AP 1200 Security options - no server box

Similar Messages

• Failed to set security on SQL Server registry key. Error: 2

  Hi,
  I have a Primary site (mixed mode) running SCCM 2007 SP1 for many months now with no issues.
  This site is made up of two Win 2008 sp2 servers sharing the SCCM roles:-
  SCCM01 - Site server, DP, RP, PXE and SQL2005 hosting the SCCM database
  SCCM02 – SUP, MP, FSP, SLP
  The SQL2005 on SCCM01 is running under a domain service account called
  domain\service_sccm which is also a sysadmin in SQL as is the SCCM02 server.
  In an effort to resolve the isse I have made this account a Domain Admin.
  I have also used this account to log onto SEC01 to run the Secondary Site installation and to be the SQL Service account.
  I'm now trying to add a Secondary Site on a Domain Controller called SEC01 (also Win2008 sp2) and on the same LAN as the SCCM01/02.
  This is where I get problems.
  I run the installation locally on the Sec Site server (DC) as a Domain Admin and the installation completes OK (all green ticks),
  the ComponentSetup.log and Pre-Reqs are all good as well however when I check the ConfigMgrSetup.log I see the below -
  Failed to set security on SQL Server registry key. Error: 2.
  <11-09-2010 22:46:59> SMS Setup full version is 4.00.6221.1000
  <11-09-2010 22:46:59> Successfully set security on Setup registry key.
  <11-09-2010 22:46:59> Failed to set security on SQL Server registry key. Error: 2
  <11-09-2010 22:46:59> Successfully set security on Identification registry key.
  <11-09-2010 22:46:59> Creating SMS Inbox Source registry key ...
  <11-09-2010 22:46:59> Installing SMS Site Component Manager ...
  <11-09-2010 22:46:59> Installing Site Component Manager under acct <NT AUTHORITY\SYSTEM> path <C:\Program Files (x86)\Microsoft
  Configuration Manager\bin\i386\sitecomp.exe>
  <11-09-2010 22:47:01> Started Site Component Manager service
  <11-09-2010 22:47:01> SMS Site Component Manager installation completed.
  <11-09-2010 22:47:01> Done with service installation
  Adding the PMP role to SEC01 also fails to install and no MPSetup or MPControl logs are created.
  WebDav and win2008 roles, features all added and server fully patched.
  Despooler.log on SCCM01 seems good and passing keys.
  Tried installing to default path and to shortened path such as C:\SCCM
  The new secondary site is listed in the console and an address can be added for the Secondary Site
  BITS Server Extensions and Remote Differential Compression Features are enabled.
  The Group memberships all appear ok:-
  SCCM01
  Local Admins    
  contains the sec site server SEC01, SCCM01, installation accounts
  SMS_SiteToSiteConnection_001              
  SEC01 (the sec site server)
  SMS_SiteSystemToSiteServerConnection_001                 
  SCCM02
  SEC01
  No Local Admins as a DC
  SMS_SiteToSiteConnection_002              
  SCCM01
  SMS_SiteSystemToSiteServerConnection_002     
  empty
  SQL 2005
  This has the account logged in during installation as a sysadmin
  SCCM02 is also sysadmin
  The fundamental issue appears to be that the SEC01$ server account is not being added to SQL Logins (and therefore SCCM database Roles)
  therefore the installation cannot complete.
  I have tried to manually add the SEC01 account to SQL Logins before installation of Sec Site but this did not work.
  Not sure if the fact that SEC01 is a DC may be a factor.
  Appreciate any help if anyone has seen this before or can suggest a resolution.
  Thanks

  After a lot of digging around and head scratching I eventually found the resolution.
  The original thread title Error turned out to be a bit of a red herring in that my failure to deploy Sec Sites came down to two separate issues seemingly unrelated to the error message of the thread title.
  The first part of the resolution was to manually create the SQL Server accounts for the Sec Site Servers and assign them to the smsdbrole_MP DB role to
  let the SQL side of the SCCM install complete a s these were not being created automatically.
  This then left the fact that that the installation of the Sec Site completed successfully according to the install logs in C:\ however the DP and MP would
  never install.
  The big clue was eventually contained in the mpfdm.log errors relating to
  **ERROR: Cannot find path for destination inbox SMS_AMT_PROXY_COMPONENT on server REGISTRY SMS_MP_FILE_DISPATCH_MANAGER 
  and
  **ERROR: Cannot find path for destination inbox Asset Intelligence KB Manager on server REGISTRY SMS_MP_FILE_DISPATCH_MANAGER 
  Thankfully the errors led me to these two blogs:
  http://myitforum.com/cs2/blogs/scassells/archive/2009/07/20/error-cannot-find-path-for-destination-inbox-sms-amt-proxy-component-on-server-registry.aspx
  and
  http://social.technet.microsoft.com/Forums/en-US/configmgrsetup/thread/5fcc53d4-8629-4b34-9eaa-6cb020eedc13/
  As it turned out the SCCM installation registry and folder creation does not complete and I had to manually enter the reg settings as detailed in the
  links above to complete the installation. Once I did as described everything worked a treat – all my MPs and DPs are 100% now.
  Solutions
  Add the following reg keys to each of your effected secondary sites.
  Inbox Fix
  Windows Registry Editor Version 5.00
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\MPFDM\Inboxes]
  "Asset Intelligence KB Manager"="E:\\Program Files\\Microsoft Configuration Manager\\inboxes\\AIKbMgr.box"
  "SMS_AMT_PROXY_COMPONENT"="E:\\Program Files\\Microsoft Configuration Manager\\inboxes\\amtproxy.box" 
   Asset Intelligence fix:
   Note: you will need to identify the next largest key value. 
  In my example it was key 49
   Windows Registry Editor Version 5.00
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\Inbox Source\Inbox Definitions\49]
  "Inbox Name"="Asset Intelligence KB Manager"
  "Relative Path"="inboxes\\AIKbMgr.box"
  "NAL Path"=""
  "User Rights"=dword:00000000
  "Service Rights"=dword:00000004
  "Monitoring Enabled"=dword:00000001
  "Location Type"=dword:00000001
  "Guest Rights"=dword:00000001
  AMT registry Fix.
    Note: you will need to identify the next largest key value. 
  In my example it was key 50
  Windows Registry Editor Version 5.00
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\Inbox Source\Inbox Definitions\50]
  "Inbox Name"="SMS_AMT_PROXY_COMPONENT"
  "Relative Path"="inboxes\\amtproxy.box"
  "NAL Path"=""
  "User Rights"=dword:00000000
  "Service Rights"=dword:00000004
  "Monitoring Enabled"=dword:00000001
  "Location Type"=dword:00000001
  "Guest Rights"=dword:00000001
  Big thanks to Shaun Cassells and John Marcum for these blogs

• ACL - ILS (Item Level Security) for Content Server & WebCenter Spaces

  We're trying to implement Item Level Security (ILS / ACL) for Webcenter spaces. We're following the instructions from the Oracle® Fusion Middleware Administrator's Guide for Oracle WebCenter 11g Release 1 (11.1.1.5.0) http://docs.oracle.com/cd/E15586_01/webcenter.1111/e12405.pdf
  After making the configuration changes, we're unable to see the "Security" option from the "File" menu in the Document explorer. Has anyone else implemented this feature and ran into similar issues?
  I made the following configuration changes:
  UseEntitySecurity=1
  SpecialAuthGroups=SecurityGroups (comma separated list with no spaces and the application name is included)
  CS: Version:11gR1-11.1.1.5.0
  DB: 11.2.0.2.0 ---Oracle Database 11g Enterprise Edition
  WebCenter: 11.1.1.4.0 (in a clustered environment)
  Also, we're looking at the document properties in webcenter spaces via document explorer and do not see the "security group" or "accounts" metadata fields. We can see the "Content ID" and a whole bunch of fields and do not see "security groups" and "accounts". However, when we log into the content server and look at the folder or file "info" we can clearly see the security group and account values...not sure what is required to make these two fields show up in webcenter spaces.

  Hi ,
  Do you upload the documents from spaces or from UCM side ?
  When you say the security and account field are not displayed , is that when viewing the content or during update ?
  When the ACL features are turned off do you see the above fields ?
  Thanks
  Srinath

• I am trying to set up a mail account but I get a warning that my password cannot be sent securely to the server.  how do I correct the problem?

  I am trying to set up a mail account but I get a warning that my password cannot be sent securely to the server.  How do I correct this so that I can set up my email account?

  1. If you haven't tried this already, just delete the user account entirely, and then try setting it up again.
  2. To find the permissions file:
       a. hold down the option key
       b. go to the Go menu in the finder
       c. scroll down to Library and open it
       d. in Library, go to Containers/com.apple.mail/Data/Library/Preferences
       e. drag it to the trash and restart.
  3. if that doesn't work, go to Applications/Utilities/Keychain Access. In the Keychain Access menu, do Keychain First Aid, and repair.
  This should keep you busy for a while.

• Task Scheduler Security Option - Run if user is logged in or not

  using Windows Server 208 R2 Terminal Server - Running .NET 4.0 programs
  We are running .NET 4.0 Windows Forms programs using Task Scheduler with the Security Option - Run whether user is logged in or not.
  When the Task Scheduler starts these jobs they either not not run or they fail.
  Questions:
  1. What shell is used by Task Scheduler with the setting "run whether user is logged in or not" ?
  2. Is there some way to detect this shell or environment in a .NET program?
  I am trying to determine if I can modify the .NET programs so they will run in this shell with no errors.
  Thank you
  MisterT99

  Hi Mister,
  In addition, Since you need to launch a GUI application through Task Scheduler, so this task also need to run interactively.
  However, if the item "Run whether user is logged on or not" is selected, tasks will not run interactively, so we need to select the "Run only when user is logged".
  I recommend you can change the item "Change user or group" in security option and add a group, which will make sure your application will run interactively for all users in the group when the users logon.
  If there is anything else regarding this issue, please feel free to post back.
  If you have any feedback on our support, please click here.
  Best Regards,
  Anna Wang
  TechNet Community Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Advanced Security Option(ASO)

  Hi,
  I am new to ASO , could any one please let me know how do i configure my database to use Advanced Security Option(ASO)?
  Thanks..

  Hello,
  You can check Notes 331252.1 (Configuring Oracle Advanced Security Option (ASO) with Microsoft Windows Server 2003 Active Directory Kerberos KDC)
  and 552852.1 (How To Confirm if Advanced Security Option is being Used).
  Best Regards...

• OS X 10.6.1 Entourage (Unable to establish a secure connection to server)

  I have Windows 2003 domain running Exchange, I have setup all my Apple clients n 10.6.1 on the domain using Directory Utility. Then I have installed Entourage 12.2.1. Once the account is setup and checks email it gives you that great error
  "Unable to eatablish a secure connection to server-net.wan because the correct root vertificate is not installed"
  Well silly me, I guess installing the root certificate that I created on the Server 2003 box and then installing the certificate with the OS X root account into the system keychain, the login keychain, and the MicrsoftIntermediateCertificates keychain was not enough. So after banging my head on this one and checking every where I figured it was time to post on Apple. So if someone has some great fix I will bow down to you and kiss your feet
  Thanks,
  Joey T.

  Hello, since nobody else has replied...
  You'll need to download a Certificate from someone, not sure who exzctly, or maybe self sign one? Some onfo on that here...
  http://www.frontiernet.net/~beakmyn/vpn%20howto/Complete%20Home%20VPN%20Howto%20 Guide.html#mozTocId435619
  http://forums.pcpitstop.com/index.php?/topic/198421-cant-login-to-frontiermyyaho o-mail/

• 11G dbca missing security options

  Hello,
  I am looking for default 11G security settings. All documentation I've seen mentions to change this in dbca security options page. I have never seen this in my installations. I tried the database configuration and the database creation routes. I've tried as best as possible to try every permutation of selections (ASM or no, OEM or no, archivelog mode or no, etc..) and there does not seem to be any such thing as a security options page. All paths start out with each page mentioning what step of the process I am on out of 12; (Step 2/12) in the titlebar of dbca window. At step (8/12), no matter what I select or have selected beforehand, the next page is titled step (9/11). I assume the lost step is the security page. Does that happen to anyone else ?
  I would like to find out what that page does in terms of roles, passwords, profiles, init params, auditing, etc..
  Edit: 11.2.0.1 latest psu
  Best
  Edited by: Jason Harris on Aug 1, 2011 10:56 AM

  Could be only available if you install Oracle software and create database in one go using Advanced Installation.
  http://download.oracle.com/docs/cd/E11882_01/server.112/e10897/install.htm#CBHFDDFE says:
  >
  You can choose how to configure the database created by the installer. You can select the memory size and management options, the character sets used to store data, the security options for database access, and whether the sample schemas should be installed.

• Just upgraded to Yosemite 10.10.2 on my iMac 24 inch and now my Suddenlink POP email account won't accept messages. The message says unable to receive Mail and the warning says: Mail cannot send your password securely to the server. You can remove th

  Yesterday I uploaded Yosemite 10.10.2 thinking it was fixed by now. In Mail, my POP account gets this error message: Mail cannot send your password securely to the server. You can remove this restriction in the Accounts preferences by setting “Allow insecure authentication”, which could put your password at risk.
  My provider says it's an Apple issue. The gmail accounts are logging in fine. Any help? Something simple?
  Thanks anyone.

  Thanks Csound1. That did work and Mail was able to connect to the internet. Green light status. Is it because of my provider that I may never have had secure connections? Is that an Apple thing or do PCs have the same issues? Appreciate your help. I'll research insecure connections as I am ignorant of the consequences.

• Loaded Yosemite onto mid 2011 MacBook Air. IMAP account goes offline - message - Mail cannot send your password securely to the server.  Allow insecure authentication doesn't work. Repeated reloads. No joy. Help!

  Mail cannot send your password securely to the server. You can remove this restriction in the Accounts preferences by setting “Allow insecure authentication”, which could put your password at risk.

  I have the same problem.
  Late 2012 imac 27", intel i7 core
  When I upgraded to Yosemite, suddenly my email account (netvigator POP) gives an error:
  Mail cannot send your password securely to the server. You can remove this restriction in the Accounts preferences by setting “Allow insecure authentication”, which could put your password at risk.
  I have shut down & restarted mail, but no success. If I select Allow insecure authentication, it works, but that's not a long term fix.
  I also have a hotmail POP account enabled, and that is working fine.
  What's happening Apple??
  (Long term apple family - iMac, iBooks, TimeCapsule, iPhones, iPads, AirportExpress etc etc)

• HT4864 When trying to update my Mail Account Mailbox Behaviours settings, when I try to close the settings pane the following messages occur: Invalid Incoming Mail Server The "Incoming Mail Server" field cannot be empty. The incoming mail server box has p

  When trying to update my Mail Account Mailbox Behaviours settings, after making the changes when I try to close the settings pane the following messages occur: Invalid Incoming Mail Server The “Incoming Mail Server” field cannot be empty. The incoming mail server box has in light grey colour: p02-imap.mail.me.com in it and I cannot edit its content. Any ideas what is going on and how to fix it?

  Hi all,
  Mattreichenbach is probably on the right track here with a reset of settings.  I think I've determined the issue has to do with cached account information and inconsistencies for the account name.  This seems to crop up when I've changed my password and it hasn't propagated fully to all the servers, devices, certificates, etc.
  Hopefully many here are on their way to restoration of service by now but it's clear that a lot of people are having the same issues.  Very frustrating and definitely something Apple needs to resolve:  incoming mail server field grayed out, incorrect autopopulation of different fields, other unanticipated behaviors.  If you're still having issues, though, here's what worked for me...
  First, head to the iCloud preferences pane in System Configuration and choose "Sign Out".  When I did this it prompted me with a number of "are you sure" type questions about retaining information on my local machine.  I chose to delete/remove the info each time simply because it should all be restored by the cloud and I didn't want to risk a massive duplication of my data... I will say, I'm back up and running with no issues so I suspect you can make the same delete/remove choices...  But use your own judgment.  I don't want you to lose any data (ie.. please use care as you do this because I cannot bear the thought of causing anyone to experience the pain of data loss).
  Once you've signed out of iCloud, restart your system.  When you get back in, head to the Mail, Contacts and Calendars section of your System Preferences and add your account back by choosing the brushed aluminum "iCloud" button.  When it asks for your account name, use your @iCloud.com email address.  I am all but certain my issue had started because one of my devices (iPhone or whatever) had been set up with an email alias specified instead of my @iCloud.com address.
  Apple, if you're reading through any of these issues (there are TONS of users having this same problem).  Take note, that your icloud service somewhat frequently is not responding and yet tells the user that the password is wrong and this prompts people to be changing their passwords unnecessarily.  This has happened to me on numerous occasions.  Also, I noticed that last week's outage corresponded to a VERY similar outage exactly one year ago to the day.  Sounds like planned maintenance to me and I think you could do a better job notifying folks so we're not wasting HUGE amounts of time troubleshooting a problem that we have no hope of fixing.
  Hope that helps some of you!
  Terry Mullane
  Washington, DC

• I have an Airport Express that I am trying to use connected by ethernet to my iMac G4 running Mac OS 10.4.11.  I need to update the Airport software in order to use security option WPA2 Personal.  I currently have Airport software v. 5.6.1.

  I have an Airport Express that I am trying to use connected by ethernet to my iMac G4 running Mac OS 10.4.11.  I need to update the Airport Express softwart in order to use security option WPA2 Personal to connect to the internet through my Airport Extreme.  I currently have Airport Express software version 5.6.1.  How can I update this software? (I can connect directly to my Airport Extreme by ethernet and download the update that way).  Is a later version of A E software available for download anywhere?   Any suggestions would be greatly appreciated.
  Thanks.

  Download and install AirPort Utility 5.4.2 for Mac OS X 10.4.11 "Tiger" here:
  AirPort Utility 5.4.2
  Once installed, launch AirPort Utility. It will tell you if a firmware upgrade is available for your Express.

• In Apex 4.0.1 Security Option Missing Under Manage Services

  In Apex 4.0.1, I am trying to edit session timeouts and password policies. The online docs say to login as as an Administrator and navigate to:
  home->administration->manage services-> security
  I am unable to see the "security" option anywhere.
  Does anyone know how to get to this option?
  Thank you.
  Elie
  Edited by: EEG on Oct 2, 2010 10:00 PM

  Sorry. I just realized that I was logged-in as a "developer" not as the APEX Admin which, of course, is why I couldn't find the "security" option. I had too many windows open at once.
  Elie

• WiFi Security Option No Longer There in 1.0.1 Update??

  Is the Security Option under the WiFi/Settings no longer there in 1.0.1 Update??
  Without it there, it is no longer allowing me to get on 128BIT HEX WEP encrypted WiFi Networks.
  Thanks, Scott K.

  No, it is no longer there...
  But, I HAVE found a solution...
  For a 128BIT HEX password, if you place a 0x before the password, it will then take.
  I noticed these two characters before other 128BIT HEX passwords in the Keychain application on my MacBook, and tried it on the iPhone, and it works!!
  Thanks, Scott K.

• Unable to secure erase: "Security Options" in Disk Utility greyed out.

  Ancient eMac running Leopard. I have moved data to new Mac and am ready to erase old computer and sell/give away.
  Went to "Erase" tab in Disk Utilities and both the "Volume Format" option and "Security Options" fields/buttons are greyed out and uneditable. According to instructions, to erase the data I need to select "Security Options" to proceed to erase all the data on my hard drive.
  How do I "ungrey" that button? Is there a lock somewhere to unlock? Something to disable first?

  You cannot erase the hard drive of the eMac when it is in use. You have to insert the Mac OS X install disk, boot up from there and then erase the disk from the Disk Utility software included.