Application Security Tab in Cisco 871 SDM
Hi,
in the manual of SDM v2.5, an "Application Security" is mentioned that should be in the "Firewall / ACL" section. However, my SDM interface only shows "Create Firewall" and the "Edit...." tabs. Does anyone of you know where I can find this tab?
Hi davistan,
thanks for your reply. According to the SDM v2.5 manual it should indeed be located in the place you indicate. However, it isn't shown in my SDM interface. I have a Cisco 871 with Advanced IP Services.
Similar Messages
-
Cisco 871 to Cisco ASA 5545 Site-to-Site VPN Split Tunnel not working.
Tunnel comes up and can see and access protected traffic but cannot access web (Split Tunnel). Don't know if access problem or route issue.
Listed below is configuration for Cisco 871, any help very much appreciated.
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp key test address x.x.x.x
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto map SDM_CMAP_1 1 ipsec-isakmp
description Tunnel to x.x.x.x
set peer x.x.x.x
set transform-set ESP-3DES-SHA
match address 100
interface FastEthernet0
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
ip address 4.34.195.193 255.255.255.192
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
duplex auto
speed auto
crypto map SDM_CMAP_1
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 172.200.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
ip tcp adjust-mss 1452
ip route 0.0.0.0 0.0.0.0 4.34.195.193 permanent
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
logging trap debugging
access-list 100 remark SDM_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip 172.200.1.0 0.0.0.255 172.16.2.0 0.0.0.255I don't see any NAT configuration above. Check you can PING out to the internet (8.8.8.8 for example) from the router itself as it won't need NAT to PING from the outside interface.
Have a look at this document on setting up NAT for your inside devices:
http://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/13772-12.html -
I can no longer show or delete cookies from my MacBook Pro, since installing the latest update of Safari and Itunes.. Previously, I went to the security tab and clicked on the show cookies option, then opted to delete.. That option has now diappeared and a completely different security tab appears. The tab does not show a cookies option anywhere.
Also, I can no longer see a list of my software applications without opening system profiler.
Sure would appreciate your help. Thanks.Safari's cookies is broken, either intentionally or it's a bug.
You can search the forums for
safari cookies lion
and turn up plenty of threads.
If you need control over your browser cookies and other aspects of your web browser, I suggest you install Firefox.
https://www.mozilla.com/en-US/firefox/fx/ -
Configuration Issue with my Cisco 871 Router
Hi all,
I am a newbie to the Cisco IOS.
I got a Cisco 871 Router that I'd like to use for internet connection. My LAN network is 192.168.1.0/24 and the ISP has assigned us the IP 41.212.79.108/24 and gateway 41.212.79.1.
With my current configuration, I can hit the router - 192.168.1.1 - and it's WAN port - 41.212.79.108 - but not the gateway.
Below is my current config:
Hoggers#show config
Using 4414 out of 131072 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Hoggers
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
enable secret 5 **********************.
no aaa new-model
crypto pki trustpoint TP-self-signed-568493463
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-568493463
revocation-check none
rsakeypair TP-self-signed-568493463
crypto pki certificate chain TP-self-signed-568493463
certificate self-signed 01 nvram:IOS-Self-Sig#7.cer
dot11 syslog
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 192.168.1.1
ip dhcp excluded-address 192.168.1.2
ip dhcp excluded-address 192.168.1.3
ip dhcp excluded-address 192.168.1.4
ip dhcp excluded-address 192.168.1.5
ip dhcp excluded-address 192.168.1.6
ip dhcp excluded-address 192.168.1.7
ip dhcp excluded-address 192.168.1.8
ip dhcp excluded-address 192.168.1.9
ip dhcp excluded-address 192.168.1.10
ip dhcp excluded-address 192.168.1.100
ip dhcp excluded-address 192.168.1.90
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
ip dhcp pool LANPOOL
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 41.212.3.2 41.212.3.253
ip domain name yourdomain.com
ip name-server 41.212.3.2
ip name-server 41.212.3.253
archive
log config
hidekeys
interface FastEthernet0
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
description Wan to Outside World
ip address 41.212.79.108 255.255.255.0
duplex auto
speed auto
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.1.1 255.255.255.0
ip tcp adjust-mss 1452
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 41.212.79.1
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns server
ip nat inside source static tcp 192.168.1.31 80 interface FastEthernet4 80
access-list 23 permit 10.10.10.0 0.0.0.7
no cdp run
control-plane
scheduler max-task-time 5000
end
I'll appreciate any light you can shed on what am missing.2 wireless routers can not communicate wirelessly with each other.
You need to connect cable between 2 routers and use the second wireless router as access point.
Follow this link to connect Linksys router to another router.
Some of your devices are getting same IP address. This might be the issue with DHCP server of the router. You can try DHCP reservation on the router so that each device will get unique IP address. -
Where is the security tab in visual studio
Having a problem with a setup and deply app and searched this forum and found large number of references to solution explorer \ properties \ security. I have created a new projec same issue. I have search to see if this is limited to version of VS and found nothing. I am useing the following verion. Any ideas?
Microsoft Visual Studio 2008
Version 9.0.21022.8 RTM
Microsoft .NET Framework
Version 3.5 SP1
Installed Edition: Standard
Microsoft Visual Basic 2008 91851-136-6258696-60153
Microsoft Visual Basic 2008
Microsoft Visual C# 2008 91851-136-6258696-60153
Microsoft Visual C# 2008
Microsoft Visual C++ 2008 91851-136-6258696-60153
Microsoft Visual C++ 2008
Microsoft Visual Web Developer 2008 91851-136-6258696-60153
Microsoft Visual Web Developer 2008
Windows Installer XML Toolset 3.0
Windows Installer XML Toolset 3.0.5419.0
Copyright (c) Microsoft Corporation. All rights reserved.Hi BarberColman,
As far as I know, only.Net applications(such as WinForm developed in C#,VB) has such an option, native applications(such as program developed with MFC, win32) has no direct support for sign, so such projects do not have a security tab.
The C++ project and Setup Project are both native applications, they do not need .Net framework to run, so you cannot find a security tab on the properties of them.
You can take a look at this blog about CLR and .Net security.
http://blogs.msdn.com/CLRSecurity/
Regards,
Aland Li
Please mark the replies as answers if they help and unmark if they don't. This can be beneficial to other community members reading the thread. -
Built-In Users-group is suddenly gone on folder security tab.
Dear forum-members,
I have got a problem with folder-permissions (acl) on a Windows 2003 Server with Terminal Services (Citrix).
The application "Sybase" is installed on the D-drive (disk). A thrid party application needs Sybase to communicate through the sql.ini with the database. All terminal server users needs read permissions on the Sybase install directory to
use the sql.ini.
Normally every new folder on a server has the Builtin Administrators-group and System account "Full-Control" permissions and the Builtin Users-group had "Read en List" permissions. Now on the Sybase folder only the Builtin Administrators-group
en System account are at the security tab, but
not the Builtin Users-group.
When I manually set the Builtin Users-group with read permissions it okay, but after a while the Builtin Users-group is gone/deleted/removed. There is no signal that a person, proces or action removes the permissions for the Builtin Users-group. I set
Auditing on the folder, but with no result. I know for sure there is no GPO (Group Policy) that removes this group.
For now I have a dirty solution to run a scheduled task every 10 minutes that run xcalcs to set the permissions. A tried a GPO to set the permissions, after a reboot the group policy doesn't apply (only after a gpupdate /force).
Does some one of you has another proper/nice solution to force the read permissions on the Sybase folder for the Builtin Users-group?
Thanks in advance.
Greetings, SidneyHi Shaon,
Thank you for your reply.
The 'third party app' is APP-V sequenced and not in production yet, so only some test users are using the app.
I did a test today to use Domain Users instead of Builtin Users, but the same problem. After a reboot only the Builtin Administrators and SYSTEM has permission on the Sybase installation folder and Domain Users (& Builtin Users) were automatically
removed again.
We have 6 terminal (citrix) servers and all of them has the same problem, so it's not server related.
Could it be an issue with the way how Sybase is packaged (it's a silence install through our deployment application)?
Before I do the next test: Will it help to force the rights (replace permissons) from the upper folder to the sub-folder(s)? (force the inheritance)
Greetings, Sidney -
Error in Event viewer - COM Server application security Issue
Dear All,
I am installing one software on windows cluster environment. But while installing I am getting continuous error in System in Event Viewer as 'The application-specific permission settings do not grant Local Activation permission for the COM Server application
with CLSID {xxxxxxxxxxxxx} and APPID {xxxxxxxxxxxxx} to the user NT SERVICE\SQL Server Distributed Replay Client SID (S-1-5-80-3249811479-4343554-65656-65665) from address LocalHost (Using LRPC). The security permission can be modified using the Component
Services administrative tool.'
I have seen in component services, that app ID I am getting for DReplayController service. On security tab if I want to give permission to that particular user then to which user I want to add in 'Launch and Activate permissions'. I am not getting 'SQL Server
Distributed Replay Controller' user in list.
So, please help me.
Thanks in advance.Hi,
Please try to add this account: NT AUTHORITY\SYSTEM.
More information for you:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 2012
https://social.technet.microsoft.com/forums/systemcenter/en-US/cd8a2c95-70db-4df6-b7f5-eedcc5d898c7/the-applicationspecific-permission-settings-do-not-grant-local-activation-permission-for-the-com
Event ID 10016 issue in SQL Cluster Server
https://social.technet.microsoft.com/Forums/sqlserver/en-US/c5a27692-05c0-4ee4-b97f-1ea438b4e5f7/event-id-10016-issue-in-sql-cluster-server?forum=sqldisasterrecovery
In addition, if there are any further requirements regarding SQL, here are some SQL forums below for you:
https://social.technet.microsoft.com/Forums/sqlserver/en-US/home?category=sqlserver&filter=alltypes&sort=lastpostdesc
Best Regards,
Amy
Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] -
Hi, I'm using vs2012
Grammatically, by C# code, I need to copy a user account's Security (from ADUC Security tab) and apply it to a new user account I created by code. My application creates new AD accounts when needed. I need to duplicate/copy attribute from another
user account that we use as a base template. I can copy most other attributes through property["xxxxx"] but how do I copy all that permission access information under the ADUC Security tab?
How can I do that? Thank you.
Thank youI would recommend asking them in C# forums: https://social.msdn.microsoft.com/Forums/vstudio/en-US/home?forum=csharpgeneral&filter=alltypes&sort=lastpostdesc
This posting is provided AS IS with no warranties or guarantees , and confers no rights.
Ahmed MALEK
My Website Link
My Linkedin Profile
My MVP Profile -
I have Mac 10.8.4 with Safari 6.0.5.
Safari is not displaying the web content but images on the web page are being displayed.
Although the webpage is loaded, but nothing is shown else than Images. When I hover the mouse on the blank webpage shown, the cursor changes on the links on the web page.
I tried resetting the preferences from the menu as well as deleting the Preferences of Safari from ~/Library/Preferences/ but nothing helped.
When I open Preferences of Safari & click on Security tab, It Crashes!!
Thanks,
ShubhiLaunch the Console application in any of the following ways:
☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
☞ Open LaunchPad. Click Utilities, then Console in the icon grid.
Step 1
Make sure the title of the Console window is All Messages. If it isn't, select All Messages from the SYSTEM LOG QUERIES menu on the left. If you don't see that menu, select
View ▹ Show Log List
from the menu bar.
Enter the name of the crashed application or process in the Filter text field. Select the messages from the time of the last crash, if any. Copy them to the Clipboard (command-C). Paste into a reply to this message (command-V).
When posting a log extract, be selective. In most cases, a few dozen lines are more than enough.
Please do not indiscriminately dump thousands of lines from the log into this discussion.
Important: Some private information, such as your name, may appear in the log. Anonymize before posting.
Step 2
Still in the Console window, look under User Diagnostic Reports for crash reports related to the process. The report name starts with the name of the crashed process, and ends with ".crash". Select the most recent report and post the entire contents — again, the text, not a screenshot. In the interest of privacy, I suggest that, before posting, you edit out the “Anonymous UUID,” a long string of letters, numbers, and dashes in the header of the report, if it’s present (it may not be.) Please don’t post shutdownStall, spin, or hang logs — they're very long and not helpful. -
Cisco 871 and 881 routers PCI Compliant?
do you know if the Cisco 871 and 881 routers are PCI complaint for 2015 and if not, are they able to be updated to be PCI Compliant?
thanks,
I am a Franchisee for a pizza chain and they are stating the routers will not be compliant with the new credit card PCI standards.Any router can be PCI complaint as long you follow the PCI guide to harden the router and apply the correct filters.For example; one of the PCI requirement is to disable telnet access to the router and only use SSH. So, this can easily be accomplished if you have the right IOS with security installed.
HTH -
I have a cisco 871 router and I am not able to make a pppoe connection with ISP.
Config:
Building configuration...
Current configuration : 2043 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname home_gateway
boot-start-marker
boot-end-marker
enable secret 5 $1$G3f1$Le8WUWVfpRAUnS0wfIJDA0
no aaa new-model
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.0.0.1
ip dhcp pool AP
network 10.0.0.0 255.255.255.0
default-router 10.0.0.1
no ip domain lookup
ip domain name limelite
multilink bundle-name authenticated
username admin password 0 cisco
archive
log config
hidekeys
interface FastEthernet0
switchport access vlan 100
interface FastEthernet1
switchport access vlan 100
interface FastEthernet2
switchport access vlan 100
interface FastEthernet3
switchport access vlan 200
interface FastEthernet4
description Link to WAN
no ip address
ip nat outside
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
interface Vlan1
no ip address
interface Vlan100
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly
interface Vlan200
ip address 10.0.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
interface Dialer1
description ISP DialIn
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication pap chap callin
ppp chap hostname xxx
ppp chap password 0 xxx
ppp pap sent-username xxx password 0 xxx
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
no ip http secure-server
ip nat inside source list 1 interface Dialer1 overload
access-list 1 permit 192.168.2.0 0.0.0.255
access-list 1 permit 10.0.0.0 0.0.0.255
dialer-list 1 protocol ip permit
control-plane
line con 0
logging synchronous
login local
no modem enable
line aux 0
line vty 0 4
login local
transport input telnet ssh
scheduler max-task-time 5000
webvpn cef
end
home_gateway#sh ip int brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0 unassigned YES unset up up
FastEthernet1 unassigned YES unset up down
FastEthernet2 unassigned YES unset up down
FastEthernet3 unassigned YES unset up down
FastEthernet4 unassigned YES manual up up
Vlan1 unassigned YES NVRAM up down
NVI0 unassigned NO unset up up
Vlan100 192.168.2.1 YES NVRAM up up
Vlan200 10.0.0.1 YES NVRAM up down
Dialer1 188.25.128.187 YES IPCP up up
Virtual-Access1 unassigned YES unset up up
I am able to get an ip address. But cannot ping into internet.
home_gateway#ping 8.8.8.8 source vlan 100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 192.168.2.1
Success rate is 0 percent (0/5)
home_gateway#traceroute 8.8.8.8 source vlan 100
Type escape sequence to abort.
Tracing the route to 8.8.8.8
1 * * *
2 * *
Nat translations are making.
home_gateway#sh ip nat tra
Pro Inside global Inside local Outside local Outside global
icmp 188.25.128.187:3 192.168.2.1:3 8.8.8.8:3 8.8.8.8:3
udp 188.25.128.187:49166 192.168.2.1:49166 8.8.8.8:33434 8.8.8.8:33434
udp 188.25.128.187:49167 192.168.2.1:49167 8.8.8.8:33435 8.8.8.8:33435
udp 188.25.128.187:49168 192.168.2.1:49168 8.8.8.8:33436 8.8.8.8:33436
udp 188.25.128.187:49169 192.168.2.1:49169 8.8.8.8:33437 8.8.8.8:33437
tcp 188.25.128.187:54211 192.168.2.10:54211 81.161.59.31:80 81.161.59.31:80
tcp 188.25.128.187:54212 192.168.2.10:54212 54.208.162.210:80 54.208.162.210:80
tcp 188.25.128.187:54221 192.168.2.10:54221 81.161.59.31:80 81.161.59.31:80
tcp 188.25.128.187:54222 192.168.2.10:54222 54.236.215.239:80 54.236.215.239:80
udp 188.25.128.187:56128 192.168.2.10:56128 5.14.64.48:40572 5.14.64.48:40572
udp 188.25.128.187:56128 192.168.2.10:56128 79.117.219.236:24111 79.117.219.236:24111
udp 188.25.128.187:56128 192.168.2.10:56128 86.125.250.226:60404 86.125.250.226:60404
udp 188.25.128.187:56128 192.168.2.10:56128 188.24.8.159:17835 188.24.8.159:17835
home_gateway#
home_gateway#sh ip ro
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
C 192.168.2.0/24 is directly connected, Vlan100
S* 0.0.0.0/0 is directly connected, Dialer1
Any suggestions for what can be the problem?hello,
Still is not working. Ip routing is activated by default and ip classless too in 12.4 ios version.
I have deleted the dialer interface and reconfig it. Then tried first with the ppp ipcp route default, but still not receiving the default route.
I have been putting back the static route with dialer 1 exit interface.
interface Dialer1
mtu 1492
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
ppp pap sent-username bb1011991 password 7 005D45505D03535659761C
ppp ipcp dns request
ppp ipcp route default
interface FastEthernet4
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
All the same, I recieve Ip address.
gateway#sh ip int brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0 unassigned YES unset up up
FastEthernet1 unassigned YES unset up down
FastEthernet2 unassigned YES unset up down
FastEthernet3 unassigned YES unset up down
FastEthernet4 unassigned YES manual up up
Vlan1 unassigned YES NVRAM administratively down down
NVI0 unassigned NO unset up up
Vlan100 192.168.2.1 YES NVRAM up up
Vlan200 10.0.0.1 YES NVRAM up down
Dialer1 188.27.188.38 YES IPCP up up
Virtual-Access1 unassigned YES unset up up
I have debuged ip routing and ppp packet, this is what I got.
Ppp packet
gateway#ping 8.8.8.8 source vlan 100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 192.168.2.1
*Mar 15 19:31:37.634: Vi1 LCP: O ECHOREQ [Open] id 11 len 12 magic 0x1F9E0BC9
*Mar 15 19:31:37.634: Vi1 LCP-FS: I ECHOREP [Open] id 11 len 12 magic 0xE49B3E1C
*Mar 15 19:31:37.634: Vi1 LCP-FS: Received id 11, sent id 11, line up
*Mar 15 19:31:38.558: Vi1 PPP: O pkt type 0x0021, datagramsize 102.
*Mar 15 19:31:40.558: Vi1 PPP: O pkt type 0x0021, datagramsize 102.
*Mar 15 19:31:42.558: Vi1 PPP: O pkt type 0x0021, datagramsize 102.
*Mar 15 19:31:44.558: Vi1 PPP: O pkt type 0x0021, datagramsize 102.
*Mar 15 19:31:46.558: Vi1 PPP: O pkt type 0x0021, datagramsize 102.
Success rate is 0 percent (0/5)
Ip routing
*Mar 15 19:32:08.114: IP-Static: 0.0.0.0 0.0.0.0 Dialer1 Path = 1, route table no change, recursive flag clear
*Mar 15 19:33:06.961: IP: s=192.168.2.1 (local), d=8.8.8.8 (Dialer1), len 100, sending.
*Mar 15 19:33:08.113: RT: NET-RED 0.0.0.0/0 -
An alert message pops up upon opening saying could not initiate application security component, and it says to check to see if profile has no read/write restrictions. Than when it opens all of my saved passwords are gone, I use a master password and its disabled. When I try to enter in a new on e it says can't change password. I can't even open yahoo e-mail says that my ssl security is down but when I check it its clicked. I'm just very confused as to whats going on.
== This happened ==
Every time Firefox opened
== 5/14/2010 ==
== User Agent ==
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Chrome/4.1.249.1064 Safari/532.5See [[Could not initialize the browser security component]]
Rename (or delete) secmod.db (secmod.db.old) in the [http://kb.mozillazine.org/Profile_folder_-_Firefox Profile Folder] in case there is a problem with the file. -
The Secure Store Service application Secure Store Service Proxy is not accessible
I am working on setting up a new SharePoint 2013 Farm for our external web site which is currently running on 2010 SharePoint. Because this is an External Website for our organization we have an internally available Publishing Site and there is an Web App
Extension to provide Anon Access to users using the www address. Currently I am doing everything on a single server for testing with HOSTS entries to loop back so I can test with real host headers and not impact the 2010 prod environment. We will be setting
up 2 more WFEs with a NLB before moving this into prod but it isn't there yet. We brought the Site Collection Databases over but are still running in 2010 mode for now.
I migrated a copy of the Secure Store Database over from 2010 and had it put on the 2013 Farm's Database Server. Set up Secure Store and the Secure Store Proxy. I went into the Secure Store Proxy in CA and refreshed the Key with the proper Pass Phrase. After
doing that I could see the Target Application IDs listed. Everything was looking good so I went off to test. If I am on the publishing site I can go to a page that has the solution on it and it operates as expected. It does a query to a non SharePoint database
and returns information filtered based on the search parameters. The only odd thing I see is if I click on the "Site Actions" I get a message "An error has occurred with the data fetch. Please refresh page and retry." Need to look into
that more but it only happens on pages that have these solutions. Maybe a clue. If I go to the Anonymous Access page (www......) and try and use the solution, it immediately (way too quick to appear like it is doing anything) comes back with "The security
token request cannot be completed."
If I dig through the usage logs I am finding the following.
The Secure Store Service application Secure Store Service Proxy is not accessible. The full exception text is: The security token request cannot be completed.
Unexpected exception from endpoint address : https://[Servername]:32844/4e87fd3aabb640fb8cc3ed52188cf5c0/SecureStoreService.svc/https
Logging unknown/unexpected client side exception: InvalidOperationException. This will cause this application server to be removed from the load balancer queue. Exception: System.InvalidOperationException: The security token request cannot be completed.
at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForServiceContext(Uri contextUri) at Microsoft.SharePoint.SPChannelFactoryOperations.InternalCreateChannelActingAsLoggedOnUser[TChannel](ChannelFactory`1 factory, EndpointAddress
address, Uri via) at Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplicationProxy.GetChannel(Uri address) at Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplicationProxy.Execute[T](String operationName,
Boolean validateCanary, ExecuteDelegate`1 operation).
Initially I was fighting a firewall issue because it wasn't working (different errors) on both sides. Had Network Engineers open firewall ports needed and now it works on the publishing side. Still the same error on the Anon side. I suspect I have missed
something when it comes to configuring the Secure Store to allow access to anonymous connections.
Let me know if you need any more information but that should paint a pretty good picture as to how things are set up.
Thanks for any help on this one. Searches haven't found much that has helped so far.Hi Sennister,
I recommend to verify the things below:
Did this issue occur with all the pages in the anonymous side?
Check if the Claims to Windows Token Service is started.
Change the <identity impersonate="true" /> in the web.config to see if the issue still occurs.
Thanks,
Victoria
Forum Support
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Victoria Xia
TechNet Community Support -
Weblogic 9.2 console - no security tab
I have weblogic 9.2 installed on windows xp. If I open a deployment in the console, there is no tab labeled Security. I have used webex to verify that some colleagues, with the same software, are seeing this tab, but so far I haven't reached a conclusion regarding the differences. Is there an obvious place to look?
Thanks for your contribution. But ... holy mackerel! I went through an extensive rigmarole, successfully creating a new weblogic admin user, then I logged into the console with that user, and ... same issue!
An interesting quirk: if I select my web module, then select testing, and then click the plus button to expand the module ... I suddenly see a fifth tab, called Security. But if I click on that, there is nothing there. If I click on any other tab, the Security tab disappears. -
Need Help: Web Analysis, Unable to retrieve the data & Security Tab missing
Hi
I'm new to Hyperion (our version: 9.2.1) and we're implementing Hyperion Planning. One of the reporting tools is Web Analysis.
I'm trying to create simple grid reporting. but I'm unable to retrieve the data instead the result is "n/a"
and
The File's Properties > Security tab is missing
Does anyone know my issue?
Thanks,Hi Experts,
You told its resolved.how?
I am having the same issue i am unable to retrive the tables.
"Database:MS SQL Server
Driver :weblogic.jdbcx.sqlserver.SQLServerDataSource.
Connection String:jdbc:weblogic:sqlserver://localhost:1433;databaseName=BAM"
Please help if you have resolved this issue.Any helpful links plz forward [email protected]
Thanks
Maybe you are looking for
-
HP Officejet 4500 will print but won't scan - MAC OS 10.6.8
Hi We've been using our HP Officejet 4500 for about 3 years with mostly no issues. Recently, we were having some issues. We uninstalled the software and then used Apple Software Update to reinstall. Now the printer works perfectly for printing wirele
-
Not able to open Enterprise dba console in 10g after changing the system ip
Hi Guys, I have installed 10g database on windows 2003 server. I was able to open the Enterprise manager DB console(EM) after installation. But I changed the IP address of the system and now I m not able to open the Enterprise manager. Any help will
-
Need to link theTables STXH and MAPL or PLPO
Hi Gurus, I need to link the tables STXH and MAPL ( or PLPO) as we are preparing a report to fetch the routings and materials on the basis of object text (i.e available in routing long text). Please help me in this regard. Thank you in advance. Nave
-
I change memory card form 2 GB to 4 GB in my nokia E5,but there is a problem,the device show that card as NO Name,and I am not able to found how to rename the card..
-
No applications open after OSX 10.6.7 update
Hi, I have just updated the OS to 10.6.7. After installation and reboot no applications other than Safari and Apps Store open. All other applications return "xx quit unexpectedly", this is the case for iTunes, Garageband, all MS Office applications,