EAP Authentication Failing (External DB account restriction)

Similar Messages

• External DB account Restriction

  Hi
  I am receiving "External DB account Restriction" Error message for ADS users after upgrading from 2000 to Windows 2003.
  I dont see any error for local ACS users and local windows database users.
  Any idea
  Thanks

  Meaning of the error message
  External DB account restriction : The Windows User Account is restricted : The windows administrator must reset this option.
  ACS troubleshooting guide
  http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1.3/troubleshooting/guide/ecodes.html
  When you try to authenticate via ACS and see failed authentication on the ACS,could you please take a look on the group you are dropped in.
  This can occur either due to permission issues or if your user is being mapped to DISABLED or NO-ACCESS group on the ACS.
  Once you have the group which the failed user belongs to, go to that group and click on edit group. It shouldn't ne disabled or noaccess group (Group 0 is what we called noaccess group).
  If you're getting mapped to correct map then this is surely windows permission issue. You have to ensure that ACS software running on windows machine should have domain admin rights.
  There are some permissions those need to be granted on the windows machine it is installed.You may check from below listed link
  1.Acs is installed on the member server or DC and permissions are configured as per the following doc:
  http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs33/install/inst02.htm#wp981552
  If you're running ACS on member server do make sure that you have completed post installation task for local security policy.
  http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/3.3/installation/guide/windows/install.html#wp981858
  HTH
  Rgds,
  Jatin
  Do rate helpful posts~

• ACS error - External DB account Restriction ..

  Hi, we have problem with our VPN users. When they log using cisco vpn, they get error and when we checked at the ACS - we are getting this message in the Report and Activity menu under Failed Attempts - External DB account Restriction ...
  Can you help us why is this so?

  This is due to permission issue. Make sure that the account running acs service or remote agent service (incase you have appliance)have domain admin permissions.
  See this link
  http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/installation/guide/windows/postin.html#wp1041202
  Also post acs issues in AAA forum.
  Regards,
  ~JG
  Do rate helpful posts

• ISE EAP Authentication fails

  I've integrated a new ISE deployment, After a while I start getting the following error below, for wired users, it randomly fails on different users  
  The NAD I use is WS-C3650-48PD with the following 03.03.03SE cat3k_caa-universalk9 version, 
  All was working properly for one month, all of a sudden it has started to report such error   
  I tried to optimize the timers , but it's still the same
  Also when I do clear authentication on the same user who has failed the authentication passed
  Please advice
  Event
  5400 Authentication failed
  Failure Reason
  12953 Received EAP packet from the middle of conversation that contains a session on this PSN that does not exist
  Resolution
  Verify known NAD issues and published bugs. Verify NAD configuration. Turn debug log on DEBUG level to troubleshoot the problem.
  Root cause
  Session was not found on this PSN. Possible unexpected NAD behavior. Session belongs to this PSN according to hostname but may has already been reaped by timeout. This packet arrived too late.

  IOS-XE has been very problematic. The version of code that you are running is not that old but I would recommend that you upgrade it. I have heard very positive feedback for v.3.7.0 but it is fairly new so if you want to be safe I would suggest running the 3.3.5.
  Thank you for rating helpful posts!

• EAP-TLS or PEAP authentication failed during SSL handshake

  Hi Pros,
                 I am a newbie in the ACS 4.2 and EAP-TLS implementation, with that being said. I face an issue during a EAP-TLS implementation. My search shows that this kind of error message is already certificate issue;However, I have deleted and recreated the certificate in both ACS and the client with the same result. I have deleted and re-install the certchain as well.
  When I check my log in the failed attemps, there is what I found:
  Date
  Time
  Message-Type
  User-Name
  Group-Name
  Caller-ID
  Network Access Profile Name
  Authen-Failure-Code
  Author-Failure-Code
  Author-Data
  NAS-Port
  NAS-IP-Address
  Filter Information
  PEAP/EAP-FAST-Clear-Name
  EAP Type
  EAP Type Name
  Reason
  Access Device
  Network Device Group
  06/23/2010
  17:39:51
  Authen failed
  000e.9b6e.e834
  Default Group
  000e.9b6e.e834
  (Default)
  EAP-TLS or PEAP authentication failed during SSL handshake
  1101
  10.111.22.24
  25
  MS-PEAP
  wbr-1121-zozo-test
  Office Networ
  06/23/2010
  17:39:50
  Authen failed
  [email protected]
  Default Group
  000e.9b6e.e834
  (Default)
  EAP-TLS or PEAP authentication failed during SSL handshake
  1098
  10.111.22.24
  25
  MS-PEAP
  wbr-1121-zozo-test
  Office Network
  [email protected] = my windows active directory name
  1. Why under EAP-TYPE it shows MS-PEAP not EAP-TLS? I did configure EAP-TLS....
  2. Why sometimes it just shows the MAC of the client for username?
  3. Why  it puts me in DEFAULT-GROUP even though i belongs to a group well definy in the acs?
  2. Secondly, When I check in pass authentications... there is what i saw
  Date
  Time
  Message-Type
  User-Name
  Group-Name
  Caller-ID
  NAS-Port
  NAS-IP-Address
  Network Access Profile Name
  Shared RAC
  Downloadable ACL
  System-Posture-Token
  Application-Posture-Token
  Reason
  EAP Type
  EAP Type Name
  PEAP/EAP-FAST-Clear-Name
  Access Device
  Network Device Group
  06/23/2010
  17:30:49
  Authen OK
  groszozo
  NOC Tier 2
  10.11.10.105
  1
  10.111.22.24
  (Default)
  wbr-1121-zozo-test
  Office Network
  06/23/2010
  17:29:27
  Authen OK
  groszozo
  NOC Tier 2
  10.11.10.105
  1
  10.111.22.24
  (Default)
  wbr-1121-zozo-test
  Office Network
  In the output below, it says that the user is authenticate and it puts the user in the right group with the right username, but the user never really authenticate. Maybe for the first few seconds when I initiate the connection.
  Before I forget, the suppliant is using WIN XP and 802.1x is enable. I even uncheck not verify the server and the ACS under External User Databases, I did  check ENABLE EAP-TLS machine authentication.
  Thanks in advance for your help,
  Crazy---

  Any ideas on this guys?? In my end, i've been reading some docs... Things started to make sens to me, but I still cannot authenticate, still the same errors. One more thing that catch my  attention now is the time it takes to open a telnet session to cisco device which has the ACS for auth server.
  My AD(Active Direct) and the ACS server are local same subnet(server subnet). Ping to the ACS from my desktop which is in different subnet is only take 1ms. To confirm that the issue is the ACS server, I decided to use another server in remote location, the telnet connection is way faster than the local ACS.
  Let's brain storm together to figure out this guys.
  Thanks in advance,
  ----Paul

• EAP-TLS or PEAP authentication failed due to unknown CA certificate during SSL handshake

  Hi All ,
               I am trying to test EAP_TLS authentication on acs 4.2.1.15 running on Appliance 1120 , I have installed my server certficate along with CA certficate on my appliance box , I have enabled features of  EAP_TLS under golbal authentication setup .
               I have downloaded client supplicant certficate file for my windows XP machine .
  When i tried to authenticated i am finding following error message under  failed attempts(EAP-TLS or PEAP authentication failed due to unknown CA certificate during SSL handshake) on my acs appliance box .
  Under certficate revocation list , I have forced my CA as CRL in use . Attached snap shot of all .
  Suggest me whether i need to enable all corresponding CA certficate undercertficate trust list , Kindly let me know were i am doing wrong on this ..

  Hello,
  I am NO expert on certificates but I have seen your error dozens of times from wireless clients on my Cisco ACS 4.2 Radius server.
  Through trial and error I wrote up this procedure for our Helpdesk for installing certs in Windows XP and Windows 7. These steps haven't failed me yet and the Helpdesk doesn't bother me as much anymore so see if this helps you:
  -          Manually install the Global CA under BOTH Trusted Root Certification Authorities\Certificates AND Intermediate Certification                      Authorities\Certificates
  -          Manually install the Intermediate CA under JUST the Intermediate Certification Authorities\Certificates
  -          Delete the wireless network from the computer
  -          REBOOT!!
  -          Open the Microsoft Management Console, “mmc”.
  -          Go FILE\Add Remove SnapIn. Select Certificates ..
  -          If promoted, do it for “My User Account”.
  -          Make sure the certificates are where you put them. 
  -          If you see any of these exact certificates out of place in either Trusted Root Certification Authorities\Certificates or Intermediate Certification                      Authorities\Certificates, remove them.
  -          Redo wireless network setup again
  I hope this helps you.
  Mike

• Tacacs authentication fails for one user account for only one switch

  Hi,
  I am having an scenario, where as Tacacs authentication fails for one user account for only one switch.
  The same user account works well for other devices.
  The AAA configs are same on every devices in the network.
  Heres the show tacacs output from the switch where only one user account fails;
                Socket opens:        157
               Socket closes:        156
               Socket aborts:        303
               Socket errors:          1
             Socket Timeouts:          2
     Failed Connect Attempts:          0
          Total Packets Sent:       1703
          Total Packets Recv:       1243
            Expected Replies:          0
  What could be the reason ?
  No errors on ACS server; same rights had been given to the user account.
  Thanks to advise.
  Prasey

  Hi there,
  Does the user get authenticated in the ACS logs?
  reports and activity----> failed attempts
  ro
  reports and activity----->  passed authentications
  That will help narrow it down.
  Brad

• Cisco ISE (Authentication failed: 24415 User authentication against Active Directory failed since user's account is locked out)

  Hi,
  I have a setup ISE 1.1.1. Users are getting authenticate against AD. Everything is working fine except some users report disconnection. I see in the ISE that (Authentication failed: 24415 User authentication against Active Directory failed since user's account is locked out). Users are using Windows 7 OS.
  Error is enclosed & here is the port configuration.
  Port Configuration.
  interface GigabitEthernet0/2
  switchport access vlan 120
  switchport mode access
  switchport voice vlan 121
  authentication event fail action next-method
  authentication event server dead action reinitialize vlan 120
  authentication event server alive action reinitialize
  authentication host-mode multi-auth
  authentication order mab dot1x
  authentication priority dot1x mab
  authentication port-control auto
  authentication periodic
  authentication timer reauthenticate server
  mab
  dot1x pae authenticator
  dot1x timeout tx-period 60
  spanning-tree portfast
  ip dhcp snooping limit rate 30 interface GigabitEthernet0/2
  switchport access vlan 120
  switchport mode access
  switchport voice vlan 121
  authentication event fail action next-method
  authentication event server dead action reinitialize vlan 120
  authentication event server alive action reinitialize
  authentication host-mode multi-auth
  authentication order mab dot1x
  authentication priority dot1x mab
  authentication port-control auto
  authentication periodic
  authentication timer reauthenticate server
  mab
  dot1x pae authenticator
  dot1x timeout tx-period 60
  spanning-tree portfast
  ip dhcp snooping limit rate 30
  Please help.

  The error message means that Active Directory server Reject the authentication attempt
  as for some reasons the user account got locked.I guess, You should ask your AD Team to check in the AD
  Event Logs why did the user account got locked.
  Under Even Viewers, You can find it out
  Regards
  Minakshi (Do rate the helpful posts)

• Eap tls authentication fails if bluetooth device connected

  Hi All, I'm new to Macs but was tasked with getting a MacBook Air connected to our AD integrated, 802.1x wifi network. After a lot of trial and error with certificates I finally got this working but now have a rather bizarre problem. With the MBA on it's own it will connect to the wifi network, sucessfully authenticate and work perfectly well. However, if my Apple bluetooth mouse or keyboard are connected to the MBA the EAP-TLS authentication fails. A packet capture of the connection process shows that at the same point every time the process take a while then a packet shows as "Unknown Error Ignored", then loops thorugh the process. Turning off the keybpard and mouse at this point and the MBA will connect. Once connected I can then connect the keyboard and mouse and continue to stay connected for a while before, I assume, the AP forces a re-auth and the connection drops again.
  Has anyone come across this elsewhere?
  Thanks

  I have a Macbook Pro Retina 15" from 2012 and it has the same issue. Running 10.8.4. I have spent probably 5-6 hours trying to troubleshoot cert's network settings, did a complete fresh install (then restored from timemachine when that did not work) with no luck this solution worked but obviously is not a real solution as it should not confilct in this way. Great job on finding a workaround! I will be contacting apple about this ASAP under my applecare.

• EAP-TLS & ACE Appliance "EAP-TLS or PEAP authentication failed"

  Hello - I have a version 3.2 of the ACS appliance and I am trying to set up a successful test of EAP-TLS. I have a W2K server for a CA and I believe I have the certificate install properly. However, I get the "EAP-TLS or PEAP authentication failed during SSL handshake" error message in my failed attempts log. The troubleshooting document tells me to look at the CSAuth.log file but I can't seem to find in on the ACS Appliance.
  Does anyone have any ideas how to troubleshoot this problem with the appliance?

  If the client's certificate on the ACS is invalid (which depends on the certificate's valid "from" and "to" dates, the server's date and time settings, and CA trust), then the server will reject it and authentication will fail. The ACS will log the failed authentication in the web interface under Reports and Activity > Failed Attempts > Failed Attempts XXX.csv with the Authentication Failure-Code similar to "EAP-TLS or PEAP authentication failed during SSL handshake." If the ACS rejects the client's certificate because the ACS does not trust the CA, the expected error message in the CSAuth.log file is similar to the following.
  AUTH 06/04/2003 15:47:43 E 0345 1696 EAP: ProcessResponse:
  SSL handshake failed, status = 3 (SSL alert fatal:unknown CA certificate)If the ACS rejects the client's certificate because the certificate has expired, the expected error message in the CSAuth.log file is similar to the following.
  AUTH 06/04/2005 15:02:08 E 0345 1692 EAP: ProcessResponse:
  SSL handshake failed, status = 3 (SSL alert fatal:certificate expired)
  http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00801df0ea.shtml

• EAP-TLS or PEAP authentication failed during SSL handshake to the ACS serve

  We are running the LWAPP (2006 wlc's and 1242 AP's) and using the ACS 4.0 for authentication. Our users are
  experiencing an issue, where they are successfully authenticated the first time, however as the number of them is increasing, they're starting to drop the connections and being prompted to re-authenticate. At this point, they are not being able to authenticate again.
  We're using PEAP for the authentication and Win XP SP2 clients as the supplicants. The error message that we are seeing on the ACS for that controller is "EAP-TLS or PEAP authentication failed during SSL handshake to the ACS server"...Not sure if this error msg is relevant since we have other WLC's that are working OK and still generating the same error msg on the ACS...
  Thanks..

  Here are some configs you can try:
  config advanced eap identity-request-timeout 120
  config advanced eap identity-request-retries 20
  config advanced eap request-timeout 120
  config advanced eap request-retries 20
  save config

• EAP-TLS or PEAP authentication failed during SSL handshake error

  I have 2 Windows 2003 ACS 3.2 servers. I am in the process of upgrading them to ACS 4.0. I am using them for WPA2/PEAP wireless authentication in a WDS environment. I recently upgraded one to ACS 4.0 and ever since that time some (not all) of my Windows XP clients have started to not be authenticated and logging the error "EAP-TLS or PEAP authentication failed during SSL handshake" on the ACS 4.0 server. During the upgrade (which was successful) I did change the Certificate since the current one was going to expire November 2007.
  The clients that do not authenticate on the ACS 4.0 server I can point to the ACS 3.2 server and they successfully authenticate there. I am able to resolve the issue by recreating the Windows XP PEAP profile for the wireless network and by getting a new client Cert. But, I have a couple of questions:
  Is the "EAP-TLS or PEAP authentication failed during SSL handshake" error due to the upgrade to ACS 4.0 or to the fact that I changed the Certificate, or both?
  Can this error ("EAP-TLS or PEAP authentication failed during SSL handshake") be resolved without me touching every Windows XP client (we have over 250+)?
  Thanks for the help

  My experience suggests that the problem is the certificate.
  I'm running ACS 3.3.
  I received the same error message when my clients copied the certificate to the wrong location, or otherwise did not correctly follow the provided instructions.
  Correctly following the instructions led to a successful connection and no more error message.

• Sconadm timeout - Sun On-line Account authentication failed.

  Hello,
  I run Solaris 10 5/08 s10x_u5wos_10 X86.
  and the registration timeout. See below the basicreg.log
  I copy the commands i used. and the output. I also run the suc.sh script and post in the end.
  #ping 82.98.86.176
  82.98.86.176 is alive
  #sconadm register -a -r regfile
  sconadm is running
  Authenticating user ...
  Sun On-line Account authentication failed
  failed registration!
  telnet cns-transport.sun.com 443
  Trying 198.232.168.137...
  traceroute to cns-transport.sun.com (198.232.168.137), 30 hops max, 40 byte packets
  1 172.30.168.254 (172.30.168.254) 0.409 ms 0.241 ms 0.147 ms
  2 125-230-64-254.dynamic.hinet.net (125.230.64.254) 2.334 ms 77.107 ms 1.457 ms
  3 tc-kk-t64-2.router.hinet.net (168.95.149.78) 0.937 ms 1.112 ms 0.867 ms
  4 220-128-17-98.HINET-IP.hinet.net (220.128.17.98) 1.246 ms tc-c12r12.router.hinet.net (220.128.17.158) 1.252 ms 1.138 ms
  5 tp-crs11.router.hinet.net (220.128.2.10) 4.423 ms 4.281 ms 15.803 ms
  6 220-128-4-29.HINET-IP.hinet.net (220.128.4.29) 5.076 ms 4.274 ms 4.034 ms
  7 r02-s2.tp.hinet.net (220.128.4.38) 16.038 ms 4.358 ms 4.359 ms
  8 r12-pa.us.hinet.net (211.72.108.121) 142.842 ms 150.936 ms 142.567 ms
  9 r11-pa.us.hinet.net (202.39.83.193) 143.152 ms 142.800 ms 142.830 ms
  10 206.111.12.165.ptr.us.xo.net (206.111.12.165) 142.651 ms 142.925 ms 142.852 ms
  11 te-11-0-0.rar3.sanjose-ca.us.xo.net (207.88.12.69) 144.081 ms 144.510 ms 144.974 ms
  12 207.88.14.117.ptr.us.xo.net (207.88.14.117) 218.322 ms 218.461 ms 217.083 ms
  13 207.88.14.118.ptr.us.xo.net (207.88.14.118) 218.363 ms 217.950 ms 218.103 ms
  14 207.88.183.54.ptr.us.xo.net (207.88.183.54) 214.827 ms 214.479 ms 216.544 ms
  15 border7.te2-2-bbnet2.wdc002.pnap.net (216.52.127.87) 214.862 ms 215.908 ms 214.832 ms
  16 seven-6.border7.wdc002.pnap.net (216.52.125.250) 214.658 ms 214.440 ms 214.558 ms
  17 * * *
  18 * * *
  # cat basicreg20081024111737681.log
  24.10.2008 11:17:48 com.sun.cns.basicreg.BasicReg loadPropertiesFromHomeDir
  INFO: properties file loaded from the default config.properties
  24.10.2008 11:17:48 com.sun.scn.util.Utils getLocalHostNames
  INFO: get hostname 82.98.86.176
  24.10.2008 11:17:48 com.sun.scn.util.Utils getLocalHostNames
  INFO: first returned hostname 82.98.86.176
  24.10.2008 11:17:48 com.sun.cns.basicreg.cacao.NetworkProxyCacaoAdapter setProxy
  INFO: SCNNetworkProxyConfigMBean.setHost() = null
  24.10.2008 11:17:48 com.sun.cns.basicreg.cacao.NetworkProxyCacaoAdapter setProxy
  INFO: SCNNetworkProxyConfigMBean.setPort() = null
  24.10.2008 11:17:48 com.sun.cns.basicreg.cacao.NetworkProxyCacaoAdapter setProxy
  INFO: SCNNetworkProxyConfigMBean.setUser() = null
  24.10.2008 11:17:48 com.sun.cns.basicreg.cacao.NetworkProxyCacaoAdapter setProxy
  INFO: SCNNetworkProxyConfigMBean.setPassword() = null
  24.10.2008 11:17:48 com.sun.cns.basicreg.BasicRegCLI printRegistrationProfile
  INFO: userName = [email protected]
  24.10.2008 11:17:48 com.sun.cns.basicreg.BasicRegCLI printRegistrationProfile
  INFO: password = *****
  24.10.2008 11:17:48 com.sun.cns.basicreg.BasicRegCLI printRegistrationProfile
  INFO: hostName =
  24.10.2008 11:17:48 com.sun.cns.basicreg.BasicRegCLI printRegistrationProfile
  INFO: portalEnabled =false
  24.10.2008 11:17:48 com.sun.cns.basicreg.BasicRegCLI run
  INFO: Authenticating user ...
  24.10.2008 11:17:48 com.sun.cns.basicreg.cacao.ClientLoginCacaoAdapter getSCNClientSession
  INFO: CREATING SCNClientSession
  24.10.2008 11:25:18 com.sun.cns.basicreg.cacao.ClientLoginCacaoAdapter loginAccount
  SCHWERWIEGEND: Error: login account exception: Connection refused to host: 82.98.86.176; nested exception is:
  java.net.ConnectException: Connection timed out
  24.10.2008 11:25:18 com.sun.cns.basicreg.cacao.ClientLoginCacaoAdapter loginAccount
  SCHWERWIEGEND:
  com.sun.scn.jmx.impl.UISClientLoginModule.login(UISClientLoginModule.java:151)
  sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  java.lang.reflect.Method.invoke(Method.java:585)
  javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
  javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
  javax.security.auth.login.LoginContext$5.run(LoginContext.java:706)
  java.security.AccessController.doPrivileged(Native Method)
  javax.security.auth.login.LoginContext.invokeCreatorPriv(LoginContext.java:703)
  javax.security.auth.login.LoginContext.login(LoginContext.java:575)
  com.sun.scn.jmx.impl.UISClientLogin.login(UISClientLogin.java:201)
  sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  java.lang.reflect.Method.invoke(Method.java:585)
  com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:414)
  javax.management.StandardMBean.invoke(StandardMBean.java:323)
  com.sun.jmx.mbeanserver.DynamicMetaDataImpl.invoke(DynamicMetaDataImpl.java:213)
  com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)
  com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)
  com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)
  com.sun.jdmk.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:203)
  com.sun.cacao.agent.DispatchInterceptor.invoke(DispatchInterceptor.java:736)
  com.sun.cacao.agent.auth.impl.AccessControlInterceptor.invoke(AccessControlInterceptor.java:618)
  com.sun.jdmk.JdmkMBeanServerImpl.invoke(JdmkMBeanServerImpl.java:764)
  com.sun.cacao.common.instrum.impl.InstrumDefaultForwarder.invoke(InstrumDefaultForwarder.java:106)
  javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1410)
  javax.management.remote.rmi.RMIConnectionImpl.access$100(RMIConnectionImpl.java:81)
  javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1247)
  java.security.AccessController.doPrivileged(Native Method)
  javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1350)
  javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:784)
  sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  java.lang.reflect.Method.invoke(Method.java:585)
  sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:294)
  sun.rmi.transport.Transport$1.run(Transport.java:153)
  java.security.AccessController.doPrivileged(Native Method)
  sun.rmi.transport.Transport.serviceCall(Transport.java:149)
  sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:466)
  sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:707)
  java.lang.Thread.run(Thread.java:595)
  24.10.2008 11:25:18 com.sun.cns.basicreg.cacao.ClientLoginCacaoAdapter getLoginResult
  INFO: SCN Fault: Connection refused to host: 82.98.86.176; nested exception is:
  java.net.ConnectException: Connection timed out
  24.10.2008 11:25:18 com.sun.cns.basicreg.BasicRegCLI run
  SCHWERWIEGEND: Sun On-line Account authentication failed
  #sh suc.sh
  User: root
  Logname: root
  Freitag, 24. Oktober 2008 11:48 Uhr CST
  xxx
  smpatch settings:
  patchpro.backout.directory - ""
  patchpro.baseline.directory - /var/sadm/spool
  patchpro.download.directory - /var/sadm/spool
  patchpro.install.types - rebootafter:reconfigafter:standard
  patchpro.patch.source - https://getupdates1.sun.com/
  patchpro.patchset - current
  patchpro.proxy.host - ""
  patchpro.proxy.passwd **** ****
  patchpro.proxy.port - 8080
  patchpro.proxy.user - ""
  smpatch analyze:
  Failure: Cannot connect to retrieve detectors.jar: This system is currently unregistered and is unable to retrieve patches from the Sun Update Connection. Please register your system using the Update Manager, /usr/bin/updatemanager or provide valid Sun Online Account(SOA) credentials.
  Sun UC patch revision:
  120336-04
  121082-06
  121119-13
  121454-02
  123004-03
  123006-07
  123631-03
  123896-04
  124187-07
  Solaris release:
  Solaris 10 5/08 s10x_u5wos_10 X86
  Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
  Use is subject to license terms.
  Assembled 24 March 2008
  Solaris Kernel: Generic_127128-11
  Machine Type: i86pc
  Platform: i86pc
  Java -version:
  java version "1.5.0_14"
  Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_14-b03)
  Java HotSpot(TM) Client VM (build 1.5.0_14-b03, mixed mode, sharing)
  Cacao Java version:
  java-home=/usr/jdk/jdk1.5.0_14
  Software Cluster:
  CLUSTER=SUNWCall
  All ccr properties:
  Property not defined: 18
  18:
  cns.assetid:
  cns.br.SunUCenabled:
  true
  cns.ccr.keyGenPath:
  /usr/lib/cc-ccr/bin/ccrKeyGen
  cns.clientid:
  cns.httpproxy.auth:
  cns.httpproxy.ipaddr:
  cns.httpproxy.port:
  cns.regtoken:
  cns.security.password:
  cns.security.privatekey:
  cns.security.publickey:
  cns.swup.UMautolaunch:
  false
  cns.swup.autoAnalysis.enabled:
  true
  cns.swup.checkinInterval:
  2
  cns.swup.lastCheckin:
  0
  cns.swup.patchbaseline:
  current
  cns.swup.regRequired:
  true
  cns.transport.serverurl:
  patchsvr not installed.
  Sun UC package status:
  SUNWbreg not installed
  SUNWdc not installed
  Edited by: Denis_Theinert on Oct 24, 2008 4:13 AM

  I could connect all of this hosts without problems.
  # telnet sun.com 80
  Trying 72.5.124.61...
  Connected to sun.com.
  Escape character is '^]'.
  ^CConnection to sun.com closed by foreign host.
  # telnet cns-services.sun.com 443
  Trying 198.232.168.133...
  Connected to cns-services.sun.com.
  Escape character is '^]'.
  ^CConnection to cns-services.sun.com closed by foreign host.
  # telnet getupdates1.sun.com 443
  Trying 198.232.168.136...
  Connected to getupdates1.sun.com.
  Escape character is '^]'.
  ^CConnection to getupdates1.sun.com closed by foreign host.
  # telnet a248.e.akamai.net 443
  Trying 60.254.154.75...
  Connected to a248.e.akamai.net.
  Escape character is '^]'.
  ^CConnection to a248.e.akamai.net closed by foreign host.
  #

• TS1424 ı bought the newsweek subscription and couldnt verify the mail so now when ı try to login my account it says authentication failed. ı took the bill so what will ı do now?

  ı bought the newsweek magazine  subscription and couldnt verify the mail so now when ı try to sign in my account it says authentication failed. ı took the bill so what will ı do now? How will I enter and download my magazine. thanks

  ı bought the newsweek magazine  subscription and couldnt verify the mail so now when ı try to sign in my account it says authentication failed. ı took the bill so what will ı do now? How will I enter and download my magazine. thanks

• Hi, i have an ipad air. Last night i got an email from apple@staff.aruba.it, asking me to update my apple account information within 72 hours, failing which my account access will be restrictes. Is this a genuine email? Thanks

  Hi, i have an ipad air. Last night i got an email from [email protected], asking me to update my apple account information within 72 hours, failing which my account access will be restrictes. Is this a genuine email? Thanks

  It is a phishing attempt to get your personal infomation.
  Do not reply and delete the email.