KRBTGT "Golden Ticket" and Authentication Services

Similar Messages

• HT4009 Simpsons tapped out bought golden ticket and 60 donuts both are not appearing help

  Ok I bought donuts and golden tickets in the past I had around £9 and £1 after I bought 60 donuts and I still only have the same amount and also no tickets

  Hi Matt,
  Based on my research and test in both Outlook 2010 and Outlook 2013, it is by default that only the organizer can receive the declined\accepted response from room mailbox. If we do the following steps:
  1. User1 created a meeting request in User1’s Calendar, add Test1 and Test2 in To field as attendees, add Room3 as the Resource.
  2. Set the start time and end time which would be a conflict time period in Room3 and Test1’s Calendars.
  3. Send the meeting out.
  During the sending and receiving, there is no conflict notifications before sending out the request. After the request is sending out, a Declined response is received from Room3 because of the conflict.
  In your scenario, please confirm you are creating the meeting request in the Organizer’s calendar instead of directly creating it in Room Calendar.
  Regards,
  Winnie Liang
  TechNet Community Support

• Object for interaction records, service tickets and follow-up activities

  Hi,
  I need business objects or Function modules(anything) that contains the data realted to interaction records, service tickets, and follow-up.Please help me by mailing to my mail [email protected]

  My question was answered by Experts.
  1.I tried with the code to retirve GUID,HEADER/ITEM Guid's related to the BPnumber from CRMF_ORDER_INDEX table.
  2.I have stored header/item GUID's in different internal tables and append all the values that fetched above with in the loop.
  3. Clear header/item guid's,that they can have next value in the loop.(Important)
  4.Next step call the FM CRM_ORDER_READ with in the loop and assign import/export parameters.
  4.Display the records.
  Thanks for Everything.........

• Not Working-central web-authentication with a switch and Identity Service Engine

  on the followup the document "Configuration example : central web-authentication with a switch and Identity Service Engine" by Nicolas Darchis, since the redirection on the switch is not working, i'm asking for your help...
  I'm using ISE Version : 1.0.4.573 and WS-C2960-24PC-L w/software 12.2(55)SE1 and image C2960-LANBASEK9-M for the access.
  The interface configuration looks like this:
  interface FastEthernet0/24
  switchport access vlan 6
  switchport mode access
  switchport voice vlan 20
  ip access-group webauth in
  authentication event fail action next-method
  authentication event server dead action authorize
  authentication event server alive action reinitialize
  authentication order mab
  authentication priority mab
  authentication port-control auto
  authentication periodic
  authentication timer reauthenticate server
  authentication violation restrict
  mab
  spanning-tree portfast
  end
  The ACL's
  Extended IP access list webauth
      10 permit ip any any
  Extended IP access list redirect
      10 deny ip any host 172.22.2.38
      20 permit tcp any any eq www
      30 permit tcp any any eq 443
  The ISE side configuration I follow it step by step...
  When I conect the XP client, e see the following Autenthication session...
  swlx0x0x#show authentication sessions interface fastEthernet 0/24
             Interface:  FastEthernet0/24
            MAC Address:  0015.c549.5c99
             IP Address:  172.22.3.184
              User-Name:  00-15-C5-49-5C-99
                 Status:  Authz Success
                 Domain:  DATA
         Oper host mode:  single-host
       Oper control dir:  both
          Authorized By:  Authentication Server
             Vlan Group:  N/A
       URL Redirect ACL:  redirect
           URL Redirect: https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
        Session timeout:  N/A
           Idle timeout:  N/A
      Common Session ID:  AC16011F000000490AC1A9E2
        Acct Session ID:  0x00000077
                 Handle:  0xB7000049
  Runnable methods list:
         Method   State
         mab      Authc Success
  But there is no redirection, and I get the the following message on switch console:
  756005: Mar 28 11:40:30: epm-redirect:IP=172.22.3.184: No redirection policy for this host
  756006: Mar 28 11:40:30: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_qualify ...
  I have to mention I'm using an http proxy on port 8080...
  Any Ideas on what is going wrong?
  Regards
  Nuno

  OK, so I upgraded the IOS to version
  SW Version: 12.2(55)SE5, SW Image: C2960-LANBASEK9-M
  I tweak with ACL's to the following:
  Extended IP access list redirect
      10 permit ip any any (13 matches)
  and created a DACL that is downloaded along with the authentication
  Extended IP access list xACSACLx-IP-redirect-4f743d58 (per-user)
      10 permit ip any any
  I can see the epm session
  swlx0x0x#show epm session ip 172.22.3.74
       Admission feature:  DOT1X
       ACS ACL:  xACSACLx-IP-redirect-4f743d58
       URL Redirect ACL:  redirect
       URL Redirect:  https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
  And authentication
  swlx0x0x#show authentication sessions interface fastEthernet 0/24
       Interface:  FastEthernet0/24
       MAC Address:  0015.c549.5c99
       IP Address:  172.22.3.74
       User-Name:  00-15-C5-49-5C-99
       Status:  Authz Success
       Domain:  DATA
       Oper host mode:  multi-auth
       Oper control dir:  both
       Authorized By:  Authentication Server
       Vlan Group:  N/A
       ACS ACL:  xACSACLx-IP-redirect-4f743d58
       URL Redirect ACL:  redirect
       URL Redirect:  https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
       Session timeout:  N/A
       Idle timeout:  N/A
       Common Session ID:  AC16011F000000160042BD98
       Acct Session ID:  0x0000001B
       Handle:  0x90000016
       Runnable methods list:
       Method   State
       mab      Authc Success
  on the logging, I get the following messages...
  017857: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_qualify ...
  017858: Mar 29 11:27:04: epm-redirect:epm_redirect_cache_gen_hash: IP=172.22.3.74 Hash=271
  017859: Mar 29 11:27:04: epm-redirect:IP=172.22.3.74: CacheEntryGet Success
  017860: Mar 29 11:27:04: epm-redirect:IP=172.22.3.74: Ingress packet on [idb= FastEthernet0/24] matched with [acl=redirect]
  017861: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: Enqueue the packet with if_input=FastEthernet0/24
  017862: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_process ...
  017863: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: Not an HTTP(s) packet
  What I'm I missing?

• List service tickets and activities by Business Partner

  Does anyone know of a function / BAPI that can be passed Business Partner ID and list all Service Tickets and activities associated with it.  Many thanks

  The only FM I found list the order guids and is CRM_BUPA_READ_ORDER_OBJECTS.
  I would advise you to pass the date from and to as well, else this might create performance problems.

• Does Golden Gate provide any Webservices to start and stop services?

  Hi all,
  We are trying to use GG in our application. But we need a way to start and stop services from java code.
  Is there any Webservice interface or API to start and stop Golden gate services like GG manager, extract and replicat processes??
  Thanks in advance for your help.
  Yamini.

  You can control this at a database level using EVENTACTIONS parameter.
  Create a table at source & target called "EVENT" with field EVENT_TYPE ( example names only - please call it what you like ) .
  at Replicat config actions based on the data passed into the EVENT_TYPE column
  MAP GG_ADM.EVENT TARGET GG_ADM.EVENT, &
  FILTER ( (@STREQ(@IF(@COLTEST(EVENT_TYPE,PRESENT),EVENT_TYPE,"No EVENT"),"STOP") = 1)), &
  EVENTACTIONS (IGNORE , LOG,STOP);
  You'll need a seperate replicat to handle the start
  MAP GG_ADM.EVENT TARGET GG_ADM.EVENT, &
  FILTER ( (@STREQ(@IF(@COLTEST(EVENT_TYPE,PRESENT),EVENT_TYPE,"No EVENT"),"START_APP_02") = 1)), &
  EVENTACTIONS ((SHELL (${GG_HOME}/diroby/start.ksh R1APP_02 )));
  Hope that helps

• Certs, kerberos tickets and binding

  Hello--
  I have server1 and server2 (2010 MacMinis w/ 10.9.1/3.0.2 and 10.9/3.0.1, respectively) providing services to a small group.  By doing a series of rebuilds and backtracks, I have a generally usable configuration as long as only single users use any given client.  Server1 provides DNS, DHCP, OD, contacts, calendars, and profile management.  Server2 provides secondary zone info, DHCP (a different segment of the network's addresses) and mail.  It used to provide an ODR but I destroyed that as part of the troubleshooting because it seemed to have issues synching.  Now server2 is bound to server1, but is not enrolled in Profile Manger. 
  Most of my testing has been on a Mavericks client, enrolled with Profile Manager, but I've also logged in, albeit with issues, on a ML client. On the Mavericks client, when another network user logs into the system and then logs out, the client must be restarted to allow the next user to log in and access services properly.  If not restarted first, problems exist involving internet passwords and access to datastores for the services.  Restarting after each use is an annoying workaround that is not acceptable to me in the long term.  Additionally, Mail.app cannot be successfully configured to use Kerberos for authentication against the mail server even though Open Directory is set as the means for authentication on the server.
  I use a profile payload to configure OD which does not provide SSL for that connection.  As I've tried to stick with defaults to the maximum extent possible, I've not tweaked this.
  I have stuck with an self-signed locally generated cert for OD (because that is more default).  Starting up keychain access on the server generates a lot of secd SecErrorGetOSStatus unknown error domain: com.apple.security.sos.error blah blah blah entrees.   All five of the APSP certs show, in red, "This certificate was signed by an unknown authority".  The other certs for the domain show green and can be traced back to the OD CA. 
  When I first log in and use klist on the client, I usually only see a TGT even though home directories are provided over AFP.  Most often if I bring up Finder and view the files in the home directory, I will still only see the TGT when running klist.  Likewise when I start up Calendar.  However, firing up Contacts causes two additional tickets, one for host/server1.mydomain.com and one for HTTP/server1.mydomain.com.  Shouldn't the host ticket be generated with the user first connects?
  I also have a number of log entries of Server not found in database for the following:
       krbtgt/[email protected]
       imap/server2.mydomain.com@...
       host/maverickclient.mydomain.com@...
       krbtgt/LOCAL@...
       cifs/server1.local@...  (although these may have stopped when I shifted home directory sharing to be over AFP instead of the default SMB)
  What are these errors likely telling me?
  Thanks.
  Tim

  I've continued to work this issue as I have had time, but no real progress.  I downloaded an root CA cert from Apple that allowed the red error messages with the APSP certs to change to valid.  Have other seen this or should the root CA integration cert have installed as part of the server set up?
  I also renewed the push cert and then re-enrolled a client along with enrolling server2.  No changes.
  I then removed the profile payloads other than enrollment.  This triggered the client to remake the local copies of service data and wiped out the passwords stored in Safari.  Several core data I/O errors from the networked home directory when this occured. 
  It would be really great if someone had a better way to test kerberos and OD other than rebuilding.  Any one?
  Thank you in advance.
  Tim

• Security and authentication

  The bottom line is I don't know anything about either of
  these two areas. I've always been a client side interactive
  developer and designer, handing off the real backend work to
  developers in that field. FMS is finally plunging me into this
  area, as now I can apply my knowledge of ActionScript to the server
  side of things, and pull together some amazing stuff.
  How should I authenticate, say, a basic chat, so only logged
  in users can send a message? I can easily require login on the
  clientside, but that wouldn't stop spoofing and decompiling. Is the
  FMS communication encrypted? I could send username/password for
  each message based on the client input, and authenticat securly on
  the server against a serverside list, but that seems rather foolish
  in the event someone listens in on the clients messages, they would
  then see the username and password. But how else would it be
  done?

  FMS can use SSL just like an https server can, but it's not
  configured by default. You'd need to set up a certificate and
  configure FMS to use SSL. That said, unless you need to encrypt the
  chat (or other data/audio/video), you don't need to secure your FMS
  Really, all you need to to is authenticate once when the user
  connects. Here's what I like to do:
  1. Have the user log in via https (before connecting to the
  FMS app)
  2. Have the http side login process create a token (I like to
  use a random 50 character string) and store it in a database
  3. Pass the token back to the client in the response to the
  authentication request
  4. Connect to FMS, passing the token in the
  netconnection.connect arguments
  5. Before accepting the client, the FMS app calls back to the
  http server (using loadvars, netservices, or an xml object),
  sending the token in the request
  6 The http service checks the ticket, and returns a success
  or failure message. If the ticket is good, the service expires or
  deletes it so it can't be used again.
  7. The FMS app accepts/rejects the client based on the
  response from the token authentication request.
  So, the only time a password gets transmitted is when the
  client first logs in. That makes it easy to encrypt the sensitive
  data, and then just send the token (unencrypted) to the FMS server.
  Even if someone intercepts the token, it will be of no use to them,
  as it can only be used once.

• Web-Service Proxy and Web-Service Client access in a Bean (EJB 3.0)

  Hello Community,
  i want to access the SAP Knowledge-Management via the Webservice "RepositoryFrameworkWS", which resides on our Portal-System, from my Java-Application, which runs on a NW CE 7.11 Ehp1 Java Server.
  I choosed to create a WS-Client as a deployable client. So i created an Bean Project, imported the WSDL and created a WS-Proxy in that project. Additionaly i added some beans to that Bean-Project which use the WS-Proxy to access the KM.
  So far so good.
  But the WSDL also creates a Service-Endpoint, which already has an url for the WS-Target and Authentication-Information (in my case it seems that no Authentication is active) in its body.
  Because my client shell run on different systems in the future i searched for a way to easiliy deploy my application and adapt target-information elsewhere. I found in the documentation, that after deploying the deployable WS-Proxy/Client this can be done in the NW-Administrator under SOA-Management->Application and Scenario Communication->Single Service Administration.
  To my surprise i found my deployed WS there. And the entry for the there listed Port was configurable. But unfortunatly this customization is ignored by the application. For example i changed authentication to a HTTP-Authentication with a specific user and also changed to Target-URL. But with no success.
  What's wrong here?
  i accessed the WS in my bean in the following way:
      public Class xyz
       @WebServiceRef (name="RepositoryFrameworkWS")
       RepositoryFrameworkWS service;
        RepositoryFrameworkWSViDocument vi = service.getPort(RepositoryFrameworkWSViDocument.class);
       vi.findResources(rid,....)
  regards
  Matthias Hayk
  Edited by: Matthias Hayk on Sep 15, 2009 10:13 AM

  Hi Matthias
  In Single Service Administration there are two views: Webservices and WS Clients configurations. First of all you should enable BASIC HTTP authentication in WS configuration. Then go to WS Client configuration and enter user/password in HTTP BASIC authentication settings.
  Hope this help.
  BR, Siarhei

• How do I bind to directory server with SSL and authentication?

  I'm running Lion Server 10.7.3, Open Directory master. In Open Directory/Settings/LDAP, I've checked the box to Enable SSL and selected a (self-signed) certificate. In Policies/Binding, I've checked the box to Enable Authenticated Directory Binding.
  Testing with a client computer on which Snow Leopard has been freshly installed and fully updated, I went to System Prefs/Accounts to bind to the new directory server. The good news is, the binding was successful, and when the client initiates an AFP connection with the server, it uses Kerberos, creating a ticket as expected. (Which doesn't work with Lion clients, alas, but that's a seperate matter.)
  Here are the problems:
  1) It looks like the binding did not use SSL. By which I mean that when I opened Directory Utility and examined the LDAPv3 entry, the SSL checkbox was not checked. (If I then check the box, everything looks fine until I restart the client, after which I have a red dot. So I'm guessing that checking the box does nothing until after restart, and that it breaks the binding.)
  2) I was never prompted to authenticate for the directory binding.
  So I get that literally I'm *enabling* SSL and Authenticated Directory Binding, but it seems like the defaults are to bind without SSL or authentication, and there's no obvious-to-me way to force the binding to use those things. How do I do that?
  What I'd really like to do is *require* SSL and Authenticated Directory Binding. I want this because my belief (correct me if I'm wrong) is that if authentication is required to bind to the server, no one will be able to bind to my server without my permission, and that SSL offers a more secure connection to my server than not-SSL. How do I require these things, or do I not really want to?
  Thank you.

  You cannot connect to databases via Muse at the moment. Please refer: http://forums.adobe.com/message/5090145#5090145
  Cheers,
  Vikas

• Dropped calls and no service in my house...why am I even paying a phone bill?

  I've been a Verizon customer for probably around 6 or 7 years now. I've had plenty of different devices and was always happy with my phone. A few years ago, service started to get horrible in my house. I would barely get service and my phone would drop calls. I have spent hours over the past 2 years on the phone with reps. Some were very helpful, and some were very frustrating. I have put in service tickets and even changed out my phone to try to get better service. Let me also note that AT&T customers get perfect service inside of my house. I don't even want to hear the excuse that Verizon doesn't guarantee service inside of a building due to building materials. The last time I checked, I didn't rebuild my house in the past few years with new materials. I use my cell phone for business when I'm at home, so it is extremely important that it works inside my house. I put my most recent service ticket in almost 2 weeks ago and there is STILL no resolution. I also won't accept if the only resolution is me buying a network extender.. I'd rather pay an early termination fee and leave before I'd ever spend money on another Verizon device. I have had 2 reps in the past week tell me that they would call me back and I never hear anything. I also have been told that they would resolve it by a certain date, only to find out that now they are saying it's going to stay open until they can figure it out. I rely on my phone for work now more than ever since I recently starting working from home, so how can I accept the fact that I am waiting around and paying for a phone that doesn't work when I need it the most? For all of my trouble, they offered me a $20 credit on my account. I shouldn't even use the word "offered" because I was the one who mentioned that I should be reimbursed for my time. I'm so sick of wasting my time on the phone and I am truly disgusted with Verizon. As a long time customer who has spent thousands of dollars over the year paying for Verizon service, I would expect to be treated much better than this.

  I am not in the same boat, Verizon works absolutely everywhere I go and I am super happy with the service. If the service started not working however, and I got no resolve, I would just cancel it and switch providers. No point in paying for service you can't use, especially where you live.

• Contacts and Calendar Services Broken

  I have a new build of Mountain Lion Server 10.8.2 and am having problems with the Contacts and Calendar services.
  The server is an Open Directory Master.
  I did this build by installing Mountain Lion 10.8 on a new hard drive. I had no interest in migrating any data except for the Open Directory, so I created an Open Directory archive to restore from with the new build. I then removed the old Lion Server boot drive and installed the Mountain Lion Server drive, then installed Server app. I moved the data stores to the RAID before starting any services.
  DNS, DHCP, File Sharing, FTP, Mail, Messages, NetInstall, Profile Manager, Software Update, Time Machine, VPN, Websites and Wiki all work normally. I also use Portable Home Directories. I've only dabbled a bit with Mail, Profile Manager and Wiki, but I have not encountered any problems with them. I use the other services rather heavily. Everything is working great except Contacts and Calendar.
  sudo changeip -checkhostname returns:
  Primary address     = 10.0.0.2
  Current HostName    = myserver.mydomain.private
  DNS HostName        = myserver.mydomain.private
  The names match. There is nothing to change.
  dirserv:success = "success"
  In the Server app both Contacs and Calendars turn on and appear to be working. I have the self-signed certificate created by the sever app assigned to the services. I am unable to log in clients to either Contacts or Calendar service via browser or through iCal or Contacs apps. The apps first notify that a secure connection is not possible. Then when I proceed I get authentication failures, even though the credentials are correct. Removing the certificate from the services has no improvement.
  When I run "sudo serveradmin fullstatus calendar" I get the following output:
  calendar:setStateVersion = 1
  calendar:logPaths:LogFile = "/var/log/caldavd/access.log"
  calendar:logPaths:ErrorLog = "/var/log/caldavd/error.log"
  calendar:state = "RUNNING"
  calendar:servicePortsAreRestricted = "NO"
  calendar:servicePortsRestrictionInfo = _empty_array
  calendar:readWriteSettingsVersion = 1
  Examining /var/log/caldavd/error.log I find this interesting message:
  2012-11-24 22:59:28-0700 [-] Unhandled Error
            Traceback (most recent call last):
              File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/twi sted/internet/defer.py", line 1187, in unwindGenerator
                return _inlineCallbacks(None, gen, Deferred())
              File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/twi sted/internet/defer.py", line 1045, in _inlineCallbacks
                result = g.send(result)
              File "/Applications/Server.app/Contents/ServerRoot/usr/share/caldavd/lib/python/twis tedcaldav/upgrade.py", line 985, in doUpgrade
                yield upgradeData(self.config, self.spawner, self.parallel)
              File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/twi sted/internet/defer.py", line 1187, in unwindGenerator
                return _inlineCallbacks(None, gen, Deferred())
            --- <exception caught here> ---
              File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/twi sted/internet/defer.py", line 1045, in _inlineCallbacks
                result = g.send(result)
              File "/Applications/Server.app/Contents/ServerRoot/usr/share/caldavd/lib/python/twis tedcaldav/upgrade.py", line 771, in upgradeData
                with open(versionFilePath, "w") as verFile:
            exceptions.IOError: [Errno 2] No such file or directory: '/Volumes/RAID-50/Library/Server/Calendar and Contacts/Data/Documents/.calendarserver_version'
  It seems as though upon setting the data store to the RAID that not all the necessary directories and files were created for the Contacts and Calendar services. Is there a way to create them new? Remember, there is no Contact or Calendar data to save. I am starting with a clean slate.
  Assuming the problem lies with the missing directories in my data store location, is there a way to either create the missing directories & files, or just rebuild the two servieces from scratch?

  Back up all files.
  Quit the Server application and drag it to the Trash, but don't empty. You'll be prompted to confirm that you want to stop all services. You won't lose any server data.
  Put the app back where it was and launch it. Test.

• Event Log stopped working - Error 1747 : The Authentication Service is Unknown

  I reccently noticed that my scheduled tasks were no longer running. I tried to bring up the task scheduler and it said the service was not running. I checked the service and sure enough, it was not running. I tried to start it and it failed because the windows event log service, which is a dependency, was also not running. I tried to start the event log service, and gave the error above in the subject line.
  The event log service uses a log on of "Local Service". There are other services that use the same log on and they start up with no problem. I have searched the internet for a solution to this and have tried several things I found with no luck. One was to run SFC, another was to delete the Windows/Logs and Windows/System32/Logfiles folders so they would be re-created on startup. I also tried subinacl to reset the ACLs on registry branches and the subfolders of %SystemDrive% as recommeded in another forum.
  I am running Vista Home Premium and all the latest updates have neen applied. Anyone have any further ideas? (short of re-installing Vista).
  Thanks.

  Hi there Robin. I am an IT Technician & felt that I needed to begin communication with you regarding this issue. I recently made a post in this thread detailing my issues & found resolution. I just wanted to share my post with you & hope that the information is useful to others that need to resolve these issues without re-installing their operating systems. Please find my post below:
  Hi all. I am an IT technician & have recently been troubleshooting a customer's Windows Vista Home Premium laptop in a wireless home network.
  In a nutshell the laptop suddenly stopped connecting to the wireless router; upon investigation I found lots of windows services were not starting; this sent me on a bit of a wild goose chase as this showed all signs of some kind of trojan / malware infection hogging the system. Here are some of the things I saw:
  1). Norton 360 wasn't even running correctly & I was unable to view it's firewall status.
  2). Windows firewall was disabled & I was unable to start it (service failed error message).
  3). I was unable to view windows event logs & received "Error 1747 : The Authentication Service is Unknown"
  4). Windows Side Bar was all blanked out & not showing any gadgets
  5). I attempted a system restore but that failed (I saw references in system restore that the Bonjour service had been un-installed)
  I did loads of further investigation & found this thread. It would appear that removing, or even trying to remove / un-install the Bonjour service may cause the above mentioned issues in windows Vista. I have not seen this kind of errata in windows XP.
  I have heard of people pulling their hair out & re-installing the operating system possibly due to experiencing these issues.
  Please Read On.... 
  Resolution that worked for me:
  I ran the Winsock corruption fix that is mentioned in previous threads as per microsoft's instructions found at the following URL: http://support.microsoft.com/kb/811259 
  Manual steps to recover from Winsock2 corruption for Windows Vista users
  Winsock corruption can cause connectivity problems. To resolve this issue by using Network Diagnostics in Windows Vista, follow these steps:
  1.
  Click , and then click Network.
  2.
  Click Network and Sharing Center.
  3.
  In the Network and Sharing Center box, click Diagnose and Repair.
  Note You may also access the Network and Sharing Center in Control Panel.
  If the Network and Diagnostic tool was unable to find a problem, you can manually repair or reset Winsock.
  Manual steps to repair or to reset Winsock for Windows Vista users
  1.
  Click , type cmd in the Start Search box, right-click cmd.exe, click Run as administrator, and then press Continue.
  2.
  Type netsh winsock reset at the command prompt, and then press ENTER.
  Note If the command is typed incorrectly, you will receive an error message. Type the command again. When the command is completed successfully, a confirmation appears, followed by a new command prompt. Then, go to step 3.
  3.
  Type exit, and then press ENTER
  Hey Presto!!!! After re-booting everything is back online & all necessary windows services & norton 360 are starting as normal.
  Further Information on Bonjour Service:
  http://en.wikipedia.org/wiki/Bonjour_(software)
  As I understand & in my experience the Bonjour service is installed as a sub-aplet with certain 3rd party software applications including Apples itunes & Adobe newest Creative Suite 3 installs Apple’s Bonjour service even if you don’t install Version Cue. Its main goal is to provide zero-configuration connectivity between Version Cue server and the suite’s applications.
  A bit more CSi & i've established how to un-install Bonjour service; there is a great topic on this subject at the following URL: http://www.raymond.cc/blog/archives/2008/02/10/how-to-uninstall-or-remove-bonjour-mdnsresponderexe/
  Thanks to all for your post & input...it has really helped to get this issue resolved (well for me anyway) & has of course save a re-install!!!!
  I will keep an eye on this thread...please post your resolutions / experiences to help others.
  Kind regards

• Non-ISP DDNS with Apple DHCP and DNS Services

  I have two questions about Dynamic DNS (DDNS) as it applies to Apple's DNS and DHCP services within my home network. I am not talking about DDNS in the context of making my external-facing router available by a domain name on the Internet using the dynamically-assigned IP from my ISP.
  Starting with Snow Leopard Server, I attempted to use Apple's DNS and DHCP services (I have the firmware-based DHCP service in my router turned off.) The difficulty I immediately faced was that Apple's DHCP implementation didn't update the DNS service as IPs were handed out to DHCP clients. Because of this, it wasn't possible to access hosts by their hostname, since getting a DHCP-assigned dynamic IP at boot-up didn't do anything to automagically register the hostname-to-IP mapping in DNS. Manually registering the hostname in DNS was pointless, becuase over time the client IP address can and did change. I could create static IP assignments based on the MAC address, but doing that for all of the devices on my home network sort of defeated the purpose of using dynamic IPs.
  The only solution I eventually found was to go out and get an open source DHCP server, compile it for my Mac, install it, and configure it. After doing this, everything worked great; every time a new host or other device was booted it got a dynamic IP through DHCP, and then the DHCP server automatically updated Apple's DNS serive with the hostname and assigned IP. I could immediately access every device on my network by hostname. As IP addresses changed over time, the hostname-to-IP mapping in DNS was automatically updated.
  Except, Apple's point upgrades kept breaking my non-Apple DHCP install. Every time I applied software updates to my server I had to go back and re-finagle DHCP to get it to automatically start and run. By the time Lion Server came out, I drank the Kool-Aid and went back to Apple's DHCP implementation. I was disappointed that it still didn't seem able to update DNS with hostnames as it assigned IPs, but I was so tired of mucking about at the command prompt to fix DHCP every time Software Updates broke it, I just lived with the inconvenience of not being able to access devices on my network by hostname.
  I'm sorry to say this, but Windows Server has had this capability since at least server 2003. In fact, until I dumped my Windows Server and switched to Snow Leopard Server, I was running Microsoft's DNS and DHCP services on Server 2003 and they did exactly what I'm describing brilliantly.
  Can anyone offer any advice here? Does Mountain Lion's implementation of DHCP allow for DDNS updates to the DNS service? If not, how are other people handling this? Should I go back to running Windows Server for my DNS and DHCP services? My Netgear WNDR3700 router appears to have the standard, substandard DHCP server in firmware as most home routers, and no facility for DNS at all--much less the ability to update an on-site DNS sever with IP addresess it hands out. In fact, the only appliance I know of that does this is the InfoBlox my employer uses, but that's too expensive for a home solution.
  As a Post Script, I'll add that I've been VERY unhappy that I lost the ability to bind Windows clients to Open Directory under Lion Server. Since I'm starting to see articles that say this capability hasn't been added back to Mountain Lion Server, I'm seriously considering implementing a Windows Server AD master and establishing a "magic triangle" or "golden triangle". If I end up having to do that, I wonder if I might as well just go back to using Microsoft's DNS and DHCP services.

  Hi,
  Whether to move your DHCP to another server depends on the workload of your server. If there are too many clients on the network, you should move your DHCP to another server.
  Did the record which owned by the machine generate before you configure the DnsUpdateProxy group? You can try to regenerate the record and check the result.
  For more detailed information, you can view the link below.
  DNS best practices
  http://technet.microsoft.com/en-us/library/cc778439(v=ws.10).aspx
  Using DNS servers with DHCP
  http://technet.microsoft.com/en-us/library/cc787034(v=ws.10).aspx
  DNS registration changes for Windows Server 2003 based DHCP Servers
  http://technet.microsoft.com/en-us/library/ee441167(v=ws.10).aspx
  Hope this helps.
  Steven Lee
  TechNet Community Support

• Trying to install features for PowerPivot and Reporting Services from SQL Server 2012 with SP2, but no access to key?

  Hi,
  I had installed SQL Server 2012 PowerPivot on WFE and App Server. This is test farm with 1 WFE and 1 APP and 1 SQL Server.
  However, we had a heap of issues with Windows Claims Authentication and PowerPivot - issues were raised with "unable to make a connection to EntityDataSource" . Now we uninstalled the PowerPivot and Reporting Services features and wanted to install
  with the SQL Server 2012 with SP2. Originally SP2 was installed seperately and we had read there had been issues.
  Anyway on trying to install the features again using the SQL Server 2012 with SP2 iso I get 
  Could not open key UNKNOWN\Components
  I don't want to start deleting or changing permissions as quite dodgey. What is this key for anyway and how do I resolve my issue.
  Thanks.
  John.

  Hi John,
  Did you meet the error message during the process of configuring the PowerPivot for SharePoint?
  If yes, I suppose that the existing features or components have not been uninstalled completely.
  I recommend to delete the two keys left when uninstalling the PowerPivot and please make a copy of the registry keys before you delete the two keys:
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\WSS\ServiceProxies\Microsoft.AnalysisServices.Sharepoint.Integration.MidTierServiceProxy
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\WSS\ServiceProxies\Microsoft.AnalysisServices.Sharepoint.Integration.MidTierServicea
  Please check the steps in the link below to see if there anything wrong when you uninstalling the PowerPivot and then re-install it to see how it works:
  https://technet.microsoft.com/en-us/library/ff487866(v=sql.110).aspx
  Thanks,
  Victoria
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Victoria Xia
  TechNet Community Support