Client Communication Issues when attempting to retire old ADCS Certificate Authority

Similar Messages

• HT4907 Password Issue when attempting to enable Back to My Mac in iCloud Preferences - HELP?

  Since upgrading to Mountain Lion, I have a problem enabling Back to My Mac. When I try and enable B2MM in the iCloud preferences window, I am asked to enter my Apple ID password. It says the password is incorrect, even though it IS 100% correct. I've even tried resetting my password (so that the password lives up to the latest security requirements for passwords, etc). So, it's definitely correct, and I'm able to login to my Apple account here (on this Apple laptop as well as on my iPad and iPhone)... it's not an issue when I log in anywhere else... I am only told my password is incorrect when attempting to enable Back to My Mac in the iCloud preferences pane.
  Help?
  Many thanks!

  Do these make installation of memeo superfluous? Would I need memeo for daily back up?
  From what I gather, you couldn't pay me to use Memeo, nor actually a Seagate enclosure, nor many USB only drives, (USB is not bootable on PPC Macs).
  I've used maybe a few dozen backup Apps on the Mac, and I'd personally judge only Apple's Time Machine worse than that one.
  If you had it to do all over again, you'd get a case with Firewire, one with an Oxford chipset, not containing a Green Drive, not a Seagate Drive, not less than 7200 RPM drive, & a 32MB Cache, not with a One-Button touch feature, ( not a Bus powered drive like...
  http://eshop.macsales.com/item/Newer%20Technology/MS3S7W20TB32/
  http://eshop.macsales.com/item/Other%20World%20Computing/ME8QW7W20TB/
  I searched hard for answers , not aware of this devoted community. What a wonderful discovery.
  Great to hear & that you found us, tons of devoted, unselfish helpers here too!
  So where are we now on the Drive?
  Does it show up in Disk Utility? Can you repair it there?

• Memory issue when attempting to open a downloaded ...

  When attempting to open a downloaded image, I get this message 'IMAGE VEWER: Memory full. Close some applications and try again'.
  What could be the issue & how do I solve this?
  Thanks

  I assume re-transferring the image didn't help?
  Under normal circumstances, a 1.3 MB image can't be a problem, since the camera takes pictures around that size.  But the phone doesn't have limitless memory, so the image viewer will have some limitations.  I was able to duplicate your error just now, but only with an 8.4 MB image I found through Google Images.  The resolution was 3880 x 2432 x 24 bit.  If you view the image on a computer, maybe that innocent 1.3 MB file translates into something of similar size, or perhaps it uses an unusual bit depth?  Given the size, that still seems far-fetched, but short of an image viewer bug, that's the only possibility that comes to mind.
  If this is the case and you do need to keep the picture accessible, you'd want to load it into a Photoshop-like program and either crop it, add additional compression, or reduce the bit depth.  Good luck!

• Bootcamp Issues when attempting to install Windows 7

  Please excuse my ignorance.... new to Apple after using Windows for ever.
  I am attempting to install Windows 7 on my new MacBook Pro 13" purchased 4 days ago. I follow the instructions from following tutorials on UTube however do not get the option to divide my OS into a mac portion and a windows portion.
  I have got the original Windows 7 disc have also created an ISO version, and have formatted a USB to be MS-DOS Fat. Still no luck
  On the tutorials, it states to open up Bootcamp, then divide the partitians for Windows / Mac, then load up your Windows 7 disc.
  This does not happen on my bootcamp.
  Im asked to create an ISO of Windows 7, which I have done
  Then asked to download the latest Windows support software for Apple - which starts - but never ends
  Then when attempting the third section, installing Windows 7 I get an error message stating please install the installation disc and wait a few seconds
  I am using the Bootcamp that was included with my purchase of the MacBook Pro. Should I search for another one - although I appear to be up to date with applications.
  I am doing this in order to use CorelDRAW via windows on my mac for my small business. Any help would be most appreciated, and please no smart comments as i am really struggling here and everything appears to be simple, but is not.
  Thanks in Advance
  TechSpaz73
  Far from City Support from Apple

  same problem here! 
  No device drivers were found. Make Sure that the installation media contains the correct drivers, and then click ok.

• Issues when attempting to create a new 2012 R2 forest through powershell

  Hello,
  I've been writing  a script to automate the installation of some new servers, however I'm experiencing an issue when I'm coming to create the forest, for some reason the $DomainName and $ADSecPwd variables are not being passed to the Install-ADDSForest
  function.    The $DomainName and $ADSecPwd variables are defined at the top of the script.
  When viewing the variables right before execution I can see that they store the right values, however when executing the code PowerShell throws an exception saying that the DomainName parameter cannot be null.  The same is true for the the SafeModePassword.
  If I hard code the domainname and password then it works, but I don't want to do this, as I'm going to use this script n multiple domains.
  Another issue I have is that the paths are not being created on the specified 'F:\...' drive, instead they are being created in the default location on the C: drive. 
  Below is a copy of the function I'm using.  Anyone have any ideas why this isn't working as expected?
  function Install_ADForest ($uri, $localcredentials, $DomainName, $ADSecPwd) {
  Invoke-Command -ConnectionUri $uri -Credential $localCredentials -ScriptBlock {
  Install-ADDSForest `
  -DomainMode Win2012R2 `
  -ForestMode Win2012R2 `
  -DatabasePath "F:\Windows\NTDS" `
  -SysvolPath "F:\Windows\SYSVOL" `
  -LogPath "F:\Windows\Logs" `
  -NoRebootOnCompletion:$true `
  -DomainName $DomainName `
  -SafeModeAdministratorPassword $ADSecPwd
  Marcus

  Hi Marcus,
  that is because the Invoke-Command is executed on a remote system that does not know the variables in the function. You need to pass them into the scriptblock as arguments like this:
  function Install_ADForest ($uri, $localcredentials, $DomainName, $ADSecPwd)
  Invoke-Command -ConnectionUri $uri -Credential $localCredentials -ArgumentList @($DomainName, $ADSecPwd) -ScriptBlock {
  Param (
  $DomainName,
  $ADSecPwd
  Install-ADDSForest `
  -DomainMode Win2012R2 `
  -ForestMode Win2012R2 `
  -DatabasePath "F:\Windows\NTDS" `
  -SysvolPath "F:\Windows\SYSVOL" `
  -LogPath "F:\Windows\Logs" `
  -NoRebootOnCompletion:$true `
  -DomainName $DomainName `
  -SafeModeAdministratorPassword $ADSecPwd
  Cheers,
  Fred
  There's no place like 127.0.0.1

• Wireless Client Authentication issues when roaming Access Points (Local)

  I have a Cisco 5508 with Software version 7.4.121.0 and Field Recovery 7.6.101.1.
  There are a handful of clients that when roaming between AP's with the same SSID that get an authentication issue and have to restart the wireless to get back on.
  From Cisco ISE
  Event
  5400 Authentication failed
  Failure Reason
  11514 Unexpectedly received empty TLS message; treating as a rejection by the client
  Resolution
  Ensure that the client's supplicant does not have any known compatibility issues and that it is properly configured. Also ensure that the ISE server certificate is trusted by the client, by configuring the supplicant with the CA certificate that signed the ISE server certificate. It is strongly recommended to not disable the server certificate validation on the client!
  Root cause
  While trying to negotiate a TLS handshake with the client, ISE expected to receive a non-empty TLS message or TLS alert message, but instead received an empty TLS message. This could be due to an inconformity in the implementation of the protocol between ISE and the supplicant. For example, it is a known issue that the XP supplicant sends an empty TLS message instead of a non-empty TLS alert message. It might also involve the supplicant not trusting the ISE server certificate for some reason. ISE treated the unexpected message as a sign that the client rejected the tunnel establishment.
  I am having a hard time figuring out what is causing this. My assumption is if there were a problem with the Controller or AP configurations then it would happen to everyone. My further assumption is if the client had a problem with their laptop (windows 7) then why does work at other times? So I have checked and the ISE certificate is trusted by client.
  Is something happening that the previous access point is holding on to the mac and the return authentication traffic is going to the old AP instead of the new one or something like that which is corrupting the data?
  I also had this from Splunk for the same client:
  Mar 5 13:44:51 usstlz-piseps01 CISE_Failed_Attempts 0014809622 1 0 2015-03-05 13:44:51.952 +00:00 0865003824 5435 NOTICE RADIUS: NAS conducted several failed authentications of the same scenario
   FailureReason="12929 NAS sends RADIUS accounting update messages too frequently"
  Any help on this would be appreciated. These error messages give me an idea but doesn't give me the exact answer to why the problem occurred and what needs to be done to fix it.
  Thanks

  Further detail From ISE for the failure:
  11001
  Received RADIUS Access-Request
  11017
  RADIUS created a new session
  15049
  Evaluating Policy Group
  15008
  Evaluating Service Selection Policy
  15048
  Queried PIP
  15048
  Queried PIP
  15004
  Matched rule
  15048
  Queried PIP
  15048
  Queried PIP
  15004
  Matched rule
  11507
  Extracted EAP-Response/Identity
  12500
  Prepared EAP-Request proposing EAP-TLS with challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12301
  Extracted EAP-Response/NAK requesting to use PEAP instead
  12300
  Prepared EAP-Request proposing PEAP with challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12302
  Extracted EAP-Response containing PEAP challenge-response and accepting PEAP as negotiated
  12318
  Successfully negotiated PEAP version 0
  12800
  Extracted first TLS record; TLS handshake started
  12805
  Extracted TLS ClientHello message
  12806
  Prepared TLS ServerHello message
  12807
  Prepared TLS Certificate message
  12810
  Prepared TLS ServerDone message
  12305
  Prepared EAP-Request with another PEAP challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12304
  Extracted EAP-Response containing PEAP challenge-response
  12305
  Prepared EAP-Request with another PEAP challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12304
  Extracted EAP-Response containing PEAP challenge-response
  12305
  Prepared EAP-Request with another PEAP challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12304
  Extracted EAP-Response containing PEAP challenge-response
  12305
  Prepared EAP-Request with another PEAP challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12304
  Extracted EAP-Response containing PEAP challenge-response
  12305
  Prepared EAP-Request with another PEAP challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12304
  Extracted EAP-Response containing PEAP challenge-response
  12305
  Prepared EAP-Request with another PEAP challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12304
  Extracted EAP-Response containing PEAP challenge-response
  12305
  Prepared EAP-Request with another PEAP challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12304
  Extracted EAP-Response containing PEAP challenge-response
  11514
  Unexpectedly received empty TLS message; treating as a rejection by the client
  12512
  Treat the unexpected TLS acknowledge message as a rejection from the client
  11504
  Prepared EAP-Failure
  11003
  Returned RADIUS Access-Reject

• How to resolve password issue when attempting file sharing?

  I have an Imac with os9.2.2 and a ClamShell ibook with os8.6. Until recently I have been able to file share, using an ethernet cable, without using a password.
  When I go into Chooser on either machine and click on file server, eg. "Imac", I get a message to effect that the password is not recognized. I have tried to create a "new" password, but I cannot provide an "old" password.
  How do I get around this or create a new password and move on?
  Any help would be appreciated.
  Imac   Mac OS 9.2.x  

  Go to the Users and Groups tab in the FileSharing
  control panel on machine number one. There you (as
  the 'owner') will name the permitted User(s)—whatever
  name you want to use— and you'll give him/her a
  password—whatever you like or nothing at all.
  Do the same on machine number two.
  Since you own both machines, you can erase any
  previous users with defective passwords. Or just
  change their passwords.
  If the Owner of each machine is the very same name on
  each and if you haven't established a password for
  the Owner(yourself), then you should be able to log
  in as the Owner w/o a password. Presumably this was
  what you had. Did you change the owner's name on
  either machine?
  If you're not worried about security, letting Guests
  have access could also be password-free.
  Ed,
  Thank you for your help; file sharing is now operating between those machines.
  I have now added another computer(OSX Tiger) to the network.
  I am having similar problems getting file sharing to work. The new machine is owned by my wife. I added a name for her computer in the Users and Groups on the 9.2 machine. Her machine seems to recognize the old machine. But when I attempt to connect from either machine I get the "cannot connect" message.
  Apple Help for the new machine suggests that a connection can only be done from the 9.2 machine.
  Any suggestions? Perhaps this is not fair to add another question. Let me know if you would prefer that I post a new question.
  Thanks again.
  Bill
  Imac Mac OS 9.2.x
  Imac Mac OS 9.2.x
  Imac Mac OS 9.2.x
  Imac Mac OS 9.2.x

• STMS transport issue when attempting to release in SE10

  Hi guys,
  I have set up a new system, with DEV as the controller, and the shared transport being on the DEV box.
  The HR people have tried to use the system for creating transports from DEV > QA with the following 2 issues :
  Issue 1:
  When a table entry is created, and saved, there is usually a "request for transport" window that pops up. This does not appear.
  However, we are able to force the transport, which leads us to the second problem.
  Issue 2:
  When a new table entry is created and included in the request, it says the entries are included in the task, but when referencing the transport in SE10, the relevant entry cannot be seen under the specified task.
  I.e. In SE10 there is the transport number, but there is no 'plus' underneath it for me to release.
  Could anybody give me some input?
  Thanks.
  Brad

  Hello Brad,
                    A few clarifications.
  First could you please confirm that the the client settings are set up so that changes are automaticaly recorded?
  If not goto transaction SCC4 and double click the customizing client.
  In
  Changes and transports for client specific objects
  set the option to : automatic recording of changes
  for your second issue where your HR guys were trying to cerate a manual request, ask them to create the request first in SE01. Then got to SE10. (The user ID should be of the person who created the request) Click on display.
  Select the request(which was created) and  use the menu option REQUEST>OBJECT LIST>INCLUDE OBJECTS.
  This way the objects can be manually enetered into a request.
  Regards,
  Prashant

• SCCM 2012 Client Communication Issue with SCCM 2007

  My Clients was installed SCCM 2007 client version but somehow those clients reporting to SCCM 2012 Server 
  Note : My SCCM 2007 Server still active mode . and the SCCM 2007 client IP boundaries was not added into SCCM 2012 server
  But still communicating to SCCM 2012 , what is the root cause ?  
  Best Regard's Krishna

  Either, during the client installation the client was manually assigned to the ConfigMgr 2012 site (by specifying the site code), or during the client installation the client was auto assigned to the ConfigMgr 2012 site (that can only happen when there
  is an overlap in the boundaries and that doesn't have to be the same type of boundary).
  My Blog: http://www.petervanderwoude.nl/
  Follow me on twitter: pvanderwoude

• Client access issues when mailboxes are mounted on a specific mailbox server

  One of our 3 mailbox servers gives us an error when mailbox databases are mounted on it.
  All web services are not functioning properly, there is an event log error for each web service web.config file saying file not found, If I open each web.config file and look at the line in question they all point to:
  <assemblies>
          <add assembly="Microsoft.Exchange.Security, Version=15.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
        </assemblies>
  Does anyone know what this is pointing at or what my server is missing?
  It is Exchange 2013 Sp1 RU7 as are my other 2 mbx servers which work fine...
  all pre-req's are installed as I double checked and no difference between the 3 mbx servers that I can see...
  ***Don't forget to mark helpful or answer***

  IIS error
  === Pre-bind state information ===<o:p></o:p>
  LOG: DisplayName = Microsoft.Exchange.Security, Version=15.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35<o:p></o:p>
  (Fully-specified)<o:p></o:p>
  LOG: Appbase = file:///C:/Program Files/Microsoft/Exchange Server/V15/ClientAccess/Autodiscover/<o:p></o:p>
  LOG: Initial PrivatePath = C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\Autodiscover\bin<o:p></o:p>
  Calling assembly : (Unknown).<o:p></o:p>
  ===<o:p></o:p>
  LOG: This bind starts in default load context.<o:p></o:p>
  LOG: Using application configuration file: C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\Autodiscover\web.config<o:p></o:p>
  LOG: Using host configuration file: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet.config<o:p></o:p>
  LOG: Using machine configuration file from C:\Windows\Microsoft.NET\Framework64\v4.0.30319\config\machine.config.<o:p></o:p>
  LOG: Post-policy reference: Microsoft.Exchange.Security, Version=15.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35<o:p></o:p>
  LOG: Attempting download of new URL file:///C:/Windows/Microsoft.NET/Framework64/v4.0.30319/Temporary ASP.NET Files/autodiscover/b455e468/cbaac37d/Microsoft.Exchange.Security.DLL.<o:p></o:p>
  LOG: Attempting download of new URL file:///C:/Windows/Microsoft.NET/Framework64/v4.0.30319/Temporary ASP.NET Files/autodiscover/b455e468/cbaac37d/Microsoft.Exchange.Security/Microsoft.Exchange.Security.DLL.<o:p></o:p>
  LOG: Attempting download of new URL file:///C:/Program Files/Microsoft/Exchange Server/V15/ClientAccess/Autodiscover/bin/Microsoft.Exchange.Security.DLL.<o:p></o:p>
  LOG: Attempting download of new URL file:///C:/Program Files/Microsoft/Exchange Server/V15/ClientAccess/Autodiscover/bin/Microsoft.Exchange.Security/Microsoft.Exchange.Security.DLL.<o:p></o:p>
  LOG: Attempting download of new URL file:///C:/Windows/Microsoft.NET/Framework64/v4.0.30319/Temporary ASP.NET Files/autodiscover/b455e468/cbaac37d/Microsoft.Exchange.Security.EXE.<o:p></o:p>
  LOG: Attempting download of new URL file:///C:/Windows/Microsoft.NET/Framework64/v4.0.30319/Temporary ASP.NET Files/autodiscover/b455e468/cbaac37d/Microsoft.Exchange.Security/Microsoft.Exchange.Security.EXE.<o:p></o:p>
  LOG: Attempting download of new URL file:///C:/Program Files/Microsoft/Exchange Server/V15/ClientAccess/Autodiscover/bin/Microsoft.Exchange.Security.EXE.<o:p></o:p>
  LOG: Attempting download of new URL file:///C:/Program Files/Microsoft/Exchange Server/V15/ClientAccess/Autodiscover/bin/Microsoft.Exchange.Security/Microsoft.Exchange.Security.EXE.<o:p></o:p>
  ***Don't forget to mark helpful or answer***

• HT4790 Disk space seems to be an issue when attempting to use Firevault 2.0

  This error occurs when selecting to Turn off Legacy FireVault.

  Temporarily copy all or most of the files in your home folder to another volume, such as an external drive. Delete the original (that includes emptying the Trash.) Log out and log back in. You should then be able to deactivate legacy FileVault. Move the files back where they were.

• I recently acquired Final Cut Pro and my concern is that when attempting to download old footage from cine or standard 8, that is 4:9 aspect. There does not appear to be a way of instructing F C Pro to automatically convert images to 16:9 ratio?

  Mac Book Pro version (10.6.i) Snow Leopard.
  I am an inexperience user and recently acquired Final Cut Pro to supplement my Imove application.
  My question is - How can I instruct F C Pro to automatically convert 4:9 aspect material (old cine and standard 8 recordings) to 16:9 aspect.
  At the moment I am adjusting each clip manually to fit 16:9, not a very good way to proceed! I have no problem with Imovie in this respect and wonder if
  F C Pro offers the same facillity? Can not find any clues either from Apple store or elsewhere.

  You mean 14:9, right?? 8mm film frame aspect ratio is  1.58. I find it hard to believe that your telecined video has the same aspect as the original film unless it has been explicitly trimmed to those dimensions. If that's the case, it's pillarboxed in the 16:9 format or letterboxed in the 4:3 format.
  You could try to select all your clips and in the Video Inspector > Spatial Conform, select Fill. This will cause your clips to expand to fill the 16:9 "space". This also means that portions of the edges will "overflow" the boundaries of the modern frame (most likely the top and bottom edges.) It shouldn't be that much and if you're telecined film is letterboxed in 4:3, it will be a lot less so afterwards!
  You can also select all your clips, assuming they are all the same dimensions, and adjust the (Video > Transform > ) Scale in "one throw" (if you turn down the disclosure triangle you can adjust width and height independently—I am assuming that since you want it to fit, you don't mind minor stretching.)

• Error -50 when attempting to delete a file

  I am using Time Machinehave to back up to a 1Tb drive connected via USB to to my router, ... when attempting to delete old backups I get the error code -50. Cant find a reference to it, so can anyone help??

  Perhaps try the "Error -50," "-5000," "8003," "8008," or "-42023" section in the Specific Conditions and Alert Messages: (Mac OS X / Windows) section of the following document:
  iTunes: Advanced iTunes Store troubleshooting

• Performance Issues when editing large PDFs

  We are using Adobe 9 and X Professional and are experiencing performance issues when attempting to edit large PDF files.  (Windows 7 OS). When editing PDFs that are 200+ pages, we are seeing pregnated pauses (that feel like lockups), slow open times and slow to print issues. 
  Are there any tips or tricks with regard to working with these large documents that would improve performance?

  You said "edit." If you are talking about actual editing, that should be done in the original and a new PDF created. Acrobat is not a very good editing tool and should only be used for minor, critical edits.
  If you are talking about simply using the PDF, a lot depends on the structure of the PDF. If it is full of graphics, it will be slow. You can improve this performance by using the PDF Optimize to reduce graphic resolution and such. You may very likely have a bloated PDF that is causing the problem and optimizing the structure should help.
  Be sure to work on a copy.

• Stuck at 100% CPU Utilization when attempting to browse

  Though I don't think this is specific to Policies per-se, I'm able to reproduce this issue when attempting to create an iPrint Policy Bundle.
  In the wizard for creating an iPrint Policy bundle, when I browse to select the iPrint printer, I get an authentication dialog for browsing the tree, and at the next screen, when I select the blue down-arrow to navigate down my tree to find the iPrint printer, the CPU goes to 100% (ZENServer.exe process), and the only remedy is to reset the server! I'm unable to even bring up task manager to kill the ZENServer.exe process.
  Any suggestions?

  Originally Posted by bryroller
  Could you be experiencing the same issue I had and resolved from a tip over in this thread:
  https://forums.novell.com/novell-pro...ml#post2296803
  Turns out that was a temporary fix - the real fix was following the info referenced in TID 7005382, particularly reserving enough RAM for the VM and adding one vCPU (for a total of two).