Allow smbd connecting from x.x.x.x:51273 to port 139 proto=6

Similar Messages

• HT3382 Connect from a MacBook Pro's mini display port to a Display Port monitor?

  Hello everyone,
  Is it possible to connect from a MacBook Pro's mini display port to a Display Port monitor with resolutions higher than 1920 x 1200? It seems Apple does not supply a mini-DP to DP adapter.
  However, just as they do not make a mini-DP to HDMI adapter, but they do recommend a Belkin product for this purpose.
  Is there any reason that a mini-DP to DP adapter or cable wouldn't work and support high resolutions?
  Thanks for your feedback!

  danz0r wrote:
  Hey tjk,
  Thanks for the response.
  Do you have any recommendations for a potential set up? The audio output and Apple DVI are on different sides of my MBP, which is alright, I guess I can get two long cables to handle each. I was hoping to just have my MBP closer to where I use it, with a cord nearby plugged in on one side to the HDTV and resting near where I keep my MBP for when I want to use the HDTV as an external monitor.
  With a converter like this, you can run video out of the MBP's DVI port, and miniToslink (optical) audio out of the 3.5mm stereo mini jack to the converter, then it will combine the two and output audio and video through HDMI to the monitor.
  http://www.supermediastore.com/product/u/apogee-dvi-to-hdmi-converter-spdif-opti cal-toslink-coaxial-input-output?utm_source=cj&utm_medium=aff&utm_content=HDMI+A ccessories
  Otherwise, depending on the TV's inputs, for video you could run DVI to DVI on the TV, or DVI to HDMI to the TV. For audio you could run 3.5mm stereo mini plug from the MBP to RCA adapter on the TV. Toslink/optical is also an option.

• Fms allows any connection from fmle regardless of allowedSWF or allowedHTML

  I have been trying to block incoming connections with fms 4 ent for the live application.
  I set allowedSWFdomains.txt and allowedHTMLdomains.txt to  x.com so that I block every domain.
  I don't want any connection to come in and setting the domain to x.com blocks everything when I try
  to load. Except using FMLE it allows this no matter what you set in the allowedSWF or allowedHTML
  what kind of security is this. Does that mean anyone with FMLE can connect to anyones server.
  How do I actually block connections?

  That is not an acceptable solution we don't want them to have a user and pass. If you look at Influxis mobile streaming they
  turn off fmle after bandwidth is reached.
  This ties into another question I have posted here. I am trying to disable account after bandwidth limit is reached.
  Shutting down their application doesn't work it will restart when they connect. Changing the allowedHTML is working
  because when just putting x.com blocks everything but fmle.
  I guess I could just rename the application folder something like folder.off or something like that but I have made an
  all automated system and find out that no way to easily turn off each users application. And shutting down the vhost
  isn't an option as it will have the other clients on there.

• Possible to allow any traffic from a certain IP?

  Basic question:
  I'm using Snow Leopard and want to be able to allow any incoming traffic from a certain IP. I'm not concerned about what ports because it's a local device (PS3) behind the router. Is there a way to accomplish this without resorting to ipfw?
  Additional info:
  I have tried to add the PS3 Media Server program to the firewall list but even though it's set to allow, the firewall blocks incoming connections for it. I confirmed this through the console logs. I think it's something to do with being a Java based program.
  Console:
  8/29/09 3:37:59 PM 0x0-0x85085.PS3 Media Server1106 main TRACE 15:37:59.547 Created socket: /10.0.1.2:5001
  8/29/09 3:37:59 PM Firewall1028 JavaApplicationS is listening from 10.0.1.2:5001 proto=6
  8/29/09 3:38:04 PM Firewall1028 Deny JavaApplicationS connecting from 10.0.1.3:50680 to port 5001 proto=6

  Don't know anything about the topic, but this might help.
  http://forums.macrumors.com/showthread.php?t=774875

• 11i does not allow incoming connections (sqlplus)

  I just installed Oracle EBS 11i on RHEL AS4. I have a laptop(windows running oracle client tools) that I use to connect all my oracle-db instances. However, my newly installed apps 11i won't let me connect using sqlplus or any other client from my laptop (or any other client machine for that matter). Again, I am trying to access the tables not the forms interface using jinitiator. Here is the error message I keep getting: "TNS 12537 Connection closed"
  I see that discoverer related processes started when I started the apps. Is there a discoverer admin console that I can use? Also can I install discoverer plus or discoverer desktop to connect to the descoverer running on the apps server? Can I view the existing Discoverer reports using a browser?

  Thanks for your reply. My SQLnet access option is set to "ALLOW_ALL" and I was still not able to connect. That is why I manually added a line to "sqlnet.ora" file. I bounced the listner and now it is allowing the connections from client machines.
  I am able to see the discoverer reports using the "Discoverer Viewer 4i" that comes with the EBS. I want to set up new reports or edit the existing ones. Do I do this using any interface provided by EBS or do I have to use the discoverer desctop or discoverer plus on a seperate client machine? Also, how do I access the discoverer admin that comes with EBS?
  Thanks!

• Connecting from 10.4 to 10.5

  Hi -
  I have an old powerbook running 10.4.11 and have just installed 10.5.2 on my mirrored door G4 desktop system. They are both directly wired to a router however, I cannot connect from the laptop to the desktop. The connection works from 10.5 going to 10.4, I can login and browse the files without difficulty, however, it will not work the other way.
  On the computer running 10.4 I can see the computer running 10.5 under the network, and hit 'connect', it looks like it is trying to connect using afp -
  in fact the firewall on the 10.5 machine says "Allow AppleFileServer connecting from 192.168.0.100:52297 uid = 0 proto=6"
  but the connection always times out with an error saying the 10.5 machine was not available.
  Any help would be appreciated, I have checked all my sharing, firewall and network settings and cannot seem to figure it out. Prior to installing 10.5 it was working fine.

  Hi Frankie
  I have a similar arrangement with 10.4.11 on my eMac and 10.5.2 on my MBP and it all works fine. I have Airport connections to the router but it worked fine previously with one wired to the router.
  Firstly I'm not terribly concerned about security so I don't have any non-standard firewall settings, etc.
  I have the same user names & passwords on both machines - I'm less likely to get confused!
  On the MBP I have chosen Allow access for all users in the sharing preferences and checked File Sharing.
  I usually connect from the eMac hdd window by clicking on Network and continuing from there. I also let the computer remember my password for the authorisation (memory again!) I have no problems at all - either direction.
  Two points: I'm aware that others sometimes have difficulties which can be hard to trace. At times it seems necessary to re-enter the same password as these things can become corrupted occasionally. I've even had the situation a few times where a password wasn't recognised until I restarted the computer - probably because some software component didn't load correctly.
  It SHOULD work as Apple claims. If only this was always true!
  Secondly, the 2 OS's are not the problem - they work well on the network and with each other. At the moment I can't think what else to suggest.
  Neville

• Smbclient wants to connect to TCP port 139

  On my Powerbook, using Little Snitch under certain conditions (undetermined) I get the following message repeatedly, I am not connected to a network (except for Airport) or printer:
  The application "smbclient" wants to connect to 192.168.131.65 on TCP port 139 (netbios-ssn)
  What is this all about - thanks.
  PB G4 Al 17"    

  Airport is as much of a network as Ethernet is. Port 139 is the normal port for SMB connections. (At the terminal, try "grep 139 /etc/services".) What you want to do is figure out where your Powerbook was connecting to a Windows file or printer server on network 192.168.0.0 or 192.168.131.0. Are either of those the network address for your Airport network? You can see this in your Network settings.
  Login Items is the first place to look for an alias that might trigger an automated mount, but another application (other than the Finder) could be looking for a file server, too (as another posted mentioned). You could try to grep for "192.168.131.65" in all the files in your Preferences folder, except if you have 10.4 they might all be binary now and you'd have to convert them to xml text first, using plutil (again in Terminal).

• Log shows numerous "Allow sshd-keygen-wrapper connecting from"

  Recently my security logs have been showing the message "Allow sshd-keygen-wrapper connecting from ...." which has me concerned because this started happening about 3 weeks ago, and at the same time, I had a credit card compromised... too long a story to go into...
  My question is, has someone been "allowed" into my computer? I have the firewall set properly and have turned off "remote login" etc. Prior to this morning, there were the occasional messages "Allow sshd-keygen-wrapper connecting from " but this morning when I came on, someone had been attempting it for at least 50 tries, every few seconds...for over half hour... all from the same IP (which came back to "Asia Pacific")
  I do not find any evidence of viruses, trojans or other activity, but am wondering if someone is actually getting into my computer and how I can stop them if they are getting in? I have tried doing all the security changes recommended on other discussion groups and blocked incoming access for all but the most essential services. Does anyone have information on what this means? Thank you.

  I'm no expert on log messages but I'm not sure you've been been hacked. It's possible they have just been trying to get in and have been unsuccessful. The credit card thing may be coincidental or (I'm clutching at straws here) perhaps some online company got hacked and had your credit card number and IP tied together in their stolen database. More likely you are just a random victim with regards to the attempts to get into your computer; they found your IP address by trial and error.

• ResourceException: Access not allowed (when trying to grab a connection from weblogic pool)

  I am using WLS7 with SP1.
  I just recently migrated from WLS6.0. When my code tries to grab a
  connection from the pool, it throws an exception
  java.sql.SQLException: Pool connect failed:
  weblogic.common.ResourceException: Access not allowed
  at weblogic.jdbc.pool.Driver.connect(Driver.java:202)
  Does anyone know if anything changed from 6.0 to 7?
  Here is a piece of the code that throws exception.
  Driver driver =
  (Driver)Class.forName("weblogic.jdbc.pool.Driver")
  .newInstance();
  conn = driver.connect("jdbc:weblogic:pool:" +
  dbName, null);
  Thanks in advance.

  Hi Jung,
  "Jung Yang" <[email protected]> wrote in message
  news:[email protected]...
  Do you know how to change security setting on the connection pool?
  Thanks.WebConsole:
  1.Compatibility Security => ACLs
  Create a new ACL,
  name : weblogic.jdbc.connectionPool.yourPoolname
  permission : reserve, reset
  group : everynone
  2.Services => JDBC => Connection Pool
  Create a new Connection Pool
  ACL Name : weblogic.jdbc.connectionPool.yourPoolname
  In 'Target' tab, choose server and click the Apply button
  Slava
  >
  "Slava Imeshev" <[email protected]> wrote in message
  news:[email protected]...
  Hi Jung,
  Could you try providing weblogic user name and password
  in the properties?
  Could you also check security setting of the connection pool?
  Regards,
  Slava Imeshev
  "Jung Yang" <[email protected]> wrote in message
  news:[email protected]...
  Well that is exactly what I am doing. The variable dbName is database
  connection pool name that I created in weblogic console. Again, it
  worked
  in WLS6 but after migration, it stopped working.
  Thanks.
  "Mitesh Patel" <[email protected]> wrote in message
  news:[email protected]...
  In my code I am supplying name of the connection pool already
  created
  in
  weblogic server. I am asking you to get connection from the pool
  using
  pool
  driver.
  In your case you are trying to create connection straight to
  database
  using pool
  driver.
  What I am asking is pass name of the connection pool instead of
  database
  name.
  Thanks,
  Mitesh
  Jung Yang wrote:
  What would be the difference between your code and mine? Mine
  simple
  appends dbName string value for connection pool name at the end of
  "jdbc:weblogic:pool:"? And why same exact code would work in WLS6and
  not
  work in WLS7?
  Thanks.
  "Mitesh Patel" <[email protected]> wrote in message
  news:[email protected]...
  conn = driver.connect("jdbc:weblogic:pool:" +
  dbName, null);Instead of doing this what if you use
  Connection conn =
  myDriver.connect("jdbc:weblogic:pool:myConnectionPool", null);
  Will you please try this and see if that helps?
  Mitesh
  Jung Yang wrote:
  Isn't that exactly what I posted for my code piece?
  Thanks.
  "Mitesh Patel" <[email protected]> wrote in message
  news:[email protected]...
  Try As described below:
  The following example demonstrates how to use a database
  connection
  pool
  from a servlet.
  Load the pool driver and cast it to java.sql.Driver. The
  full
  pathname
  of
  the driver is weblogic.jdbc.pool.Driver. For example:
  Driver myDriver = (Driver)
  Class.forName("weblogic.jdbc.pool.Driver").newInstance();
  Create a connection using the URL for the driver, plus
  (optionally)
  the
  name of the registered connection pool. The URL of the pool
  driver
  is
  jdbc:weblogic:pool.
  You can identify the pool in either of two ways:
  Specify the name of the connection pool in a
  java.util.Properties
  object
  using the key connectionPoolID. For example:
  Properties props = new
  Properties();props.put("connectionPoolID",
  "myConnectionPool");Connection conn =
  myDriver.connect("jdbc:weblogic:pool", props);
  Add the name of the pool to the end of the URL. In this case
  you
  do
  not
  need a Properties object unless you are setting a username
  and
  password
  for using a connection from the pool. For example:
  Connection conn =
  myDriver.connect("jdbc:weblogic:pool:myConnectionPool",
  null);
  Note that the Driver.connect() method is used in theseexamples
  instead of
  the DriverManger.getConnection() method. Although you may
  use
  DriverManger.getConnection() to obtain a databaseconnection,
  we
  recommend
  that you use Driver.connect() because this method is not
  synchronized
  and
  provides better performance.
  Note that the Connection returned by connect() is an
  instance
  of
  weblogic.jdbc.pool.Connection.
  Call the close() method on the Connection object when youfinish
  with
  your
  JDBC calls, so that the connection is properly returned to
  the
  pool. A
  good coding practice is to create the connection in a try
  block
  and
  then
  close the connection in a finally block, to make sure the
  connection
  is
  closed in all cases.
  conn.close();
  Mitesh
  Jung Yang wrote:
  I am using WLS7 with SP1.
  I just recently migrated from WLS6.0. When my code tries
  to
  grab a
  connection from the pool, it throws an exception
  java.sql.SQLException: Pool connect failed:
  weblogic.common.ResourceException: Access not allowed
  at
  weblogic.jdbc.pool.Driver.connect(Driver.java:202)
  Does anyone know if anything changed from 6.0 to 7?
  Here is a piece of the code that throws exception.
  Driver driver =
  (Driver)Class.forName("weblogic.jdbc.pool.Driver")
  .newInstance();
  conn =
  driver.connect("jdbc:weblogic:pool:"
  +
  dbName,
  null);
  >>>>>>>>>
  Thanks in advance.

• The server license allows connections from only 5 unique IP addresses

  Hi All,
  For a project, i did "/Installing Oracle BPEL Process Manager with the
  BEA WebLogic Server/".
  While accessing the BPEL Console from more than 2 machine, i am
  getting the following error message.
  "/The Server is not able to service this request:
  [Server:002621]Connection rejected, the server license allows
  connections from only 5 unique IP addresses./"
  I am running the " /Oracle WebLogic Server 9.2 MP3/" weblogic server,
  which i downloaded from the following oracle internal site.
  /http://www.oracle.com/technology/software/products/ias/bea_main.html/
  I have downloaded the license key from the following location.
  /http://licensecodes.oracle.com/
  /I have updated the license key using the "/UpdateLicense.cmd" /file.
  I manually checked the "/license.bea/" file it got changed
  "/expiration="never"/" mode.
  But still i wasn't able to get rid of the above error message. Still
  the license is not updated to the server.
  Regards,
  Vijay.B

  Hi James,
  Thanks a lot for your answer.
  I tried all the possible way to update the license file, i was able to update the file but the problem was not solved.
  I just tried downloading the software from another location and tried updating the license key and now its working fine, i don't see the issue.
  The below link is where i downloaded the software, you can get the license key also.
  "/http://aseng-wiki.us.oracle.com/asengwiki/display/ASHotPlug/Software+Page+-+Internal+Use/"
  Regards,
  Vijay.B

• A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (p

  A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that
  the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)(Microsoft SQL Server, Error: 2)
  The system cannot find the file specified
  Cannot connect to COWBOYS.
  Here are the technical details===================================
  A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider:
  Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) (.Net SqlClient Data Provider)
  For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft%20SQL%20Server&EvtSrc=MSSQLServer&EvtID=2&LinkId=20476
  Error Number: 2
  Severity: 20
  State: 0
  Program Location:
     at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
     at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
     at System.Data.SqlClient.TdsParser.Connect(ServerInfo serverInfo, SqlInternalConnectionTds connHandler, Boolean ignoreSniOpenTimeout, Int64 timerExpire, Boolean encrypt, Boolean trustServerCert, Boolean integratedSecurity, Boolean withFailover)
     at System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover)
     at System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer
  timeout)
     at System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance)
     at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance,
  SqlConnectionString userConnectionOptions, SessionData reconnectSessionData)
     at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions)
     at System.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection(DbConnection owningConnection, DbConnectionPoolGroup poolGroup, DbConnectionOptions userOptions)
     at System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection)
     at System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
     at System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
     at System.Data.SqlClient.SqlConnection.TryOpenInner(TaskCompletionSource`1 retry)
     at System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry)
     at System.Data.SqlClient.SqlConnection.Open()
     at Microsoft.SqlServer.Management.SqlStudio.Explorer.ObjectExplorerService.ValidateConnection(UIConnectionInfo ci, IServerType server)
     at Microsoft.SqlServer.Management.UI.ConnectionDlg.Connector.ConnectionThreadUser()
  ===================================
  The system cannot find the file specified
  I have tried from so many forms. This is so frustrating. Thank for everyone/anyone who wants to help. So this is what happened: I had to uninstall my previous sqlserver 2012(which worked great) for some reason, and I uninstalled everything from that download.
  Then I installed the trial edition of sql server 2012 (64 Bit) and It wouldn't connect to the database. (Error mentioned above.) My local DB is COWBOYS. (COWBOYS is also my computer name.) After this, I have tried downloading sqlexpress and sqlserver 64bit
  many times and cannot connect to my local DB. 
  How do I connect to my Local DB? 
  Also, I think this might help: (When I run sqlserve.exe, which I was able to find in C:\Program Files\Microsoft SQL Server\110\LocalDB\Binn, I get an error: Your SQL server installation is either corrupt or has been tampered with(Error getting
  instance ID from name). Please uninstall then re-run setup to correct this problem.
  I would happily re install it, if it wasn't my 20th time.
  I don't have any remote connections, I don't use username/password, only window authentication. I work mostly on visual studio, but without able to store /retrieve data, I don't know how to survive.
  May be the solution is very simple, but I am too frustrated. 
  Some of the things I have tried:
  From a command prompt, enter one of the following commands:
  net start "SQL Server Agent (MSSQLSERVER)" OR 
  net start "SQL Server Agent(instancename)"(for instance)
  on my sql configuration, I cannot start anything because there is nothing there to start. I can post more details, if that would help. Also, some more details about the error:
  Details
  Product:
  SQL Server
  ID:
  2
  Source:
  MSSQLServer
  Version:
  10.0
  Component:
  SQLEngine
  Message:
  An error has occurred while establishing a connection to the server. When connecting to SQL Server, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: Named Pipes Provider, error:
  40 - Could not open a connection to SQL Server) (.Net SqlClient Data Provider)
  Explanation
  SQL Server did not respond to the client request because the server is probably not started.
  User Action
  Make sure that the server is started.
  Version:
  9.0
  Component:
  SQLEngine
  Message:
  An error has occurred while establishing a connection to the server. When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: Named Pipes Provider, error:
  40 - Could not open a connection to SQL Server) (.Net SqlClient Data Provider)
  Explanation
  SQL Server did not respond to the client request because the server is probably not started.
  User Action
  Make sure that the server is started.
  Any one that can help me, I will be greatful. Thank you so much. p.s. please ask me anything if you have any questions.

  It sounds like there are a couple things going on here.  First check if you have a successful install of SQL Server, then we'll figure out the connection issues.
  Can you launch SQL Server Configuration Manager and check for SQL Server (MSSQLSERVER) if default instance or SQL Server (other name) if you've configured your instance as a named instance.  Once you find this, make sure the service is started. 
  If not started, try to start it and see if it throws an error.  If you get an error, post the error message your hitting.  If the service starts, you can then launch SSMS and try to connect.  If you have a default instance, you can use the machine
  name in the connection dialog.  Ex:  "COWBOYS" where Cowboys is the machine name.  However, if you named the SQL Server instance during install, you'll need to connect using the machine\instance format.  Ex:  COWBOYS\Romo (where Romo
  is the instance name you set during install).
  You can also look at the summary.txt file in the SQL Server setup error logs to see what happened on the most recent install.  Past install history is archived in the log folder if you need to dig those up to help troubleshoot, but the most
  recent one may help get to the bottom of it if there is an issue with setup detecting a prior instance that needs to be repaired.
  Thanks,
  Sam Lester (MSFT)
  http://blogs.msdn.com/b/samlester
  This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click
  "Mark as Answer" and
  "Vote as Helpful" on posts that help you. This can be beneficial to other community members reading the thread.

• New server and/or CA certificate for connection from custom authentication

  We are running Access Manager version 72005Q4 in the Sun ONE Web Server 6.1SP5 B06/23/2005 container with java build 1.5.0_07-b03. I run a custom authentication module which checks sessions against our university single sign on system which is CAS (from Yale/Jasig). The checks are essentially https calls. All this has been working well for us for the last couple of years.
  I would like to migrate the certificate used on the university CAS system from a Verisign certificate to a wildcard certificate issued by the IPS CA in spain -- these are in most browsers but are not in the standard batch of cacerts CA's -- and are free for .edu domains.
  My other java based authentication plugins (Blackboard, custom apps etc) have worked fine once I import the certificate into the cacerts for the java container, but I'm missing something (obvious probably) about importing this certificate so that my amserver custom authentication module can connect to the CAS server once the CAS server is using the new certificate.
  Could anyone provide guidance on where I need to import this server certificate (or preferably the IPS CA) in order to allow the custom authentication module to work properly? I assume this same problem has been solved by people wishing to connect from the amserver to services with self signed certificates. For some reason I'm finding the debugging unexpectedly difficult, I'll outline some of those details below.
  Relevant things I've tried so far:
  Import both the server cert and the IPS CA into the cacerts of the java container identified in the web server server.xml /usr/jdk/entsys-j2se.
  Import the IPS CA into the web server cert8 style db via the web admin server.
  The debugging has surprised me a bit, as I'm not getting an error that is explicitly SSL related error. It almost seems like the URLConnection object ends up using a HttpURLConnection rather than an HttpsURLConnection and never gives me a cert error, rather a connection refused since there is no non SSL service running on CAS. The same code pointed to the server running the verisign cert works as expected.
  Part of the stack:
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: java.net.ConnectException: Connection refused
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.socketConnect(Native Method)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.Socket.connect(Socket.java:516)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.Socket.connect(Socket.java:466)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.NetworkClient.doConnect(NetworkClient.java:157)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.openServer(HttpClient.java:365)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.openServer(HttpClient.java:477)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.<init>(HttpClient.java:214)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.New(HttpClient.java:287)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.New(HttpClient.java:311)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.setNewClient(HttpURLConnection.java:489)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.setNewClient(HttpURLConnection.java:477)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.writeRequests(HttpURLConnection.java:422)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:937)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at edu.yale.its.tp.cas.util.SecureURL.retrieve(Unknown Source)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(Unknown Source)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at edu.fsu.ucs.authentication.providers.CASAMLoginModule.process(CASAMLoginModule.java:86)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at com.sun.identity.authentication.spi.AMLoginModule.wrapProcess(AMLoginModule.java:729)
  The relevent bit of code from the SecureURL.retrieve looks as follows:
  URL u = new URL(url);
  if (!u.getProtocol().equals("https"))
  throw new IOException("only 'https' URLs are valid for this method");
  URLConnection uc = u.openConnection();
  uc.setRequestProperty("Connection", "close");
  r = new BufferedReader(new InputStreamReader(uc.getInputStream()));
  String line;
  StringBuffer buf = new StringBuffer();
  while ((line = r.readLine()) != null)
  buf.append(line + "\n");
  return buf.toString();
  } finally { ...
  The fact that this same code in other authentication modules running outside the amserver (in other web containers as well, tomcat and resin for example) running java 1.5 works fine with the new CA, as well as with self signed certs that I've imported into the appropriate cacerts file leads me to believe that I'm either importing the certificate into the wrong store, or that there is some additional step needed for the amserver in the Sun Web container.
  Thank you very much for any insights and help,
  Ethan

  I thought since this has had a fair number of views I would give an update.
  I have been able to confirm that the custom authentication module is using the cert8 db defined in the AMConfig property com.iplanet.am.admin.cli.certdb.dir as documented. I do seem to have a problem using the certificate to make outgoing connections, even though the certificate verifies correctly for use as a server certificate. This is likely a question for a different forum, but just to show what I'm looking at:
  root@jbc1 providers#/usr/sfw/bin/certutil -V -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -u V
  certutil: certificate is valid
  root@jbc1 providers#/usr/sfw/bin/certutil -V -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -u C
  certutil: certificate is invalid: Certificate type not approved for application.
  root@jbc1 providers#/usr/sfw/bin/certutil -M -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -t uP,uP,uP
  root@jbc1 providers#/usr/sfw/bin/certutil -V -l -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -u C
  FSU Wildcard Certificate : Certificate type not approved for application.
  So it could be that I don't understand how to use the certutiil to get the permissions I want, or it could be that using the same certificate for both server and client functions is not supported -- though you can see why this would be a common case with wildcard certificates.
  BTW for those interested, it did seem to be the case that when the certificate failure occurred that the attempt was then made by the URLConnection to bind to port 80 in cleartext even though the URL was clearly https. I'm sure this was just an attempt to help out misformed URL, but it seemed that the URLConnection implementation in the amserver would swapped traffic over cleartext if that port had been open on the server I was making the https connection to; that seems dangerous to me, I would not have wanted it to quietly work that way exposing sensitive information to the network.
  This was why I was getting back a connection refused instead of a certificate exception. The URLConnection implementation used by the amserver is defined by java.protocol.handler.pkgs=com.iplanet.services.comm argument passwd to the JVM, and I imagine this is done because the amserver pre-dates the inclusion of the sun.net.www.protocol handlers, but I don't know, there maybe reasons why the amserver wants it own handler. I only noticed that this is what was going on when I as casting the httpsURLConnection objects to other types trying to diagnose the certificate problem. I would be interested in hearing if anyone knows if there is a reason not to use sun.net.www.protocol with the amserver.
  After switching to the sun.net.www.protocol handler I was able to get my certificate errors rather than the "Connection Refused" which is what lead me to the above questions about certutil.

• Trouble creating PL/SQL connection from JDEV to 10g XE

  Hi,
  I am wanting to run PL/SQL from JDev against the hr table in the 10g XE database.
  <br><br>
  In doing so I first need to create <em>my first</em> connection from inside JDev 10.1.3.2.0 to an Oracle Lite (10g) database. Both are installed on my personal PC.
  <br><br>
  So far I have been unable to create the connection; here is where I am so far in my attempts:<br><br>
  Enter the Create Database Connection Wizard<br>
  1) Entered a connection name and choose "Oracle Lite" as the connection type<br>
  2) Entered the User Name and Password for the System user of the 10g XE database<br>
  3) Entered Type 4 Driver; Host Name: localhost, JDBC Port 100, SID XE<br>
  4) I created my own library called "Oracle_Lite" with a class path that points to an olite40.jar file. I did not set the Source path or the Doc path when creating the library. Is this the correct library? <br>
  5) When clicking "Test Connection" it comes back pretty quickly with "Internal Error:Invalid Connect String"<br><br>
  After talking with a work mate I changed the JDBC Port to 1521 and now when I test the connection it starts testing and doesn't stop. The testing indicator bar continues going back and forth indefinitely. Can I assume I am at least now using the correct port?<br><br>
  Any advice or general tips on creating the connection to allow PL/SQL against the 10g XE database from JDEV would be great.

  Oracle 10g XE is not Oracle Lite. Just leave the connection type as the default - Oracle(JDBC), later use the thin JDBC driver, it should work. Continue to use port 1521 and SID as XE.

• How to configure ASA to allow activesync connections ?

  To allow Activesync connections (between smartphones and an internal Exchange server) thru an ASA, I think about 3 or 4 potential solutions :
  1) do a NAT on the Exchange server and allow  activesync TCP connections from any IP to the Exchange server : I tested that and this works, but it is not the most secure solution we can imagine;
  2) use a Clienless VPN SSL  ASA configuration : I tried it, but got problems certaintly related to the fact that the Activesync client, installed on my Android/Samsung smartphone, does not seem to be able vto pass properly thru the ASA Portal to reach the Exchange server;
  3) use an Anyconnect VPN ASA configuration : I tried it , but did not manage to install or use any of the Samsung Anyconnect client available on Android Market; by the way, I saw, in the Anyconnect VPN Client Admin Guide 2.4, that an ActiveSync MSI is available from CISCO (
  anyconnect-wince-ARMv4I-activesync-AnyConnectRelease_Number-k9.msi), but I don't see any details about how it is supposed to be used except that it is for Windows environment only, so, not for an Android phone, but I have Windows Mobile smartphones to integrate too, so, maybe it can help me in this case ;
  4) if Clientless nor Anyconnect solutions can't work, it might be better to use the ASA Cut-Through proxy function to get a more secure solution than the first one listed above; but I was not successful either with this cut-through proxy function
  Any ideas or examples about how to allow activesync connections thru ASA would be welcomed
  thanks in advance

  Hi,
  Generally ASA with CSC will support HTTP,FTP,SMTP,POP3 Scaning and Filtering.
  From version ASA IOS 8.4.2 and CSC  6.6.1125.0, it will support HTTPS filtering also.
  But here one limitation is that Https filtering will not support earlier versions of internet explorer 9, i.e if you want HTTPS filtering you must use Internet explorer 9 or after versions( As you know that Windows XP machines won't support internet explorer 9). But with firefox HTTPS filtering will support from versions 4.
  For your reference use below 8.4.2 release guide
  http://www.cisco.com/en/US/docs/security/asa/asa84/release/notes/asarn84.html
  Release notes for CSC version 6.6.1125
  http://www.cisco.com/en/US/docs/security/csc/csc66/release/notes/cscrn66.pdf
  Basic configuration of the CSC
  http://www.cisco.com/en/US/docs/security/csc/csc6.1.1569.0/administration/guide/cscappa.pdf
  Sending traffic to the CSC module (using ASDM and CLI)
  http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808dea62.shtml
  The troubleshooting guide:
  http://www.cisco.com/en/US/docs/security/csc/csc63/administration/guide/csc8.html#wp1147829
  Hope this will help you...
  Do rate help ful posts..
  Regards,
  Janardhan

• Remote Desktop Connection Times Out With "Can't Connect" From One Specific Computer Only

  This is an odd one... I manage several servers from this computer. This particular server, 2012 Essentials, won't allow for remote desktop connections to either the server or attached workstations. I can get into the server's remote web page but when I
  attempt a remote desktop connection, it hangs on "Initiating remote connection..." and then times out with the error response that remote desktop can't connect. But... if I attempt the same connections from any other computer, I am able to get in
  and utilize remote desktop. Does this mean that there is a certificate issue with the computer unable to connect and if so, how does one remedy this? Or is it some other issue? I've attempted everything within my technical ability to no avail. Any suggestions
  are greatly appreciated.

  Hi,
  Before going further, would you please let me know the RDC version that used in the problematic computer? Was it the same with other computers?
  Please temporarily disable firewall and then check if this issue can be solved. Based on your current description, it’s hard to say the root reason of this issue.
  So, I suggest that you should check relevant log files and get some clues. It will help us to narrow down and solve your issue.
  Hope this helps.
  Best regards,
  Justin Gu