Caller djunker2 not authorized.

Hi @ all,
i want to deploy some applications on a Web AS 6.40.
I tried to connect with the Visual Administrator an got the following error message:
"Error while connecting
com.sap.engine.services.jmx.exception.JmxSecurityException: Caller djunker2 not authorized, only role administrators is allowed to access JMX"
I have set up following roles to my user:
Administrator --> Administrator role
system_admin_role --> System Admin
super_admin_role --> Super Administration
content_admin_role --> Content Admin
I'm still not allowed to login with the Visual Admin.
Can anyone tell me which role is needed to get the authorization?
Thanks,
Dennis

I am getting the same error when trying to get my developers into the Standalone Log Viewer. Can you let me know which role resolved your issue. thanks,
Dede

Similar Messages

Error while trying to login to ecc6: Caller J2EE_ADMIN not authorized, only

After installation fo ECC6,When I am trying to connect to visual admin,I am getting given below error.
I am also not able to login to NWA
Application cannot be started.
Details:
com.sap.engine.services.deploy.container.ExceptionInfo: Naming error.
System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Caller J2EE_ADMIN not authorized, only role administrators is allowed to access JMX#
#1.5#C000C0A8016400010000000001A6B16F0004A600094A9828#1308418992937#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-13,6,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Cannot authenticate the user.#
#1.5#C000C0A8016400020000000001A6B16F0004A6000C292AF0#1308419041078#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-24,6,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Caller J2EE_ADMIN not authorized, only role administrators is allowed to access JMX#
#1.5#C000C0A8016400030000000001A6B16F0004A6001D1853B8#1308419325187#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-35,6,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Caller J2EE_ADMIN not authorized, only role administrators is allowed to access JMX#
#1.5#C000C0A8016400000000000001CA1A680004A6008F78FF48#1308421244125#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-2,5,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Caller J2EE_ADMIN not authorized, only role administrators is allowed to access JMX#
#1.5#C000C0A8016400010000000001CA1A680004A600919BB068#1308421279953#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-13,6,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Cannot authenticate the user.#
#1.5#C000C0A8016400020000000001CA1A680004A6009220F598#1308421288687#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-24,6,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Caller J2EE_ADMIN not authorized, only role administrators is allowed to access JMX#
#1.5#C000C0A8016400030000000001CA1A680004A60097A70598#1308421381359#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-35,6,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Cannot authenticate the user.#
#1.5#C000C0A8016400040000000001CA1A680004A6009867E880#1308421394000#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-46,6,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Cannot authenticate the user.#
#1.5#C000C0A8016400000000000001402EEB0004A600E643EE28#1308422700265#/System/Server/VisualAdministrationTool##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-2,5,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Plain###Error while trying to login to ecc6: Caller J2EE_ADMIN not authorized, only role administrators is allowed to access JMX#
Any help would be highly appreciated.
Thanks
Sukrut

Hello,
If you have a installation of dual stack(ABAP + JAVA) system.. check in SU01 transaction if SAP_J2EE_ADMIN role is assigned to the J2EE_ADMIN user. If not, please assign it.
For only JAVA stack systems, default administrator user is Administrator.
thanks
ashish

You are not authorized to call up line item display (FB03)

Hi,
actually; I am facing a problem; one user is getting error message "You are not authorized to call up line item display" when he is trying to view the payment usage of document no in FB03 transaction code.
I have checked and found that user is already having display access for the company code which he is putting under company code field.
Also as per the SU53 screen shot; it is showing
Authorization check failed for S_CTS_ADMI
Field - CTS_ADMFCT
for - TABL
I have not run the trace yet..
Kindly advice on what could be the problem and solution for that...
Many thanks in advance for your help.
Regards,
Anuj

> Also as per the SU53 screen shot; it is showing
>
> Authorization check failed for S_CTS_ADMI
> Field - CTS_ADMFCT
> for - TABL
Total Questions: 8 (6 unresolved)
Good match!

AMDP syntax call to external procedure: "SQLScript message: insufficient privilege: Not authorized"

I am getting the message "SQLScript message: insufficient privilege: Not authorized" in the syntax check in SE24 for an AMDP call to an external procedure which is not located in the default schema (located in schema MYSCHEMA).
With DB_DBUSER & DB_DBSCHEMA I have confirmed the default user and schema to both be SAPHANAABAP.
In HANA Studio the owner of schema MYSCHEMA has granted the following privileges:
grant debug on schema MYSCHEMA to SAPHANAABAP;
grant select on schema MYSCHEMA to SAPHANAABAP;
grant update on schema MYSCHEMA to SAPHANAABAP;
grant delete on schema MYSCHEMA to SAPHANAABAP;
grant insert on schema MYSCHEMA to SAPHANAABAP;
grant attach debugger to SAPHANAABAP;
What is the missing piece in this puzzle?

Thanks

Unable to use Datasource.cfc in Admin API - The current user is not authorized to invoke this method

Hi Everyone,
I am having some issues accessing the methods in the datasource.cfc in the adminAPI.
I can successfully load the administrator CFC and am told that I have successsfuly logged in;
But when I try to subsequently load the datasource.cfc I get an error that the current user is unable to access the method.
/* Create an Admin API object and call the login method */
                                                  var local = {};
                                                  local.adminObj = createObject("component", "cfide.adminapi.administrator");
                                                  /* Enter your password for the CF Admin */
/* if you dump this - TRUE is returned */
                                                  local.adminObj.login(adminPassword="my_admin_user_password");
                                                  /* Create an object of datasource component */
                                                  local.dsnObj = createObject("component", "cfide.adminapi.datasource");
writeDump(local.dsnObj.getDataSources());
I tried creating separate admin users and passwords - yhinking that perhaps a revent hotfix had stopped the "admin" user from being allowed to use the adminAPI - but changing to a new adminuser yielded the same results.
I could login to the admin API with the new username and passsword - but could not access the datasource.cfc after that.
Here is the debug output from the error...
The current user is not authorized to invoke this method.
The error occurred in accessmanager.cfc: line 48
Called from datasource.cfc: line 52
Called from C:/inetpub/wwwroot/projectDir/trunk/Application.cfc: line 155
Called from C:/inetpub/wwwroot/projectDir/trunk/Application.cfc: line 52
Called from C:/inetpub/wwwroot/projectDir/trunk/Application.cfc: line 45
Called from C:/inetpub/wwwroot/projectDir/trunk/Application.cfc: line 1
-1 : Unable to display error's location in a CFML template.
Resources:
Check the ColdFusion documentation to verify that you are using the correct syntax.
Search the Knowledge Base to find a solution to your problem.
Browser
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31
Remote Address
127.0.0.1
Referrer
Date/Time
22-Apr-13 01:09 PM
Stack Trace
at cfaccessmanager2ecfc974154242$funcCHECKADMINROLES.runFunction(E:/cf10_final/cfusion/wwwro ot/CFIDE/adminapi/accessmanager.cfc:48) at cfdatasource2ecfc1679861966$funcGETDATASOURCES.runFunction(E:/cf10_final/cfusion/wwwroot/ CFIDE/adminapi/datasource.cfc:52) at cfApplication2ecfc498167235$funcPREREQUISITESTART.runFunction(C:/inetpub/wwwroot/projectD ir/trunk/Application.cfc:155) at cfApplication2ecfc498167235$funcINIT.runFunction(C:/inetpub/wwwroot/projectDir/trunk/Appl ication.cfc:52) at cfApplication2ecfc498167235._factor5(C:/inetpub/wwwroot/projectDir/trunk/Application.cfc: 45) at cfApplication2ecfc498167235.runPage(C:/inetpub/wwwroot/projectDir/trunk/Application.cfc:1 )
coldfusion.runtime.CustomException: The current user is not authorized to invoke this method. at coldfusion.tagext.lang.ThrowTag.doStartTag(ThrowTag.java:142) at coldfusion.runtime.CfJspPage._emptyTcfTag(CfJspPage.java:2799) at cfaccessmanager2ecfc974154242$funcCHECKADMINROLES.runFunction(E:\cf10_final\cfusion\wwwroot\CFIDE\adminapi\accessmanager.cfc:48) at coldfusion.runtime.UDFMethod.invoke(UDFMethod.java:472) at coldfusion.filter.SilentFilter.invoke(SilentFilter.java:47) at coldfusion.runtime.UDFMethod$ArgumentCollectionFilter.invoke(UDFMethod.java:368) at coldfusion.filter.FunctionAccessFilter.invoke(FunctionAccessFilter.java:55) at coldfusion.runtime.UDFMethod.runFilterChain(UDFMethod.java:321) at coldfusion.runtime.UDFMethod.invoke(UDFMethod.java:220) at coldfusion.runtime.TemplateProxy.invoke(TemplateProxy.java:655) at coldfusion.runtime.TemplateProxy.invoke(TemplateProxy.java:444) at coldfusion.runtime.TemplateProxy.invoke(TemplateProxy.java:414) at coldfusion.runtime.CfJspPage._invoke(CfJspPage.java:2432) at cfdatasource2ecfc1679861966$funcGETDATASOURCES.runFunction(E:\cf10_final\cfusion\wwwroot\CFIDE\adminapi\datasource.cfc:52) at coldfusion.runtime.UDFMethod.invoke(UDFMethod.java:472) at coldfusion.filter.SilentFilter.invoke(SilentFilter.java:47) at coldfusion.runtime.UDFMethod$ReturnTypeFilter.invoke(UDFMethod.java:405) at coldfusion.runtime.UDFMethod$ArgumentCollectionFilter.invoke(UDFMethod.java:368) at coldfusion.filter.FunctionAccessFilter.invoke(FunctionAccessFilter.java:55) at coldfusion.runtime.UDFMethod.runFilterChain(UDFMethod.java:321) at coldfusion.runtime.UDFMethod.invoke(UDFMethod.java:220) at coldfusion.runtime.TemplateProxy.invoke(TemplateProxy.java:655) at coldfusion.runtime.TemplateProxy.invoke(TemplateProxy.java:444) at coldfusion.runtime.TemplateProxy.invoke(TemplateProxy.java:414) at coldfusion.runtime.CfJspPage._invoke(CfJspPage.java:2432) at cfApplication2ecfc498167235$funcPREREQUISITESTART.runFunction(C:\inetpub\wwwroot\projectDir\trunk\Application.cfc:155) at coldfusion.runtime.UDFMethod.invoke(UDFMethod.java:472) at coldfusion.runtime.UDFMethod$ReturnTypeFilter.invoke(UDFMethod.java:405) at coldfusion.runtime.UDFMethod$ArgumentCollectionFilter.invoke(UDFMethod.java:368) at coldfusion.filter.FunctionAccessFilter.invoke(FunctionAccessFilter.java:55) at coldfusion.runtime.UDFMethod.runFilterChain(UDFMethod.java:321) at coldfusion.runtime.UDFMethod.invoke(UDFMethod.java:220) at coldfusion.runtime.CfJspPage._invokeUDF(CfJspPage.java:2659) at cfApplication2ecfc498167235$funcINIT.runFunction(C:\inetpub\wwwroot\projectDir\trunk\Application.cfc:52) at coldfusion.runtime.UDFMethod.invoke(UDFMethod.java:472) at coldfusion.runtime.UDFMethod$ArgumentCollectionFilter.invoke(UDFMethod.java:368) at coldfusion.filter.FunctionAccessFilter.invoke(FunctionAccessFilter.java:55) at coldfusion.runtime.UDFMethod.runFilterChain(UDFMethod.java:321) at coldfusion.runtime.UDFMethod.invoke(UDFMethod.java:220) at coldfusion.runtime.CfJspPage._invokeUDF(CfJspPage.java:2659) at cfApplication2ecfc498167235._factor5(C:\inetpub\wwwroot\projectDir\trunk\Application.cfc:45) at cfApplication2ecfc498167235.runPage(C:\inetpub\wwwroot\projectDir\trunk\Application.cfc:1) at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:244) at coldfusion.runtime.TemplateProxyFactory.resolveComponentHelper(TemplateProxyFactory.java:538) at coldfusion.runtime.TemplateProxyFactory.resolveName(TemplateProxyFactory.java:234) at coldfusion.runtime.TemplateProxyFactory.resolveName(TemplateProxyFactory.java:159) at coldfusion.runtime.TemplateProxyFactory.resolveFile(TemplateProxyFactory.java:120) at coldfusion.cfc.CFCProxy.<init>(CFCProxy.java:138) at coldfusion.cfc.CFCProxy.<init>(CFCProxy.java:84) at coldfusion.runtime.AppEventInvoker.<init>(AppEventInvoker.java:64) at coldfusion.filter.ApplicationFilter.invoke(ApplicationFilter.java:232) at coldfusion.filter.MonitoringFilter.invoke(MonitoringFilter.java:40) at coldfusion.filter.PathFilter.invoke(PathFilter.java:112) at coldfusion.filter.ExceptionFilter.invoke(ExceptionFilter.java:94) at coldfusion.filter.BrowserDebugFilter.invoke(BrowserDebugFilter.java:79) at coldfusion.filter.ClientScopePersistenceFilter.invoke(ClientScopePersistenceFilter.java:28) at coldfusion.filter.BrowserFilter.invoke(BrowserFilter.java:38) at coldfusion.filter.NoCacheFilter.invoke(NoCacheFilter.java:46) at coldfusion.filter.GlobalsFilter.invoke(GlobalsFilter.java:38) at coldfusion.filter.DatasourceFilter.invoke(DatasourceFilter.java:22) at coldfusion.filter.CachingFilter.invoke(CachingFilter.java:62) at coldfusion.CfmServlet.service(CfmServlet.java:219) at coldfusion.bootstrap.BootstrapServlet.service(BootstrapServlet.java:89) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at coldfusion.monitor.event.MonitoringServletFilter.doFilter(MonitoringServletFilter.java:42) at coldfusion.bootstrap.BootstrapFilter.doFilter(BootstrapFilter.java:46) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:928) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:414) at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:204) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:539) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:298) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) at java.lang.Thread.run(Thread.java:662)
And here is the listed exceptions, beneath the stack trace;
13:09:56.056 - cfadminapiSecurityError Exception - in E:/cf10_final/cfusion/wwwroot/CFIDE/adminapi/accessmanager.cfc : line 48
         The current user is not authorized to invoke this method.
13:09:56.056 - cfadminapiSecurityError Exception - in E:/cf10_final/cfusion/wwwroot/CFIDE/adminapi/accessmanager.cfc : line 48
         The current user is not authorized to invoke this method.
13:09:56.056 - java.io.FileNotFoundException - in C:/ColdFusion10/cfusion/wwwroot/WEB-INF/exception/errorcontext.cfm : line 44
         E:/cf10_final/cfusion/wwwroot/CFIDE/adminapi/accessmanager.cfc (The system cannot find the path specified)
This perspn seems to be having the same issue;
http://forums.adobe.com/message/5051892
and I agree I don't have "E" drive either!

I've found a solution to my plight - I don't know if it'll work for you or help you try something that MAY fix it.
I use a common code set which includes the Application.cfc from a CF Mapping - So, in the application.cfc in the actual website I do this:-
<cfinclude template="/UberDirectory/Application.cfc">
Then, in the /UberDirectory/Application.cfc, I was initialising a CFC which checks if the datasource was created for the website. The datasource checking code attempts to log into the Admin API and check & create if necessary the datasource.
This has previously worked without fail for me - But in this instance it failed!! I was doing two things wrong - Firstly, the CFC should only be called in the Application.cfc in the onRequestStart section as the Application had to be initialised first - This is maybe because I've invoked the application.cfc in a "non-standard" manner.
Secondly, once I'd moved the CFC invocation into oNRequestStart I saw the following error:-
The string COOKIE.CFAUTHORIZATION_uber-directory is not a valid ColdFusion variable name.
I had this as the app name .... <cfset this.name = 'uber-directory'>
Changedthe dash to an underscore and I was away and could once again check the datasources
Hope it helps
Martin

I can't sync my new purchases, saying computer not authorized, but when I try to authorize it says incorrect passcode when I know is correct. Already unistalled and reinstalled. help?

I am having trouble syncing my ipod nano with my desktop. I purchased new songs that show up on my desktop but cannot get them to sync to my nano. The computer keeps giving me the message it is not authorized. Then it asks for my passcode which it says is incorrect. Which how can that happen when I can still go into Itunes and purchases songs with the same passcode? The computer just keeps looping to "not authorized" and "incorrect passcode". But I was able to see my computer is 1 of 2 computers authorized but does not seem to be recognizing this. So, I called apple support and they had me unistall and reinstall itunes but I am still having the same problem. Does anyone have any suggestions how to get pass this? Any help would be great thanks!!

Hello lenmin,
Thanks for using Apple Support Communities.
To help resolve this issue where you're repeatedly prompted to authorize with your Apple ID in iTunes when syncing, please follow the directions in the article below.
iTunes: Missing folder or incorrect permissions may prevent authorization - Apple Support
Have a great weekend,
Alex H.

Since Installing 7.0 Message that "Not authorized to play on this computer"

Since installing ITUNES 7.0 earlier this week I just tried to sync to my IPOD. I now get a message that a host of songs (and albums) weren't synced to my IPOD because "You are not authorized to play them on this computer". That's funny; they all show up in my purchased folder in ITUNES.
What's up with this and is ITUNES working on a fix. I would say beware of updating as I think their security for purchased music protection is playing games with our libraries.
I this point I want 6.0 back but of course when you update you lose the older version out of your add/remove in the control panel.
I'm contacting support too as I have over 1600 songs purchased so you think they may want to figure it out. I won't purchase another song until this is fixed. I suggest anyone else with the same problem do the same.

Called tech this morning and that's exactly what they said. I had to authorize one song and then all the songs/albums synced succesfully.
Thanks.

SSO not authorized:no login module success

Hi Friends,
I am Geeting this error while opening the Report Designer any one help me???????
"java system error call FM_BICS_CONS_GET_VIEW_DEF_J_PROXY to progid XXXXX on host
APD with SSO not authorized:no login module success "
Regards
Vipul Kapadia

solved by basis team

Java System error: SSO not authorized: authorization Failed

Hi,
I am getting the following error while opening a BEx report designer or WAD and iam unable to design any report or create a dashboard
"Java System Error: Call to FM BICS_CONS_GET_VIEW_DEF_J_PROXY to ProdId ASEP_PORTAL_E01 on host ASEP wiht SSO not authorized . Authentication Failed"
System Details:
BI and EP are installed in Same server
BI Config:
softwarwe component : SAP_BW
Release : 700
Patch Level: 0021
Support Pack : SAPKW70021 (SAP NetWeaver BI 7.0)
EP config:
SAP NetWeaver BI 7.0 SP Level 15
Please suggest .

It seems that something wrong in integration between JAVA Stack (from where you accessing BW report) a BW back end system. Try to run Support Desk Tool:
http://<your_server>:<port>/irj/servlet/prt/portal/prteventname/HtmlbEvent/prtroot/com.sap.ip.bi.supportdesk.default
to see what is wrong in this area.

You are not authorized to use transaction SFP

Hello Experts,
I am not authorized to Run SFP T code in Quality system.
There is an error when i am opening Adobe form on CRM Web UI. This is because Dynamic Function module call is giving Dump. I want to check the Form layout in Quality system and also the interface.
There is one FM or Report program via which we can enter the SFP T code. Could any one tell me the name of this FM ? or is it a Report Program.
Error which i am getting while opening is as shown below.
500 SAP Internal Server Error
ERROR: Syntax error in program /1BCDWB/SAPLSM00000035 . (termination: RABAX_STATE)
When i checked in the above program there is no error. But Dynamic FM Call triggers this.
BR,
Nikhil Kulkarni

Hi Nikhil,
Please ensure whether you are having necessary privileges from authorization perspective to execute the above mentioned T-code and if you had that, please request you to share me the error screenshot for further resolution to your issue.
And also request you to check whether the above t-code is Valid or not and request any one of the SECURITY Admin to switch on the Trace during execution of the T-code to find out the exact authorization missing which is required for your functionality.
Please do let me know if any queries.
Thanks,
Kumar

AnyConnect error " User not authorized for AnyConnect Client access, contact your administrator"

Hi everyone,
it's probably just me but I have tried real hard to get a simple AnyConnect setup working in a lab environment on my ASA 5505 at home, without luck. When I connect with the AnyConnect client I get the error message "User not authorized for AnyConnect Client access, contact your administrator". I have searched for this error and tried some of the few solutions out there, but to no avail. I also updated the ASA from 8.4.4(1) to 9.1(1) and ASDM from 6.4(9) to 7.1(1) but still the same problem. The setup of the ASA is straight forward, directly connected to the Internet with a 10.0.1.0 / 24 subnet on the inside and an address pool of 10.0.2.0 / 24 to assign to the VPN clients. Please note that due to ISP restrictions, I'm using port 44455 instead of 443. I had AnyConnect working with the SSL portal, but IKEv2 IPsec is giving me a headache. I have stripped down certificate authentication which I had running before just to eliminate this as a potential cause of the issue. When running debugging, I do not get any error messages - the handshake completes successfully and the local authentication works fine as well.
Please find the current config and debugging output below. I appreciate any pointers as to what might be wrong here.
: Saved
ASA Version 9.1(1)
hostname ASA
domain-name ingo.local
enable password ... encrypted
xlate per-session deny tcp any4 any4
xlate per-session deny tcp any4 any6
xlate per-session deny tcp any6 any4
xlate per-session deny tcp any6 any6
xlate per-session deny udp any4 any4 eq domain
xlate per-session deny udp any4 any6 eq domain
xlate per-session deny udp any6 any4 eq domain
xlate per-session deny udp any6 any6 eq domain
passwd ... encrypted
names
name 10.0.1.0 LAN-10-0-1-x
dns-guard
ip local pool VPNPool 10.0.2.1-10.0.2.10 mask 255.255.255.0
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif Internal
security-level 100
ip address 10.0.1.254 255.255.255.0
interface Vlan2
nameif External
security-level 0
ip address dhcp setroute
regex BlockFacebook "facebook.com"
banner login This is a monitored system. Unauthorized access is prohibited.
boot system disk0:/asa911-k8.bin
ftp mode passive
clock timezone PST -8
clock summer-time PDT recurring
dns domain-lookup Internal
dns domain-lookup External
dns server-group DefaultDNS
name-server 10.0.1.11
name-server 75.153.176.1
name-server 75.153.176.9
domain-name ingo.local
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network LAN-10-0-1-x
subnet 10.0.1.0 255.255.255.0
object network Company-IP1
host xxx.xxx.xxx.xxx
object network Company-IP2
host xxx.xxx.xxx.xxx
object network HYPER-V-DUAL-IP
range 10.0.1.1 10.0.1.2
object network LAN-10-0-1-X
access-list 100 extended permit tcp any4 object HYPER-V-DUAL-IP eq 3389 inactive
access-list 100 extended permit tcp object Company-IP1 object HYPER-V-DUAL-IP eq 3389
access-list 100 extended permit tcp object Company-IP2 object HYPER-V-DUAL-IP eq 3389
tcp-map Normalizer
check-retransmission
checksum-verification
no pager
logging enable
logging timestamp
logging list Threats message 106023
logging list Threats message 106100
logging list Threats message 106015
logging list Threats message 106021
logging list Threats message 401004
logging buffered errors
logging trap Threats
logging asdm debugging
logging device-id hostname
logging host Internal 10.0.1.11 format emblem
logging ftp-bufferwrap
logging ftp-server 10.0.1.11 / asa *****
logging permit-hostdown
mtu Internal 1500
mtu External 1500
ip verify reverse-path interface Internal
ip verify reverse-path interface External
icmp unreachable rate-limit 1 burst-size 1
icmp deny any echo External
asdm image disk0:/asdm-711.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
object network obj_any
nat (Internal,External) dynamic interface
object network LAN-10-0-1-x
nat (Internal,External) dynamic interface
object network HYPER-V-DUAL-IP
nat (Internal,External) static interface service tcp 3389 3389
access-group 100 in interface External
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server radius protocol radius
aaa-server radius (Internal) host 10.0.1.11
key *****
radius-common-pw *****
user-identity default-domain LOCAL
aaa authentication ssh console radius LOCAL
http server enable
http LAN-10-0-1-x 255.255.255.0 Internal
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec ikev2 ipsec-proposal DES
protocol esp encryption des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
protocol esp encryption 3des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
protocol esp encryption aes
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES192
protocol esp encryption aes-192
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES256
protocol esp encryption aes-256
protocol esp integrity sha-1 md5
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
crypto map External_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map External_map interface External
crypto ca trustpoint srv01_trustpoint
enrollment terminal
crl configure
crypto ca trustpoint asa_cert_trustpoint
keypair asa_cert_trustpoint
crl configure
crypto ca trustpoint LOCAL-CA-SERVER
keypair LOCAL-CA-SERVER
crl configure
crypto ca trustpool policy
crypto ca server
cdp-url http://.../+CSCOCA+/asa_ca.crl:44435
issuer-name CN=...
database path disk0:/LOCAL_CA_SERVER/
smtp from-address ...
publish-crl External 44436
crypto ca certificate chain srv01_trustpoint
certificate <output omitted>
quit
crypto ca certificate chain asa_cert_trustpoint
certificate <output omitted>
quit
crypto ca certificate chain LOCAL-CA-SERVER
certificate <output omitted>
quit
crypto ikev2 policy 1
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-192
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 20
encryption aes
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 30
encryption 3des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 40
encryption des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 enable External client-services port 44455
crypto ikev2 remote-access trustpoint asa_cert_trustpoint
telnet timeout 5
ssh LAN-10-0-1-x 255.255.255.0 Internal
ssh xxx.xxx.xxx.xxx 255.255.255.255 External
ssh xxx.xxx.xxx.xxx 255.255.255.255 External
ssh timeout 5
ssh version 2
console timeout 0
no vpn-addr-assign aaa
no ipv6-vpn-addr-assign aaa
no ipv6-vpn-addr-assign local
dhcpd dns 75.153.176.9 75.153.176.1
dhcpd domain ingo.local
dhcpd option 3 ip 10.0.1.254
dhcpd address 10.0.1.50-10.0.1.81 Internal
dhcpd enable Internal
threat-detection basic-threat
threat-detection scanning-threat shun except ip-address LAN-10-0-1-x 255.255.255.0
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
dynamic-filter use-database
dynamic-filter enable interface Internal
dynamic-filter enable interface External
dynamic-filter drop blacklist interface Internal
dynamic-filter drop blacklist interface External
ntp server 128.233.3.101 source External
ntp server 128.233.3.100 source External prefer
ntp server 204.152.184.72 source External
ntp server 192.6.38.127 source External
ssl encryption aes256-sha1 aes128-sha1 3des-sha1
ssl trust-point asa_cert_trustpoint External
webvpn
port 44433
enable External
dtls port 44433
anyconnect image disk0:/anyconnect-win-3.1.02026-k9.pkg 1
anyconnect profiles profile1 disk0:/profile1.xml
anyconnect enable
smart-tunnel list SmartTunnelList1 mstsc mstsc.exe platform windows
smart-tunnel list SmartTunnelList1 putty putty.exe platform windows
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless
webvpn
anyconnect profiles value profile1 type user
username write.ingo password ... encrypted
username ingo password ... encrypted privilege 15
username tom.tucker password ... encrypted
class-map TCP
match port tcp range 1 65535
class-map type regex match-any BlockFacebook
match regex BlockFacebook
class-map type inspect http match-all BlockDomains
match request header host regex class BlockFacebook
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 1500
id-randomization
policy-map TCP
class TCP
set connection conn-max 1000 embryonic-conn-max 1000 per-client-max 250 per-client-embryonic-max 250
set connection timeout dcd
set connection advanced-options Normalizer
set connection decrement-ttl
policy-map type inspect http HTTP
parameters
protocol-violation action drop-connection log
class BlockDomains
policy-map global_policy
class inspection_default
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect dns preset_dns_map dynamic-filter-snoop
inspect http HTTP
service-policy global_policy global
service-policy TCP interface External
smtp-server 199.185.220.249
privilege cmd level 3 mode exec command perfmon
privilege cmd level 3 mode exec command ping
privilege cmd level 3 mode exec command who
privilege cmd level 3 mode exec command logging
privilege cmd level 3 mode exec command failover
privilege cmd level 3 mode exec command vpn-sessiondb
privilege cmd level 3 mode exec command packet-tracer
privilege show level 5 mode exec command import
privilege show level 5 mode exec command running-config
privilege show level 3 mode exec command reload
privilege show level 3 mode exec command mode
privilege show level 3 mode exec command firewall
privilege show level 3 mode exec command asp
privilege show level 3 mode exec command cpu
privilege show level 3 mode exec command interface
privilege show level 3 mode exec command clock
privilege show level 3 mode exec command dns-hosts
privilege show level 3 mode exec command access-list
privilege show level 3 mode exec command logging
privilege show level 3 mode exec command vlan
privilege show level 3 mode exec command ip
privilege show level 3 mode exec command failover
privilege show level 3 mode exec command asdm
privilege show level 3 mode exec command arp
privilege show level 3 mode exec command ipv6
privilege show level 3 mode exec command route
privilege show level 3 mode exec command ospf
privilege show level 3 mode exec command aaa-server
privilege show level 3 mode exec command aaa
privilege show level 3 mode exec command eigrp
privilege show level 3 mode exec command crypto
privilege show level 3 mode exec command ssh
privilege show level 3 mode exec command vpn-sessiondb
privilege show level 3 mode exec command vpnclient
privilege show level 3 mode exec command vpn
privilege show level 3 mode exec command dhcpd
privilege show level 3 mode exec command blocks
privilege show level 3 mode exec command wccp
privilege show level 3 mode exec command dynamic-filter
privilege show level 3 mode exec command webvpn
privilege show level 3 mode exec command service-policy
privilege show level 3 mode exec command module
privilege show level 3 mode exec command uauth
privilege show level 3 mode exec command compression
privilege show level 3 mode configure command interface
privilege show level 3 mode configure command clock
privilege show level 3 mode configure command access-list
privilege show level 3 mode configure command logging
privilege show level 3 mode configure command ip
privilege show level 3 mode configure command failover
privilege show level 5 mode configure command asdm
privilege show level 3 mode configure command arp
privilege show level 3 mode configure command route
privilege show level 3 mode configure command aaa-server
privilege show level 3 mode configure command aaa
privilege show level 3 mode configure command crypto
privilege show level 3 mode configure command ssh
privilege show level 3 mode configure command dhcpd
privilege show level 5 mode configure command privilege
privilege clear level 3 mode exec command dns-hosts
privilege clear level 3 mode exec command logging
privilege clear level 3 mode exec command arp
privilege clear level 3 mode exec command aaa-server
privilege clear level 3 mode exec command crypto
privilege clear level 3 mode exec command dynamic-filter
privilege cmd level 3 mode configure command failover
privilege clear level 3 mode configure command logging
privilege clear level 3 mode configure command arp
privilege clear level 3 mode configure command crypto
privilege clear level 3 mode configure command aaa-server
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:41a021a28f73c647a2f550ba932bed1a
: end
Many thanks,
Ingo

Hi Jose,
here is what I got now:
ASA(config)# sh run | begin tunnel-group
tunnel-group DefaultWEBVPNGroup general-attributes
address-pool VPNPool
authorization-required
and DAP debugging still the same:
ASA(config)# DAP_TRACE: DAP_open: CDC45080
DAP_TRACE: Username: tom.tucker, aaa.cisco.grouppolicy = DfltGrpPolicy
DAP_TRACE: Username: tom.tucker, aaa.cisco.username = tom.tucker
DAP_TRACE: Username: tom.tucker, aaa.cisco.username1 = tom.tucker
DAP_TRACE: Username: tom.tucker, aaa.cisco.username2 =
DAP_TRACE: Username: tom.tucker, aaa.cisco.tunnelgroup = DefaultWEBVPNGroup
DAP_TRACE: Username: tom.tucker, DAP_add_SCEP: scep required = [FALSE]
DAP_TRACE: Username: tom.tucker, DAP_add_AC:
endpoint.anyconnect.clientversion="3.1.02026";
endpoint.anyconnect.platform="win";
DAP_TRACE: Username: tom.tucker, dap_aggregate_attr: rec_count = 1
DAP_TRACE: Username: tom.tucker, Selected DAPs: DfltAccessPolicy
DAP_TRACE: Username: tom.tucker, DAP_close: CDC45080
Unfortunately, it still doesn't work. Hmmm.. maybe a wipe of the config and starting from scratch can help?
Thanks,
Ingo

Ever since updating to IOS5 my iPhone will no longer sync with my iTunes on my computer. It states that my computer is not authorized to sync with my iPhone yet it is authorized. My "Music" folder on my iPhone is now showing as completely empty.

Hey guys. Can you please help me? My iphone is not showing that I own ANY music anymore. It will not sync at all with my Itunes ever since downloading ios5. It states my computer is not authorized but it is...... I had no problems with my ipad, all of my music transferred just fine. I have no idea what to do now with my iphone except maybe a restore???
You all are much smarter than me. ;-) Can you help? Thank you.
Heather

Guys, I found another user and what he said to do worked!!! I have copied the information below:
This was 1 of the things that happend to me too, the other one was that at the bottom of the itunes page were it says all the memory info, it marked that I had over 3gb of other memory wich I didn't.
Anyways what I did was to unmark the calendar, contacts etc. ( so that they wont sync with the computer ), pressed apply, then I marked all of them again, apply again and for last I pressed Sync wich is at the bottom right coner by the apply botton.
I'm not sure that had anything to do with it but it worked, my music appeard both of my itunes playlists and the ones I bought in itunes. Also the other memory dissapeard and it's all good.
I'm not sure this will help you but thats my 5 cents, if the problem continues its better to call customer service and ask for a technician.
Hope your problem gets solved. Have a nice day.

I just rented 2 movies on my Apple TV and now I am getting the message, "Your Apple TV is not authorized to play this content". Now I have 2 Apple TV's and they both are saying the same thing. Yes, I have done reset, restore, etc. but nothing! Frustrated

I just rented 2 movies on my Apple TV and now I am getting the message, "Your Apple TV is not authorized to play this content". Now I have 2 Apple TV's and they both are saying the same thing. Yes, I have done reset, restore, etc. but nothing! Frustrated & out $10.
Apple TV (3rd generation), OS X Mountain Lion (10.8.3), 2 Apple TV's (3rd Generation).

Good call!! Thanks a million. Glad I asked & thanks for the quick response. I was getting frustrated. Thanks again!!!!!

I just rented 2 movies on my Apple TV and now I am getting the message, "Your Apple TV is not authorized to play this content". Now I have 2 Apple TV's and they both are saying the same thing. Yes, I have done reset, restore, etc. but nothing!

I just rented 2 movies on my Apple TV and now I am getting the message, "Your Apple TV is not authorized to play this content". Now I have 2 Apple TV's and they both are saying the same thing. Yes, I have done reset, restore, etc. but nothing! Frustrated & out $10.

Good call!! Thanks a million. Glad I asked & thanks for the quick response. I was getting frustrated. Thanks again!!!!!

ITunes says my computer is not authorized but when I sign in it says it is...but won't play purchaces

I am using a laptop from my home family of computers but when I try to play a movie I have transferred from my desktop, first iTunes says I am not authorized to play this movie. Then when I sign in to authorize the movie, it says that I am authorized on this computer but I still can't play the movie. When I try to play it again, the whole routine starts over again. Suggestions????

I'm having exactly the same problem. I just tried all the suggestions in the link from Jim and none of them made any difference. Tried calling Apple support but just got bounced round by people who didn't seem to know what they were talking about.

Caller djunker2 not authorized.

Similar Messages

Maybe you are looking for