Auto-Signon issue with RADIUS authentication
Hi all, i post again a question Posted by ronin2307 on Nov 27, 2007, 9:40am PST
I HAVE THE SAME ISSUE WITH 8.0.3 release!
Hi,
we have a fairly simple configuration running on our ASA and try to make use of the webvpn on occasion. The feature used to work great with 7.2, but after we upgraded to 8.0 we started having problems.
Basically an user (network admin) can log in through the webvpn interface (authenticated by a RADIUS server) and see the links to network shares we provide, click on them and at that point the user is promptedfor credentials again. upon entering them then message comes up that the access to the resources has been blocked due to security reasons.
Now to me that makes no sense whatsoever. I have already run the following command:
auto-signon allow ip 192.168.1.0 255.255.255.0 auth-type ntlm
to try to prevent the second credentials prompt but to doesn't do anything.
I also tried to capture the webvpn traffic, according to the user manual, but now i have a zip file that contains bunch of files, I cannot read (except notepad, but that doesn't help a lot). Ethereal will not open the files. I couldn't get to display the capture in the browser as described in the manual.
can anybody give me an idea on what to do to troubleshoot this problem? Thank you very much.
For single sign on using NTLM on a webVPN set up, you need to ensure you configure it through the command line. Did you use the ASDM for this single sign on? To configure auto-signon for all WebVPN users to servers with IP addresses ranging from
10.1.1.0 to 10.1.1.255 using NTLM authentication, for example, enter the following
commands:
hostname(config)# webvpn
hostname(config-webvpn)# auto-signon allow ip 10.1.1.1 255.255.255.0 auth-type ntlm
http://www.cisco.com/en/US/docs/security/asa/asa71/asdm51/selected_procedures/asdmsso.html
Similar Messages
-
ASA , Cisco VPN client with RADIUS authentication
Hi,
I have configured ASA for Cisco VPN client with RADIUS authentication using Windows 2003 IAS.
All seems to be working I get connected and authenticated. However even I use user name and password from Active Directory when connecting with Cisco VPN client I still have to provide these credentials once again when accessing domain resources.
Should it work like this? Would it be possible to configure ASA/IAS/VPN client in such a way so I enter user name/password just once when connecting and getting access to domain resources straight away?
Thank you.
Kind regards,
AlexHi Alex,
It is working as it should.
You can enable the vpn client to start vpn before logon. That way you login to vpn and then logon to the domain. However, you are still entering credentials twice ( vpn and domain) but you have access to domain resources and profiles.
thanks
John -
Issue with Anonymous Authentication and updating or starting new projects
So 2 weeks ago I had a post about Anonymous Authentication found here:
https://social.technet.microsoft.com/Forums/office/en-US/9b0e6eec-190a-4b48-a280-6adef441659a/issue-with-anonymous-authentication-and-people-picker-and-reports?forum=sharepointgeneral&prof=required
That issue has been resolved but has created a new issue. We have Anonymous Authentication disabled but when one of our users tries to make a new project she gets the following:
Unexpected response from server. The status code of response is '0'. The status text of response is ''.
When she tries to edit an existing project, she gets the following:
The server was unable to save the form at this time. Please try again.
If I re-enable the Anonymous Auth. everything works for her again, but then we face the issue from the original post with reports not publishing.
Any ideas on how to make everything get along?#apDiv2 {
position: absolute;
width: 698px;
height: 299px;
z-index: 1;
left:50px;
top: 117px;
overflow: scroll;
Don't forget to fix your code errors. You're still missing a <body> tag in your markup.
Nancy O. -
NAC guest server with RADIUS authentication for guests issue.
Hi all,
We have just finally successfully installed our Cisco NAC guest server. We have version 2 of the server and basically the topology consists of a wism at the core of the network and a 4402 controller at the dmz, then out the firewall, no issues with that. We do however have a few problems, how can we provide access through a proxy without using pak files obviously, and is there a way to specify different proxies for different guest traffic, based on IP or a radius attribute etc.
The second problem is more serious; refer to the documentation below from the configuration guide for guest nac server v2. It states that hotspots can be used and the Authentication option would allow radius authentication for guests, I’ve been told otherwise by Cisco and they say it can’t be done, has anyone got radius authentication working for guests.
https://www.cisco.com/en/US/docs/security/nac/guestserver/configuration_guide/20/g_hotspots.html
-----START QUOTE-----
Step 7 From the Operation mode dropdown menu, you can select one of the following methods of operation:
•Payment Provider—This option allows your page to integrate with a payment providing billing system. You need to select a predefined Payment Provider from the dropdown. (Refer to Configuring Payment Providers for details.) Select the relevant payment provider and proceed to Step 8.
•Self Service—This option allows guest self service. After selection proceed to Step 8.
•Authentication—This option allows RADIUS authentication for guests. Proceed to Step 9.
----- END QUOTE-----
Your help is much appreciated on this, I’ve been looking forward to this project for a long time and it’s a bit of an anti climax that I can’t authenticate guests with radius (We use ACS and I was hoping to hook radius into an ODBC database we have setup called open galaxy)
Regards
Kevin WoodhouseWell I will try to answer your 2nd questions.... will it work... yes. It is like any other radius server (high end:)) But why would you do this for guest.... there is no reason to open up a port on your FW and to add guest accounts to and worse... add them in AD. Your guest anchor can supply a web-auth, is able to have a lobby admin account to create guest acounts and if you look at it, it leaves everything in the DMZ.
Now if you are looking at the self service.... what does that really give you.... you won't be able to controll who gets on, people will use bogus info and last but not least.... I have never gotten that to work right. Had the BU send me codes that never worked, but again... that was like a year ago and maybe they fixed that. That is my opinion. -
Cisco PI 1.3 - Internal Server Error with RADIUS-authentication
Hi,
I have a problem with a Cisco Prime Infrastructure 1.3 (Appliance, fully patched) that I'm trying to authenticate against a Radiator RADIUS-server.
From the RADIUS-server's point of view it looks fine, but I just get an HTTP Status 500 internal error (see attached image) when trying to log in.
I'm not the one managing the RADIUS-server but I got the following debug sent from them:
Wed Oct 30 08:52:06 2013: DEBUG: Packet dump:
*** Received from 10.36.0.132 port 17235 ....
Code: Access-Request
Identifier: 102
Authentic: REMOVED
Attributes:
User-Name = "test-user"
User-Password = REMOVED
NAS-IP-Address = 10.36.0.132
Message-Authenticator = REMOVED
Wed Oct 30 08:52:06 2013: DEBUG: Handling request with Handler 'Client-Identifier=/^prime[.]net[.]REMOVED[.]se$/', Identifier 'Network-Prime-AAA'
Wed Oct 30 08:52:06 2013: DEBUG: Deleting session for test-user, 10.36.0.132,
Wed Oct 30 08:52:06 2013: DEBUG: Handling with Radius::AuthUNIX:
Wed Oct 30 08:52:06 2013: DEBUG: Radius::AuthUNIX looks for match with test-user [test-user]
Wed Oct 30 08:52:06 2013: DEBUG: Radius::AuthUNIX ACCEPT: : test-user [test-user]
Wed Oct 30 08:52:06 2013: DEBUG: AuthBy UNIX result: ACCEPT,
Wed Oct 30 08:52:06 2013: DEBUG: Handling with Radius::AuthFILE:
Wed Oct 30 08:52:06 2013: DEBUG: Radius::AuthFILE looks for match with test-user [test-user]
Wed Oct 30 08:52:06 2013: DEBUG: Radius::AuthFILE ACCEPT: : test-user [test-user]
Wed Oct 30 08:52:06 2013: DEBUG: AuthBy FILE result: ACCEPT,
Wed Oct 30 08:52:06 2013: DEBUG: Access accepted for test-user
Wed Oct 30 08:52:06 2013: DEBUG: Packet dump:
*** Sending to 10.36.0.132 port 17235 ....
Code: Access-Accept
Identifier: 102
Authentic: REMOVED
Attributes:
cisco-avpair = "NCS:virtual-domain0=ROOT-DOMAIN"
cisco-avpair = "NCS:role0=Admin"
cisco-avpair = "NCS:task0=View Alerts and Events"
cisco-avpair = "NCS:task1=Device Reports"
..the rest of the AV-pairs removed
Does anyone have any idea on what the the problem is, or some tips on how to troubleshoot? (rebooting and ncs stop/start has no impact on the issue)
//CharlieI ran into a similar issue this morning in my lab. After I issued ncs status - the database service came back as not running. I stop/started the Prime services and it came up. Once all the services were running my WLC imported with no issues. I also deployed another server for another lab and it had issues with the clocking being out of sync.
-
Auto Size issue with Media Gallery .AS files
First off, thanks for taking a look!
I came across this Adobe devnet article the other day while
looking for info on creating Flash web based image galleries
here.
In summary, it's an introduction on modifying the .XML files to
personalize your galleries created with Adobe Photoshop Elements 5.
Also in this article, there is a link to download source files
including gallery templates and a working .FLA file, which is
really the point of my post.
So. I've gone through the .AS, Javascript, and .XML files
looking for variables and parameters for controlling the
stage/auto/scale of the clip. I've read through each several times
making adjustments here and there and I've been able to change most
of what I want, but for the life of me I can not seem to get
control over the scaling of the clip when the user resizes the
browser. I have been able to load the clip at a set width and
height, with a minimum width and height, but again once the user
pulls the browser out, the entire screen scales with it.
My ideal goal is to embed a modified version of the .SWF with
set dimensions into a parent .SWF. On first load everything looks
great for about half a second - until the .AS files are loaded. At
this point the size of the gallery .SWF expands to fill the width
of the host browser. Actually, it expands beyond the browser frame
but that's neither here nor there. I'll admit the amount of code is
beyond me, but I can usually pick things apart enough to butcher it
to into what I need ;P If that can't happen, then I'm perfectly
happy to stick with the HTML gallery so it's no big deal really.
I'm just curious to know if any of you have experience with this
particular file and might suggest a direction?
I'll keep digging around, but at the moment I think i've
found about all I can translate or I'm missing something horribly
obvious. If you've played with this file, I would love some
insight. If not, and you're looking for a starting point for a
flash photo gallery, then take a look at the article. The
supporting files seem a bit heavy, but maybe that's just me. =]
Thanks again!
- noel.For single sign on using NTLM on a webVPN set up, you need to ensure you configure it through the command line. Did you use the ASDM for this single sign on? To configure auto-signon for all WebVPN users to servers with IP addresses ranging from
10.1.1.0 to 10.1.1.255 using NTLM authentication, for example, enter the following
commands:
hostname(config)# webvpn
hostname(config-webvpn)# auto-signon allow ip 10.1.1.1 255.255.255.0 auth-type ntlm
http://www.cisco.com/en/US/docs/security/asa/asa71/asdm51/selected_procedures/asdmsso.html -
Slowness Issues with Windows Authentication in SharePoint Foundation 2010 sites
All,
We are having a strange issue with SharePoint Foundation 2010 sites where sites are very slowly loading when accessed via windows based authentication where as the extended sites in forms authentication are loading normally.
There were no error logs or even SharePoint logs also except the images load time is showing with different load times.
Attached are the patches that were updated to the server that may be issue but not sure. Can some one please share your thoughts.
SQL connectivity b/w the server is good.there are no n/w issues except that the users are using the sites with a different domain other than the domain in which the servers were hosted.
There is a trust b/w the two domains.This was never changed and there were no issues in the last 2 years.
Thanks keshav,Share point Developerwe do have trusted domains
Inder : It would be better if you run that command again now.
Inder: How many AD server do you have
Inder: Do you notice the login request go to nearest AD server.
and https sites. Please share your thoughts.
Inder: All the certificate have intermedite certificates. You need to logon to each SP server, and install
these certificates on trusted root authority
If this helped you resolve your issue, please mark it Answered -
SCCM 2012 R2 ADR issue with proxy authentication
Hi,
We're migrating SCCM 2007 to SCCM 2012 R2.
In SCCM 2007, the proxy server is configured with user authentication, and this works.
In SCCM 2012 R2, the Software Update Point is installed locally and connected with a local WSUS 4.0 (Server 2012)
We use a proxy with user authentication for Update Deployment. (This user is the same as configured in SCCM 2007.)
The Proxy Server is Blue Coat SG.
The proxy account is used for:
The Synchronization works, but Automatic Deployment Rule (ADR) doesn't work.
When an Automatic Deployment Rule is started, it tries to authenticate 3 times.
The Patchdownloader.log shows:
Trying to connect to the root\SMS namespace on the <servername> machine. Software Updates Patch Downloader 11/8/2013
12:19:06 3608 (0x0E18)
Connected to
\\<servername>\root\SMS Software Updates Patch Downloader 11/8/2013 12:19:06 3608
(0x0E18)
Trying to connect to the
\\<servername.domain>\root\sms\site_ECM namespace on the <servername.domain> machine. Software Updates Patch Downloader 11/8/2013
12:19:06 3608 (0x0E18)
Connected to
\\<servername.domain>\root\sms\site_ECM Software Updates Patch Downloader 11/8/2013 12:19:06 3608
(0x0E18)
Download destination =
\\<servername.domain>\dp_wks_ms_updates$\3208bb5e-bcd9-4389-a0c9-02ef33ccb998.1\XPSEPSC-x86-en-US.exe . Software Updates Patch Downloader 11/8/2013 12:19:07 3608
(0x0E18)
Contentsource =
http://wsus.ds.www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/xpsepsc-x86-en-us_7ae70ca1330a099080c6c41c4d5b7f19b30dc0cd.exe . Software Updates Patch Downloader 11/8/2013
12:19:07 3608 (0x0E18)
Downloading content for ContentID = 16819067,
FileName = XPSEPSC-x86-en-US.exe. Software Updates Patch Downloader 11/8/2013 12:19:07 3608 (0x0E18)
Try username <domain\ProxyAccount> Software Updates Patch Downloader 11/8/2013 12:19:07 8364
(0x20AC)
Proxy enabled proxy server <proxyserver>:8080 Software Updates Patch Downloader 11/8/2013
12:19:07 8364 (0x20AC)
HttpSendRequest failed HTTP_STATUS_PROXY_AUTH_REQ Software Updates Patch Downloader 11/8/2013
12:19:07 8364 (0x20AC)
Download
http://wsus.ds.www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/xpsepsc-x86-en-us_7ae70ca1330a099080c6c41c4d5b7f19b30dc0cd.exe to C:\Windows\TEMP\CAB6FD2.tmp returns 407 Software Updates
Patch Downloader 11/8/2013 12:19:07 8364 (0x20AC)
ERROR: DownloadContentFiles() failed with hr=0x80070197 Software Updates Patch Downloader 11/8/2013
12:19:07 3608 (0x0E18)
Then the proxy user account is locked:
Trying to connect to the root\SMS namespace on the <servername> machine. Software Updates Patch Downloader 11/8/2013
12:20:11 3608 (0x0E18)
Connected to \\ <servername>\root\SMS Software Updates Patch Downloader 11/8/2013
12:20:11 3608 (0x0E18)
Trying to connect to the
\\<servername.domain>\root\sms\site_ECM namespace on the <servername.domain> machine. Software Updates Patch Downloader 11/8/2013
12:20:11 3608 (0x0E18)
Connected to
\\<servername.domain>\root\sms\site_ECM Software Updates Patch Downloader 11/8/2013 12:20:11 3608
(0x0E18)
Download destination =
\\<servername.domain>\dp_wks_ms_updates$\e0a54221-3ff2-4129-b7cf-89bf5cd1f726.1\Windows-KB943729-x86-ENU.exe . Software Updates Patch Downloader 11/8/2013
12:20:12 3608 (0x0E18)
Contentsource =
http://wsus.ds.download.windowsupdate.com/msdownload/update/software/updt/2009/10/windows-kb943729-x86-enu_e174c41ce3dcbd5c8922d6d1c39df1be425a70e0.exe . Software Updates Patch Downloader 11/8/2013
12:20:12 3608 (0x0E18)
Downloading content for ContentID = 16824262,
FileName = Windows-KB943729-x86-ENU.exe. Software Updates Patch Downloader 11/8/2013 12:20:12 3608 (0x0E18)
Try username <domain\ProxyAccount> Software Updates Patch Downloader 11/8/2013 12:20:12 12480
(0x30C0)
Proxy enabled proxy server <proxyserver>:8080 Software Updates Patch Downloader 11/8/2013
12:20:12 12480 (0x30C0)
HttpSendRequest failed HTTP_STATUS_FORBIDDEN or HTTP_STATUS_DENIED Software Updates Patch Downloader 11/8/2013
12:20:12 12480 (0x30C0)
Download
http://wsus.ds.download.windowsupdate.com/msdownload/update/software/updt/2009/10/windows-kb943729-x86-enu_e174c41ce3dcbd5c8922d6d1c39df1be425a70e0.exe to C:\Windows\TEMP\CAB6E4B.tmp returns 403 Software Updates
Patch Downloader 11/8/2013 12:20:12 12480 (0x30C0)
ERROR: DownloadContentFiles() failed with hr=0x80070193 Software Updates Patch Downloader 11/8/2013
12:20:12 3608 (0x0E18)
The RuleEngine.log shows:
Failed to download the update from internet. Error = 403 SMS_RULE_ENGINE 11/8/2013 16:18:25 3608 (0x0E18)
Failed to download ContentID 16824467 for UpdateID 16819978. Error code = 403 SMS_RULE_ENGINE 11/8/2013 16:18:25 3608 (0x0E18)
It seems that the ADR uses a wrong password when authenticating with the proxy, but this same user works when synchronizing with WSUS.
We performed the following actions with no result:
run the ADR manually and automatic,
reinstalled WSUS and SUP,
changed proxy user account.
Regards,
MatthiasCurrently, the command shows:
Current WinHTTP proxy settings:
Direct access (no proxy server).
We've been testing with:
upddwnldcfg.exe /s:<proxyserver>:<port> /u:<user> /allusers
psexec -i -s iexplore.exe, set Internet Explorer proxy manually
All with same result, proxy user getting locked when ADR runs.
(These settings have been removed after the test.)
I think dekac99 would suggest netsh winhttp set proxy or import proxy.
then turn off proxy use on the role SUP (this way not SCCM will send auth but all winhttp will use proxy)
the problems with that for me are:
- if MS implemented role-based proxy usage, why set at http layer - of course this might work as a workaround for the time being so it might be a good idea but I'm just not sure what unwanted issues it may cause
- the other thing is where I'm not sure, with set proxy you cannot define authentication account. if you use import from IE and the IE prompted for proxy auth, the stored credential will be used on winhttp layer (though I'm not 100% sure of that) - so this
is just too uncontrolled for me
- upddwnldcfg.exe will need to run in the name of system account (it stores credentials under HKCU so far I know it will be a per user based setting)
--> what confuses me, the catalog synch works which should use the same configured proxy and account(?), only ADR does not work. shouldn't they both use the same process for sending account auth info? -
Lightroom 5 auto import issues with nikon d90
Hoping someone can help answer my question - I am wondering if Lightroom 5 has any issues with the auto import or tethering feature using a Nikon d90? I was using Lightroom 2 and the auto import feature has no issues with my d90. After I installed Lightroom 5 (Cloud App) and ran it for the first time, the first thing I used was the tethering feature and it worked great for 4 shots. I turned my camera off and then back on again and LR would not recognize my camera any longer for tethering. What's strange is that it will detect it for "Importing from Device" option. So, I went to plan two which was to auto import and that wasn't working at all. I am at a loss. I have a shoot coming up this weekend and need for one of these options to work. Any help is appreciated!!!
I use a D90, but I have never tried tethered shooting with it. Other users might have some suggestions for you, but looking at the list of supported cameras for tethered shooting the D90 is not "officially" supported in Lightroom. So you're probably on your own to find solutions. I know this isn't a lot of help.
-
Hello,
I have the following strange behavior:
my WLCs connects to RADIUS server using the IP address of a dynamic interface instead of using the management interface's IP address.
Tha dynamic interface is on the same subnet/vlan of the RADIUS server.
which is the best interface to use for RADIUS authentications?
And how can I decide which interface shuold be the IP radius-source interface for connecting with my radius servers?
Thanks everybody
JohnnyIf you have the Radius server on a subnet in which you have any interface on the wlc on, you will see the wlc using that interface ip address. The AAA client ip address you should use is the dynamic interface ip address. The only time you will see the wlc use its management interface is when your wired and wireless (dynamic interfaces) are on different subnets.
-
Issue with Anonymous Authentication and People Picker and reports
Hello,
We are having an issue with sharepoint 2013 where we have reports that get published to sharepoint via visual studio and we use the people picker for different list.
The overall issue is SSRS does not work if Anonymous Authentication is enabled which caused this error when trying to publish a report:
The permissions granted to user 'NT AUTHORITY\ANONYMOUS LOGON' are insufficient for performing this operation. ---> Microsoft.ReportingServices.Diagnostics.Utilities.AccessDeniedException:
The permissions granted to user 'NT AUTHORITY\ANONYMOUS LOGON' are insufficient for performing this operation
However, if we disable Anonymous Authentication, the people picker search option does not work and we get there error:
Sorry, we're having trouble reaching the server.
I found this web blog on a solution, https://blog.karstein-consulting.com/2014/02/18/sharepoint-2013-people-picker-error-sorry-were-having-trouble-reaching-the-server/
however this did not work.
Does anyone have ant other suggestions?Hi JCrescenzo,
Please try to get the property of the people picker, perhaps there is a rule that implemented on your environment:
stsadm -o getproperty -propertyname peoplepicker-searchadcustomfilter -url
http://site_collection_url
If yes, clear it by running:
stsadm -o setproperty -propertyname peoplepicker-searchadcustomfilter -propertyvalue " " -url
http://site_collection
There are two similar posts, please check if they are useful for you:
https://social.technet.microsoft.com/Forums/en-US/621d439b-f2eb-4dc2-8797-eb7f2f3996e4/people-picker-returning-search-filter-is-invalid-in-uls-log-when-searching-for-users?forum=sharepointgeneralprevious
https://gavinmckay.wordpress.com/2011/07/15/troubleshooting-sharepoint-2010-claims-based-authentication-with-active-directory-lightweight-directory-services-ad-lds/
Best Regards,
Wendy
Wendy Li
TechNet Community Support -
Apple Support admitted an Issue with WEP authentication and some Routers
After reading many posts here and other places I logged a service call to Apple support. With the particulars: AT&T U-verse 2 Wire router would not connect with WEP would connect with Security disabled. I wanted a call logged before I went past the return time
I got a call back immediately after a few basic questions I was passed to a product manager for ipads, it seems connectivity issues are taken seriously.
The upper level support said there were known issues with some routers and WEP security we steeped through changing the security and it works fine now.
Bottom Line:
Apple knows there is an issue with some routers
They were very helpful and acknowledged the issue.
He even stayed on the line while I reconfigured one of my Windows PC to make sure it connected to the new settings
I suggest to all to log a call and get a tech support involved before taking the iPad to the local store
They certainly new their are some connectivity issues. If that does not work you can always return it.
He did not admit it was a Apple issue and did not commit that Apple was working on it but it is something they are aware of.
So skip the Apple store got right to tech support.
Just my 2 cents."But folks need to go straight to tech support. I live in oz, so it will be interesting to see if they help me.. or not.. but if support gets inundated they will fix it or have a massive recall (not likely on the latter)."
Can't agree more. I used to manage a tech support department and it is all about the numbers. No matter how many forum entries the issues that get addressed are dictated by the reports.
So for those that are buying new routers contact Tech Support first even if you end up getting a new router the call is logged that will get Apple's attention.
People that are not familiar with post launch processes have no idea how things that need to get corrected and enhanced are dictated by support requests -
Freaky Issue With Radius In Cisco 7206
yesterday I faced a weird issue in 7200 router. It was configured as LNS using its loopback for radius authnetication. But when I checked the logs on radius it is getting the physical interface ip. After that I configured my source as physical interface authentication process completed.
Can anyone tell me why it is not getting source as loopback. On other routers it is working fine.
regards
shivlu jainShivlu,
Glad it is now working. I think it could be related to CSCsq32625, which is a duplicate of CSCse02550, which was indeed fixed in 12.2(31)S13.
CSCsq32625
ip radius source-int not working inside aaa group server config
Symptom: Only Global setting for the AAA Radius server source interface is functioning. Setting the source-interface in the AAA Group configuration has no effect. Conditions: This condition is visible when a router must use more than one source-interface designation for communicating with the RADIUS servers serving it. For example, if there are two groups of servers, and one group uses a Loopback for the source interface, and second group uses the management FastEthernet interface as the source interface. Workaround: All radius servers need to be able to respond to a single source interface, as multiple sources distinguished by AAA Groups are not functioning. Further Problem Description: None
Regards -
Auto Restart Issue with Mac Book AIR
Have been using a Macbook PRO for sometime, no problem with Parallel installed. Due to frequent traveling, light and compact is my priority now, so I bought another AIR (11" i7 chip w/ Parallel installed as well). It was working flawlessly for few weeks, used it to download a couple of updates when I was in China (approx. 4Mbit/sec line speed) still no issues. UNTIL when I get back to my office and using WIFI updated another few stuffs, the AIR started to behave strangely with "your computer needs to restart due to problem ..." the last few days it happened at least 10 times daily, so I did what I know with the usual Mac way, reset PRAM, repair permissions blah blah blah ..problems persists so I called the service centre and the technician I talked to suggested the issue could be from 'your moderate internet speed causing incomplete system updated files.' ; half convinced but I followed / reinstalled ...with no CD, it has to press option to select to reinstall -- only then I realized a big problem, originally it states requires 27 hours to reinstall a fresh LION in my AIR but finally it completed and restated in still about MASSIVE 7-1/2 hours time.
As I have bought a USB network connector now (a convenient gadget when stays at hotels with different levels of facilities offered), this is not so troublesome and I think fellow users should consider using network and avoid using WIFI for this purpose. I notice once the left USB once was used (without turning off the WIFI) it keeps breaking the connections, as I read some articles from this forum the left USB could has some stability issues. After all the time spent, the computer freezes at times and auto restarts again. What the heck has this causes the AIR to behave this way ?
NEXT, I also read on the Power issues, I bought it without realizing one of the technical highlight is on high performance battery management but you can chop my head off and sit on mine if the AIR can last 3 hours (probably the suggested time is with computer power on but without using it at all). I don't want to sound un-nice as I have been using Mac for many many years: 1) if AIR is entirely basing on internet (VERY HIGH SPEED) for support is not a really very friendly method for users if there is reliability issues via internet line support, says what if we are caught in remote area with 30k/sec line speed then we are totally dead ... ; 2) the recent scare makes me dare not using the software updates now, as technician suggested, write down what is required to update, find it from apple and do it manually ...Goohs, my Mac Book Pro using side by side doesn't has this issue. Since when was the last time I have to suffer maintaining a Mac myself ? ... @%#&@*!(!
Anyone has clue to these or simply return to service centre to handle for me ?
Thanks in advance (first time user in this community).Hello!
I´m sorry it took so long to reply, but I´m new to these blogs; and I´ve been travelling a lot... Anyway, I was able to configure Airport Express, but I was told I could use it to expand my wireless network inside my house; which I found it´s not possible.
So, I´m returning my Airport Express to the store tomorrow and try to figure out a way to extend my wireless in any other way.
Any sugestion? Big houses are a problem...
Best regards, and once again thank you!
Antonio -
Exchange Server 2013 with RADIUS authentication
Hello,
I am a student and doing an internship. I have to test Microsoft Exchange Server 2013.
I am using Windows Server 2012, I already installed Exchange Server 2013 on it and everything works as intended.
But I couldn't find out how to configure my Windows Server 2012 in order to authenticate my mailbox users from Exchange Server 2013 with a RADIUS server which is not on my Windows Server 2012. I have to use their RADIUS server, the RADIUS server from the
company where I am doing my internship.
I already created a NPS and added the RADIUS Client + Remote RADIUS Server Groups. I created a Connection Request Policies with the condition:
User Name *
I forwarded the Connection Request to the Remote RADIUS server that I created in Remote RADIUS Server Groups and then I registered the NPS in th AD. But it's still not working.
Maybe I did something wrong or I misunderstood something or does this even work with Exchange Server 2013? To authenticate mailbox users with a RADIUS server before they can login into their mailbox and use their mailbox?
Thanks in advance.On Wed, 26 Mar 2014 09:21:25 +0000, DavidIntern wrote:
I already put the NPS as a RADIUS proxy. I followed this check list http://technet.microsoft.com/en-us/library/cc772591.aspx
But the things is I want to make it work with our freeRADIUS2 that we have in place here. Without changing our freeRADIUS2. But I found out this is not possible since we are not using any Active Directory with it. Since I am still a newbie in this environment,
I am not sure if it is possible.
But my main question was if it was possible to use freeRADIUS2 and that my NPS would be the RADIUS proxy. So my question is answered, if I understood right, without making any changes to our freeRADIUS2 this is not going to be possible right? Because we have
no AD?
Our setup is freeRADIUS2 + MySQL database where all the users are stored.
As I mentioned in my previous response this really isn't the right place
for this question but why would you want to try to use a MySQL store for
authenticating against Exchange in the first place when you've already got
an authentication store (Active Directory) that is tightly integrated with
Exchange?
I still really don't understand what it is you're trying to accomplish nor
why you're trying to use such a complicated, convoluted method to
authenticate Exchange users.
Paul Adare - FIM CM MVP
Any sufficiently advanced bug is indistinguishable from a feature.
Maybe you are looking for
-
Adobe Download Assistant, Photoshop Elements 11
Altho' I've tried many times over the past few days, I've been unable to download Photoshop Elements 11 using the Adobe Download Assistant. I received an email from Adobe inviting me to download Elements 11, with a key to convert the trial version to
-
Itunes 11.0.1 not importing CDs properly
I have just updated to itunes 11.0.1 and now find that it won't import cds properly. The import window functions as it should and the CD imports onto the hard disk. (I can find the files using Finder). However, itunes does not show the files. If I
-
How to upload and down load Document from Server in Webdynpro Java
Hi, I have to upload and download document to the server and from the server. The examle and the sample application which is available in SDN is not helpful as its about uploading and downloading from the application context.Please let me know how to
-
Hi guys, We found kids' iPod and can't access as nobody remembers Passcode for it. As far as I remember, we bought at the very end of 2008 or begining of 2009; thus, I assume it could be 1st Generation. It's has this silver back and it's very thin. I
-
MY mbp charger not workin