IDISK AUTHENTICATION ISSUE

A big question mark appears superimposed on my iDisk icon. After I click on the icon, this message appears:
"WebDAV File System Authentication - Enter your user name and password to access the server at the URL "http://idisk.mac.com/norgeboy/" in the realm "idisk.mac.com."
Which user name and password am I supposed to enter?
Thanks in advance to all who reply.
tw

Why now, though? Nothing has changed for me with any software or hardware, and I've had MobileMe for months, just like everyone else.

Similar Messages

Authentication issue getting "UMELoginException"

Dear Guys,
I am facing an authentication issue. The situation is like this,
My NT password was about to expire (had 6 more days for expiry). I was able to login till yesterday and all of the sudden today, when I was trying to login, I was not able to (it gave me password change message). So I went back and changed my NT password and tried to login again into the portal, however I am still not able to. I am pasting the stack trace,
#1.5#001143FDCEA7006700000008000018C40004196E4AD849E8#1153861399615#com.sap.security.core.imp#sap.com/irj#com.sap.security.core.imp.[cf=com.sap.security.core.sapmimp.logon.SAPMLogonLogic][md=doLogon][cl=20282]#Guest#192####fff21cf01c2011dba425001143fdcea7#SAPEngine_Application_Thread[impl:3]_0##0#0#Error##Java###doLogon failed
[EXCEPTION]
#1#com.sap.security.core.logon.imp.UMELoginException
     at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.logon(SAPJ2EEAuthenticator.java:318)
     at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.login(AuthenticationService.java:344)
     at com.sapportals.portal.prt.connection.UMHandler.handleUM(UMHandler.java:126)
     at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:186)
     at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:522)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:405)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:156)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:312)
     at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:368)
     at com.sap.portal.navigation.Gateway.service(Gateway.java:101)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)
     at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
     at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
     at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
     at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
     at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
     at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
Please help.
Regards,
Deepak

Hi Deepak,
it is most times that it needs to replicate through your system(s).
Regards,
Kai
PS: Please reward points if that was helpful.

Authentication Issue, When Profile ReCreate

Hi,
i face authentication issue in SQL Server 2012 Evalution after i login in new account.
Take a look situation and what i did.
1) I install SQL Server 2012 in Member Server (Server 2012 Standard).
2). Every Thing i Did i by using AD User name "SP_Farm"
3). I install SQL in Windows Authentication Mode only and i provide User ****\SP_Farm, when Ever Installation Ask.
Note: during the whole process i only use SP_Farm (AD Admin User)
Every thing going working fine till my mistake. By mistake i delete account SP_Farm from AD and i re create it.
after that i cant access Management Studio. :(
Please Guide if is there any other way.
Thanks you
Shariq Ayaz
[email protected]
www.shariqdon.com
www.shariqdon.com/itworld
www.shariqdon.com

Hi,
i face authentication issue in SQL Server 2012 Evalution after i login in new account.
Take a look situation and what i did.
1) I install SQL Server 2012 in Member Server (Server 2012 Standard).
2). Every Thing i Did i by using AD User name "SP_Farm"
3). I install SQL in Windows Authentication Mode only and i provide User ****\SP_Farm, when Ever Installation Ask.
Note: during the whole process i only use SP_Farm (AD Admin User)
Every thing going working fine till my mistake. By mistake i delete account SP_Farm from AD and i re create it.
Creating a user with the same name is
not the same user :-)
A user has a unique ID and you did not create the same ID, but a new user with same name.
after that i cant access Management Studio. :(
Please Guide if is there any other way.
Thanks you
Shariq Ayaz
[email protected]
www.shariqdon.com
www.shariqdon.com/itworld
www.shariqdon.com
You can try to use This solution:
http://blogs.msdn.com/b/raulga/archive/2007/07/12/disaster-recovery-what-to-do-when-the-sa-account-password-is-lost-in-sql-server-2005.aspx
* After the SQL Server Instance starts in single-user mode, the Windows Administrator account is able to connect to SQL Server using the sqlcmd utility using Windows authentication.
[Personal Site] [Blog] [Facebook]

Essbase 6.5 External Authentication Issue!! Urgent Please!!

Hi all,
I am great trouble over an external authentication issue in Essbase 6.5. I request you all to please give me your feedback on the same as soon as possible.
I am in a situation where I need to get my Essbase 6.5 external Authentication converted from LDAP to Active Directory services.
I suppose there has been necessary changes done to the .cfg file for the same. However, I think I am getting an error
"User [vikc]'c external authentication protocol [MSEX]'s password check module is not loaded".
Please let me know if you have come across such an issue earlier and can anybody to able to help me with the same.
Its kinda Urgent. so any replies for the same will be appreciated.
Thanks and Regards,
Vikram

Vikram,
Yes you will have to reconfigure the CSS.xml and cfg file for external auth.
Here is the Sample CSS
<spi>
          <provider>
               <msad name="full360">
                    <trusted>false</trusted>
                    <url>ldap://192.168.1.100:389/DC=full360,DC=com</url>
                    <userDN>CN=Ravinder Singh,DC=full360,DC=com</userDN>
                    <password>full@360</password>
                    <authType>simple</authType>
                    <identityAttribute>dn</identityAttribute>
                    <maxSize>1000</maxSize>
                    <user>
                         <loginAttribute>sAMAccountName</loginAttribute>
                         <nameAttribute>dn</nameAttribute>
                    </user>
                    <group>
                         <nameAttribute>cn</nameAttribute>
                         <objectclass>
                              <entry>group?member</entry>
                         </objectclass>
                    </group>
               </msad>
Download this toll "http://www.ldapbrowser.com/download.htm"
LDAP browser to get the perfact DN information.
Let me know the status
Ravikant

ACS 5.2 Authentication Issue with Local & Global ADs

Hi I am facing authentication issue with ACS 5.2. Below is AAA flow (EAP-TLS),
- Wireless Users >> Cisco WLC >> ADs <-- everything OK
- Wireless Users >> Cisco WLC >> ACS 5.2 >> ADs <-- problem
Last time I tested with ACS, it worked but didn't do migration as there'll be changes from ADs.
Now my customer wants ACS migration by creating new Group in AD, I also update ACS config.
For the user from the old group, authentication is ok.
For the user from the new group, authentication fails. With subject not found error, showing the user is from the old group.
Seems like ACS is querying from old records (own cache or database). Already restared the ACS but still the same error.
Can anyone advice to troubleshoot the issue?
Note: My customer can only access their local ADs (trusted by Global ADs). Local ADs & ACS are in the same network, ACS should go to local AD first.
How can we check or make sure it?
Thanks ahead,
Ye

Hello,
There is an enhacement request open already:
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCte92062
ACS should be able to query only desired DCs
Symptom:
Currently on 5.0 and 5.1, the ACS queries the DNS with the domain, in order to get a list of all the DCs in the domain and then tries to communicate with all of them.If the connection to even one DC fails, then the ACS connection to the domain is declared as failed.A lot of customers are asking for a change on this behavior.
It should be possible to define which DCs to contact and/or make ACS to interpret DNS Resource Records Registered by the Active Directory Domain Controller to facilitate the location of domain controllers. Active Directory uses service locator, or SRV, records. An SRV record is a new type of DNS record described in RFC 2782, and is used to identify services located on a Transmission Control Protocol/Internet Protocol (TCP/IP) network.
Conditions:
Domain with multiple DCs were some are not accessible from the ACS due to security/geographic constraints.
Workaround:
Make sure ALL DCs are UP and reachable from the ACS.
At the moment, we cannot determine which Domain Controller on the AD the ACS will contact. The enhacement request will include a feature on which we can specify the appropriate the Domain Controllers the ACS should contact on a AD Domain.
Hope this clarifies it.
Regards.

Wireless Client Authentication issues when roaming Access Points (Local)

I have a Cisco 5508 with Software version 7.4.121.0 and Field Recovery 7.6.101.1.
There are a handful of clients that when roaming between AP's with the same SSID that get an authentication issue and have to restart the wireless to get back on.
From Cisco ISE
Event
5400 Authentication failed
Failure Reason
11514 Unexpectedly received empty TLS message; treating as a rejection by the client
Resolution
Ensure that the client's supplicant does not have any known compatibility issues and that it is properly configured. Also ensure that the ISE server certificate is trusted by the client, by configuring the supplicant with the CA certificate that signed the ISE server certificate. It is strongly recommended to not disable the server certificate validation on the client!
Root cause
While trying to negotiate a TLS handshake with the client, ISE expected to receive a non-empty TLS message or TLS alert message, but instead received an empty TLS message. This could be due to an inconformity in the implementation of the protocol between ISE and the supplicant. For example, it is a known issue that the XP supplicant sends an empty TLS message instead of a non-empty TLS alert message. It might also involve the supplicant not trusting the ISE server certificate for some reason. ISE treated the unexpected message as a sign that the client rejected the tunnel establishment.
I am having a hard time figuring out what is causing this. My assumption is if there were a problem with the Controller or AP configurations then it would happen to everyone. My further assumption is if the client had a problem with their laptop (windows 7) then why does work at other times? So I have checked and the ISE certificate is trusted by client.
Is something happening that the previous access point is holding on to the mac and the return authentication traffic is going to the old AP instead of the new one or something like that which is corrupting the data?
I also had this from Splunk for the same client:
Mar 5 13:44:51 usstlz-piseps01 CISE_Failed_Attempts 0014809622 1 0 2015-03-05 13:44:51.952 +00:00 0865003824 5435 NOTICE RADIUS: NAS conducted several failed authentications of the same scenario
FailureReason="12929 NAS sends RADIUS accounting update messages too frequently"
Any help on this would be appreciated. These error messages give me an idea but doesn't give me the exact answer to why the problem occurred and what needs to be done to fix it.
Thanks

Further detail From ISE for the failure:
11001
Received RADIUS Access-Request
11017
RADIUS created a new session
15049
Evaluating Policy Group
15008
Evaluating Service Selection Policy
15048
Queried PIP
15048
Queried PIP
15004
Matched rule
15048
Queried PIP
15048
Queried PIP
15004
Matched rule
11507
Extracted EAP-Response/Identity
12500
Prepared EAP-Request proposing EAP-TLS with challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12301
Extracted EAP-Response/NAK requesting to use PEAP instead
12300
Prepared EAP-Request proposing PEAP with challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12302
Extracted EAP-Response containing PEAP challenge-response and accepting PEAP as negotiated
12318
Successfully negotiated PEAP version 0
12800
Extracted first TLS record; TLS handshake started
12805
Extracted TLS ClientHello message
12806
Prepared TLS ServerHello message
12807
Prepared TLS Certificate message
12810
Prepared TLS ServerDone message
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
11514
Unexpectedly received empty TLS message; treating as a rejection by the client
12512
Treat the unexpected TLS acknowledge message as a rejection from the client
11504
Prepared EAP-Failure
11003
Returned RADIUS Access-Reject

Authentication issues

We've had authentication issues with Infinity since the install just over a week ago (BT Business package)
The router will drop the connection and then we have a problem reconnecting (won't). Out of sheer frustration I've discovered a workaround that sometimes works that is to change the user name to the BT test account, connect, and then change the router user name setting back to our own. The BT test account always works, so despite a BT engineer being sent to trace the problem onsite yesterday the issue remains. We've also been sent a new router, and the BT engineer arrived with yet another new one yesterday
The problem seems to be purely authentication. The Technical Helpdesk have changed our password (twice) but we still get the problem. Yesterday I was told that some other users in our area have also had an authentication issue and that over the weekend 'patches' were going to be applied at our local exchange.
When the service works we get quite good speeds (37 down, 8 up) but we're frustrated with the lack of knowledge from the help-desk and have doubts that the 'patches' will resolve the issue
Such is the problem that BT will downgrade us back to ADSL2 (which was rock solid in comparison) next week if we're still unhappy
I did ask if our user name could be changed but told no. I'm curious to know as to what the switch to fibre could cause authentication problems?

hi this is a BT Residential forum as a Business user you may get more help from the BT business forum
http://business.forums.bt.com/t5/Broadband-and-internet/bd-p/Broadband
If you want to say thanks for a helpful answer,please click on the Ratings star on the left-hand side If the reply answers your question then please mark as ’Mark as Accepted Solution’

Safari 5.1 HTML5 HTTP basic access authentication issue video does not load

I have a .m4v video referenced in a page with the HTML5 video tag in a folder which is in a password protected folder housed on iPage.
Safari 5.0.5 plays the video fine. Safari 5.1 fails to load/play the video in the protected folder. If I move the video to a not protected folder, Safari 5.1 plays it fine.
This is on iPage. Back on MobileMe all is fine with 5.1.
I think this is a HTTP basic access authentication issue with 5.1.
Anyone have similar issue? Work around?

Yes, I can also confirm this behaviour. This is in Safari 5.1.1, but I also see the exact same thing in WebKit nightlies.

General authentication issues

I have a general issue with authenticating usernames and passwords. starting with remote desktop connection to my win 8 laptop 6 days a go i was able to connect to it from the internet with no problems, now for some reason i can't connect to it i can see the window asking for a log in info so it can see the computer but it doesn't accept my log in info, i also have win 2008 server computer on the same LAN and i can connect to it from the outside.
same thing with my FTP service i can connect to my FTP from the internet using IE but when it asks for username and password it doesn't accept them.
SAME PROBLEM WITH VPN i used to e able to connect to my LAN from the outside internet and now while it's verifying username and password for VPN it doesn't accept them.
Iam basically looking at an authentication issue not a connection because i see that i can connect to these services until authentication level then authentication doesn't work.
Any Ideas?
Thanks

Normally I would use FLAC for quality but since Itunes doesn't support it I use mp3. Good albums I do both. Is there a plugin so I don't need 2 copies of my music?
You can try the Xiph plugins to play your FLAC files. Some people have reported success while others have had problems, but it would be worth trying.
When I drag the music in to the play list Itunes takes between 5-10 minutes to add the songs and do its gap less playback check, etc.. Itunes is hung the entire time and does not respond. Is this normal?
How many tracks do you have in your library? If it's really large (many thousands of tracks), the delay may be normal.
it says it's getting the artwork but it only gets the art work may be 1 out 20 albums I import. Is there a way to select the art work manually?
If you search the web for "iTunes album art" you'll find a lot of methods for getting album artwork into iTunes.
Regards.

Airport-Router authentication issue

Hi - I have a really annoying authentication issue between my MBP (late '06) and my DIR-655 D-Link router (f/w 1.22 b05).
I am getting "disconnection" issues on my MacBook Pro only. We are not seeing any issues on my fiance's Vaio laptop. So I'm thinking maybe the router isn't to blame...?
I put "disonnection" in quotes because airport always shows that there is a connection to the router/network, but there clearly is not. Sometimes I have to disconnect/reconnect airport, but often the connection just comes back after 30 seconds or so. It usually looks like a DNS issue...holding at the "looking up" stage, but I really don't think it is. I've tried various domain name servers.
I thought I had worked around this by allowing the router to accept G in addition to 802.11n connections, but the problem, while not as prevalent, seems to have increased lately even while using 802.11g.
I see that the router's log is replete with messages like this:
*Wireless system with MAC address 0017F2HR7BC6 disconnected for reason: Authentication Failed*
That MAC address is indeed my MBP
I'm also seeing a lot of messages along these lines:
*Blocked incoming TCP connection request from 119.154.75.13:1420 to 173.78.73.92:445*
But I assume these messages are unrelated.
So I turned off WPA-Personal security and, of course, no further authentication errors. Those blocked TCP requests continue.
Of course, I don't want to keep WPA turned off.
Any ideas as to why authentication would be failing on and off with airport? I didn't even realize there was more than a single authentication (i.e. after you first connect), but I still have a LOT to learn about routers!
Any ideas appreciated!

FWIW
119.154.75.13 = an address in Pakistan
173.78.73.92 = an address in Tampa, Florida on the Verizon Network
Have you been using BitTorrent or some other p2p software lately ?
Re your router issue, have you considered using MAC Address Security (not WAP/WEP) ?

Adobe Flash NTLM Authentication Issue

This problem is having a major impact for many users in my account.
The users are testing streaming course ware delivery over the Internet and also hitting the proxy re-login prompt.
The problem with them is that after re-logging in the course restarts at the beginning.
So it is not a fit for purpose environment for this application currently.
The same problem occurs for companies webcast through Internet.
Recent test with the users have confirm the issue occurs using the following version of flash:
Adobe Flash Player ActiveX 11.1.102.55
Adobe Flash Player ActiveX 11.1.102.62
The Shockwave Flash NTLM authentication issue is characterised by the following packet sequence: WS sends Request to Server. Server closes the TCP connection without a response to the request. The WS establishes a new TCP connection and resend the request with previous NTLM Authentication details (ie does not go through the correct NTLM handshake for proxy authentication failure and the browser to pop for user credentials.
When the above occurs,
NTLM authentication screen popup up, entering credential again didn’t resume video. I had to reload the page to resume video from the beginning.
No popup, but the video resumes from the beginning when there was a prolonged delay.
The problem occurs on Windows XP SP3 with IE7 or IE8 with Flash Player 11.1.102.62
Is the problem a known issue with Adobe Flash Player ?

Hello,
The bug report states can not reproduce. I understand the problem and am happy to help Adobe understand if they want to email me and organise a webex.
The problem is associated with the way IE handles NTLM on a new connection. When performing a POST request, it will make two requests: the first contains a type1 NTLM token and no body, and the second will contain the type 3 token and the body. It does this because it expects to perform NTLM authentication as NTLM is connection not session based, and hence for efficiency, it doesn't send the POST body on the first request (knowing a second request will be required).
The POST request initiated by the Flash application is only made once, so it presents a POST request and no body with the type 1 token to the web server (ie IIS, or some Java implementation such as SSO Plugin), and does not make a second request with a type 3 token and the body. It gives up and automatically prompts the user for a username/password, which is the wrong behaviour when the browser is in the Local Intranet zone and the web server responded with a type 2 token.
I can reproduce this easily and it is a serious bug: it means that any Flash application that is accessed via Integrated Windows Authentication and IE will fail when trying to make a POST request, such as uploading a file from the user.
John
SSO Plugin for BMC, HP and more.
http://www.javasystemsolutions.com/jss/ssoplugin

Crystal Server 2008 authentication issue

I have installed Crystal Server 2008 v1 on Windows Server 2008 64 bit, IIS 7 using AD authentication (not SSO).
IIS has been configured to accept anonymous connections. If I run .net Infoview on the server it is fine, but as soon as I connect from a client I can authenticate and log onto Infoview, but within Infoview I am continually prompted by Windows to authenticate to the server and I cannot run any reports - nothing I put in there works.
I have been running BOE XI on Server 2003 32 bit without any such issues at all.
Could comeone pls point me in the right direction
Thanks
Garth

solved issue by activating anonymous authentication on default web site and propogating down to all the web sites under the default site...

WLC, ISE certificate authentication issue

Hi Folks,
This is the setup:
Redundant pair of WLC 5508 (version 7.5.102.0)
Redundant Pair of ISE (Version 1.2.0.899)
     The ISE servers are connected to the corporate Active Directory (the AD servers are configured as external identity sources)
     There is a rule based authentication profile which queries the AD identity source when it receives wireless 802.1x authentication requests.
A corporate WLAN is configured on the WLC:
L2 security WPA+WPA2 (AES Encryption), ISE server 1 and 2 configured as the AAA Authentication servers.
This is all working correctly - I associate to the Corp WLAN (Authentication WPA2 enterprise, encryption AES CCMP, 802.1x auth MS-CHAPv2 using AD credentials) ... I can see the authentication request being processed correctly by the ISE, and I get access to the network.
The client I am working for wants to restrict access to the WLAN to users who have been allocated a certificate from the corporate CA, and this is where I am having issues.
I took a test laptop, and requested a new certificate (mmc, add snapin, certificates, current user, personal, request new cert).
The cert that was issued was signed only by a Corporate AD server with CA services (there is nothing in the certification path above the cert I was issued, apart from the issuing server itself).   I changed the security settings of my connection to the corp wlan (using TLS instead of mschapv2, and pointing to the certificate I requested)
Initally authentication failed because the ISE did not trust the CA that provided my certificate (the ISE radius authentication troubleshooting tool had this entry: '12514 EAP-TLS failed SSL/TLS handshake because of an unknown CA in the client certificates chain').
I exported the issuing CA's root certificate (followed this process http://support.microsoft.com/kb/555252), and imported the cert into ISE (administration, system, certificates, certificate store, import) - status of the cert is enabled, and it is trusted for client auth.
After I did this, I could no longer associate to the Corp WLAN.
My laptop's wireless management software logs were filled with messages saying that the authentication server did not respond.
The ISE troubleshooting tool reported no new failed or successful authentication attempts.
Strangely though, the WLC log had a lot of entries like this: 'AAA Authentication Failure for UserName:host/laptop_asset_tag.corp.com User Type: WLAN USER'.
It looks like the WLC is trying to locally authenticate my session when I use TLS, rather than hand off the authentication request to the ISE.    Other users who authenticate using their AD credentials only (as I described above) can still authenticate ok.
Anyone able to shed some light on where I have gone wrong or what additional troubleshooting I can do?
Thanks in advance,
Darragh

Hi,
I had the same issue with microsoft CA and running ISE 1.1.4. The CA file was "corrupted", but you didn't see it at first glance. You can verify if the client CA matches the root CA via openssl.
Try to export the root CA and the issuing CA in a different format (Base64), import both root and issuing into ise and check if that works. Also check if "Trust for client authentication or Secure Syslog services" in the Certificate Store -> CA -> Edit, is set.
If this does not work, try to import the CA into another system and export it, then import into ISE.
Regards,

SharePoint 2013 - random authentication issue where users are suddenly anonymous

Hi,
I've banged my head for too long The issue is that some users for the web.configs is verified. 1 WFE & 1 APP with SP2013 PS C:\> Use-CacheCluster
PS C:\> Get-CacheHost
HostName : CachePort Service Name WFE.domain.local:22233 AppFabricCachingService UP There's sufficient RAM to avoid The logs seem to indicate that the 06/10/2013 12:47:48.11 w3wp.exe (0x1B64) 06/10/2013 12:47:48.11 w3wp.exe (0x1B64) 06/10/2013 12:47:48.11 w3wp.exe (0x1B64) 06/10/2013 12:47:48.11 w3wp.exe (0x1B64) 06/10/2013 12:47:48.11 w3wp.exe (0x1B64) 06/10/2013 12:47:48.11 w3wp.exe (0x1B64) 06/10/2013 12:47:48.13 w3wp.exe (0x1B64) 06/10/2013 12:47:48.13 w3wp.exe (0x1B64) 06/10/2013 12:47:48.13 w3wp.exe (0x1B64) 06/10/2013 12:47:48.15 w3wp.exe (0x1B64) 06/10/2013 12:47:48.15 w3wp.exe (0x1B64) 06/10/2013 12:47:48.15* w3wp.exe (0x1B64) 06/10/2013 12:47:48.15* w3wp.exe (0x1B64) 06/10/2013 12:47:48.15 w3wp.exe (0x1B64) 06/10/2013 12:47:48.19 w3wp.exe (0x1B64) 06/10/2013 12:47:48.19 w3wp.exe (0x1B64) 06/10/2013 12:47:48.19 w3wp.exe (0x1B64) 06/10/2013 12:47:48.19 w3wp.exe (0x1B64) 06/10/2013 12:47:48.19 w3wp.exe (0x1B64) 06/10/2013 12:47:48.32 w3wp.exe (0x1B64) 06/10/2013 12:47:48.32 w3wp.exe (0x1B64) 06/10/2013 12:47:48.32 w3wp.exe (0x1B64) 06/10/2013 12:47:48.32 w3wp.exe (0x1B64) 06/10/2013 12:47:48.33 w3wp.exe (0x1B64) 06/10/2013 12:47:48.33 w3wp.exe (0x1B64) 06/10/2013 12:47:48.33 w3wp.exe (0x1B64) 06/10/2013 12:47:48.33* w3wp.exe (0x1B64) 06/10/2013 12:47:48.33* w3wp.exe (0x1B64) 06/10/2013 12:47:48.33* w3wp.exe (0x1B64) 06/10/2013 12:47:48.33* w3wp.exe (0x1B64) 06/10/2013 12:47:48.33* w3wp.exe (0x1B64) 06/10/2013 12:47:48.33 w3wp.exe (0x1B64) 06/10/2013 12:47:48.33 w3wp.exe (0x1B64) 06/10/2013 12:47:48.33 w3wp.exe (0x1B64) 06/10/2013 12:47:48.33* w3wp.exe (0x1B64) 06/10/2013 12:47:48.33* w3wp.exe (0x1B64) 06/10/2013 12:47:48.33* w3wp.exe (0x1B64) 06/10/2013 12:47:48.33* w3wp.exe (0x1B64) 06/10/2013 12:47:48.33* w3wp.exe (0x1B64) 06/10/2013 12:47:48.33 w3wp.exe (0x1B64) 06/10/2013 12:47:48.33 w3wp.exe (0x1B64) 06/10/2013 12:47:48.33 w3wp.exe (0x1B64) 06/10/2013 12:47:48.33* w3wp.exe (0x1B64) 06/10/2013 12:47:48.33* w3wp.exe (0x1B64) 06/10/2013 12:47:48.33 w3wp.exe (0x1B64) 06/10/2013 12:47:48.33 w3wp.exe (0x1B64) 06/10/2013 12:47:48.33 w3wp.exe (0x1B64) 06/10/2013 12:47:48.33* w3wp.exe (0x1B64) 06/10/2013 12:47:48.33* w3wp.exe (0x1B64) 06/10/2013 12:47:48.33 w3wp.exe (0x1B64) 06/10/2013 12:47:48.55 w3wp.exe (0x1B64) I'm figuring the Distributed Cache All help is appreciated! now on this issue, so I'm hoping anyone here can shed some light on it. We're running on April 2013 CU but the problem has existed since RTM.
(all of this random) can't access the site ("An error has occurred") and get an error page. The Web App is configured with Claims (NTLM and FBA Membership/Role Provider). No custom login page and configuration
It works 99% of the times, but occasionally a user gets an error and I have to restart the Distributed Cache to fix it.
April 2013 CU with a few web apps. There's also a WAC server connected, but that shouldn't make a difference. The Distributed Cache runs only on the WFE:
Service Status Version Info
3 [3,3][1,3]
the Distributed Cache to force purge data.
user is seen as anonymous:
0x2EE4 SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Request (GET:http://mywebapp:80/)). Parent No
0x2EE4 SharePoint Foundation Logging Correlation Data xmnv Medium Name=Request (GET:http://mywebapp:80/) fcfd239c-7f49-f04b-4187-c6fa1add3f5a
0x2EE4 SharePoint Foundation Authentication Authorization agb9s Medium Non-OAuth request. IsAuthenticated=False, UserIdentityName=, ClaimsCount=0 fcfd239c-7f49-f04b-4187-c6fa1add3f5a
0x2B58 SharePoint Foundation General af71 Medium HTTP Request method: GET fcfd239c-7f49-f04b-4187-c6fa1add3f5a
0x2B58 SharePoint Foundation General af75 Medium Overridden HTTP request method: GET fcfd239c-7f49-f04b-4187-c6fa1add3f5a
0x2B58 SharePoint Foundation General af74 Medium HTTP request URL: / fcfd239c-7f49-f04b-4187-c6fa1add3f5a
0x2B58 SharePoint Foundation Files aise3 Medium Failure when fetching document. 0x80070005 fcfd239c-7f49-f04b-4187-c6fa1add3f5a
0x28AC SharePoint Foundation Logging Correlation Data xmnv Medium Site=/ fcfd239c-7f49-f04b-4187-c6fa1add3f5a
0x28AC SharePoint Foundation General 8e2s Medium Unknown SPRequest error occurred. More information: 0x80070005 fcfd239c-7f49-f04b-4187-c6fa1add3f5a
0x28AC SharePoint Foundation General aix9j High SPRequest.OpenWeb: UserPrincipalName=, AppPrincipalName= ,bstrUrl=http://mywebapp/ fcfd239c-7f49-f04b-4187-c6fa1add3f5a
0x28AC SharePoint Foundation General ai1wu Medium System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)), StackTrace: at Microsoft.SharePoint.SPWeb.InitWeb() at Microsoft.SharePoint.SPWeb.get_EnableMinimalDownload() at Microsoft.SharePoint.Utilities.SPUtility.Redirect(String url, SPRedirectFlags flags, HttpContext context, String queryString) at Microsoft.SharePoint.Utilities.SPUtility.HandleAccessDenied(HttpContext context) at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.PreSendRequestHeaders(Object oSender, EventArgs ea) at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.EndRequestHandler(Object oSender, EventArgs ea) at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.... fcfd239c-7f49-f04b-4187-c6fa1add3f5a
0x28AC SharePoint Foundation General ai1wu Medium ...HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error) at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb) at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificati... fcfd239c-7f49-f04b-4187-c6fa1add3f5a
0x28AC SharePoint Foundation General ai1wu Medium ...onStatus& notificationStatus) at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) fcfd239c-7f49-f04b-4187-c6fa1add3f5a
0x28AC SharePoint Foundation Monitoring b4ly High Leaving Monitored Scope (PreSendRequestHeaders). Execution Time=11,6273 fcfd239c-7f49-f04b-4187-c6fa1add3f5a
0x07E4 SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Request (GET:http://mywebapp:80/_layouts/15/Authenticate.aspx?Source=%2F)). Parent No
0x07E4 SharePoint Foundation Logging Correlation Data xmnv Medium Name=Request (GET:http://mywebapp:80/_layouts/15/Authenticate.aspx?Source=%2F) fcfd239c-5f4e-f04b-4187-c4e9f3c4dff3
0x07E4 SharePoint Foundation Authentication Authorization agb9s Medium Non-OAuth request. IsAuthenticated=False, UserIdentityName=, ClaimsCount=0 fcfd239c-5f4e-f04b-4187-c4e9f3c4dff3
0x07E4 SharePoint Foundation Logging Correlation Data xmnv Medium Site=/ fcfd239c-5f4e-f04b-4187-c4e9f3c4dff3
0x07E4 SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (GET:http://mywebapp:80/_layouts/15/Authenticate.aspx?Source=%2F)). Execution Time=8,0499 fcfd239c-5f4e-f04b-4187-c4e9f3c4dff3
0x25E4 SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Request (GET:http://mywebapp:80/_login/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F)). Parent No
0x25E4 SharePoint Foundation Logging Correlation Data xmnv Medium Name=Request (GET:http://mywebapp:80/_login/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F) fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation Authentication Authorization agb9s Medium Non-OAuth request. IsAuthenticated=False, UserIdentityName=, ClaimsCount=0 fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation Logging Correlation Data xmnv Medium Site=/ fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General 8e2s Medium Unknown SPRequest error occurred. More information: 0x80070005 fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General aix9j High SPRequest.GetPageListId: UserPrincipalName=, AppPrincipalName= ,bstrUrl=http://mywebapp/_login/default.aspx?ReturnUrl=/_layouts/15/Authenticate.aspx?Source=%252F&Source=/ fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)), StackTrace: at Microsoft.SharePoint.SPContext.get_ListId() at Microsoft.SharePoint.SPContext.get_List() at Microsoft.SharePoint.WebControls.ScriptLink.InitJs_Register(Page page) at Microsoft.SharePoint.WebControls.ScriptLink.RegisterForControl(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, Boolean injectNoDefer, Boolean controlRegistration, Boolean loadInlineLast, Boolean ignoreFileNotFound) at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, String uiVersion, String ctag) at Micros... fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium ...oft.SharePoint.WebControls.ScriptLink.Register(String uiVersion, Control ctrl, Page page, String name, Boolean localizable, Boolean defer) at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer) at Microsoft.SharePoint.WebControls.ScriptLink.GetOnDemandScriptKey(String strKey, String strFile, Boolean registerDependencies, Control ctrl, Page page) at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Control ctrl, Page page, String strKey, String strFile, Boolean localizable) at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Page page, String strFile, Boolean localizable) at Microsoft.SharePoint.WebControls.ScriptLink.RegisterForControl(Control ctrl, Page page, String name, ... fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium ...Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, Boolean injectNoDefer, Boolean controlRegistration, Boolean loadInlineLast, Boolean ignoreFileNotFound) at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, String uiVersion, String ctag) at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Control ctrl, Page page, String strKey, String strFile, Boolean localizable) at Microsoft.SharePoint.WebControls.ScriptLink.OnLoad(EventArgs e) at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Co... fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium ...ntrol.LoadRecursive() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error) at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb) at System.Web.HttpRuntime.Proc... fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium ...essRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus) at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr modul... fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium ...eData, Int32 flags) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General 8e2s Medium Unknown SPRequest error occurred. More information: 0x80070005 fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General aix9j High SPRequest.OpenWeb: UserPrincipalName=, AppPrincipalName= ,bstrUrl=http://mywebapp/_login/default.aspx?ReturnUrl=/_layouts/15/Authenticate.aspx?Source=%252F&Source=/ fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)), StackTrace: at Microsoft.SharePoint.SPWeb.InitWeb() at Microsoft.SharePoint.SPWeb.get_WebTemplateConfiguration() at Microsoft.SharePoint.WebControls.ScriptLink.InitJs_Register(Page page) at Microsoft.SharePoint.WebControls.ScriptLink.RegisterForControl(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, Boolean injectNoDefer, Boolean controlRegistration, Boolean loadInlineLast, Boolean ignoreFileNotFound) at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, String uiVersion, String ctag) ... fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium ...at Microsoft.SharePoint.WebControls.ScriptLink.Register(String uiVersion, Control ctrl, Page page, String name, Boolean localizable, Boolean defer) at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer) at Microsoft.SharePoint.WebControls.ScriptLink.GetOnDemandScriptKey(String strKey, String strFile, Boolean registerDependencies, Control ctrl, Page page) at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Control ctrl, Page page, String strKey, String strFile, Boolean localizable) at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Page page, String strFile, Boolean localizable) at Microsoft.SharePoint.WebControls.ScriptLink.RegisterForControl(Control ctrl, Page page, Stri... fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium ...ng name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, Boolean injectNoDefer, Boolean controlRegistration, Boolean loadInlineLast, Boolean ignoreFileNotFound) at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, String uiVersion, String ctag) at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Control ctrl, Page page, String strKey, String strFile, Boolean localizable) at Microsoft.SharePoint.WebControls.ScriptLink.OnLoad(EventArgs e) at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.... fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium ...Web.UI.Control.LoadRecursive() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error) at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb) at System.Web.HttpRun... fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium ...time.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus) at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, Int... fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium ...Ptr moduleData, Int32 flags) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General 8e2s Medium Unknown SPRequest error occurred. More information: 0x80070005 fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General aix9j High SPRequest.OpenWeb: UserPrincipalName=, AppPrincipalName= ,bstrUrl=http://mywebapp/_login/default.aspx?ReturnUrl=/_layouts/15/Authenticate.aspx?Source=%252F&Source=/ fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)), StackTrace: at Microsoft.SharePoint.SPWeb.InitWeb() at Microsoft.SharePoint.SPWeb.get_EnableMinimalDownload() at Microsoft.SharePoint.WebControls.DeltaPage.RenderToBase(HtmlTextWriter writer) at Microsoft.SharePoint.WebControls.DeltaPage.Render(HtmlTextWriter writer) at Microsoft.SharePoint.WebControls.UnsecuredLayoutsPageBase.Render(HtmlTextWriter writer) at System.Web.UI.Control.RenderControlInternal(HtmlTextWriter writer, ControlAdapter adapter) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean inclu... fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium ...deStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error) at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb) at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)... fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium ... at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus) at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General 8e2s Medium Unknown SPRequest error occurred. More information: 0x80070005 fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General aix9j High SPRequest.OpenWeb: UserPrincipalName=, AppPrincipalName= ,bstrUrl=http://mywebapp/_login/default.aspx?ReturnUrl=/_layouts/15/Authenticate.aspx?Source=%252F&Source=/ fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)), StackTrace: at Microsoft.SharePoint.SPWeb.InitWeb() at Microsoft.SharePoint.SPWeb.get_EnableMinimalDownload() at Microsoft.SharePoint.WebControls.DeltaPage.RenderToBase(HtmlTextWriter writer) at Microsoft.SharePoint.WebControls.DeltaPage.Render(HtmlTextWriter writer) at Microsoft.SharePoint.WebControls.UnsecuredLayoutsPageBase.Render(HtmlTextWriter writer) at System.Web.UI.Control.RenderControlInternal(HtmlTextWriter writer, ControlAdapter adapter) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean inclu... fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium ...deStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error) at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb) at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)... fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation General ai1wu Medium ... at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus) at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x25E4 SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (GET:http://mywebapp:80/_login/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F)). Execution Time=17,7845 fcfd239c-2f56-f04b-4187-cca1c6a273e0
0x043C SharePoint Foundation Authentication Authorization agb9s Medium Non-OAuth request. IsAuthenticated=False, UserIdentityName=, ClaimsCount=0
gets confused about the authentication tokens and starts handing out the wrong token to some users ? If I leave the Distributed Cache disabled it seems to permanently fix the issue, but that's not an ideal scenario.

please read about logon token cache section in
http://blogs.msdn.com/b/besidethepoint/archive/2013/03/27/appfabric-caching-and-sharepoint-1.aspx ;
And when anonymous authentication is enabled for a web application zone that use windows integrated authentication, SharePoint use WSS_Keepsessionauthenticated cookie to prevent reverting to anonymous. Also check the browser handling of this session cookie.
also, analyze the error logs in WSS_Logging database if the logging is turned on:
http://social.technet.microsoft.com/Forums/sharepoint/en-US/8ba7b6e9-0b5d-4c4b-bd66-d2c72bb538b3/web-analytics-for-specific-pages-somehow-with-2010-unique-visitors#06b4fdd9-1d24-445c-bddc-db9cac1135e0 . The data volume can be large, so, don't do this in
a production environment, you can backup the WSS_logging database and analyze it elsewhere.

Custom Authentication Issue with Policy Agent

Hi,
I have a custom authentication module which is hosted on the BEA application server and I am trying to access through the policy agent on apache.
I have set the following property in AMAgent.properties file
com.sun.am.policy.am.loginURL= http://host:port/amserver/UI/Login
So When the user requests a protected resource, the policy agent forwards the user to Identity Server with the module as CustomLoginModule. However, after this, authentication is succeed, user sesion is being created and I get the following error message in the agent log file.
2004-10-19 16:20:26.908 Error 27620:e1140 PolicyEngine: am_policy_evaluate: InternalException in Service::construct_auth_svc with error message:Application authentication failed during service creation. and code:3
2004-10-19 16:20:26.908 128 27620:e1140 RemoteLog: User unknown was denied access to http://hostname:port/weblogic/protapp/protected/a.html.
2004-10-19 16:20:26.908 Error 27620:e1140 LogService: LogService::logMessage() loggedBy SSOTokenID is invalid.
2004-10-19 16:20:26.909 Error 27620:e1140 all: am_log_vlog() failed with status AM_REMOTE_LOG_FAILURE.
2004-10-19 16:20:26.909 -1 27620:e1140 PolicyAgent: URL Access Agent: access denied to unknown user
The necessary policy object is already created in Identity Server. Please send your suggestions to fix this problem.
Thanks
Neeraj

Hi Neeraj,
I still have not been able to resolve that issue. Let me know If you find a solution for the same.
Thanks,
Srinivas

IDISK AUTHENTICATION ISSUE

Similar Messages

Maybe you are looking for