AFP login via Kerberos from 10.5 clients to 10.4 server broken

Similar Messages

• Kerberos & AFP fails to login via kerberos

  Hi,
  I am unable to login via afp using kerberos. When i used the kadmin.local -q listprincs comand to list the principals the afpserver is listed. When i change the authorization to kerberos. I revice a : "Connection Failed! The User Authentication Method required by this server can't be found." It was working under 10.4.3 is there any changes since.
  PowerMac G5 DP 2.0   Mac OS X (10.4.4)  

  You get this message:
  <blockquote>The server has rejected your login. Please verify that your user name and password are correct. Error Code: 800cccd1 </blockquote>
  And Thunderbird can successfully receive/send on the test account but not on your own account, with the same server/port/SSL settings?
  Other than the possibility that your password is incorrect...
  Does your server require or have you tried entering your login username in this format:
  domain\username
  I don't know whether the following is relevant to your mailbox (server-side issue): [http://support.microsoft.com/kb/949926 Error when you use an IMAP4 client or a POP3 client to log on to a delegate mailbox of Exchange Server 2007: "800cccd1"].

• Unable to authenticate from 10.5 client to 10.5 Server to mount SMB or AFP

  We have been banging our heads for some time now and have no idea what is going on. Here's the scenario:
  We have a 10.5.6 Server bound to an Active Directory Domain
  The Server's role is: Connected to a Directory System
  We have ensured that Active Directory/All Domains has been added in the Authentication Pane of Directory Services
  We have made sure that single-sign on has been enabled by running dsconfigad -enablesso
  We have verified that SMB and AD are using the same password
  The shares are actually being re-shared from mounts added through XSan.
  This has worked in 10.4.
  Now, when a client tries to mount the smb share using domain credentials they get an error that they are unable to authenticate.
  If an attempt is made to authenticate from a command line the error reads:
  server rejected the connection: Authentication error
  The smb logs fill with error -14090 [eDSAuthFailed] on each authentication type attempt meaning it tries kerberos and fails, NTLMv2 and fails, NTLMv1 and fails.
  We really need to figure this one out. Anyone have any more ideas?

  It does, in fact, fail the SHA-1 test, but how could that be? What could cause the download to be corrupt over and over and over? I've downloaded it both wirelessly and by wired connection, on both the MacBook itself and on a PowerMac G5.
  MacOSXUpd10.5.6.dmg SHA comes back as e35035609abb3a0ac231d4d4cd8954a8d07d950e
  accepted SHA is 684f67524a92b4314a4bdd52498fb3b6af8f9ded
  MacOSXUpdCombo10.5.6 SHA comes back as 045e51a74376521931e563c64fa79ed5c1529d79
  accepted SHA is 09de4ac2c5591ab75d51ef37dc70f9e5630150d4
  i doubt that info really helps anything, though
  Redownloading both AGAIN... we'll see what happens.
  Message was edited by: chiefanalogist

• Upgrade from Snow Leopard (Client) to Snow Leopard Server

  Hi,
  can I upgrade from Snow Leopard client (10.6.3) to the Server (10.6.3) without having to reformat my disk and delete all the apps etc?
  Thanks

  Hi Michele,
  Upgrading from 10.6 to 10.6 Server is unfortunately not possible without an erase and install of the Server OS.
  If you want to preserve your Client OS initially, you could split the primary disk partition and install 10.6 Server on the other partition, then remove the Client OS partition when ready and reclaim the disk space for the Server partition.

• Screen Sharing from 10.6 client to 10.5 server looks cruddy

  Any idea why Screen Sharing from my 10.5.8 OS X Server (XServe G5) to my 10.6.5 MacBook Air would look like crap (pixellated)?
  Here's what it looks like. It also looks like this from my Mac Pro (10.6.5 also).
  http://farm6.static.flickr.com/5162/52804708313d6e6373cco.png
  It also looks like this in ARD "Observe" or "Control" mode.

  Fixed it. Turns out it was the video card (more likely the video card driver). I swapped a new vidcard in there and it's good to go.
  This was a cluster node, so it didn't have a stock video card.

• How to Remove "Project Plan Template" from Project MSP client Enterprise tab / Project Server 2013

  Hello All,
  This should be easy one.
  I have created a "Project Plan Template" and applied to the EPT. Now i open my MSP Client 2013 and go to New--> Enterprise tab and select the template i want to use to create a new project. However, there are unnecessary Plan Templates which
  i want to remove from enterprise tab.
  Please Help. 
  sandeep

  Hi Sandeep, Go to PWA,server settings, delete enterprise objects. Then select the project combo box. You will see the list of all projects of your instance, with a column named "type". In this column you will find projects, sub projects, master
  projects and templates. Just sort along this type column, look for the templates, select the template to remove and click on the "delete" button.
  Hope this helps,
  Guillaume Rouyre, MBA, MVP, P-Seller |

• Problem getting an LDAPContext after authenticating via Kerberos

  Hi,
  I am trying to create a Java program that can query an Active Directory server using the currenlty logged in Windows user's credentials to authenticate via LDAP.
  I am getting the following error in my output when trying to create the LdapContext object.
  GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos Ticket)
  The full output is as follows
  Debug is  true storeKey false useTicketCache true useKeyTab false doNotPrompt false ticketCache is null isInitiator true KeyTab is null refreshKrb5Config is false principal is null tryFirstPass is false useFirstPass is false storePass is false clearPass is false
  Acquire TGT from Cache
  KinitOptions cache name is C:\Documents and Settings\Administrator.THALES-3D8PWWDM\krb5cc_AdministratorAcquire default native Credentials
  Obtained TGT from LSA: Credentials:
  [email protected]
  server=krbtgt/[email protected]
  authTime=20090618162927Z
  startTime=20090618162927Z
  endTime=20090619022927Z
  renewTill=20090625162927Z
  flags: FORWARDABLE;RENEWABLE;INITIAL;PRE-AUTHENT
  EType (int): 23
  Principal is [email protected]
  Commit Succeeded
  Subject:
       Principal: [email protected]
       Private Credential: Ticket (hex) =
  0000: 61 82 03 BC 30 82 03 B8   A0 03 02 01 05 A1 0A 1B  a...0...........
  <REMOVED>4   8A 8C BE 6B FD 65 5D 2F  .R..t#@d...k.e]/
  Client Principal = [email protected]
  Server Principal = krbtgt/[email protected]
  Session Key = EncryptionKey: keyType=23 keyBytes (hex dump)=
  0000: C0 62 F6 3F 5C 29 F4 7B   C1 FC AB A0 77 D1 E7 E0  .b.?\)......w...
  Forwardable Ticket true
  Forwarded Ticket false
  Proxiable Ticket false
  Proxy Ticket false
  Postdated Ticket false
  Renewable Ticket true
  Initial Ticket true
  Auth Time = Thu Jun 18 17:29:27 BST 2009
  Start Time = Thu Jun 18 17:29:27 BST 2009
  End Time = Fri Jun 19 03:29:27 BST 2009
  Renew Till = Thu Jun 25 17:29:27 BST 2009
  Client Addresses  Null
  Found ticket for [email protected] to go to krbtgt/[email protected] expiring on Fri Jun 19 03:29:27 BST 2009
  KinitOptions cache name is C:\Documents and Settings\Administrator.THALES-3D8PWWDM\krb5cc_AdministratorAcquire default native Credentials
  Obtained TGT from LSA: Credentials:
  [email protected]
  server=krbtgt/[email protected]
  authTime=20090618162927Z
  startTime=20090618162927Z
  endTime=20090619022927Z
  renewTill=20090625162927Z
  flags: FORWARDABLE;RENEWABLE;INITIAL;PRE-AUTHENT
  EType (int): 23
  Found ticket for [email protected] to go to krbtgt/[email protected] expiring on Fri Jun 19 03:29:27 BST 2009
  GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos Ticket)
       at sun.security.jgss.krb5.Krb5InitCredential.getInstance(Unknown Source)
       at sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Unknown Source)
       at sun.security.jgss.GSSManagerImpl.getCredentialElement(Unknown Source)
       at sun.security.jgss.GSSCredentialImpl.add(Unknown Source)
       at sun.security.jgss.GSSCredentialImpl.<init>(Unknown Source)
       at sun.security.jgss.GSSCredentialImpl.<init>(Unknown Source)
       at sun.security.jgss.GSSManagerImpl.createCredential(Unknown Source)
       at sun.security.jgss.GSSContextImpl.initSecContext(Unknown Source)
       at sun.security.jgss.GSSContextImpl.initSecContext(Unknown Source)
       at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(Unknown Source)
       at com.sun.jndi.ldap.sasl.LdapSasl.saslBind(Unknown Source)
       at com.sun.jndi.ldap.LdapClient.authenticate(Unknown Source)
       at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
       at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)
       at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)
       at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)
       at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)
       at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)
       at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
       at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
       at javax.naming.InitialContext.init(Unknown Source)
       at javax.naming.InitialContext.<init>(Unknown Source)
       at javax.naming.directory.InitialDirContext.<init>(Unknown Source)
       at com.thalesgroup.planit.ldap.LDAPAction.performLDAPOperation(Main.java:87)
       at com.thalesgroup.planit.ldap.LDAPAction.run(Main.java:66)
       at java.security.AccessController.doPrivileged(Native Method)
       at javax.security.auth.Subject.doAs(Unknown Source)
       at com.thalesgroup.planit.ldap.Main.main(Main.java:46)
  javax.naming.AuthenticationException: GSSAPI [Root exception is javax.security.sasl.SaslException: GSS initiate I am running this using the following VM arguments
  -Djavax.security.auth.useSubjectCredsOnly=false -Dsun.security.krb5.debug=true
  Finally my jaas config file is as follows
  fsta {
       com.sun.security.auth.module.Krb5LoginModule required
  debug=true client=false useTicketCache=true;
  com.sun.security.jgss.initiate {
  com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true;
  };I am running this locally on the AD server (running Windows Server 2003).
  Does anybody know how I can get rid of the exception and create an authenticated LdapContext?
  Any suggestions would be greatly appreciated.
  Thanks
  Graeme

  My java source is as follows (its a modified example I found online)
  import java.util.Hashtable;
  import javax.naming.Context;
  import javax.naming.NamingEnumeration;
  import javax.naming.NamingException;
  import javax.naming.directory.Attributes;
  import javax.naming.directory.DirContext;
  import javax.naming.directory.InitialDirContext;
  import javax.naming.directory.SearchControls;
  import javax.naming.directory.SearchResult;
  import javax.security.auth.Subject;
  import javax.security.auth.login.LoginContext;
  import javax.security.auth.login.LoginException;
  import com.sun.security.auth.callback.TextCallbackHandler;
  public class Main {
      public static void main(String[] args) {
      java.util.Properties p = new java.util.Properties(System.getProperties());
      p.setProperty("java.security.krb5.realm", "fsta.com");
      p.setProperty("java.security.krb5.kdc", "192.168.1.10");
      p.setProperty("java.security.auth.login.config", "C:\\jaas.conf");
      System.setProperties(p);
      // 1. Log in (to Kerberos)
      LoginContext lc = null;
      try {
              lc = new LoginContext("fsta", new TextCallbackHandler());
      // Attempt authentication
      lc.login();
      } catch (LoginException le) {
      System.err.println("Authentication attempt failed" + le);
      System.exit(-1);
      Subject subject = lc.getSubject();
      System.out.println(subject.toString());
      // 2. Perform JNDI work as logged in subject
      Subject.doAs(subject, new LDAPAction(args));
      // 3. Perform LDAP Action
      * The application must supply a PrivilegedAction that is to be run
      * inside a Subject.doAs() or Subject.doAsPrivileged().
      class LDAPAction implements java.security.PrivilegedAction {
      private String[] args;
      private static String[] sAttrIDs;
      private static String sUserAccount = new String("Administrator");
      public LDAPAction(String[] origArgs) {
      this.args = origArgs.clone();
      public Object run() {
      performLDAPOperation(args);
      return null;
      private static void performLDAPOperation(String[] args) {
      // Set up environment for creating initial context
      Hashtable env = new Hashtable(11);
      env.put(Context.INITIAL_CONTEXT_FACTORY,
      "com.sun.jndi.ldap.LdapCtxFactory");
      // Must use fully qualified hostname
      env.put(Context.PROVIDER_URL, "ldap://192.168.1.10:389");
      // Request the use of the "GSSAPI" SASL mechanism
      // Authenticate by using already established Kerberos credentials
      env.put(Context.SECURITY_AUTHENTICATION, "GSSAPI");
  //    env.put("javax.security.sasl.server.authentication", "true");
      try {
      /* Create initial context */
      DirContext ctx = new InitialDirContext(env);
      /* Get the attributes requested */
      //Create the search controls        
      SearchControls searchCtls = new SearchControls();
      //Specify the attributes to return
      String returnedAtts[]={"sn","givenName","mail"};
      searchCtls.setReturningAttributes(returnedAtts);
      //Specify the search scope
      searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
      //specify the LDAP search filter
      String searchFilter = "(&(objectClass=user)(mail=*))";
      //Specify the Base for the search
      String searchBase = "DC=fsta,DC=com";
      //initialize counter to total the results
      int totalResults = 0;
      // Search for objects using the filter
      NamingEnumeration answer = ctx.search(searchBase, searchFilter, searchCtls);
      //Loop through the search results
      while (answer.hasMoreElements()) {
              SearchResult sr = (SearchResult)answer.next();
          totalResults++;
          System.out.println(">>>" + sr.getName());
          // Print out some of the attributes, catch the exception if the attributes have no values
          Attributes attrs = sr.getAttributes();
          if (attrs != null) {
              try {
              System.out.println("   surname: " + attrs.get("sn").get());
              System.out.println("   firstname: " + attrs.get("givenName").get());
              System.out.println("   mail: " + attrs.get("mail").get());
              catch (NullPointerException e)    {
              System.err.println("Error listing attributes: " + e);
      System.out.println("RABOTIII");
          System.out.println("Total results: " + totalResults);
      ctx.close();
      } catch (NamingException e) {
      e.printStackTrace();
  }Edited by: GraemeK on Jun 18, 2009 11:56 AM

• JSP : latest  JSTL, File Upload from web form Client to Server Question!

  I understand that within a JSP, It is possible to read a file from the Client by opening a Stream somehow.
  How do I code, within jsp/servlet (non tag) java code inside <% %>
  blocks, WITHOUT openening a new connection to the URL, an InputStream from a client web browser form, from a file upload coded using
  <input type="file" name="file1"/> ?
  I have previously achieved this quite simply with a FileInputStream
  with the previous version of JSTL.
  How may I do this with the latest version of JSTL, with this index.jsp?
  -with a simple text file.
  -with a Binary file (with DataInputStream)?
  <%--
  Document : index
  Created on : 27/01/2009, 3:08:32 PM
  Author : Zachary Mitchell
  --%>
  <%@page contentType="text/html" pageEncoding="UTF-8"%>
  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
  "http://www.w3.org/TR/html4/loose.dtd">
  <html>
  <head>
  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  <title>JSP Page</title>
  </head>
  <body>
  <h1 align="center">Hello World!</h1>
  <form name="form1" method ="POST" >
  <table align="center">
  <tr>
  <td>
  <input name="file1" type="file" align="center"></input>
  </td>
  </tr>
  <tr>
  <td>
  <input type="submit" value="submit" action="index.jsp" ></input>
  </td>
  </tr>
  </table>
  </form>
  <!--*********************************************************************** -->
  <%@ taglib uri="http://java.sun.com/jstl/core_rt" prefix="c" %>
  <%@page import = "java.io.*" %>
  <c:if test="${pageContext.request.method=='POST'}">
  <%
  File fileName = new File(request.getParameter("file1"));
  out.println(fileName.toString());
  FileInputStream stream = new FileInputStream(fileName);
  out.println(stream.toString());
  %>
  </c:if>
  <!--*********************************************************************** -->
  </body>
  </html>

  If I have:
  <!-- ***********************************************************************************-->
  <form name="form1" method="POST" enctype="multipart/form-data">
  <input name="file1" type="file"/>
  <input name="submit1" type="submit" value="Submit" action="index.jsp"/>
  </form>
  <!-- ***********************************************************************************-->
  and run this in an index.jsp, use browse to select my text file, and click SUBMIT.
  I can use:
  InputStreamReader reader = new InputStreamReader(new DataInputStream(request.getInputStream()))
  BufferedReader bufferedReader = new BufferedReader(reader);
  bufferedReader.readLine();...
  However, these is some HTML/POST related content around what multiple readLine();
  calls return.
  Is there an easy way, like using "${param.file1}",
  aside from [http://commons.apache.org/fileupload/|http://commons.apache.org/fileupload/],
  maybe using servlet style code, to get the File contents from a remote Client,
  to the remote Server servlet engine, AVOIDING ANY SUPERFLUOUS CONTENT,
  using version 1.12 of the JSTL, JSP 2.0,Tomcat 6?
  Just politely, yes, no, and how?
  Edited by: Zac1234 on Jan 29, 2009 3:27 AM
  Edited by: Zac1234 on Feb 1, 2009 8:29 PM

• Connection to a tuxedo server from a  remote client

  How do we connect from a remote client to a Tuxedo server?
  When we tried to build a workstation client using buildtuxedo 8.0,it is unable
  to link "libnwi.lib" file.But there is no "libnwi.lib" file in the system
  please resolve this error

  subhash,
  You should be able to build a workstation client using buildclient -w
  {other options}
  If this isn't woking, you should contact BEA support.
  Regards,
  Peter.
  Got a Question? Ask BEA at http://askbea.bea.com
  The views expressed in this posting are solely those of the author, and BEA
  Systems, Inc. does not endorse any of these views.
  BEA Systems, Inc. is not responsible for the accuracy or completeness of
  the
  information provided
  and assumes no duty to correct, expand upon, delete or update any of the
  information contained in this posting.
  subhash wrote:
  How do we connect from a remote client to a Tuxedo server?
  When we tried to build a workstation client using buildtuxedo 8.0,it is unable
  to link "libnwi.lib" file.But there is no "libnwi.lib" file in the system
  please resolve this error

• Attempting to use SSL over RMI from a web application to a RMI server

  Hi,
  I am attempting to use SSL over RMI to a server. The client is the web
  application that is hosted on WebLogic and that attempts to connect to the
  server. There is no client or server verification at either the client or
  the server end. The code works outside of WebLogic 7/8 but has the following
  issues when running the web application inside weblogic:
  java.rmi.ConnectException: Connection refused to host: gkhanna1; nested
  exception is:
  java.net.ConnectException: Connection refused: connect
  java.net.ConnectException: Connection refused: connect
  at java.net.PlainSocketImpl.socketConnect(Native Method)
  at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:350)
  at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:137)
  at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:124)
  at java.net.Socket.<init>(Socket.java:268)
  at java.net.Socket.<init>(Socket.java:95)
  at
  sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketF
  actory.java:20)
  at
  sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketF
  actory.java:115)
  at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:494)
  at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:185)
  at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:169)
  at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:313)
  at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
  at java.rmi.Naming.lookup(Naming.java:79)
  at
  com.hyperion.css.spi.impl.ntlm.NTLMConnectionClient.initConnection(NTLMConne
  ctionClient.java:59)
  at
  com.hyperion.css.spi.impl.ntlm.NTLMConnectionClient.getUsers(NTLMConnectionC
  lient.java:197)
  at com.hyperion.css.CSSAPIImpl.getUsers(Unknown Source)
  at com.hyperion.css.CSSAPIImpl.initialize(Unknown Source)
  at com.hyperion.css.CSSAPIImpl.initialize(Unknown Source)
  at jsp_servlet._jsp._app1.__app1signin._jspService(__app1signin.java:133)
  at weblogic.servlet.jsp.JspBase.service(JspBase.java:27)
  at
  weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(Servle
  tStubImpl.java:1058)
  at
  weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
  :401)
  at
  weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
  :445)
  at
  weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
  :306)
  at
  weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(W
  ebAppServletContext.java:5445)
  at
  weblogic.security.service.SecurityServiceManager.runAs(SecurityServiceManage
  r.java:780)
  at
  weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletCo
  ntext.java:3105)
  at
  weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java
  :2588)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:213)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:189)
  The code at the client that initiates the connection:
  socketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
  SSLSocket socket = (SSLSocket) socketFactory.createSocket(host, port);
  socket.setEnabledCipherSuites(CIPHERS);
  socket.setEnableSessionCreation(true);
  Any ideas?
  Thanks

  I don't see anything that indicates SSL was directly a factor in the
  failure.
  From the exception stack it looks like a more basic connectivity issue,
  maybe the URL for the
  RMI server is incorrect for some reason or the server was down.
  It looks like you are doing something like this:
  SSL client -> WLS server with servletA, servletA RMI client
  (com.hyperion.css) -> RMI server
  The connection failure appears to be the connection from servletA RMI client
  to the RMI server.
  Is that a correct picture?
  Tony
  "Gaurav Khanna" <[email protected]> wrote in message
  news:[email protected]...
  Hi,
  I am attempting to use SSL over RMI to a server. The client is the web
  application that is hosted on WebLogic and that attempts to connect to the
  server. There is no client or server verification at either the client or
  the server end. The code works outside of WebLogic 7/8 but has thefollowing
  issues when running the web application inside weblogic:
  java.rmi.ConnectException: Connection refused to host: gkhanna1; nested
  exception is:
  java.net.ConnectException: Connection refused: connect
  java.net.ConnectException: Connection refused: connect
  at java.net.PlainSocketImpl.socketConnect(Native Method)
  at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:350)
  at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:137)
  at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:124)
  at java.net.Socket.<init>(Socket.java:268)
  at java.net.Socket.<init>(Socket.java:95)
  at
  sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketF
  actory.java:20)
  at
  sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketF
  actory.java:115)
  at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:494)
  at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:185)
  at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:169)
  at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:313)
  at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
  at java.rmi.Naming.lookup(Naming.java:79)
  at
  com.hyperion.css.spi.impl.ntlm.NTLMConnectionClient.initConnection(NTLMConne
  ctionClient.java:59)
  at
  com.hyperion.css.spi.impl.ntlm.NTLMConnectionClient.getUsers(NTLMConnectionC
  lient.java:197)
  at com.hyperion.css.CSSAPIImpl.getUsers(Unknown Source)
  at com.hyperion.css.CSSAPIImpl.initialize(Unknown Source)
  at com.hyperion.css.CSSAPIImpl.initialize(Unknown Source)
  at jsp_servlet._jsp._app1.__app1signin._jspService(__app1signin.java:133)
  at weblogic.servlet.jsp.JspBase.service(JspBase.java:27)
  at
  weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(Servle
  tStubImpl.java:1058)
  at
  weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
  :401)
  at
  weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
  :445)
  at
  weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
  :306)
  at
  weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(W
  ebAppServletContext.java:5445)
  at
  weblogic.security.service.SecurityServiceManager.runAs(SecurityServiceManage
  r.java:780)
  at
  weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletCo
  ntext.java:3105)
  at
  weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java
  :2588)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:213)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:189)
  The code at the client that initiates the connection:
  socketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
  SSLSocket socket = (SSLSocket) socketFactory.createSocket(host, port);
  socket.setEnabledCipherSuites(CIPHERS);
  socket.setEnableSessionCreation(true);
  Any ideas?
  Thanks

• Windows 7 Client with Windows 2000 server

  Hi ,
  We are having an application developed in Delphi 6 and hosted in Windows 2000 server(sp4) .Recently we have migrated all our clients to windows 7 from XP.  Since then we are getting Access Violation error whenever we are using the application.
  We are accessing the application through RDP (Remote Desktop ) from Win 7 Clients to Windows 2000 server.
  Could any body help me how to resolve this issue as this is stopping the business.
  Regds 
  Vignesh Krishnan B

  Hi,
  As Windows 7 uses NTLM2 by default, please try to set it to “Send LM & NTLM – Use NTLMv2 session security if negotiated”
  How to:
  Open secpol.msc -> local policies -> security options -> Network security: LAN Manager authentication level.
  Best Regards.
  Jeremy Wu
  TechNet Community Support

• AFP Login slow from only one workstation

  Have one OS-X 10.6.4 server and multiple 10.6.4 client machines on 192.168.xxx.xxx network. Logging in to the server via the Finder side-bar is quick from all machines except one. For that machine it can take 2 minutes but is ultimately successful. Since all logins are quick from other workstations it points to problem with this one workstation. Tried changing connection from ethernet to airport with same slowdown. Tried building a new workstation account and logging from that one, same results. It may be relevant that this server had an IP address change and the problem workstation was the only one that logged into it at the old IP address. Suggestions?

  I am experiencing the same problem.
  My server - 10.6.4 server on a mac mini - also had an IP and DNS change. The problem client has the domain name previously assigned to the server. I do not know if this is a cause. I have scoured the server for any remaining references to the old domain name but there appear to be none. Unlike your case, the problem client is not the only machine to have connected with the server under it's old name/ip (in fact it may never have done so), but no other clients are experiencing the problem.
  The slow connect also manifests itself every time you attempt to relist the server shares in the 'shared' section of a finder window sidebar, even if one of the shares is connected. Listing the connected share via the 'devices' section of the sidebar is, however, immediate.
  Any ideas where to look in the client logs for troubleshooting clues?

• Some Users cannot login via Lync 2013 windows client

  Hi,
  I have a Lync 2013 FrontEnd server, DB server and Edge Server.
  Since last noon we are facing a mysterious issue. Its as below.
  ( I have just entered into Lync administration)
  User A and User B, both were able to login to lync till yesteday noon on their individual PC, any PC or mobile (windows, android, mac) with any version of Lync client, inside and outside the organization.
  Last noon User A reported that he is facing an issue that whenever he logs in to lync 2013 client he is automatically logged off in 2 to 3 seconds. Then again logs in automatically and again loggs off in 2-3 seconds. and thats all is happening again and
  again. The message he is is getting after he is logged off is "The connection to the server was lost
  . Reconnecting. Current calls may continue, but with reduced functionality".
  But at the same time he was able to login from other computer and his mobile device.  At the same time, User B is not facing any issue on his machine.
  Then User A tried to login from the User B's computer and there also he faced same issue. Then i asked User B to login on computer of User A and what i see is User B is able to login on User A's computer.
  What is concluded from the observation is, User A cannot login from lync client 2013 from any computer inside and outside of my network and can login from any other client/version/platform inside or outside of my network.
  What i checked for is Client Version Policy of User A and User B, but both are same (Automatic). Below is my client version policy and i am using client version 15.0.4605.1000
  In Sing In Logs. (By Right click on system tray icon of lync) i got below information.
  Error-1
  In Windows 8, event viewer i am getting only Event ID 1 or 12 which says, "
  The description for Event ID 12 from source Lync cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
  If the event originated on another computer, the display information had to be saved with the event.
  The following information was included with the event: 
  Lync
  Thanks, Rishi Pandit.

  The issue has been resolved by removing an entry from "Trusted Application Server". This application server was being used for Polycom VC infrastructure integration with Lync.
  As per Task 4 section in
  Polycom and Lync Integration Documentation we have to use below-
  http://support.polycom.com/global/documents/support/strategic_partner_solutions/Polycom_UC_Microsoft_Deployment_W8.pdf
  Use the New-CsStaticRoute command to set up a static route for the RealPresence 
  Collaboration Server system. 
  $route = New-CsStaticRoute -TLSRoute -destination rmx.corp.local 
  -port 5061 -matchuri sipdomain.com -usedefaultcertificate $true 
  where rmx.corp.local is the FQDN of the RealPresence Collaboration Server SIP signaling 
  domain and sipdomain.com is the name of the Trusted Application Pool you created. 
  but this was wrong.
  we used sip.domain.com and issue got resolved. Polycom forgot one (.) dot between sip and domain.com which ruined us.
  Thanks.
  Thanks, Rishi Pandit.

• ERROR: NO_GUEST: Guest login not allowed from client startup

  we are getting the following error with express 6.3.4 when connectting to the express server from Objects using a connection editor.
  The error message is
  Error #12150 in XPCUBE: Non-fatal (0300): Data Manager is unable to generate transmission.
  Error #10300 in XDMRESP: Non-fatal (0300): ERROR: NO_GUEST: Guest login not allowed from client startup
  Encountered similar error while calling from OLAP web application.
  In stored procedure XWD_RAMSTARTUP: The following Express
  Server error occurred: NO_GUEST: Guest login not allowed from
  client startup
  Which I believe is the same reason.
  Can you pls suggest what could be the problem and how can we over come this.

  In the Connection Editor, under "Relational Data-> Settings" did you check the "Personal Configuration" box?
  If you did, you should ensure the Authentication type is not set to "None".

• AFP securely from Tiger client to Leopard X Server

  I originally posted this just after New Years. I'm hoping now that more people are back from vacation that I can get an answer. Please help!
  We recently upgraded our X Server to Leopard. We can't seem to determine how to transfer files securely over AFP from a Tiger client machine to the X Server. Has anyone figured out how to do this?

  I suggest posting to the Server Products forums.