Fixed Access Denied and Authentication Failed errors

Similar Messages

• Cisco Secure Desktop access denied and critical failure errors

  Hi
  Please can you assist me with the following Cisco Secure Desktop error. 
  "Access Denied
  Your system failed to be validated by the Cisco Secure Desktop and will not be granted access.
  Critical failure.
  Cisco Secure Desktop must run and validate your system to proceed. Please verify your browser settings and configuration and retry."
  Under "Weblaunch" Platform detection, Sun Java and Java Detection are ticked.  The other items are unticked.
  Thank you in advance.

  I'm having the same problem with Lion 10.8.4
  I've tried three different browsers with similar results.
  Firefox 22.0
  Chrome Version 27.0.1453.116
  Safari 6.05
  Any ideas?  I know we have the Secure desktop set to scan for antivirus for all connections.  I know that my AV is on the list and supposedly compatible.

• Hi Trying to download CS5 Design Premium. We have a copy on the Mac and want to put a second copy on the Macbook pro. Can download the file but when it is clicked the file give an error message "User access denied" and dumps the download. So hence I do no

  Hi Trying to download CS5 Design Premium. We have a copy on the Mac and want to put a second copy on the Macbook pro. Can download the file but when it is clicked the file give an error message "User access denied" and dumps the download. So hence I do not get an installation screen or a chance to enter the Licence no.

  Use another browser.
  Mylenium

• Windows A/D Authentication Failed (Error 1300L)

  I currently have in place CS ACS Solution Engine v3.3.3 and the Remote Agent is installed on Windows Server 2003. I'm using a lab environment to test Authentication to network switches and routers using ACS as Radius with Windows A/D as the backend. I have had success with the authentication using the CiscoSecure DB but when I change it to Windows DB I get the follwing error in the log:
  CSWinAgent 10/24/2005 14:42:34 A 0433 2004 RPC: NT_MSCHAPAuthenticateUser reply sent
  CSWinAgent 10/24/2005 15:00:06 A 0254 3468 RPC: NT_ForAllNTTrustedDomains received
  CSWinAgent 10/24/2005 15:00:06 A 0048 3468 NTLIB: Found 1 trusted domains
  CSWinAgent 10/24/2005 15:00:06 A 0048 3468 NTLIB: trusted domain 1 [Domain-Name]
  CSWinAgent 10/24/2005 15:00:06 A 0048 3468 NTLIB: Found 0 trusted domains
  CSWinAgent 10/24/2005 15:00:06 A 0287 3468 RPC: NT_ForAllNTTrustedDomains reply sent
  CSWinAgent 10/24/2005 15:01:33 A 0121 0564 Client connecting from XX.XX.XX.XXX:1935
  CSWinAgent 10/24/2005 15:01:34 A 0371 2940 RPC: NT_MSCHAPAuthenticateUser received
  CSWinAgent 10/24/2005 15:01:34 A 0048 2940 NTLIB: Attempting Windows authentication for user JohnDoe
  CSWinAgent 10/24/2005 15:01:34 A 0048 2940 NTLIB: Windows authentication FAILED (error 1300L)
  CSWinAgent 10/24/2005 15:01:34 A 0433 2940 RPC: NT_MSCHAPAuthenticateUser reply sent
  CSWinAgent 10/24/2005 15:01:37 A 0371 2940 RPC: NT_MSCHAPAuthenticateUser received
  CSWinAgent 10/24/2005 15:01:37 A 0048 2940 NTLIB: Attempting Windows authentication for user JohnDoe
  CSWinAgent 10/24/2005 15:01:37 A 0048 2940 NTLIB: Windows authentication FAILED (error 1300L).
  I installed the RemoteAgent with a Domain Admin Acct. and the CSAgent Service is running with the same acct. Also the external DB is established and the Unknown User Policy is enabled.
  Any suggestions??
  TIA

  Looking into the CSWINAgent log file, I determined that the authentication request was being "forwarded" to a different Windows Server and failing. Talking to one of our Systems Admins, I determined that the Remote Agent was in fact installed on a Domain Controller, but its role might not provide the service needed to do the username query. Furthermore, he went on the explain that we have a number of DCs in our evnironment, but that they each act as different "roles." Apparently the Remote Agent is smart enough to recognize that the current DC in which the Remote Agent was installed on could not perform the task requested and looked for the DC that could (the log file gave me the name of the DC that could). The Systems Admin stated that the DC that the log file was pointing to was the "PDC emulator" in our native envirnoment. So in short, I installed it on the suspected DC and everything works great. I did have to that the Domain Admin to the security Policy that you stated. I have been doing 802.1X machine and user auth ever since without issue. Thanks for your help.

• "authentication failed" error for adobe content viewer

  i keep getting "authentication failed" error when logging in to adobe content viewer on my ipad.  I am signed in to my adobe account.  what else can I do?

  per neil enns,
  Did you log into http://digitalpublishing.acrobat.com/ with your account, on your PC, and confirm there are no terms and conditions to accept? If so and you still can't log in on your iPad it is likely due to blocked ports by your IT department's firewall.

• Access denied - LOADXML Malformed XML Error

  Hi everyone,
  I am trying to navigate through some webDynpro ABAP component Methods each time I click on a method, a system message appears and it reads:
  Access denied
  And having the title LOADXML Malformed XML Error
  This doesnu2019t happen on different machine neither my college PC.
  Could somebody help?
  Thanks,

  I have found this threed usfule:
  [Re: SAP GUI XML related error message and crash.;
  and my problem is resolved now

• EFS Encrypted Files over home workgroup network via WebDAV avoiding Active Directory fixing Access Denied errors

  This is for information to help others
  KEYWORDS:
    - Sharing EFS encrypted files over a personal lan wlan wifi ap network
    - Access denied on create new file / new fold on encrypted EFS network file share remote mapped folder
    - transfer encryption keys / certificates
    - set trusted delegation for user + computer for EFS encrypted files via
  Kerberos
    - Windows Active Directory vs network file share
    - Setting up WinDAV server on Windows 7 Pro / Ultimate
  It has been a long painful road to discover this information.
  I hope sharing it helps you.
  Using EFS on Windows 7 pro / ultimate is easy and works great. See
  here and
  here
  So too is opening + editing encrypted files over a peer-to-peer Windows 7 network.
  HOWEVER, creating a new file / new folder over a peer-to-peer Windows 7 network
  won't work (unless you follow below steps).
  Typically, it is only discovered as an issue when a home user wants to use synchronisation software between their home computers which happens to have a few folders encrypted using windows EFS. I had this issue trying to use GoodSync.
  Typically an "Access Denied" error messages is thrown when a \\clientpc tries to create new folder / new file in an encrypted folder on a remote file share \\fileserver.
  Why such a EFS drama when a network is involved?
  Assume a home peer-to-peer network with 2pc:  \\fileserver  and  \\clientpc
  When a \\clientpc tries to create a new file or new folder on a \\fileserver (remote computer) it fails. In a terribly simplified explanation it is because the process on \\fileserver that is answering the network requests is a process working for a user on
  another machine (\\clientpc) and that \\fileserver process doesn't have access to an encryption certificate (as it isn't a user). Active Directory gets around this by using kerberos so the process can impersonate a \\fileserver user and then use their certificate
  (on behalf of the clienpc's data request).
  This behaviour is confusing, as a \\clientpc can open or edit an existing efs encrypted file or folder, just can't create a new file or folder. The reason editing + opening an encrypted file over a network file share is possible is because the encrypted
  file / folder already has an encryption certificate, so it is clear which certificate is required to open/edit the file. Creating a new file/folder requires a certificate to be assigned and a process doesn't have a profile or certificates assigned.
  Solutions
  There are two main approaches to solve this:
       1) SOLVE by setting up an Active Directory (efs files accessed through file shares)
            EFS operations occur on the computer storing the files.
            EFS files are decrypted then transmitted in plaintext to the client's computer
            This makes use of kerberos to impersonate a local user (and use their certificate for encrypt + decrypt)
       2) SOLVE by setting up WebDAV (efs files accessed through web folders)
             EFS operations occur on the client's local computer
             EFS files remain encrypted during transmission to the client's local computer where it is decrypted
             This avoids active directory domains, roaming or remote user profiles and having to be trusted for delegation.
             BUT it is a pain to set up, and most online WebDAV server setup sources are not for home peer-to-peer networks or contain details on how to setup WebDAV for EFS file provision
           READ BELOW as this does
  Create new encrypted file / folder on a network file share - via Active Directory
  It is easily possible to sort this out on a domain based (corporate) active directory network. It is well documented. See
  here. However, the problem is on a normal Windows 7 install (ie home peer-to-peer) to set up the server as part of an active directory domain is complicated, it is time consuming it is bulky, adds burden to operation of \\fileserver computer
  and adds network complexity, and is generally a pain for a home user. Don't. Use a WebDAV.
  Although this info is NOT for setting up EFS on an active directory domain [server],
  for those interested here is the gist:
  Use the Active Directory Users and Computers snap-in to configure delegation options for both users and computers. To trust a computer for delegation, open the computer’s Properties sheet and select Trusted for delegation. To allow a user
  account to be delegated, open the user’s Properties sheet. On the Account tab, under Account Options, clear the The account is sensitive and cannot be delegated check box. Do not select The account is trusted for delegation. This property is not used with
  EFS.
  NB: decrypted data is transmitted over the network in plaintext so reduce risk by enabling IP Security to use Encapsulating Security Payload (ESP)—which will encrypt transmitted data,
  Create new encrypted file / folder on a network file share - via WebDAV
  For home users it is possible to make it all work.
  Even better, the functionality is built into windows (pro + ultimate) so you don't need any external software and it doesn't cost anything. However, there are a few hotfixes you have to apply to make it work (see below).
  Setting up a wifi AP (for those less technical):
     a) START ... CMD
     b) type (no quotes): "netsh  wlan set hostednetwork mode=allow ssid=MyPersonalWifi key=12345 keyUsage=persistent"
     c) type (no quotes): "netsh  wlan start hostednetwork"
  Set up a WebDAV server on Windows 7 Pro / Ultimate
  -----ON THE FILESERVER------
     1  click START and type "Turn Windows Features On or Off" and open the link
         a) scroll down to "Internet Information Services" and expand it.
         b) put a tick in: "Web Management Tools" \ "IIS Management Console"
         c) put a tick in: "World Wide Web Services" \ "Common HTTP Features" \ "WebDAV Publishing"
         d) put a tick in: "World Wide Web Services" \ "Security" \ "Basic Authentication"
         e) put a tick in: "World Wide Web Services" \ "Security" \ "Windows Authentication"
         f) click ok
         g) run HOTFIX - ONLY if NOT running Windows 7 / windows 8
  KB892211 here ONLY for XP + Server 2003 (made in 2005)
  KB907306 here ONLY for Vista, XP, Server 2008, Server 2003 (made in 2007)
    2 Click START and type "Internet Information Services (IIS) Manager"
    3 in IIS, on the left under "connections" click your computer, then click "WebDAV Authoring Rules", then click "Open Feature"
         a) on the right side, under Actions, click "Enable WebDAV"
    4 in IIS, on the left under "connections" click your computer, then click "Authentication", then click "Open Feature"
         a) on the "Anonymous Authentication" and click "Disable"
         b) on the "Windows Authentication" and click "Enable"
        NB: Some Win 7 will not connect to a webDAV user using Basic Authentication.
          It can be by changing registry key:
             [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WebClient\Parameters]
             BasicAuthLevel=2
         c) on the "Windows Authentication" click "Advanced Settings"
             set Extended Protection to "Required"
         NB: Extended protection enhances the windows authentication with 2 security mechanisms to reduce "man in the middle" attacks
    5 in IIS, on the left under "connections" click your computer, then click "Authorization Rules", then click "Open Feature"
         a) on the right side, under Actions, click "Add Allow Rule"
         b) set this to "all users". This will control who can view the "Default Site" through a web browser
         NB: It is possible to specify a group (eg Administrators is popular) or a user account. However, if not set to "all users" this will require the specified group/user account to be used for logged in with on the
  clientpc.
         NB: Any user account specified here has to exist on the server. It has a bug in that it usernames specified here are not validated on input.
    6 in IIS, on the left under "connections" click your computer, then click "Directory Browsing", then click "Open Feature"
         a) on the right side, under Actions, click "Enable"
  HOTFIX - double escaping
    7 in IIS, on the left under "connections" click your computer, then click "Request Filtering", then click "Open Feature"
         a) on the right side, under Actions, click "Edit Feature Settings"
         b) tick the box "Allow double escaping"
       *THIS IS VERY IMPORTANT* if your filenames or foldernames contain characters like "+" or "&"
       These folders will appears blank with no subdirectories, or these files will not be readable unless this is ticked
       This is safe btw. Unchecked (default) it filters out requests that might possibly be misinterpreted by buggy code (eg double decode or build url's via string-concat without proper encoding). But any bug would need to be in IIS basic
  file serving and this has been rigorously tested by microsoft, so very unlikely. Its safe to "Allow double escaping".
    8 in IIS, on the left under "connections" right click "Default Web Site", then click "Add Virtual Directory"
         a) set the Alias to something sensible eg "D_Drive", set the physical path
         b) it is essential you click "connect as" and set
  this to a local user (on fileserver),
         if left as "pass through authentication" a client won't be able to create a new file or folder in an encrypted efs folder (on fileserver)
               NB: the user account selected here must have the required EFS certificates installed.
                          See
  here and
  here
          NB: Sharing the root of a drive as an active directory (eg D:\ as "D_Drive") often can't be opened on clientpcs.
        This is due to windows setting all drive roots as hidden "administrative shares". Grrr.
         The work around is on the \\fileserver create an NTFS symbollic link
            e.g. to share the entire contents of "D:\",
                  on fileserver browse to site path (iis default this to c:\inetpub\wwwroot)
                  in cmd in this folder create an NTFS symbolic link to "D:\"
                  so in cmd type "cd c:\inetpub\wwwroot"
                  then in cmd type "mklink /D D_Drive D:\"
          NB: WebDAV will open this using a \\fileserver local user account, so double check local NTFS permissions for the local account (clients will login using)
           NB: If clientpc can see files but gets error on opening them, on clientpc click START, type "Manage Network Passwords", delete any "windows credentials" for the fileserver being used, restart
  clientpc
    9 in IIS, on the left under "connections" click on "WebDAV Authoring Rules", then click "Open Feature"
         a) click "Add authoring rules". Control access to this folder by selecting "all users" or "specified groups" or "specified users", then control whether they can read/write/source
         b) if some exist review existing allow or deny.
             Take care to not only review the "allow access to" settings
             but also review "permissions" (read/write/source)
         NB: this can be set here for all added virtual directories, or can be set under each virtual directory
    10 Open your firewall software and/or your router. Make an exception for port 80 and 443
         a) In Windows Firewall with Advanced Security click Inbound Rules, click New Rule
               choose Port, enter "80, 443" (no speech marks), follow through to completion. Repeat for outbound.
            NB: take care over your choice to untick "Public", this can cause issues if no gateway is specified on the network (ie computer-to-computer with no router). See "Other problems+fixes"
  below, specifically "Cant find server due to network location"
         b) Repeat firewall exceptions on each client computer you expect to access the webDAV web folders on
  HOTFIX - MAJOR ISSUE - fix KB959439
    11 To fully understand this read "WebDAV HOTFIX: RAW DATA TRANSFERS" below
        a) On Windows 7 you need only change one tiny registry value:
             - click START, type "regedit", open link
             -browse to [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MRxDAV\Parameters]
             -on the EDIT menu click NEW, then click DWORD Value
             -Type "DisableEFSOnWebDav" to name it (no speech marks)
             -on the EDIT menu, click MODIFY, type 1, then click OK 
             -You MUST now restart this computer for the registry change to take effect.
        b) On Windows Server 2008 / Vista / XP you'll FIRST need to
  download Windows6.0-KB959439 here. Then do the above step.
           NB microsoft will ask for your email. They don't care about licence key legality, it is more to keep you updated if they modify that hotfix
    12 To test on local machine (eg \\fileserver) and deliberately bypass the firewall.
          a) make sure WebClient Service is running
              (click START, type "services" and open, scroll down to WebClient and check its status)
          b) Open your internet software. Go to address "http://localhost:80" or "http://localhost:80"
              It should show the default "IIS7" image.
              If not, as firewall and port blocking are bypassed (using localhost) it must be a webDAV server setting. Check "Authorization Rules" are set to "Allow All Users"           
          c) for one of the "virtual directories" you added (8), add its "alias" onto "http://localhost/"
                  e.g. http://localhost/D_drive
              If nothing is listed, check "Directory Browsing" is enabled
    13 To test on local machine or a networked client and deliberately try and access through the firewall or port opening of your router.
          a) make sure WebClient Service is running
              (click START, type "services" and open, scroll down to WebClient and check its status)
          b) open your internet software. Go to address "http://<computer>:80" or "http://<computer>:80".
                eg if your server's computer name is "fileserver" go to "http://fileserver:80"
                It should show the default "IIS7" image. If not, check firewall and port blocking. 
                Any issue ie if (12) works but (13) doesn't,  will indicate a possible firewall issue or router port blocking issue.
         c) for one of the "virtual directories" you added (8), add its "alias" onto "http://<computername>:80/"
                 eg if alias is "C_driver" and your server's computer name is "fileserver" go to "http://fileserver:80/C_drive"
                 A directory listing of files should appear.
  --- ON EACH CLIENT ----
  HOTFIX - improve upload + download speeds
    14 Click START and type "Internet Options" and open the link
          a) click the "Connections" tab at the top
          b) click the "LAN Settings" button at the bottom right
          c) untick "Automatically detect settings"
  HOTFIX - remove 50mb file limit
    15 On Windows 7 you need only change one tiny registry value:
        a) click START, type "regedit", open link
        b) browse to [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WebClient\Parameters]
         c) click on "FileSizeLimitInBytes"
         d) on the EDIT menu, click MODIFY, type "ffffffff", then click OK (no quotes)
  HOTFIX - remove prompt for user+pass on opening an office or pdf document via WebDAV
   16 On each clientpc click START, type "Internet Options" and open it
           a) click on "Security" (top) and then "Custom level" (bottom)
           b) scroll right to the bottom and under "User Authentication" select "Automatic logon with current username and password"
           SUCH an easy fix. SUCH an annoying problem on a clientpc
     NB: this is only an issue if the file is opened through windows explorer. If opened through the "open" dialogue of the software itself, it doesn't happen. This is as a WebDAV mapped drive is consdered a "web folder" by windows
  explorer.
  TEST SETUP
    17 On the client use the normal "map network drive"
              e.g. server= "http://fileserver:80/C_drive", tick reconnect at logon
              e.g. CMD: net use * "http://fileserver:80/C_drive"
           If it doens't work check "WebDAV Authoring Rules" and check NTFS permissions for these folders. Check that on the filserver the elected impersonation user that the client is logging in with (clientpc
  "manage network passwords") has NTFS permissions.
    18 Test that EFS is now working over the network
         a) On a clientpc, map network drive to http://fileserver/
         b) navigate to a folder you know on the \\flieserver is encrypted with EFS
         c) create a new folder, create a new file.
             IF it throws an error, check carefully you mapped to the WebDAV and not file share
                i.e. mapped to "http://fileserver" not "\\fileserver"
             Check that on clientpc the required efs certificate is installed. Then check carefully on clientpc what user account you specified during the map drive process. Then check on the \\fileserver this
  account exists and has the required EFS certificate installed for use. If necessary, on clientpc click START, type "Manage Network Passwords" and delete the windows credentials currently in the vault.
         d) on clientpc (through a webDAV mapped folder) open an encrypted file, edit it, save it, close it. On the \\fileserver now check that file is readable and not gobble-de-goup
         e) on clientpc copy an encrypted efs file into a folder (a webDAV mapped folder) you know is not encrypted on \\fileserver. Now check on the \\fileserver computer that the file is readable and not gobble-de-goup (ie the
  clientpc decrypted it then copied it).
          If this fails, it is likely one in IIS setting on fileserver one of the shared virtual directories is set to: "pass through authentication" when it should be set to "connect as"
          If this is not readable check step (11) and that you restarted the \\fileserver computer.
    19 Test that clients don't get the VERY annoying prompt when opening an Office or PDF doc
        a) on clientpc in windows explorer browse to a mapped folder you know is encrypted and open an office file and then PDF.
              If a prompt for user+pass then check hotfix (16)
    20 Consider setting up a recycling bin for this mapped drive, so files are sent to recycling bin not permanently deleted
        a) see the last comment at the very bottom of
  this page: 
  Points to consider:
     - NB: WebDAV runs on \\fileserver under a local user account, so double check local NTFS permissions for that local account and adjust file permissions accordingly. If the local account doesn't have permission, the webDAV / web folder share won't
  either.
    - CONSIDER: IP Security (IPSec) or Secure Sockets Layer (SSL) to protect files during transport.
  MORE INFO: HOTFIX: RAW DATA TRANSFERS
  More info on step (11) above.
  Because files remain encrypted during the file transfer and are decrypted by EFS locally, both uploads to and downloads from Web folders are raw data transfers. This is an advantage as if data is intercepted it is useless. This is a massive disadvantage as
  it can cause unexpected results. IT MUST BE FIXED or you could be in deep deep water!
  Consider using \\clientpc to access a webfolder on \\fileserver and copying an encrypted EFS file (over the network) to a web folder on \\fileserver that is not encrypted.
  Doing this locally would automatically decrypt the file first then copy the decrypted file to the non-encrypted folder.
  Doing this over the network to a web folder will copy the raw data, ie skip the decryption stage and result in the encrypted EFS file being raw copied to the non-encrypted folder. When viewed locally this file will not be recognised as encrypted (no encryption
  file flag, not green in windows explorer) but it will be un-readable as its contents are still encrypted. It is now not possible to locally read this file. It can only be viewed on the \\clientpc
  There is a fix:
        It is implimented above, see (11) above
        Microsoft's support page on this is excellent and short. Read "problem description" of "this microsoft webpage"
  Other problems + fixes
    PROBLEM: Can't find server due to network location.
       This one took me a long time to track down to "network location".
       Win 7 uses network locations "Home" / "Work" / "Public".
       If no gateway is specified in the IP address, the network is set to '"unidentified" and so receives "Public" settings.
       This is a disaster for remote file share access as typically "network discovery" and "file sharing" are disabled under "Public"
       FIX = either set IP address manually and specify a gateway
       FIX = or  force "unidentified" network locations to assume "home" or "work" settings -
  read here or
  here
       FIX = or  change the "Public" "advanced network settings" to turn on "network discovery" and "file sharing" and "Password Protected Sharing". This is safe as it will require a windows
  login to gain file access.
    PROBLEM: Deleting files on network drive permanently deletes them, there is no recycling bin
         By changing the location of "My Contacts" or similar to the root directory of your mapped drive, it will be added to recycling bin locations
        Read
  here (i've posted a batch script to automatically make the required reg files)
  I really hope this helps people. I hope the keywords + long title give it the best chance of being picked up in web searches.

  What probably happens is that processes are using those mounts. And that those processes are not killed before the mounts are unmounted. Is there anything that uses those mounts?

• Im trying to download skype and adobe flash player however i cant download anything because i get this message saying either access denied or some technical error in the gateway/proxy??

  My Macbook pro is brand new and im trying to download some applications such as skype and adobe flash player however whenever i try to i cant because either the site im on shifts and says access denied or some technical problem occurs? Very much appreciated.

  You might want ot ask in the MBP forum as well as in the SL 10.6 forum.

• Getting Error Message "Access Denied" and "Unable to Execute!

  Using jmf-2_1_1e-windows-i586.exe on Windows XP. When I open the executable it prompts me if I want to overwrite the existing files. If I do yes, then I get "Access Denied". If I do no, then I get "Unable to Execute!
  "C:\DOCUME~1\HP_ADM~1\LOCALSS~1\Temp\pft1~tmp\SETUP.EXE" /SMS
  Unable to execute the command line"
  What am I doing wrong?

  Sounds like you don`t have write permissions for that directory. Not a java problem.
  regards

• Access denied in my code - Error code:-2147467259

  Hi there,
  I'm a newbie with CR server technology. I installed yesterday a CR XI trial on my system to do a PoC for a customer who already uses CR. He gave me a rpt file to use in my program.
  I'm developing a program where the report is prepared as PDF and then sent by email and fax to certain receivers. I'm in the middle of the work now. Here a first look at my code:
  URL url = Thread.currentThread().getContextClassLoader().getResource(
  "rpt/1442_11791_OrdersbyVault_OrderA4.crystal9_v4_alg.rpt");
  ReportClientDocument clientDoc = new ReportClientDocument();
  clientDoc.setReportAppServer("localhost");
  String file = new File(url.getFile()).toString();
  // Open report
  clientDoc.open(file, 0);
  This code is inside a EJB session bean which should provide the report later as byte[] to another bean which will send it.
  When I execute the bean it usually fails with this exception:
  SRVE0014E: Nicht erfasste Ausnahme für service() durch Root ausgeöst /test.jsp: com.crystaldecisions.sdk.occa.report.lib.ReportSDKServerException: Zugriff verweigert. Überprüfen Sie die Verzeichniseinstellungen für Dateien, auf die Sie zugreifen können.---- Error code:-2147467259 Error code name:failed
  at com.crystaldecisions.sdk.occa.report.lib.ReportSDKServerException.throwReportSDKServerException(Unknown Source)
  at com.crystaldecisions.proxy.remoteagent.r.a(Unknown Source)
  at com.crystaldecisions.sdk.occa.report.application.ReportClientDocument.do(Unknown Source)
  at com.crystaldecisions.sdk.occa.report.application.ReportClientDocument.if(Unknown Source)
  at com.crystaldecisions.sdk.occa.report.application.ReportClientDocument.a(Unknown Source)
  at com.crystaldecisions.sdk.occa.report.application.ClientDocument.open(Unknown Source)
  at de.szb.bt.service.reporting.reporting.ReportingServiceBean.execute(ReportingServiceBean.java)
  at de.szb.bt.service.reporting.reporting.EJSLocalStatelessReportingService_a07b2911.execute(EJSLocalStatelessReportingS
  ervice_a07b2911.java:29)
  at com.ibm._jsp._test._jspService(_test.java:138)
  at com.ibm.ws.jsp.runtime.HttpJspBase.service(HttpJspBase.java:91)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
  at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1572)
  at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:762)
  at com.ibm.wsspi.webcontainer.servlet.GenericServletWrapper.handleRequest(GenericServletWrapper.java:121)
  at com.ibm.ws.jsp.webcontainerext.JSPExtensionServletWrapper.handleRequest(JSPExtensionServletWrapper.java:204)
  at com.ibm.ws.jsp.webcontainerext.JSPExtensionProcessor.handleRequest(JSPExtensionProcessor.java:254)
  at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3071)
  at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:236)
  at com.ibm.ws.webcontainer.VirtualHost.handleRequest(VirtualHost.java:210)
  at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:1958)
  at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:89)
  at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:472)
  at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:411)
  at com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete(HttpICLReadCallback.java:101)
  at com.ibm.ws.tcp.channel.impl.WorkQueueManager.requestComplete(WorkQueueManager.java:566)
  at com.ibm.ws.tcp.channel.impl.WorkQueueManager.attemptIO(WorkQueueManager.java:619)
  at com.ibm.ws.tcp.channel.impl.WorkQueueManager.workerRun(WorkQueueManager.java:952)
  at com.ibm.ws.tcp.channel.impl.WorkQueueManager$Worker.run(WorkQueueManager.java:1039)
  at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1471)
  It fails with an access denied. I know the file is there, I debugged the path and it looks good for me:
  "C:workspacesgfi_it-mediaCashmanagementEJBejbModule pt1442_11791_OrdersbyVault_OrderA4.crystal9_v4_alg.rpt"
  I'm running the RAS as LocalSystem user so it should have the needed rights to access the file. I haven't found a fitting solution to this yet. I tried to use the publishing assistant tool to add it to a repository but ths didn't help. Any suggestion?
  Thanks in advance!
  Kai

  <p>Hello Kai,</p><p>You appear to be trying to use the RAS server, which is one of the servers included with Crystal Reports Server, to do "unmanaged" reporting - i.e., run a Crystal Report report that has not been "published" and is managed by the Crystal Report Server.</p><p>Note that RAS is configured to restrict access to umanaged rpt file to a folder and its subfolder on the system.  This folder is specified in the Central Configuration Manager (CCM).  Is the location of the rpt file within this folder or subfolder?  I&#39;d check that first.</p><p>Sincerely,</p><p>TU </p>

• "24427 Access to Active Directory failed" error in ACS 5.1

  Hello,
  I'm working on implementing a RADIUS authentication for wireless access with the following :
  - PCs running Windows 7, protocol used is PEAP (without validating the server certificate to make it simple at first),
  - AP 1252  configured to use a RADIUS server to authenticate (it's working good with an ACS server 4.2),
  - ACS Server 5.1.0.44.5 running as VM connected to an AD domain and working good with VPN connections,
  - AD domain running on Windows 2003 Server.
  My ACS VM is working good since a couple of months for VPN (RADIUS) and administration (TACACS) remote access, both using Active Directory. Now, I'd like to use it to authenticate people connecting to a 1252 Cisco access point but I'm getting this error "24427 Access to Active Directory failed". I switched from PEAP to LEAP but this is the same.
  All I can get running the expert troubleshoot
  Investigating failure code: 24427 Access to Active Directory failed
  Checking if Active Directory is configured
  Active Directory is configured
  Attempting connection to Active Directory
  Connection to Active Directory was successful.
  Troubleshooting completed.
  Click on Show Results Summary to view results.
  I followed this guide, at least for the ACS certificate section :
  http://www.cisco.com/en/US/products/ps10315/products_configuration_example09186a0080b4cdb9.shtml
  Anyone has an idea where the problem may come from?
  Thanks in advance,
  Vincent

  hey there, I ran into the same issue with 5.3 and it turned out being this bug. i came across your post looking for instructions on retrieving the logs. thanks mate.
  link
  Problem: Error "24495 Active Directory servers are not available"
  Authentication starts failing with this error: 24495 Active Directory servers are not available. in the ACS 5.3 logs.
  Solution
  Check the ACSADAgent.log file through the CLI of the ACS 5.x for messages such as:Mar 11 00:06:06 xlpacs01 adclient[30401]: INFO base.bind.healing Lost connection to xxxxxxxx. Running in disconnected mode: unlatch. If you see the Running in disconnected mode: unlatch error message, this means the ACS 5.3 cannot maintain a stable connection with Active Directory. The workaround is to either switch to LDAP or downgrade the ACS to 5.2 version. Refer to Cisco bug ID CSCtx71254 (registered customers only) for more information.

• Authentication Failed error message on browser while login to author instance

  Hi,
  I ran backup on author and publish instance after datastore garbage collector.
  It went fine on publish instance and created backup file succesfully.
  But at some point of time backup failed on author instance and we tried to login on author instance we got cq5 console on browser.
  After that we checked replication agent on author and wheni clicked to publish we got error page saying Class not found exception.
  after some time we just bounced the author instance we got startup completed message ver quickly and not started all the bundles(started only 121 bundles).
  Tried to login author instance on browser it was showing Authentication Failed message.
  Please helpout in resolving this issue.
  Thanks in Advance.
  Mahesh

  I did not really understand what the problem with the domain/hostname or so is you mentioned but lets set it aside and assume that it doesnt cause any further problems for now.
  About your questions:
  1) With which user do you try to login?
  "amadmin" is default name for the administrative user.
  Did you rename him or do you try to log in with another user?
  "amadmin" is probably the only user which "works" just after installing.
  When you go to portal/dt, are you logged in or are you on the anonymous desktop? If you did not make any changes you shold get either a login channel or a Userinfo channel.
  This way you should be able to see if you are logged in.
  Also important for you:
  Logfiles for access manager and portal are by default placed in the folder /var/opt/SUNWam/. There is a debug and logs folder.
  These loggings are most of the time more helpfull than the directory server logs.
  To get a finer logging edit the file /etc/opt/SUNWam/AMConfig.properties
  There is a line "...=error". Replace error with message and restart the webserver/appserver-domain.
  hth Chris

• Access denied - http authentication

  Hi all,
  I have a java web service client that needs to connect to a .net web service. When I set up the client in Netbeans 6, the wizard asks to accept the certificate - which I do.
  The .net web services provider gave me a username and password to access the web service, but when I typed it in, I got an error.
  When I run the web service client, I get:
  com.sun.xml.ws.client.ClientTransportException: request requires HTTP authentication: Access Denied
  Where can I supply the authentication details for the client to access the server?
  Thanks and regards,
  Brenda

  Can someone PLEASE tell me how to perform HTTP authentication when connecting from a java webservice client to a .Net web service?
  I have tried:
  <code>
  ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "94648137");
  ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "Retail03");
  </code>
  but have had no luck. The web service is using LDAP authentication over HTTPS.
  TIA
  Brenda

• PDP authentication failed error

  Hi Team,
  I'm using iPhone 6, my device is working good with local mobile data. If I tried to access data in roaming, it won't work and prompting an error PDP Authentication failed
  As network provider confirmed that the issue not from their end and it might be an issue with hardware end.
  Please advise me with the right solution to get sorted out from this issue.

  Post the error message verbatim.
  Very, very doubtful it's a hardware problem.

• Can't access the console - Authentication failed

  Hi,
  I've just finished with DS and AM setup (consecutively).
  The AM setup was done with Configure Now JES wizard, with Webserver, everything on the same machine - remote doesn't work. Everything fine.
  When I try to access the console, I always get the message:
  "Authentication failed.
  Return to Login page"
  I've tried admin, amldapuser, amadmin, amAdmin.
  The logs in Directory Server says:
  [01/Nov/2006:02:50:44 -0300] conn=137 op=10 msgId=489 - SRCH base="dc=caverna,dc=net" scope=2 filter="(uid=amadmin)" attrs="dn uid"
  [01/Nov/2006:02:50:44 -0300] conn=137 op=10 msgId=489 - RESULT err=0 tag=101 entries=0 etime=0
  amAuthentication.access:
  "2006-11-01 02:47:25" "Login Success|module_instance|Application" Application AUTHENTICATION-105 dc=caverna,dc=net 31329a31876dc65001 INFO "cn=dsameuser,ou=DSAME Users,dc=caverna,dc=net" "Not Available" "cn=dsameuser,ou=DSAME Users,dc=caverna,dc=net" "Not Available"
  and amAuthentication.error:
  "2006-11-01 02:50:44" "Login Failed" LDAP AUTHENTICATION-200 dc=caverna,dc=net "Not Available" INFO "Not
  Available" 192.168.254.1 "cn=dsameuser,ou=DSAME Users,dc=caverna,dc=net" beta.caverna.net
  "2006-11-01 02:50:52" "Login Failed" LDAP AUTHENTICATION-200 dc=caverna,dc=net "Not Available" INFO "Not
  Available" 192.168.254.1 "cn=dsameuser,ou=DSAME Users,dc=caverna,dc=net" beta.caverna.net
  Any suggestions?
  Best regards,
  Luiz Felipe.

  I can't remember very well, but I think I reinstalled AM and DS, But I can't remember very well.
  BTW, I'm gently answering your question suggesting this tip, but I've gave up about JES. So, don't trust me a lot ;)
  Maybe I will try the 2006 version... maybe.
  Message was edited by:
  luizfox