Does ImageRunner Advance C5051 Support TLS Encryption?
Does ImageRunner Advance C5051 Support TLS Encryption? I need to scan to email using the C5051 in conjunction with Office 365. I know what settings go where, but I can't seem to find Any documentation that says "Supports TLS" , and I have gone through the actual manual, among other things. Thanks.
Hi, EbolaSandwich! Thanks for posting!
While our forum community members are welcome to chime in, Canon does not provide direct support for imageRUNNER series products. Instead, your dealer will be able to help you! If you don't have a dealer, please call us at 1-800-OK-CANON (1-800-652-2666) and we will be happy to provide you with the names of dealers in your area!
We hope this helps!
Similar Messages
-
Does the advanced queue support setting the pay load type as array/table?
Does the advanced queue support setting the pay load type as array/table?
if yes, how to write the enqueue script, I tried to write the following the script to enqueue, but failed, pls help to review it . Thanks...
------Create payload type
create or replace TYPE "SIMPLEARRAY" AS VARRAY(99) OF VARCHAR(20);
------Create queue table
BEGIN DBMS_AQADM.CREATE_QUEUE_TABLE(
Queue_table => 'LUWEIQIN.SIMPLEQUEUE',
Queue_payload_type => 'LUWEIQIN.SIMPLEARRAY',
storage_clause => 'PCTFREE 10 PCTUSED 40 INITRANS 1 MAXTRANS 255 TABLESPACE USERS',
Sort_list => 'ENQ_TIME',
Compatible => '8.1.3');
END;
------Create queue
BEGIN DBMS_AQADM.CREATE_QUEUE(
Queue_name => 'LUWEIQIN.SIMPLEQUEUE',
Queue_table => 'LUWEIQIN.SIMPLEQUEUE',
Queue_type => 0,
Max_retries => 5,
Retry_delay => 0,
dependency_tracking => FALSE);
END;
-------Start queue
BEGIN
dbms_aqadm.start_queue(queue_name => 'LUWEIQIN.SIMPLEQUEUE', dequeue => TRUE, enqueue => TRUE);
END;
-------Enqueue
DECLARE
v_enqueueoptions dbms_aq.enqueue_options_t;
v_messageproperties dbms_aq.message_properties_t;
p_queue_name VARCHAR2(40);
Priority INTEGER;
Delay INTEGER;
Expiration INTEGER;
Correlation VARCHAR2(100);
Recipientlist dbms_aq.aq$_recipient_list_t;
Exceptionqueue VARCHAR2(100);
p_queue_name VARCHAR2(40);
p_msg VARCHAR2(40);
p_payload LUWEIQIN.SIMPLEARRAY;
BEGIN
p_payload(1) := 'aa';
p_payload(2) := 'bb';
SYS.DBMS_AQ.ENQUEUE(queue_name => 'LUWEIQIN.SIMPLEQUEUE',enqueue_options => v_enqueueoptions, message_properties => v_messageproperties, msgid => p_msg, payload => p_payload);
END;
------Get error
Error starting at line 1 in command:
DECLARE
v_enqueueoptions dbms_aq.enqueue_options_t;
v_messageproperties dbms_aq.message_properties_t;
p_queue_name VARCHAR2(40);
Priority INTEGER;
Delay INTEGER;
Expiration INTEGER;
Correlation VARCHAR2(100);
Recipientlist dbms_aq.aq$_recipient_list_t;
Exceptionqueue VARCHAR2(100);
p_queue_name VARCHAR2(40);
p_msg VARCHAR2(40);
p_payload LUWEIQIN.SIMPLEARRAY;
BEGIN
p_payload(1) := 'aa';
p_payload(2) := 'bb';
SYS.DBMS_AQ.ENQUEUE(queue_name => 'LUWEIQIN.SIMPLEQUEUE',enqueue_options => v_enqueueoptions, message_properties => v_messageproperties, msgid => p_msg, payload => p_payload);
END;
Error report:
ORA-06550: line 17, column 3:
PLS-00306: wrong number or types of arguments in call to 'ENQUEUE'
ORA-06550: line 17, column 3:
PL/SQL: Statement ignored
06550. 00000 - "line %s, column %s:\n%s"
*Cause: Usually a PL/SQL compilation error.
*Action:but when I use the following script to enqueue get error. Pls help to review. Thanks...
DECLARE
v_enqueueoptions dbms_aq.enqueue_options_t;
v_messageproperties dbms_aq.message_properties_t;
p_queue_name VARCHAR2(40);
Priority INTEGER;
Delay INTEGER;
Expiration INTEGER;
Correlation VARCHAR2(100);
Recipientlist dbms_aq.aq$_recipient_list_t;
Exceptionqueue VARCHAR2(100);
p_queue_name VARCHAR2(40);
p_msg VARCHAR2(40);
p_payload LUWEIQIN.SIMPLEARRAY;
BEGIN
p_payload(1) := 'aa';
p_payload(2) := 'bb';
SYS.DBMS_AQ.ENQUEUE(queue_name => 'LUWEIQIN.SIMPLEQUEUE',enqueue_options => v_enqueueoptions, message_properties => v_messageproperties, msgid => p_msg, payload => p_payload);
END;
------Get error
Error starting at line 1 in command:
DECLARE
v_enqueueoptions dbms_aq.enqueue_options_t;
v_messageproperties dbms_aq.message_properties_t;
p_queue_name VARCHAR2(40);
Priority INTEGER;
Delay INTEGER;
Expiration INTEGER;
Correlation VARCHAR2(100);
Recipientlist dbms_aq.aq$_recipient_list_t;
Exceptionqueue VARCHAR2(100);
p_queue_name VARCHAR2(40);
p_msg VARCHAR2(40);
p_payload LUWEIQIN.SIMPLEARRAY;
BEGIN
p_payload(1) := 'aa';
p_payload(2) := 'bb';
SYS.DBMS_AQ.ENQUEUE(queue_name => 'LUWEIQIN.SIMPLEQUEUE',enqueue_options => v_enqueueoptions, message_properties => v_messageproperties, msgid => p_msg, payload => p_payload);
END;
Error report:
ORA-06550: line 17, column 3:
PLS-00306: wrong number or types of arguments in call to 'ENQUEUE'
ORA-06550: line 17, column 3:
PL/SQL: Statement ignored
06550. 00000 - "line %s, column %s:\n%s"
*Cause: Usually a PL/SQL compilation error.
*Action: -
Does Oracle Advanced Queueing support JRockit?
Does anyone know if Oracle Advanced Queueing supports JRockit (1.5 or 1.6),
or better still, does anyone have experience using this?AQ is an in-database implementation of Java Messaging Service (JMS).
With that in mind could you please ask your question again including specifics as to what you are thinking. -
Does the iPhone 5s support LTE Advanced?
ihave iphone 5s but
Does the iPhone 5s support LTE Advanced?Galadari wrote:
Does the iPhone 5S support LTE Advanced
I assume you mean Voice over LTE (VoLTE)? If so, I do not believe it does. It certainly doesn't with my carrier (Verizon). -
Does Westell 7500 support WPA2 encryption?
I am using a Verizon-supplied Westell 7500 modem/router. Works fine in wired mode. I have been attempting to enable WPA2 encryption per Verizon Support online instructions http://www22.verizon.com/NROneRetail/NR/rdonlyres/BED1B513-E0CD-4FBE-8545-8EFDF1E34B67/0/ChangeV7500... and the 7500's user guide http://onlinehelp.verizon.net/consumer/bin/pdf/VersaLink7500UserGuide.pdf (p.61-62). Step #9 in the instructions directs me to "Select WPA2 Pre-Authentication". That checkbox is grayed out on my screen, however. I called Verizon Support and was told that the 7500 does not support WPA2 encryption. Huh?? Then what's the purpose of the online instructions and the section in the user guide? Furthermore, they sent me the 7500 after I requested a router that supports WPA2. (My old Westell 327W did not support it.) I thought that it might be possible that my 7500 isn't running the latest firmware http://westell.com/support/versalink/a90-750015-07, but I'm running v. 5.01.00.02, which appears to be the most recent update. Can anyone tell me why that Pre-Authentication checkbox is grayed out? If I want WPA2 encryption, is my alternative to buy another router?
Solved!
Go to Solution.Pre-Authentication is used for WPA2-Enterprise. Using WPA2 AES with Pre-Shared Key will work fine and is what you are trying to accomplish. So yes, Westell 7500 will do WPA2.
========
The first to bring me 1Gbps Fiber for $30/m wins! -
Does iPlanet LDAP SDK for C, version 5.8 support TLS?
thanx!
"The Netscape LDAP SDK for C only supports SSL 3.0 and does not support the
Start Transport Layer Security (TLS) Operation."
-- from Netscape LDAP SDK for C 4.1
so, i want to know whether iPlanet LDAP SDK for C 5.08 support TLS? -
Does OpenLDAP Authenticator support TLS ?
Could not find any information to setup authentication over TLS through OpenLDAP authenticator in Weblogic 9.
Does it support such kind of connection? There is only one checkbox regarding to secure - it is "SSL Enable". Should it be checked for TLS aims?thank you for the reply... I know that you need to use an SSL module to terminate SSL connections. We currently have many clients that terminate SSL but none that use it for TLS.
I just couldn't find documentation how the CSS SSL module handles TLS. The only reference to TLS is that it supports TLS version 1 and there is information on how to change the ssl version to TLS but nothing else.
IS there any other documentation on this or is it as simple as configuring the CSS as you would for SSL with ssl-proxy-lists and specifying ssl-server rsakeys, vips and cipher suites and letting the SSL module do everything? -
Does Timecapsule support WPS encryption?
Does Timecapsule support WPS encryption? I have a Canon MP620 printer/scanner that I want to connect to my wireless network. My Timecapsule is set up with WPA encryption.
WPS is not encryption. It an automated method to pass security settings between a wireless router and a client device. It is actually a big security hole.. I strongly recommend not using it.. but the TC does have WPS.
It is via the utility (which one.. 5.6 or 6.0 or 6.1 I do not know). Add wireless clients.
I have never used it.. on any router and in any computer.. due to the huge security hole this makes.. The idea is good.. poor people want security but are too stupid to follow a list of instructions, so make it easy.. just press a button and wham.. all security is done for you. But the moment you try that.. automatic security means there is another way for someone to hack your system.. you have provided a wonderful passkey 64 characters long with an 8 character pin code.. which is handled in two chunks which is dead easy to hack.
And if you track through the long post AFAIK it is not a security issue.
https://discussions.apple.com/thread/3617760?start=0&tstart=0
Ignore my first reply.. wish the edit lasted longer.. instead of leaving your underwear exposed for all to see.. !!
So end conclusion to all that.. you don't need WPS to setup your printer.. Use the setup disk, and manually type in the wpa2 personal passkey you have setup on the TC. (WPA is far less secure and messy as it is combined WPA + WPA2). -
KDC has no support for encryption type (14)
I have come across a posting on "KDC has no support for encryption type (14)" - " http://www.webservertalk.com/message1277232.html"
and believe that I am hitting the same problem. However, there is no solution. Can anybody help?
I have done all the necessary steps suggested, including changing the registry and removing the unwanted SPN, but the error still there. The only different is probably I combined WebLogic and AD in one machine. But, does that make any difference?
Client
====
Name: ssoclient.ssow2k.com
OS: Win XP SP2
Server
=====
Name: ssow2kserver.ssow2k.com
OS: Windows 2000 Advanced Server SP4
WLS: BEA WebLogic 8.1.4
<<Registry>>
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\Parameters
Value Name: allowtgtsessionkey
Value Type: REG_DWORD
Value: 0x01
The following is the WebLogic myserver log for your reference:
========================================================================================
####<Apr 6, 2006 2:55:20 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> <Default Authorization deployPolicy(): Resource: type=<url>, application=console, contextPath=/console, uri=/*>
####<Apr 6, 2006 2:55:20 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> <Default Authorization deployPolicy(): Role:>
####<Apr 6, 2006 2:55:20 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> < roleName: Admin>
####<Apr 6, 2006 2:55:20 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> < roleName: Operator>
####<Apr 6, 2006 2:55:20 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> < roleName: Deployer>
####<Apr 6, 2006 2:55:20 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> < roleName: Monitor>
####<Apr 6, 2006 2:55:20 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> <Default Authorization deployPolicy(): Built role expression of {Rol(Admin,Operator,Deployer,Monitor)}>
####<Apr 6, 2006 2:55:20 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> <Default Authorization deployPolicy(): policy {Rol(Admin,Operator,Deployer,Monitor)} successfully deployed for resource type=<url>, application=console, contextPath=/console, uri=/*>
####<Apr 6, 2006 2:55:22 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> <Default Authorization deployPolicy(): Resource: type=<url>, application=mySampleWebApp, contextPath=/mysamplewebapp, uri=/*, httpMethod=GET>
####<Apr 6, 2006 2:55:22 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> <Default Authorization deployPolicy(): Role:>
####<Apr 6, 2006 2:55:22 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> < roleName: DCMS_ROLE>
####<Apr 6, 2006 2:55:22 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> <Default Authorization deployPolicy(): Built role expression of {Rol(DCMS_ROLE)}>
####<Apr 6, 2006 2:55:22 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> <Default Authorization deployPolicy(): policy {Rol(DCMS_ROLE)} successfully deployed for resource type=<url>, application=mySampleWebApp, contextPath=/mysamplewebapp, uri=/*, httpMethod=GET>
####<Apr 6, 2006 2:55:22 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> <Default Authorization deployPolicy(): Resource: type=<url>, application=mySampleWebApp, contextPath=/mysamplewebapp, uri=/*, httpMethod=POST>
####<Apr 6, 2006 2:55:22 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> <Default Authorization deployPolicy(): Role:>
####<Apr 6, 2006 2:55:22 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> < roleName: DCMS_ROLE>
####<Apr 6, 2006 2:55:22 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> <Default Authorization deployPolicy(): Built role expression of {Rol(DCMS_ROLE)}>
####<Apr 6, 2006 2:55:22 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <main> <<WLS Kernel>> <> <000000> <Default Authorization deployPolicy(): policy {Rol(DCMS_ROLE)} successfully deployed for resource type=<url>, application=mySampleWebApp, contextPath=/mysamplewebapp, uri=/*, httpMethod=POST>
####<Apr 6, 2006 3:02:07 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <ExecuteThread: '14' for queue: 'weblogic.kernel.Default'> <<WLS Kernel>> <> <000000> < PrincipalAuthenticator.assertIdentity - Token Type: Authorization>
####<Apr 6, 2006 3:02:07 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <ExecuteThread: '14' for queue: ' weblogic.kernel.Default'> <<WLS Kernel>> <> <000000> <Found Negotiate with SPNEGO token>
####<Apr 6, 2006 3:02:08 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <ExecuteThread: '14' for queue: ' weblogic.kernel.Default'> <<WLS Kernel>> <> <000000> <GSS exception GSSException: Failure unspecified at GSS-API level (Mechanism level: KDC has no support for encryption type (14))
GSSException: Failure unspecified at GSS-API level (Mechanism level: KDC has no support for encryption type (14))
at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:734)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:300)
at sun.security.jgss.GSSContextImpl.acceptSecContext (GSSContextImpl.java:246)
at weblogic.security.providers.utils.SPNEGONegotiateToken.getUsername(SPNEGONegotiateToken.java:371)
at weblogic.security.providers.authentication.SinglePassNegotiateIdentityAsserterProviderImpl.assertIdentity (SinglePassNegotiateIdentityAsserterProviderImpl.java:201)
at weblogic.security.service.PrincipalAuthenticator.assertIdentity(PrincipalAuthenticator.java:553)
at weblogic.servlet.security.internal.CertSecurityModule.checkUserPerm (CertSecurityModule.java:104)
at weblogic.servlet.security.internal.SecurityModule.beginCheck(SecurityModule.java:199)
at weblogic.servlet.security.internal.CertSecurityModule.checkA(CertSecurityModule.java:86)
at weblogic.servlet.security.internal.ServletSecurityManager.checkAccess(ServletSecurityManager.java:145)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3685)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2644)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
>
####<Apr 6, 2006 3:02:08 PM GMT+08:00> <Debug> <SecurityDebug> <ssow2kserver> <myserver> <ExecuteThread: '14' for queue: 'weblogic.kernel.Default'> <<WLS Kernel>> <> <000000> <Exception weblogic.security.providers.utils.NegotiateTokenException: GSSException: Failure unspecified at GSS-API level (Mechanism level: KDC has no support for encryption type (14))
weblogic.security.providers.utils.NegotiateTokenException : GSSException: Failure unspecified at GSS-API level (Mechanism level: KDC has no support for encryption type (14))
at weblogic.security.providers.utils.SPNEGONegotiateToken.getUsername(SPNEGONegotiateToken.java:419)
at weblogic.security.providers.authentication.SinglePassNegotiateIdentityAsserterProviderImpl.assertIdentity(SinglePassNegotiateIdentityAsserterProviderImpl.java:201)
at weblogic.security.service.PrincipalAuthenticator.assertIdentity (PrincipalAuthenticator.java:553)
at weblogic.servlet.security.internal.CertSecurityModule.checkUserPerm(CertSecurityModule.java:104)
at weblogic.servlet.security.internal.SecurityModule.beginCheck(SecurityModule.java :199)
at weblogic.servlet.security.internal.CertSecurityModule.checkA(CertSecurityModule.java:86)
at weblogic.servlet.security.internal.ServletSecurityManager.checkAccess(ServletSecurityManager.java:145)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3685)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2644)
at weblogic.kernel.ExecuteThread.execute (ExecuteThread.java:219)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
>
========================================================================================
The following are some krb5 packets captured. I suspected it is due to the encryption type used - RC4-HMAC:
========================================================================================
KRB5 (AS-REQ)
============
No. Time Source Destination Protocol Info
125 10.301166 10.122.1.2 10.122.1.200 KRB5 AS-REQ
Frame 125 (345 bytes on wire, 345 bytes captured)
Arrival Time: Apr 6, 2006 13:49:54.848903000
Time delta from previous packet: 0.008330000 seconds
Time since reference or first frame: 10.301166000 seconds
Frame Number: 125
Packet Length: 345 bytes
Capture Length: 345 bytes
Protocols in frame: eth:ip:udp:kerberos
Ethernet II, Src: 10.122.1.2 (00:0c:29:17:9a:be), Dst: Vmware_59:2c:e6 (00:0c:29:59:2c:e6)
Destination: Vmware_59:2c:e6 (00:0c:29:59:2c:e6)
Source: 10.122.1.2 (00:0c:29:17:9a:be)
Type: IP (0x0800)
Internet Protocol, Src: 10.122.1.2 (10.122.1.2), Dst: 10.122.1.200 (10.122.1.200)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 331
Identification: 0x0158 (344)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: UDP (0x11)
Header checksum: 0x208d [correct]
Source: 10.122.1.2 (10.122.1.2 )
Destination: 10.122.1.200 (10.122.1.200)
User Datagram Protocol, Src Port: 1075 (1075), Dst Port: kerberos (88)
Source port: 1075 (1075)
Destination port: kerberos (88)
Length: 311
Checksum: 0x1133 [correct]
Kerberos AS-REQ
Pvno: 5
MSG Type: AS-REQ (10)
padata: PA-ENC-TIMESTAMP PA-PAC-REQUEST
Type: PA-ENC-TIMESTAMP (2)
Type: PA-PAC-REQUEST (128)
KDC_REQ_BODY
Padding: 0
KDCOptions: 40810010 (Forwardable, Renewable, Canonicalize, Renewable OK)
Client Name (Principal): ssouser
Realm: SSOW2K.COM
Server Name (Service and Instance): krbtgt/SSOW2K.COM
till: 2037-09-13 02:48:05 (Z)
rtime: 2037-09-13 02:48:05 (Z)
Nonce: 1870983219
Encryption Types: rc4-hmac rc4-hmac-old rc4-md4 des-cbc-md5 des-cbc-crc rc4-hmac-exp rc4-hmac-old-exp
Encryption type: rc4-hmac (23)
Encryption type: rc4-hmac-old (-133)
Encryption type: rc4-md4 (-128)
Encryption type: des-cbc-md5 (3)
Encryption type: des-cbc-crc (1)
Encryption type: rc4-hmac-exp (24)
Encryption type: rc4-hmac-old-exp (-135)
HostAddresses: SSOCLIENT<20>
KRB5 (AS-REP)
============
No. Time Source Destination Protocol Info
126 10.303156 10.122.1.200 10.122.1.2 KRB5 AS-REP
Frame 126 (1324 bytes on wire, 1324 bytes captured)
Arrival Time: Apr 6, 2006 13:49:54.850893000
Time delta from previous packet: 0.001990000 seconds
Time since reference or first frame: 10.303156000 seconds
Frame Number: 126
Packet Length: 1324 bytes
Capture Length: 1324 bytes
Protocols in frame: eth:ip:udp:kerberos
Ethernet II, Src: Vmware_59:2c:e6 (00:0c:29:59:2c:e6), Dst: 10.122.1.2 (00:0c:29:17:9a:be)
Destination: 10.122.1.2 (00:0c:29:17:9a:be)
Source: Vmware_59:2c:e6 (00:0c:29:59:2c:e6)
Type: IP (0x0800)
Internet Protocol, Src: 10.122.1.200 (10.122.1.200), Dst: 10.122.1.2 (10.122.1.2)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 1310
Identification: 0x0a0f (2575)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: UDP (0x11)
Header checksum: 0x1403 [correct]
Source: 10.122.1.200 (10.122.1.200)
Destination: 10.122.1.2 (10.122.1.2)
User Datagram Protocol, Src Port: kerberos (88), Dst Port: 1075 (1075)
Source port: kerberos (88)
Destination port: 1075 (1075)
Length: 1290
Checksum: 0xb637 [correct]
Kerberos AS-REP
Pvno: 5
MSG Type: AS-REP (11)
Client Realm: SSOW2K.COM
Client Name (Principal): ssouser
Ticket
enc-part rc4-hmac
Encryption type: rc4-hmac (23)
Kvno: 1
enc-part: E3610239EACDD0E6D4E89AA7D81A355F6C93B95D95B13B56...
KRB5 (TGS-REQ)
============
No. Time Source Destination Protocol Info
127 10.309350 10.122.1.2 10.122.1.200 KRB5 TGS-REQ
Frame 127 (1307 bytes on wire, 1307 bytes captured)
Arrival Time: Apr 6, 2006 13:49:54.857087000
Time delta from previous packet: 0.006194000 seconds
Time since reference or first frame: 10.309350000 seconds
Frame Number: 127
Packet Length: 1307 bytes
Capture Length: 1307 bytes
Protocols in frame: eth:ip:udp:kerberos
Ethernet II, Src: 10.122.1.2 (00:0c:29:17:9a:be), Dst: Vmware_59:2c:e6 (00:0c:29:59:2c:e6)
Destination: Vmware_59:2c:e6 (00:0c:29:59:2c:e6)
Source: 10.122.1.2 (00:0c:29:17:9a:be)
Type: IP (0x0800)
Internet Protocol, Src: 10.122.1.2 (10.122.1.2), Dst: 10.122.1.200 (10.122.1.200)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 1293
Identification: 0x0159 (345)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: UDP (0x11)
Header checksum: 0x1cca [correct]
Source: 10.122.1.2 (10.122.1.2)
Destination: 10.122.1.200 ( 10.122.1.200)
User Datagram Protocol, Src Port: 1076 (1076), Dst Port: kerberos (88)
Source port: 1076 (1076)
Destination port: kerberos (88)
Length: 1273
Checksum: 0xd085 [correct]
Kerberos TGS-REQ
Pvno: 5
MSG Type: TGS-REQ (12)
padata: PA-TGS-REQ
Type: PA-TGS-REQ (1)
KDC_REQ_BODY
Padding: 0
KDCOptions: 40800000 (Forwardable, Renewable)
Realm: SSOW2K.COM
Server Name (Service and Instance): HTTP/ssow2kserver.ssow2k.com
till: 2037-09-13 02:48:05 (Z)
Nonce: 1871140380
Encryption Types: rc4-hmac rc4-hmac-old rc4-md4 des-cbc-md5 des-cbc-crc rc4-hmac-exp rc4-hmac-old-exp
Encryption type: rc4-hmac (23)
Encryption type: rc4-hmac-old (-133)
Encryption type: rc4-md4 (-128)
Encryption type: des-cbc-md5 (3)
Encryption type: des-cbc-crc (1)
Encryption type: rc4-hmac-exp (24)
Encryption type: rc4-hmac-old-exp (-135)
KRB5 (TGS-REP)
============
No. Time Source Destination Protocol Info
128 10.310791 10.122.1.200 10.122.1.2 KRB5 TGS-REP
Frame 128 (1290 bytes on wire, 1290 bytes captured)
Arrival Time: Apr 6, 2006 13:49:54.858528000
Time delta from previous packet: 0.001441000 seconds
Time since reference or first frame: 10.310791000 seconds
Frame Number: 128
Packet Length: 1290 bytes
Capture Length: 1290 bytes
Protocols in frame: eth:ip:udp:kerberos
Ethernet II, Src: Vmware_59:2c:e6 (00:0c:29:59:2c:e6), Dst: 10.122.1.2 (00:0c:29:17:9a:be)
Destination: 10.122.1.2 (00:0c:29:17:9a:be)
Source: Vmware_59:2c:e6 (00:0c:29:59:2c:e6)
Type: IP (0x0800)
Internet Protocol, Src: 10.122.1.200 (10.122.1.200), Dst: 10.122.1.2 (10.122.1.2)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 1276
Identification: 0x0a10 (2576)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: UDP (0x11)
Header checksum: 0x1424 [correct]
Source: 10.122.1.200 (10.122.1.200)
Destination: 10.122.1.2 (10.122.1.2)
User Datagram Protocol, Src Port: kerberos (88), Dst Port: 1076 (1076)
Source port: kerberos (88)
Destination port: 1076 (1076)
Length: 1256
Checksum: 0x1318 [correct]
Kerberos TGS-REP
Pvno: 5
MSG Type: TGS-REP (13)
Client Realm: SSOW2K.COM
Client Name (Principal): ssouser
Ticket
enc-part rc4-hmac
Encryption type: rc4-hmac (23)
Kvno: 1
enc-part: 4D2A9E8590CC716EA6571B093B6FAF89537B0B89F832C073...
========================================================================================
Can anybody enlighten me on how you solve this problem? Thanks.I ran into this error and caught the error code to remind me to edit the registry.
if (sError.contains("KDC has no support for encryption type (14)")){
JOptionPane.showMessageDialog(null,"Error " + ThisErrorCode.myErrorCode() + '\n' +
" http://support.microsoft.com/default.aspx?scid=kb;en-us;308339" + '\n' + '\n' +
"There is a known issue involving Windows clients running Windows 2000 SP4, XP SP2." + '\n' +
"To avoid the error, administrators need to update the Windows registry." + '\n' +
"The registry key, allowtgtsessionkey, should be added, and its value set correctly" + '\n' +
"to allow session keys to be sent in the Kerberos Ticket-Granting Ticket." + '\n' + '\n' +
"Windows XP SP2, add the registry entry:" + '\n' +
"HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\Kerberos\\" + '\n' +
"Value Name: allowtgtsessionkey" + '\n' +
"Value Type: REG_DWORD" + '\n' +
"Value: 0x01" ,null, JOptionPane.ERROR_MESSAGE);
System.exit(-1); -
We have to validate against a clients ldap server using tls
encryption. Even though this is a standard protocol I cant find
that coldfusion 6.1 supports it with the cfldap tag. Does anyone
know if cf6.1 does and which attribute values would be used?Hi there,
I'm been researching this also for the past two days, does
anyone has any information. I'm trying to secure my ldap
authentication from 5 differents ldap server. I'm trying to find an
easy way to secure this without using a bunch of third party
certificates.
tks -
Any Problems using SSL with Safari and the move with Internet explorer to require only TLS encryption.
Hi .
Apple no longer supports Safari for Windows if that's what you are asking > Apple apparently kills Windows PC support in Safari 6.0
Microsoft has not written IE for Safari for many years. -
Does Toshiba Multimedia Center support 5.1 via optical out?
Hello, I have a question before I buy this...
Does Toshiba Multimedia Center support 5.1 via optical out?
I can find this out anywhere they only mention digital out but that could be coax.
Can any of you help me?
ThanksHi
As far as I know the Toshiba Media Center supports these feature:
Dolby Digital Surround, Dolby Digital 5.1, EAX ADVANCED HD
_Ports:_
1 x LAN - RJ-45
4 x hi-speed USB - USB Typ A, 4-polig
1 x audio *SPDIF output*
1 x audio - line-In stereo port 3.5 mm
1 x headphones audio output stereo port 3.5 mm
Greats -
Does ALDSP 2.5 supports INOUT cursor??
Hi,
We are using ALDSP 2.5 and trying to connect to oracle stored procs. Some of these stored procs have INOUT Cursor, INPUT cursor and associate array types.
Does ALDSP 2.5 supports this??
If not please let me know whether other versions support this.
Thanks in advance.Please post ALDSP/ODSI questions on the ODSI forum.
Data Service Integrator
cursor is not supported, array is not supported. -
How to use TLS encryption with cfldap 6.1?
I need to connect to a remote ldap server using TLS
encryption on port 389 and cant find any help on how to do this in
coldfusion 6.1 . Any pointers would be welcome.Hi there,
I'm been researching this also for the past two days, does
anyone has any information. I'm trying to secure my ldap
authentication from 5 differents ldap server. I'm trying to find an
easy way to secure this without using a bunch of third party
certificates.
tks -
WebLogic SSO receiving "KDC has no support for encryption type (14)" error
Hello,
I am trying to implement SSO using an Off-the-Shelf app running on WebLogic, but receiving "KDC has no support for encryption type (14)" error. I have set the AD Server to Use DES encryption types for this account . I have added 'allowtgtsessionkey' registry entry on the client machine as well as the Windows Server on which WebLogic is running. My klist results on the client machine still seems to indicate AD is sending RC4 encryption format (please confirm looking at the results below). I am also attaching the WebLogic error log. I am slo seeing 2 errors at the very beginning of the WebLogic log when I restart the appserver.
% KLIST output
C:\Program Files\Resource Kit>klist tickets
Cached Tickets: (2)
Server: krbtgt/[email protected]
KerbTicket Encryption Type: RSADSI RC4-HMAC(NT)
End Time: 8/27/2008 1:52:56
Renew Time: 9/2/2008 15:52:56
Server: HTTP/[email protected]
KerbTicket Encryption Type: RSADSI RC4-HMAC(NT)
End Time: 8/27/2008 1:52:56
Renew Time: 9/2/2008 15:52:56
% WebLogic Error
<Aug 28, 2008 8:43:02 AM MDT> <Debug> <SecurityDebug> <000000> <java.security.krb5.realm was not defined, this could cause problems using Kerberos for negotiation>
<Aug 28, 2008 8:43:02 AM MDT> <Debug> <SecurityDebug> <000000> <java.security.krb5.kdc was not defined, this could cause problems using Kerberos for negotiation>
<Aug 26, 2008 8:26:18 AM MDT> <Debug> <SecurityDebug> <000000> <Default Authorization isAccessAllowed(): returning PERMIT>
<Aug 26, 2008 8:26:18 AM MDT> <Debug> <SecurityDebug> <000000> <DefaultAdjudicatorImpl.adjudicate results: PERMIT >
<Aug 26, 2008 8:26:18 AM MDT> <Debug> <SecurityDebug> <000000> <AuthorizationManager.isAccessAllowed returning adjudicated: true>
<Aug 26, 2008 8:26:27 AM MDT> <Debug> <SecurityDebug> <000000> <PrincipalAuthenticator.assertIdentity - Token Type: Authorization>
<Aug 26, 2008 8:26:27 AM MDT> <Debug> <SecurityDebug> <000000> <Found Negotiate with SPNEGO token>
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null KeyTab is devmax01.http.keytab refreshKrb5Config is false principal is HTTP/[email protected] tryFirstPass is false useFirstPass is false storePass is false clearPass is false
KeyTab: load() entry length: 60
KeyTabInputStream, readName(): DEV.DENVERWATER.ORG
KeyTabInputStream, readName(): HTTP
KeyTabInputStream, readName(): devmax01principal's key obtained from the keytab
principal is HTTP/[email protected]
EType: sun.security.krb5.internal.crypto.DesCbcMd5EType
KrbAsReq calling createMessage
KrbAsReq in createMessage
KrbAsReq etypes are: 3 1 1
KrbKdcReq send: kdc=10.143.60.1 UDP:88, timeout=30000, number of retries =3, #bytes=252
KDCCommunication: kdc=10.143.60.1 UDP:88, timeout=30000,Attempt =1, #bytes=252
KrbKdcReq send: #bytes read=1311
KrbKdcReq send: #bytes read=1311
EType: sun.security.krb5.internal.crypto.DesCbcMd5EType
KrbAsRep cons in KrbAsReq.getReply HTTP/devmax01Added server's keyKerberos Principal HTTP/[email protected] Version 4key EncryptionKey: keyType=3 keyBytes (hex dump)=
0000: B3 86 A4 E5 83 0E 6D 9E
[Krb5LoginModule] added Krb5Principal HTTP/[email protected] to Subject
Commit Succeeded
Found key for HTTP/[email protected]
Entered Krb5Context.acceptSecContext with state=STATE_NEW
<Aug 26, 2008 8:26:27 AM MDT> <Debug> <SecurityDebug> <000000> < GSS exception GSSException: Failure unspecified at GSS-API level (Mechanism level: KDC has no support for encryption type (14))
GSSException: Failure unspecified at GSS-API level (Mechanism level: KDC has no support for encryption type (14))
at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:734)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:300)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:246)
at weblogic.security.providers.utils.SPNEGONegotiateToken.getUsername(SPNEGONegotiateToken.java:371)
at weblogic.security.providers.authentication.SinglePassNegotiateIdentityAsserterProviderImpl.assertIdentity(SinglePassNegotiateIdentityAsserterProviderImpl.java:201)
at weblogic.security.service.PrincipalAuthenticator.assertIdentity(PrincipalAuthenticator.java:553)
at weblogic.servlet.security.internal.CertSecurityModule.checkUserPerm(CertSecurityModule.java:104)
at weblogic.servlet.security.internal.SecurityModule.beginCheck(SecurityModule.java:199)
at weblogic.servlet.security.internal.CertSecurityModule.checkA(CertSecurityModule.java:86)
at weblogic.servlet.security.internal.ServletSecurityManager.checkAccess(ServletSecurityManager.java:145)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3685)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2644)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
>
<Aug 26, 2008 8:26:27 AM MDT> <Debug> <SecurityDebug> <000000> <PrincipalAuthenticator.assertIdentity - IdentityAssertionException>dins wrote:Do you think the klist output in my original posting confirms that AD is not encrypting tickets in DES format ?Yes, the current line prove it :
KerbTicket Encryption Type: RSADSI RC4-HMAC(NT)The fact is that Microsoft seems to use by default the RC4-HMAC-MD5 encryption type for AD.
Try to specify only des for encryption type in both your krb5.conf
[libdefaults]
default_realm = ...
default_tkt_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1
default_tgs_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1
...and kdc.conf
[realms]
REALM = {
kadmind_port = ...
max_life = ...
max_renewable_life = ...
master_key_type = ddes-cbc-md5 des-cbc-crc des3-cbc-sha1
supported_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1
kdc_supported_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1
}If it still does not work, I'm out of ammo ;-).
Maybe you are looking for
-
Regd: Calculation of TOTAL field in ALV report
Hi All, We have a scenario that we are not getting the total value for numeric fields in ALV report. Below i have given the code used for it. G_KEY = 'X'. G_NOKEY = SPACE. G_SUM = 'X'. G_NOSUM = SPACE. PERFORM BUILD_FIELDCAT USING 'VBELN' G_
-
Confirmation of activity type in Process order -Impact in FI.
Dear All, On doing a confirmation of a activity type for a process/ Production order - values get posted to secondary cost element which has been assigned to a acitivity type. This means only a impact in controlling but not in FI How woould the book
-
Defining rates for currency in Travel Management
Hi All, Can anyone please advise me how to define rates for currencies in Travel management module ? Scenario : When i return from a trip to US, I enter my claims in USD which shud be then converted into INR and then shud be posted to FI. Please advi
-
HT4528 I get an iphone5 5 days ago, and now I cracked my screen, how much do I need to fix it.
I get an iphone5 5 days ago, and now I cracked my screen, how much do I need to fix it.
-
Tomcat error deploying remidiation
Hi all, When I tries to deploy patches I got a tomcat/java error saying "org.hibernate.HibernateException: Found two representations of same collection: com.patchlink.sapphire.datamodel.PatchSignature.pa ckages org.hibernate.engine.Collections.proces