EAP Authentication Failing (External DB account restriction)
Hi,
I am using ACS 3.0 as my Access Server configured for LEAP authentication,Everything was working fine till 2 days back, All my wireless clients ver getting authenticated,
But suddenly they have stopped doing so, On checking the logs it says "External DB account restriction"
I am using Windows Group Mapping, Dont know why suddenly it has started behaving like this, Have made no changes on the user profiles/permissions from either ACS or windows servers.
Any clue...suggestions..
Thanks
Maneesh
I'm having the same problem and it is quite frustrating... It should not be this difficult.
I've tried both IAS and ACS and I can not get either one of them to work. I'm sure it has something to do with certificates... I just don't know what I'm doing wrong, but I'm going to beat the stuffing out my server if I see "External DB account Restriction" one more time!
currently i'm trying to get ACS 3.2.1(trial) on Win2k SP3 to work and time and time again no matter how I try to install the certificate I create (following instructions in chapter 10 of the User Guide) I keep getting that infernal error. If someone out there could post SPECIFIC instructions about how they got their installation to work it would be GREATLY appreciated.
Ben
Similar Messages
-
External DB account Restriction
Hi
I am receiving "External DB account Restriction" Error message for ADS users after upgrading from 2000 to Windows 2003.
I dont see any error for local ACS users and local windows database users.
Any idea
ThanksMeaning of the error message
External DB account restriction : The Windows User Account is restricted : The windows administrator must reset this option.
ACS troubleshooting guide
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1.3/troubleshooting/guide/ecodes.html
When you try to authenticate via ACS and see failed authentication on the ACS,could you please take a look on the group you are dropped in.
This can occur either due to permission issues or if your user is being mapped to DISABLED or NO-ACCESS group on the ACS.
Once you have the group which the failed user belongs to, go to that group and click on edit group. It shouldn't ne disabled or noaccess group (Group 0 is what we called noaccess group).
If you're getting mapped to correct map then this is surely windows permission issue. You have to ensure that ACS software running on windows machine should have domain admin rights.
There are some permissions those need to be granted on the windows machine it is installed.You may check from below listed link
1.Acs is installed on the member server or DC and permissions are configured as per the following doc:
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs33/install/inst02.htm#wp981552
If you're running ACS on member server do make sure that you have completed post installation task for local security policy.
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/3.3/installation/guide/windows/install.html#wp981858
HTH
Rgds,
Jatin
Do rate helpful posts~ -
ACS error - External DB account Restriction ..
Hi, we have problem with our VPN users. When they log using cisco vpn, they get error and when we checked at the ACS - we are getting this message in the Report and Activity menu under Failed Attempts - External DB account Restriction ...
Can you help us why is this so?This is due to permission issue. Make sure that the account running acs service or remote agent service (incase you have appliance)have domain admin permissions.
See this link
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/installation/guide/windows/postin.html#wp1041202
Also post acs issues in AAA forum.
Regards,
~JG
Do rate helpful posts -
I've integrated a new ISE deployment, After a while I start getting the following error below, for wired users, it randomly fails on different users
The NAD I use is WS-C3650-48PD with the following 03.03.03SE cat3k_caa-universalk9 version,
All was working properly for one month, all of a sudden it has started to report such error
I tried to optimize the timers , but it's still the same
Also when I do clear authentication on the same user who has failed the authentication passed
Please advice
Event
5400 Authentication failed
Failure Reason
12953 Received EAP packet from the middle of conversation that contains a session on this PSN that does not exist
Resolution
Verify known NAD issues and published bugs. Verify NAD configuration. Turn debug log on DEBUG level to troubleshoot the problem.
Root cause
Session was not found on this PSN. Possible unexpected NAD behavior. Session belongs to this PSN according to hostname but may has already been reaped by timeout. This packet arrived too late.IOS-XE has been very problematic. The version of code that you are running is not that old but I would recommend that you upgrade it. I have heard very positive feedback for v.3.7.0 but it is fairly new so if you want to be safe I would suggest running the 3.3.5.
Thank you for rating helpful posts! -
EAP-TLS or PEAP authentication failed during SSL handshake
Hi Pros,
I am a newbie in the ACS 4.2 and EAP-TLS implementation, with that being said. I face an issue during a EAP-TLS implementation. My search shows that this kind of error message is already certificate issue;However, I have deleted and recreated the certificate in both ACS and the client with the same result. I have deleted and re-install the certchain as well.
When I check my log in the failed attemps, there is what I found:
Date
Time
Message-Type
User-Name
Group-Name
Caller-ID
Network Access Profile Name
Authen-Failure-Code
Author-Failure-Code
Author-Data
NAS-Port
NAS-IP-Address
Filter Information
PEAP/EAP-FAST-Clear-Name
EAP Type
EAP Type Name
Reason
Access Device
Network Device Group
06/23/2010
17:39:51
Authen failed
000e.9b6e.e834
Default Group
000e.9b6e.e834
(Default)
EAP-TLS or PEAP authentication failed during SSL handshake
1101
10.111.22.24
25
MS-PEAP
wbr-1121-zozo-test
Office Networ
06/23/2010
17:39:50
Authen failed
[email protected]
Default Group
000e.9b6e.e834
(Default)
EAP-TLS or PEAP authentication failed during SSL handshake
1098
10.111.22.24
25
MS-PEAP
wbr-1121-zozo-test
Office Network
[email protected] = my windows active directory name
1. Why under EAP-TYPE it shows MS-PEAP not EAP-TLS? I did configure EAP-TLS....
2. Why sometimes it just shows the MAC of the client for username?
3. Why it puts me in DEFAULT-GROUP even though i belongs to a group well definy in the acs?
2. Secondly, When I check in pass authentications... there is what i saw
Date
Time
Message-Type
User-Name
Group-Name
Caller-ID
NAS-Port
NAS-IP-Address
Network Access Profile Name
Shared RAC
Downloadable ACL
System-Posture-Token
Application-Posture-Token
Reason
EAP Type
EAP Type Name
PEAP/EAP-FAST-Clear-Name
Access Device
Network Device Group
06/23/2010
17:30:49
Authen OK
groszozo
NOC Tier 2
10.11.10.105
1
10.111.22.24
(Default)
wbr-1121-zozo-test
Office Network
06/23/2010
17:29:27
Authen OK
groszozo
NOC Tier 2
10.11.10.105
1
10.111.22.24
(Default)
wbr-1121-zozo-test
Office Network
In the output below, it says that the user is authenticate and it puts the user in the right group with the right username, but the user never really authenticate. Maybe for the first few seconds when I initiate the connection.
Before I forget, the suppliant is using WIN XP and 802.1x is enable. I even uncheck not verify the server and the ACS under External User Databases, I did check ENABLE EAP-TLS machine authentication.
Thanks in advance for your help,
Crazy---Any ideas on this guys?? In my end, i've been reading some docs... Things started to make sens to me, but I still cannot authenticate, still the same errors. One more thing that catch my attention now is the time it takes to open a telnet session to cisco device which has the ACS for auth server.
My AD(Active Direct) and the ACS server are local same subnet(server subnet). Ping to the ACS from my desktop which is in different subnet is only take 1ms. To confirm that the issue is the ACS server, I decided to use another server in remote location, the telnet connection is way faster than the local ACS.
Let's brain storm together to figure out this guys.
Thanks in advance,
----Paul -
EAP-TLS or PEAP authentication failed due to unknown CA certificate during SSL handshake
Hi All ,
I am trying to test EAP_TLS authentication on acs 4.2.1.15 running on Appliance 1120 , I have installed my server certficate along with CA certficate on my appliance box , I have enabled features of EAP_TLS under golbal authentication setup .
I have downloaded client supplicant certficate file for my windows XP machine .
When i tried to authenticated i am finding following error message under failed attempts(EAP-TLS or PEAP authentication failed due to unknown CA certificate during SSL handshake) on my acs appliance box .
Under certficate revocation list , I have forced my CA as CRL in use . Attached snap shot of all .
Suggest me whether i need to enable all corresponding CA certficate undercertficate trust list , Kindly let me know were i am doing wrong on this ..Hello,
I am NO expert on certificates but I have seen your error dozens of times from wireless clients on my Cisco ACS 4.2 Radius server.
Through trial and error I wrote up this procedure for our Helpdesk for installing certs in Windows XP and Windows 7. These steps haven't failed me yet and the Helpdesk doesn't bother me as much anymore so see if this helps you:
- Manually install the Global CA under BOTH Trusted Root Certification Authorities\Certificates AND Intermediate Certification Authorities\Certificates
- Manually install the Intermediate CA under JUST the Intermediate Certification Authorities\Certificates
- Delete the wireless network from the computer
- REBOOT!!
- Open the Microsoft Management Console, “mmc”.
- Go FILE\Add Remove SnapIn. Select Certificates ..
- If promoted, do it for “My User Account”.
- Make sure the certificates are where you put them.
- If you see any of these exact certificates out of place in either Trusted Root Certification Authorities\Certificates or Intermediate Certification Authorities\Certificates, remove them.
- Redo wireless network setup again
I hope this helps you.
Mike -
Tacacs authentication fails for one user account for only one switch
Hi,
I am having an scenario, where as Tacacs authentication fails for one user account for only one switch.
The same user account works well for other devices.
The AAA configs are same on every devices in the network.
Heres the show tacacs output from the switch where only one user account fails;
Socket opens: 157
Socket closes: 156
Socket aborts: 303
Socket errors: 1
Socket Timeouts: 2
Failed Connect Attempts: 0
Total Packets Sent: 1703
Total Packets Recv: 1243
Expected Replies: 0
What could be the reason ?
No errors on ACS server; same rights had been given to the user account.
Thanks to advise.
PraseyHi there,
Does the user get authenticated in the ACS logs?
reports and activity----> failed attempts
ro
reports and activity-----> passed authentications
That will help narrow it down.
Brad -
Hi,
I have a setup ISE 1.1.1. Users are getting authenticate against AD. Everything is working fine except some users report disconnection. I see in the ISE that (Authentication failed: 24415 User authentication against Active Directory failed since user's account is locked out). Users are using Windows 7 OS.
Error is enclosed & here is the port configuration.
Port Configuration.
interface GigabitEthernet0/2
switchport access vlan 120
switchport mode access
switchport voice vlan 121
authentication event fail action next-method
authentication event server dead action reinitialize vlan 120
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication order mab dot1x
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
mab
dot1x pae authenticator
dot1x timeout tx-period 60
spanning-tree portfast
ip dhcp snooping limit rate 30 interface GigabitEthernet0/2
switchport access vlan 120
switchport mode access
switchport voice vlan 121
authentication event fail action next-method
authentication event server dead action reinitialize vlan 120
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication order mab dot1x
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
mab
dot1x pae authenticator
dot1x timeout tx-period 60
spanning-tree portfast
ip dhcp snooping limit rate 30
Please help.The error message means that Active Directory server Reject the authentication attempt
as for some reasons the user account got locked.I guess, You should ask your AD Team to check in the AD
Event Logs why did the user account got locked.
Under Even Viewers, You can find it out
Regards
Minakshi (Do rate the helpful posts) -
Eap tls authentication fails if bluetooth device connected
Hi All, I'm new to Macs but was tasked with getting a MacBook Air connected to our AD integrated, 802.1x wifi network. After a lot of trial and error with certificates I finally got this working but now have a rather bizarre problem. With the MBA on it's own it will connect to the wifi network, sucessfully authenticate and work perfectly well. However, if my Apple bluetooth mouse or keyboard are connected to the MBA the EAP-TLS authentication fails. A packet capture of the connection process shows that at the same point every time the process take a while then a packet shows as "Unknown Error Ignored", then loops thorugh the process. Turning off the keybpard and mouse at this point and the MBA will connect. Once connected I can then connect the keyboard and mouse and continue to stay connected for a while before, I assume, the AP forces a re-auth and the connection drops again.
Has anyone come across this elsewhere?
ThanksI have a Macbook Pro Retina 15" from 2012 and it has the same issue. Running 10.8.4. I have spent probably 5-6 hours trying to troubleshoot cert's network settings, did a complete fresh install (then restored from timemachine when that did not work) with no luck this solution worked but obviously is not a real solution as it should not confilct in this way. Great job on finding a workaround! I will be contacting apple about this ASAP under my applecare.
-
EAP-TLS & ACE Appliance "EAP-TLS or PEAP authentication failed"
Hello - I have a version 3.2 of the ACS appliance and I am trying to set up a successful test of EAP-TLS. I have a W2K server for a CA and I believe I have the certificate install properly. However, I get the "EAP-TLS or PEAP authentication failed during SSL handshake" error message in my failed attempts log. The troubleshooting document tells me to look at the CSAuth.log file but I can't seem to find in on the ACS Appliance.
Does anyone have any ideas how to troubleshoot this problem with the appliance?If the client's certificate on the ACS is invalid (which depends on the certificate's valid "from" and "to" dates, the server's date and time settings, and CA trust), then the server will reject it and authentication will fail. The ACS will log the failed authentication in the web interface under Reports and Activity > Failed Attempts > Failed Attempts XXX.csv with the Authentication Failure-Code similar to "EAP-TLS or PEAP authentication failed during SSL handshake." If the ACS rejects the client's certificate because the ACS does not trust the CA, the expected error message in the CSAuth.log file is similar to the following.
AUTH 06/04/2003 15:47:43 E 0345 1696 EAP: ProcessResponse:
SSL handshake failed, status = 3 (SSL alert fatal:unknown CA certificate)If the ACS rejects the client's certificate because the certificate has expired, the expected error message in the CSAuth.log file is similar to the following.
AUTH 06/04/2005 15:02:08 E 0345 1692 EAP: ProcessResponse:
SSL handshake failed, status = 3 (SSL alert fatal:certificate expired)
http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00801df0ea.shtml -
EAP-TLS or PEAP authentication failed during SSL handshake to the ACS serve
We are running the LWAPP (2006 wlc's and 1242 AP's) and using the ACS 4.0 for authentication. Our users are
experiencing an issue, where they are successfully authenticated the first time, however as the number of them is increasing, they're starting to drop the connections and being prompted to re-authenticate. At this point, they are not being able to authenticate again.
We're using PEAP for the authentication and Win XP SP2 clients as the supplicants. The error message that we are seeing on the ACS for that controller is "EAP-TLS or PEAP authentication failed during SSL handshake to the ACS server"...Not sure if this error msg is relevant since we have other WLC's that are working OK and still generating the same error msg on the ACS...
Thanks..Here are some configs you can try:
config advanced eap identity-request-timeout 120
config advanced eap identity-request-retries 20
config advanced eap request-timeout 120
config advanced eap request-retries 20
save config -
EAP-TLS or PEAP authentication failed during SSL handshake error
I have 2 Windows 2003 ACS 3.2 servers. I am in the process of upgrading them to ACS 4.0. I am using them for WPA2/PEAP wireless authentication in a WDS environment. I recently upgraded one to ACS 4.0 and ever since that time some (not all) of my Windows XP clients have started to not be authenticated and logging the error "EAP-TLS or PEAP authentication failed during SSL handshake" on the ACS 4.0 server. During the upgrade (which was successful) I did change the Certificate since the current one was going to expire November 2007.
The clients that do not authenticate on the ACS 4.0 server I can point to the ACS 3.2 server and they successfully authenticate there. I am able to resolve the issue by recreating the Windows XP PEAP profile for the wireless network and by getting a new client Cert. But, I have a couple of questions:
Is the "EAP-TLS or PEAP authentication failed during SSL handshake" error due to the upgrade to ACS 4.0 or to the fact that I changed the Certificate, or both?
Can this error ("EAP-TLS or PEAP authentication failed during SSL handshake") be resolved without me touching every Windows XP client (we have over 250+)?
Thanks for the helpMy experience suggests that the problem is the certificate.
I'm running ACS 3.3.
I received the same error message when my clients copied the certificate to the wrong location, or otherwise did not correctly follow the provided instructions.
Correctly following the instructions led to a successful connection and no more error message. -
Sconadm timeout - Sun On-line Account authentication failed.
Hello,
I run Solaris 10 5/08 s10x_u5wos_10 X86.
and the registration timeout. See below the basicreg.log
I copy the commands i used. and the output. I also run the suc.sh script and post in the end.
#ping 82.98.86.176
82.98.86.176 is alive
#sconadm register -a -r regfile
sconadm is running
Authenticating user ...
Sun On-line Account authentication failed
failed registration!
telnet cns-transport.sun.com 443
Trying 198.232.168.137...
traceroute to cns-transport.sun.com (198.232.168.137), 30 hops max, 40 byte packets
1 172.30.168.254 (172.30.168.254) 0.409 ms 0.241 ms 0.147 ms
2 125-230-64-254.dynamic.hinet.net (125.230.64.254) 2.334 ms 77.107 ms 1.457 ms
3 tc-kk-t64-2.router.hinet.net (168.95.149.78) 0.937 ms 1.112 ms 0.867 ms
4 220-128-17-98.HINET-IP.hinet.net (220.128.17.98) 1.246 ms tc-c12r12.router.hinet.net (220.128.17.158) 1.252 ms 1.138 ms
5 tp-crs11.router.hinet.net (220.128.2.10) 4.423 ms 4.281 ms 15.803 ms
6 220-128-4-29.HINET-IP.hinet.net (220.128.4.29) 5.076 ms 4.274 ms 4.034 ms
7 r02-s2.tp.hinet.net (220.128.4.38) 16.038 ms 4.358 ms 4.359 ms
8 r12-pa.us.hinet.net (211.72.108.121) 142.842 ms 150.936 ms 142.567 ms
9 r11-pa.us.hinet.net (202.39.83.193) 143.152 ms 142.800 ms 142.830 ms
10 206.111.12.165.ptr.us.xo.net (206.111.12.165) 142.651 ms 142.925 ms 142.852 ms
11 te-11-0-0.rar3.sanjose-ca.us.xo.net (207.88.12.69) 144.081 ms 144.510 ms 144.974 ms
12 207.88.14.117.ptr.us.xo.net (207.88.14.117) 218.322 ms 218.461 ms 217.083 ms
13 207.88.14.118.ptr.us.xo.net (207.88.14.118) 218.363 ms 217.950 ms 218.103 ms
14 207.88.183.54.ptr.us.xo.net (207.88.183.54) 214.827 ms 214.479 ms 216.544 ms
15 border7.te2-2-bbnet2.wdc002.pnap.net (216.52.127.87) 214.862 ms 215.908 ms 214.832 ms
16 seven-6.border7.wdc002.pnap.net (216.52.125.250) 214.658 ms 214.440 ms 214.558 ms
17 * * *
18 * * *
# cat basicreg20081024111737681.log
24.10.2008 11:17:48 com.sun.cns.basicreg.BasicReg loadPropertiesFromHomeDir
INFO: properties file loaded from the default config.properties
24.10.2008 11:17:48 com.sun.scn.util.Utils getLocalHostNames
INFO: get hostname 82.98.86.176
24.10.2008 11:17:48 com.sun.scn.util.Utils getLocalHostNames
INFO: first returned hostname 82.98.86.176
24.10.2008 11:17:48 com.sun.cns.basicreg.cacao.NetworkProxyCacaoAdapter setProxy
INFO: SCNNetworkProxyConfigMBean.setHost() = null
24.10.2008 11:17:48 com.sun.cns.basicreg.cacao.NetworkProxyCacaoAdapter setProxy
INFO: SCNNetworkProxyConfigMBean.setPort() = null
24.10.2008 11:17:48 com.sun.cns.basicreg.cacao.NetworkProxyCacaoAdapter setProxy
INFO: SCNNetworkProxyConfigMBean.setUser() = null
24.10.2008 11:17:48 com.sun.cns.basicreg.cacao.NetworkProxyCacaoAdapter setProxy
INFO: SCNNetworkProxyConfigMBean.setPassword() = null
24.10.2008 11:17:48 com.sun.cns.basicreg.BasicRegCLI printRegistrationProfile
INFO: userName = [email protected]
24.10.2008 11:17:48 com.sun.cns.basicreg.BasicRegCLI printRegistrationProfile
INFO: password = *****
24.10.2008 11:17:48 com.sun.cns.basicreg.BasicRegCLI printRegistrationProfile
INFO: hostName =
24.10.2008 11:17:48 com.sun.cns.basicreg.BasicRegCLI printRegistrationProfile
INFO: portalEnabled =false
24.10.2008 11:17:48 com.sun.cns.basicreg.BasicRegCLI run
INFO: Authenticating user ...
24.10.2008 11:17:48 com.sun.cns.basicreg.cacao.ClientLoginCacaoAdapter getSCNClientSession
INFO: CREATING SCNClientSession
24.10.2008 11:25:18 com.sun.cns.basicreg.cacao.ClientLoginCacaoAdapter loginAccount
SCHWERWIEGEND: Error: login account exception: Connection refused to host: 82.98.86.176; nested exception is:
java.net.ConnectException: Connection timed out
24.10.2008 11:25:18 com.sun.cns.basicreg.cacao.ClientLoginCacaoAdapter loginAccount
SCHWERWIEGEND:
com.sun.scn.jmx.impl.UISClientLoginModule.login(UISClientLoginModule.java:151)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
javax.security.auth.login.LoginContext$5.run(LoginContext.java:706)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.login.LoginContext.invokeCreatorPriv(LoginContext.java:703)
javax.security.auth.login.LoginContext.login(LoginContext.java:575)
com.sun.scn.jmx.impl.UISClientLogin.login(UISClientLogin.java:201)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:414)
javax.management.StandardMBean.invoke(StandardMBean.java:323)
com.sun.jmx.mbeanserver.DynamicMetaDataImpl.invoke(DynamicMetaDataImpl.java:213)
com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)
com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)
com.sun.jdmk.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:203)
com.sun.cacao.agent.DispatchInterceptor.invoke(DispatchInterceptor.java:736)
com.sun.cacao.agent.auth.impl.AccessControlInterceptor.invoke(AccessControlInterceptor.java:618)
com.sun.jdmk.JdmkMBeanServerImpl.invoke(JdmkMBeanServerImpl.java:764)
com.sun.cacao.common.instrum.impl.InstrumDefaultForwarder.invoke(InstrumDefaultForwarder.java:106)
javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1410)
javax.management.remote.rmi.RMIConnectionImpl.access$100(RMIConnectionImpl.java:81)
javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1247)
java.security.AccessController.doPrivileged(Native Method)
javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1350)
javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:784)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:294)
sun.rmi.transport.Transport$1.run(Transport.java:153)
java.security.AccessController.doPrivileged(Native Method)
sun.rmi.transport.Transport.serviceCall(Transport.java:149)
sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:466)
sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:707)
java.lang.Thread.run(Thread.java:595)
24.10.2008 11:25:18 com.sun.cns.basicreg.cacao.ClientLoginCacaoAdapter getLoginResult
INFO: SCN Fault: Connection refused to host: 82.98.86.176; nested exception is:
java.net.ConnectException: Connection timed out
24.10.2008 11:25:18 com.sun.cns.basicreg.BasicRegCLI run
SCHWERWIEGEND: Sun On-line Account authentication failed
#sh suc.sh
User: root
Logname: root
Freitag, 24. Oktober 2008 11:48 Uhr CST
xxx
smpatch settings:
patchpro.backout.directory - ""
patchpro.baseline.directory - /var/sadm/spool
patchpro.download.directory - /var/sadm/spool
patchpro.install.types - rebootafter:reconfigafter:standard
patchpro.patch.source - https://getupdates1.sun.com/
patchpro.patchset - current
patchpro.proxy.host - ""
patchpro.proxy.passwd **** ****
patchpro.proxy.port - 8080
patchpro.proxy.user - ""
smpatch analyze:
Failure: Cannot connect to retrieve detectors.jar: This system is currently unregistered and is unable to retrieve patches from the Sun Update Connection. Please register your system using the Update Manager, /usr/bin/updatemanager or provide valid Sun Online Account(SOA) credentials.
Sun UC patch revision:
120336-04
121082-06
121119-13
121454-02
123004-03
123006-07
123631-03
123896-04
124187-07
Solaris release:
Solaris 10 5/08 s10x_u5wos_10 X86
Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
Use is subject to license terms.
Assembled 24 March 2008
Solaris Kernel: Generic_127128-11
Machine Type: i86pc
Platform: i86pc
Java -version:
java version "1.5.0_14"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_14-b03)
Java HotSpot(TM) Client VM (build 1.5.0_14-b03, mixed mode, sharing)
Cacao Java version:
java-home=/usr/jdk/jdk1.5.0_14
Software Cluster:
CLUSTER=SUNWCall
All ccr properties:
Property not defined: 18
18:
cns.assetid:
cns.br.SunUCenabled:
true
cns.ccr.keyGenPath:
/usr/lib/cc-ccr/bin/ccrKeyGen
cns.clientid:
cns.httpproxy.auth:
cns.httpproxy.ipaddr:
cns.httpproxy.port:
cns.regtoken:
cns.security.password:
cns.security.privatekey:
cns.security.publickey:
cns.swup.UMautolaunch:
false
cns.swup.autoAnalysis.enabled:
true
cns.swup.checkinInterval:
2
cns.swup.lastCheckin:
0
cns.swup.patchbaseline:
current
cns.swup.regRequired:
true
cns.transport.serverurl:
patchsvr not installed.
Sun UC package status:
SUNWbreg not installed
SUNWdc not installed
Edited by: Denis_Theinert on Oct 24, 2008 4:13 AMI could connect all of this hosts without problems.
# telnet sun.com 80
Trying 72.5.124.61...
Connected to sun.com.
Escape character is '^]'.
^CConnection to sun.com closed by foreign host.
# telnet cns-services.sun.com 443
Trying 198.232.168.133...
Connected to cns-services.sun.com.
Escape character is '^]'.
^CConnection to cns-services.sun.com closed by foreign host.
# telnet getupdates1.sun.com 443
Trying 198.232.168.136...
Connected to getupdates1.sun.com.
Escape character is '^]'.
^CConnection to getupdates1.sun.com closed by foreign host.
# telnet a248.e.akamai.net 443
Trying 60.254.154.75...
Connected to a248.e.akamai.net.
Escape character is '^]'.
^CConnection to a248.e.akamai.net closed by foreign host.
# -
ı bought the newsweek magazine subscription and couldnt verify the mail so now when ı try to sign in my account it says authentication failed. ı took the bill so what will ı do now? How will I enter and download my magazine. thanks
ı bought the newsweek magazine subscription and couldnt verify the mail so now when ı try to sign in my account it says authentication failed. ı took the bill so what will ı do now? How will I enter and download my magazine. thanks
-
Hi, i have an ipad air. Last night i got an email from [email protected], asking me to update my apple account information within 72 hours, failing which my account access will be restrictes. Is this a genuine email? Thanks
It is a phishing attempt to get your personal infomation.
Do not reply and delete the email.
Maybe you are looking for
-
Error Message: Need to purge Cache in Adobe Bridge CC (on PC)
I tried purging using Adobe Bridge by going to Edit/Preferences/Cache then purging, but it becomes non responsive. The error message said the problem files were at Users/(my user name)/AppData/Roaming/Adobe/BridgeCC/Cache. There are 4 files in the
-
I put a movie in my library then transferred it to my ipod. It shows up in the library and on my ipod. It plays in the library but not on the ipod. Help please
-
Hi , I am working on Integrating Oracle SOA with Oracle B2B . I am able to read all the invoices coming in from a flat file using file adapter and process the same in a loop to B2B [ where in B2B should create a single EDI X12 810 document ] In this
-
Beehive Installation Failed - BeehiveServer20100
I am trying to install Oracle Beehive mail server on a 32-bit RHEL 5 box with 4GB RAM and 200GB HDD. The database is installed in a separate windos XP box with 3GB RAM. There is no firewall between the two, and the two machines can pretty much talk w
-
Every time I open FF, the "Getting Started with Mozilla Firefox" tab opens. I have checked and it's not in my homepage list. If I open any additional windows, it doesn't open. But, once I close all of them and reopen it again, the tab opens. I've had