HDCP Compliance Issue, Everything is Compliant Though???

Similar Messages

• MBAM 2.5 integrated with SCCM 2012 SP1 compliance issue

  Hi,
  I have installed MBAM 2.5 in a SCCM integrated topology. GPO for encryption on the OS drive only have been deployed and encryption completed using the MBAM client. When running the compliance report and evaluating using the SCCM client the compliance comes
  back as non-compliant. I have tried several tweaks to the GPO but had no luck getting it to report as compliant. Using the dashboard report to try and pin point why it is non-compliant shows as non-compliant but using the reasons in the top right corner all
  have 0 instances.
  Is there a log file on the local system that can tell me what aspect is causing the status?

  In the Event Viewer, there is MBAM node, you will find all MBAM client events there.
  Also, review your GPO and see what encryption types are allowed and which are required. Maybe one reason would be, that your GPO requires something, which your client hasn´t done yet, like PIN code.
  I´ve seen issues with not being compliant to policy before, and there was some explanations of this, if you google around. I´m also intrested to get knowing this, because I couldn´t solve this compliance issue.
  For customer reporting, I just did query in SCCM where I listed ecrypted status and drive letters, that was a "customized report method" to tell customer, are all their Computers encrypted or not.

• SCCM 2012 patch compliance issue

  Hi All,
  In my organization we are facing patch compliance issue.
  in my clients all patches are installed and sent the state messages to MP.however most of the clients are having 0% compliance are showing in report.
  in overall compliance report it is showing "compliance sate unknown" for most of the clients.
  done the software update scan cycle, no errors in WUAhandler.log and windowsupdate.log
  updatestore.log etc.files. however same location only few machines are showing 100% compliance and most of the machines are showing non-compliance (0% compliance)
  please help us to resolve the issue.
  Note: all machines are patches installed successfully. only report is showing "compliance state unknown"

  How much time are you allowing? State messages are only submitted every 15 minutes by the client and information in the console is summarized every 1 hour (both by default); i.e., none of this is instantaneous.
  Reports will reflect the up to info though. Have you directly examined WMI on a target system to verify it's patch compliance state?
  Jason | http://blog.configmgrftw.com | @jasonsandys

• Non-Compliance issue

  Hi Cooper,
  If i enable this script in my environment where everything is maintained as per compliance. If i will install Quest modules then there should not be any non-compliance issue. Means my security team should not raise concern about unlicensed software installed
  in MS environment.
  Pls confirm so that i can make a decision about this.

  Hi Kuldeep,
  To see who's changed or reset their password, you would have to set AD auditing on each domain controller and specifically look for "Account management." You can do that by setting an audit policy in the Def Domain Controller policy so it
  will apply to all DCs. Then you must check the Security log on each DC. The problem with that is you don't know which DC to check. A centralized tool would be better to use, such as SCOM or a third party tool, such as the Quest tool, which you already have.
  AD DS Auditing Step-by-Step Guide
  http://technet.microsoft.com/en-us/library/cc731607(v=ws.10).aspx
  And you are already aware of the Quest tool:
  Change Auditor for Active Directory
  http://www.quest.com/change-auditor-for-active-directory/
  For more info, you take a look at this thread where it was heavily discussed for more info and ideas:
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/71c70e49-b0c0-46a2-885d-38d36c704e5a/active-directory-password-reset-event
  Ace Fekay
  MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
  Microsoft Certified Trainer
  Microsoft MVP - Directory Services
  Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
  This posting is provided AS-IS with no warranties or guarantees and confers no rights.

• 508 Compliance Issues

  Hello All,
  I am trying to fix 508 compliance issues for SSRS reports in Pdf format (exported from SSRS toolbar).
  I have tried finding the correct cummulative patch or update but don't get the correct one for 2008 R2 version. After some research i also tried to include custom JQuery in Reeports.aspx or ReportViewer.aspx 
  Can someone please suggest correct direction in fixing the 508 compliance issues?
  thanks in advance

  Hi newcd,
  I just read the VPat for SQL Server 2008 R2. I do not see where there are accessibility issues for the PDF format. Can you please explain?
  http://www.microsoft.com/en-us/government/products/section-508-vpats/default.aspx#fbid=vv_eVaIKitQ
  If this is a bug, to get it fixed you would need to contact customer support.
  https://support.microsoft.com/en-us/gp/profsup/en-au?wa=wsignin1.0
  Brad Syputa, Microsoft Power BI This posting is provided "AS IS" with no warranties.

• Rfc822 Compliance issue line added by system POTENTIAL Spam

  Hello,
  We have a problem with below said code...
  sun.net.smtp.SmtpClient mail = new sun.net.smtp.SmtpClient ( "mail.primary-domain.com" );
  mail.from ( "[email protected]" );
  mail.to ( "[email protected]" );
  PrintStream msg = mail.startMessage ( );
  msg.println ( "To: [email protected]" );
  msg.println ( "Subject: Hello!" );
  msg.println ( );
  msg.println ( "Hello " );
  msg.closeServer ();
  I am getting the mail as
  Subject: none
  From :'rfc822 Compliance issue line added by system POTENTIAL Spam'
  To: 'rfc822 Compliance issue line added by system POTENTIAL Spam" <nobody@????.com>'
  Our smtp server is hosted on primary-domain. For secondary-domain, I created MX record pointed to primary-domain.
  Why I am getting this zunk in From and To address.
  Please Help me with this problem.
  Thanks in advance,
  V.T.Krishna.

  You are trying to use your mail server (primary-domain.com) to send mail that appears to have come from a different mail server (second-domain.com). This is a favourite trick of spammers. If you want to do this you should connect to the second-domain mail server and use it. Or you should use a from-address that belongs to the primary-domain.

• Why is netflix having display problems on my macbook pro... HDCP compliance?

  Watching Netflix and all of a sudden it says "Display Problems"  Make sure your monitor is HDCP Compliant and is not setup for mirror airplay??

  The issue is from Safari defaulting to HTML5 vs using Silverlight like it did in Mavericks.
  So the options are, if you want to use Safari goto your Netflix account, playback preferences and turn off HTML5. This will revert to Silverlight and will AirPlay fine*in Safari.
  If you want to use HTML5, just leave the setting for HTML5 on in Netflix and use Chrome, Firefox, etc.
  You can't currently have both Safari and HTML5 Netflix when using AirPlay. You'd think Safari would be a little bit more powerful with Apples stances on browser extensions.

• ATV and HDCP Compliance

  When trying to watch rented content, the ATV says that my connection is not HDCP Compliant and that I should use component cables. I'm using an HDMI cable connected directly to my HDTV. The users guide of my Mitsubishi WD52627 says that the HDMI ports are HDCP compliant. What gives? Is it my HDMI cable?

  "This content requires HDCP for playback. HDCP isn't supported by your HDMI connection. Use the component video connection to watch this content."
  This is Apple's deal not yours! If your TV is HDCP compliant then all should be well. I know this because mine is and I have been able to watch rented and purchased content up until two-three weeks ago. HDCP is a DRM related deal and Apple has yet to figure this out. I've been on the phone with Apple Care and the guy said uhhhh...I've talked with some other people and it hasn't popped up on anyone's radar. That's BS this forum is full of people affected by it. They don't have a solution as evidenced by repeated emails going unanswered even though through the support website they guarantee a reply within 48 hours.
  I've localized the problem to movies bought through the AppleTV. TV shows don't exhibit the same problem and movies that I've purchased with my computer play on the AppleTV. I've purchased 17 movies through my AppleTV and none of them work anymore...after months of working. For me I think it has something to do with the latest iTunes update. None of the hardware has changed and I haven't introduced anything into the setup.
  What gives Apple. Enough with the silence...if there's a problem then say so...I can wait. But the silence kills me.

• HDMI HDCP Support Issue Resolved

  Everyone, I've struggled for months with the HDCP non-support issue. I've tried everything, rebooting the network, resetting ATV, etc to no avail. I think I've found a solution and have verified this by trying to watch a movie I'm in the process of downloading. Here is what I found:
  -Rent movie and let it fully download.
  -Authorize the movie. You might get a single HDCP error which in my case did not require me to hit "OK"
  -Disconnect ATV from the network by pulling out the ethernet cable.
  -Watch your movie in peace.
  I hope this helps, at least it worked for me.

  I'm having this problem just downloading to my mac book pro and then connecting to my big screen HDTV to play it back. (no ATV in the loop).
  How do you "authorize" the movie for a given display?

• ITunes HDCP error on a FULLY COMPLIANT SYSTEM

  OK, I've just about had enough of this DRM nonsense.
  Everyone who pays has to run around for hours trying to find a way to play the stuff they paid for while those who don't pay just sit down and watch! Great way to do business. Great way to encourage people to actually pay for stuff! Well done!
  When will the top studio heads realize it's just making us all LOSE more money than we gain!
  My system is 100% HDCP compliant.
  I can confirm in the Nvidia control panel that both my graphics card and display are compliant and currently running HDCP fine.
  But all of a sudden, last night iTunes refuses to play any of my few iTunes movie downloads (of which thankfully there are few, Blu-ray is so much better and the protection is easy to get around so you can play them back properly as you wish, but for a few titles I grew tired of waiting for the studios to get around to releasing them in a proper HD format, Blu-ray, so I finally caved in and tried a few digital downloads and for the other case I got one as promo (along with the Blu-ray).)
  I tried re-booting and re-installing iTunes a few times and once it played for about 10 seconds before quitting and putting up the fake HDCP error message.
  I can play back Blu-ray stuff just fine even if I turn off AnyDVDHD. So between that and the control panel saying HDCP is running fine, it's obviously running fine.
  So I don't know what extreme levels iTunes is suddenly decided to use to verify HDCP, since everything else runs HDCP protected content just fine.
  It's pretty ridiculous how many other complains like this I see around too. Can this really be good for business??
  And it's pretty ridiculous that iTunes won't even let me watch a movie that I am in. Heck, I even partly funded a movie for which I'm now getting blocked by iTunes, now how is that for the height of irony! RIDICULOUS! Apple get your act together! This isn't good for your bottom line or anyone connected to the industries bottom line nor to any of the millions of loyal paying customers.

  I'm sorry, but I don't think that's the problem...
  I have a Mac Pro with an Apple Cinema Display 23', and it worked fine, I could watch all movies, until I upgraded my video card for a new one. My MacPro came with an ATI video card, and I it stopped working. So I had to replace it for new one and I've choose a new nVidia gForce 285. Since then I can't watch any HD movie I downloaded from iTunes Store. In this case the problem is with the video card, that is not recognized as an HDCP device or something related. I'm trying to contact Apple to see what can be done with this problem and I suggest you guys to do the same. Some one must realize that some Apple computers will not have configurations 100% made by Apple.
  Best Regards
  -Bruno

• CF 7 PCI compliance issue

  There is a security flaw in the wildcard ISAPI DLL in CF7 - Documented here:
  http://blogs.msdn.com/asiatech/archive/2009/03/13/why-private-ip-address-is-still-leaked-o n-iis-server-even-after-applying-fix-834141.aspx
  Is there an update to this ISAPI DLL that fixes this issue?
  Thanks.

  Jochem,
  You wrote:
  >So configure a Host header in your IIS website.
  I wish it was easy as that.
  Doing that works fine without the wildcard dll enabled. Unfortunately without it enabled, the CF process fails.
  Enable the DLL and the private IP headers are leaked.
  >2. I fail to see where the PCI specifiction says said behaviour is non-compliant.
  That link is no where near a full compilation of the reasons that a site would fail PCI compliancy.
  It makes sense that one would fail under the circumstances that the private IP address is being leaked. That does present some potential issues for hackers to try and take advantage of.
  The specific PCI rejection is below. The article that they quote in their rejection does not correct the issue as it is specifically related to the DLL.  As mentioned in the link in the very first post of this thread, the issue is readily evident by turning on/off the DLL requirement. Unfortunately our sites require it.
  "Synopsis :  This web server leaks a private IP address through its HTTP headers.   Description :  This may expose internal IP addresses that are usually hidden or masked behind a Network Address Translation (NAT) Firewall or proxy server.   There is a known issue with IIS 4.0 doing this in its default configuration. This may also affect other web servers, especially on a misconfigured redirection.  See also :  http://support.microsoft.com/support/kb/     articles/Q218/1/80.ASP See the Bugtraq reference for a full discussion.  Risk Factor:  Medium  / CVSS Base Score : 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N) CVE : CVE-2000-0649 BID : 1499 Other references : OSVDB:630   "

• PCI Compliance Issue

  I'm trying to make our Exchange 2013 server PCI compliant.  TO do this, I've turned off SSL2 and 3, PCT1, and TLS 1.0.  
  When I turn off TSL1.0, none of our Outlook clients can connect.  Is there a change I need to make somewhere so they use TLS1.1 or above?
  N00b here, so I may have the terminology wrong.
  Thanks.

  Jochem,
  You wrote:
  >So configure a Host header in your IIS website.
  I wish it was easy as that.
  Doing that works fine without the wildcard dll enabled. Unfortunately without it enabled, the CF process fails.
  Enable the DLL and the private IP headers are leaked.
  >2. I fail to see where the PCI specifiction says said behaviour is non-compliant.
  That link is no where near a full compilation of the reasons that a site would fail PCI compliancy.
  It makes sense that one would fail under the circumstances that the private IP address is being leaked. That does present some potential issues for hackers to try and take advantage of.
  The specific PCI rejection is below. The article that they quote in their rejection does not correct the issue as it is specifically related to the DLL.  As mentioned in the link in the very first post of this thread, the issue is readily evident by turning on/off the DLL requirement. Unfortunately our sites require it.
  "Synopsis :  This web server leaks a private IP address through its HTTP headers.   Description :  This may expose internal IP addresses that are usually hidden or masked behind a Network Address Translation (NAT) Firewall or proxy server.   There is a known issue with IIS 4.0 doing this in its default configuration. This may also affect other web servers, especially on a misconfigured redirection.  See also :  http://support.microsoft.com/support/kb/     articles/Q218/1/80.ASP See the Bugtraq reference for a full discussion.  Risk Factor:  Medium  / CVSS Base Score : 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N) CVE : CVE-2000-0649 BID : 1499 Other references : OSVDB:630   "

• IPad calendar won't open march 2013 in month view; just this one specific issue, everything else works fine. I've reset to factory but it still happens.

  Hmm.....
  New iPad, not been fiddled with in any way. When I use calendar, everything is fine except when I try to view march 2013 in month view, whether by switching to "month" from a march day view, or by moving from another month already in month view.
  The application just closes down. No issues with data loss. No issues with same calendar data on my mac or iPhone.
  I've reset to factory setting and restored but it persists.
  Any thoughts?  Thanks, Andrew.

  The workaround for this is to remove any all day events from April 1 or change from all day to something other than all day event.
  The update to iOS 6.1 is supposed to have fixed the bug according to some of those that have posted today.

• Macbook Pro and NVIDIA GeForce 320M HDCP Compliance

  Anyone know if the NVIDIA card is HDCP compliant? I want to purchase an external blu-ray burner for my laptop but want to make sure it will work first. I have found limited tech specs on this card on-line.
  D

  Yes, it is HDCP compliant. I'm not sure that is a guarantee that what you want to do will work however.

• BPM Issue: Active messages even though process has completed

  Hi,
  I have defined a BPM that receives an invoice xml message. If the invoice total is <= $500.00, the invoice is automatically submitted for posting in SAP (RFC Adapter).
  If the invoice amount > 500 and approval request is send off and the process waits for the approval xml message to arrive (a receive step in the BPM)
  Based on the approval status, the invoice is either posted or the process is cancelled (Using a correlation ID to ensure that correct invoice is approved or rejected)
  To cancel the process, I have included a 'Control Step' with action = 'Cancel Process'.
  My issue is that even thought my bpm completes successfully (verifiedby message status in sxmb_moni) there are still active work items in transaction swwl.
  Can anyone offer assistance as to why I still have active work items even though the BPM has completed successfully.
  Thanx in advance for any assistance.
  Regards
  Yackeen

  Sending SIGKILL (kill -9 pid) to a process never gives it a chance to "clean up" before it terminates. Sending SIGTERM (kill pid) is better in most circumstances, unless the process is completely unresponsive. A properly coded program will quit gracefully upon receiving it.