Constant Failed Attempts from ASYNC ports
Our ACS 4.2 Failed Attempts log is being filled by "noise" on the async (tty0/tty1) from both our routers and switches. We have modems attached to our routers primarily on the console ports, in addition we have the aux port of our router connected to the console port of our LAN switch so we can reverse telnet into the switch. Both router & switch are TACACs enabled. In the user-name field of the ACS log, we get "noise" such as "interface up and down", "Press RETURN to get started", which the authen-failure-code indicates invalid characters or "ACS user unknown" in username field. What would cause this? I know misconfigured modems can cause echo issues but why a switch console port?
Dan/Greg,
This issue occurs when terminal server device (like c2509, c2511 or other) connect to it and which is sending junk to console or aux lines of the Router/Switch.
What may happen wrong with Terminal Server config:
= Incorrect speed for the line (which is connected to console of the router)
= possibly "exec" is running on that line on Terminal Server, thus sending unexpected prompt to the router console/aux.
When you want to allow only an outgoing connection on a line, use the *no**exec* command.The *no exec* command allows you to disable the EXEC process for connections which may attempt to send unsolicited data to the router.
(For example, the control port of a rack of modems attached to an auxiliary port of router.) When certain types of data are sent to a line connection, an EXEC process can start, which makes the line unavailable.
The user will still be able to access the console of the device and be authenticated as well. This puts extra burden on ACS and you may see some latency with legitimate authentications.
Let me know if you have any question.
Regards,
~JG
Do rate helpful posts
Similar Messages
-
Failed attempts on radius from a strange user
Hello all,
I have ACS server 4.2 and I have noticed that there are too many failed attempts from usernames just like:
[email protected]
[email protected]
The number before the "@" changes for different users! (I am not ev
I tried to search for those I noticed it is something related to using 3G networks over Wi-Fi!!
I am not familiar with this technology (if my undrestanding about thi is correct).
I just want to know what type of devices would possibly use this feature (what mobile phones vendors for example) and how to stop it (configure it correctly on the end station).
apprecaite your help.
AmjadThanks Mohammad for your quick reply.
I already know that failed attempt is due improper configuratoin on client. failure code in ACS is "EAP type not configured". Those stations -that high likely a mobile phones - usually use EAP-SIM which is not even supported by our ACS.
EAP-SIM configuration by default has "User name in Use" configured as "From SIM card". This is why we possibly seeing those.
Tracking the device is very difficult due to users are mobile and there are too many users around in same area/areas.
I just now successfully isolated that all devices reported this are Nokia devices!! Now it is easier to go to some area and ask about those who have Nokia phones rather than checking everyone's phone.
Thanks ya m3almi.
Amjad -
I tried to create a new google calendar in ical, but they did not show up, I tried this several times.
Now when I sync my iPad via iTunes all these failed attempts are showing up under the ical sync list in iTunes, how can I clear them from this list?See https://bugs.downthemall.net/ticket/2147
Google Search Bug
Reported by: openid:nathan wride Owned by:
Priority: major Milestone:
Component: Polish/Usability Version: 2.0.10
Keywords: Google search instant save bug Cc:
Operating System: Windows
Description
Hi Guys
I have found a bug/annoying thing that occurs frequently on google. When searching, DTA trys to download the search...
I'll try to attach a screenshot.
Attachments
[https://bugs.downthemall.net/attachment/ticket/2147/Screenshot.png Screenshot.png] Download (113.0 KB) - added by openid:nathan wride 4 weeks ago.
The screenshot that shows the bug. -
How can I reset my access passcode without having ever synced the device before? I don't remember my passcode and now the ipad is "disabled" from too many failed attempts.
You will need to reset the iPad back to factory defaults : iOS: Forgot passcode or device disabled
What iTunes purchases that you can redownload for free from the stores will show in the Purchased tabs in the App Store and iTunes Store apps, and the Purchased tab in the iBookstore in the iBooks app -
Multiple failed attempts to open PDF file from Windows Explorer by double clicking
Hi,
The configuration of my system is: Windows 7 SP1 x64, Adobe Reader 11.0.10.32.
When double clicking on PDF file or trying Open with Adobe Reader IX in context menu in Windows Explorer or any other file manager, the Adobe Reader opens only after few attempts. At each failed attempt the new AcroRd32.exe process arises. And only after few attempts the file opens! As a result, i see multiple empty AcroRd32.exe processes in Task Manager, each take about 4000 Kb of RAM and the only one file opened. I'm forced to kill those empty processes manually, because they are not killed when closing Adobe Reader window.
I found the same problem on another PC with the same configuration.
Best,
AlexeiHi Alexei,
Could you please let me know for how long have you started facing this issue.
Open TEMP folder (Press Windows + R and type %temp%) and delete all the files in it.
Does this happen with any specific PDF or all PDFs?
You might try disabling Protected Mode by opening Reader and going to "Edit > Preferences > Security (Enhanced)"
Let me know how it goes.
Regards,
Anubha -
No Port Available from the port range
Hi, Im getting "no port available from the port range" for the default_group/home/default_group process when I attempt to start opmn. I changed the port no through the application server control panel, and now I cant start opmn to change it back again! Could anyone tell me how to go about changing it back please?
The error report looks like this:
There are some errors while stopping the following components. Refer to the generated error report for more details.
==================================================
ias-component: default_group
process-type: home
process-set: default_group
Error Message:no port available from the port range
==================================================
==================================================
ias-component: default_group
process-type: home
process-set: default_group
Error Message:failed to start a managed process after the maximum retry limit
==================================================
==================================================
ias-component: default_group
process-type: home
process-set: default_group
Error Message:no port available from the port range
==================================================
==================================================
ias-component: default_group
process-type: home
process-set: default_group
Error Message:no port available from the port range
==================================================
Can anyone help?See the Oracle Application Server Administrator's Guide. Here's a link for the 10.1.2.0.2 version of the book:
http://download-west.oracle.com/docs/cd/B14099_19/core.1012/b13995/ports.htm#i1038905
Helen -
Caller-id absent in failed attempts
Hi all experts.
I am using ACS 3.3 but pls dont run away since i am facing very odd issue. In my failed attempt logs, there are times when the caller-id is not present( means blank). What could be the possible reason for that ?
Thanks in advanceInformation in the "Caller-ID" depends on the information being sent from
the NAS to ACS.
For TACACS -- whatever is being passed from NAS to ACS in the "rem_addr"
field that will be logged in "Caller-ID".
For RADIUS -- whatever is being passed from NAS to ACS in the "Calling
Station ID (31)" attribute that will be logged in "Caller-ID".
It also depends on the type of connection you are using:
-For dial-in it will be telephone number from which you are dialing if the
TELCO forwards that information otherwise it will say "async".
-For telnet it will log the IP address of the client.
-For wireless device it will log the MAC address.
So, it depends on the information being passed from NAS to ACS and the type
of authentication protocol you are using. If NAS doesn't pass the info then
it will be blank.
You can run #debug aaa authentication
#debug radius (or tacacs)
and verify the fields -
How to get data from serial port to GUI textArea
From Serial Port.....
Messages from base (always 5 bytes):
0xAA, 0, 0, 0, 0xBB - IDLE Mode
0xAA, 0, 0x80, 0x80, 0xBB - Question Mode
messages from terminal (always 6 bytes):
0xAA, a, b, c, chksum, 0xBB
where chksum = a+b+c;
a = address (0-250)
the 2 MSB's of b represenet the answer:
0 0 - A
0 1 - B
1 0 - C
1 1 - D
the 6LSB's of b and 8bits of c is the time for answer, in milliseconds.
(0-16384 milliseconds)
I have VB Code for that but I want the same thing in Java ...
Can any one help me?
Here's VB Code..
VERSION 5.00
Object = "{648A5603-2C6E-101B-82B6-000000000014}#1.1#0"; "MSCOMM32.OCX"
Begin VB.Form Form1
BorderStyle = 1 'Fixed Single
Caption = "Aakar GUI"
ClientHeight = 4665
ClientLeft = 60
ClientTop = 375
ClientWidth = 6105
LinkTopic = "Form1"
MaxButton = 0 'False
MinButton = 0 'False
ScaleHeight = 311
ScaleMode = 3 'Pixel
ScaleWidth = 407
StartUpPosition = 3 'Windows Default
Begin VB.CommandButton cmdPort
Caption = "Open Port"
Height = 375
Left = 120
TabIndex = 4
Top = 600
Width = 1455
End
Begin VB.ComboBox cmbPort
Height = 315
ItemData = "Form1.frx":0000
Left = 120
List = "Form1.frx":0016
Style = 2 'Dropdown List
TabIndex = 3
Top = 120
Width = 2895
End
Begin VB.CommandButton cmdEnd
Caption = "End"
Height = 495
Left = 1560
TabIndex = 2
Top = 1320
Width = 1215
End
Begin VB.CommandButton cmdStart
Caption = "Start"
Height = 495
Left = 120
TabIndex = 1
Top = 1320
Width = 1215
End
Begin VB.TextBox txtMessage
Height = 2040
Left = 119
MultiLine = -1 'True
ScrollBars = 3 'Both
TabIndex = 0
Top = 2475
Width = 5848
End
Begin VB.Timer tmrRead
Enabled = 0 'False
Interval = 1
Left = 2040
Top = 600
End
Begin MSCommLib.MSComm MSComm1
Left = 3120
Top = 360
_ExtentX = 1164
_ExtentY = 1164
_Version = 393216
DTREnable = 0 'False
ParityReplace = 45
SThreshold = 1
End
Begin VB.Label Label5
Caption = "Result Data:"
Height = 375
Left = 120
TabIndex = 5
Top = 2115
Width = 1320
End
End
Attribute VB_Name = "Form1"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
Option Explicit
Dim PortIsOpen As Boolean
Dim Answers(4) As String
Dim RejectKeystroke As Boolean
Private Sub cmbPort_Change()
Debug.Print cmbPort.ListIndex
End Sub
Private Sub cmbPort_Validate(Cancel As Boolean)
'Cancel = True
End Sub
Private Sub cmdEnd_Click()
MSComm1.Output = "e"
txtMessage.Text = ""
End Sub
Private Sub cmdPort_Click()
On Error GoTo ErrorHandler
If cmbPort.ListIndex < 0 Then Exit Sub
If PortIsOpen Then
cmbPort.Enabled = True
MSComm1.PortOpen = False
PortIsOpen = False
cmdPort.Caption = "Open Port"
cmdStart.Enabled = False
cmdEnd.Enabled = False
Else
MSComm1.CommPort = cmbPort.ListIndex + 1
cmbPort.Enabled = False
MSComm1.PortOpen = True
PortIsOpen = True
cmdPort.Caption = "Close Port"
cmdStart.Enabled = True
cmdEnd.Enabled = True
End If
Exit Sub
ErrorHandler:
Debug.Print Err.Number
Debug.Print Err.Description
MsgBox Err.Description, vbExclamation Or vbOKOnly, "Error opening port"
cmbPort.Enabled = True
PortIsOpen = False
cmdPort.Caption = "Open Port"
cmdStart.Enabled = False
cmdEnd.Enabled = False
End Sub
Private Sub cmdStart_Click()
MSComm1.Output = "s"
txtMessage.Text = ""
End Sub
Private Sub Form_Initialize()
Dim tmp As Variant
tmp = InitCommonControls
End Sub
Private Sub Form_Load()
Answers(0) = "A"
Answers(1) = "B"
Answers(2) = "C"
Answers(3) = "D"
'MSComm1.Settings = "9600,n,8,1"
''MSComm1.Settings = "115200,n,8,1"
'MSComm1.PortOpen = True
On Error GoTo ErrorHandler1
MSComm1.CommPort = 1 ' comm port 1
MSComm1.RThreshold = 1 ' use 'on comm' event processing
MSComm1.Settings = "9600,n,8,1" ' baud, parity, data bits, stop bits
MSComm1.SThreshold = 1 ' allows us to track Tx LED
MSComm1.InputMode = comInputModeText 'comInputModeBinary ' binary mode, you can also use
' comInputModeText for text only use
PortIsOpen = False
cmbPort.ListIndex = 0
' open the port
MSComm1.PortOpen = True
cmbPort.Enabled = False
PortIsOpen = True
cmdPort.Caption = "Close Port"
cmdStart.Enabled = True
cmdEnd.Enabled = True
Exit Sub
ErrorHandler1:
Debug.Print Err.Description
PortIsOpen = False
cmbPort.Enabled = True
cmdPort.Caption = "Open Port"
cmdStart.Enabled = False
cmdEnd.Enabled = False
End Sub
Private Sub Form_QueryUnload(Cancel As Integer, UnloadMode As Integer)
If MSComm1.PortOpen Then MSComm1.PortOpen = False
End Sub
Private Sub lblOption_Click()
End Sub
Private Sub MSComm1_OnComm()
' Synopsis: Handle incoming characters, 'On Comm' Event
' Description: By setting MSComm1.RThreshold = 1, this event will fire for
' each character that arrives in the comm controls input buffer.
' Set MSComm1.RThreshold = 0 if you want to poll the control
' yourself, either via a TImer or within program execution loop.
' In most cases, OnComm Event processing shown here is the prefered
' method of processing incoming characters.
Dim i As Long
Dim sBuff As String ' buffer for holding incoming characters
Const MTC As String = vbCrLf ' message terminator characters (ususally vbCrLf)
Const LenMTC As Long = 2 ' number of terminator characters, must match MTC
Dim iPtr As Long ' pointer to terminatior character
' OnComm fires for multiple Events
' so get the Event ID & process
Select Case MSComm1.CommEvent
' Received RThreshold # of chars, in our case 1.
Case comEvReceive
' read all of the characters from the input buffer
' StrConv() is required when using MSComm in binary mode,
' if you set MSComm1.InputMode = comInputModeText, it's not required
'sBuff = sBuff & StrConv(MSComm1.Input, vbUnicode)
'If Len(txtMessage.Text) > 4096 Then txtMessage.Text = ""
sBuff = MSComm1.Input
Dim ch As String
Dim PacketStart As Boolean
Dim PacketLength As Integer
Dim Packet() As String
PacketStart = False
PacketLength = 0
While (Len(sBuff) > 0)
ch = Left(sBuff, 1)
If (ch = Chr(&HAA)) Then PacketStart = True
If (ch = Chr(&HBB)) Then PacketStart = False
If (ch <> Chr(&HAA) And ch <> Chr(&HBB)) Then
PacketLength = PacketLength + 1
ReDim Preserve Packet(PacketLength)
Packet(PacketLength) = ch
End If
'txtMessage.Text = txtMessage.Text + Format(Hex(Asc(ch)), " @@")
sBuff = Right(sBuff, Len(sBuff) - 1)
Wend
If (PacketLength = 3) Then
Debug.Print "Command packet recieved"
'txtMessage.Text = txtMessage.Text + vbCrLf + "Address =" + Str(Asc(Packet(1)))
'txtMessage.Text = txtMessage.Text + vbCrLf + "Address =" + Str(Asc(Packet(2)))
End If
If (PacketLength = 4) Then
Debug.Print "Response packet recieved"
txtMessage.Text = txtMessage.Text + "Address =" + Str(Asc(Packet(1))) + _
" Answer = " + Answers((Asc(Packet(2)) And &HC0) / 64) + _
" Time =" + Str((Asc(Packet(2)) And &H3F) * 256 + (Asc(Packet(3)))) + "mS" + vbCrLf
'txtMessage.Text = txtMessage.Text + vbCrLf + "Address =" + Str(Asc(Packet(1)))
'txtMessage.Text = txtMessage.Text + vbCrLf + "Option =" + Str((Asc(Packet(2)) And &HC0) / 64)
'txtMessage.Text = txtMessage.Text + vbCrLf + "Time =" + Str((Asc(Packet(2)) And &H3F) * 256 + (Asc(Packet(3))))
End If
If (PacketLength <> 4 And PacketLength <> 3) Then Debug.Print "Unknown packet of length" + Str(PacketLength) + " recieved"
txtMessage.Text = txtMessage.Text + vbCrLf
' An EOF charater was found in the input stream
Case comEvEOF
DoEvents
' There are SThreshold number of characters in the transmit buffer.
Case comEvSend
DoEvents
' A Break was received.
Case comEventBreak
DoEvents
' Framing Error
Case comEventFrame
DoEvents
' Data Lost.
Case comEventOverrun
DoEvents
' Receive buffer overflow.
Case comEventRxOver
DoEvents
' Parity Error.
Case comEventRxParity
DoEvents
' Transmit buffer full.
Case comEventTxFull
' Unexpected error retrieving DCB]
Case comEventDCB
DoEvents
End Select
End Sub
Private Sub tmrRead_Timer()
'MSComm1.Output = vbCrLf + vbCrLf
'MSComm1.Output = Chr(128)
End Sub
Private Sub txtMessage_KeyDown(KeyCode As Integer, Shift As Integer)
If Shift = 2 Or Shift = 4 Then RejectKeystroke = False Else RejectKeystroke = True
End Sub
Private Sub txtMessage_KeyPress(KeyAscii As Integer)
If RejectKeystroke Then
KeyAscii = 0
End If
End SubThanks in advance..I want to replicate the entire VB program as Java Program.
This has to be included in my project which i am doing in java. -
I work for a university and teach IT courses to undergrad and graduate students. The details below are pertaining an isolated lab environment
I had a storage failure in my lab and the DCs became corrupt. This is a university lab environment so there isn't anything crucial on here. I just would rather avoid rebuilding the domain/forest and would rather use this as a learning experience with my
students...
So after the storage failed and was restored, the VMs hosted became corrupt. I did a NTDSUTIL to basically repair the NDTS.dit file but one of my DCs reverted to a state before DC promotion. Naturally, the domain still had this object in AD. After numerous
failed attempts at trying to reinstall the DC on the server through the server manager wizard in 2012 R2, I decided that a metadata cleanup of the old failed object was necessary.
Utilizing this article, I removed all references of the failed DC from both AD and DNS (http://www.petri.com/delete_failed_dcs_from_ad.htm)
So now that the failed object is removed completely from the domain and the metadata cleanup was successful, I then proceeded to re-install the necessary AD DS role on the server and re-promote to the existing domain. Pre-Requisites pass but generate some
warning around DNS Delgation, and Dynamic Updates (delegation is ignored because the lab is isolated from external comms, and dynamic updates are in fact enabled on both my _msdcs and root domain zones).
Upon the promotion process, I get the following error message (also worth mentioning - the account performing these operations is a member of DA, EA, and Schema Admins)
The operation failed because:
Active Directory Domain Services could not create the NTDS Settings object for this Active Directory Domain Controller CN=NTDS Settings,CN=domainVMDC1,CN=Servers,CN=Default-
First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=school,DC=edu on the remote AD DC domainVMDC2. Ensure the provided network credentials have sufficient permissions.
"While processing a change to the DNS Host Name for an object, the Service Principal Name values could not be kept in sync."
As you can see, this error seems odd considering. Now that I'm down to a single DC and DNS server, the sync should be corrected. I've run a repadmin /syncall and it completed successfully. Since then, I've run dcdiags and dumped those to a text as well and
here are my results...
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = domainVMDC2
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\domainVMDC2
Starting test: Connectivity
......................... domainVMDC2 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\domainVMDC2
Starting test: Advertising
......................... domainVMDC2 passed test Advertising
Starting test: FrsEvent
......................... domainVMDC2 passed test FrsEvent
Starting test: DFSREvent
......................... domainVMDC2 passed test DFSREvent
Starting test: SysVolCheck
......................... domainVMDC2 passed test SysVolCheck
Starting test: KccEvent
......................... domainVMDC2 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... domainVMDC2 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... domainVMDC2 passed test MachineAccount
Starting test: NCSecDesc
......................... domainVMDC2 passed test NCSecDesc
Starting test: NetLogons
......................... domainVMDC2 passed test NetLogons
Starting test: ObjectsReplicated
......................... domainVMDC2 passed test ObjectsReplicated
Starting test: Replications
......................... domainVMDC2 passed test Replications
Starting test: RidManager
......................... domainVMDC2 passed test RidManager
Starting test: Services
......................... domainVMDC2 passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x00001795
Time Generated: 12/18/2014 00:35:03
Event String:
The program lsass.exe, with the assigned process ID 476, could not authenticate locally by using the target name ldap/domainvmdc2.domain.school.edu. The target name used is not valid. A target name should
refer to one of the local computer names, for example, the DNS host name.
......................... domainVMDC2 passed test SystemLog
Starting test: VerifyReferences
......................... domainVMDC2 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
For the partition
(DC=ForestDnsZones,DC=domain,DC=school,DC=edu) we encountered
the following error retrieving the cross-ref's
(CN=3098109a-ff99-41d4-8926-0e814ac8efde,CN=Partitions,CN=Configuration,DC=domain,DC=school,DC=edu)
information:
LDAP Error 0x52e (1326).
......................... ForestDnsZones failed test CheckSDRefDom
Starting test: CrossRefValidation
For the partition
(DC=ForestDnsZones,DC=domain,DC=school,DC=edu) we encountered
the following error retrieving the cross-ref's
(CN=3098109a-ff99-41d4-8926-0e814ac8efde,CN=Partitions,CN=Configuration,DC=domain,DC=school,DC=edu)
information:
LDAP Error 0x52e (1326).
......................... ForestDnsZones failed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
For the partition
(DC=DomainDnsZones,DC=domain,DC=school,DC=edu) we encountered
the following error retrieving the cross-ref's
(CN=2f0b8ac0-2630-441a-891f-b5fcb91498a8,CN=Partitions,CN=Configuration,DC=domain,DC=school,DC=edu)
information:
LDAP Error 0x52e (1326).
......................... DomainDnsZones failed test CheckSDRefDom
Starting test: CrossRefValidation
For the partition
(DC=DomainDnsZones,DC=domain,DC=school,DC=edu) we encountered
the following error retrieving the cross-ref's
(CN=2f0b8ac0-2630-441a-891f-b5fcb91498a8,CN=Partitions,CN=Configuration,DC=domain,DC=school,DC=edu)
information:
LDAP Error 0x52e (1326).
......................... DomainDnsZones failed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
For the partition
(CN=Schema,CN=Configuration,DC=domain,DC=school,DC=edu) we
encountered the following error retrieving the cross-ref's
(CN=Enterprise Schema,CN=Partitions,CN=Configuration,DC=domain,DC=school,DC=edu)
information:
LDAP Error 0x52e (1326).
......................... Schema failed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
For the partition
(CN=Configuration,DC=domain,DC=school,DC=edu) we encountered
the following error retrieving the cross-ref's
(CN=Enterprise Configuration,CN=Partitions,CN=Configuration,DC=domain,DC=school,DC=edu)
information:
LDAP Error 0x52e (1326).
......................... Configuration failed test CrossRefValidation
Running partition tests on : domain
Starting test: CheckSDRefDom
......................... domain passed test CheckSDRefDom
Starting test: CrossRefValidation
For the partition (DC=domain,DC=school,DC=edu) we encountered
the following error retrieving the cross-ref's
(CN=domain,CN=Partitions,CN=Configuration,DC=domain,DC=school,DC=edu)
information:
LDAP Error 0x52e (1326).
......................... domain failed test CrossRefValidation
Running enterprise tests on : domain.school.edu
Starting test: LocatorCheck
......................... domain.school.edu passed test
LocatorCheck
Starting test: Intersite
......................... domain.school.edu passed test Intersite
From what I can gather, there is a definite DNS issue but I don't have any stale records to the old DC stored anywhere. I've tried this with a new server as well and get similar errors...
At this rate I'm ready to rebuild the entire forest over again. I'm just reluctant to do so as I want to make this a learning experience for the students.
Any help would be greatly appreciated. Thanks!As you can see, there seems to be some errors. The one that I did correct was the one around the _msdcs NS record being unable to resolve. For whatever, reason the name wasn't resolving the IP but all other NS tabs and records were. Just that one _msdcs
sub-zone. Furthermore, the mentioning of any connections to root hint servers can be viewed as false positives. There is no external comms to this lab so no communication with outside IPs can be expected. Lastly, they mentioned a connectivity issue yet mention
that I should check the firewall settings. All three profiles are disabled in Windows Firewall (as they have been the entire time). Thank you in advance for your help!
C:\Windows\system32>dcdiag /test:dns /v
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine domainVMDC2, is a Directory Server.
Home Server = domainVMDC2
* Connecting to directory service on server domainVMDC2.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=domain,DC=school,DC=edu,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=school,DC=edu
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=domain,DC=school,DC=edu,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=domainVMDC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=school,DC=edu
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\domainVMDC2
Starting test: Connectivity
* Active Directory LDAP Services Check
The host
3a38b19c-4bb3-4542-acb6-9e5e97cc15c4._msdcs.domain.school.edu
could not be resolved to an IP address. Check the DNS server, DHCP,
server name, etc.
Got error while checking LDAP and RPC connectivity. Please check your
firewall settings.
......................... domainVMDC2 failed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\domainVMDC2
Test omitted by user request: Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Test omitted by user request: FrsEvent
Test omitted by user request: DFSREvent
Test omitted by user request: SysVolCheck
Test omitted by user request: KccEvent
Test omitted by user request: KnowsOfRoleHolders
Test omitted by user request: MachineAccount
Test omitted by user request: NCSecDesc
Test omitted by user request: NetLogons
Test omitted by user request: ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: Replications
Test omitted by user request: RidManager
Test omitted by user request: Services
Test omitted by user request: SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: VerifyReferences
Test omitted by user request: VerifyReplicas
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
See DNS test in enterprise tests section for results
......................... domainVMDC2 passed test DNS
Running partition tests on : ForestDnsZones
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running partition tests on : DomainDnsZones
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running partition tests on : Schema
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running partition tests on : Configuration
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running partition tests on : domain
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running enterprise tests on : domain.school.edu
Starting test: DNS
Test results for domain controllers:
DC: domainVMDC2
Domain: domain.school.edu
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
Error: No LDAP connectivity
The OS
Microsoft Windows Server 2012 R2 Datacenter (Service Pack level: 0.0)
is supported.
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000010] vmxnet3 Ethernet Adapter:
MAC address is 00:50:56:A2:2C:24
IP Address is static
IP address: *.*.100.26
DNS servers:
*.*.100.26 (domainVMDC2) [Valid]
No host records (A or AAAA) were found for this DC
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found primary
Root zone on this DC/DNS server was not found
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders are not configured on this DNS server
Root hint Information:
Name: a.root-servers.net. IP: 198.41.0.4 [Invalid (unreachable)]
Name: b.root-servers.net. IP: 192.228.79.201 [Invalid (unreachable)]
Name: c.root-servers.net. IP: 192.33.4.12 [Invalid (unreachable)]
Name: d.root-servers.net. IP: 199.7.91.13 [Invalid (unreachable)]
Name: e.root-servers.net. IP: 192.203.230.10 [Invalid (unreachable)]
Name: f.root-servers.net. IP: 192.5.5.241 [Invalid (unreachable)]
Name: g.root-servers.net. IP: 192.112.36.4 [Invalid (unreachable)]
Name: h.root-servers.net. IP: 128.63.2.53 [Invalid (unreachable)]
Name: i.root-servers.net. IP: 192.36.148.17 [Invalid (unreachable)]
Name: j.root-servers.net. IP: 192.58.128.30 [Invalid (unreachable)]
Name: k.root-servers.net. IP: 193.0.14.129 [Invalid (unreachable)]
Name: l.root-servers.net. IP: 199.7.83.42 [Invalid (unreachable)]
Name: m.root-servers.net. IP: 202.12.27.33 [Invalid (unreachable)]
Error: Both root hints and forwarders are not configured or
broken. Please make sure at least one of them works.
TEST: Delegations (Del)
Delegation information for the zone: domain.school.edu.
Delegated domain name: _msdcs.domain.school.edu.
Error: DNS server: domainvmdc2. IP:<Unavailable>
[Missing glue A record]
[Error details: 9714 (Type: Win32 - Description: DNS name does not exist.)]
TEST: Dynamic update (Dyn)
Test record dcdiag-test-record added successfully in zone domain.school.edu
Warning: Failed to delete the test record dcdiag-test-record in zone domain.school.edu
[Error details: 13 (Type: Win32 - Description: The data is invalid.)]
TEST: Records registration (RReg)
Network Adapter [00000010] vmxnet3 Ethernet Adapter:
Matching CNAME record found at DNS server *.*.100.26:
3a38b19c-4bb3-4542-acb6-9e5e97cc15c4._msdcs.domain.school.edu
Matching SRV record found at DNS server *.*.100.26:
_ldap._tcp.domain.school.edu
Matching SRV record found at DNS server *.*.100.26:
_ldap._tcp.a9241004-88ea-422d-a71e-df7b622f0d68.domains._msdcs.domain.school.edu
Matching SRV record found at DNS server *.*.100.26:
_kerberos._tcp.dc._msdcs.domain.school.edu
Matching SRV record found at DNS server *.*.100.26:
_ldap._tcp.dc._msdcs.domain.school.edu
Matching SRV record found at DNS server *.*.100.26:
_kerberos._tcp.domain.school.edu
Matching SRV record found at DNS server *.*.100.26:
_kerberos._udp.domain.school.edu
Matching SRV record found at DNS server *.*.100.26:
_kpasswd._tcp.domain.school.edu
Matching SRV record found at DNS server *.*.100.26:
_ldap._tcp.Default-First-Site-Name._sites.domain.school.edu
Matching SRV record found at DNS server *.*.100.26:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.domain.school.edu
Matching SRV record found at DNS server *.*.100.26:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.domain.school.edu
Matching SRV record found at DNS server *.*.100.26:
_kerberos._tcp.Default-First-Site-Name._sites.domain.school.edu
Matching SRV record found at DNS server *.*.100.26:
_ldap._tcp.gc._msdcs.domain.school.edu
Matching SRV record found at DNS server *.*.100.26:
_gc._tcp.Default-First-Site-Name._sites.domain.school.edu
Matching SRV record found at DNS server *.*.100.26:
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.domain.school.edu
Matching SRV record found at DNS server *.*.100.26:
_ldap._tcp.pdc._msdcs.domain.school.edu
Error: Record registrations cannot be found for all the network
adapters
Summary of test results for DNS servers used by the above domain
controllers:
DNS server: 128.63.2.53 (h.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.63.2.53
[Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: 192.112.36.4 (g.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.112.36.4
[Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: 192.203.230.10 (e.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.203.230.10
[Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: 192.228.79.201 (b.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.228.79.201
[Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: 192.33.4.12 (c.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.33.4.12
[Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: 192.36.148.17 (i.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.36.148.17
[Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: 192.5.5.241 (f.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.5.5.241
[Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: 192.58.128.30 (j.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.58.128.30
[Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: 193.0.14.129 (k.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 193.0.14.129
[Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: 198.41.0.4 (a.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 198.41.0.4
[Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: 199.7.83.42 (l.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 199.7.83.42
[Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: 199.7.91.13 (d.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 199.7.91.13
[Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: 202.12.27.33 (m.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 202.12.27.33
[Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: *.*.100.26 (domainVMDC2)
All tests passed on this DNS server
Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
Domain: domain.school.edu
domainVMDC2 PASS FAIL FAIL FAIL WARN FAIL n/a
......................... domain.school.edu failed test DNS
Test omitted by user request: LocatorCheck
Test omitted by user request: Intersite -
I recently downloaded the lastest OS update (Lion X 10.7.4) on my MBP that I purchased in November of 2011, and since downloading it my MBP has been making a constant "humming" noise from the right speaker/disc drive area. I also don't have any audio output for FaceTime or Skype. I attempted to use Photo Booth to record a video and it doesn't record any audio. I attempted to reset SMC and reinstall Lion with no resolution of the problems.
Click the Finder icon on the Dock.
Applications > Utilities > Audio MIDI Setup
Built-in-Output
Output tab
Move the Master volume slider to the right a bit.
Best. -
OC4J_BPEL no port available from the port range
To All,
We could not start our BPEL Process Manager and OC4J_BPEL. We have shut down and restarted the Linux server repeatedly and re-running the IRCA. All stacks are running except the OC4J_BPEL and BPM.
We keep receiving the following message when we start the BPM:
BPEL Process Manager
OraBPEL : OC4J_BPEL no port available from the port range
OraBPEL : OC4J_BPEL - failed to start a managed process after the maximum retry limit
OC4J_BPEL
OraBPEL : OC4J_BPEL no port available from the port range
OraBPEL : OC4J_BPEL - failed to start a managed process after the maximum retry limit
Our OraBPEL is on a single HP NetServer LH6000 with Red Head AS 3.0, Oracle 10g DB and AS middle tier all in the same machine. The server was running a batch BPEL process. After running 2 hrs and process 12,000 records it was brought down by a single runtime exception. We were able to bring back the Oracle 10g AS middle tier but not the OC4J_BPEL instance. Any help would be appreciated.I changed the OC4J_BPEL port from 3201 to 3211 fix the problem. It was conflicted with the home instance that is using port 3201. However that still can not get rid of the OC4J-BPEL failed to start a managed process after the maximum retry limit.
-
REP-0186: Daemon failed to listen to port Forms Server Not starting
Hello Team,
E-Biz 11.5.0.2
O/S HP-UX B.11.11
when we are stating the Forms server it is sarting with status 0, but when we check the status it is exiting with the following error
*08/27/12-17:42:46 :: starting Reports Server for qhrp on port 7074.*
REP-0186: Daemon failed to listen to port
*08/27/12-17:42:47 :: adrepctl.sh: exiting with status 0*
we are not able to see the reports after submitting the requests.Requests are executing successfully.But when clicking on output or log the following message getting appearedon the IE
An error occurred while attempting to establish an Applications File Server connection with the node FNDFS_HR3D. There may be a network configuration problem, or the TNS listener on node FNDFS_HR3D may not be running. Please contact your system administrator.
Please advice.
SRKThe issue got resolved by restoring the ifile in 8.0.6 ORACLE_HOME..
-
I need help with unlocking my 'locked' account. According to Apple, my birthdate is inaccurate, my passwords are incorrect and due to too many failed attempts, I'm without email. Please Help
Boot from the installation DVD, then go to Utilities/Password Reset.
-
Hide Quiz Continue button until all failed attempts
Hello!
I am using Captivate 8 and have a quiz that allows 3 failed attempts. It is set to jump to a slide if they pass and a different one if they fail. These work fine using the continue button.
There is a retake and continue button.
However, the continue button shows on the quiz results slide on the first and second failed attempt. If the user clicks this - the quiz is over - no more attemtps allowed (no playback bar if that would make a difference).
The instructions say on teh failed attempts, "...if the retake button is showing, click it, otherwise, click continue."
How can I hide the continue button on the first 2 failed attempts?
I've been searching blogs and the answer may be out there - I'm just not piecing it together. I created an if/else statement to jump to the appropriate slide based on the quiz % scored, but it then bypasses the quiz results.
I know there's a way!!
Thank you for any advice!!
SherryPlease don't apologize Lilybiri! Your input is ALWAYS appreciated
Thank you for hte suggestion! In this instance, I want the continue button to show after no more retakes so layering it behind the Retake button worked well.
The funny thing is by answering my own question I may have got my first 10 points!
I learn so much from all of you experts - I am very grateful for the time each of you puts in and for all your sharing and help!! -
ApacheJServ/1.1: Failed to bind to port(s)
Hi,
I'm running Oracle-HTTP-Server/1.3.28 on Red Hat Linux and JDK 1.4.2
For many months, everything was running fine.
Now I get the following error message (many times) in file "jserv.log":
[Note: reformatted for easier reading.]
[02/08/2007 18:23:32] ApacheJServ/1.1:
Failed to bind to port(s) specified in jserv.properties.
Please check jserv.properties and jserv.conf file, and make sure number of JServ
process specified in jserv.conf is less than number of ports specified
in jserv.properties and the ports are not used by other processes.I'm hoping someone will be able to help me resolve this problem.
=========================================================
August 3, 2007 - More information:
JServ is configured to listen to port 8007 only.
When iAS is started up, the first time a servlet request is sent, the process becomes defunct and is unable to release the 8007 port.
All subsequent attempts to access that port fail, as the port is still bound to a defunct process.
If you kill the defunct process, the port is then in a CLOSE state, as seen by using "netstat".
Thanks,
Avi.
Message was edited by:
Avi AbramiHi,
Turned out to be a file permissions problem.
The owner of another process -- not Oracle HTTP Server -- was trying to write log messages to a file it didn't have permission to write to.
Once the owner was granted write permission to the log file, the problem disappeared.
Thanks for all the help ;-)
Good Luck,
Avi.
Maybe you are looking for
-
issue with cisco acs 4.2.Users unable to login aaa client but after restarting group policy able to login
-
Hi, can anyone tell me how to include standard text in smart form Thanks
-
I want to find a word and located sentences in the file; For example: I love java. It is a programming language. Everybody loves Java. Search: Display: I love java. Everybody loves Java.
-
Upgraded to ios7 now bluetooth not working
Hi - I upgraded my iphone 4s to IOS7 yesterday and everything seems to be working fine apart from the bluetooth. I have been using the iphone with my car stereo for over a year without a problem - now it just keeps searching and doesn't actually see
-
i am stumped, first i had a problem that my daughters ipad 2 (6.1.3) wouldnt log on to itunes, appstore, or Facebook app,she claimed it worked at all of her friends houses but not ours anymore (after update to 6.1.3??) after jumping through many hoop