Composite domain integrity check

Hello
I'm researching if it is possible to validate a composite domain based on a calculated check digit, where the check digit is obtained by performing some calculations on the other fields of the composite domain. A domain is considered valid if the calculated
digit is equal to the given one.
Is this possible at all in SQL Server 2014?
Thanks,
Ricardo
Ricardo Caldeira

Hi Swati,
Please have a look at the below links.
http://help.sap.com/saphelp_nw70/helpdata/en/71/f470375fbf307ee10000009b38f8cf/frameset.htm
http://help.sap.com/saphelp_nw70/helpdata/en/87/3fdf9587f211d5b2ff0050da4c74dc/frameset.htm
Hope this helps.
Regards,
Reddy

Similar Messages

Kerberos Authentication: "Integrity check on decrypted field failed"

Hi,
I have configured a portal (NW 7.0 SP13) for Kerberos Authentication. I have another portal with exactly the same configuration (same MS-ADS etc, just a different user) which is working fine. But this one is giving me the error "Integrity check on decrypted field failed" (and Kerberos Auth fails).
Any ideas?? I get the same error whether I use the keytab from the SPNEGO wizard, or the keytab from "ktpass -princ host/%HOST%@%DOMAIN% -pass %PASSWORD% -out keytab -mapUser %USER% +DesOnly /crypto DES-CBC-MD5 /ptype KRB5_NT_PRINCIPAL"
The only difference I can see between the ldifde outputs of the two users (the one that works and the one that doesn't) is the one that doesn't has an extra SPN "HTTP/" - would that cause this error??
Has anyone else had this error & what causes it?
Many thanks in advance.
Regards
Jane
Full error text:
JGSS_DBG_CTX Creating context, initiator = no, input cred = not null
JGSS_DBG_CRED getCred: only one cred, returning it
JGSS_DBG_CRED getName found name: host/[email protected], mech=1.2.840.113554.1.2.2
JGSS_DBG_CRED Krb5 name type = 0
JGSS_DBG_CTX Creating context, cred usage = 2
GSS Context created
JGSS_DBG_UNMARSH Real token len 1641
JGSS_DBG_UNMARSH Token oid 1.2.840.113554.1.2.2
JGSS_DBG_UNMARSH inner token len 1630
JGSS_DBG_PROV getFactory: index = 0 found factory
JGSS_DBG_PROV getMechs: Mechanism(s) supported by provider IBMJGSSProvider
JGSS_DBG_PROV 1.2.840.113554.1.2.2
JGSS_DBG_PROV getMechs: 1 unique mechanism(s) found
JGSS_DBG_PROV [0]: 1.2.840.113554.1.2.2
JGSS_DBG_CTX Default list of negotiable mechs:
1.2.840.113554.1.2.2
JGSS_DBG_CTX ticket enc type = des-cbc-md5
com.ibm.security.krb5.internal.KrbException, status code: 31
message: Integrity check on decrypted field failed
at com.ibm.security.krb5.internal.crypto.n.decrypt(n.java:31)
at com.ibm.security.krb5.internal.crypto.n.decrypt(n.java:15)
at com.ibm.security.krb5.internal.crypto.n.decrypt(n.java:32)
at com.ibm.security.krb5.EncryptedData.decrypt(EncryptedData.java:106)
at com.ibm.security.jgss.mech.krb5.k.a(k.java:248)
at com.ibm.security.jgss.mech.krb5.k.b(k.java:188)
at com.ibm.security.jgss.mech.krb5.k.acceptSecContext(k.java:533)
at com.ibm.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:155)
at com.ibm.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:153)
at com.sap.security.core.server.jaas.SPNegoLoginModule.doHandshake(SPNegoLoginModule.java:738)
at com.sap.security.core.server.jaas.SPNegoLoginModule.login(SPNegoLoginModule.java:362)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:185)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:70)
at java.security.AccessController.doPrivileged(AccessController.java:242)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:181)
at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
at java.lang.reflect.Method.invoke(Method.java:391)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:699)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:151)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:634)
at java.security.AccessController.doPrivileged(AccessController.java:242)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:631)
at javax.security.auth.login.LoginContext.login(LoginContext.java:557)
at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:146)
at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.getLoggedInUser(AuthenticationService.java:303)
at com.sapportals.portal.prt.connection.UMHandler.handleUM(UMHandler.java:96)
at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:186)
at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:524)
at java.security.AccessController.doPrivileged(AccessController.java:242)
at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:407)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:156)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
at com.sap.portal.navigation.Gateway.service(Gateway.java:126)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:365)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:944)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:266)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(AccessController.java:215)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
JGSS_DBG_CTX Error authenticating request. Reporting to client
Major code = 11, Minor code = 31
org.ietf.jgss.GSSException, major code: 11, minor code: 31
major string: General failure, unspecified at GSSAPI level
minor string: Kerberos error while decoding and verifying token: com.ibm.security.krb5.internal.KrbException, status code: 31
message: Integrity check on decrypted field failed

Hi Désirée,
Yes the service user has "Use DES encryption" set.
In the end, it was resolved by changing the password and running the SPNEGO wizard again to generate a new keytab with the new password.
Regards
Jane

HOWTO: Create a Boot Configuration That Has No Driver Signature Checks. Disable Driver Integrity Checks and Install a Custom Non-Signed Driver

Hello,
Recently, I had a task where I needed to install a custom non-signed driver onto my Windows 8 64-bit setup. As it is known, Windows has driver enforcement policies that, as a security measure, do not allow you to install non-signed drivers.
I did not want to alter my current boot configuration so I decided to create a separate boot entry that would have driver signing policies disabled. For some reason I did not find any good source that would contain a step-by-step instruction on completing
this task, so I decided that I'd better share my experience here.
Lastly, there are multiple ways how you could turn off driver enforcement policies, but I find the way to do this via boot manager.
Here's how you can do that.
1. Press WindowsKey and type 'cmd' (without quotes) to find Command prompt, then click Command prompt icon. If you have User Account Control turned on, hold Ctrl+Shift keys pressed when clicking the icon.
This will force Windows to ask you for elevation of command prompt. Elevation is necessary for editing Boot Configuration Database (BCD), the database used by Windows boot manager to store boot settings.
2. In the User Account Control window click Yes to confirm elevation of command shell.
3. At the command prompt type
bcdedit
to list your BCD entries.
This will give you an output like:
Windows Boot Manager
identifier {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale en-US
inherit {globalsettings}
integrityservices Enable
default {current}
resumeobject {a329b5cf-fb29-11e1-a74d-f2c962d62240}
displayorder {a329b5d0-fb29-11e1-a74d-f2c962d62240}
{a329b5cc-fb29-11e1-a74d-f2c962d62240}
{a329b5ca-fb29-11e1-a74d-f2c962d62240}
{a329b5c2-fb29-11e1-a74d-f2c962d62240}
{current}
{a329b5d8-fb29-11e1-a74d-f2c962d62240}
toolsdisplayorder {memdiag}
timeout 30
Windows Boot Loader
identifier {a329b5d0-fb29-11e1-a74d-f2c962d62240}
device vhd=[D:]\win8prowmc01.vhdx
path \Windows\system32\winload.efi
description Windows 8
locale en-US
inherit {bootloadersettings}
recoverysequence {a329b5d1-fb29-11e1-a74d-f2c962d62240}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice vhd=[D:]\win8prowmc01.vhdx
systemroot \Windows
resumeobject {a329b5cf-fb29-11e1-a74d-f2c962d62240}
nx OptIn
bootmenupolicy Standard
The section that starts with Windows Boot Manager lists current settings for the boot menu. Here you find what boot entry is chosen by default, this is the one what you will boot into if you do not select any boot entry in the
boot menu.
The following record
default {current}
indicates that by default my Windows boots into configuration which I use at the moment (currently booted Windows configuration).
To find out what exactly is current configuration, look into the list of boot entries, records that contain boot loader configuration and are titled as Windows Boot Loader in the bcdedit output.
For example, the entry shown above is one of my boot configurations. This is one of the boot entries listed on the boot manager screen when I start my PC and it looks like:
Windows Boot Loader
identifier {a329b5d0-fb29-11e1-a74d-f2c962d62240}
device vhd=[D:]\win8prowmc01.vhdx
path \Windows\system32\winload.efi
description Windows 8
locale en-US
inherit {bootloadersettings}
recoverysequence {a329b5d1-fb29-11e1-a74d-f2c962d62240}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice vhd=[D:]\win8prowmc01.vhdx
systemroot \Windows
resumeobject {a329b5cf-fb29-11e1-a74d-f2c962d62240}
nx OptIn
bootmenupolicy Standard
This record has a unique GUID identifier that can be used to reference this boot entry, which is:
identifier {a329b5d0-fb29-11e1-a74d-f2c962d62240}
If we look at the Windows Boot Manager settings, we'll see this entry is the first in order to be displayed in the boot menu on OS start (I marked the unique bits):
displayorder {a329b5d0-fb29-11e1-a74d-f2c962d62240}
{a329b5cc-fb29-11e1-a74d-f2c962d62240}
It references my VHD drive, a virtual hard drive where my Windwos 8 setup is residing:
device vhd=[D:]\win8prowmc01.vhdx
And it also specifies that the boot manager must use UEFI BIOS extension code to access my Windows boot partition:
path \EFI\Microsoft\Boot\bootmgfw.efi
3. Now locate the current boot entry.
Current boot entry contains boot settings used to boot into Windows configuration to which you are currently booted. It is referenced in the list of boot entries as a Windows Boot Loader record that has the {current} keyword inside and may
look like:
Windows Boot Loader
identifier {current}
device vhd=[D:]\win8rtm.vhdx
path \Windows\system32\winload.efi
description Windows 8 Enterprise RTM
locale en-US
inherit {bootloadersettings}
recoverysequence {a329b5c3-fb29-11e1-a74d-f2c962d62240}
integrityservices Enable
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice vhd=[D:]\win8rtm.vhdx
systemroot \Windows
resumeobject {a329b5c1-fb29-11e1-a74d-f2c962d62240}
nx OptIn
bootmenupolicy Standard
hypervisorlaunchtype Auto
Because we are more than happy with current configuration and want to base our new boot configuration on these settings, we need to copy this boot entry ({current}) to a new boot entry.
This is done by running the following command:
C:\Windows\system32>bcdedit /copy {current} /d "No Driver Signature Check"
Parameter /d here indicates that the following sequence of characters specifies the display name for the new boot entry that we are creating. The name inside the double quotes will be displayed in the boot menu when you boot your Windows.
In other words, if you know restart your system, you'll see the new No Driver Signature Check in the boot menu.
When copied, the entry is automatically given a new GUID identifier, so upon running the command above, you'll see the following line returned (you'll have an other GUID since these are unique identifiers):
The entry was successfully copied to {a329b5d8-fb29-11e1-a74d-f2c962d62240}.
4. Make sure the entry has been successfully created.
Run the same bcdedit. (You may specify /enum or /v, or both /enum /v parameters at the prompt to get more detail about boot entries, but simple bcdedit is just enough to see the new entry):
C:\Windows\system32>bcdedit
Windows Boot Manager
identifier {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale en-US
inherit {globalsettings}
integrityservices Enable
default {current}
resumeobject {a329b5cf-fb29-11e1-a74d-f2c962d62240}
displayorder {a329b5d0-fb29-11e1-a74d-f2c962d62240}
{a329b5cc-fb29-11e1-a74d-f2c962d62240}
{a329b5ca-fb29-11e1-a74d-f2c962d62240}
{a329b5c2-fb29-11e1-a74d-f2c962d62240}
{current}
{a329b5d8-fb29-11e1-a74d-f2c962d62240}
toolsdisplayorder {memdiag}
timeout 30
Windows Boot Loader
identifier {current}
device vhd=[D:]\win8rtm.vhdx
path \Windows\system32\winload.efi
description Windows 8 Enterprise RTM
locale en-US
inherit {bootloadersettings}
recoverysequence {a329b5c3-fb29-11e1-a74d-f2c962d62240}
integrityservices Enable
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice vhd=[D:]\win8rtm.vhdx
systemroot \Windows
resumeobject {a329b5c1-fb29-11e1-a74d-f2c962d62240}
nx OptIn
bootmenupolicy Standard
hypervisorlaunchtype Auto
Windows Boot Loader
identifier {a329b5d8-fb29-11e1-a74d-f2c962d62240}
device vhd=[D:]\win8rtm.vhdx
path \Windows\system32\winload.efi
description No Driver Signature Check
locale en-US
inherit {bootloadersettings}
recoverysequence {a329b5c3-fb29-11e1-a74d-f2c962d62240}
integrityservices Enable
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice vhd=[D:]\win8rtm.vhdx
systemroot \Windows
resumeobject {a329b5c1-fb29-11e1-a74d-f2c962d62240}
nx OptIn
bootmenupolicy Standard
hypervisorlaunchtype Auto
The entry has been created and given a unique a329b5d8-fb29-11e1-a74d-f2c962d62240 ID. It now has exactly same boot settings as the boot entry we used to boot into current configuration of Windows.
5. Modify created No Driver Signature Check entry and specify that Windows must have driver integrity checks disabled when booted using this boot entry.
Any modifications to boot entries are made using /set parameter. To indicate that we modify a specific boot entry, we must specify the GUID for the No Driver Signature Check record, which is:
identifier {a329b5d8-fb29-11e1-a74d-f2c962d62240}
In other words, to edit (add or change) an option for the boot entry, we need to use the following command syntax:
C:\Windows\system32>bcdedit /set GUID <boot_option> [<option_value>]
First, we must specify that we don't want integrity checks be made. This is done by adding the loadoptions option and setting it to DISABLE_INTEGRITY_CHECKS value:
C:\Windows\system32>bcdedit /set {a329b5d8-fb29-11e1-a74d-f2c962d62240} loadopti
ons DISABLE_INTEGRITY_CHECKS
The operation completed successfully.
6. Verify that load option has been added.
Run the bcdedit command:
Windows Boot Loader
identifier {current}
device vhd=[D:]\win8rtm.vhdx
path \Windows\system32\winload.efi
description Windows 8 Enterprise RTM
locale en-US
inherit {bootloadersettings}
recoverysequence {a329b5c3-fb29-11e1-a74d-f2c962d62240}
integrityservices Enable
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice vhd=[D:]\win8rtm.vhdx
systemroot \Windows
resumeobject {a329b5c1-fb29-11e1-a74d-f2c962d62240}
nx OptIn
bootmenupolicy Standard
hypervisorlaunchtype Auto
Windows Boot Loader
identifier {a329b5d8-fb29-11e1-a74d-f2c962d62240}
device vhd=[D:]\win8rtm.vhdx
path \Windows\system32\winload.efi
description No Driver Signature Check
locale en-US
loadoptions DISABLE_INTEGRITY_CHECKS
inherit {bootloadersettings}
recoverysequence {a329b5c3-fb29-11e1-a74d-f2c962d62240}
integrityservices Enable
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice vhd=[D:]\win8rtm.vhdx
systemroot \Windows
resumeobject {a329b5c1-fb29-11e1-a74d-f2c962d62240}
nx OptIn
bootmenupolicy Standard
hypervisorlaunchtype Auto
7. Add the option that turns on test signing mode and disables checks of driver signature.
Adding the testsigning option and setting it to ON does the trick for us:
C:\Windows\system32>bcdedit /set {a329b5d8-fb29-11e1-a74d-f2c962d62240} TESTSIGNING ON
8. Now we have a boot entry that enables Windows not to do integrity checks and digital signature validation.
We check it by running bcdedit:
Windows Boot Loader
identifier {a329b5d8-fb29-11e1-a74d-f2c962d62240}
device vhd=[D:]\win8rtm.vhdx
path \Windows\system32\winload.efi
description No Driver Signature Check
locale en-US
loadoptions DISABLE_INTEGRITY_CHECKS
inherit {bootloadersettings}
recoverysequence {a329b5c3-fb29-11e1-a74d-f2c962d62240}
integrityservices Enable
recoveryenabled Yes
testsigning Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice vhd=[D:]\win8rtm.vhdx
systemroot \Windows
resumeobject {a329b5c1-fb29-11e1-a74d-f2c962d62240}
nx OptIn
bootmenupolicy Standard
hypervisorlaunchtype Auto
9. Type 'exit' without quotes to exit from command prompt, and restart Windows.
Upon booting you will be present with a new boot option to start Windows in configuration that allows you to install custom non-signed drivers.
Hope this will help anybody to create their own custom boot configurations.
Well this is the world we live in And these are the hands we're given...

Hi,
Thank you for sharing the solutions & experience here. It will be very beneficial for other community members who have similar questions.
Regards,
Kelvin hsu
TechNet Community Support

Meaning of this error (ISE 1.2 on SNS-3415): HARDWARE RNG INTEGRITY CHECK HAS FAILED!

Hi. We recently purchased an ISE 1.2 appliance (SNS-3415 hardware). It installed fine, but I am unable to access the GUI. When I login to the box and run the following command on the CLI
ISE-12-NS-SD-2/admin# show application status ise
I see the following output:
ISE Database listener is running, PID: 7737
ISE Database is running, number of processes: 38
ISE Application Server process is not running.
ISE Profiler DB is running, PID: 9090
ISE M&T Session Database is running, PID: 8959
ISE M&T Log Collector is running, PID: 9294
ISE M&T Log Processor is running, PID: 9376
% ERROR: ISE SERVICES HAVE BEEN DISABLED BECAUSE
% HARDWARE RNG INTEGRITY CHECK HAS FAILED!
Can anyone help me? What can I do to ensure that the hardware RNG integrity check succeeds. Is it a license issue? Is it faulty hardware? Please advise. I would be very greatful.
Thanks in advance.

I worked with a TAC engineer on this and he said one other customer had this issue and the only recourse was reimaging the appliance with the ISE 1.2 ISO image.
I did reboot, restarted services, reset to factory default and none of that worked. It is possible that the issue happened because during setup of the appliance I didn't have network connectivity and went ahead with the setup and configuration of the ISE application anyway. I later had network connectivity but by that time ISE manifested this fault.
Reimaging and ensuring network connectivity during setup the next time around fixed the problem.

Error while installing Adobe Reader "Did not pass integrity check"

When the download manager gets to about 80% this error pops up every time, I have tried clearing the temporary files, restarting my computer donwloading an older version but nothing works.
The entire message says:
"Adobe Reader":
"Adobe Reader":
The Download did not pass the integrity check (16291.304.428)
I have windows 7, 32 bit. Help please!

Don't use the download manager; download the installer directly from http://ardownload.adobe.com/pub/adobe/reader/win/10.x/10.0.0/en_US/AdbeRdr1000_en_US.exe (English version 10.0 for Windows).
Use this link if you need another version http://get.adobe.com/reader/enterprise/

SSO using Kerberso receiving "Integrity check on decrypted field failed (31

I am trying to implement SSO for an application that is running on a WebLogic Server. I have flagged the AD Service user for DES encryption, added spn through setspn, created the keytab file, reset the password (to the same value), moved the keytab file, updated krb5.ini and krb5Login.conf accordingly, modified WebLogic startup command accordingly. When Users try to access the application, authentication fails, and I see Integrity check on decrypted field failed (31) error in the WebLogic logs. Any ideas ? I am attaching the related lines from the log below.
<Sep 29, 2008 9:46:50 AM MDT> <Debug> <SecurityDebug> <000000> <Found Negotiate with SPNEGO token>
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null KeyTab is devmax01.http.keytab2 refreshKrb5Config is false principal is HTTP/[email protected] tryFirstPass is false useFirstPass is false storePass is false clearPass is false
KeyTab: load() entry length: 60
KeyTabInputStream, readName(): DEV.DENVERWATER.ORG
KeyTabInputStream, readName(): HTTP
KeyTabInputStream, readName(): devmax01principal's key obtained from the keytab
principal is HTTP/[email protected]
EType: sun.security.krb5.internal.crypto.DesCbcMd5EType
KrbAsReq calling createMessage
KrbAsReq in createMessage
KrbAsReq etypes are: 3 1
KrbKdcReq send: kdc=dwdev01 UDP:88, timeout=30000, number of retries =3, #bytes=249
KDCCommunication: kdc=dwdev01 UDP:88, timeout=30000,Attempt =1, #bytes=249
KrbKdcReq send: #bytes read=1312
KrbKdcReq send: #bytes read=1312
EType: sun.security.krb5.internal.crypto.DesCbcMd5EType
KrbAsRep cons in KrbAsReq.getReply HTTP/devmax01Added server's keyKerberos Principal HTTP/[email protected] Version 8key EncryptionKey: keyType=3 keyBytes (hex dump)=
0000: 2F 02 76 AB 7F 8C B0 6E
[Krb5LoginModule] added Krb5Principal HTTP/[email protected] to Subject
Commit Succeeded
Found key for HTTP/[email protected]
Entered Krb5Context.acceptSecContext with state=STATE_NEW
EType: sun.security.krb5.internal.crypto.DesCbcMd5EType<Sep 29, 2008 9:46:50 AM MDT> <Debug> <SecurityDebug> <000000> <GSS exception GSSException: Failure unspecified at GSS-API level (Mechanism level: Integrity check on decrypted field failed (31))
GSSException: Failure unspecified at GSS-API level (Mechanism level: Integrity check on decrypted field failed (31))

FYI The fix for this was to chang the value for -Djava.security.krb5.realm to be all upper case
Once that change was made authentication passed
Edited by: IDL on Jan 2, 2008 9:25 AM

Error occured in the integration checks(read log)

Hi,
I try to post planning of machinery hours in KP26, tht time i got this error, and data is not saved too. " error occured in the integration checks(read log)" kindly solve this problem asap.
Regards
PRINCE

Sir,
Where to maintain Nominal rate for this question KP26 ? give me a path or transaction code.
Regards
Prince

Composite Domains in SSIS with spaces in field

I'm trying to send in a Composite Domain into SSIS by the method of concatenating two fields to make up the domain:
KB has 2 domains:
> Shape (e.g. Triangle)
> Sides (e.g. 3)
If I try to map into a Composite Domain that uses Shapes and Sides, by using a Derived Column as [Shapes] + " " + [Sides] it works, unless I have two words, e.g. "Triangle Plus" in the Shapes Domain. Then the Composite Domain in SSIS treats the "Triangle"
component as the Shapes domain element, and "Plus" as the Sides domain component and treats it as a New value as "Plus" is not a recognised number of sides.
Anybody know how to work around this? Are there alternate delimiters other than Space I can use?
James Beresford @ www.bimonkey.com & @BI_Monkey
SSIS / MSBI Consultant in Sydney, Australia
SSIS ETL Execution Control and Management Framework @
SSIS ETL Framework on Codeplex

I have followed the above helpful discussions re. how best to approach composite DQS domains when inside a SSIS flow.
I followed the approach recommended i.e.
" If you map your 2 individual source
fields to both the domains in your Composite Domain, your composite domain automatically participates in the cleansing activity."
In the example I have, there would be different validation rules , like the rules above which are called 'Circle', 'Square', etc.,, associated
with the Shapes&Sides CD.
What I haven't figured out , is how to know from the output from the (SSIS) DQS Cleansing step when I get an Invalid result
- which precise rule (e.g.'Circle', 'Square'..etc) actually failed. ?
So for an input row of with a Shapes value of 'Square', and a Sides value of '3', I would like to get 'Failed Square' as the reason for failure.
If I use the derived column approach (as discussed at the start of the above discussions) I am able to get this type of output by using the '...._Reason' DQS output corresponding to the derived column .
However I can't use the latter approach because of the issues with the derived column already highlighted in this thread.
I am also able to get the failed rule displayed when working fully inside the DQS client (no derived columns of course, just working with the CDs).
However , as I say, I don't seem to be able to find out how to get it when I map the individual cols separately to the individual domains.
I do get an overall 'Record Status' = 'Invalid' but I dont know which rule failed.
I hope I am missing something, as otherwise I don't see how a user is going to figure out why the record is 'Invalid'
Any help would be much appreciated.
Thanks
Martin

Do integrity checks by file comparison really work?

Hello,
I use a program (Beyond Compare) which has a Folder Compare module, with a function for doing a binary comparison between the files inside two folders. I use it to check the integrity of my backups, by comparing my main hard disk files, with the ones on
the backup hard disks. If two files get recognized as being different, then one of them should be corrupt (if they didn't get modified "normally").
My question is: will this method work to detect real file corruptions? Will it detect any kind of corruption, both copy corruptions, and "bit rot" corruptions? Will there be no problem regarding read cache? I mean: if the first file to compare gets read
from disk, and is kept in a read cache (by Windows or by the hard disk, or by something else), will the second file get read from the same cache (if Windows or the hard disk think they are identical files)? Do Windows and hard disks have some kind of procedure
to detect if a file to read from disk is already available in cache, even if it is in a different folder than the "original" one? Perhaps some kind of file-checksum-system which decides that the files are same? (And this system would not notice if the file
to compare is corrupt). If this would be true, then integrity checks by file comparison would not work, because in practice the same file would be read twice (first from disk, and then from cache), instead of reading both the two files to be compared from
disk.
I have already done tests by manually "corrupting" files (changing slightly the contents, while keeping size and timestamp the same), and it works (the files get recognized as different). But I'm not sure if it will work also with "real" corrupt files.
I'm interested mostly about Windows 8 Pro 64bit and NTFS (but would like to know also in general).
Thanks.

I also have Beyond Compare and have used it to check backup data.
Yes, Windows does RAM caching. If you have a comparison program read enough file data that you
can be sure the RAM cache is flushed, then you can be sure that reading the file data back and comparing it with the original data is a valid way to ensure you have uncorrupted backups.
Note that NTFS now does online recovery, so just the act of reading back the data can trigger processes inside the file system implementation that will recover the data if it should start to experience "bit rot" (weakening or failure of the
storage medium). But this is not strictly necessary as other operations, such as defragmentation etc., will occasionally access the disk data as well.
Some time back I wrote a small utility that calculates a CRC-32 on all the data from all the files in a set of folders. This is another way that re-reading all the data can be triggered, as well as producing a summary number that can be easily
compared to determine that all is well - though one doesn't need my software to do it... There are hash programs available that can accomplish the same things. Search for SHA-1 programs, but beware there can be malware associated with free programs
and download sites.
It's good that people think about data integrity. There's all too little of that nowadays.
-Noel
Detailed how-to in my eBooks:
Configure The Windows 7 "To Work" Options
Configure The Windows 8 "To Work" Options

ITunes database integrity check?

In iTunes I have a few ! that have appeared in the first column indicating iTunes can't find the file. So far I have found three folders (albums) that are missing from my music library disc and I don't understand how or when they dissappeared. I haven't found any individual missing files yet, just missing whole folders. It appears iTunes doesn't update the ! indicator until it has some reason to actually go open the file. Is there a way to automate this? So far I've been looking at each song with Command-I to check the Where info under Summary, or selecting the first song of an album and using Command-R to view the songs in finder. This is going to take a long time with nearly 8000 songs in my library. I'm trying to get an handle on the extent of the problem. I am careful to only use iTunes to manage the library (I don't move files around with finder). My library is on an external Firewire drive. Ideally, I would like there to be an "iTunes database integrity check" command.

The MSDN documentation says "RESTORE VERIFYONLY" command does not verify whether the structure of the data contained within the backup set is correct. Does it mean the restore command will not able to detect corruption in the database and I just need to
restore each of the backs starting from the latest to see if integrity check fails after restore ? OR RESTORE VERIFYONLY will confirm if the database is un-corrupted ?
As the documentation suggests, RESTORE VERIFYONLY checks the structure of the backup but not the database itself. You'll need to restore the backup to check the database consistency.
Dan Guzman, SQL Server MVP, http://www.dbdelta.com

[TECHNOTE ANNOUNCE] Error installing Flash Player "The download did not pass the integrity check (16236.304.443)

All,
I've published a new technote for folks who are having trouble with the Adobe Download Manager and Flash Player.
Error installing Flash Player "The download did not pass the integrity check (16236.304.443)
http://kb2.adobe.com/cps/512/cpsid_51258.html
Essentially this technote links to the Windows troubleshooting technote here:
http://www.adobe.com/go/tn_19166
However, before today the Windows troubleshooting technote only had an EXE install for the ActiveX version of Flash Player 10. I have now added a link to download the EXE version of the Flash Player Plugin installer as well.
Please point other users with integrity check errors to the first technote.

Thank you for the update & Tech Note Announcement. I do have a couple of questions, if you could please respond.
After uninstalling and ready to download; reading from the link you provided on 9/4/09, Should we follow the normal download instructions
per #2. "Flash Player download Center" and if a successful installation is not accomplished, THEN, go to "download and unzip install_Flash_Player_10_Plugin (all other windows browsers) ? Or should the latter step be done in lieu of #2 mentioned. I am assuming the download from F.P. D.L. Center would be done first and then troubleshoot by running the EXE. version of the F.P. Plugin installer.
Experience has taught me not to assume much, and if you don't know, ask!
Thanks for your hard work, but you have to admit, for the technically deprived, it is frustrating and confusing.

Did not pass integrity check (16236.304.443)

Hi,
I am trying to install flash player in Windows XP, IE 8.
As soon as download and installation starts, everything seems fine. The progress bar reaches 100% and stays there for some time. Then suddenly it starts increasing furthur (>100%) and the bar goes outside the visibility region of the window. Soon after, I get integrity check error. Any idea what I am doing wrong ? Refer these pics :
1. http://i1004.photobucket.com/albums/af162/rbharath25/flash.jpg
2. http://i1004.photobucket.com/albums/af162/rbharath25/flash2.jpg
3. http://i1004.photobucket.com/albums/af162/rbharath25/flash3.jpg
4. http://i1004.photobucket.com/albums/af162/rbharath25/flash4.jpg
Thanks,
Bharath

Hello everyone,
I apologize for the inconvenience this issue has been causing to you.
To those who are experiencing the install difficulty due to the integrity check error, could you please send a private message to BWolfe [ADOBE] with your email address? He'll forward your contact information to me, so I can start more information gathering.
In order to troubleshoot this issue, we would like to get a little more information.
Thank you so much!!
- Yuko (Platform QE / Adobe Web Team)

Did not pass integrity check??? Help

I am using internet explorer 8, on a brand new Toshiba Laptop, on wireless broadband but yet when I try downloading Adobe Flash Player 10, it is taking approximatly 2 hours on the download window with the green bar to get to 100% and when it does get to 100% it is saying that it did not pass the integrity check and if I click resume it starts the download all over again.
I have tried using different browsers ie Mozilla Firefox and Opera and it is still the same...
I have a support case open with Adobe for this but so far anything they have told me I have been unsucessful with.
Please Help!!.........
kind regards

Hello, What OS are you using? Are you trying to install the latest Flash Player vs 10.0.42.34? Have you run the uninstaller
from here? http://kb2.adobe.com/cps/141/tn_14157.html You may want to read each section to be sure to comply with the various requirements before running it. Especially the last part if you are using IE. This is downloaded to your desktop. Close all browsers and check the system tray; nothing that uses Flash should be running.
After running the Uninstaller, it is a good idea to go to Tools>Internet Options and check both sections of the add ons to
check if the old Shockwave Flash Object version ActiveX Control has been removed. If it has not, run the Uninstaller again. Then be sure to Reboot again.
Before running the offline Installer, I would suggest you read the troubleshooting link. It may help to be familiar with the various issues that an install might fail before trying it again.
http://go.adobe.com/kb/ts_tn_19166_en-us This is the troubleshooting link
http://fpdownload.macromedia.com/get/flashplayer/current/install_flash_player_ax.exe Installer link for IE-Download to the desktop.
After installing, go here to the Adobe test site: http://www.adobe.com/products/flash/about
If you have any questions before or after, please post.
Thank you

Flash player download won't pass integrity check

I'm trying to update my flash player. I used the adobe 'remover', rebooted then tried to download version 10.0.45.2 but it won't pass the integrity check. I'm tried with firefox first (clicking the 'allow' notices) then tried with internet explorer. I disabled my firewall, avast anti-virus as well as my ad-aware before the attempt. Any suggestions? I currently have NO player at all

Hi, you could refer to this thread that I posted instructions for FF and IE regarding Flash Player.
http://forums.adobe.com/thread/581376?tstart=0
I would suggest that you read over the Uninstall instructions and with IE, pay particular attention to the last NOTE at the end of the article.
If you have any questions before you start, just post back.
Thanks,
eidnolb

Database Integrity check failed, how to find an un-corrupted backup for recovery

I got database integrity check task that runs weekly. The job ran March 23rd but failed on March 30th. We have identified that there is a corruption in database and now the task is to restore it from backup (with data loss). We have database backup running
every-night and I need to know how can I find which is the latest backup that's not corrupted.
The MSDN documentation says "RESTORE VERIFYONLY" command does not verify whether the structure of the data contained within the backup set is correct. Does it mean the restore command will not able to detect corruption in the database and I just
need to restore each of the backs starting from the latest to see if integrity check fails after restore ? OR RESTORE VERIFYONLY will confirm if the database is un-corrupted ?

The MSDN documentation says "RESTORE VERIFYONLY" command does not verify whether the structure of the data contained within the backup set is correct. Does it mean the restore command will not able to detect corruption in the database and I just need to
restore each of the backs starting from the latest to see if integrity check fails after restore ? OR RESTORE VERIFYONLY will confirm if the database is un-corrupted ?
As the documentation suggests, RESTORE VERIFYONLY checks the structure of the backup but not the database itself. You'll need to restore the backup to check the database consistency.
Dan Guzman, SQL Server MVP, http://www.dbdelta.com

Composite domain integrity check

Similar Messages

Maybe you are looking for