ISE 1.2 patch 6 - All Authentications begin failing after about 20 minutes

Similar Messages

• I can watch all of my old TV shows on iTunes, but the last one I downloaded jammed up after about one minute.  I tried quitting I-tunes and re-starting my computer to no avail.  iTunes won't even let me delete it so I can try downloading it again.

  I can watch all of my old TV shows on iTunes, but the last one I downloaded jammed up after about one minute.  I tried quitting I-tunes and re-starting my computer to no avail.  iTunes won't even let me delete it so I can try downloading it again. But it will let me delete other episodes.

  This forum is for questions from those managing sites on iTunes U, Apple's service for colleges and universities to post educational material in the iTunes Store. You'll be most likely to get help with this issue if you ask in the general iTunes for Mac forum.
  Regards.

• MMacBook Pro (13-inch, Mid 2010) switches on but internal display remains off/black .There is no start-up sound and the fan starts off normal but after about Five minutes begins to run even faster

  Hi ,
  My MacBook Pro (13-inch, Mid 2010) switches on but internal display remains off/black .There is no start-up sound and the fan starts off normal but after about Five minutes begins to run even faster as if the machine is running a heavy load.It displayed a question mark some time back then a friend borrwed it ,he flashed the system and put windows 7.Then a few days pasted and now it wont display as stated.I have tried to Reset SMC and the Command + P + R + Power but still no response.Please assist?
  Regrads Josh

  I think your "friend" caused a problem (or two).
  I do not know what "flashed the system" means......
  Based on what was done, I would probably erase the HD and restore the system from a backup before the software changes were made.
  Barry

• Ntlm authenticated apps fails after 3.1.1 upgrade

  I upgraded my apex instance to 3.1.1 on Friday without any issues. I can log into application builder without any problems and the version 3.1.1.00.09.
  Everything in app builder works as expected. However, when I try to run my NTLM authenticated application, I get errors and the page fails to load.
  Furthermore, this only happens on my 11g database.
  The exact same app, using the same NTLM authentication works just fine on 10g.
  The Apache errors log states:
  mod_plsql: /pls/apex/f HTTP-404 ORA-03113: end-of-file on communication channel\n
  mod_plsql: Unable to reset state for mode 0: Err 3114 url=>/pls/apex/f           I have PlsqlErrorStyle          DebugStyle set, so the page returns a fair amount of data.
  Wed, 28 May 2008 14:07:17 GMT
  ORA-03113: end-of-file on communication channel
    DAD name: apex
    PROCEDURE  : f
    URL        : http://ecydblcyorwqt03.ecy.wa.lcl:80/pls/apex/f?p=127:51:339228564056494:::::
    PARAMETERS :
    ===========
    p:
     127:51:339228564056494:::::
    ENVIRONMENT:
    ============
      PLSQL_GATEWAY=WebDb
      GATEWAY_IVERSION=2
      SERVER_SOFTWARE=Oracle-Application-Server-10g/10.1.3.1.0 Oracle-HTTP-Server
      GATEWAY_INTERFACE=CGI/1.1
      SERVER_PORT=80
      SERVER_NAME=ecydblcyorwqt03.ecy.wa.lcl
      REQUEST_METHOD=GET
      QUERY_STRING=p=127:51:339228564056494:::::
      PATH_INFO=/f
      SCRIPT_NAME=/pls/apex
      REMOTE_HOST=
      REMOTE_ADDR=165.151.57.100
      SERVER_PROTOCOL=HTTP/1.1
      REQUEST_PROTOCOL=HTTP
      REMOTE_USER=ECY\taus461
      ORACLE_SSO_USER=
      OSSO_IDLE_TIMEOUT_EXCEEDED=
      OSSO_USER_GUID=
      HTTP_CONTENT_LENGTH=
      HTTP_CONTENT_TYPE=
      HTTP_USER_AGENT=Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14
      HTTP_HOST=ecydblcyorwqt03
      HTTP_ACCEPT=text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
      HTTP_ACCEPT_ENCODING=gzip,deflate
      HTTP_ACCEPT_LANGUAGE=en-us,en;q=0.5
      HTTP_ACCEPT_CHARSET=ISO-8859-1,utf-8;q=0.7,*;q=0.7
      HTTP_COOKIE=WEBWPLCS_USER=TAUS461; WEBWPLCS_LAST=04.29.2008 11:41:38; ORA_WWV_R1=%23ALL; ORA_WWV_R2=%23ALL; ORA_WWV_R3=%23ALL; ORA_WWV_REMEMBER_UN=ADMIN:webwplcs; ORACLE_PLATFORM_REMEMBER_UN=ADMIN:webwplcs; ORA_WWV_USER=3B1A5D9EA835D646; WWV_CUSTOM-F_1021906798187125_122=9F806B35C3D9AF51
      HTTP_IF_MODIFIED_SINCE=
      HTTP_REFERER=http://ecydblcyorwqt03/pls/apex/f?p=4000:4150:339228564056494::NO:::
      HTTP_SOAPACTION=
      HTTP_ORACLE_ECID=1211983633:165.151.5.125:6156:6252:488,0
      HTTP_ORACLE_CACHE_VERSION=
      HTTP_AUTHORIZATION=NTLM  xyz
      WEB_AUTHENT_PREFIX=
      DAD_NAME=apex
      DOC_ACCESS_PATH=docs
      DOCUMENT_TABLE=wwv_flow_file_objects$
      PATH_ALIAS=
      REQUEST_CHARSET=AL32UTF8
      REQUEST_IANA_CHARSET=UTF-8
      SCRIPT_PREFIX=/pls
      HTTP_IF_MATCH=
      HTTP_CACHE_CONTROL=
      SOAP_BODY=
      HTTP_X_ORACLE_DEVICE_CLASS=
      HTTP_X_ORACLE_DEVICE_ORIENTATION=
      HTTP_X_ORACLE_DEVICE_MAXDOCSIZE=
      HTTP_X_ORACLE_DEVICE=
      HTTP_X_ORACLE_ORIG_ACCEPT=
      HTTP_X_ORACLE_ORIG_USER_AGENT=
      HTTP_X_ORACLE_USER_LOCALE=
      HTTP_X_ORACLE_USER_NAME=
      HTTP_X_ORACLE_USER_DISPLAYNAME=
      HTTP_X_ORACLE_USER_USERKIND=
      HTTP_X_ORACLE_USER_AUTHKIND=
      HTTP_X_ORACLE_USER_DEVICEID=
      HTTP_X_ORACLE_USER_LOCATION_ADDRESSLINE1=
      HTTP_X_ORACLE_USER_LOCATION_ADDRESSLINE2=
      HTTP_X_ORACLE_USER_LOCATION_ADDRESSLASTLINE=
      HTTP_X_ORACLE_USER_LOCATION_BLOCK=
      HTTP_X_ORACLE_USER_LOCATION_CITY=
      HTTP_X_ORACLE_USER_LOCATION_COMPANYNAME=
      HTTP_X_ORACLE_USER_LOCATION_COUNTY=
      HTTP_X_ORACLE_USER_LOCATION_STATE=
      HTTP_X_ORACLE_USER_LOCATION_POSTALCODE=
      HTTP_X_ORACLE_USER_LOCATION_POSTALCODEEXT=
      HTTP_X_ORACLE_USER_LOCATION_COUNTRY=
      HTTP_X_ORACLE_USER_LOCATION_TYPE=
      HTTP_X_ORACLE_USER_LOCATION_X=
      HTTP_X_ORACLE_USER_LOCATION_Y=
      HTTP_X_ORACLE_SERVICE_HOME_URL=
      HTTP_X_ORACLE_SERVICE_PARENT_URL=
      HTTP_X_ORACLE_HOME_URL=
      HTTP_X_ORACLE_MODULE_CALLBACK_URL=
      HTTP_X_ORACLE_MODULE_CALLBACK_LABEL=
      HTTP_X_ORACLE_CACHE_USER=
      HTTP_X_ORACLE_CACHE_SUBID=
      HTTP_X_ORACLE_CACHE_AUTH=
      HTTP_X_ORACLE_CACHE_DEVICE=
      HTTP_X_ORACLE_CACHE_LANG=
      HTTP_X_ORACLE_CACHE_ENCRYPT=
      HTTP_X_ORACLE_ASSERT_USER=There are no invalid objects in the FLOWS schema and the page sentry function I use for NTLM is also valid.
  There isn't a database connection issue since both builder and SQL Plus works.
  Here is my NTLM Page Sentry which is a slightly modified version of the GreenIT version
  CREATE OR REPLACE FUNCTION modNtlmPageSentry(pApexUser IN VARCHAR2 DEFAULT 'APEX_PUBLIC_USER')
  RETURN BOOLEAN
  IS
    vAuthenticatedUsername  VARCHAR2(512);
    vCurrentSessionId       NUMBER;
    l_cnt binary_integer :=0;
  BEGIN
    -- Get Authenticated User.
    vAuthenticatedUsername := UPPER(owa_util.get_cgi_env('REMOTE_USER'));
    vAuthenticatedUsername := substr(vAuthenticatedUsername,instr(vAuthenticatedUsername,'\')+1);
    if to_char(v('APP_ID')) = '127' -- WebWPLCS
    then
         apex_util.set_session_state('P18_USERNAME',vAuthenticatedUsername);
    elsif to_char(v('APP_ID')) = '124' --TMS
    then
    -- check to see if they are a listed TMS manager or overall admin
        select sum(cnt) into l_cnt
        from (
             select count(0) cnt
             from tms_managers
             where username=vAuthenticatedUsername
             union
             select count(0) cnt
             from tms_admin
             where username=vAuthenticatedUsername
             union
             select count(0) cnt
             from web_admin
             where username=vAuthenticatedUsername
        if l_cnt < 1
        then
       return FALSE;
        end if;
    end if;
    -- Check to ensure that we are running as the correct database user.
    IF USER ^= UPPER(pApexUser) THEN
      RETURN FALSE;
    END IF;
    IF vAuthenticatedUsername IS NULL THEN
      RETURN FALSE;
    END IF;
    -- Get SessionId.
    vCurrentSessionId := wwv_flow_custom_auth_std.get_session_id_from_cookie;
    -- Check Application Session Cookie.
    IF wwv_flow_custom_auth_std.is_session_valid THEN
      apex_application.g_instance := vCurrentSessionId;
      -- Check Authenticated User --> Username from wwv_flow_session$ for
      --   current Session.
      IF vAuthenticatedUsername = wwv_flow_custom_auth_std.get_username THEN
        wwv_flow_custom_auth.define_user_session(p_user => vAuthenticatedUsername,
          p_session_id => vCurrentSessionId);
        RETURN TRUE;
      ELSE
        -- Unset the Session Cookie and redirect back here to take other branch.
        wwv_flow_custom_auth_std.logout(p_this_flow => v('FLOW_ID'),
          p_next_flow_page_sess => v('FLOW_ID') || ':' || NVL(v('FLOW_PAGE_ID'), 0)
          || ':' || vCurrentSessionId);
        -- Tell Apex Engine to quit.
        apex_application.g_unrecoverable_error := TRUE;
        RETURN FALSE;
      END IF;
    ELSE
      -- Application Session Cookie not valid --> Define a new Apex Session.
      wwv_flow_custom_auth.define_user_session(p_user => vAuthenticatedUsername,
        p_session_id => wwv_flow_custom_auth.get_next_session_id);
      -- Tell Apex Engine to quit.
      apex_application.g_unrecoverable_error := TRUE;
      IF owa_util.get_cgi_env('REQUEST_METHOD') = 'GET'  THEN
        wwv_flow_custom_auth.remember_deep_link(p_url => 'f?' ||
          wwv_flow_utilities.url_decode2(owa_util.get_cgi_env('QUERY_STRING')));
      ELSE
        wwv_flow_custom_auth.remember_deep_link(p_url => 'f?p=' ||
          TO_CHAR(apex_application.g_flow_id) || ':' ||
          TO_CHAR(NVL(apex_application.g_flow_step_id, 0)) || ':' ||
          TO_CHAR(apex_application.g_instance));
      END IF;
      -- Register the Session in Apex Sessions Table, set Cookie, redirect back.
      wwv_flow_custom_auth_std.post_login(p_uname => vAuthenticatedUsername,
        p_session_id => nv('APP_SESSION'), p_flow_page => apex_application.g_flow_id
        || ':' || NVL(apex_application.g_flow_step_id, 0));
      RETURN FALSE;       
    END IF;   
  END modNtlmPageSentry;Does anyone have any ideas on where to look next?
  Regards, Tony
  <b>Update</b>
  For kicks, I added the page sentry function to the list in the <b>wwv_flow_epg_include_mod_local</b> function.
  I bounced both the HTTP Server and the database.
  None of these actions solved the problem.

  Joel -
  The alert log states that there is a 7445 error now from Apache
  host_id='ECYDBLCYORWQT01' host_addr='165.151.5.123' module='Apache.exe'
  pid='416'>
  <txt>Exception [type: ACCESS_VIOLATION, UNABLE_TO_READ] [ADDR:0x0] [PC:0x69A2AB3, _pfrinstr_BRNCCOND()+39]
  msg_id='1422874948' type='INCIDENT_ERROR' group='Access Violation'
  level='1' host_id='ECYDBLCYORWQT01' host_addr='165.151.5.123'
  prob_key='ORA 7445 [pfrinstr_BRNCCOND()+39]' upstream_comp='' downstream_comp=''
  ecid='' errid='12252' ORA-07445: exception encountered: core dump [pfrinstr_BRNCCOND()+39] [ACCESS_VIOLATION] [ADDR:0x0] [PC:0x69A2AB3] [UNABLE_TO_READ] []The trace file just states the same 7445 error:
  ORA-07445: exception encountered: core dump [pfrinstr_BRNCCOND()+39] [ACCESS_VIOLATION] [ADDR:0x0] [PC:0x69A2AB3] [UNABLE_TO_READ] []The incident trace file states that the current SQL was:
  ----- Current SQL Statement for this session (sql_id=bng4udk9mvtsh) -----
  declare function x return boolean is begin
  return mergedwplcs.modNtlmPageSentry; return false; end;
  begin
  wwv_flow.g_boolean := x; end;
  ----- PL/SQL Stack -----
  ----- PL/SQL Call Stack -----
    object      line  object
    handle    number  name
  2B6ACD34      1020  package body FLOWS_030100.WWV_FLOW_CUSTOM_AUTH_STD
  2B6ACD34       662  package body FLOWS_030100.WWV_FLOW_CUSTOM_AUTH_STD
  2B6BB44C        59  function MERGEDWPLCS.MODNTLMPAGESENTRY
  2B6BBD1C         2  anonymous block
  2B6BBD1C         4  anonymous block
  2B6BC674      1815  package body SYS.DBMS_SYS_SQL
  2B6BD29C       296  package body SYS.WWV_DBMS_SQL
  2B70B5D0      1352  package body FLOWS_030100.WWV_FLOW_SECURITY
  2B70B5D0      1158  package body FLOWS_030100.WWV_FLOW_SECURITY
  2B71BA2C      8847  package body FLOWS_030100.WWV_FLOW
  2B72FB04       255  procedure FLOWS_030100.F
  2B7E4F1C        31  anonymous blockWhich makes sense given that I was trying to log into the application. All of these functions and packages are valid.

• CSS: "authentic​ation failed" after successful fingerprin​t authentica​tion - twice!

  T61p
  CSS: 8.10.0006.00
  Vista 32 Ult
  After successful fingerprint login, CSS states that the Windows password had been changed (it hasn't) and then asked me to verify that the CSS password matched my Windows password; this failes, even though the password entered is correct. This dialog pops up until it is cancelled.
  I've also lost the ability to use my fingerprint reader to login to websites, it says that
   - the print is okay, with that green checkmark, but then
   - proceeds to say "authentication failed"
  The password manager does not show up any more if started.
  @ lenovo: any ideas, this is a very annoying one! And it is old, I think. Any ideas, before I go and buy
      an  Apple?
  Moderator Note; please update your profile with your correct country location as per the forum rules. Products, options and services vary from market to market. Knowing your location helps us help you
  Message Edited by andyP on 06-21-2008 09:54 PM

  I have the same issue here.
  The fingerprint software is working perfectly and it is properly linked with the Windows password so I can logon with no problems. However, right after I get the message the password has been changed when it hasn't.
  The issues start when I need to use the Thinkvantage Password Manager or any other CCS applications. It does recognize my finger but it says "authentication failed".
  I have emailed Lenovo and they recommended me to removed the CCS and the fingerprint software. I did it and it didn't work. Then they said I should take my laptop to a service center because it is no longer in warantee period.
  In my case, all these issues began when I updated the CCS to the newer version (8.2)
  I have read in other forums that it has to do with TPM or security chip encryption. It seems the CCS has not taken control over it. They state all will be fixed once the chip is clear which is done thru the BIOS>Security Chip>Clear Encryption. The big problem is that all encrypted data is erased in the process!!!
  I have used the password manager for so long now with no problems that I have forgotten most of the keywords.
  T60
  Vista Ultimate 32 bits
  CCS 8.2

• 802.1x Authentication has Failed after snow leopard upgrade

  Hello Apple Community,
  I have a mid 2009 MacBook 4 GB of RAM on INTEL CORE DUO 2.
  I upgraded my OS X to 10.6 from 10.5.8 and after completing the upgrade I have not been able to use my Airport. Can anyone help me get this problem fix?
  Paul

  what is it saying? is there an error?
  Maybe take a look at
  http://www.esecurityplanet.com/views/article.php/3899996/How-to-Use-Enterprise-W iFi-Encryption-and-8021X-in-Mac-OS-X.htm

• My ipod touch turns off and on all the time i cant charge it because after about 2 minutes it turns off PLEASE HELP!

  MY Ipod touch frequently turns on and off please help!!!

  Try connecting the iPod to its syncing computer and restoring the iPod.
  If you can't restore, see if resetting the iPod will allow a restore:
  Reset iPod touch:  Press and hold the On/Off Sleep/Wake button and the Home
  button at the same time for at least ten seconds, until the Apple logo appears.
  If that was unsuccessfulm see if placing the iPod in recovery mode will allow a restore.  For recovery mode see:
  iPhone and iPod touch: Unable to update or restore

• All Folders Un-Nested After Enabling/Disabling Restrictions

  I have a new iPhone 6 Plus (128gb).  Today, I enabled restrictions in order to see what type of settings are available. After about 2 minutes, I disabled "restrictions" and then went to take a shower. When I was done, I unlocked my iPhone and immediately noticed that all of my app icons were spread across multiple pages - in other words, all of my folders became undone and now all apps were individually spread out!  I'm running iOS 8.1.2

  Yes, all the data since you made the latest backup will be set back as well.
  You can also reorganize your folders in the app pane in iTunes and sync after that.

• ISE 1.2 Patch 12

  Hi all,
  I upgraded from ISE 1.2 patch 6 to 1.2 patch 12 to fix an ISE portal bug over the weekend.
  None of my Guest Wireless users are complaining, authentication is working fine. But the below error is appearing for every Guest user session under ISE/Operations/Live Authentications.
  "5441 Endpoint started new session while the packet of previous session is being processed. Dropping new session"
  Is anyone aware of a bug possibly and I guess you need to upgrade to 1.3.x
  I would've thought Cisco would bring out a fix for this in 1.2.x....maybe patch 13 (new bug?)
  Any info out there about 5441 before I log a TAC?????
  Thanks.

  Any updates? I am not so sure it is cosmetic. I have clients failing to make it through the flow. I am seeing the following on these clients requests:
  It would appear that because the accounting data doesn't get back it, there is confusion that the session doesn't exist and the auth fails.
  Event
  5400 Authentication failed
  Failure Reason
  12953 Received EAP packet from the middle of conversation that contains a session on this PSN that does not exist
  Resolution
  Verify known NAD issues and published bugs. Verify NAD configuration. Turn debug log on DEBUG level to troubleshoot the problem.
  Root cause
  Session was not found on this PSN. Possible unexpected NAD behavior. Session belongs to this PSN according to hostname but may has already been reaped by timeout. This packet arrived too late.

• Cisco ISE 1.2 Patch 6 -- 8 Update failed

  Hi all,
  I wanted to know if any bugs was registered for the cumulative patch 8 for Cisco ISE 1.2 and how to mitigate any patch failures.
  Important notice : I though that this error could be an unlucky try but i've tested the update two time.
  Indeed, i have three deployment : A Pre-production one, a 4 nodes distributed and a 2 nodes distributed.
  The patch works fine on the pre-production one, on the 2 nodes too but fails on the 4 nodes one with a very anormal behaviour.
  On the "show nodes status" in Maintenance - Patch manage, i can see that my both PAN are successfully patched and the first PSN too but when the "Patch in progress" appears on the second PSN, the "installed" status is cancelled in the first PSN and become "Patch in progress" so i've two "Patch in progress" in parallel, that is an anormal procedure not discribed by Cisco on the document "Installing a software Patch". (wich discribe a sequential update of all nodes)
  The symptoms after this error are :
  - Unable to process EAP-TLS authentications ! (CA are stored on the First PAN and seems to be unavailable from PSN to exchange the handshake)
  - The Application server try to restart but fails indefinitly even if i try to restart the node (on both PSN)
  - GUI Unavailable
  - MAB Auth is working
  - Endpoint and Endpoint Groups menus are missing on the GUI (I push the MAC Address through the ERS API but it is very strange)
  - Logs indicates one first "Patch success" on PAN and a second "Patch failed" still on PAN :(
  The task that resolves this issue is to launch the command "patch remove ise 8" on all nodes and everything come back functional.
  My big interrogation is that on my two other deployment, the patch was successfull and quick to process.
  Thanks for your help.

  This is that i did abviously... but the two PSN stay in status "Node down", the application service won't start correctly with these ADE-OS logs entries :
  2014-05-28T10:26:30.023223+00:00 XXXXXXX  logger: info:[application:operation:appservercontrol.sh] Starting ISE Application Server...
  2014-05-28T10:26:30.311676+00:00 XXXXXXX  logger: Loading PKCS11 ...
  2014-05-28T10:26:30.978432+00:00 XXXXXXX  logger: SLF4J: Class path contains multiple SLF4J bindings.
  2014-05-28T10:26:30.978454+00:00 XXXXXXX  logger: SLF4J: Found binding in [jar:file:/opt/CSCOcpm/appsrv/apache-tomcat-6.0.36/lib/slf4j-log4j12-1.5.8.jar!/org/slf4j/im
  pl/StaticLoggerBinder.class]
  2014-05-28T10:26:30.978502+00:00 XXXXXXX  logger: SLF4J: Found binding in [jar:file:/opt/CSCOcpm/appsrv/apache-tomcat-6.0.36/lib/com.cisco.xmp.osgi.slf4j-log4j12-1.5.
  8.PATCHED.jar!/org/slf4j/impl/StaticLoggerBinder.class]
  2014-05-28T10:26:30.978509+00:00 XXXXXXX  logger: SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.
  2014-05-28T10:26:31.638970+00:00 XXXXXXX  logger: log4j:WARN No appenders could be found for logger (com.cisco.epm.config.cache.impl.ConfigCacheImpl).
  2014-05-28T10:26:31.638992+00:00 XXXXXXX logger: log4j:WARN Please initialize the log4j system properly.

• ISE 1.2 Patch 7 possible guest CWA bug

  Just upgraded an ISE implementation to patch 7 and discovered that the patch broke the CWA guest portal on wireless. I haven't tested wired CWA but wireless is busted.
  In summary the redirection works fine but when you enter valid guest credentials nothing happens including no logs on ISE. If you enter credentials that don't exist in the guest group you get a failed authentication and the corresponding log. As soon as I rolled back to patch 6 everything worked again.
  If any TAC engineers see this feel free to pursue it - I would log a case but the kit is NFR and I can't be bothered going through the process of logging a job on NFR kit.

  Hi,
  I'm experiencing similar issues with patch 7. I am actually using a custom portal, which was working fine in patch 4 - after upgrading to patch 7 to fix a Web Posture bug, the portal would randomly push out pages from the Default Portal (I.E. Device Registration when I had no self provisioning flow enabled). Now, I am getting the error in the attachment after the user accepts the AUP.
  The standard portal is working fine, except for a bug with the "Require Users to change password at login" option. When users try to change their password at first login, the portal errors out and I get an error in the Authentication Logs. However, the password is changed successfully. This issue is apparent since installing patch 7.

• ISE 1.2 Patch 8

  Our ISE Deployment for wireless only is operating on 1.2.0.899 Patch 3.  We are looking to upgrade to Patch 8.  We plan on testing in a Dev envioronment first, but I was curious what others experience had been with stability in Patch 8?

  So far I have not had serious issues with patch 8 versus previous patches which caused me bother in certain areas. I think with all ISE patches you need to read the release notes and read the caveats to see what issues may or may not affect you. If you are on a production system I would also make sure you have your rollback option in place aswell. For what it is worth I am always keen to stay on the most recent patch of ISE due to patches generally fixing more than they break. Just make sure you run through your original system test plans and user test plans and all should be well.

• ISE 1.2 patch 4 not retrieving groups

  Since the update to ISE 1.2 patch 4 it isn't possible anymore to retrieve groups or attributes from the active directory. It keeps loading.
  Anyone else experiencing this issue?           
  Regards,
  Mathieu

  The issue you are referring to is documented in the following CDETS:
  CSCul84544: Retrieval of AD groups or attributes is failing
  This is not yet resolved. May be resolved in a future patch
  The workaround given in the CDETS is
  Fix the DNS server so that the reverse DNS lookup matches
  I believe there are other steps that can be taken to mitigate this but would need intervention from TAC

• User having all authentication but unable to login in planning why  ?

  user having all authentication but unable to login why in planning ?

  You might need to give some more details.
  For example, what kind of provisioning in shared services, under what groups if any, what kind of dimension level access in planning etc?

• Reporting Services through ISA server for All Authenticated Users

  Hello colleagues.
  I have MS SQL 2012 server with Reporting Services and it work via link:
  https://reports2.domain.com/reports
  In LAN all work fine, but I want publish this resource via ISA for All Authenticated Users.
  When in publish rule I configure (in Condition) "All users" - all work fine, but when I configure "All Authenticated Users" - I have trouble on web form on
  https://reports2.domain.com/reports/Pages/Report.aspx?ItemPat...  - scripts not work, because it run how "anonymous" (I see on ISA logging) and ISA block scripts.
  I can't use "All Users", because it's not secure.
  Maybe somebody publish Reporting Services through ISA server for All Authenticated Users?
  OR maybe - how on Reporting Services configure Negotiate authenticated for scripts?

  Hi Alexander,
  All users or applications who request access to report server content or operations must be authenticated using the authentication type configured on the report server before access is allowed. The AuthenticationType named RSWindowsNegotiate is supported
  by Reporting Services. To configure Windows Authentication on the Report Server, please see:
  http://msdn.microsoft.com/en-us/library/cc281253(v=sql.110).aspx
  Besides, we can publish report server via ISA server. Please note that you should use a new web port number with a new listener which shouldn’t be used by other web site for report server. Reference:
  http://social.technet.microsoft.com/Forums/forefront/en-US/1cc68996-1ce6-4d88-a30d-2bfd13fba06e/how-to-publish-ssrs-2008-through-isa-2006?forum=Forefrontedgegeneral
  Hope this helps.
  Thanks,
  Katherine Xiong
  Katherine Xiong
  TechNet Community Support
  Katherine thanks for answer.
  Report Server service started as Domain account.
  I have in RSReportServer.config this:
  <Authentication>
  <AuthenticationTypes>
  <RSWindowsNegotiate />
  </AuthenticationTypes>
  <RSWindowsExtendedProtectionLevel>Allow</RSWindowsExtendedProtectionLevel>
  <RSWindowsExtendedProtectionScenario>Proxy</RSWindowsExtendedProtectionScenario>
  <EnableAuthPersistence>true</EnableAuthPersistence>
  </Authentication>
  In web.config I have this:
  <authentication mode="Windows" />
      <identity impersonate="true" />
  I can go (from Internet through ISA) to
  https://reports2.domain.com/reports  and LogOn Authentication is work, but scripts not work, because it run how "anonymous" (I see this on ISA logging) and ISA block scripts.
  Do you know where in Reporting Services configure run scripts with Negotiate authentication?