Issue authenticating on NBC olympics....
Hi,
I am looking for help autheticating on NBCOlympics.....
Here is the set up: we have 3 mass, running Mountain lion and Lion , latest safary and firefox, latest flash player. When trying to authenticate, we are presented with a Comcast default logo as that is how we get our internet.... Since we get our TV signal from Dish, we pick dish in the service provider pop up menu immediately below, and shoudl be presented with a ID / Password field combo - however we get only a blank page.
To add isnult to injury, the lone PC in the household swings through the process with flying colors. But of course, it can not airplay onto the TV :-(.....
Any idea what could be the problem?
Cheers
Philippe
The people at the NBC Olympics website responded swiftly to my inquiry about login problems.
and sent the message below. I believe that the combination of resetting the flash storage preferences and enabling cookies did the trick for Safari, and the login authentication process now works as it should. If you do modify your settings for sites like this, you may want to reset them once you're done with the site (either after each session or after the olympics are over).
It's not clear to me why the process works under Windows XP emulation, but maybe it's because I didn't reset permissive defaults re: flash and cookies.
==========================================
NBC Olympics, Jul 29 07:07 pm (EDT):
We are aware of this issue and have identified that this is related to Flash Settings on your computer.
Please go through the comprehensive list below and let us know if this resolves your issue.
1. Please make sure you are running the most recent version of flash. To confirm, please go to this page to download the most recent version:
http://get.adobe.com/flashplayer/
2. Navigate your browser to: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_man ager03.html
3. Make sure "Allow third-party Flash content to store data on your computer" and "Store common Flash components to reduce download times" options are both checked.
4. Move the "Specify the amount of disk space..." slider to 100 KB.
5. Navigate your browser to: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_man ager07.html
6. Clear the Flash Player Cache by pushing the "Delete all sites" button.
7. Make sure your third party cookies are enabled:
MAC USERS:
FIREFOX BROWSER (FOR MAC USERS)
Click on “FIREFOX” (at the top left of screen)
--> Preferences
--> Privacy tab
--> Open drop down next to "Firefox will:" and set it to "Use custom settings for history"
--> Make sure "accept cookies from sites" is checked
--> Make sure "Accept third-party cookies" is checked
--> Keep until: "they expire" (in drop down)
SAFARI BROWSER (FOR MAC USERS)
Click on “SAFARI” (at the top left of screen)
--> Preferences
--> Security Tab
--> Accept Cookies (check “Always”)
CHROME BROWSER (FOR MAC USERS)
Click on “CHROME” (at the top left of screen)
--> Preferences
--> Scroll to bottom of page and click on “Show Advanced Settings”
--> Privacy –> Click on “Content Settings”
--> Cookies – >Check “Allow local data to be set” also make sure “Block third-party cookies and site data” IS NOT CHECKED.
--> Click “ok” at bottom of page.
PC USERS:
INTERNET EXPLORER (FOR PC USERS)
-->Click on Tools
--> Internet Options
--> Privacy Tab
--> Click the Advanced button in center of page
--> Make sure the radio button next to Accept is checked below “First-party Cookies” and “Third-party Cookies”
--> Click “OK”
FIREFOX BROWSER (FOR PC USERS)
--> Click on FIREFOX (top left of screen)
--> Click on Options
--> Click Privacy Tab
--> Open drop down next to "Firefox will:" and set it to "Use custom settings for history"
-->Make sure "accept cookies from sites" is checked
--> Make sure "Accept third-party cookies" is checked
--> Keep until: "they expire" (in drop down)
--> Click “Ok” at bottom
SAFARI BROWSER (FOR PC USERS)
--> Click on the wheel on the top right, below the X in the red box
--> Click Preferences
--> Click the Privacy Tab
--> Block Cookies: click “Never”
--> X out of pop up
CHROME BROWSER (FOR PC USERS)
Click on the wrench at the top right of the screen
--> Settings
--> Scroll to bottom of page and click on “Show Advanced Settings”
--> Privacy – Click on “Content Settings”
--> Cookies – Check “Allow local data to be set” also make sure “Block third-party cookies and site data” IS NOT CHECKED.
--> Click “ok” at bottom of page.
8. Close your browser and then reopen your browser.
9. Start the verification process here: http://www.nbcolympics.com/liveextra/help/index.html
Please let us know if this resolves your issue.
NBCOlympics.com Support
Similar Messages
-
NBC Olympics Live Extra login loop.
When trying to watch the NBC Olympics streaming I get stuck in a Login loop. You are asked to sign in to your provider which in my case is Dish and I enter my information and it goes away and then comes right back asking my provider again over and over. It works fine in IE and and Chrome and I have gotten it to work in Firefox only once but it quit working. When it did work it was MUCH better in Firefox (faster and smoother). I've tried reinstalling firefox, clearing history, reinstalling flash, clearing flash cache, tried without any addons in firefox all to no avail. I'm currently using the latest verison 14.0.1. Any ideas would be great as I much prefer Firefox to the other options.
Done all that, that is always the first thing I try when a site is acting screwy. :(
I also received the following from NBC support which also did nothing to help.
Thank you for contacting us.
We are aware of this issue and have identified that this is related to Flash Settings on your computer.
Please go through the comprehensive list below. If the first two steps do not resolve your issue, please continue with the rest of the steps.
1. Please make sure you are running the most recent version of flash. To confirm, please go to this page to download the most recent version:
http://get.adobe.com/flashplayer/
2. Go to the settings panel here http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager08.html and click "Reset License Files"
IF THESE TWO OPTIONS DID NOT RESOLVE YOUR ISSUE, PLEASE CONTINUE WITH THE STEPS BELOW.
3. Navigate your browser to: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html and make sure "Allow third-party Flash content to store data on your computer" and "Store common Flash components to reduce download times" options are both checked.
4. Move the "Specify the amount of disk space..." slider to 100 KB.
5. Navigate your browser to: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html
6. Clear the Flash Player Cache by pushing the "Delete all sites" button.
7. Make sure your third party cookies are enabled:
FIREFOX BROWSER (FOR PC USERS)
--> Click on FIREFOX (top left of screen)
--> Click on Options
--> Click Privacy Tab
--> Open drop down next to "Firefox will:" and set it to "Use custom settings for history"
-->Make sure "accept cookies from sites" is checked
--> Make sure "Accept third-party cookies" is checked
--> Keep until: "they expire" (in drop down)
--> Click “Ok” at bottom
8. Close your browser and then reopen your browser.
9. Start the verification process here: http://www.nbcolympics.com/liveextra/help/index.html
If the steps up above do not resolve your issue, please uninstall and then reinstall Flash.
Thank you.
NBCOlympics.com Support -
Webservice Header Issue ( Authentication required )
Dears I am developing client application to consume webservice, the webservice developer sent me the wsdl file and the sample SOAP request , all look fine for me
the issue that when I am trying to call the webservice it returns an error message ( Authentication Required ) but I am sending the user name and the password in the header as expected.
here is the Sample SOAP
<soapenv:Envelope xmlns:fax="http://fax.po.ws.apps.oracle.xxdof/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header><wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken-5A2B82D9EE5888AE0414252886487322"><wsse:Username>weblogic</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">weblogic1</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">jMqFQqEM30Yp+t3tP+8meg==</wsse:Nonce><wsu:Created>2015-03-02T09:30:48.732Z</wsu:Created></wsse:UsernameToken></wsse:Security></soapenv:Header>
<soapenv:Body>
<fax:faxStatus>
<!--Optional:-->
<arg0>0</arg0>
<!--Optional:-->
<arg1>0</arg1>
<!--Optional:-->
<arg2>0</arg2>
<!--Optional:-->
<arg3>0</arg3>
<!--Optional:-->
<arg4>0</arg4>
<!--Optional:-->
<arg5>0</arg5>
</fax:faxStatus>
</soapenv:Body>
</soapenv:Envelope>"
and below the request I am sending
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<o:UsernameToken u:Id="uuid-90e0f212-3dc0-4913-96a8-175697d5240d-1" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<o:Username>username</o:Username>
<o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</o:Password>
<o:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">JY+mppXhcmr+Rl/kzURVoYKFKa4=</o:Nonce>
<u:Created>2015-03-18T09:43:26.248Z</u:Created>
</o:UsernameToken>
</o:Security>
</s:Header>
<s:Body>
<faxStatus xmlns="http://fax.po.ws.apps.oracle.xxdof/" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<arg0 xmlns="">0</arg0>
<arg1 xmlns="">1</arg1>
<arg2 xmlns="">2</arg2>
<arg3 xmlns="">3</arg3>
<arg4 xmlns="">4</arg4>
<arg5 xmlns="">5</arg5>
</faxStatus>
</s:Body>
</s:Envelope>
Can you please point me what I am missing here
thanks
wasimHi,
In the Sample SOAP, the username and password are weblogic and
weblogic1. But the request you are sending are
username
and password which are not the authenticated account.
You need make sure that the username and password you passed are authenticated
account. -
Installation issue: Authentication: AWS for Windows NTLM returns error
We are rebuilding our STG with Plumtree 5.0.4. After I installed Optional Enterprise Web Components, the Authentication: AWS for Windows NTLM returns error. I am wondering if anyone has the similar experience and could help to fix the issue. I have located error with the virtual directory but unable to fix it.
<b>Symptons</b>
When try to access
http://servername/ntaws/RemoteSynchService.asp, got 404 page/folder not found error.
<b>Log Error:</b>
The message returned from the IIS creation of virtual directory ntaws on the Default Web Site
web site for D:\Program Files\plumtree\ptntaws\5.0\webapp\ntaws\www is:
<message>
Error
Error
</message>
<b>Solution Tried:</b>
1. Manually Create the virtual directory - didn't work
2. Reinstalled the Optionsal web service AWS portal, and re-migrate the ntaws.pte - didn't work.
I appreciate your help.
Hao Pan
[email protected]from bi_server.out:
default etypes for default_tkt_enctypes: 17 23 3 1 23.
Pre-Authenticaton: find key for etype = 3
AS-REQ: Add PA_ENC_TIMESTAMP now
>>> EType: sun.security.krb5.internal.crypto.DesCbcMd5EType
>>> KrbAsReq calling createMessage
>>> KrbAsReq in createMessage
>>> KrbKdcReq send: xxxx timeout=30000, number of retries =3, #bytes=270
>>> KDCCommunication: kdc=xxxx #bytes=270
>>>DEBUG: TCPClient reading 106 bytes
>>> KrbKdcReq send: #bytes read=106
>>> KrbKdcReq send: #bytes read=106
>>> KdcAccessibility: remove xxxxx
>>> KDCRep: init() encoding tag is 126 req type is 11
>>>KRBError:
sTime is Wed Apr 15 13:32:41 EDT 2015 1429119161000
suSec is 553936
error code is 14
error Message is KDC has no support for encryption type
realm is xxxx
sname is krbtgt/xxxxx
msgType is 30
[Krb5LoginModule] authentication failed
KDC has no support for encryption type (14)
Any insight??? -
Hi,
We are trying to get iPads working with one time passwords, WPA2, PEAP-GTC (safeword token cards). The initial authentication works fine in this setup but if the iPAD is put to sleep we run into issues authentication when it wakes up. It looks like it tries to re-use the safeword one time pass and ends up locking the safeword card because to too many invalid tries. Is there any way around this?
Thanks,
GregThe only solution I can think of - is to set the iPad preferences to sleep never.
-
NBC Sports Live Extra sign in issue
Hello,
I have a login issue with the NBC Sports Live Extra app on my ipad.
I tried to watch Stanley Cup playoff games. After signing in with my Verizon login I got an error message saying that I could not get access to the content because subsription to the Golf channel was required. I don't have the Golf channel, my TV package is Prime HD but it does have the NBC Sports network which broadcast the NHL.
Has anyone else the same issue?
Thanks for your help,
DavidI am continously having this same issue. Everything works fine on the website, so it isn't a credentailing issue.
PLease help! -
Sign on for NBC Olympic premium content
At nbcolympics.com they have live coverage of some events - but require you to sign on to you current provider. FIOS is an option - but I can't seen to sign on to my account.... Anyone else having the same issue?
Solved!
Go to Solution.Hi folks --
I hate to bust into a thread that's already labeled solved, especially after it was moved to the FiOS TV board. Mods, please feel free to move this post if that would be more appropriate -- this seems to be the only discussion of the NBC Olympic premium content.
Brian couldn't sign in to the NBC Olympics video participating cable/satellite/IPTV paywall with his Verizon FiOS log-in. But my problem is one step back. I have Verizon High Speed Internet (FiOS isn't available in my area), and that isn't even an option on the list of providers.
The thing is, this Verizon press release ((http://newscenter.verizon.com/press-releases/verizon/2010/verizon-brings-customers-nbc.html) says that Verizon High Speed Internet customers are supposed to have access to the premium Olympics video.
(The relevant bit: “Verizon's FiOS Internet and High Speed Internet customers will have access to more than 400 hours of live event competition and more than 1,000 hours of on-demand access to full-event replays from Vancouver, as well as extensive highlights such as event recaps, best-of montages, commentator analysis and athlete-specific clips.")
I tried a chat with Verizon tech support -- useless. I also had a long phone call with customer service; an agent called David did his best but couldn't find out what the story is.
So -- I'd be very grateful if someone can tell me if Verizon High Speed Internet customers are getting access to the premium video -- and if not, why not. (PS -- I don't believe that it's slow download speeds, since NBC claims that users will have a "good" experience even with download speeds as slow as 900Kbps).
Liv -
How do I use my own Custom Auth/Authentication/Entitlement (Token)?
[ Background ]
Adobe Access DRM provides for 3 authentication mechanisms:
Anonymous - Licenses are issued irregardless on if there is/isn't a valid authentication token attached to the license request.
UsernamePassword - Licenses are ONLY issued if the license request has a valid Adobe-Access-Server-Issued authentication token.
Custom - Licenses are ONLY issued if there is a valid cusom authentication token attached to the license request.
Typically, customers already have some authentication scheme in place and choose to re-use that system, instead of leveraging Adobe Access' built-in usernamePassword support. For this to succeed, accomodations must be made during packaging time, on the client device, and at the Adobe Access license server endpoint.
[ More Background ]
Here's a forum thread that prompted this thread: http://forums.adobe.com/message/5085330#5085330
[ Recipe ]
1. Adobe Access DRM Policy is created that specifies a "custom" authentication token. As of Adobe Access 4.0, the tools that ship with the Java SDK cannot create a DRM policy with "custom" authentication out the box; a small Java application will have to be written to do this, which is covered in the thread posted above.
2. Content is packaged using this custom_auth policy.
3. Client device performs authentication via whatever channel already exists for you to perform authentication (e.g. SAML tokens, etc...)
4. Client device sets the authentication token: DRMManager.setAuthenticationToken()
5. Client device attempts to acquire a license for the content created in step #2: DRMManager.loadVoucher();
5a) Because step #4 set the authentication, all license requests going forward will automatically have this custom auth token appended to it
6. License server receives request & extracts custom auth token to parse & perform additional entitlement checks
7. Licnese server generates a license to return to client device.
[ Server Code Snippet (RefImplLicenseReqHandler.java) ]
try {
ServletInputStream in = request.getInputStream();
ServletOutputStream out = response.getOutputStream();
HandlerConfiguration context = super.getHandlerContext();
ServerCredential licenseServerCred = getLicenseParams().getLicenseServerCred();
licenseHandler = new LicenseHandler(context, in, out, licenseServerCred);
licenseHandler.parseRequest();
List<? extends LicenseRequestMessage> requests = licenseHandler.getRequests();
// Multiple request in one message is not supported in FAXS 2.0 or 3.0 client.
for (LicenseRequestMessage licenseReq : requests) {
try {
// TODO: If custom authentication is specified in the DRM policy, here is where
// you can retrieve the custom authentication token and perform custom parsing to
// determine further business rules and entitlement before issuing a license.
// The "Custom Authentication" will look like:
// 1. Client device obtains auth token using some other channel
// 2. Client device sets auth token by calling DRMManager.setAuthenticationToken()
// 3. Client makes a license request by calling DRMManager.loadVoucher()
// 4. Adobe Access Server receives request and:
// 4a) Determines Custom Auth is required by DRM Policy: licenseReq.getContentInfo().getContentMetadata().getPolicies()[0].getLicenseServerInfo(). getAuthenticationType();
// 4b) Retrieves Custom Auth token for custom parsing/handling: licenseReq.getRawAuthenticationToken()
// 5. If there are no errors when parsing the custom token, Adobe Access Server generates a license.
V2ContentMetaData metadata = licenseReq.getContentInfo().getContentMetadata();
ApplicationProperties applicationProperties = null;
String usageModelString = null;
if (metadata != null) {
applicationProperties = metadata.getCustomProperties();
if (applicationProperties != null) {
usageModelString = applicationProperties.getSingleValueAsUTF8String(DEMOMODE);
cheers,
/Eric.Google Search: '''firefox create a persona'''
* '''Personas for Firefox''' | How to Create Personas<br>https://www.getpersonas.com/en-US/demo_create
* '''Personas for Firefox''' | Frequent Questions<br>http://www.getpersonas.com/en-US/faq
* '''Personas for Firefox''' | Getting Started<br>http://www.getpersonas.com/en-US/getting_started
'''I think you'd have a lot more fun with Styles though''', personas tend to hide things on toolbars, styles can be more helpful (or just as bad)
* '''Stylish''' :: Add-ons for Firefox<br>https://addons.mozilla.org/en-US/firefox/addon/stylish/
* '''Restyle the web with Stylish!''' - userstyles.org<br>http://userstyles.org/
* '''Scrollbar Context Menu''' - Themes and Skins for Browser - userstyles.org<br>http://userstyles.org/styles/54
* '''Scrollbar Menu''' - Themes and Skins for Browser - userstyles.org<br>http://userstyles.org/styles/52
* '''Link Warning''' - Themes and Skins for Mozilla - userstyles.org<br>http://userstyles.org/styles/1301
* '''Tabs, Enlarge list-all-tabs button''' - Themes and Skins for Browser - userstyles.org<br>http://userstyles.org/styles/18553
* '''Tabs Bar Minimal Size''' - Themes and Skins for Browser - userstyles.org<br>http://userstyles.org/styles/9043
* '''Tab Color Underscoring active/read/unread (Fx3.6)''' - Themes and Skins for Browser - userstyles.org<br>http://userstyles.org/styles/24728 -
We have a Cisco AP 1200 that has been configured with the standard config. Users have no issues authenticating and associating with the AP, however, they can't seem to print from it. They can print with a wired connection and I can ping the printer from the AP. Can you anyone pls help? The
Thanks.If you can't ping the printer from the wireless station, then it is a vlan issue. You might have your backbone network setup so you can ping everything on your network, i.e. you can ping the printer from the access point. However, a ping from the computer would fail. Check your vlan setup or let me know if you can ping from the wireless clients.
Thanks,
Alex -
Apple Remote Desktop 3.4 issue
Hi there,
In Apple Remote Desktop 3.4 server I added a client computer by doing a scan by IP. Once the computer was added to a group I was able to take remote control, however after a few minutes I noticed the ARD console was having issues authenticating to it (Even though I authenticated properly to get the machine in ard). The ARD console was reporting that the computer was offline, but I was still able to observe and take control of the machine.
I then noticed that the MAC address was the incorrect address. It was displaying another computer mac address that is on campus.
My question: is ARD getting the Ethernet ID/MAC address from DHCP? WINS? DNS? Open Directory? LDAP? or from the client it's self? or do I have corruption in my ARD database?
I am seeing this on a hand full of computers around campus (out of 500+ computers)
(If I remove the client - the same thing occurs)Yes I've tried to ping the IP address and I get a reply.
I've just discovered this morning that the issue appears to be with Apple remote desktop.
The issue came up again this morning...I ended up shutdown ARD completely then loaded it back up, and guess what! The MAC address was showing up properly. I've discovered this is working for SOME of my issues. For the ones that weren't displaying properly I deleted the computer account out of ARD and then manually added the computer though a scanner import via single network address. The scanner finds the computer and it displays the correct Ethernet ID.
So I’m guessing there is a bug with ARD and its mixing up/displaying the wrong Ethernet ID of some machines....
Q -
Can anybody explain what is support for ADF Project and to solve the Issues
Hi,
I am new to ADF and i am currently associated to ADF Support Project.
Can anybody explain what is support for ADF Project and to solve the Issues when the ADF Project is in Live.
we are getting the Tickets for the Issues.
Thanks in advance.I agree with Timo.
It depends on the size of the project, user base, technologies, etc. We use lot of technologies in fusion middleware stack. We get tickets in many areas.
In your case, it could be anything like user training issues (user may not know how to use the some system features), browser issues like blank screen, bugs in code like JBO errors (failed to validate, another user has changed row, failed to lock the record, NullPointerException, IllegalArgumentException etc), business logic issues, page may not render properly, performance issues, partial commit issues, application server issues, authentication issues. If you use web services you might get web services related problems. -
Wirelss AP1140 Radius authentication with Microsoft IAS
Hi,
I have a Cisco C1140 Ap. I have cnfigured the device. Initially for testing i used WPA and authenticated locally. I have now setup a radius server and added my AP in as a client etc. I have changed my SSID's to authenticate with the radius server and i am having issues authenticating.
I can connect via a PC and an iphone. They say that i am connected but i get no ip address and the debugs state that the authentication fails:
000466: Sep 5 14:33:07.074 AEST: %DOT11-7-AUTH_FAILED: Station 40a6.d967.8b13 Authentication failed
000467: Sep 5 14:33:28.368 AEST: %DOT11-7-AUTH_FAILED: Station bc77.3771.b15f Authentication failed
000468: Sep 5 14:33:39.837 AEST: %DOT11-7-AUTH_FAILED: Station 40a6.d967.8b13 Authentication failed
I can see the Radius server as connected
imc-syd-ap1#show aaa servers
RADIUS: id 4, priority 1, host 10.10.0.2, auth-port 1645, acct-port 1646
State: current UP, duration 4337s, previous duration 0s
Dead: total time 0s, count 0
Authen: request 0, timeouts 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Author: request 0, timeouts 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Account: request 0, timeouts 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Elapsed time since counters last cleared: 1h12m
The debugs show:
000474: Sep 5 14:36:00.969 AEST: %DOT11-7-AUTH_FAILED: Station bc77.3771.b15f Authentication failed
000475: Sep 5 14:36:01.485 AEST: AAA/BIND(00000109
show dot11 associations:
imc-syd-ap1#show dot11 associations
802.11 Client Stations on Dot11Radio0:
SSID [IMC-Wireless-Data] :
MAC Address IP address Device Name Parent State
bc77.3771.b15f 0.0.0.0 ccx-client DAVID self AAA_Auth
Any ideas or recomendations would be greatly appreciated
Thanks
Below is a copy of my wireless config:
version 12.4
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname xxxxxxxxxxxxxx
logging buffered 40960 debugging
enable secret 5 xxxxxxxxxxxxx
aaa new-model
aaa group server tacacs+ IMC
server 172.16.100.3
aaa group server radius AUTHVPN
server 10.10.0.2 auth-port 1645 acct-port 1646
server 10.11.0.24 auth-port 1645 acct-port 1646
aaa authentication login default group IMC local enable
aaa authorization exec default group IMC local if-authenticated
aaa session-id common
clock timezone AEST 10
clock summer-time AEDT recurring 1 Sun Oct 2:00 1 Sun Apr 3:00
no ip domain lookup
ip domain name imc.net.au
dot11 syslog
dot11 ssid IMC-Wireless-Data
vlan 10
authentication open eap AUTHVPN
authentication network-eap AUTHVPN
guest-mode
mbssid guest-mode
infrastructure-ssid optional
information-element ssidl
dot11 ssid IMC-Wireless-Voice
vlan 14
authentication open eap AUTHVPN
authentication network-eap AUTHVPN
mbssid guest-mode
information-element ssidl
dot11 aaa authentication attributes service login-only
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode wep mandatory
ssid IMC-Wireless-Data
ssid IMC-Wireless-Voice
antenna gain 0
mbssid
station-role root
interface Dot11Radio0.10
encapsulation dot1Q 10 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio0.14
encapsulation dot1Q 14
no ip route-cache
bridge-group 14
bridge-group 14 subscriber-loop-control
bridge-group 14 block-unknown-source
no bridge-group 14 source-learning
no bridge-group 14 unicast-flooding
bridge-group 14 spanning-disabled
interface Dot11Radio1
no ip address
no ip route-cache
encryption mode wep mandatory
ssid IMC-Wireless-Data
ssid IMC-Wireless-Voice
antenna gain 0
no dfs band block
mbssid
channel dfs
station-role root
interface Dot11Radio1.10
encapsulation dot1Q 10 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio1.14
encapsulation dot1Q 14
no ip route-cache
bridge-group 14
bridge-group 14 subscriber-loop-control
bridge-group 14 block-unknown-source
no bridge-group 14 source-learning
no bridge-group 14 unicast-flooding
bridge-group 14 spanning-disabled
interface GigabitEthernet0
description IMC-Wireless-Data
no ip address
no ip route-cache
duplex auto
speed auto
no keepalive
interface GigabitEthernet0.10
description IMC-Wireless-Data
encapsulation dot1Q 10 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface GigabitEthernet0.14
description IMC-Wireless-Voice
encapsulation dot1Q 14
no ip route-cache
bridge-group 14
no bridge-group 14 source-learning
bridge-group 14 spanning-disabled
interface BVI1
description IMC-Wireless-Data
ip address 10.10.0.245 255.255.255.0
no ip route-cache
ip default-gateway 10.10.0.254
ip http server
ip http authentication local
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
access-list 111 permit tcp any any eq telnet
access-list 111 permit tcp any any eq www
access-list 111 permit tcp any any eq 22
snmp-server community public RO
snmp-server enable traps tty
tacacs-server host 172.16.100.3 key 7 xxxxxxxxxxxxxxxxxxx
tacacs-server directed-request
radius-server host 10.10.0.2 auth-port 1645 acct-port 1646 key 7 xxxxxxxxxxxxxxxxxxx
bridge 1 route ip
wlccp wds aaa authentication attributes service login-only
line con 0
line vty 0 4
access-class 111 in
exec-timeout 5 0
line vty 5 15
access-class 111 in
exec-timeout 5 0
sntp server 10.10.0.254
endInside the ssid, when you put "authentication open" it's an eap_method that follows. You put your AUTHVPN aaa server group name. that's wrong.
aaa authentication login group AUTHVPN
and adjust your "authentication open eap " to match with that method name.
Also your group authvpn contains a 2nd server that is undefined in yoru global config ...
Nicolas -
LDAP issue after upgrading to SP15 from SP7 for CUP 5.3
Hello,
We have recently upgraded our Sandbox from SP 7 to SP15 on GRC 5.3 and Now having issues authenticating users using LDAP.
The connections and settings are exactly same as our Dev system which in on SP7 and the connection also says successful but when we go onto the request page and type in an id it says invalid credentials.
Am i missing something or is there a special procedure after upgrade .
Thanks
UdayHello Frank,
Thanks for the reply.I forgot to do it and as you said once i performed those steps it actually solved my password reset link issues as it was erroring out with 500 error and now it is working fine .
But to fix LDAP issue SAP has a note which says after SP13 we don't need to fill in the user path field while creating LDAP connector.
Thanks
Uday -
Hi All,
As per the EIGRP Authentication steps:
Key chain configuration steps:
A) First we need to configure key chain in global configuration mode.
B) Under key chain we need to configure key number. Key number must be match on both side of router and should be active. If multiple key numbers configure on router, then router select lowest number for authentication.
C) Once you configure key number you need to issue authentication string.
Suppose if have a key chain have two key identifiers in R1 and in R2 like below ..will it work ?
R1 - Key chain one
Key 1
key-string cisco
key 2
key-string admin
and in R2 - Key chain two
key 10
key-string cisco
key 15
key-string admin
And also what is use / need for more than one key identifier in a key chain ..how eigrp will process this
Regards,
GanHi kazim,
Just to make me understand, just in case if i am not configuring any life time value for a key string, then the lowest value key identifier sting is considered as the Key string for authentication.
R1
Key chain one
Key 1
Key-string cisco ( this is key value will be considered by the eigrp packets for authentication) -- Sending EIGRP messages: Use the lowest key number among all currently valid keys.
Key 2
Key-sting admin
Suppose in R2 ....
I configured as below
Key chain two
Key 10
Key-string admin
Key 15
Key-sting cisco
So in the above the case the received EIGRP packets can be checked with the all the key identifiers / it will be only check the least valu key identifier value alone. - Receiving EIGRP message: Check the MD5 digest using ALL currently valid keys for match.
Regards,
Gan -
Today I am having issues authenticating as an owner for my
room. I am confident that the username and password is correct and
was previously working. It also seems to work fine with the
AFCSDevConsole.
Here's the message I get:
[SWF]
Users:stefan:Desktop:CocomoSDK_0.91:examples:SharedCollection:bin-debug:SharedCollectionE xample.swf
- 1,164,600 bytes after decompression
AFCS Beta Build # : 0.91
requestInfo
http://connectnow.acrobat.com/flashcomguru/demoroom?mode=xml&x=0.4336960185319185
getMeetingInfo: status=0
Getting FMS at
https://na2.connectnow.acrobat.com/fms?ticket=153pgl0yo7l10,
attempt #1/3
result: <fms>
<origin>fms5.acrobat.com</origin>
<proto_ports>rtmps:443</proto_ports>
<retry_attempts>2</retry_attempts>
</fms>
#FMSConnector# Sat Feb 28 21:24:11 GMT+0000 2009 protocols:
[object ProtocolPortPair]
#FMSConnector# Sat Feb 28 21:24:11 GMT+0000 2009 [attempt 1
of 2] Connecting to 0/0:
rtmps://fms5.acrobat.com/cocomo/na2-sdk-bc8c04f1-df86-4669-a205-550fc23851af/demoroom
#startProtosConnect#
#FMSConnector# Sat Feb 28 21:24:12 GMT+0000 2009
tempNetStatusHandler 0/1,NetConnection.Connect.Success
#FMSConnector# Sat Feb 28 21:24:12 GMT+0000 2009 isTunneling?
false
#FMSConnector# Sat Feb 28 21:24:12 GMT+0000 2009 is using
RTMPS? true
RECEIVED LOGIN AT SESSION
.user descriptor from server [object]
.affiliation [number]= 5
.role [number]= 10
.displayName [string]= stoem
.userID [string]= GUEST-E1B8C4D6-8E4F-4532-B219-D49A13DB3140
RECEIVENODES UserManager
receiveAllSynchData UserManager
RECEIVENODES FileManager
receiveAllSynchData FileManager
checkManagerSync:[object FileManager]
RECEIVENODES AVManager
receiveAllSynchData AVManager
checkManagerSync:[object StreamManager]
RECEIVENODES RoomManager
receiveAllSynchData RoomManager
checkManagerSync:[object RoomManager]
checkManagerSync:[object UserManager]
RECEIVENODES _dataSharedModel
receiveAllSynchData _dataSharedModel
I think there are two problems here. Firstly I think I should
authenticate as an owner with the credentials I pass. However maybe
this is a temporary glitch with the service.
The second issue (regardless of whether or not there is an
issue with the service atm) is that I think the service should
alert me of the fact that authentication failed. Simply logging me
on to the room as Guest seems wrong as I am assuming that
authentication succeeded using the credentials I passed, yet they
did not and my role was downgraded which is not obvious to spot.
Hope this makes sense.
Regards,
StefanHi Stefan,
Likely the problem here is that you've gotten a session
established as a guest, and your browser is holding on to it, and
sending those session credentials no matter what. Try clearing
sessions or re-starting your browser. We're trying to figure out
how to avoid this for developers, but at least the good news is
that your users should pretty much never hit this issue.
thanks
nigrl
Maybe you are looking for
-
New fonts look fine in Font Book don't work in apps
I need someone's help. I understand that to install new fonts I can either bring them into my font book (and chose whether they apply to a user or to the system) or can drag them directly into library/fonts or user/library/fonts. I am looking for som
-
Hi, I've had a MacBook Pro since January 2013 and and Epson 610 series printer-scanner-fax for several years. I may be replacing the printer. For my purposes (printing some articles from the internet, Word documents, book reports, and some PHOTO QUAL
-
Missing Fonts in Photoshop CS4
I opened an existing CS2 photoshop file in CS4 and I get a missing font error. The font that it can't find is on my system. How do I "add" this font so PS can see it? Thanks.
-
Not able to create New BI Semantic Model Connection
Hi, I am facing some issues in creating BI Semantic Model connection,It says below Error. <contenttemplate> There were errors found while validating the page: Cannot connect to the server or database. Please help me to fix these Error. </contenttempl
-
Bluetooth car hands free problem
Can pair with both cars (Prius and Lexus), but no audio during phonecalls. Playback media through Bluetooth is no problem. Any solution?