Kerberos - tampering with ticket cache

Similar Messages

• Windows xp ticket cache read causes crash

  UPDATE Old title: Error calling function Protocol status: 1312 FormatMessage failed with 1815<br>
  <br>
  I have written an application that authenticates to kerberos using the KerberosLoginModule. It used to work fine on all OS�s. (Windows 98, 2k, xp and Linux tested.)<br>
  Now I have upgraded my application to java 1.5 code. And it still works fine on all tested OS�s, except Windows xp. Wich in first case does not even throw�s a error. It just exits in javaws. If I run it manually with java -jar I get the following output:<br>
  <br>
  Error calling function Protocol status: 1312<br>
  FormatMessage failed with 1815<br>
  <br>
  UPDATE:<br>
  After some more messing around I found out it craches because it want to read the ticket cache.<br>
  Now I can understand there are some differences in ticket cache versions, but then java could choose not to read the ticket, like under linux. But why does it crash under Windows XP if it only try's to read a ticket? <br>
  Now I can only choose between no ticket cache at all on all os's, or to build in a Windows XP filter for the ticket cache option. <br>
  Both not very good solutions. Why is this and how can it be solved?<br>
  <br>
  Message was edited by: <br>
  [email protected]

  The meeting was quite successful as I can obtain a a ticket from the Win2k KDC now by Acquire TGT using AS Exchange (I have to enter my logon username/password because we have a Novell Logon and not WinLogon...) which results in Commit Succeeded.
  But the ticket is not stored in the Windows XP credential/ticket cache, klist tgt says "Error calling function LsaCallAuthenticationPackage: 0
  Format message failed with 1815", klist tickets says "Cached tickets: (0)" and kerbtray is empty!
  And I stll receive the same error messages as mentioned earlier: "Error calling function Protocol status: 1312
  Eine angegebene Anmeldesitzung ist nicht vorhanden. Sie wurde gegebenenfalls bereits beendet."
  Do you have any suggestions/ideas what could be wrong with my system/configuration?
  Message was edited by:
  Santacruzshores
  Message was edited by:
  Santacruzshores

• Kerberos authentication with Apache Kerberos Module

  Hi,
  Using the Java GSS tutorials, I have been able to create code to successfully authenticate with our KDC server or from a local ticket cache.
  However, I have been unsuccessful in using the obtained credentials to perform client authentication with a web server running Apache using Kerberos for authentication (mod_kerberos).
  I have tried to use an SSLSocket to connect to the server, which works fine. To request a page that requires client side authentication, I have passed the necessary client headers, over the socket connection e.g.
  GET: http://www.myhost.com/protected_page.html
  HOST: www.myhost.com
  AUTHENTICATE: negotiate XXXXX
  However, I do not know what to put in place of XXXXX. Using some PHP code and Firefox, I have been able to observe what Firefox is passing to the web server to perform client side authentication. It is clearly passing a base64 encoded string, which is related to the cached Kerberos credentials.
  Can anyone tell me, how I can use Java and GSS to perform client side authentication with an Apache web server that is using the Kerberos authentication module? I know it is possible to do so using SPEGNO in a Windows environment, but this is a Linux/Unix environment, so it is not an option.
  Thanks for any help or advice,
  Neil.

  Here are your options:
  1) Configure Krb5LoginModule programmatically.
  If the environment variable KRB5CC_NAME points to the ticket cache location,
  (which is updated each time), you can configure the Krb5LoginModule
  programmatically and set the "ticketCache" option to the value obtained
  from KRB5CC_NAME.
  Refer to following docs for details:
  http://java.sun.com/j2se/1.5.0/docs/guide/security/jgss/tutorials/LoginConfigFile.html
  http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html
  http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/AppConfigurationEntry.html
  2) Use native Kerberos from the platform
  Java SE 6 provides support for native GSS/Kerberos on Solaris/Linux platforms.
  NOTE: If native GSS/Kerberos on your platform does not have support for SPNEGO,
  you will not be able to use this option.
  For details refer to following docs:
  http://download.java.net/jdk6/docs/technotes/guides/security/jgss/jgss-features.html
  Seema

• SSL Init failed: Keystore was tampered with, or password was incorrect

  Hi all,
  I encountered the following error while I try to get the output stream to write out the content into an HTTPS connection.
  java.net.SocketException: Default SSL context init failed: Keystore was tampered with, or password was incorrect
       at javax.net.ssl.DefaultSSLSocketFactory.createSocket(Unknown Source)
       at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
       at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
       at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
       at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)Below is my code to achieve the sending of the content to the HTTPS connection.
  public void sendMessage(Properties headers, byte[] content) throws Exception
      try
        addRequestHeaders(headers);
        _conn.setRequestMethod("POST");
        _conn.setDoInput(true);
        _conn.setDoOutput(true);
        OutputStream os = _conn.getOutputStream();//this line lead to the exception
        os.write(content);
        _respCode = _conn.getResponseCode();
        _respMsg = _conn.getResponseMessage();
      catch (IOException ex)
        throw ex
    }Due to the server is deployed in clustered env, I have put the truststore and keystore in a shared folder which allows the nodes to access. Thus in my code I have set the truststore, keystore location and the truststore, keystore password in the System properties as follow.
        System.setProperty("javax.net.ssl.keyStore", getKeyStore());
        System.setProperty("javax.net.ssl.keyStorePassword", getKeyStorePass());
        System.setProperty("javax.net.ssl.trustStore", getTrustStore());
        System.setProperty("javax.net.ssl.trustStorePassword", getTrustStore());The getKeyStore() and getTrustStore() will be returned the path to the shared folder which contain the truststore/keystore respectively.
  The keystore tampered error only happened intermitently. I am sure that my keystore and truststore password is set correctly.
  Could I know that is the keystore designed in a way that it can be accessed by multiple thread? will there be any file locking on the keystore while two thread trying to init the HTTPS and eventually cause the keystore tampered problem?
  Thanks

  In my case, I am certain that all fields are correct, because the code works half the time. The thing is my code is running inside Tomcat (as a servlet); I am noticing that whenever I update my Jar with any code change and restart Tomcat, I am hitting this issue intermittently. Another update-and-restart sometimes solves the problem & my connection establishment is successful.
  There are 2 key things I would like to know:
  1) Difference b/w the exception messages "<span class="jive-subject"> Keystore was tampered with, or password was incorrect
  " and " failed to decrypt safe contents entry ".
  2) Whether any caching is going on because of Tomcat being in the picture (although I am not at all sure why this should happen).
  Would love to get through with this ASAP. Please let me know your thoughts if any.
  Thanks,
  Vivek

• Cannot install Mac OS X lion because when installing I recieved the following message:The software could not be verified. It may have been corrupted or tampered with during downloading"  What can I do

  I have not been able to install Max OS X Lion because in the process the following message was displayed:
  "THE SOFTWARE COULD NOT BE VERIFIED. IT MAY HAVE BEEN CORRUPTED OR TAMPERED WITH DURING DOWNLOADING"
  How can I solve this?
  Note: I trashed the download and tried re-downloading but this effort was unsuccessful.

  Since writing my original post I decided to send the following message to Mac App Store Customer Support:
  "I have had to download this file from the app store at least ten (10) times. I try to install the file but I keep getting the message "The software could not be verified. It may have been corrupted or tampered with during downloading."
  I then delete the same file and try another attempt at a different time of day. Most recently following Apple Support's advice I contacted my ISP to clear the file cache but they could only clear my browser cache. I have deleted my com.apple.appstore. folder which contains app store cache,  also com.apple.appstore.plist and tried again to no avail. I have wasted hours doing all this and I now want my money back please. You can keep this software update until you release it on disk like Snow Leopard which installed like a dream. I'm very disappointed with Apple that they expect the purchaser to do all the work trying to diagnose their software installation issue. Nice idea but poorly executed has been my experience."
  I received this message which has confirmed my refund request:
  Julia here from the iTunes Store. I understand that you received an error message and have been unable to install OS X Lion. I know how eager you must be to have this resolved, and I will be happy to help in any way that I can.
  Please accept my sincere apologies for the frustration this download has caused. Since you were unable to enjoy this purchase, I have gone ahead and issued a refund. In five to seven business days, a credit of £20.99 should be posted to the credit card that appears on the receipt for that purchase.
  If you have any other questions or concerns regarding this issue, please reply so I can assist you further. Thank you for being an iTunes Store customer.
  Sincerely,
  Julia
  iTunes Store/Mac App Store Customer Support
  Perhaps I'll wait for a disk to become available or see if a download to a pen drive at an Apple store is possible.

• Mountain lion copy was tampered with or corrupted

  Taking all day to install ML on my Early 2011 MBP.
  Here are my specs:  120 GB Cherryville Intel SSD + 500 GB WD Scorpio Blue in the optical bay.
  Wanted to do a fresh install of ML over Lion but that didn't go well.  After formatting my SSD and trying to install from 8 GB Flash Drive (mounted and formatted to InstallESD.dmg) it said "Could not download all needed packages" or something like that.  Tried 6 times.  Luckily I had my original HDD still with all my old stuff on it.  I booted from that and downloaded Lion again.  After installing Lion, now it says "ML copy was tampered with or corrupted, delete this copy and download from App Store".  I have done this like 6 times and still getting the same error message!  Yes, I have fixed disk permissions and verified the disk, cleaned the cache and still won't go. 
  Any help would be appreciated.

  I encountered the same error "…can't be verified…" error on my 2010 MBP too. Tried six times and finally I could get it installed. Here's what I did:
  Went to "Users & Groups" in System Preferences, checked that the Apple ID specified for the current user is the same Apple ID I used in the download purchase of ML from the App Store.
  Rebooted in Safe Mode.
  Went to Disk Utility -> Repair Disk Permissions
  Downloaded ML at midnight (and the download was significantly faster!)
  Rebooted in Normal Mode.
  Ran the ML Installer.

• For some reason, all the webpages i go to starts in the middle of the firefox browser. i think my baby brother might have tampered with something.

  i took a trip for 3 weeks. i found out that the mozilla browser on my laptop always starts the webpages at the center so i can't reach any part of the left side of the webpage without zooming far out. the only possibility of it being a human interference would be my brother tampering with it while i was away. other than that, my computer seems untouched. i've downloaded and installed mozilla again and it still doesn't fix the problem. please help as it is getting annoying!

  -> Update ALL your Firefox Plug-ins https://www.mozilla.com/en-US/plugincheck/
  -> Tap '''ALT''' key or press '''F10''' to show the Menu Bar
  -> go to View Menu -> '''Zoom''' -> click '''Reset''' -> '''Page Style''' -> select '''Basic Page Style'''
  -> go to View Menu -> Toolbars -> unselect All Unwanted/Incompatible Toolbars
  -> go to Tools Menu -> Clear Recent History -> '''Time range to clear: select "EVERYTHING"''' -> click Details (small arrow) button -> place Checkmarks on '''Cookies, Cache''' -> click '''Clear Now'''
  -> go to Tools Menu -> Options -> Content -> place Checkmarks on:
  1) Block Pop-up windows 2) Load images automatically 3) Enable JavaScript
  -> go to Tools Menu -> Options -> Privacy -> History section -> '''Firefox will: select "Remember History"'''
  -> go to Tools Menu -> Options -> Security -> place Checkmarks on:
  1) Warn me when sites try to install add-ons 2) Block reported attack sites 3) Block reported web forgeries 4) Remember Passwords for sites
  -> go to Tools Menu -> Options -> Advanced -> Network -> Offline Storage (Cache): click '''Clear Now''' button
  -> Click OK on Options window
  -> Restart Firefox
  Check and tell if its working.

• I'm trying to use kerberos V5 with ActiveDirectory but get an error

  I'm trying to use kerberos V5 with ActiveDirectory im using simple code from previuos posts but
  when i try with correct username/password i get :
  Authentication attempt failedjavax.security.auth.login.LoginException: Message stream modified (41)
  when i try incorrect username/pass i get :
  Pre-authentication information was invalid (24)
  Debug info is :
  Debug is  true storeKey false useTicketCache false useKeyTab false doNotPrompt false ticketCache is null isInitiator true KeyTab is null refreshKrb5Config is false principal is null tryFirstPass is false useFirstPass is false storePass is false clearPass is false
  Kerberos username [naiden]: naiden
  Kerberos password for naiden:      naiden
            [Krb5LoginModule] user entered username: naiden
  Acquire TGT using AS Exchange
            [Krb5LoginModule] authentication failed
  Pre-authentication information was invalid (24)
  Authentication attempt failedjavax.security.auth.login.LoginException: Java code is :
  import javax.naming.*;
  import javax.naming.directory.*;
  import javax.security.auth.login.*;
  import javax.security.auth.Subject;
  import com.sun.security.auth.callback.TextCallbackHandler;
  import java.util.Hashtable;
  * Demonstrates how to create an initial context to an LDAP server
  * using "GSSAPI" SASL authentication (Kerberos v5).
  * Requires J2SE 1.4, or JNDI 1.2 with ldapbp.jar, JAAS, JCE, an RFC 2853
  * compliant implementation of J-GSS and a Kerberos v5 implementation.
  * Jaas.conf
  * racfldap.GssExample {com.sun.security.auth.module.Krb5LoginModule required client=TRUE useTicketCache=true doNotPrompt=true; };
  * 'qop' is a comma separated list of tokens, each of which is one of
  * auth, auth-int, or auth-conf. If none is supplied, the default is 'auth'.
  class KerberosExample {
  public static void main(String[] args) {
  java.util.Properties p = new java.util.Properties(System.getProperties());
  p.setProperty("java.security.krb5.realm", "ISY");
  p.setProperty("java.security.krb5.kdc", "192.168.0.101");
  p.setProperty("java.security.auth.login.config", "C:\\jaas.conf");
  System.setProperties(p);
  // 1. Log in (to Kerberos)
  LoginContext lc = null;
  try {
  lc = new LoginContext("ISY",
  new TextCallbackHandler());
  // Attempt authentication
  lc.login();
  } catch (LoginException le) {
  System.err.println("Authentication attempt failed" + le);
  System.exit(-1);
  // 2. Perform JNDI work as logged in subject
  Subject.doAs(lc.getSubject(), new LDAPAction(args));
  // 3. Perform LDAP Action
  * The application must supply a PrivilegedAction that is to be run
  * inside a Subject.doAs() or Subject.doAsPrivileged().
  class LDAPAction implements java.security.PrivilegedAction {
  private String[] args;
  private static String[] sAttrIDs;
  private static String sUserAccount = new String("Administrator");
  public LDAPAction(String[] origArgs) {
  this.args = (String[])origArgs.clone();
  public Object run() {
  performLDAPOperation(args);
  return null;
  private static void performLDAPOperation(String[] args) {
  // Set up environment for creating initial context
  Hashtable env = new Hashtable(11);
  env.put(Context.INITIAL_CONTEXT_FACTORY,
  "com.sun.jndi.ldap.LdapCtxFactory");
  // Must use fully qualified hostname
  env.put(Context.PROVIDER_URL, "ldap://192.168.0.101:389/DC=isy,DC=local");
  // Request the use of the "GSSAPI" SASL mechanism
  // Authenticate by using already established Kerberos credentials
  env.put(Context.SECURITY_AUTHENTICATION, "GSSAPI");
  env.put("javax.security.sasl.server.authentication", "true");
  try {
  /* Create initial context */
  DirContext ctx = new InitialDirContext(env);
  /* Get the attributes requested */
  Attributes aAnswer =ctx.getAttributes( "CN="+ sUserAccount + ",CN=Users,DC=isy,DC=local");
  NamingEnumeration enumUserInfo = aAnswer.getAll();
  while(enumUserInfo.hasMoreElements()) {
  System.out.println(enumUserInfo.nextElement().toString());
  // Close the context when we're done
  ctx.close();
  } catch (NamingException e) {
  e.printStackTrace();
  }JAAS conf file is :
  ISY {
       com.sun.security.auth.module.Krb5LoginModule required
  debug=true;
  };krb5.ini file is :
  # Kerberos 5 Configuration File
  # All available options are specified in the Kerberos System Administrator's Guide.  Very
  # few are used here.
  # Determines which Kerberos realm a machine should be in, given its domain name.  This is
  # especially important when obtaining AFS tokens - in afsdcell.ini in the Windows directory
  # there should be an entry for your AFS cell name, followed by a list of IP addresses, and,
  # after a # symbol, the name of the server corresponding to each IP address.
  [libdefaults]
       default_realm = ISY
  [domain_realm]
       .isy.local = ISY
       isy.local = ISY
  # Specifies all the server information for each realm.
  #[realms]
       ISY=
            kdc = 192.168.0.101
            admin_server = 192.168.0.101
            default_domain = ISY
       }

  Now it works
  i will try to explain how i do this :
  step 1 )
  fallow this guide http://www.cit.cornell.edu/computer/system/win2000/kerberos/
  and configure AD to use kerberos and to heve Kerberos REALM
  step 2 ) try windows login to the new realm to be sure that it works ADD trusted realm if needed.
  step 3 ) create jaas.conf file for example in c:\
  it looks like this :
  ISY {
       com.sun.security.auth.module.Krb5LoginModule required
  debug=true;
  };step 4)
  ( dont forget to make mappings which are explained in step 1 ) go to Active Directory users make sure from View to check Advanced Features Right click on the user go to mappings in secound tab kerberos mapping add USERNAME@KERBEROSreaLm for example [email protected]
  step 5)
  copy+paste this code and HIT RUN :)
  import java.util.Hashtable;
  import javax.naming.Context;
  import javax.naming.NamingEnumeration;
  import javax.naming.NamingException;
  import javax.naming.directory.Attributes;
  import javax.naming.directory.DirContext;
  import javax.naming.directory.InitialDirContext;
  import javax.naming.directory.SearchControls;
  import javax.naming.directory.SearchResult;
  import javax.security.auth.Subject;
  import javax.security.auth.login.LoginContext;
  import javax.security.auth.login.LoginException;
  import com.sun.security.auth.callback.TextCallbackHandler;
  public class Main {
      public static void main(String[] args) {
      java.util.Properties p = new java.util.Properties(System.getProperties());
      p.setProperty("java.security.krb5.realm", "ISY.LOCAL");
      p.setProperty("java.security.krb5.kdc", "192.168.0.101");
      p.setProperty("java.security.auth.login.config", "C:\\jaas.conf");
      System.setProperties(p);
      // 1. Log in (to Kerberos)
      LoginContext lc = null;
      try {
              lc = new LoginContext("ISY", new TextCallbackHandler());
      // Attempt authentication
      lc.login();
      } catch (LoginException le) {
      System.err.println("Authentication attempt failed" + le);
      System.exit(-1);
      // 2. Perform JNDI work as logged in subject
      Subject.doAs(lc.getSubject(), new LDAPAction(args));
      // 3. Perform LDAP Action
      * The application must supply a PrivilegedAction that is to be run
      * inside a Subject.doAs() or Subject.doAsPrivileged().
      class LDAPAction implements java.security.PrivilegedAction {
      private String[] args;
      private static String[] sAttrIDs;
      private static String sUserAccount = new String("Administrator");
      public LDAPAction(String[] origArgs) {
      this.args = origArgs.clone();
      public Object run() {
      performLDAPOperation(args);
      return null;
      private static void performLDAPOperation(String[] args) {
      // Set up environment for creating initial context
      Hashtable env = new Hashtable(11);
      env.put(Context.INITIAL_CONTEXT_FACTORY,
      "com.sun.jndi.ldap.LdapCtxFactory");
      // Must use fully qualified hostname
      env.put(Context.PROVIDER_URL, "ldap://192.168.0.101:389");
      // Request the use of the "GSSAPI" SASL mechanism
      // Authenticate by using already established Kerberos credentials
      env.put(Context.SECURITY_AUTHENTICATION, "GSSAPI");
  //    env.put("javax.security.sasl.server.authentication", "true");
      try {
      /* Create initial context */
      DirContext ctx = new InitialDirContext(env);
      /* Get the attributes requested */
      //Create the search controls        
      SearchControls searchCtls = new SearchControls();
      //Specify the attributes to return
      String returnedAtts[]={"sn","givenName","mail"};
      searchCtls.setReturningAttributes(returnedAtts);
      //Specify the search scope
      searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
      //specify the LDAP search filter
      String searchFilter = "(&(objectClass=user)(mail=*))";
      //Specify the Base for the search
      String searchBase = "DC=isy,DC=local";
      //initialize counter to total the results
      int totalResults = 0;
      // Search for objects using the filter
      NamingEnumeration answer = ctx.search(searchBase, searchFilter, searchCtls);
      //Loop through the search results
      while (answer.hasMoreElements()) {
              SearchResult sr = (SearchResult)answer.next();
          totalResults++;
          System.out.println(">>>" + sr.getName());
          // Print out some of the attributes, catch the exception if the attributes have no values
          Attributes attrs = sr.getAttributes();
          if (attrs != null) {
              try {
              System.out.println("   surname: " + attrs.get("sn").get());
              System.out.println("   firstname: " + attrs.get("givenName").get());
              System.out.println("   mail: " + attrs.get("mail").get());
              catch (NullPointerException e)    {
              System.err.println("Error listing attributes: " + e);
      System.out.println("RABOTIII");
          System.out.println("Total results: " + totalResults);
      ctx.close();
      } catch (NamingException e) {
      e.printStackTrace();
  }It will ask for username and password
  type for example : [email protected] for username
  and password : TheSecretPassword
  where ISY.LOCAL is the name of kerberos realm.
  p.s. it is not good idea to use Administrator as login :)
  Edited by: JOKe on Sep 14, 2007 2:23 PM

• Bought new, discovered it was tampered with or refurbished, now at a loss with horrible customer service and dead phone

  I'm wondering where to go after 2 weeks playing CS phone tag, started with a tech call reguarding Iphone 5, battery issue, tech ran test, batt is consumed, went thru warranty talk then to Apple, as to our surprise once the serial number was ran , I purchased a bran new refurbished and battery previously swapped out phone thru our corporate Ver store, warranty is invalid and new batt was 80$, Apple tech was shocked... I let that settle for a few days, and began the worst ordeal and crap show of customer service since, I've made numerous calls, 1st being with christopher, whom claimed he talked with his supervisor and I was patient, talked about that they wouldn't swap battery, but replace phone with a refurb phone, contract is up 2/03/2015 , exlplained it would be less hassle and givin the time frame to renew contract and do the upgrade now, pay the upgrade cost and whatever, we are good customers , never file claims, or issues with contracts, seems simples, I've now talked to approx 5 supervisors from ID, ky, al and whom have alllllll confrimed they have taken notes, processed requests and will call back in such time, as of 4pm dec 7th I am no where fast, contract can not be upgraded, one supervisor claimed they where no longer making the iPhone 5? And would allow for a upgrade once she talked to tech service, however a magical cold transfer and 40 more minutes of retelling this insaine story, he was then going call back on a dif number so the issue ph could be used, never got the call, however Matt in ID WHO claimed such sympathy for all the hassle then texted me saying he couldn't get thru on my number, however could text, and by a tech texting myself , such poor grammar and then stating we could only have the 5 and 6+ 's are on back order. Beyond fed up and stressed, almost 6 hours on the phone and 10 days of hassle , yet we still have a phone that dies at 70% ....I've never seen such a lack of responsibly or communication , seems supervisors are really good at making statements to appease each situation with out any documentation . Can't bring myself to call again and go thru the issue over and over again, meanwhile getting same responses (excuses) from every area I've spoke to. Guess now when I purchase Verizon items I call good Ol Apple and run the serial numbers to make sure the fancy kindalooksnewplastic isn't the 2nd re wrap and buy a phone that's been tampered with and makes your monthly insurance and warrantys invalid . Money well spent kudos CS ...and no I'm not hunting down anyone via Twitter , I'm sure there's notes on our account that this crazy person is out of patience and trying to see what other cell company we could change to . Merry Christmas

  To clarify , we haven't serviced nor replaced the consumed battery . It has been noted as per Apple running the serial number that PRIOR to my purchasing the device, it had the battery replaced. Undocumented in detail, but showed up in Apple reports as replaced. Therefor creates a much wider issue than consumed battery issue, now we have the fact that 1. I paid for a new iPhone 5 16g with a renewed 2 yr contract, pay monthly for insurance on the device, however being that it has been worked on, that voided the 1 yr warranty and possibly the extended insurance program warranty as well, my corperate store can't handle this issue, given the extent of details, I stopped there today, to double check my receipt for original purchase to see if there was a CPO listed on my receipt, that is when they informed me they didn't acttially sell them there, nor if I did I wouldn't have paid full contract price either. More details, more time wasted on Verizon, knowing you all won't read the "fine" print.

• How can I create a client console and work together with the Cache Server?

  How can I edit the following Cache-Server.cmd file to create a client console and work together with the Cache Server?
  The following is the cache server file: contacts-cache-server.cmd
  @echo off
  setlocal
  if (%COHERENCE_HOME%)==() (
  set COHERENCE_HOME=c:\coherence
  set CONFIG=C:\home\oracle\coherence\Contacts
  set COH_OPTS=%COH_OPTS% -server -cp %COHERENCE_HOME%\lib\coherence.jar;C:\home\oracle\
  coherence\Contacts;C:\home\oracle\coherence\Contacts\classes;
  set COH_OPTS=%COH_OPTS% -Dtangosol.coherence.cacheconfig=%CONFIG%\contacts-cache-config.xml
  java %COH_OPTS% -Xms1g -Xmx1g -Xloggc: com.tangosol.net.DefaultCacheServer %2 %3 %4 %5 %6 %7
  :exitEdited by: junez on 23-Oct-2009 09:20

  Hi
  To run the console, change DefaultCacheServer to CacheFactory
  Paul

• Genius says my numbers don't match and the phone has been tampered with. Can anybody help?

  I have an iPhone4S 64Gb, which I bought from the Apple Store in Covent Garden in December 2011. Recently it developed a problem where it won't shut down (it restarts itself) and the battery life has deteriorated significantly. Having read about this in this Forum, this seems to be a known issue, and a replacement is needed.
  Sure enough, the Genius Bar at Covent Garden took one look at it and wanted to replace it. But then there was a problem. Apparently, one of the serial numbers on the phone (the chassis) does not match the ones on sim tray and software. The Genius (Barry) and his manager (Adam) both said that this could only be a result of tampering or non-Apple servicing. They say the chassis part comes from a batch which originated in Bulgaria.
  What??!!
  My phone has not been touched by anybody but me since I bought it in December. There's no way I would let a non-authorised dealer touch it - I know full well that it would void the warranty, wouldn't trust it, and anyway I've always had a really good Genius Bar experience. More importantly, it's been fine - no need.
  So, what then? Their hypothesis is that somebody has tampered with my phone without my knowledge. As is probably true for many iPhone users, my phone is not far behind my wedding tackle in the extent to which I am attached to it, indeed it spends a lot more time in my hand and line of sight. The idea that somebody could have had access to my phone for long enough to have opened it up and resealed it, having changed parts, without my knowing, is completely absurd. I just don't believe it.
  And why would they? If you're going to steal a phone, then steal it. Barry's theory is that some people steal legitimate serial numbers in order to qualify for Apple servicing. Really? Wouldn't they still have a phone with mismatched serial numbers that Apple then wouldn't touch? It seems utterly far-fetched.
  In short, I have no idea how Apple managed to supply me with what appears to be a dodgy handset. Supply chain failure, admin failure, I don't know. I know that it hasn't been 'serviced' by anybody, but I can tell that Barry and Adam don't believe me. They believe that the fact of mismatched serial numbers are incontrovertible evidence of tampering. (I'm minded to point out that they opened up the phone out of my sight, hence becoming the only people with the opportunity - and expertise - to do exactly what they're alleging has been done).
  The issue is now with Corporate Customer Servcies. I'm not hugely optimistic.
  Has anybody out there experienced anything similar? Can anybody offer any theories (preferably without straying into corporate conspiracy fantasies) as to how the numbers may have become mismatched?
  Grateful for any help.

  I'm still in "recovery mode" after a huge fight with our local Applestore.
  About 6 weeks ago, my wife's 13 month old iPhone 4S developed the "won't turn off" fault and was replaced, out of warranty, for a fee of £139 and with a 90 day warranty.
  About two weeks after that we realised that there was a sound problem when trying to use Facetime (the person on the other end couldn't hear us) but as we have ipads in the household, we didn't immediately persue it and assumed it was down to some setting problem.
  Two weeks ago my wife was shooting some video with the phone, something we hadn't done before and on playback there was no sound.  We realised then that the phone probably had hardware issues and arranged to take it back to the store for repair or replacement.
  I wasn't anticipating any problem when they said that it was a hardware issue and assumed that a replacement would be supplied.
  They looked inside an found that a dozen screws were missing and all the EM shielding that's normally screwed in place was also missing.  On this basis, they refused to repair or replace.  Things got a little tense after that.
  I KNOW that we didn't remove any parts.  I find it impossible to believe that even if a third party had obtained access to my wife's phone, that they would have opened the phone, removed the screws and EM screens (including the one that has the QR code serial number), put it back together and then returned it to its original position.
  As I repeated ad nauseum to the manager of the store, the only possible other option was that the phone was supplied in that condition.  After an hour and a half of arguing, sometimes quite loudly and refusing to leave the store until they replaced the handset, they caved in.
  I don't believe that Apple quality control is 100% accurate.  In fact I'm sure that no manufacturer's QC is.  How our handset slipped through the net I don't know but it did.
  I don't know whether this story will help you in any way but I hope you get your problem resolved

• I am having trouble with the cache in bridge.  When i open I get a message saying bridge has encountered a problem reading the cache try purging in the central cache to correct the situation.  I did that but now when I try to get to the folders where my p

  I am having trouble with the cache in bridge.  When i open I get a message saying bridge has encountered a problem reading the cache try purging in the central cache to correct the situation.  I did that but now when I try to get to the folders where my photos are stored bridge never gets to where I can work.  The message appears "building criteria" and I get an endless loop on the lower left panel.  How do I correct?

  You correct it by leaving Bridge alone until it finishes rebuilding its cache, overnight if necessary.

• When I open my RAW files in Photoshop CC they are grainy and the JPEGS are not. What is going on? It doesn't seem to have anything to do with my CACHE levels either.

  When I open my RAW files in Photoshop CC they are grainy and the JPEGS are not. What is going on? It doesn't seem to have anything to do with my CACHE levels either.

  BOILERPLATE TEXT:
  Note that this is boilerplate text.
  If you give complete and detailed information about your setup and the issue at hand,
  such as your platform (Mac or Win),
  exact versions of your OS, of Photoshop (not just "CS6", but something like CS6v.13.0.6) and of Bridge,
  your settings in Photoshop > Preference > Performance
  the type of file you were working on,
  machine specs, such as total installed RAM, scratch file HDs, total available HD space, video card specs, including total VRAM installed,
  what troubleshooting steps you have taken so far,
  what error message(s) you receive,
  if having issues opening raw files also the exact camera make and model that generated them,
  if you're having printing issues, indicate the exact make and model of your printer, paper size, image dimensions in pixels (so many pixels wide by so many pixels high). if going through a RIP, specify that too.
  A screen shot of your settings or of the image could be very helpful too,
  etc.,
  someone may be able to help you (not necessarily this poster, who is not a Windows user).
  Please read this FAQ for advice on how to ask your questions correctly for quicker and better answers:
  http://forums.adobe.com/thread/419981?tstart=0
  Thanks!

• Can't get iphoto to work after tampering with library in Finder

  I think I made a big mistake when I tampered with the iphoto library in Pictures in Finder.
  Now I can't get iphoto to work. All the pictures are gone in iphoto, the spaces are there but they are blank.
  When I open iphoto it goes into the mode (little spinning wheel appears) where I have to "force quit".
  Any supggestions on what I can do? Thanks.

  The list that shows is just data files and such.
  You can burn the entire iPhoto Library folder.
  You can burn each Year folder or any other variation.
  This is my workflow. The reason I do it the way I describe is because I want a backup of just the photos and video clips I take so I can copy them to a partition of my external drive and burn them to disc. On the other partition I backup my entire users folder
  When iPhoto 5 first came out I really think it was programmed to import the smaller 30 sec video clips that cameras were taking at the time. Since then, digital cameras, at least my Canon S2 can take clips as large as your memory card can hold. The first time I tried to download my images and movie clips with my new camera, iPhoto stalled at the movie clips. I wasn't going to take any chances messing up my iPhoto Library so I started using Image Capture to download all my images and Movie clips. I actually like doing it this way a lot better. My movie clips are downloaded into my Movies folder where I then put them in a dated folder.
  My photos are downloaded into my Pictures folder, where I then put them in a dated folder. I import the dated folder into iPhoto. I also keep all dated folders from photo downloads in the Pictures folder till I get enough Movie folders and Photo folders to fill a DVD. I burn them and then delete them from the hard drive.
  This way I have the photos in iPhoto and I also have just the photos backed up to DVD.
  The Movies I keep on the hard drive in their dated folders until I use all the clips for my iMovie projects for the Year. I then make sure they are all burned to DVD, then I delete those from my hard drive.
  Using Image Capture to download images and video clips:
  Open up Image Capture which is found in the Applications folder.
  When it is opened, go to Image Capture/Preferences
  Under the General button choose
  Camera: When a camera is connected, open Image Capture.
  The next time you connect your camera Image Capture will open.
  In the window that opens you will see an Options button. Click on that button to set your options.
  To find out more about Image Capture (it can do a lot more) Click on Help in the menu bar when Image Capture is open.
  iPhoto: How to Change the "Open Automatically" Preference
  If you find you can't change any of Image Captures preferences or can't access any drop down menus or they are greyed out, check to make sure Image Capture is loose in the Applications folder and not within a sub folder.
  Here is info on backing up your photos:
  Backing up your iPhoto Library
  1. Burn the iPhoto Library folder in the Finder to a CD or DVD
  This method will give you a burned iPhoto Library folder that can be copied back to your computer to replace a damaged library. You can also use this method to backup an old library when you want to create a new Library to use as your current library.
  insert a blank CD into your internal or external CD-RW drive and copy the iPhoto library to the CD icon on your desktop. When you drag the CD icon to the Trash/Eject button in the Dock, you are given the option to burn the CD. Click Burn and the CD is created. To burn a DVD backup of your digital images, use a DVD and a SuperDrive-equipped Mac
  The easiest way to burn an iPhoto Library folder in the Finder that is larger than 4.7 gig to fit on one DVD is to burn sections of the folder.
  Drag the iPhoto Library folder to the desktop
  Double click the folder to open it.
  Drag each Year folder to the desktop.
  You should be left with the iPhoto Library folder containing all the data files, and the Year folders.
  Combine whatever year folders that amount closest to a DVD burn size on one DVD. Make sure that you have burned all the Year folders, then the iPhoto Library folder with all the data files.
  If you ever need to use this backup, insert the DVDs into your computer and copy the folders to the desktop. Put all the Year folders back into the iPhoto Library folder. Then put the iPhoto Library folder back into the Pictures folder.
  You can also check out applications for disc spanning:
  Disc-spanning software
  DropDMG
  Toast
  Dragon Burn 4
  BackityMac
  Retrospect Express-comes with some external drives
  Retrospect for Macintosh Desktop Edition
  2. Copy the ENTIRE iPhoto Library to an external drive formated for a Mac. Do not use this as your only back up as the external can also go bad.
  3. Copy the ENTIRE iPhoto Library to your iPod in disk mode
  4.Creating your own CDs and DVDs for viewing in iPhoto
  This method is a great way to back up Albums of older photos or even your entire library if it is small enough to fit on a DVD. This method will give you a library that will mount within iPhoto in the source column to be viewed. To import any images from this library they need to be dragged into your library in the source column.
  If you just want to backup the images in your library:
  1) Within iPhoto select the images, albums or rolls you want to backup. Go to Share>Export and export them to a newly created folder on the desktop. Follow the directions in the next link.
  Creating a CD or DVD to be viewed in Windows or by a photo processing company
  1.. If you backed up the entire iPhoto Library by burning within iPhoto or burning the folder in the Finder, make sure the burned copy is a good working copy before you delete the iPhoto Library folder in the Finder. You delete the iPhoto Library in the finder by dragging it to the trash when iPhoto is closed. When you next launch iPhoto it will create a new empty library for you to start anew.
  2. If you burned just the images, be aware that that is all you are archiving. No metadata will travel with the images such as comments, keywords, etc.
  You can then delete those images within iPhoto by highlighting them and hitting the delete key, then empty iPhoto's trash. Do this often and in groups so iPhoto will not choke on too many images.

• HT1338 I am having trouble installing updates on my mac this is the error code the pops upThe update could not be verified. It may have been corrupted or tampered with during downloading. The update will be downloaded and checked again the next time that

  can some one help me? I have been trying to update my MAC and it will not download because this message come up
  (The update could not be verified. It may have been corrupted or tampered with during downloading. The update will be downloaded and checked again the next time that Software Update runs.)

  For anyone that comes across this. I managed to fix the problem. It had something to do with the date on my computer. Mavericks installer apparently does a date check of some sort and that is where the error is coming from. Open terminal and check the system date. It may be wrong. Another poster in the forums told me how to to check the date and change it. Click here for the link to the explanation. Be careful because the date is in a weird format.