Continuous Re-authentications

Similar Messages

• Website hosted in particular windows server prompting continuous domain authentication

  Hi
  There are 2 domains A & B .In domain A, there are few websites hosted in 4 windows servers identical in software and hardware configurations ....mean to say in IIS Managers , all the settings are same.I am not aware of IIS technically. but all the settings
  visually are the same.
  The problem 2 days before happened the Domain B users (except 2 users)are continuously prompted for the domain authentication when they try to access this website through the URL which they always use when the URL hits one particular server out of these
  4 windows 2008 R2 servers
  The sharepoint site admin cut a ticket to Windows team with the comment : Check this BAD Windows server
  Error posted is :
  Log Name:      Security
  Source:        Microsoft-Windows-Security-Auditing
  Date:          3/14/2015 8:14:04 AM
  Event ID:      4625
  Task Category: Logon
  Level:         Information
  Keywords:      Audit Failure
  User:          N/A
  Computer:      xxxxxx
  Description:
  An account failed to log on.
  Subject:
                  Security ID:                         NULL SID
                  Account Name:                 -
                  Account Domain:                             -
                  Logon ID:                             0x0
  Logon Type:                                       3
  Account For Which Logon Failed:
                  Security ID:                         NULL SID
  Account Name:
                  Account Domain:                             xxxxxxxx
  Failure Information:
  Failure Reason:                                The user has not been granted the requested logon type at this machine.
                  Status:                                  0xc000015b
                  Sub Status:                         0x0
  Process Information:
                  Caller Process ID:             0x0
                  Caller Process Name:     -
  Network Information:
                  Workstation Name:        xxxxxxxxxxxxxxx
                  Source Network Address:            xxx.xxx.xxx.xxx
                  Source Port:                       53827
  Detailed Authentication Information:
                  Logon Process:                  NtLmSsp
                  Authentication Package:               NTLM
                  Transited Services:          -
                  Package Name (NTLM only):       -
                  Key Length:                        0
  This event is generated when a logon request fails. It is generated on the computer where access was attempted.
  The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or
  Services.exe.
  The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).
  The Process Information fields indicate which account and process on the system requested the logon.
  The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
  The authentication information fields provide detailed information about this specific logon request.
                  - Transited services indicate which intermediate services have participated in this logon request.
                  - Package name indicates which sub-protocol was used among the NTLM protocols.
                  - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
  If the problem existed in this particular server, how those exceptional 2 users are having the access.I agree they are the sharepoint admins...
  How and where to check the investigation?
  Thanks & Regards S.Swaminathan Live & let others live!!!

  Hi,
  >>The problem 2 days before happened the Domain B users (except 2 users)are continuously prompted for the domain authentication
  Based on the description, we can check the following article to see if it's helpful.
  Troubleshooting: I Keep Getting Prompted for a User Name and Password
  https://msdn.microsoft.com/en-us/library/cc750194.aspx
  Besides, for this question, in order to get better help, we can ask for suggestions in the following two forums.
  IIS Forum
  http://forums.iis.net/
  SharePoint Forum
  https://social.technet.microsoft.com/Forums/office/en-US/home?category=sharepoint
  Best regards,
  Frank Shen
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• Shozu/flickr authentication problems

  I have all my firmware up to date, but somehow with flicker I keep getting an authentication problem except if I do it myself, signing in manually, but the automatic uploading of a pic never worked yet. I used to have it working on an N80.

  10-Aug-200702:44 PM
  vliscony wrote:
  I went and reinstalled Shozu, re-authorized flickr, and it continues with authentication failed when I try to send something there.
  I'll experiment some more and report back, in the meantime bright suggestions are welcome.
  Well, I don't see why this happens to be so difficult. I had a Nokia N80 and N80ie. Now, I posess the N95. Yet, I still can't get online service with flickr/vox. I am frustrated. I reflash my phone because of problems brewing with certain applications. Yet, the same problems always seems to fall perhaps not between the phones or Nokia, but perhaps among the collaboration of Nokia phones and the addition of flickr/vox/shozu. I believe this is so because my phone quickly states that no authenticity as oppose to proper validation. Please keep me in tune.

• ACS 5.1, ASA 8.2.2, AD, Device Access. Can't get it to work...

  Does anyone have any direction/pointers on how to configure ACS 5.1 to use AD to authenticate and authorize device admin access for Cisco ASA firewalls running 8.2.2? The only way I can seem to get it to work is to tell it to continue if authentication is failed (which means any user/password entered works). The events in the log are:
  24408 User authentication against Active Directory failed since user has entered the wrong password
  However, I know with 100% certainty that the username and password are good to go (it's the same username and password that works just fine with our old ACS 3.3 system). At this point I feel like I'm missing something really stupid, but for the life of me I can't find it (and the ACS 5.1 user guide leaves a LOT to be desired IMO). Any help is greatly appreciated. We are trying to pilot ACS 5.1 to see if we want to upgrade to it instead of ACS 4.2 but with it failing on what would seem to be such a basic use case, it's not looking promising... TIA.

  I had this same issue and found out that my RADIUS keys did not match.  I am migrating from ACS 4.2 to ACS version 5.4.  I corrected my key on the the 5.4 installation and now access works perfectly.  Hope that helps.

• Getting Yahoo to work with Mac Mail?

  I need to get my @btinternet.com email running through mail but can't seem to set it up properly. I've filled in the details according to the help pane on Yahoo mail:
  http://help.yahoo.com/l/uk/bt/mail/yahoomail/pop/pop-14.html
  On Mail, I go into my preferences pane / accounts - click on the + button. It then says 'mail cannot send your password securely...' so I have to set up manually. I then fill in the details from the above link, continue, select 'authentication - Password (from the drop down menu) / continue. Fill in the outgoing mail server (mail.btinternet.com) and tick the authentication box and fill in my user name & password below. I then click continue but every time I get to that step it then quits and says 'mail quit unexpectedly'
  Anybody got any ideas?

  Ok - I've figured out part of the problem - I was still signed into my account in Safari. BUT, i now have another problem. The account is set up but next to the account on the main Mail screen it has a little triangle with a exclamation mark inside. I clicked on it and it said 'There may be a problem with the mail server or network. Verify the settings for account “btinternet.com” or try again. The server returned the error: The connection to the server “mail.btinternet.com” on port 995 timed out.'
  I'm not sure if this is relevant, but my ISP is talk talk and I originally got the btinternet.com addy when I was a BT customer.
  Any ideas?
  Message was edited by: Jay Robinson2

• No Connect / Answers for gv (Network Administrator)

  To refresh your memory, my 2 PC's are wirelessly perfect now, but my laptop is not networking beyond "seeing" the Router via the "Dell Wireless WLAN Card Utility", and even that continuously shows "Authenticating", and disconnects & reconnects every minute or so.
  Answers to your specific questions below (your paragraph pasted @ bottom in entirety).
  Do the security settings on my router & laptop match?
   WRT54G Router Configuration, Wireless Tab, Basic Wireless Settings Subtab:
  * Wireless Network Mode: G-Only
  * Wireless Network Name (SSID): linksys_SES_46146
  * Wireless Channel: 9
  * Wireless SSID Broadcast: Enable
  * Status: SES Security Parameters Configured
    WRT54G Router Configuration, Wireless Tab, Basic Wireless Security Subtab:
  * Security Mode: WPA Personal
  * WPA Algorithms: TKIP   
  * WPA Shared  Key: **************** (my actual key is the same on all)
  * Group Key Renewal: 3600 seconds
   DELL B130 Laptop utilizing the 1470 Dual Band WLAN Mini-PCI Card:
  * Wireless Network setup & managed by: "DELL Wireless WLAN Card Utility".
  * Connection Status: Authenticating (Always - never "Connects or locks on" & breaks regularly).
  * Encription Type: TKIP; Key Absent (I think that means hidden).
  * Network Connection Type: Infrastructure.
  * Speed: 54.0 Mbps
  * Channel: 9
  * AP Mac Address: 00:18:38:FD:21:AF
  * Gateway IP Address: Not available
  * Client Mac Address: 00:14:A5:CC:77:28
  * Client IP Address: 0.0.0.0
  Note: The software reports a strong signal from the WRT54G & even sees a few other weak encrypted signals, but nothing shows in Windows Explorer or My Network Places. It's own diagnostics report the laptop's wireless card is working fine. I have been wanting to take this laptop to a hot spot cafe to test the unprotected wireless connectivity & if that works possibly implicating my security settings on the router.
  Any advice or tips would be much appreciated as I would love to add this laptop to the already successfully networked pair of desktops (the remote desktop PC utilizes the Linksys "Wireless-G" Card & software.
  Thx,
  Wayne K.
  Your (gv) original text:
  Regarding the wireless connection problem: You should check whether the wireless security settings on the router and on the laptop match. There are different ways for encryption etc. and if the settings don't match you cannot connect properly.
  For this: go to http://192.168.1.1/ and enter the router password (not the wireless network key) which you have chosen during setup. The default password is "admin". You don't have to enter a username. It brings you to the router configuration pages. Go to the wireless tab. There are subtabs for basic wireless setup and wireless security. Please post current settings.
  For the settings on the laptop there are several options how it uses its wireless card: many laptops come with special software for the wireless card which is used to set it up and connect to wireless networks. You have to find out how your software works and where you'll find the settings if this is the case.
  Some laptops simply use the windows built-in functions called Windows Zero Configuration. To check that, you right-click onto the wireless network icon in the tray and select Properties (or Status and then press the Properties button in the status window). Change to the wireless networks tab. The top checkbox should be active, i.e. Windows is configuring your wireless connections. In the bottom half you'll see the list of preferred networks. Select the network with your network name (the SSID from the router configuration above) and press Properties. Post which settings you have currently for your network on the tabs in the window showing up.
  Message Edited by wayneproperties on 12-06-200606:50 PM

  BTW, please stay in the thread next time. It makes things easier to follow.
  O.K. I see a possible issues here:
  - The Dell status does not show which network name you are connecting to. That should be "linksys_SES_46146".
  - I think "Key Absent" rather means there is no key entered.
  - The AP MAC address is strange. The 00:18:38 is not Linksys but a company called PanAccess in china. That does not mean it is not correct but you should verify it: the MAC address of your router should be printed on the label underneath the printer. This should match.

• Seagate Crystal Reports ActiveX Designer error '80043ac4'

  Website slows down when users are running reports. Users start getting errors when running any crystal report. After sometime main page itself stops loading and only static html is visible. Following is one of the errors users see:
  Seagate Crystal Reports ActiveX Designer error '80043ac4'
  Invalid directory.
  /opera_mort2/report/AlwaysRequiredSteps.asp, line 54
  Other errors seen on reporting site at that time are
  Active Server pages error 'ASP 0115'
  Unexpected error
  /opera_mort2/report/rpt_level.asp
  A trappable error (C00000005) occurred in an external object. The script cannot continue running.
  authentication and network errors.
  Rebooting the Web Server temporarily fixes the issue however the error recurs again after a day or two. We are seeing this problem in both our PROD and DR server. There was no change done to either of these boxes recently.
  Also at this pint IIS was crashing. Microsoft Support analyzed the crash dumps created from IIS and came up with the following:
  "All the memory dumps captured showed the same DLL that was accessing corrupted memory. This same DLL would also be the one that had originally written to those addresses. The DLL was craxdrt.dll from Crystal Reports 8.0 ActiveX Designer, which was version 8.0.1.0 from 1/28/2000. This DLL should be updated to see if this issue has already been fixed. Other options are to recycle IIS more frequently and move to a new version of Crystal Reports."
  Here is a detailed analysis from Microsoft Support:
  The issue appears to be heap corruption. Normally these are difficult to troubleshoot, however, in this case every memory dump that I looked at had the same component involved.
  start end module name
  42b30000 4307f000 craxdrt (export symbols) craxdrt.dll
  Loaded symbol image file: craxdrt.dll
  Image path: C:\Program Files\Seagate Software\Report Designer Component\craxdrt.dll
  Image name: craxdrt.dll
  Timestamp: Fri Jan 28 15:16:46 2000 (3892235E)
  CheckSum: 0055446A
  ImageSize: 0054F000
  File version: 8.0.0.371
  Product version: 8.0.1.0
  File flags: 22 (Mask 3F) Pre-release Special
  File OS: 40004 NT Win32
  File type: 2.0 Dll
  File date: 00000000.00000000
  Translations: 1009.04b0
  CompanyName: Seagate Software, Inc.
  ProductName: Crystal Reports 8.0 ActiveX Designer.
  InternalName: CRAXDRT
  OriginalFilename: CRAXDRT.DLL
  ProductVersion: 8.0.1.0
  FileVersion: 8.0.0.371
  PrivateBuild: 8.0.0.371
  SpecialBuild: 8.0.0.371
  FileDescription: Crystal Reports ActiveX Designer Runtime Support
  LegalCopyright: Copyright (c) 1991-1999 Seagate Software, Inc. All rights reserved.
  LegalTrademarks: Copyright (c) 1991-1999 Seagate Software, Inc. All rights reserved.
  Comments: Crystal Reports for Visual Basic
  This component is from the year 2000 and needs to be updated. I searched our old cases and found several where old version of this component caused the same heap corruption.
  Please help as this is a production issue. Please let me know if you need any more information.
  thanks and regards
  sudatta soman

  Something must have changed. Were any patches or auto updates done to the OS?
  CR 8.0 has been out of the support cycle for some time now.
  As Microsoft suggested please log in and download the patches for CR 8.0 from:
  https://www.sdn.sap.com/irj/sdn/businessobjects-support
  If that does not resolve the issue the only option will be to schedule sn IIS restart each night.

• Email password not getting recognized in email accounts

  I am having major issues with my email.  I was using Outlook:2011 v14.4.3 for the mac, but was having so many problems with it that I abandoned it.  Outlook:2011 was not recognizing my password and I was continuously getting Authentication Failed messages, and needing to in put my password.  It would take my password sometimes, and sometimes not.  Now It won’t recognize it ever.
  So I went to Apple's Mail for a while and then to Thunderbird because I like the features that it has.
  Now Apple’s Mail and Thunderbird are both give me error messages and won’t recognize my information.
  I know the information is correct, because I can go into my browser and go to Outlook.com (not to be confused with Outlook:2011.  I have an @outlook.com email address.)  and send and receive mail there.
  I have recently upgraded to Mavericks 10.9.4
  I have no idea what is happening, but I am pulling my hair out. Can anyone help??

  Try going to Applications/Utilities/Keychain Access and see if the password is there. If so, delete it. While there, run Keychain First Aid.
  Keychain Reset
  Keychain Issues - Resolve  see post by Kappy

• ISE Profiling Deployment

  We are starting a ISE deployment to segregate mobile devices (Iphones and IPads, initially) from corporate notebooks. We have a single SSID and two separate vlans, one for mobile devices and another for corporate notebooks, assigned by ISE. We successfully setup profiling in lab environment, with a few devices, but when we put in production  we had problems with devices not being profiled correctly. Since devices are not profiled their access are denied. Since devices are denied the cannot be profiled because ISE doesn´t see any traffic (DHCP, HTTP) from clients.
  What strategy are you using to deploy ISE profiling? Must I put ISE to listen our network for some time before segregating access?

  Hi
  I've had the same problem with first time users being denied, that's due to ise not being able to profile before it denies.
  I think they should come up with something that will profile devices then continue the authentication process.
  Someone mentioned doing a re-auth for couple of seconds. (see attached pic how the authorization rule looks like), that could save you from people being denied for the first time, but if your device is never being profiled then it will just spin there all the time re-authenticating.
  What you could do is also setup an unrouted VLAN and all the unknown devices stay there until profiled.
  I've talked to cisco and they recommened the same thing so I guess that's it for now
  What we have done before deploying ISE and it worked pretty good is I have forwarded all DHCP traffic to ISE before deploying ISE at that particular site, so DHCP forwarding ran for few days and I've already had their devices in my database and when I deployed it, it worked pretty neat
  By forwarding all dhcp requests I mean:
  We have Active Directory and DHCP servers centrally located, so in the router config I've added helper address to ISE ip address and that's it
  Now WLC 7.3 has DHCP PROFILING and HTTP PROFILING options.
  Http profiling sends first https packets to ISE and capturing USER-Agent string, that helps if you browse with safari, but if you use any other application that uses http traffic it will end up totally wrong.
  example you connect with your iphone to wifi and open up VIBER, ISE will capture viber_blabla_smth as user agent and will not profile accurately.
  Hope it helps

• NPS Not Respecting to Ignore User Dial-in Properties

  Two domains, one works fine against it's NPS and the other does not; both look to have settings the same. 
  The one with issues is continually failing authentication with: "The Network Access Permission setting in the dial-in properties of the user account in Active Directory is set to Deny access to the user."
  Every AD user we checked has the box checked to rely on NPS policy (none are set to deny) and the single policy we have set is set to allow and to ignore user-specific dial-in properties. 
  Policy conditions are NAS Port Type: Wireless/Wireless Other, Windows Groups (domain users) and Authentication Type EAP. Machine certificate is set correctly with PEAP and nothing else is different than defaults.
  Any ideas on what's going on here?
  This topic first appeared in the Spiceworks Community

  Hi,
  According to this article:
  If the value of Network Access Permission is Control access through NPS Network Policy, NPS makes authorization decisions based solely on network policy settings.
  Managing Network Policies
  http://technet.microsoft.com/en-us/library/cc732724(v=ws.10).aspx
  Configure NPS to Ignore User Account Dial-in Properties
  http://technet.microsoft.com/en-us/library/cc732252(v=ws.10).aspx
  So I guess NPS is not configured properly or not working properly.
  Please check the checklist about deploying wireless authentication.
  Deploying 802.1X Authenticated Wireless Access
  http://technet.microsoft.com/en-us/library/dd282998(v=ws.10).aspx
  In addition, you can also have a look at event log. This may give us some clue.
  Hope this helps.

• AsyncOS 6.0.0 is GA

  Hi,
  Yesterday (07/15) we released AsyncOS 6.0.0 for Web to all customers. This release introduces a lot of new features and also contains fixes and enhancements. Here is a short overview. Please have a look at the release notes for a more comprehensive list or contact Cisco IronPort Customer Support if you have questions in regards to anything specific that is not listed there.
  * New Feature: IronPort Data Security
  * New Feature: External Data Loss Prevention
  * New Feature: Native FTP
  * New Feature: Multiple Identities in a Policy Group
  * New Feature: Warning Users Before Continuing
  * Enhanced: Authentication (Includes Active Directory 2008 Support)
  * Enhanced: Logging
  * Enhanced: Accelerated AsyncOS Upgrades
  Partial list of defects fixed in 6.0.0-544
  *Fixed: AsyncOS does not fetch new HTTPS server certificate when the cached certificate has expired [Defect ID: 47454]
  * Fixed: End-user notification pages do not display correctly because they do not contain UTF-8 encoding information [Defect ID: 32009]
  * Fixed: HTTPS connections break when client certificates are required when the Web Security appliance is deployed in transparent mode [Defect ID: 44706]
  * Fixed: testauthconfig CLI command fails for NTLM authentication realms in some cases [Defect ID: 47431]
  I'd encourage you to have a look at the release notes and to upgrade to 6.0.0 at your convenience.
  5.7.1/6.7.0 is just about to be GA'ed as well so if you plan to centrally manage your S-Series appliances via a M-Series, please keep in mind that there is no upgrade path between those two branches. If you want to use 5.7.1/6.7.0, do not upgrade to 6.0.0...
  Please have a look at this KB article for more details:
  http://tinyurl.com/mpd4wc
  Let us know how you like it!
  Best,
  Jakob

  Hi,
  Windows Server 2008 R2 will not be supported in 6.0.0. Here is a section from the release notes:
  NTLM proxy authentication against Windows 2008 Server R2 does not work. At the time AsyncOS for Web 6.0 became generally available, Windows 2008 Server R2 was not generally available. NTLM proxy authentication does work and is supported against generally available versions of Windows 2008 Server before version R2. [Defect ID: 52047]
  We plan to add support for R2 in an upcoming 6.0 maintenance release post 6.0.1 and it is also supported in the upcoming 6.3 release which will be available for early adopters shortly.
  Best Regards,
  Jakob

• Mail and Microsoft exchange server problems

  My company is moving to Microsoft exchange servers now, and for some reason, Mail cannot work.
  There are several settings that are possible to set in Thunderbird, but that are not even options in Mail. These are settings such as "TLS".
  Is there any way to make the same settings in mail that are possible in Thunderbird?

  Hi Budgie
  I can confirm that provided your administrator configures the Exchange server for IMAP (Mail uses IMAP to connect) that yes, Mail can be used effectively with Exchange and messages will remain on the server; though the set up can be misleading.
  For me at least, when you get to Outgoing Server Settings, the set-up panel does not allow you to enter an authentication type, and entering my user name and password will get the following response:
  The SMTP server “xxxxx.xxxxxxxxxxxxxxxxxxx.com:username” is not responding. Check your network connection and that you entered the correct information in the “Outgoing Mail Server” field. If it still doesn’t respond, the server might be temporarily unavailable.
  If you continue, you may not be able to send any mail.
  When I click continue, the authentication panel comes up, and by changing authentication to NTLM and entering the Domain name - everything works perfectly!
  The only other nuisance is that Mail looks at the Exchange Calendar and Personal Folders/Contacts folders as mail folders, but cannot display the contents in the way Outlook or Entourage does, and I have not found a way of eliminating them from the folder list.
  I hope this helps.

• EndPoint Whitelist

  In ISE v1.1.1, is it possible to create a whitelist of endpoints just for a specific WLAN SSID - i.e. a whitelist that can be associated wih only one SSID?
  Many thanks.
  Sankung

  WIRELESS:
  Simply means brining a new device onto the network for the first time. On-boarding can be designed many ways however for this post we will use two SSIDs called Provisioning_Wireless for new devices and Employee_Wireless for existing approved devices.  An accesslist limiting access to ISE, DHCP and DNS will be enabled to prevent devices from staying on the provisioning SSID. 
  Go to WLANs > Create New > Go and fill out the profile details. Use NONE for the layer 2 settings so it’s OPEN. For AAA, set the Radius server for ISE. Under advanced, enabled Allow AAA Override and change the NAC state to Radius NAC. Go to Controller > General > Fast SSID change and enabled Fast SSID to help speed up the SSID changing.
  i- Join the ISE to an AD system. ii- Define the certificate authentication profile
  iii- Define an Identity Source Sequence iv- Configure ISE to act as a Simple Certificate Enrollment proxy server
  For this scenario, Configure ISE authentication to use MAB for on-boarding new devices. 
  In many cases, ISE will not know the MAC addresses in advance so it must be configured to continue the authentication process via redirection regardless.
  This is done in ISE:
  Policy > Authentication, choose your MAB wireless policy, click the carrot after allow protocols to show the user options and click the + sign for use.
  Select IF USERS NOT FOUND, CONTINUE. As a reminder, ISE Authentication policies are verified top down so make sure your MAB policy used for BYOD is at the top and open for all identity stores. You should lock down the 802.1x wireless to only wireless certificates.
  Note: Client provisioning is based on how ISE classifies the client machine. There are customized packages in ISE available that include a software-provisioning wizard, which configures 802.1x settings and ability to obtain digital certificates on the endpoint.
  To download wizard packages in ISE
  Policy Elements > Results > Client Provisioning > Resources > Add. Common mobile devices such as iOS typically have these settings enabled natively so a wizard is not needed.
  To configure client provisioning in ISE:
  Policy Elements > Results > Client Provisioning > Resources > Add.
  Create a native suppliant profile by giving it a name, selecting the Wireless Checkbox, your on-boarding SSID, WPA2 for security, TLS for allow protocols and key size 2048.
  Policy > Client > Provisioning to build your provisioning resources. Create one for native devices and select the mobile profile you just created for the results (example RULE = IOS, Identiy Group = Any, Operating systems MAC IOS ALL and your new mobile profile for results).
  Create another that is similar however use Android for the operating systems. Create a third for generic MacOsX devices and use the downloaded wizard. You may also want to create a separate one for Wired and Wireless. The same goes for two more to cover wireless and wired Windows devices. Here is an example of my Client Polices
  The final steps are verifying profiling for wireless is working as well as your authorization profiles are setup for redirection, employee and guest access (see previous postings for these configs). These can vary depending on how you want to restrict devices that pass and fail your polices.
  For Complete Guide Please visit
  http://www.thesecurityblogger.com/?tag=ise-advance-license
  Video Link for Configuration of BYOD
  http://www.labminutes.com/sec0054_ise_1_1_byod_wireless_onboarding_dual_ssid_testing

• VPN Failure after 9/29/06

  I worked with UPenn VPN 9/27/06. No problem.
  9/29/06 Download security & iTune updates.
  9/30/06 Noted for first time that VPN to UPenn fails.
  My menuette continuously reads, "Authenticating."
  My logs & the logs at UPenn server read that I am cleared.
  Talked to UPenn: No clue.
  Talked to ISP: No clue.
  Talked to Apple Care: No clue.
  Suggestions?

  Welcome To  Discussions Davquist!
  You have posted your inquiry, in the Discussions Forum, that is intended for discourse about the use of Apple Discussions.
  You will get more focused attention to your issue, if you select a more appropriate location from this page Discussions Forum Home.
  For example,
  From the Forum Home Page, select the Category iTunes.
  From that Category page, choose Using iTunes for Mac.
  Then select an appropriate Forum, such as Using iTunes for Mac.
  On Forum pages, there is an option to Post New Topic.
  Good Luck!
  ali b

• How do I permanently remove "Authentication Required" window that continues to pop up?

  I am running Firefox 15.0.1 on Mac OS 10.6.8. A window continues to pop up that reads, "Authentication Required" and "Enter username and password for ftp://ftp.radiogarage.com". This happens every time Firefox is opened and continues to pop up approximately every 30-60 seconds until I close Firefox. How do I permanently remove/delete/get rid of this pop up window? I have clicked on Help > Troubleshooting Information > Reset Firefox but that has not solved the issue. Thank you in advance for your assistance.

  It is possible that there is a problem with the files sessionstore.js and sessionstore.bak in the Firefox Profile Folder.
  Delete the sessionstore.js file and possible sessionstore-##.js files with a number and sessionstore.bak in the Firefox Profile Folder.
  *Help > Troubleshooting Information > Profile Directory: Open Containing Folder
  *http://kb.mozillazine.org/Profile_folder_-_Firefox
  Deleting sessionstore.js will cause App Tabs and Tab Groups and open and closed (undo) tabs to get lost, so you will have to create them again (make a note or bookmark them).
  *http://kb.mozillazine.org/Multiple_profile_files_created