilege = "Log on locally"}
  "SeDenyNetworkLogonRight" {$privilege = "Deny Access to this computer from the network"}
  "SeNetworkLogonRight" {$privilege = "Access this Computer from the Network"}
    $sids = $line.substring($line.IndexOf("=") + 1,$line.Length - ($line.IndexOf("=") + 1))
    $sids =  $sids.Trim() -split ","
    $readableNames = ""
    foreach ($str in $sids){
      $str = $str.substring(1)
      $sid = new-object System.Security.Principal.SecurityIdentifier($str)
      $readableName = $sid.Translate([System.Security.Principal.NTAccount])
      $readableNames = $readableNames + $readableName.Value + ", "
  $output += New-Object PSObject -Property @{            
          privilege       = $privilege               
          readableNames   = $readableNames.substring(0,($readableNames.Length - 1))
          #else            = $line."property" 
  $output  

  As an alternate approach wee can preset the hash and just update it.  This version also deal with trapping the errors.
  function Get-UserRights{
  Param(
  [string]$tempfile="$env:TEMP\secedit.ini"
  $p=Start-Process 'secedit.exe' -ArgumentList "/export /cfg $tempfile /areas USER_RIGHTS" -NoNewWindow -Wait -PassThru
  if($p.ExitCode -ne 0){
  Write-Error "SECEDIT exited with error:$($p.ExitCode)"
  return
  $selines=get-content $tempfile|?{$_ -match '^Se'}
  Remove-Item $tempfile -EA 0
  $dct=$selines | ConvertFrom-StringData
  $hash=@{
  SeCreateTokenPrivilege =$null
  SeAssignPrimaryTokenPrivilege=$null
  SeLockMemoryPrivilege=$null
  SeIncreaseQuotaPrivilege=$null
  SeUnsolicitedInputPrivilege=$null
  SeMachineAccountPrivilege=$null
  SeTcbPrivilege=$null
  SeSecurityPrivilege=$null
  SeTakeOwnershipPrivilege=$null
  SeLoadDriverPrivilege=$null
  SeSystemProfilePrivilege=$null
  SeSystemtimePrivilege=$null
  SeProfileSingleProcessPrivilege=$null
  SeCreatePagefilePrivilege=$null
  SeCreatePermanentPrivilege=$null
  SeBackupPrivilege=$null
  SeRestorePrivilege=$null
  SeShutdownPrivilege=$null
  SeDebugPrivilege=$null
  SeAuditPrivilege=$null
  SeSystemEnvironmentPrivilege=$null
  SeChangeNotifyPrivilege=$null
  SeRemoteShutdownPrivilege=$null
  SeUndockPrivilege=$null
  SeSyncAgentPrivilege=$null
  SeEnableDelegationPrivilege=$null
  SeManageVolumePrivilege=$null
  SeImpersonatePrivilege=$null
  SeCreateGlobalPrivilege=$null
  SeTrustedCredManAccessPrivilege=$null
  SeRelabelPrivilege=$null
  SeIncreaseWorkingSetPrivilege=$null
  SeTimeZonePrivilege=$null
  SeCreateSymbolicLinkPrivilege=$null
  SeDenyInteractiveLogonRight=$null
  SeRemoteInteractiveLogonRight=$null
  SeServiceLogonRight=$null
  SeIncreaseBasePriorityPrivilege=$null
  SeBatchLogonRight=$null
  SeInteractiveLogonRight=$null
  SeDenyNetworkLogonRight=$null
  SeNetworkLogonRight=$null
  for($i=0;$i -lt $dct.Count;$i++){
  $hash[$dct.keys[$i]]=$dct.Values[$i].Split(',')
  $privileges=New-Object PsObject -Property $hash
  $privileges
  Get-UserRights
  A full version would be pipelined and remoted or, perhaps use a workflow to access remote machines in parallel.
  ¯\_(ツ)_/¯

• I have problem in security answer and my account was locked

  When i try to buy any application i can't buy becuase it's come put ur security answer but always they said incorrect till acount locked and i dont know how to solf the problem now

  You need to ask Apple to reset your security questions; ways of contacting them include clicking here and picking a method for your country, phoning AppleCare and asking for the Account Security team, and filling out and submitting this form.
  (101478)

• I gotta problem with security question recovery email I'd, mistakenly I entered wrong email I'd so now I want to edit that I'd plz help me

  I gotta problem with security question recovery email I'd, mistakenly I entered wrong email I'd so now I want to edit that I'd plz help me

  expresslane.apple.com to get a hold of itunes to reset them by email the only way

• HT5312 Problem with security question

  I have Problem with security question

  The Best Alternatives for Security Questions and Rescue Mail
       1.  Send Apple an email request at: Apple - Support - iTunes Store - Contact Us.
       2.  Call Apple Support in your country: Customer Service: Contact Apple support.
       3.  Rescue email address and how to reset Apple ID security questions.
  An alternative to using the security questions is to use 2-step verification:
  Two-step verification FAQ Get answers to frequently asked questions about two-step verification for Apple ID.

• HT5699 Having problem with security question

  Cannot get iTunes card to work having problem with security question

  Alternatives for Help Resetting Security Questions and Rescue Mail
       1. Apple ID- All about Apple ID security questions.
       2. Rescue email address and how to reset Apple ID security questions
       3. Apple ID- Contacting Apple for help with Apple ID account security.
       4. Fill out and submit this form. Select the topic, Account Security.
       5.  Call Apple Customer Service: Contacting Apple for support in your
            country and ask to speak to Account Security.
  How to Manage your Apple ID: Manage My Apple ID

• Please help me to fix my problem in security question, I've really totally forgot the answer, this is the second time

  Please help me to fix my problem in security question I've really forgot the answer,
  Please let me know how to fix this, thank you

  You set the answers to the security questions so that nobody else can access the iPad without knowing those answers. It's a security thing. You need to get your head around the importance of these answers.  If we put all your data in a safe and gave you a password to open it, would you forget it? Twice? That is exactly what you have done.
  Restore. The fate of your data is uncertain.

• Safari and iTunes having problems accessing secure sites

  I've been having problems with iTunes not being able to access the iTunes Store. I can browse the store but can not add anything to my shopping cart. I decided it was time to see if Safari was having problems with secure sites and sure enough I discovered that it can not access secure sites either. The only way I've been able to access secure sites is via Firefox.
  A typical scenerio is that I can not log onto my Apple ID. As soon as I click on the "sign in ID" link I get a pop-up stating that a secure connection to store.apple.com can not be established.
  So far I've tried clearing the Safari cache and deleting site keys from my stored key chains. Nothing helps.
  I'm running Safari 1.3.1 and iTunes 4.9.

  Can anyone help?

• Hello I have a problem with security questions and i cant reset to my email  The error was   Exceeded Maximum Attempts  We apologize, but we were unable to verify your account information with the answers you provided to our security questions. You have

  Hello
  I have a problem with security questions and i cant reset to my email
  The error was
  Exceeded Maximum Attempts
  We apologize, but we were unable to verify your account information with the answers you provided to our security questions.
  You have made too many attempts to answer these questions. So, for security reasons, you will not be able to reset password for the next eight hours.
  Click here      for assistance.
  i waited more than eight hours. and back to my account but it is the same ( no change ) i cant find forgot your answers
  http://www.traidnt.net/vb/attachment...134863-333.jpg
  can you help me please

  Alternatives for Help Resetting Security Questions and Rescue Mail
       1. Apple ID- All about Apple ID security questions.
       2. Rescue email address and how to reset Apple ID security questions
       3. Apple ID- Contacting Apple for help with Apple ID account security.
       4. Fill out and submit this form. Select the topic, Account Security.
       5.  Call Apple Customer Service: Contacting Apple for support in your
            country and ask to speak to Account Security.
  How to Manage your Apple ID: Manage My Apple ID