Hyper-V: Kerberos Constrained Delegation not working - unable to create VHD on SMB 3.0 share

Similar Messages

• KDEmod - Konqueror does not work (Unable to create io-slave:)

  I found this issue when I started investigating why Kopete was not connecting to MSN.  I found that Kopete was tied to Konqueror/KDElibs for several things so I tested konqueror and whaddayaknow.  Konqueror is broken.  When I attempt to connect to any website http or https I get the message below.
  An error occurred while loading http://www.yahoo.com:
  Could not start process Unable to create io-slave:
  klauncher said: Error loading 'kio_http'.
  Any Ideas?  I have pacman -Syu today and still no change.
  Thanks!
  Ether..

  put
  [kdemod-testing]
  Server = http://kdemod.ath.cx/repo/testing/i686
  before your kdemod current entry in /etc/pacman.conf
  and give pacman -Syu

• Publishing CRM 2011 on Web Applicaiton Proxy Using Kerberos Constrained Delegation

  Hello,
  Couldn't find a sub category that seemed suitable for this discussion so I just dropped it in Windows Server 2012 General.
  So to summarize...
  Web Application Proxy (WAP) on 2012r2, ADFS on 2012r2, and CRM 2011 RU11 is on 2008r2.
  WAP has a pass through rule setup for the ADFS site and a preauth rule setup for the CRM site.  All SPNs and delegation are setup in AD.
  Setup is 1 WAP, 1 NIC, 1 ADFS server and 1 CRM server.
  I have successfully publish my CRM 2011 site on Web application proxy and am successfully doing Kerberos Constrained Delegation.  I am also doing Client certificate authentication on the ADFS server which works fine.  I am doing this over 49443
  just fine.
  Try to access the CRM site, WAP redirects me to ADFS as expect, Client certificate auth happens at the ADFS server,  I am redirected back to my CRM site with my authToken so pre authentication can happen successfully.  KCD ensues after just fine
  and i am reverse proxied back to the CRM site.
  Here in lies the problem though...
  When i am reversed proxied back to the CRM site, i receive the standard "An error has occurred Try this action again.... yada yada yada" message with the Try Again or Close button.  If i click try again, i am able to access the site with no
  problem and the solution works great!  This obviously is not acceptable though.
  The error URL looks like the following (changed it for obvious reasons)
  https://crmsite.contoso.com/ORG1/_common/error/errorhandler.aspx?BackUri=https%3a%2f%2fadfs.contoso.com%2fadfs%2fls%3fversion%3d1.0%26action%3dsignin%26realm%3durn%253AAppProxy%253Acom%26appRealm%3d63ce68f1-3de4-e411-9412-005056a67a8d%26returnUrl%3dhttps%253A%252F%252Fcrmsite.contoso.com%252F%26client-request-id%3d4A1A0958-76F3-0000-5D91-1C4AF376D001&ErrorCode=&Parm0=%0d%0a%0d%0aError%20Details%3a%20An%20unhandled%20exception%20occurred%20during%20the%20execution%20of%20the%20current%20web%20request.%20Please%20review%20the%20stack%20trace%20for%20more%20information%20about%20the%20error%20and%20where%20it%20originated%20in%20the%20code.&RequestUri=%2fdefault.aspx
  The error that correlates to this in CRM is
  Event code: 3005
  Event message: An unhandled exception has occurred.
  Little bit further down
  Exception information:
      Exception type: InvalidOperationException
      Exception message: CRM Parameter Filter - Invalid parameter 'AuthMethod=CertificateAuthentication' in Request.Form on page /default.aspx
  If anybody has any insight or experience publishing CRM on WAP using KCD and has run into this issue, help would be greatly appreciated.
  Also to head of this question, we can not do an IFD setup.  There is a custom developed solution which resides on top of the CRM installation that is not claims friendly.
  Thanks!
  Jonathan

  Hi,
  Please check if anyone of the links below is helpful:
  http://blogs.msdn.com/b/javaller/archive/2014/01/13/publishing-crm-internet-facing-deployment-using-web-application-proxy-and.aspx
  http://blogs.technet.com/b/dynamicspts/archive/2014/10/03/using-web-application-proxy-to-publish-dynamics-crm-2013-to-the-internet.aspx
  Best Regards.
  Steven Lee Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• What is the current status for Kerberos Constrained delegation feature on the ASA platform?

  What is the current status for Kerberos Constrained delegation feature on the ASA platform?

  Hi Oscar,
  This is not available yet in the current software. Now, we cannot give any official information on this forum about software that has not been released yet, but if you really want to know I would suggest that you contact your local Cisco sales office to confirm with your account team which new features will be in the upcoming ASA 8.4 software release.
  hth
  Herbert

• BB apps is not working, how to create BB email add? please help

  BB apps is not working, how to create BB email add? please help

  If none of the blackberry apps are working and you are unable to setup an email address..... have you got a Blackberry Data Plan active on your account?

• Why Dynamic Parameter is not working, when i create report using stored procedure ?

  Post Author: Shashi Kant
  CA Forum: General
  Hi all
  Why Dynamic Parameter is not working, when i create report XI using stored procedure ?
  Only i shaw those parameters which i used in my stored procedure, the parameter which i create dynamic using stored procedure
  is not shown to me when i referesh the report for viewing the results.
  I have used the same procedure which i mention below but can not seen the last screen which is shown in this .
  ============================================================================================
  1. Select View > Field Explorer2. Right-click on Parameter Fields and select New from the right-click menu.3. Enter u201CCustomer Nameu201D as the name for your parameter4. Under u201CList of Valuesu201D select u201CDynamicu201D5. Under the Value column, click where is says u201Cclick here to add itemu201D and select Customer Name from the drop-down list. The dialog shown now look like the one shown below in Figure 1. Click OK to return to your report design.
  Dynamic Parameter Setup6. Next, select Report > Select Expert, select the Customer Name field and click OK.7. Using the drop-down list beside select u201CIs Equal Tou201D and using the drop-down list, select your parameter field (it should be the first field). 8. Click OK to return to your report design and see the parameter dialog.The parameter dialog will appear and show you a dynamic list of values that is updated each time your run your report. It couldnu2019t be easier! In our next tutorial, we will be looking at how to use this feature to create cascading parameter fields, where the values are filtered by the preceding selection.
  Dynamic Parameters in Action
  My question is that whether dynamic parameter is working with storedprocedure or not.
  When i added one table and try to fetch records using dyanmic prameters. after that i am not be able to find the dynamic parameter option when i referesh my report.
  One more thing when i try the static parameter for my report, the option i see when i referesh the screen.
  Please reply soon , it's urgent
  Regards
  shashi kant

  Hi Kishore,
  I have tested the issue step by step by following you description, while the first issue works well in my local environment. Based on my research, this can be caused by the lookup expression or it indeed return Male value based on the logic. If you use the
  expression below, it will indeed only return the Male record. So please try to double-check the record in the two datasets and the expression in your environment:
  =lookup(first(Fields!ProgramID.Value,"DataSet1"),Fields!ProgramID.Value,Fields!Gender.Value,"DataSet2")
  As to the second issue, please try to use the following expression:
  =Count(Lookup(fields!ProgramID.value,fields!ProgramID.value,fields!Gender.value,"DataSet2"))
  Besides, if this issue still exist, in order to trouble shoot this issue more efficiently, could you please post both the .rdl  file with all the size properties to us by the following E-mail address?  It is benefit for us to do further analysis.
  E-mail: [email protected]
  Thanks,
  Katherine Xiong
  Katherine Xiong
  TechNet Community Support

• Pick activity is not working properly while creating two or more file adapt

  Hi,
  pick activity is not working properly while creating two or more file adapter for bpel process.
  bpel process compiled and deployed succesfully but while observing the wsdl file of deployed process you can find only one file adapter. so it polls only from that location.
  can anybody help on over this? or it's limitation of jdev to use only one file adapter at time while using Pick.
  Thanks
  sagar

  Does anybody tried this?
  Thanks
  sagar

• Mountain Lion Kerberos GSSAPIDelegateCredentials does not work against Solaris Machine

  Hi,
  After upgrade my systems to Mountain Lion the ssh option GSSAPIDelegateCredentials fails when tries to login in a Solaris 10 machine. The ssh client close the connection after the message "Delegate credentials" when runs in a verbose mode. The server side says "child closed the communication pipe before user auth finished"
  Using only the option GSSAPIAuthentication it works, but I need the credentials delegated because in the Solaris server I need that credentials to be able to mount the network home disk (security reasons).
  Using the same configuration in a Lion client, this option works well (like in Snow Leopard and Leopar, but that OS uses MIT distribution instead Heimdal).
  If the server is a Linux box, instead Solaris, and using MIT Kerberos distribution, the GSSAPIDelegateCredentials works too.
  Any idea about how to fix this Bug? Or I have to wait to the next patch release?
  Thanks in advance
  H.

  Boot into Recovery (command-R at startup), launch Disk Utility, select the startup volume, and run Repair Disk (not Repair Permissions.) If any problems are found, repeat. Then reboot as usual.

• Windows 2008 r2 Cluster not starting - "unable to create security manager worker queues"

  Hello, following a power outage, we got a serious cluster error preventing the start of the cluster.
  We are trying to interpret the only four lines the cluster.log generates :
  00000330.000016cc::2014/09/26-10:44:06.348 ERR   [WTQ] bogus file creation failed, 2
  00000330.000016cc::2014/09/26-10:44:06.348 ERR   [WTQ] bogus file creation failed, 2
  00000330.000016cc::2014/09/26-10:44:06.348 ERR   [CS] Unable to create SecurityManager worker queues, 2
  00000330.000016cc::2014/09/26-10:44:06.363 ERR   Error 6
  AND if starting clussvc manually :
  Got ERROR_FILE_NOT_FOUND(2)' because of 'Error while creating the Security Manag
  er's Thread Pool' in
      000007fe:fd69940d( ERROR_MOD_NOT_FOUND(126) )
      00000000:001ff190( ERROR_MOD_NOT_FOUND(126) )
  We suspect a DLL problem (because of mod not found), but we are unable to find the ones involved even with process monitor.
  clusdb hive seems ok.
  The situation is serious, can anybody help, please ?

  Hi RodV,
  This error usually caused by cluster service fails to open a 
  handle to the \NUL device, Device manager shows the device instance in error state.
  Please check whether the following register value still exist, if not please backup your current registry then add the it.
  HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_NULL\0000\CONTROL
  ActiveService REG_SZ Null
  I am glad to be of help to you!
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Guest VM failover cluster on Hyper-V 2012 Cluster does not work across hosts

  Hi all,
  We are evaluating Hyper-V on Windows Server 2012, and I have bumped in to this problem:
  I have a Exchange 2010SP2 DAG installed on 2 vms in our Hyper-V cluster (a DAG forms a failover cluster, but does not use any shared storage). As long as my vms are on the same host, all is good. However, if I live migrate or shutdown-->move-->start one
  of the guest nodes on another pysical host, it loses connectivity with the cluster. "regular" network is fine across hosts, and I can ping/browse one guest node from the other. I have tried looking for guidance for Exchange on Hyper-V clusters but have not
  been able to find anything.
  According to the Exchange documentation this configuration is supported, so I guess I'm asking for any tips and pointers on where to troubleshoot this.
  regards,
  Trond

  Hi All,
  so some updates...
  We have a ticket logged with Microsoft, more of a check box exercise to reassure the business we're doing the needful.  Anyway, they had us....
  Apply hotfix http://support.microsoft.com/kb/2789968?wa=wsignin1.0  to both guest DAG nodes, which seems pretty random, but they wanted to update the TCP/IP stack...
  There was no change in error, move guest to another Hyper-V node, and the failover cluster, well, fails with the following event ids I the node that fails...
  1564 -File share witness resource 'xxxx)' failed to arbitrate for the file share 'xxx'. Please ensure that file share '\xxx' exists and is accessible by the cluster..
  1069 - Cluster resource 'File Share Witness (xxxxx)' in clustered service or application 'Cluster Group' failed
  1573 - Node xxxx  failed to form a cluster. This was because the witness was not accessible. Please ensure that the witness resource is online and available
  The other node stays up, and the Exchange DB's mounted on that node stay up, the ones mounted on the way that fails failover to the remaining node...
  So we then
  Removed 3 x Nic's in one of the 4 x NIC teams, so, leaving a single NIC in the team (no change)
  Removed one NIC from the LACP group on each Hyper-V host
  Created new Virtual Switch using this simple trunk port NIC on each Hyper-V host
  Moved the DAG nodes to this vSwitch
  Failover cluster works as expected, guest VM's running on separate Hyper-V hosts, when on this vswitch with single NIC
  So Microsoft were keen to close the call, as there scope was, I kid you not, to "consider this issue
  resolved once we are able to find the cause of the above mentioned issue", which we have now done, as in, teaming is the cause... argh.
  But after talking, they are now escalating internally.
  The other thing we are doing, is building Server 2010 Guests, and installing Exchange 2010 SP3, to get a Exchange 2010 DAG running on Server 2010 and see if this has the same issue, as people indicate that this is perhaps not got the same problem.
  Cheers
  Ben
  Name                   : Virtual Machine Network 1
  Members                : {Ethernet, Ethernet 9, Ethernet 7, Ethernet 12}
  TeamNics               : Virtual Machine Network 1
  TeamingMode            : Lacp
  LoadBalancingAlgorithm : HyperVPort
  Status                 : Up
  Name                   : Parent Partition
  Members                : {Ethernet 8, Ethernet 6}
  TeamNics               : Parent Partition
  TeamingMode            : SwitchIndependent
  LoadBalancingAlgorithm : TransportPorts
  Status                 : Up
  Name                   : Heartbeat
  Members                : {Ethernet 3, Ethernet 11}
  TeamNics               : Heartbeat
  TeamingMode            : SwitchIndependent
  LoadBalancingAlgorithm : TransportPorts
  Status                 : Up
  Name                   : Virtual Machine Network 2
  Members                : {Ethernet 5, Ethernet 10, Ethernet 4}
  TeamNics               : Virtual Machine Network 2
  TeamingMode            : Lacp
  LoadBalancingAlgorithm : HyperVPort
  Status                 : Up
  A Cloud Mechanic.

• Safari 5.0.3 on Windows XP Kerberos SSO does not work

  Our web application runs on JBoss Server 5 supports Kerberos v5 SSO. We have tested it against Firefox, IE, and Google Chrome, and they all works well.
  But Safari 5.0.3 does not work.
  Our application sends "WWW-Authenticate: Negotiate" to Safari. Safari always pops up a dialog for name and password. After I typed the name and password, and click Login, Safari send NTLM message (NTLMSSP_NEGOTIATE) to the web application, and login failed.
  Someone described that Safari supports Kerberos authentication without any additional configuration.
  I do not know what goes wrong with my environment and how to solve this issue. Your help is appreciated.
  My Safari 5.0.3 runs on Windows XP Professional Service Pack 3.
  Thanks
  Guofeng

  I'm having the same issue. Have you been able to resolve it?

• Hyper-v Miniport switch driver not working

  Bought a brand new MSI Z97 G55 SLI motherboard to install tech preview on.  All went well except it has error installing driver for Hyper - V Network Switch Default Miniport (ROOT\VMS_MP\0000)
  Comes up with error 39 and says some PNP devices will not work till it's fixed.  I can see the SSD with windows on it fine but cannot find the three 2 TB hard drives I am trying to install as raid drives.  Guessing this error is why the drives
  are invisible.  Any idea what I could do to update the driver as automatic search just says best driver is installed already.  I don't know where else to search to find a suitable driver to reinstall it with.
  ALso Norton Antivirus trial and MSI usb 3.0 installer on the MSI motherboard installation disk said they could not install as the system did not meet the specifications.  Updated all drivers from MSI website several times and those 2 failed each time.
  That would be because it's not the version of windows they were made for I suppose, however I connected a USB 3.0 external drive into front ports and it works fine despite the error.

  Hi Broozer,
  For Device error 39, you may take a try to uninstall the driver (with Device Manager) and reinstall it, then check if issue could be solved.
  For anti-virus, if no any specific protection needed, Windows Defender is good enough for us to deal with the daily work.
  Also please take use of Windows Feedback Tool to submit what you have encountered.
  Michael Shao
  TechNet Community Support

• Shift- constrained scaling not working

  Hello,
  When I hold down shift to scale an object or image to keep the proportions constrained, it does not work. This has only recently started to happen and it also happens on photoshop.
  I don't have entourage running, which I read could be a culprit.
  Would I need to reinstall my CS2?
  I am using a Mac Powerbook G4, OSX 10.4.11
  Adobe CS2
  Thanks,
  Mike

  gangamon,
  What Monika said.
  I am trying to keep an updated list of offenders; so far it is as follows.
  Quicktime/iTunes,
  Quicken (Widget),
  Entourage,
  Google Earth,
  Zune,
  Some Firefox Add-ons,
  Spotlight (shortcuts),
  Fetch,
  Hulu,
  Cocktail,
  Cinch.

• Resource Delegation Not Working

  On Exchange 2010 SP3 RU8v2, for the life of me I can't figure out why resource delegation is not functioning as expected.  The issue is that the approval email is not being sent to the delegate but instead it's sitting in the resource's inbox.
  I verified with a bunch of articles and it should be quite straight forward to set this up:
  1. Create room resource
  2. "Specify users who are allowed to submit in-policy meeting requests that will be automatically approved" - Check, Selected recipients, (blank)
  3. "Specify who can submit in-policy meeting requests that are subject to approval by a resource mailbox delegate"  - Check, All users
  4. "Enable the Resource Booking Attendant..." - Uncheck
  5. Add user to "Specify delegates of this mailbox"
  6. "Forward meeting requests to delegates" - Check
  7. Set-CalendarProcessing -Identity test-room2 -AutomateProcessing:None
  Under this configuration, all users adding the resource into the meeting request will trigger an approval email to the delegate but it's simply not working.  Why?
  [PS] C:\Windows\system32>Get-CalendarProcessing -Identity test-room2 | FL
  RunspaceId                          : 8bae36cf-3261-46dd-817f-89f97ae3afbc
  AutomateProcessing                  : None
  AllowConflicts                      : False
  BookingWindowInDays                 : 180
  MaximumDurationInMinutes            : 1440
  AllowRecurringMeetings              : True
  EnforceSchedulingHorizon            : True
  ScheduleOnlyDuringWorkHours         : False
  ConflictPercentageAllowed           : 50
  MaximumConflictInstances            : 1
  ForwardRequestsToDelegates          : True
  DeleteAttachments                   : True
  DeleteComments                      : True
  RemovePrivateProperty               : True
  DeleteSubject                       : True
  AddOrganizerToSubject               : True
  DeleteNonCalendarItems              : True
  TentativePendingApproval            : True
  EnableResponseDetails               : True
  OrganizerInfo                       : True
  ResourceDelegates                   : {contoso.com/Staff/IT/JDoe}
  RequestOutOfPolicy                  : {}
  AllRequestOutOfPolicy               : False
  BookInPolicy                        : {}
  AllBookInPolicy                     : False
  RequestInPolicy                     : {}
  AllRequestInPolicy                  : True
  AddAdditionalResponse               : False
  AdditionalResponse                  :
  RemoveOldMeetingMessages            : True
  AddNewRequestsTentatively           : True
  ProcessExternalMeetingMessages      : False
  RemoveForwardedMeetingNotifications : False
  MailboxOwnerId                      : contoso.com/Staff/Resources/test-room2
  Identity                            : contoso.com/Staff/Resources//test-room2
  IsValid                             : True
  Thanks,
  R

  Hi,
  The "Enable the Resource Booking Attendant..." should be checked in the resource mailbox delegate configuration. We also can run the following command in EMS:
  Set-CalendarProcessing -Identity test-room2 -AutomateProcessing AutoAccept
  Then check whether the issue persists.
  Regards,
  Winnie Liang
  TechNet Community Support

• Volume button on iPad 1 not working unable to change volume even in settings or when listening to music

  Volume button not working on my iPad. Have tried reset but still no joy. Also have checked that the mute function.

  I have the same issue and I don't have a place to enter a user name. So how did you change your user name? This problem is only on my iPad it did not follow my iPhone. It happened right after updating to  IOS 7.1.1 and now I can't use Facebook for anything on my iPad. I have not changed my login on Facebook. Very frustrated.