Import Policy fails after Universal Password enabled

Similar Messages

• Import Policy failing when Complex Password Policy enabled

  Hello everyone. I have a very interesting issue.
  We are running ZFD4 on a NetWare 6 SP5 server and after enabling a
  Universal Password Complex Policy on the container that the ZFD objects
  are in we are unable to import any workstations. We are seeing what id
  detailed in the TID below:
  http://support.novell.com/cgi-bin/se...?/10089544.htm
  We cannot turn off the policy package as it is a requirement! Are there
  any work arounds other than upgrading to ZFD7 or OES? The version of NMAS
  is greater than 2.3.5.
  Any advice would be appreciated.
  Chris

  Originally Posted by Jared Jennings
  Chris Murzda,
  >We cannot turn off the policy package as it is a requirement! Are there
  >any work arounds other than upgrading to ZFD7 or OES? The version of NMAS
  >is greater than 2.3.5.
  Are you getting error 319?
  Are all servers at 2.3.5 or greater?
  Jared Jennings - Data Technique, Inc.
  Novell Support Forums Sysop
  My Blog and Wiki with Tips, Tricks, and Tutorials
  Main Page - ZENWorks Wiki
  Hi,
  I Have also this message -319 when importing ws in the tree. But only when the user (dynamic local user) have the name "INSTALL" when I rename the user to "INSTAL" or an other name, then it is working. What has the import to see with just a "username"?
  Thanks
  Herman

• Import Policy Failing

  I apologize if this got posted twice but I cannot see my first posting.
  My problem is as described in the TID below:
  http://support.novell.com/cgi-bin/se...?/10089544.htm
  My NMAS version meets the criteria as stated in the TID.
  We are running NetWare 6 SP5 with ZFD4.1 and after configuring the
  Universal Password Policy on the container that ZFD objects are
  configured, we get the import error as indicated in the TID.
  Any work arounds other than upgrading to ZFD7 and/or OES?
  Any advice would be appreciated.
  Chris

  Chris,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Do a search of our knowledgebase at http://support.novell.com/search/kb_index.jsp
  - Check all of the other support tools and options available at
  http://support.novell.com.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://support.novell.com/forums)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://support.novell.com/forums/faq_general.html
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://support.novell.com/forums/

• ZCM 11 Remote Management Policy Failed after Patch 2

  Upgraded to Cumulative Agent Patch 2 on ZCM 11 and now my remote management policy fails. It keeps stating that it "Could not find a results file for remote management policy...."
  Is anyone else having this issue?

  Dpogue,
  This is being worked on, it's not related to the agent update as far as
  we know - TID 7006354 has some details.
  Shaun Pond

• Importing constantly fails after 10.1 update

  Hello All,
  I am experiencing a major problem after upgrading to 10.1
  every time I try to import media "Canon VIXIA HF20" a supported camera it fails and tells me it is referencing the media on the camera.
  If I kick of the import again it sometimes works, or I have to manually copy the media off of the camera then import it from a file which seems to work.
  I have never had this issue before and this is causing me a lot of grief! 
  Is there a fix for this?? is there anything I can do??
  any help will be greatly appreciated.
  Paul...

  I realize that everything was fine until… But I'm not aware that 10.1 update has broken the import function in general or for any specific format or camera model. More to the point, a Web search didn't didn't turn up those reports. Nor should this format require any special plug-ins that might need updating to work with 101.
  So when you ask for any fixes, I would still look at the possibility of a suspect clip. Try shooting some test footage and see whether that imports. If you still have problems, take the camera's internal drive out of the equation and try a card.
  Good luck.
  Russ

• StopWeblogic.sh and startWeblogic.sh fail after weblogic password changed

  Hello,
  We had to change the password for the weblogic user and after the change the stop start script are failing. I was reading that if boot.properties file is present, the start/stop scripts do not ask for the weblogic credentials. I could see the boot.properties file under the domain directory but the contents are encrypted. How can we resolve this? Any help is appreciated.
  Regards.

  the simplest solution is
  - either delete the boot.properties; weblogic will ask you the credentials at the next start
  - or edit manually the boot.properties, inserting non-encrypted values; weblogic will encrypt the password at the next start

• Mail upgrade and import assistant failing after Yosemite install

  I upgraded my friend's macbook pro 13-inche Mid 2010 to Yosemite, everything except iMail seems to be working fine.
  When I go to launch iMail it tells me that it is "updating your mail database", it proceeds to go into another screen where it is "Migrating data" then the next screen shows "The upgarde failed. An error occurred during the upgrade. Click Continue to launch the Mail Import Assistan, which will help you create a new library and import your existing messages".
  I click continue  and get an error pop up that says "Your Mail index has been damaged. To repair it, quite Mail. Mail will repair the index the next time you open Mail. Your mailboxes and messages will be preserved" and hte only option is to Quit. I launch it again and get a new window with the header Message Import and the info says "Mail needs to import your messages. This might take a few minutes. You won't be able to use Mail until the import is finished. Click Continue to import your messages now, or click Cancel to import later". I click Continue and it goes through the importing process of bringing over 8467 messages and folders from Hotmail and another iCloud account which takes about a minute then goes to the next screen which goes through Upgrading then optimizing then migrating the data and back to the upgrade failed message the same as above.
  I have tried restarting the computer and attempting to open Mail 3 times with no luck. There does not seem to be any way to open Mail without going through the rebuild which always fails. I'm happy to set up Mail again but can't get around Mail auto-transfer process. I've checked for updates to Yosemite and there aren't any. Any suggestions on how to get around this and get Mail set up?

  I have the same problem
  I try dofferent ways to solve it but nothing works

• Remote Debugging fails after changing passwords

  I've had remote debugging running for months between my Windows Vista laptop and my Windows Server 2003 virtual machine (running on the laptop).
  My laptop is not on a domain, so I've set it up by having the same administrator login on both machines with the same password.  When I remote debug using Windows Authentication, everything seems to work great.
  I've just had to change my password, so I changed it both on my laptop and in Windows Server 2003.  The Remote Debugger service is also running with the new password.
  But for some reason, remote debugging no longer works.  I start visual studio (as an administrator) and the web site project connects to Windows Server 2003 using the new password with no problems.  But when I try to start remote debugging, I get an error telling me I'm connecting with an unknown username or bad password.
  If I change the passwords on both machines back to what they were, everything works fine again.  I've tried restarting bother machines but it doesn't make any difference.
  Have I missed something? The only similar case I've been able to find is this:
  http://www.thescripts.com/forum/thread641075.html
  But I don't want to delete my profile unless I really have to - I'd rather at least understand the problem first.
  Thanks,
  James.

  One thing to check is that you don't have a bad stored credential lying around on either box.
  For Vista:
  1. Start, Control->Panel
  2. User accounts
  3. User accounts again
  4. Click the 'manage your network passwords' under tasks on the lef side
  If this doesn't help, please let me know the exsact error message.
  Thanks,
  Gregg Miskelly

• Oracle Patchset 10.2.0.5.0 impact on password enabled roles

  Oracle Patchset 10.2.0.5.0 (as well as 11.1.0.7 according to Oracle Support note 745407.1) will affect your password enabled roles security if you grant password enabled role to a user as a DEFAULT role (this users - like firecall ids - don't have to provide password to have this role active after logon). It turns out this is the only impact contrary to Oracle Support (Metalink) note 745407.1 stating that roles granted to other roles are affected as well. After I read the note I've worked with my DBA to assess possible damage to the application I support. Below are the results that I hope might help other people to assess and fix their situation as well (Please don't do the "fix" recommended by note 745407.1 which is to "remove password protection from the role" as this will trash your application security) :
  BEFORE THE PATCH:
  SQL*Plus: Release 10.1.0.4.2 - Production on Mon Sep 20 14:45:13 2010
  Copyright (c) 1982, 2005, Oracle. All rights reserved.
  Connected to:
  Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64bit Production
  With the Partitioning, Data Mining and Real Application Testing options
  SQL# -- Create Ordinary Oracle Role
  SQL# create role ORACLE_ROLE;
  Role created.
  SQL#
  SQL# -- Create Password Authenticated Role
  SQL# create role PASSW_AUTH_ROLE identified by xxxxxxx;
  Role created.
  SQL#
  SQL# -- Create Another Ordinary Role to be granted to ORACLE_ROLE
  SQL# create role ROLE_TO_OTHER_ROLE;
  Role created.
  SQL#
  SQL# GRANT ROLE_TO_OTHER_ROLE TO ORACLE_ROLE;
  Grant succeeded.
  SQL#
  SQL# -- Create Secure Application Role
  SQL# create role SECURE_APP_ROLE identified using sec_roles;
  Role created.
  SQL# -- sec_roles procedure
  SQL# CREATE OR REPLACE procedure sec_roles AUTHID CURRENT_USER
  2 AS
  3
  4 BEGIN
  5 DBMS_SESSION.SET_ROLE('secure_app_role');
  6 END;
  7 /
  Procedure created.
  SQL#
  SQL# grant execute on SEC_ROLES to public;
  Grant succeeded.
  SQL#
  SQL# SQL# -- Create User Account
  SQL# CREATE USER app_user IDENTIFIED BY "xxxxxxx"
  2 DEFAULT TABLESPACE "USERS01"
  3 TEMPORARY TABLESPACE "TEMP01";
  User created.
  SQL# GRANT CONNECT, ORACLE_ROLE, PASSW_AUTH_ROLE, SECURE_APP_ROLE to app_user;
  Grant succeeded.
  SQL# ALTER USER app_user DEFAULT ROLE ALL;
  User altered.
  connect app_user@XXXXXX
  Enter password: *********
  Connected.
  select * from session_roles;
  ROLE
  CONNECT
  ORACLE_ROLE
  ROLE_TO_OTHER_ROLE
  PASSW_AUTH_ROLE
  Note here that SECURE_APP_ROLE does not appear in the list of active session roles, which is in accordance with Oracle Support (Metalink) note 745407.1 saying that this is the case starting with versions 11.1.0.7 and 10.2.0.4 for Secure Application Roles.
  AFTER THE PATCH APPLIED:
  connect app_user@XXXXXX
  Enter password: *********
  Connected.
  select * from v$version;
  BANNER
  Oracle Database 10g Enterprise Edition Release 10.2.0.5.0 - 64bi
  PL/SQL Release 10.2.0.5.0 - Production
  CORE 10.2.0.5.0 Production
  TNS for Solaris: Version 10.2.0.5.0 - Production
  NLSRTL Version 10.2.0.5.0 - Production
  SQL# show user
  USER is "APP_USER"
  SQL#
  SQL# select * from session_roles;
  ROLE
  CONNECT
  ORACLE_ROLE
  ROLE_TO_OTHER_ROLE
  As expected password enabled role PASSW_AUTH_ROLE disappeared from the list of the roles enabled by default. Contrary to the expectations ROLE_TO_OTHER_ROLE that is granted to ORACLE_ROLE but not directly to the user is still active. As it turns out that is not the last surprise.
  In order to test other possible combinations of roles granted to other roles I've created two other roles:
  create role role_to_other_role_2;
  Role created.
  SQL# create role PASSW_AUTH_ROLE_2 identified by xxxxxxxx;
  Role created.
  SQL# grant passw_auth_role_2 to oracle_role
  Grant succeeded.
  SQL# grant PASSW_AUTH_ROLE_2 to PASSW_AUTH_ROLE
  Grant succeeded.
  SQL# grant role_to_other_role_2 to passw_auth_role;
  Grant succeeded.
  Surprisingly after logon password enabled role PASSW_AUTH_ROLE_2, granted through non-password enabled role ORACLE_ROLE, is active without need to provide password to set PASSW_AUTH_ROLE_2 role, which kind of defeats the purpose of Oracle security change in the first place.
  connect app_user@XXXXXX
  Enter password: *********
  Connected.
  select * from session_roles;
  ROLE
  CONNECT
  ORACLE_ROLE
  ROLE_TO_OTHER_ROLE
  PASSW_AUTH_ROLE_2
  Also if we set other password enabled role PASSW_AUTH_ROLE all roles granted to that role become active roles:
  set role passw_auth_role identified by xxxxxxxx;
  Role set.
  select * from session_roles;
  ROLE
  PASSW_AUTH_ROLE
  PASSW_AUTH_ROLE_2
  ROLE_TO_OTHER_ROLE_2
  As we can see this Oracle attempt to solidify role based security leaves some holes, and documentation is confusing and misleading. I expect that there will be more interventions coming in the future and we will need to verify with Oracle if they intend to do changes with role based security in the future that might have much greater impact on applications security models, and potentially cause unwanted downtime.
  Finaly the query to figure out if you are potentially affected is:
  select B.grantee, A.role, B.default_role
  from dba_roles A, dba_role_privs B
  where A.password_required = 'YES'
  and A.role = B.granted_role
  and B.default_role = 'YES';

  I think, we are also facing this problem. Please let me know if any one has got any kind of FIX for this ?
  we have just migrated from 10.2.0.4.0 to 10.2.0.5.0. All of a sudden set of code stopped working.
  Query runs before setting up ROLE and similer query gives error after setting up the ROLE. If we don’t set the ROLE, both queries work fine.
  ======= Code =====
  SELECT granted_role
  FROM DBA_ROLE_PRIVS
  WHERE grantee = '501280629'
  AND granted_role IN ('PICAMG','PICAUS', 'PICAVW', 'PICAOP', 'PICADB')
  AND ROWNUM = 1 ----> this query works before setting up ROLE
  SET ROLE PICADB IDENTIFIED BY XXXXX ----> setting up ROLE
  SELECT granted_role
  FROM DBA_ROLE_PRIVS
  WHERE GRANTEE = '501280629'
  AND granted_role IN ('PICAMG','PICAUS', 'PICAVW', 'PICAOP', 'PICADB') ----> this query does work after setting up ROLE
  Thanks
  Suraj

• Import Server fails to import if repository has password

  Hi,
  I am using MDM SP05 Patch2 on Windows Server.
  I added a login password to my repository. Now what happens is the import server fails to import files for that repository giving the error :
  "<i>[MDS=MDM Repos=Repo]: CatMgrClientWorker.Connect() failed. RC: 0xffaa0200 Invalid logon credentials</i>"
  After changing the password, i restarted MDM Server and Import Server both.
  But if i remove the password from my repository, the import runs successfully.
  Someone pls suggest.
  Regards,
  Chintan

  Hi Danish,
  The process of changing the password in .ini files works till MDM 5.5 version.
  From MDM 7.1 version, the password Must be Changed only at the Auxilliary level. Changing it in the .ini file directly will have no effect.
  In MDM 7.1, configuration of some repository-specific MDIS/MDSS parameters moved from the repository sections of mdis.ini/mdss.ini to a new MDIS/MDSS-specific Repository Detail pane in MDM Console.
  When you connect to the Auxilliary servers, you fill find both the configurations for MDIS and MDSS:
  User: The user name MDSS uses to access the MDM repository.
  Password: The password MDSS uses to access the MDM repository.
  Use the same password that you have assigned to Admin in the Console.
  You can refer to the Console Reference guide : page number 263.
  If you have already done this, can you please check the log file and let us know if you find anything.
  Thanks,
  Priti

• Anyconnect VPN not working after Firefox upgrade - "Certificate import has failed"

  Hi All,
  I am running anyconnect 3.0.5080 on ubuntu 11.10x86.  I had everything working using my company's enroll process but after a recent Firefox upgrade (12.0) I was no longer able to authenticate.  I have had this problem before and fixed it by re-enrolling.
  This time when I try to re-enroll it accepts my CA challenge password and prompts me to close all browsers before continuing.  After ensuring that no browsers are running and clicking 'Accept' I am presented with the message "Certificate Enrollment - Certificate import has failed."
  Can anyone help me with this?
  Thanks,
  Philip

  Hi Nick,
  Did you try to import .der/.pse file? if yes, this is not the case for ECC6.
  This is the procedure for ECC6:
  1) Log to Visual Administrator
  2) Go to Server -> Services -> Key Storage
  3) Select the TicketKeyStore view
  4) Export SAPLogonTicketKeypair-cert file (file extension should be crt)
  5) Import the crt file to the ECC6 system.
  Regards,
  Omri

• SSL-VPN Anyconnect fails after rebooting 2811

  Hello all,
  I have setup an Anyconnect SSL-VPN in my 2811 and it works just great, but then after the reboot it fails.  I think it has something to do with the SSL Cert being ereased.  Here is my configuration, please let me know if you need anything else:
  ! Last configuration change at 02:03:27 CDT Thu Sep 27 2012
  version 15.1
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  aaa new-model
  aaa session-id common
  crypto pki token default removal timeout 0
  crypto pki trustpoint TP-self-signed-XXXXXXXXXX
  enrollment selfsigned
  subject-name cn=IOS-Self-Signed-Certificate-XXXXXXXXXX
  revocation-check none
  crypto pki certificate chain TP-self-signed-XXXXXXXXXX
  certificate self-signed 01
    3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 31363535 34343437 3534301E 170D3132 30393237 30373033
    34365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 36353534
    34343735 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
    810096FE 9114BCED E2FA2297 CE41A6F5 73078E18 C1109993 48E2629E 78713B48
    E6EA7C79 17C8E159 C057A05B F3CAFB4D 36AE9196 AAC4A2BF 586CF144 A81E50FC
    5261BFCF 0A11064F C9F19A4C 953DFBF8 65194AD2 73100EE0 FBFE7EB6 0AD16875
    7C1C03AE B3A461E2 9837E057 E2A8AE94 F11FDA8A 98AF8107 C0D9FF14 3CF1C62E
    BE090203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
    551D2304 18301680 1425F172 BAFEAA95 A90FA3D7 A3482174 6F951194 52301D06
    03551D0E 04160414 25F172BA FEAA95A9 0FA3D7A3 4821746F 95119452 300D0609
    2A864886 F70D0101 04050003 81810064 30DCCC2D 0506EDF6 61C37B9E DF5D8F9A
    A9FE0646 FC72C3F8 A7E10E55 CE6AA592 7385931A DDFE95B7 47ED3690 2C3F8B43
    9A637526 1464D94E 3A71D235 A14C0551 70E3ED2F F51B07E3 4379E2AF CCA03416
    10DDF3E1 784D053B A9E4A624 E34BDDFB BA638658 58E30B74 55A62B02 BDC493A8
    23191E2E E4BF390B D62DAA2B 351C09
          quit
  username USERNAME privilege 15 secret 5 $1$Pc/.$y6kJb0xpe.77ciRHZTJ8A.
  ip local pool SSL-VPN 192.168.11.5 192.168.11.8
  ip forward-protocol nd
  ip http server
  ip http authentication local
  ip http secure-server
  bvpn gateway gateway_1
  ip interface Dialer1 port 443
  ssl trustpoint SSL-VPN
  inservice
  webvpn install svc flash:/webvpn/anyconnect-win-2.5.2014-k9.pkg sequence 1
  webvpn context SSL-VPN
  secondary-color white
  title-color #CCCC66
  text-color black
  ssl authenticate verify all
  policy group policy_1
     functions svc-enabled
     svc address-pool "SSL-VPN"
     svc default-domain "DOMAIN"
     svc keep-client-installed
     svc split include 192.168.0.0 255.255.0.0
     svc dns-server primary DNS-SERVER
  default-group-policy policy_1
  gateway gateway_1
  inservice

  Here is the bug description that matches your explaination of the issue:
  MF: HTTPS generates a new self-signed cert on reboot even if one exists
  Symptom:
  With Secure HTTP server enabled, IOS device  generates a new self-signed certificate when it reloads even if a valid  self-signed certificate already exists.
  Conditions:
  When there is no CA(Certificate Authority) provided certificate on the device
  Workaround:
  Use CA provided certificate.
  The resolution is to upgrade it to version 15.2(1)T or higher.
  Unfortunately you would need to have SmartNet contract to be able to download the software from CCO.

• Unit test fails after upgrading to Kodo 4.0.0 from 4.0.0-EA4

  I have a group of 6 unit tests failing after upgrading to the new Kodo
  4.0.0 (with BEA) from Kodo-4.0.0-EA4 (with Solarmetric). I'm getting
  exceptions like the one at the bottom of this email. It seems to be an
  interaction with the PostgreSQL driver, though I can't be sure. I
  haven't changed my JDO configuration or the related classes in months
  since I've been focusing on using the objects that have already been
  defined. The .jdo, .jdoquery, and .java code are below the exception,
  just in case there's something wrong in there. Does anyone have advice
  as to how I might debug this?
  Thanks,
  Mark
  Testsuite: edu.ucsc.whisper.test.integration.UserManagerQueryIntegrationTest
  Tests run: 15, Failures: 0, Errors: 6, Time elapsed: 23.308 sec
  Testcase:
  testGetAllUsersWithFirstName(edu.ucsc.whisper.test.integration.UserManagerQueryIntegrationTest):
  Caused an ERROR
  The column index is out of range: 2, number of columns: 1.
  <2|false|4.0.0> kodo.jdo.DataStoreException: The column index is out of
  range: 2, number of columns: 1.
  at
  kodo.jdbc.sql.DBDictionary.newStoreException(DBDictionary.java:4092)
  at kodo.jdbc.sql.SQLExceptions.getStore(SQLExceptions.java:82)
  at kodo.jdbc.sql.SQLExceptions.getStore(SQLExceptions.java:66)
  at kodo.jdbc.sql.SQLExceptions.getStore(SQLExceptions.java:46)
  at
  kodo.jdbc.kernel.SelectResultObjectProvider.handleCheckedException(SelectResultObjectProvider.java:176)
  at
  kodo.kernel.QueryImpl$PackingResultObjectProvider.handleCheckedException(QueryImpl.java:2460)
  at
  com.solarmetric.rop.EagerResultList.<init>(EagerResultList.java:32)
  at kodo.kernel.QueryImpl.toResult(QueryImpl.java:1445)
  at kodo.kernel.QueryImpl.execute(QueryImpl.java:1136)
  at kodo.kernel.QueryImpl.execute(QueryImpl.java:901)
  at kodo.kernel.QueryImpl.execute(QueryImpl.java:865)
  at kodo.kernel.DelegatingQuery.execute(DelegatingQuery.java:787)
  at kodo.jdo.QueryImpl.executeWithArray(QueryImpl.java:210)
  at kodo.jdo.QueryImpl.execute(QueryImpl.java:137)
  at
  edu.ucsc.whisper.core.dao.JdoUserDao.findAllUsersWithFirstName(JdoUserDao.java:232)
  at
  edu.ucsc.whisper.core.manager.DefaultUserManager.getAllUsersWithFirstName(DefaultUserManager.java:252)
  NestedThrowablesStackTrace:
  org.postgresql.util.PSQLException: The column index is out of range: 2,
  number of columns: 1.
  at
  org.postgresql.core.v3.SimpleParameterList.bind(SimpleParameterList.java:57)
  at
  org.postgresql.core.v3.SimpleParameterList.setLiteralParameter(SimpleParameterList.java:101)
  at
  org.postgresql.jdbc2.AbstractJdbc2Statement.bindLiteral(AbstractJdbc2Statement.java:2085)
  at
  org.postgresql.jdbc2.AbstractJdbc2Statement.setInt(AbstractJdbc2Statement.java:1133)
  at
  com.solarmetric.jdbc.DelegatingPreparedStatement.setInt(DelegatingPreparedStatement.java:390)
  at
  com.solarmetric.jdbc.PoolConnection$PoolPreparedStatement.setInt(PoolConnection.java:440)
  at
  com.solarmetric.jdbc.DelegatingPreparedStatement.setInt(DelegatingPreparedStatement.java:390)
  at
  com.solarmetric.jdbc.DelegatingPreparedStatement.setInt(DelegatingPreparedStatement.java:390)
  at
  com.solarmetric.jdbc.DelegatingPreparedStatement.setInt(DelegatingPreparedStatement.java:390)
  at
  com.solarmetric.jdbc.LoggingConnectionDecorator$LoggingConnection$LoggingPreparedStatement.setInt(LoggingConnectionDecorator.java:1
  257)
  at
  com.solarmetric.jdbc.DelegatingPreparedStatement.setInt(DelegatingPreparedStatement.java:390)
  at
  com.solarmetric.jdbc.DelegatingPreparedStatement.setInt(DelegatingPreparedStatement.java:390)
  at kodo.jdbc.sql.DBDictionary.setInt(DBDictionary.java:980)
  at kodo.jdbc.sql.DBDictionary.setUnknown(DBDictionary.java:1299)
  at kodo.jdbc.sql.SQLBuffer.setParameters(SQLBuffer.java:638)
  at kodo.jdbc.sql.SQLBuffer.prepareStatement(SQLBuffer.java:539)
  at kodo.jdbc.sql.SQLBuffer.prepareStatement(SQLBuffer.java:512)
  at kodo.jdbc.sql.SelectImpl.execute(SelectImpl.java:332)
  at kodo.jdbc.sql.SelectImpl.execute(SelectImpl.java:301)
  at kodo.jdbc.sql.Union$UnionSelect.execute(Union.java:642)
  at kodo.jdbc.sql.Union.execute(Union.java:326)
  at kodo.jdbc.sql.Union.execute(Union.java:313)
  at
  kodo.jdbc.kernel.SelectResultObjectProvider.open(SelectResultObjectProvider.java:98)
  at
  kodo.kernel.QueryImpl$PackingResultObjectProvider.open(QueryImpl.java:2405)
  at
  com.solarmetric.rop.EagerResultList.<init>(EagerResultList.java:22)
  at kodo.kernel.QueryImpl.toResult(QueryImpl.java:1445)
  at kodo.kernel.QueryImpl.execute(QueryImpl.java:1136)
  at kodo.kernel.QueryImpl.execute(QueryImpl.java:901)
  at kodo.kernel.QueryImpl.execute(QueryImpl.java:865)
  at kodo.kernel.DelegatingQuery.execute(DelegatingQuery.java:787)
  at kodo.jdo.QueryImpl.executeWithArray(QueryImpl.java:210)
  at kodo.jdo.QueryImpl.execute(QueryImpl.java:137)
  at
  edu.ucsc.whisper.core.dao.JdoUserDao.findAllUsersWithFirstName(JdoUserDao.java:232)
  --- DefaultUser.java -------------------------------------------------
  public class DefaultUser
  implements User
  /** The account username. */
  private String username;
  /** The account password. */
  private String password;
  /** A flag indicating whether or not the account is enabled. */
  private boolean enabled;
  /** The authorities granted to this account. */
  private Set<Authority> authorities;
  /** Information about the user, including their name and text that
  describes them. */
  private UserInfo userInfo;
  /** The set of organizations where this user works. */
  private Set<Organization> organizations;
  --- DefaultUser.jdo --------------------------------------------------
  <?xml version="1.0"?>
  <!DOCTYPE jdo PUBLIC
  "-//Sun Microsystems, Inc.//DTD Java Data Objects Metadata 2.0//EN"
  "http://java.sun.com/dtd/jdo_2_0.dtd">
  <jdo>
  <package name="edu.ucsc.whisper.core">
  <sequence name="user_id_seq"
  factory-class="native(Sequence=user_id_seq)"/>
  <class name="DefaultUser" detachable="true"
  table="whisper_user" identity-type="datastore">
  <datastore-identity sequence="user_id_seq" column="userId"/>
  <field name="username">
  <column name="username" length="80" jdbc-type="VARCHAR" />
  </field>
  <field name="password">
  <column name="password" length="40" jdbc-type="CHAR" />
  </field>
  <field name="enabled">
  <column name="enabled" />
  </field>
  <field name="userInfo" persistence-modifier="persistent"
  default-fetch-group="true" dependent="true">
  <extension vendor-name="jpox"
  key="implementation-classes"
  value="edu.ucsc.whisper.core.DefaultUserInfo" />
  <extension vendor-name="kodo"
  key="type"
  value="edu.ucsc.whisper.core.DefaultUserInfo" />
  </field>
  <field name="authorities" persistence-modifier="persistent"
  table="user_authorities"
  default-fetch-group="true">
  <collection
  element-type="edu.ucsc.whisper.core.DefaultAuthority" />
  <join column="userId" delete-action="cascade"/>
  <element column="authorityId" delete-action="cascade"/>
  </field>
  <field name="organizations" persistence-modifier="persistent"
  table="user_organizations" mapped-by="user"
  default-fetch-group="true" dependent="true">
  <collection
  element-type="edu.ucsc.whisper.core.DefaultOrganization"
  dependent-element="true"/>
  <join column="userId"/>
  <!--<element column="organizationId"/>-->
  </field>
  </class>
  </package>
  </jdo>
  --- DefaultUser.jdoquery ---------------------------------------------
  <?xml version="1.0"?>
  <!DOCTYPE jdo PUBLIC
  "-//Sun Microsystems, Inc.//DTD Java Data Objects Metadata 2.0//EN"
  "http://java.sun.com/dtd/jdo_2_0.dtd">
  <jdo>
  <package name="edu.ucsc.whisper.core">
  <class name="DefaultUser">
  <query name="UserByUsername"
  language="javax.jdo.query.JDOQL"><![CDATA[
  SELECT UNIQUE FROM edu.ucsc.whisper.core.DefaultUser
  WHERE username==searchName
  PARAMETERS java.lang.String searchName
  ]]></query>
  <query name="DisabledUsers"
  language="javax.jdo.query.JDOQL"><![CDATA[
  SELECT FROM edu.ucsc.whisper.core.DefaultUser WHERE
  enabled==false
  ]]></query>
  <query name="EnabledUsers"
  language="javax.jdo.query.JDOQL"><![CDATA[
  SELECT FROM edu.ucsc.whisper.core.DefaultUser WHERE
  enabled==true
  ]]></query>
  <query name="CountUsers"
  language="javax.jdo.query.JDOQL"><![CDATA[
  SELECT count( this ) FROM edu.ucsc.whisper.core.DefaultUser
  ]]></query>
  </class>
  </package>
  </jdo>

  I'm sorry, I have no idea. I suggest sending a test case that
  reproduces the problem to support.

• The processing of Group Policy failed because of lack of network connectivity to a domain controller

  We are setting up a new AD environment  with one AD/DC running DNS services,  and a secondary DNS server configured with secondary zone. The problem is that none of the machines in the the domain are getting GPO.
  When I run a gpupdate /force from a machine, I get the following output:
  "Updating Policy...
  User Policy update has completed successfully.
  Computer policy could not be updated successfully. The following errors were enc
  ountered:
  The processing of Group Policy failed because of lack of network connectivity to
   a domain controller. This may be a transient condition. A success message would
   be generated once the machine gets connected to the domain controller and Group
   Policy has succesfully processed. If you do not see a success message for sever
  al hours, then contact your administrator.
  To diagnose the failure, review the event log or run GPRESULT /H GPReport.html f
  rom the command line to access information about Group Policy results."
  While the system event log outputs the following:
  "The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy
  has succesfully processed. If you do not see a success message for several hours, then contact your administrator." 
  All the machines that were joined to the domain are able to resolve in forward and reverse lookups, ping the DC and ping each other so  I dont understand how the error can be resolved.
  Here are few things I have tried:
  1. I came across this KB which checked ok for me: http://support.microsoft.com/kb/241515
  2. Made a copy of the default GPO, applied to a OU with one machine, and made sure to remove any GPO links from above
  3. Enabled the following  two local Group policies on a test member:
  GP slow link detection
  Startup policy processing wait time
  4. Modified firewall to allow everything on both member and DC
  5. Verified DSN logs, SRV records, access to sysvol ( added authenticated users to sysvol)
  I have yet to figure out the reason for this issue. Has anyone seen anything like this before?

  1. I checked the NIC, it only has one IP. and I followed your article. I set the primary DNS to its own IP and the secondary DNS to the loopback ip
  2. This is a new DC and DNS server. I dont have old records yet. I also check the DNS event logs. No errors
  3. I made sure the member server is pointing only to the only DC/DNS server
  4. Here is the output from the dcdiag....  everything passed except, the Netlogons part. I'm not sure what means or how to fix it yet:
        Starting test: NetLogons
           * Warning BUILTIN\Administrators did not have the "Access this
           computer
           "*   from network" right.
           [hostname] An net use or LsaPolicy operation failed with error
           1, Incorrect function..
           ......................... hostname failed test NetLogons
  Complete output:
  > hostname
  Server:  hostname.domain.local
  Address:  X.X.X.95
  > ^C
  C:\Windows\system32>
  C:\Windows\system32>nslookup
  > set type=all
  >
  >
  >
  > _ldap._tcp.dc._msdcs.domainname
  _ldap._tcp.dc._msdcs.domain.local SRV service location:
            priority       = 0
            weight         = 100
            port           = 389
            svr hostname   = hostname.domain.local
  hostname.domain.local      internet address = X.X.X.95
  > ^C
  C:\Windows\system32>cd ..
  C:\Windows>cd SYSVOL
  C:\Windows\SYSVOL>cd sysvol
  C:\Windows\SYSVOL\sysvol>dir
   Volume in drive C has no label.
   Volume Serial Number is F624-CDB2
   Directory of C:\Windows\SYSVOL\sysvol
  10/29/2014  08:25 PM    <DIR>          .
  10/29/2014  08:25 PM    <DIR>          ..
  10/29/2014  08:25 PM    <JUNCTION>     domain.local [C:\Windows\SYSVOL\domain]
                 0 File(s)              0 bytes
                 3 Dir(s)  63,971,037,184 bytes free
  C:\Windows\SYSVOL\sysvol>dcdiag
  Directory Server Diagnosis
  Performing initial setup:
     Trying to find home server...
     Home Server = hostname
     * Identified AD Forest.
     Done gathering initial info.
  Doing initial required tests
     Testing server: Default-First-Site-Name\hostname
        Starting test: Connectivity
           ......................... hostname passed test Connectivity
  Doing primary tests
     Testing server: Default-First-Site-Name\hostname
        Starting test: Advertising
           ......................... hostname passed test Advertising
        Starting test: FrsEvent
           ......................... hostname passed test FrsEvent
        Starting test: DFSREvent
           ......................... hostname passed test DFSREvent
        Starting test: SysVolCheck
           ......................... hostname passed test SysVolCheck
        Starting test: KccEvent
           ......................... hostname passed test KccEvent
        Starting test: KnowsOfRoleHolders
           ......................... hostname passed test
           KnowsOfRoleHolders
        Starting test: MachineAccount
           ......................... hostname passed test MachineAccount
        Starting test: NCSecDesc
           ......................... hostname passed test NCSecDesc
        Starting test: NetLogons
           * Warning BUILTIN\Administrators did not have the "Access this
           computer
           "*   from network" right.
           [hostname] An net use or LsaPolicy operation failed with error
           1, Incorrect function..
           ......................... hostname failed test NetLogons
        Starting test: ObjectsReplicated
           ......................... hostname passed test
           ObjectsReplicated
        Starting test: Replications
           ......................... hostname passed test Replications
        Starting test: RidManager
           ......................... hostname passed test RidManager
        Starting test: Services
           ......................... hostname passed test Services
        Starting test: SystemLog
           A warning event occurred.  EventID: 0x000003F6
              Time Generated: 03/04/2015   18:23:06
              Event String:
              Name resolution for the name ctldl.windowsupdate.com timed out after
   none of the configured DNS servers responded.
           ......................... hostname passed test SystemLog
        Starting test: VerifyReferences
           ......................... hostname passed test VerifyReferences
     Running partition tests on : ForestDnsZones
        Starting test: CheckSDRefDom
           ......................... ForestDnsZones passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... ForestDnsZones passed test
           CrossRefValidation
     Running partition tests on : DomainDnsZones
        Starting test: CheckSDRefDom
           ......................... DomainDnsZones passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... DomainDnsZones passed test
           CrossRefValidation
     Running partition tests on : Schema
        Starting test: CheckSDRefDom
           ......................... Schema passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... Schema passed test CrossRefValidation
     Running partition tests on : Configuration
        Starting test: CheckSDRefDom
           ......................... Configuration passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... Configuration passed test CrossRefValidation
     Running partition tests on : emcdsm
        Starting test: CheckSDRefDom
           ......................... emcdsm passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... emcdsm passed test CrossRefValidation
     Running enterprise tests on : domain.local
        Starting test: LocatorCheck
           ......................... domain.local passed test LocatorCheck
        Starting test: Intersite
           ......................... domain.local passed test Intersite
  C:\Windows\SYSVOL\sysvol>

• Log In Failed - Enter New Password

  Hi Guys,
  I've been using TB for a while now, along with the several email accounts, including: Hotmail, Outlook, Mail.com & to a lesser degree Supanet !?
  Every now and then, when trying to Send, I get the message "Log In Failed - Enter New Password". I usually just click the red cross a couple of times, & it goes away. I never need to input a new password,,,,
  but, today its one of the Mail.com accounts. I've been on their own site and sent the message. There isn't a problem with Mail.com, or my settings.
  As usual, it worked fine until today.
  I tried inputting the current p.w and creating a new one, but to no avail.
  How do I fix this please ?
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  I'm glad to see that the 'colouration' problem was fixed.

  Thanks for your help so far.
  I ''think'' this particular problem is fixed, but as it happens quite often, I have included the details that you asked for, in the hope that you can help me to either clean it up, or see any anomalies.
  Mail and News Accounts
  ID Incoming server Outgoing servers
  Name Connection security Authentication method Name Connection security Authentication method Default?
  account2 (none) Local Folders plain passwordCleartext
  account3 (pop3) pop3.live.com:995 SSL passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account4 (pop3) pop3.live.com:995 SSL passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account5 (pop3) pop.mail.com:110 alwaysSTARTTLS passwordCleartext smtp.mail.com:587 alwaysSTARTTLS passwordCleartext true
  account6 (pop3) pop.supanet.com:110 plain passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account7 (pop3) pop3.supanet.com:110 plain passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account8 (pop3) pop.supanet.com:110 plain passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account9 (pop3) pop.supanet.com:110 plain passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account10 (pop3) pop3.live.com:995 SSL passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account11 (pop3) pop3.live.com:995 SSL passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account12 (imap) imap.googlemail.com:993 SSL passwordCleartext smtp.googlemail.com:465 SSL passwordCleartext true
  smtp.googlemail.com:465 SSL passwordCleartext false
  account13 (pop3) pop.supanet.com:110 plain passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account14 (pop3) pop.supanet.com:110 plain passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account15 (pop3) pop.supanet.com:110 plain passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account16 (pop3) pop.supanet.com:110 plain passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account17 (pop3) pop.mail.com:110 plain passwordCleartext smtp.mail.com:25 alwaysSTARTTLS passwordCleartext true
  account18 (pop3) pop.mail.com:995 SSL passwordCleartext smtp.mail.com:465 SSL passwordCleartext true
  account19 (pop3) pop.mail.com:995 SSL passwordCleartext smtp.mail.com:465 SSL passwordCleartext true
  account20 (pop3) pop3.live.com:995 SSL passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account21 (pop3) pop3.live.com:995 SSL passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account22 (pop3) pop3.live.com:995 SSL passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account23 (pop3) pop3.live.com:995 SSL passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account24 (pop3) pop3.live.com:995 SSL passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account25 (rss) Feeds plain passwordCleartext
  account26 (pop3) pop3.live.com:995 SSL passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account27 (pop3) pop3.live.com:995 SSL passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account28 (pop3) pop3.live.com:995 SSL passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  account29 (pop3) pop3.live.com:995 SSL passwordCleartext smtp.live.com:587 alwaysSTARTTLS passwordCleartext true
  Extensions
  Name Version Enabled ID
  Folderpane Tools 0.6.1 true {b243fe83-b8a7-47de-855d-21d865243d5d}
  British English Dictionary 1.19.1 false [email protected]
  Important Modified Preferences
  Name Value
  browser.cache.disk.capacity 358400
  browser.cache.disk.smart_size.first_run false
  browser.cache.disk.smart_size.use_old_max false
  browser.cache.disk.smart_size_cached_value 358400
  browser.display.foreground_color #3333FF
  browser.zoom.full true
  extensions.lastAppVersion 24.6.0
  font.name.monospace.el Consolas
  font.name.monospace.tr Consolas
  font.name.monospace.x-baltic Consolas
  font.name.monospace.x-central-euro Consolas
  font.name.monospace.x-cyrillic Consolas
  font.name.monospace.x-unicode Consolas
  font.name.monospace.x-western Consolas
  font.name.sans-serif.el Calibri
  font.name.sans-serif.tr Calibri
  font.name.sans-serif.x-baltic Calibri
  font.name.sans-serif.x-central-euro Calibri
  font.name.sans-serif.x-cyrillic Calibri
  font.name.sans-serif.x-unicode Calibri
  font.name.sans-serif.x-western Times New Roman
  font.name.serif.el Cambria
  font.name.serif.tr Cambria
  font.name.serif.x-baltic Cambria
  font.name.serif.x-central-euro Cambria
  font.name.serif.x-cyrillic Cambria
  font.name.serif.x-unicode Cambria
  font.name.serif.x-western Cambria
  font.size.fixed.el 14
  font.size.fixed.tr 14
  font.size.fixed.x-baltic 14
  font.size.fixed.x-central-euro 14
  font.size.fixed.x-cyrillic 14
  font.size.fixed.x-unicode 14
  font.size.fixed.x-western 14
  font.size.variable.el 17
  font.size.variable.tr 17
  font.size.variable.x-baltic 17
  font.size.variable.x-central-euro 17
  font.size.variable.x-cyrillic 17
  font.size.variable.x-unicode 17
  font.size.variable.x-western 17
  mail.openMessageBehavior.version 1
  mail.winsearch.firstRunDone true
  mailnews.database.global.datastore.id 8847ee7d-245d-42d0-8681-37221dcd524
  network.cookie.prefsMigrated true
  places.database.lastMaintenance 1401969491
  places.history.expiration.transient_current_max_pages 93904
  places.history.expiration.transient_optimal_database_size 150247342
  plugin.importedState true
  Graphics
  Adapter Description NVIDIA GeForce GT 440
  Vendor ID 0x10de
  Device ID 0x0de0
  Adapter RAM 1024
  Adapter Drivers nvd3dum nvwgf2um,nvwgf2um
  Driver Version 9.18.13.2049
  Driver Date 6-21-2013
  Direct2D Enabled false
  DirectWrite Enabled false (6.2.9200.16571)
  ClearType Parameters Gamma: 2200 Pixel Structure: BGR ClearType Level: 50 Enhanced Contrast: 100
  WebGL Renderer false
  GPU Accelerated Windows 0
  AzureCanvasBackend skia
  AzureFallbackCanvasBackend cairo
  AzureContentBackend None
  JavaScript
  Incremental GC 1
  Accessibility
  Activated 0
  Prevent Accessibility 0
  Library Versions
  Expected minimum version Version in use
  NSPR 4.10.2 4.10.2
  NSS 3.15.4 Basic ECC 3.15.4 Basic ECC
  NSS Util 3.15.4 3.15.4
  NSS SSL 3.15.4 Basic ECC 3.15.4 Basic ECC
  NSS S/MIME 3.15.4 Basic ECC 3.15.4 Basic ECC