ISE windows 8 not authenticating

Similar Messages

• Cisco ISE AD (Windows Server 2013) Authentication Problem

  Background:
  Deployed two Cisco ISE 1.1.3. ISE will be used to authenticate wireless users, admin access to WLC and switches. Backend database is Microsoft AD running on Windows Server 2012. Existing Cisco ACS 4.2 still running and authenticating users. There are two Cisco WLCs version 7.2.111.3.
  Wireless users authenticates to AD through ACS 4.2 works. Admin access to WLC and switches to AD through ISE works. Wireless authentication using PEAP-MSCHAPv2 and admin access wtih PAP/ASCII.
  Problem:
  Wireless users cannot authenticate to AD through ISE. The below is the error message "11051 RADIUS packet contains invalid state attribute" & "24444 Active Directory operation has failed because of an unspecified error in the ISE".
  Conducted a detailed test of AD from ISE. The test was successful and the output seems all right except for the below:
  xxdc01.xx.com (10.21.3.1)
  Pinged:0 Mins Ago
  State:down
  xxdc02.xx.com (10.21.3.2)
  Pinged:0 Mins Ago
  State:down
  xxdc01.xx.com
  Last Success:Thu Jan  1 10:00:00 1970
  Last Failure:Mon Mar 11 11:18:04 2013
  Successes:0
  Failures:11006
  xxdc02.xx.com
  Last Success:Mon Mar 11 09:43:31 2013
  Last Failure:Mon Mar 11 11:18:04 2013
  Successes:25
  Failures:11006
  Domain Controller: xxdc02.xx.com:389
      Domain Controller Type: Unknown DC Functional Level: 5
      Domain Name:            xx.COM
      IsGlobalCatalogReady:   TRUE
      DomainFunctionality:           2 = (DS_BEHAVIOR_WIN2003)
      ForestFunctionality:           2 = (DS_BEHAVIOR_WIN2003)
  Action Taken:
  Log on to Cisco ISE and WLC using AD credentials. This rules out AD connection, clock and AAA shared secret as the problem.
  2)     Tested wireless authentication using EAP-FAST but same problem occurs.
  3)     Detailed error message shows the below. This rules out any authentication and authorization polices. Before even hitting the authentication policy, the AD lookup fails.     
  12304  Extracted EAP-Response containing PEAP challenge-response
  11808  Extracted EAP-Response containing EAP-MSCHAP challenge-response for inner method and accepting EAP-MSCHAP as negotiated
  Evaluating Identity Policy
  15006  Matched Default Rule
  15013  Selected Identity Store - AD1
  24430  Authenticating user against Active Directory
  24444  Active Directory operation has failed because of an unspecified error in the ISE
  4)     Enabled AD debugging logging and had a look at the logging. Nothing significant and no clues to the problem.
  5)     Tested wireless on different laptos and mobile phones with same error
  6)     Delete and add again AAA Client/Devices on both Cisco ISE and WLC
  7)     Restarted ISE services
  8)     Rejoin domain on Cisco ISE
  9)     Checked release notes of ISE 1.1.3 and WLC 7.2.111.3 for any open caveats. Nothing found related to this problem.
  10)    There are two ISE and two WLC deployed. Tested different combination of ISE1 to WLC1, ISE1 to WLC2 etc. This rules out hardware issue of WLC.
  Other possibilities/action:
  1)     Test it out on a different WLC version. Will have to wait outage approval to upgrade WLC software.
  2)     Incompatibility of Cisco ISE and AD running on Microsoft Windows Server 2012
  Anyone out there experienced something similar of have any ideas on why this is happening?
  Thanks.
  Update:
  1) Built another Cisco ISE 1.1.3 sever in another datacentre that uses the same domain but different domain controller. Thais domain controller is running Windows Server 2008. This works and authentication successful.
  2) My colleague tested out in a lab environment of Cisco ISE 1.1.2 with Windows Server 2012. He got the same problem as described.
  This leads me to think there is a compatibility issue of Cisco ISE with Windows Server 2012.

  Does anyone know if ISE 1.1.3 p1 supports AD DCs running 2012, if not which patch is required ot version?
  Worryingly when ISE joins a 2012 DC it states it's connected successfully, and if another 2003 DC is available in that datacentre it will perform the auths against that DC whilst actually advertising (Connections in the GUI) that it's connected to the 2012 DC. We ended up mapping 8 PSN IP’s to another datacentre which has one Win2003 servers whilst the old 2003 DC is being promoted back, the 8 ISE servers started working, even though they still advertised they were connected to the 2012 DCs in the original datacentre - I performed a leave and join on one PSN and only then did it advertise that the node was connected to a DC in a different datacentre

• Safari for Windows will not log into IIS sites with Windows Authentication

  Safari for Windows will not log into IIS sites with Windows Authentication enabled. The IIS log has thousands of login attempts from Safari that result in 401 errors.
  I disable Windows Authentication on IIS and it works fine. The problem with that is that my Windows clients stop working properly with seemless logins when I disable this.
  The expected behavior is that Safari will work with basic authentication when NTLM does not work. That would result in a password prompt followed by a successful login instead of Safari stopping at "Loading" while hammering the IIS logs.
  It does this on all machines that I have tried.
  Any ideas or is this a bug?

  I noticed that as well. I have to wonder if it's due to not making note of the the different end of line characters between Mac OS X and Windows in code.

• ISE Certificate Chain Not Trusted By WLAN Clients

  We are running ISE 1.1.3 using Entrust cert signed by Entrust sub CA L1C, which is signed by Entrust.net 2048, which is in all major OS stores as trusted (Windows, Android, iOS).
  We have installed a concatenated PEM file with all of the certificates from the chain, as described in the ISE User Guides. The ISE GUI shows all of the certs in the chain individually after the import (i.e. the chain works and is good). However, we are not sure if the ISE is sending the entire chain to the WLAN clients during EAP authentication or just the ISE cert because of the error message we get on ALL client types which state that the certifiicate is not trusted.
  So the question is if the ISE is really sending the whole chain or just its own cert with out the rest of the certs in the chain (which would explain why the WLAN clients complain about the certificate trust.)
  Anyone out there know if the ISE code is not up to sending the cert chain in version 1.1.3 yet or if there is some other explanation? Screenshot attached of iPhone prompting for cert verification.

  Thanks hardiklodhia, your post confirms what we are seeing - the Windows clients have no issue as long as they are set to either NOT validate the EAP server cert or they are set to trust the signing CA cert from the local store by specifically selecting the signing CA (i.e. tick next to "Validate Serverr Certificate" and then another tick next to the signing CA cert in the box below.)
  The iOS clients ALWAYS prompt for verification (thanks Apple.)
  Note: we are using 1.1.3 and the cert chain import using a concatenated PEM file with ALL of the certs in the chain works fine. We are seeing the whole chain on the clients and the ISE extracts each PEM file into its local store.
  The PEM file format is not adequately described in the user guides rather a vague description of cert order is provided.
  The file should look like this:
  -------------------------Top of page-----------------------------
  Root CA PEM FILE
  Intermediate CA 1 PEM FILE
  Intermediate CA 2 PEM FILE
  ETC
  ISE CERT PEM FILE
  ------------------------Bottom of page-------------------------
  By "PEM FILE" I mean the actual base64 encoded PEM output from openssl when you convert a .crt or .der file to PEM, including the words "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" for each PEM FILE above,
  e.g.
  -----BEGIN CERTIFICATE-----
  MIIE2DCCBEGgAwIBAgIEN0rSQzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
  VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
  ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
  KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
  ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05OTA1
  MjUxNjA5NDBaFw0xOTA1MjUxNjM5NDBaMIHDMQswCQYDVQQGEwJVUzEUMBIGA1UE
  ChMLRW50cnVzdC5uZXQxOzA5BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5j
  MAwGA1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EABAwwChsEVjQuMAMCBJAwDQYJKoZI
  hvcNAQEFBQADgYEAkNwwAvpkdMKnCqV8IY00F6j7Rw7/JXyNEwr75Ji174z4xRAN
  95K+8cPV1ZVqBLssziY2ZcgxxufuP+NXdYR6Ee9GTxj005i7qIcyunL2POI9n9cd
  2cNgQ4xYDiKWL2KjLB+6rQXvqzJ4h6BUcxm1XAX5Uj5tLUUL9wqT6u0G+bI=
  -----END CERTIFICATE-----
  -----BEGIN CERTIFICATE-----
  MIIEnzCCBAigAwIBAgIERp6RGjANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
  VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
  ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
  VeSB0RGAvtiJuQijMfmhJAkWuXAwHwYDVR0jBBgwFoAU8BdiE1U9s/8KAGv7UISX
  8+1i0BowGQYJKoZIhvZ9B0EABAwwChsEVjcuMQMCAIEwDQYJKoZIhvcNAQEFBQAD
  gYEAj2WiMI4mq4rsNRaY6QPwjRdfvExsAvZ0UuDCxh/O8qYRDKixDk2Ei3E277M1
  RfPB+JbFi1WkzGuDFiAy2r77r5u3n+F+hJ+ePFCnP1zCvouGuAiS7vhCKw0T43aF
  SApKv9ClOwqwVLht4wj5NI0LjosSzBcaM4eVyJ4K3FBTF3s=
  -----END CERTIFICATE-----
  -----BEGIN CERTIFICATE-----
  MIIE9TCCA92gAwIBAgIETA6MOTANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
  RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
  bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5
  IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp
  EN551lZqpHgUSdl87TBeaeptJEZaiDQ9JifPaUGEHATaGTgu24lBOX5lH51aOszh
  DEw3oc5gk6i1jMo/uitdTBuBiXrKNjCc/4Tj/jrx93lxybXTMwPKd86wuinSNF1z
  /6T98iW4NUV5eh+Xrsm+CmiEmXQ5qE56JvXN3iXiN4VlB6fKxQW3EzgNLfBtGc7e
  mWEn7kVuxzn/9sWL4Mt8ih7VegcxKlJcOlAZOKlE+jyoz+95nWrZ5S6hjyko1+yq
  wfsm5p9GJKaxB825DOgNghYAHZaS/KYIoA==
  -----END CERTIFICATE-----
  -----BEGIN CERTIFICATE-----
  MIIFKjCCBBKgAwIBAgIETB9GEzANBgkqhkiG9w0BAQUFADCBsTELMAkGA1UEBhMC
  VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
  Lm5ldC9ycGEgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW
  KGMpIDIwMDkgRW50cnVzdCwgSW5jLjEuMCwGA1UEAxMlRW50cnVzdCBDZXJ0aWZp
  yhHR/hYfdVM88hBXXypACgrxBv/JFlKzSEDwKydJeT1tcP//nG4jv1WWgLk6O2Mi
  0oE0fnGmuf9fTX4+CdapG2gTDFJ29Chv3kavJDNtB85A7CK8oWI8Qav78Rvaz7nA
  LiRMLBQ1RkqUrQFL2WHx4mJkCddPXzOeOVJlUTGJ
  -----END CERTIFICATE-----
  The last PEM output (the one directly above) is the ISE cert in PEM format. The first PEM output (the one at the top) is the Root CA cert in PEM format. The ones in the middle are intermediate signing CAs in order (from root to leaf).

• ISE, Windows 7, Machine AuthZ

  I'm running into an issue that has me dead in the water on the completion of a roll out of ISE for Wireless.  The enterprise has two SSIDs, one internal, and one open, which is essentially an internet-only conduit.  No internal resources (other than DHCP and DNS) are available.  We moved this from a legacy SSID to using ISE several months ago. Very simple, no BYOD, no device registration, just Sponsor Portal for external laptops, and AD user authentication for employees smartphones.  Work Great.
  The second task was to take a legacy internal SSID and convert it to ISE 1.2.  My thoughts on how to do this, as based upon previous experience, the SISE courseware, the "Cisco ISE BYOD and Secure Unified Access" text (which I recommend), and that of a couple of consultants, was to use 802.1X to enforce machine and user authentication.  Seems pretty straight forward.
  Of course, I need to implement this in such a way that it is completely transparent to the users.  The legacy SSID is controlled via AD Group Policy, so it seemed a simple matter of modifying GP such that the new SSID kicks in at a higher priority.  Users will see both, AD will suggest the new one, and life goes on.
  That's exactly how it is supposed to work, and as far as I can tell, for any/all cold starting laptops, that exactly what happens.
  See coldstart.png.
  Until some user decides to close his or her laptop and sleep/hibernation sets in.
  In an overnight situation, upon waking up, the laptop proceeds to perform a user authZ but no machine AuthZ.  Because there is no machine authZ, the machine fails to get internal access, which is a problem.  In the log I see this step:
  24423  ISE has not been able to confirm previous successful machine authentication for user in Active Directory
  In talking with TAC, they are pushing me to use NAM as the supplicant, as opposed to the Native Windows 7 supplicant.  While I have AnyConnect installed on every laptop, I don't at present have NAM configured, and that breaks my "completely transparent to users" directive.
  I'm also working with Microsoft, and while they've yet to confirm that Windows 7 is just too stupid to understand the situation the laptop is in, I suspect them to tell me this soon, as we're running out of things to try on the client.
  I am aware of the Reauthentication timer that exists under the appropriate Authe\orization Profile, and that number seems to max out at ~18 hours (16 bit).
  At present, the I've set the Reauth timer in the policy results at 1800 seconds.  I could probably set it to be a longer time, but weekends will mess up that as a good solution.
  Regarding Authentication, my Default Network Policy in ISE, I'm allowing PEAP and EAP-FAST.  PEAP is preferred.  PACs are being utilized.  See Defaultaccess.png, Defaultaccess2.png
  So, I can't believe I'm the only person having this issue.  Telling users to not suspend their machines is not an option.  So, I have to ask...  Anybody else been able to use 802.1X, ISE, Windows 7 such that it works with sleep/hibernate?

  You are not the only one. Performing true machine and user authentication (EAP-TEAP) is currently not supported by any native supplicants out there. If you notice, the Windows 7 supplicant settings allow you to define "user, machine, or user or machine" but not "Machine and User" This is the reason Cisco was pushing you the NAM client. You can check the Cisco deployment guide for EAP-TEAP (aka EAP-Chaining here):
  http://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/design-zone-security/howto_80_eapchaining_deployment.pdf
  In addition, a draft RFC for TEAP was already posted:
  http://tools.ietf.org/html/draft-ietf-emu-eap-tunnel-method-01
  Just tell your MS and Apple reps about it and demand for it to be supported in future releases and patches. :)
  I don't know enough about your environment but I am suspecting that you are using MAR (Machine access restriction). If you are using MAR, there is a timer, that is set under the "AD" integration tab. Once that timer expires ISE removes the machine's mac address from the database, thus preventing the machine to come on the network until it performs another machine authentication. Unfortunately, that type of machine authentication only happens during a reboot or during a log off/log in. There are other limitations associated with MAR (see link below) and I personally don't like nor recommend it:
  http://www.cisco.com/c/en/us/support/docs/lan-switching/8021x/116516-problemsolution-technology-00.html
  With all of that being said I see the following options for you:
  1. Bump the MAR timer to 168 hrs (1 week) and instruct users that they have to reboot their machines first thing on Mondays.
  2. Set the Windows supplicants to only perform PEAP machine authentications. This is different than MAR as the actual AD machine credentials are used. You won't be able to perform user auth but at least you will only be allowing corp assets on the network. 
  3. Implement the Cisco NAM client and perform EAP-TEAP
  Hope this helps!
  Thank you for rating helpful posts!

• Peer not authenticated?

  Hi,
  I have an agent running on a windows machine and I am getting a "peer not authenticated" error message when trying to configure it. Also I am getting errors when trying to access the "performance" link and the "administration" link. All other links work properly. Here is emoms.trc
  2008-04-18 09:58:41,486 [Orion Launcher] ERROR util.Breadcrumb <init>.72 - Duplicate breadcrumb for page ias/ias/home
  2008-04-18 09:58:45,779 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.422 - Integration Class not found: oracle.sysman.pp.paf.sample.ui.intg.PAFDemoIntegration
  2008-04-18 09:58:45,817 [Orion Launcher] ERROR app.ContextInitializer contextInitialized.436 - Exception message: Folder Name already in use
  java.lang.IllegalArgumentException: Folder Name already in use
       at oracle.sysman.emSDK.intg.IntegrationManager.addFolderDefinition(IntegrationManager.java:503)
       at oracle.sysman.sap.intg.SAPIntegration.init(SAPIntegration.java:99)
       at oracle.sysman.eml.app.ContextInitializer.contextInitialized(ContextInitializer.java:415)
       at com.evermind.server.http.HttpApplication.initDynamic(HttpApplication.java:1009)
       at com.evermind.server.http.HttpApplication.<init>(HttpApplication.java:549)
       at com.evermind.server.Application.getHttpApplication(Application.java:890)
       at com.evermind.server.http.HttpServer.getHttpApplication(HttpServer.java:707)
       at com.evermind.server.http.HttpSite.initApplications(HttpSite.java:625)
       at com.evermind.server.http.HttpSite.setConfig(HttpSite.java:278)
       at com.evermind.server.http.HttpServer.setSites(HttpServer.java:278)
       at com.evermind.server.http.HttpServer.setConfig(HttpServer.java:179)
       at com.evermind.server.ApplicationServer.initializeHttp(ApplicationServer.java:2394)
       at com.evermind.server.ApplicationServer.setConfig(ApplicationServer.java:1551)
       at com.evermind.server.ApplicationServerLauncher.run(ApplicationServerLauncher.java:92)
       at java.lang.Thread.run(Thread.java:534)
  2008-04-18 09:58:54,089 [JobWorker 13082:Thread-25] ERROR em.jobs executeCommand.370 - UpdateARUTables: Oracle MetaLink credentials are incorrect or missing. Click Patching Setup to set required parameters.
  2008-04-18 09:58:54,590 [JobWorker 13077:Thread-28] ERROR em.jobs executeCommand.266 - OpatchUpdateLatest: Oracle MetaLink credentials are incorrect or missing. Click Patching Setup to set required parameters.
  2008-04-18 09:58:54,590 [JobWorker 13076:Thread-24] ERROR em.jobs executeCommand.266 - OpatchUpdateLatest: Oracle MetaLink credentials are incorrect or missing. Click Patching Setup to set required parameters.
  2008-04-18 09:59:46,833 [AJPRequestHandler-ApplicationServerThread-10] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 09:59:47,060 [AJPRequestHandler-ApplicationServerThread-7] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:00:17,197 [AJPRequestHandler-ApplicationServerThread-9] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:00:17,363 [AJPRequestHandler-ApplicationServerThread-5] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:00:47,543 [AJPRequestHandler-ApplicationServerThread-10] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:00:47,713 [AJPRequestHandler-ApplicationServerThread-5] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:01:16,889 [AJPRequestHandler-ApplicationServerThread-9] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:01:17,060 [AJPRequestHandler-ApplicationServerThread-7] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:01:47,411 [AJPRequestHandler-ApplicationServerThread-9] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:01:47,598 [AJPRequestHandler-ApplicationServerThread-7] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:02:17,761 [AJPRequestHandler-ApplicationServerThread-5] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:02:17,947 [AJPRequestHandler-ApplicationServerThread-10] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:02:48,130 [AJPRequestHandler-ApplicationServerThread-11] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:02:48,287 [AJPRequestHandler-ApplicationServerThread-8] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:03:08,478 [AJPRequestHandler-ApplicationServerThread-5] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:03:18,443 [AJPRequestHandler-ApplicationServerThread-8] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:03:18,658 [AJPRequestHandler-ApplicationServerThread-9] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:03:48,988 [AJPRequestHandler-ApplicationServerThread-5] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:03:49,174 [AJPRequestHandler-ApplicationServerThread-6] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:04:01,184 [EMUI_10_03_58_/console/admin/rep/emdConfig/emdTargetsMain$target=SeaETLDev01s.olympus.f5net.com_3A3872$type=oracle*_emd] ERROR emdConfig.EmdConfigTargetsData getEmdTargetsList.1767 - CommException: Unable to get list of targets from emd-getEmdTargetsList()
  2008-04-18 10:04:01,193 [EMUI_10_03_58_/console/admin/rep/emdConfig/emdTargetsMain$target=SeaETLDev01s.olympus.f5net.com_3A3872$type=oracle*_emd] ERROR emdConfig.EmdConfigTargetsData getEmdTargetsList.1769 - peer not authenticated
  oracle.sysman.emSDK.emd.comm.CommException: peer not authenticated
       at oracle.sysman.emSDK.emd.comm.EMDClient.getResponseForRequest(EMDClient.java:1680)
       at oracle.sysman.emSDK.emd.comm.EMDClient.getMetadataTypes(EMDClient.java:506)
       at oracle.sysman.eml.admin.rep.emdConfig.EmdConfigTargetsData.getEmdSupportedTypes(EmdConfigTargetsData.java:2693)
       at oracle.sysman.eml.admin.rep.emdConfig.EmdConfigTargetsData.getEmdTargetsList(EmdConfigTargetsData.java:1760)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:324)
       at oracle.cabo.ui.data.provider.MethodDataProvider.getDataObject(Unknown Source)
       at oracle.cabo.ui.data.provider.TableDataProvider.getDataObject(Unknown Source)
       at oracle.cabo.ui.data.provider.CachingDataProvider.getDataObject(Unknown Source)
       at oracle.cabo.ui.data.provider.DataProviderStack.getDataObject(Unknown Source)
       at oracle.cabo.ui.LogicalNodeRenderingContext.getDataObject(Unknown Source)
       at oracle.cabo.ui.RootRenderingContext.getDataObject(Unknown Source)
       at oracle.cabo.ui.LogicalNodeRenderingContext.getDataObject(Unknown Source)
       at oracle.cabo.ui.RootRenderingContext.getDataObject(Unknown Source)
       at oracle.cabo.ui.data.DataBoundValue.getValue(Unknown Source)
       at oracle.cabo.ui.BaseUINode.getAttributeValueImpl(Unknown Source)
       at oracle.cabo.ui.BaseUINode.getAttributeValue(Unknown Source)
       at oracle.cabo.ui.laf.base.BaseLafRenderer.getAttributeValue(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.FormValueRenderer.renderAttributes(Unknown Source)
       at oracle.cabo.ui.ElementRenderer.prerender(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.prerender(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.laf.oracle.desktop.HeaderRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderNamedChild(Unknown Source)
       at oracle.cabo.ui.laf.base.SwitcherRenderer._renderCase(Unknown Source)
       at oracle.cabo.ui.laf.base.SwitcherRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.composite.ContextPoppingUINode$ContextPoppingRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.BorderLayoutRenderer.renderIndexedChildren(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.BorderLayoutRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.composite.UINodeRenderer.renderWithNode(Unknown Source)
       at oracle.cabo.ui.composite.UINodeRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.oracle.desktop.PageLayoutRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.laf.base.DataScopeRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.BodyRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.DocumentRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.DocumentRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.servlet.ui.UINodePageRenderer.renderPage(Unknown Source)
       at oracle.cabo.servlet.AbstractPageBroker.renderPage(Unknown Source)
       at oracle.cabo.servlet.PageBrokerHandler.handleRequest(Unknown Source)
       at oracle.cabo.servlet.UIXServlet.doGet(Unknown Source)
       at oracle.sysman.emSDK.svlt.EMServlet.doGet(EMServlet.java:380)
       at oracle.sysman.eml.app.Console.doGet(Console.java:319)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:65)
       at oracle.sysman.eml.app.EMRepLoginFilter.doFilter(EMRepLoginFilter.java:190)
       at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:16)
       at oracle.sysman.eml.app.BrowserVersionFilter.doFilter(BrowserVersionFilter.java:122)
       at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:20)
       at oracle.sysman.emSDK.svlt.EMRedirectFilter.doFilter(EMRedirectFilter.java:102)
       at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:20)
       at oracle.sysman.eml.app.ContextInitFilter.doFilter(ContextInitFilter.java:353)
       at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:659)
       at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:330)
       at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:830)
       at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:224)
       at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:133)
       at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:186)
       at java.lang.Thread.run(Thread.java:534)
  2008-04-18 10:04:01,270 [EMUI_10_03_58_/console/admin/rep/emdConfig/emdTargetsMain$target=SeaETLDev01s.olympus.f5net.com_3A3872$type=oracle*_emd] ERROR emdConfig.EmdConfigTargetsData getEmdUploadData.1530 - peer not authenticated
  2008-04-18 10:04:06,347 [EMUI_10_04_05_/console/admin/rep/emdConfig/targetConfig] ERROR emdConfig.TargetConfigDataObject hasTestMetric.684 - peer not authenticated
  2008-04-18 10:04:06,397 [EMUI_10_04_05_/console/admin/rep/emdConfig/targetConfig] ERROR emdConfig.TargetConfigDataObject getTargetData.982 - Unable to contact the agent. Agent might be down.
  2008-04-18 10:04:06,414 [EMUI_10_04_05_/console/admin/rep/emdConfig/targetConfig] ERROR emdConfig.TargetConfigDataObject getTargetData.983 - peer not authenticated
  2008-04-18 10:04:15,342 [EMUI_10_04_15_/console/admin/rep/emdConfig/emdTargetsMain$target=SeaETLDev01s.olympus.f5net.com_3A3872$type=oracle*_emd] ERROR emdConfig.EmdConfigTargetsData getEmdTargetsList.1767 - CommException: Unable to get list of targets from emd-getEmdTargetsList()
  2008-04-18 10:04:15,352 [EMUI_10_04_15_/console/admin/rep/emdConfig/emdTargetsMain$target=SeaETLDev01s.olympus.f5net.com_3A3872$type=oracle*_emd] ERROR emdConfig.EmdConfigTargetsData getEmdTargetsList.1769 - peer not authenticated
  oracle.sysman.emSDK.emd.comm.CommException: peer not authenticated
       at oracle.sysman.emSDK.emd.comm.EMDClient.getResponseForRequest(EMDClient.java:1680)
       at oracle.sysman.emSDK.emd.comm.EMDClient.getMetadataTypes(EMDClient.java:506)
       at oracle.sysman.eml.admin.rep.emdConfig.EmdConfigTargetsData.getEmdSupportedTypes(EmdConfigTargetsData.java:2693)
       at oracle.sysman.eml.admin.rep.emdConfig.EmdConfigTargetsData.getEmdTargetsList(EmdConfigTargetsData.java:1760)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:324)
       at oracle.cabo.ui.data.provider.MethodDataProvider.getDataObject(Unknown Source)
       at oracle.cabo.ui.data.provider.TableDataProvider.getDataObject(Unknown Source)
       at oracle.cabo.ui.data.provider.CachingDataProvider.getDataObject(Unknown Source)
       at oracle.cabo.ui.data.provider.DataProviderStack.getDataObject(Unknown Source)
       at oracle.cabo.ui.LogicalNodeRenderingContext.getDataObject(Unknown Source)
       at oracle.cabo.ui.RootRenderingContext.getDataObject(Unknown Source)
       at oracle.cabo.ui.LogicalNodeRenderingContext.getDataObject(Unknown Source)
       at oracle.cabo.ui.RootRenderingContext.getDataObject(Unknown Source)
       at oracle.cabo.ui.data.DataBoundValue.getValue(Unknown Source)
       at oracle.cabo.ui.BaseUINode.getAttributeValueImpl(Unknown Source)
       at oracle.cabo.ui.BaseUINode.getAttributeValue(Unknown Source)
       at oracle.cabo.ui.laf.base.BaseLafRenderer.getAttributeValue(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.FormValueRenderer.renderAttributes(Unknown Source)
       at oracle.cabo.ui.ElementRenderer.prerender(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.prerender(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.laf.oracle.desktop.HeaderRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderNamedChild(Unknown Source)
       at oracle.cabo.ui.laf.base.SwitcherRenderer._renderCase(Unknown Source)
       at oracle.cabo.ui.laf.base.SwitcherRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.composite.ContextPoppingUINode$ContextPoppingRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.BorderLayoutRenderer.renderIndexedChildren(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.BorderLayoutRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.composite.UINodeRenderer.renderWithNode(Unknown Source)
       at oracle.cabo.ui.composite.UINodeRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.oracle.desktop.PageLayoutRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.XhtmlLafRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.laf.base.DataScopeRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.BodyRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderIndexedChild(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.DocumentRenderer.renderContent(Unknown Source)
       at oracle.cabo.ui.BaseRenderer.render(Unknown Source)
       at oracle.cabo.ui.laf.base.xhtml.DocumentRenderer.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.ui.BaseUINode.render(Unknown Source)
       at oracle.cabo.servlet.ui.UINodePageRenderer.renderPage(Unknown Source)
       at oracle.cabo.servlet.AbstractPageBroker.renderPage(Unknown Source)
       at oracle.cabo.servlet.PageBrokerHandler.handleRequest(Unknown Source)
       at oracle.cabo.servlet.UIXServlet.doGet(Unknown Source)
       at oracle.sysman.emSDK.svlt.EMServlet.doGet(EMServlet.java:380)
       at oracle.sysman.eml.app.Console.doGet(Console.java:319)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:65)
       at oracle.sysman.eml.app.EMRepLoginFilter.doFilter(EMRepLoginFilter.java:190)
       at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:16)
       at oracle.sysman.eml.app.BrowserVersionFilter.doFilter(BrowserVersionFilter.java:122)
       at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:20)
       at oracle.sysman.emSDK.svlt.EMRedirectFilter.doFilter(EMRedirectFilter.java:102)
       at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:20)
       at oracle.sysman.eml.app.ContextInitFilter.doFilter(ContextInitFilter.java:353)
       at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:659)
       at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:330)
       at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:830)
       at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:224)
       at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:133)
       at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:186)
       at java.lang.Thread.run(Thread.java:534)
  2008-04-18 10:04:15,426 [EMUI_10_04_15_/console/admin/rep/emdConfig/emdTargetsMain$target=SeaETLDev01s.olympus.f5net.com_3A3872$type=oracle*_emd] ERROR emdConfig.EmdConfigTargetsData getEmdUploadData.1530 - peer not authenticated
  2008-04-18 10:04:19,374 [AJPRequestHandler-ApplicationServerThread-5] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  2008-04-18 10:04:19,531 [AJPRequestHandler-ApplicationServerThread-12] ERROR eml.OMSHandshake processFailure.806 - OMSHandshake failed.(AGENT URL = https://SeaCRMDev01vm.olympus.f5net.com:3872/emd/main/)(ERROR = KEY_MISMATCH)
  Any help would be greatly appreciated
  Thanks in advance

  We had a similar issue. It was because some garbage was in the repository and the etc/hosts file needed tweeking.
  Here is what we did....
  Issue:
  "Communication from the Oracle Management Service host to the Agent host failed. Refer to help for details. peer not authenticated"
  1. Stop OEM agent on problem host
  2. Login to oem console and note the problematic host name & agent port exactly as it appears in the OEM console.
  3. Remove all targets for this agent via the OEM console.
  4. Remove agent via OEM console.
  5. Login to repository database as sys and run the following command:
  exec mgmt_admin.cleanup_agent('HOSTNAME:AGENT_PORT');commit;
  6. Remove agent software from the problematic host.
  7. In /etc/hosts file on the OEM server, local host entry should be unique and formated as follows:
  3.24.7.156 unxoradb014.corporate.ge.com unxoradb014
  8. Reinstall agent on the host.

• ProtectTools issue: Decrypting an encrypted ProtectTools HDD when windows will not boot.

  Windows updates happened. Now the PC won't boot. Unfortunately, the HD is encrypted using the ProtectTools. While I can boot from the Win7 CD, I can't touch the OS partition since it's encrypted. I found the DiskTech2012.iso which I had hoped would be my salvation. This does boot but when I run "EETech for HPPT 7.0" the selection box says "Authentication Status: Not Authenticated. Activation Status: inactive" and won't let me click on any of the options.
  Since I don't see the HP ProtectTools password screen when booting from CD, I'm assuming the above is because I haven't entered the password. If I go through the normal boot sequence and authenticate, I don't get to boot from the CD. Seems like a catch-22. How the heck am I supposed to get authenticated so that I can then decrypt the drive? I've got the USB key for this drive, I just want to be able to use it.
  One thing is for sure, I won't ever use HP ProtectTools again.

  Windows updates happened. Now the PC won't boot. Unfortunately, the HD is encrypted using the ProtectTools. While I can boot from the Win7 CD, I can't touch the OS partition since it's encrypted. I found the DiskTech2012.iso which I had hoped would be my salvation. This does boot but when I run "EETech for HPPT 7.0" the selection box says "Authentication Status: Not Authenticated. Activation Status: inactive" and won't let me click on any of the options.
  Since I don't see the HP ProtectTools password screen when booting from CD, I'm assuming the above is because I haven't entered the password. If I go through the normal boot sequence and authenticate, I don't get to boot from the CD. Seems like a catch-22. How the heck am I supposed to get authenticated so that I can then decrypt the drive? I've got the USB key for this drive, I just want to be able to use it.
  One thing is for sure, I won't ever use HP ProtectTools again.

• ISE 1.2 web authentication problem with wired clients

  Hello,
  i am having problems with centralized web authentication using a Catalyst 3650X with IOS 15.0.2 SE01 and ISE 1.2.
  Redirecting the client works fine, but as soon the client opens a web browser and ISE websites open to authenticate the client, the switch port resets, the authentication process restarts and the session ID changes. After the client enters the credentials a session expired messages appears on the client and i get an 86017 Session Missing message in ISE.
  here the output form the debug aaa coa log.
  Any ideas
  thanks in advanced
  Alex
  ! CLIENT CONNECT TO SWITCHPORT
  ISE-TEST-SWITCH#show authentication sessions interface gi0/3
              Interface:  GigabitEthernet0/3
            MAC Address:  001f.297b.bd82
             IP Address:  10.2.12.45
              User-Name:  00-1F-29-7B-BD-82
                 Status:  Authz Success
                 Domain:  DATA
        Security Policy:  Should Secure
        Security Status:  Unsecure
         Oper host mode:  multi-auth
       Oper control dir:  both
          Authorized By:  Authentication Server
            Vlan Policy:  N/A
                ACS ACL:  xACSACLx-IP-PERMIT_ALL_TRAFFIC-537cb1d6
       URL Redirect ACL:  ACL-WEBAUTH-REDIRECT
           URL Redirect:  https://nos-ch-wbn-ise1.nosergroup.lan:8443/guestportal/gateway?sessionId=AC1484640000026B28C02CDC&action=cwa
        Session timeout:  N/A
           Idle timeout:  N/A
      Common Session ID:  AC1484640000026B28C02CDC
        Acct Session ID:  0x0000029C
                 Handle:  0x8C00026C
  Runnable methods list:
         Method   State
         dot1x    Failed over
         mab      Authc Success
  ! CLIENT OPENS INTERNETEXPLORER -> REDIRECTS TO ISE 
  ! SWITCHPORT GOES IN ADMINISTRATIVE DOWN STARTS AUTHENTICATION AGAIN
  ISE-TEST-SWITCH#
  191526: .Jun 24 10:42:24.340 UTC: COA: 10.0.128.38 request queued
  191527: .Jun 24 10:42:24.340 UTC: RADIUS:  authenticator 7F A9 85 AB F6 4A D0 F3 - B4 E6 F2 56 74 C6 2D 33
  191528: .Jun 24 10:42:24.340 UTC: RADIUS:  NAS-IP-Address      [4]   6   172.20.132.100
  191529: .Jun 24 10:42:24.340 UTC: RADIUS:  Calling-Station-Id  [31]  19  "00:1F:29:7B:BD:82"
  191530: .Jun 24 10:42:24.340 UTC: RADIUS:  Acct-Terminate-Cause[49]  6   admin-reset               [6]
  191531: .Jun 24 10:42:24.340 UTC: RADIUS:  Event-Timestamp     [55]  6   1403606529
  191532: .Jun 24 10:42:24.340 UTC: RADIUS:  Message-Authenticato[80]  18
  191533: .Jun 24 10:42:24.340 UTC: RADIUS:   E0 3C B2 8C 89 47 67 A8 69 F5 3D 08 61 FF 53 6E          [ <Ggi=aSn]
  191534: .Jun 24 10:42:24.340 UTC: RADIUS:  Vendor, Cisco       [26]  43
  191535: .Jun 24 10:42:24.340 UTC: RADIUS:   Cisco AVpair       [1]   37  "subscriber:command=bounce-host-port"
  191536: .Jun 24 10:42:24.340 UTC: COA: Message Authenticator decode passed
  191537: .Jun 24 10:42:24.340 UTC:  ++++++ CoA Attribute List ++++++
  191538: .Jun 24 10:42:24.340 UTC: 06D96C58 0 00000001 nas-ip-address(600) 4 172.20.132.100
  191539: .Jun 24 10:42:24.349 UTC: 06D9AC18 0 00000081 formatted-clid(37) 17 00:1F:29:7B:BD:82
  191540: .Jun 24 10:42:24.349 UTC: 06D9AC4C 0 00000001 disc-cause(434) 4 admin-reset
  191541: .Jun 24 10:42:24.349 UTC: 06D9AC80 0 00000001 Event-Timestamp(445) 4 1403606529(53A95601)
  191542: .Jun 24 10:42:24.349 UTC: 06D9ACB4 0 00000081 ssg-command-code(490) 1 33
  191543: .Jun 24 10:42:24.349 UTC:
  191544: .Jun 24 2014 10:42:24.365 UTC: %EPM-6-IPEVENT: IP 10.2.12.45| MAC 001f.297b.bd82| AuditSessionID AC1484640000026B28C02CDC| AUTHTYPE DOT1X| EVENT IP-RELEASE
  191545: .Jun 24 2014 10:42:24.382 UTC: %EPM-6-IPEVENT: IP 10.2.12.45| MAC 001f.297b.bd82| AuditSessionID AC1484640000026B28C02CDC| AUTHTYPE DOT1X| EVENT IP-WAIT
  191546: .Jun 24 2014 10:42:24.382 UTC: %EPM-6-POLICY_REQ: IP 0.0.0.0| MAC 001f.297b.bd82| AuditSessionID AC1484640000026B28C02CDC| AUTHTYPE DOT1X| EVENT REMOVE
  191547: .Jun 24 2014 10:42:24.390 UTC: %EPM-6-AUTH_ACL: POLICY Auth-Default-ACL-OPEN| EVENT DETACH-SUCCESS
  191548: .Jun 24 2014 10:42:26.353 UTC: %LINK-5-CHANGED: Interface GigabitEthernet0/3, changed state to administratively down
  191549: .Jun 24 2014 10:42:27.359 UTC: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/3, changed state to down
  ISE-TEST-SWITCH#
  191550: .Jun 24 2014 10:42:36.366 UTC: %LINK-3-UPDOWN: Interface GigabitEthernet0/3, changed state to down
  191551: .Jun 24 10:42:40.592 UTC: AAA/BIND(000002A7): Bind i/f
  191552: .Jun 24 2014 10:42:41.129 UTC: %AUTHMGR-5-START: Starting 'dot1x' for client (001f.297b.bd82) on Interface Gi0/3 AuditSessionID AC1484640000026C28C2FA05
  191553: .Jun 24 2014 10:42:42.580 UTC: %LINK-3-UPDOWN: Interface GigabitEthernet0/3, changed state to up
  191554: .Jun 24 2014 10:42:43.586 UTC: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/3, changed state to up
  ! SESSION ID CHANGES, USER ENTERS CREDENTIALS 
  ! ERROR MESSAGE AT CLIENT "YOUR SESSION HAS EXPIRED"
  ! ERROR MESSAGE IN ISE "86017 SESSION MISSING"
  ISE-TEST-SWITCH#show authentication sessions interface gi0/3
              Interface:  GigabitEthernet0/3
            MAC Address:  001f.297b.bd82
             IP Address:  10.2.12.45
                 Status:  Running
                 Domain:  UNKNOWN
        Security Policy:  Should Secure
        Security Status:  Unsecure
         Oper host mode:  multi-auth
       Oper control dir:  both
        Session timeout:  N/A
           Idle timeout:  N/A
      Common Session ID:  AC1484640000026C28C2FA05
        Acct Session ID:  0x0000029D
                 Handle:  0x2C00026D
  Runnable methods list:
         Method   State
         dot1x    Running
         mab      Not run

  Guest authentication failed: 86017: Session cache entry missing
  try adjusting the UTC timezone during the guest creation in the sponsor portal.
  86017
  Guest
  Session Missing
  Session ID missing. Please contact your System Administrator.
  Info

• 530 5.7.1 client was not authenticated

  OK, I am not in control of an exchange server.  My company uses GoDaddy for our exchange server.  I am an employee.  We use a software for contact management.  When I try to send emails to say a group of customers, it gives me the error
  530 5.7.1 client was not authenticated.  I have talked to GoDaddy until I am blue in the face to no avail.  Everything I find says it is something on their end.  By the way, we just switched to them, we have absolutely no problem with our previous
  company that we had exchange with.  ANY help would be appreciated.  OF course our outlook works.
  The only information our software (called RPMS) requires is the SMTP server  which I enter   smtp.ex3.secureserver.net
  my email address      (*****@alliedsm.com 
   user name which they say is the same as email address  (*****@alliedsm.com) and password. My old exchange service had me use port 27, but new company says I have to use 587.

  In the outbound smtp setting did you set outgoing smtp requires authentication?
  Microsoft Outlook® 2007 (PC)
  From the Tools menu, select "Account Settings"
  Select your Network Solutions Email account and click the "Change" button above..
  Click the "More Settings" button in the bottom-right corner of the E-Mail Accounts window.
  In the Internet Email Settings window, click the "Outgoing Server" tab. Ensure that the box next to "My outgoing server (SMTP) requires authentication" is checked and "use same settings as my incoming mail server" is selected.
  Click the "Advanced" tab and make sure that "Use the following type of encrypted connection" is set to "None" for the incoming (POP3) and the outgoing (SMTP) port settings. Change the outgoing server port to 587.
  James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

• 530 5.7.1 Client was not authenticated - Exchange 2013 to external domains

  Hi all,
  I have an Exchange server 2013 on windows 2012 R2 and do all the configuration for sending and receiving the mail according to the document provided by Microsoft.
  But whenever I am trying to send mails from external domains to my exchange server domain I got the following error:
  530 5.7.1 Client was not authenticated
  Same thing I am getting If I am sending mail through outlook from my Exchange domains to external domain.
  But if I am selecting the
  <label for="ResultPanePlaceHolder_ReceiveConnector_Security_contentContainer_chkPermissionGroupAnonymousUsers" id="ResultPanePlaceHolder_ReceiveConnector_Security_contentContainer_chkPermissionGroupAnonymousUsers_label">Anonymous
  users in the security option of Default Frontend XXXX, I am able to send the mails through outlook.</label>
  <label for="ResultPanePlaceHolder_ReceiveConnector_Security_contentContainer_chkPermissionGroupAnonymousUsers" id="ResultPanePlaceHolder_ReceiveConnector_Security_contentContainer_chkPermissionGroupAnonymousUsers_label">But I don't
  want to use this option as it will enable to send the mails without validating the Exchange server user name and password.</label>
  SO can anyone please suggest some solutions to resolve this as using Anonymous users fro sending and receiving mails is not secure.
  Regards
  Pankaj Raman.
  <label for="ResultPanePlaceHolder_ReceiveConnector_Security_contentContainer_chkPermissionGroupAnonymousUsers" id="ResultPanePlaceHolder_ReceiveConnector_Security_contentContainer_chkPermissionGroupAnonymousUsers_label">
  </label>

  I have a java code for sending mails using the SMTP address of the servers. For sending a mail it required a valid user name and password. For all other SMTP servers if I have used invalid user name and password then I am getting the  530
  5.7.1 Client was not authenticated error, but
  if I am using my SMTP address and invalid user name and password then also I am able to send the mails.
  So I just want to know what I have to configure in the exchange 2013 server so that it will validate the user name and password.
  Regards
  Pankaj Raman.
  Hi Pankaj,
  Thank you for your question.
  Was invalid user name and password included in Java code?
  Did outlook send emails?
  If this issue happen on Java code instead of outlook?
  In fact, Exchange server didn’t validate user account and password, user account and password will be validated on domain controller,
  I suggest we create a new dedicated receive connector and enable “anonymous” permission for java code
  If there are any questions regarding this issue, please be free to let me know. 
  Best Regard,
  Jim
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
  Jim Xu
  TechNet Community Support

• Cisco ISE 1.3 MAB authentication.. switch drop packet

  Hello All,
  I have C3560 Software (C3560-IPSERVICESK9-M), Version 12.2(55)SE9, RELEASE SOFTWARE (fc1) switch..
  and ISE 1.3 versoin..
  MAB authentication is working perfectly at ISE end.. but while seeing the same at switch end.. I am seeing switch is droping packet on some ports..
  while some ports are working perfectly..
  Same switch configuration is working perfectly on another switch without any issue..
  Switch configuration for your suggestion..!!
  aaa new-model
  aaa authentication fail-message ^C
  **** Either ACS or ISE is DOWN / Use ur LOCAL CREDENTIALS / Thank You ****
  ^C
  aaa authentication login CONSOLE local
  aaa authentication login ACS group tacacs+ group radius local
  aaa authentication dot1x default group radius
  aaa authorization config-commands
  aaa authorization commands 0 default group tacacs+ local
  aaa authorization commands 1 default group tacacs+ local
  aaa authorization commands 15 default group tacacs+ local
  aaa authorization network default group radius
  aaa accounting dot1x default start-stop group radius
  aaa accounting exec default start-stop group tacacs+
  aaa accounting commands 0 default start-stop group tacacs+
  aaa accounting commands 15 default start-stop group tacacs+
  aaa accounting network default start-stop group tacacs+
  aaa accounting connection default start-stop group tacacs+
  aaa accounting system default start-stop group tacacs+ group radius
  aaa server radius dynamic-author
   client 172.16.95.x server-key 7 02050D480809
   client 172.16.95.x server-key 7 14141B180F0B
  aaa session-id common
  clock timezone IST 5 30
  system mtu routing 1500
  ip routing
  no ip domain-lookup
  ip domain-name EVS.com
  ip device tracking
  epm logging
  dot1x system-auth-control
  interface FastEthernet0/1
   switchport access vlan x
   switchport mode access
   switchport voice vlan x
   authentication event fail action next-method
   --More--         authentication host-mode multi-auth
   authentication order mab dot1x
   authentication priority mab dot1x
   authentication port-control auto
   authentication violation restrict
   mab
   snmp trap mac-notification change added
   snmp trap mac-notification change removed
   dot1x pae authenticator
   dot1x timeout tx-period 10
   spanning-tree portfast
  ip tacacs source-interface Vlan10
  ip radius source-interface Vlan10 vrf default
  logging trap critical
  logging origin-id ip
  logging 172.16.5.95
  logging host 172.16.95.x transport udp port 20514
  logging host 172.16.95.x transport udp port 20514
  snmp-server group SNMP-Group v3 auth read EVS-view notify *tv.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF7F access 15
  snmp-server view EVS-view internet included
  snmp-server community S1n2M3p4$ RO
  snmp-server community cisco RO
  snmp-server trap-source Vlan10
  snmp-server source-interface informs Vlan10
  snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
   --More--         snmp-server enable traps tty
  snmp-server enable traps cluster
  snmp-server enable traps entity
  snmp-server enable traps cpu threshold
  snmp-server enable traps vtp
  snmp-server enable traps vlancreate
  snmp-server enable traps vlandelete
  snmp-server enable traps flash insertion removal
  snmp-server enable traps port-security
  snmp-server enable traps envmon fan shutdown supply temperature status
  snmp-server enable traps config-copy
  snmp-server enable traps config
  snmp-server enable traps bridge newroot topologychange
  snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency
  snmp-server enable traps syslog
  snmp-server enable traps mac-notification change move threshold
  snmp-server enable traps vlan-membership
  snmp-server host 172.16.95.x version 2c cisco
  snmp-server host 172.16.95.x version 2c cisco
  snmp-server host 172.16.5.x version 3 auth evsnetadmin
  tacacs-server host 172.16.5.x key 7 0538571873651D1D4D26421A4F
  tacacs-server directed-request
   --More--         tacacs-server key 7 107D580E573E411F58277F2360
  tacacs-server administration
  radius-server attribute 6 on-for-login-auth
  radius-server attribute 25 access-request include
  radius-server host 172.16.95.y auth-port 1812 acct-port 1813 key 7 060506324F41
  radius-server host 172.16.95.x auth-port 1812 acct-port 1813 key 7 110A1016141D
  radius-server host 172.16.95.y auth-port 1645 acct-port 1646 key 7 110A1016141D
  radius-server host 172.16.95.x auth-port 1645 acct-port 1646 key 7 070C285F4D06
  radius-server timeout 2
  radius-server key 7 060506324F41
  radius-server vsa send accounting
  radius-server vsa send authentication
  line con 0
   exec-timeout 5 0
   privilege level 15
   logging synchronous
   login authentication CONSOLE
  line vty 0 4
   access-class telnet_access in
   exec-timeout 0 0
   logging synchronous
   --More--         login authentication ACS
   transport input ssh

   24423  ISE has not been able to confirm previous successful machine authentication  
  Judging by that line and what your policy says, it appears that your authentication was rejected as your machine was not authenticated prior to this connection.
  first thing to check is whether MAR has been enabled on the identity source. second thing to check is whether your machine is set to send a certificate for authentication. there are other things you can look at but I'd do those two first.
  log off and on  or reboot and then see if you at least get a failed machine auth on the operations>authentication page and we can go from there. 

• ISE and central web authentication

  Hello all,
  I have followed the steps in this document in detail:
  http://www.cisco.com/en/US/products/ps11640/products_configuration_example09186a0080ba6514.shtml
  however, my central authentication does not work. I get to the guest portal, i get authenticated through the guest portal,
  but then the "second" MAB authenticatino doesn't happen.
  In the last screencapture of the document, you get a green "Dynamic Authorization" line (third line from below). On my system
  this is a red line with the error message "11213 No response received from Network Access Device".
  (i have a successfull guest authentication in my ise logs, but it seems ise is unable to bounce or initiate the second MAB....)
  Any ideas ?
  regards,
  Geert

  By the way, i feel the document example is a bit too general. For example, if you implement the document, ISE will do web authentication and redirection even when you are using a 802.1X client and are authenticated (and you have no other rules in your Autorization sequence table)
  I managed to prevent this by adding an additional condition to the first rule "MAC not known" that has the CentralWebAuth policy. Only do webautentication if MAC not known AND Wired_MAB is being used.

• Pop-up in new Satellite L855 - Windows is not genuine

  Sorry for my English.
  on February 8, 2013 I bought my Toshiba L855 laptop with Windows 7 Home Premium preinstalled.
  For about 10 days I get a pop-up that says Windows is not genuine.
  Windows is activated.
  I checked the license key with the software *"Produkey"* and is different from the license key that comes in Microsoft sticker.
  How is it possible?

  There are fuller explanations out there but this gives an overview:
  If Windows is pre-installed on a computer by an original equipment manufacturer (OEM), the operating system is automatically activated without the need for interaction from the user.
  (10) In this case, the copy of Windows installed does not use the product key listed on the certificate of authenticity, but rather a master product key issued to OEMs called a System Locked Pre-installation (SLP) key.
  On each boot, Windows confirms the presence of specific information stored in the BIOS by the manufacturer, ensuring the activation only remains valid on that computer, even if the product key is used on another machine.
  ( [http://en.wikipedia.org/wiki/Microsoft_Product_Activation] )

• EM Recovery Error (peer not authenticated)

  Hi Guys,
  A week ago my production database EM had corrupted and I fixed it by resetting the password of sysman and do some file works in windows. But it was not completely fixed. Now I'm open the EM it says
  Enterprise Manager is not able to connect to the database instance. The state of the components are listed below. I have only two options ether Startup or Perform Recovery. And when I'm going with any options it give an error saying peer not authenticated. Please help me to solve this issue.
  Thank you,
  Tharaka

  have you sysman user?
  To solve this issue you must recreate repository or recreate sysman user.

• JAX-WS web service client and Windows integrated Security authentication

  I am currently developing a JAX-WS web service client running on WebLogic 10.3.2.0. The client is connecting to exchange web service running on IIS.
  Everything works well when EWS is configured with Http basic authentication.
  The problems started when I changed the autentication method on EWS from Http basic authentication to Windows integrated Security authentication.
  The client is then unable to authenticate to the web service. Every request made to EWS returns with the message : Invalid HTTP server response [401] - Unauthorized.
  I tried using an authenticator like this one:
  static class RetrieveWSDLAuthenticator extends Authenticator
  private String username, password;
  public RetrieveWSDLAuthenticator(String user, String pass)
  username = user;
  password = pass;
  @Override
  protected PasswordAuthentication getPasswordAuthentication()
  return new PasswordAuthentication(username, password.toCharArray());
  and setting it as the default authenticator :
  Authenticator.setDefault(new MyAuthenticator("username", "password"));
  but the method getPasswordAuthentication() was not even called.
  Is there a way to make a JAX-WS client works with Windows integrated Security ?

  WIS is not suppported on WLS JAX-WS. You'll need to use other authentication mechanisms such as http basic (which you tried already), or message-level security such as UNT, or SAML.
  Regards,
  Pyounguk