Network backup & User self sign-up

Similar Messages

• New self signed certificate, how to mark as trusted for all users on clients

  We have a new 10.8 server that we are currently using for iChat/Messages service.  We have created a self signed certificate to encrypt the traffic to the Messages service since we have the service accessible for internet and phone users.  We use network accounts and users need to log in on several different machines when in the office.
  Can anyone suggest how to tell a client machine to trust the certificate for all users?
  Currently, each user is asked to trust the certificate on each client they log into.
  I have imported the server certificate into the client's system keychain in Kechain Access and asked it to trust the certificate for all items manually.  This does not appear to allow all users to trust the certificate since subsequent users who have not yet trusted the certificate on the test client are still asked to confirm trust.  When opening the iChat.app the users are still propmpted to verify the certificate which now indicates that it is trusted for all users.

  Resolved.
  - Drag certificate from verification dialog.
  - Import into System Keychain
  - Select certificate in System Keychain and select "i" button at bottom of window.
  - Set all items to always trust.

• Failed to create machine self-signed certificate for site role [SMS_SQL_SERVER]

  SCCM 2012 has been successfully installed on the server:
  SRVSCCM.
  The database is on SQL Server 2008 R2 SP1 CU6 Failover Cluster (CLS-SQL4\MSSQLSERVER04)
  Cluster nodes: SQL01 and SQL01. On all nodes made necessary the Security Setup of SCCM. No errors and warning on SCCM Monitoring.
  The cluster service is running on the account: sqlclusteruser
  The account has the appropriate SPN are registered:
  setspn -L domain\sqlclusteruser
  Registered ServicePrincipalNames for CN=SQL Cluster,OU=SQL,OU=Users special,OU=MAIN,DC=domain,DC=local:
  MSSQLSvc/CLS-SQL4
  MSSQLSvc/CLS-SQL4.domain.local
  MSSQLSvc/CLS-SQL4:11434
  MSSQLSvc/CLS-SQL4.domain.local:11434
  After some time on the cluster hosts every day started appearing new folders with files inside:
  srvboot.exe
  srvboot.ini
  srvboot.log
  srvboot.log contains the following information:
  SMS_SERVER_BOOTSTRAP_SRVSCCM.domain.local_SMS_SQL_SERVER started.
  Microsoft System Center 2012 Configuration Manager v5.00 (Build 7711)
  Copyright (C) 2011 Microsoft Corp.
  Command line: "SMS_SERVER_BOOTSTRAP_SRVSCCM.domain.local_SMS_SQL_SERVER CAS K:\SMS_SRVSCCM.domain.local_SMS_SQL_SERVER8 /importcertificate SOFTWARE\MicrosoftCertBootStrap\ SMS_SQL_SERVER".
  Set current directory to K:\SMS_SRVSCCM.domain.local_SMS_SQL_SERVER8.
  Site server: SRVSCCM.domain.local_SMS_SQL_SERVER.
  Importing machine self-signed certificate for site role [SMS_SQL_SERVER] on Server [SQL01]...
  Failed to retrieve SQL Server service account.
  Bootstrap operation failed: Failed to create machine self-signed certificate for site role [SMS_SQL_SERVER].
  Disconnecting from Site Server.
  SMS_SERVER_BOOTSTRAP_SRVSCCM.domain.local_SMS_SQL_SERVER stopped.

  The site server is trying to install the sms_backup agent on the SQL Server Cluster nodes.
  Without successfull bootstrap the siteserver backup is not able to run successfully.
  Try grant everyone the read permisson on
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS on the SQL server nodes.
  This worked for me.
  After that a Folder named "SMS_<SITESERVER-FQDN>" appeared on C: on the SQL Cluster nodes, and a "SMS_SITE_SQL_BACKUP_FQDN" Service should be installed.
  After the new Folder is created and the new Service is installed, you can safely remove the bootstrap Service by opening a command prompt and enter:
  sc delete "SMS_SERVER_BOOTSTRAP_FQDN-of-SiteServer_SMS_SQL_SERVER"

• Steps to create your own self signed certificate with java plugin working

  You need two tools that comes with your jdk which are keytool and jarsigner.
  Steps explain below in detail. Don't use netscape signtool, it will NEVER work!
  * keytool -genkey -keyalg rsa -alias tstkey -keypass 2br2h2m -dname "cn=Test Object Signing Certificate, o=AI Khalil, ou=Java Products, c=AU"
  cn = Certificate name
  o = organistation
  ou = organistation unit
  c = country (first two letters)
  If don't put the -dname, you can fill it line by line.
  The -keypass has to be verify at the end, and you have to wait for it to create the rsa signing keys.
  On NT by default it will put the alias information at D:\WINNT\Profiles\Administrator (if log in as administrator) with the default file called ".keystore". Windows 98 etc, don't know, search for .keystore
  file. When you update it, check for the timestamp change and you know if you at the right spot.
  You can store your alias information via the -storepass option to your current directory you work on, if you don't want to update the default .keystore file?
  The .keystore contains a list of alias so you don't have to do this process again and again.
  Another tip if you want your certificate encryption validity to be more than the default one month is simply
  add the -validity <valDays>, after the -genkey option, to make your certificate usage for encryption to last much longer.
  Note: You MUST use the -keyalg rsa because for starters the rsa encyption alogorthim is supported on ALL browsers instead of the default DSA and the other one SHA. Java plugins must work with the RSA algorthim when signing applets, else you will get all sorts of weird errors :)
  Do not use signtool because thats a browser dependant solution!! Java plugin is supposed to work via running it owns jre instead of the browser JVM. So if you going to use netscape signtool, it starts to become a mess! ie certificate will install, but applet won't start and give you funny security exception errors :)
  * keytool -export -alias tstkey -file MyTestCert.crt
  It will read the alias information in the .keystore information picking up the rsa private/public keys info and
  create your self sign certificate. You can double click this certificate to install it? But don't think this step is needed but maybe for IE? Someone else can check that part.
  If you make a mistake with the alias, simply keytool -delete -v -alias <your alias key>
  If not in default .keystore file, then simply keytool -delete -v -alias <your alias key> -keystore <your keystore filename>
  * Put your classes in your jar file, my example is tst.jar.
  * jarsigner tst.jar tstkey
  Sign your testing jar file with your alias key that supports the RSA encryption alogorthim.
  * jarsigner -verify -verbose -certs tst.jar
  Check that its been verified.
  The last step is the most tricky one. Its to do with having your own CA (Certified Authority) so you don't
  have to fork out money straight away to buy a Verisign or Twarte certificate. The CA listing as you see in
  netscape browsers under security/signers, is NOT where the plugin looks at. The plugin looks at a file called
  CACERTS. Another confusion is that the cacerts file is stored in your jre/lib/security AND also at your
  JavaSoft/Jre/<Java version>/lib/security. When you install the Java plugin for the first time in uses your
  JavaSoft folder and its the cacerts file that has to be updated you add your own CA, because thats where
  the plugin look at, NOT THE BROWSER. Everything about plugin is never to do with the browser!! :)
  * keytool -import -file MyTestCert.crt -alias tstkey -keystore "D:\Program Files\JavaSoft\JRE\1.3.1\lib\security/cacerts"
  Off course point to your own cacerts file destination.
  Password to change it, is "changeit"
  Before you do this step make a copy of it in its own directory in case you do something silly.
  This example will add a CA with alias of my key called "tstkey" and store to my example destination.
  * keytool -list -v -keystore "E:/jdk/jdk1.3/jre/lib/security/cacerts"
  List to see if another CA is added with your alias key.
  Your html, using Netscape embed and Internet explorer object tags to point to the java plugin,
  your own self sign applet certificate should work
  Cheers
  Abraham Khalil

  I follow Signed Applet in Plugin, and it's working on
  my computer. Thanks
  But When I open my applet from another computer on
  network, why it does not work ..?
  How to make this applet working at another computer
  without change the policy file ..?
  thanks in advance,
  AnomYou must install the certificate on that computers plugin. Can this be done from the web? can anyone suggest a batch file or otherwise that could do this for end users?
  I want a way for end users to accept my cert as Root or at least trust my cert so I dont have to buy one. I am not worried about my users refusing to accept my cert. just how do I make it easy for them? IE you can just click the cert from a link, but that installs for IE, and not the plugin where it needs to be.

• How to import self signed root CA certificates on to playbook.

  Hi, 
  I have a test environment with windows CA configured, and i want to install the root CA of this server on to my playbook device, i followed the steps mentioned in PlayBook user guide for importing root certificates, but 
  when i select the certificate in under Security -> certs and click on import it fails with imported 0 of i certificates. 
  could someone help me how can i install self signed root CA's into playbook. 
  regards,
  kamesh.

  I have the same issue along with repeated prompts to accept cert when I am just trying to access the page internally on my network.. Any help here RIM????????

• Importing self-signed certs into Oracle wallet

  Hi,
  would like to set-up Oracle 11G Data Base Server to require SSL authentification.
  While I have succeeded to set-up a PKI infrastructure in an Apache Derby and in an PostgreSQL environment, I am struggling to achieve the same on Oracle running as desktop class data base on a Windows machine in my local area network.
  I have created a new wallet and
  1) imported the trusted certificate of my own CA and
  2) imported the trusted certificate for the server.
  However when wanting to import a self-signed user certificate the menu option to import user certificates is not available(/greyed out/inactive).
  => Can someone please advise why this is the case and how I can get this menu item activated?
  Trying another route I created a certificaion request, exported it, imported it into my TinyCA program which I use to manage certs for my own CA, signed the request and exported it.
  But when trying to import the file resulting from this process I am told it is not a valid certificate.
  Thanks
  Thomas

  Please click here the watch After Earth online full movie FREE.
  Also source.
  Please Click here to watch the watch Now You See Me online full movie FREE.
  Also Click here to watch.
  Please watch online the watch The Kings of Summer online full movie FREE.
  Also Click here to watch online.
  Please watch online the watch The East online full movie FREE.
  Also Click here to watch online.
  Please source the watch Shadow Dancer online full movie FREE.
  Also Follow link.
  Please Get here the watch Hannah Arendt online full movie FREE.
  Also Follow link.
  Please click here the watch The History of Future Folk online full movie FREE.
  Also follow.
  Please Follow link the watch Fast & Furious 6 online full movie FREE.
  Also Click this to watch.
  Please Click here to watch the watch The Hangover Part III online full movie FREE.
  Also Click here to watch.
  Please Follow this link the watch Star Trek Into Darkness online full movie FREE.
  Also Click here to watch online.
  Please Follow this link the watch Epic online full movie FREE.
  Also Follow link.
  Please Follow link the watch Iron Man 3 online full movie FREE.
  Also click here.
  Please Click here to watch the watch The Great Gatsby online full movie FREE.
  Also Click here to watch.
  Please Click here to watch the watch Mud online full movie FREE.
  Also source.
  Please click here the watch The Croods online full movie FREE.
  Also Click here to watch online.
  Please Follow this link the watch 42 online full movie FREE.
  Also follow.
  Please Follow this link the watch The Internship online full movie FREE.
  Also click here.
  Please source the watch The Purge online full movie FREE.
  Also Follow this link.
  Please watch online the watch Much Ado About Nothing online full movie FREE.
  Also Click here to watch online.
  Please watch online the watch Man of Steel online full movie FREE.
  Also Click here to watch online.
  Please Click this to watch the watch This Is the End online full movie FREE.
  Also Follow this link.
  Please follow the watch The Bling Ring online full movie FREE.
  Also watch online.
  Please Follow link the watch Monsters University online full movie FREE.
  Also Follow link.
  Please source the watch World War Z online full movie FREE.
  Also source.
  Please source the watch The Heat online full movie FREE.
  Also Follow link.
  Please Follow link the watch White House Down online full movie FREE.
  Also watch online.
  Please Click here to watch online the watch I'm So Excited online full movie FREE.
  Also Click this to watch.
  Please watch online the watch watch Byzantium online full movie FREE.
  Also Get here.
  Please Follow this link the watch Game of Thrones.
  Also source.
  Please click here the watch The Big Bang Theory.
  Also Click here to watch online.
  Please watch online the watch How I Met Your Mother.
  Also source.
  Please Follow this link the watch Arrow.
  Also Get here.
  Please click here the watch Doctor Who.
  Also click here.
  Please follow the watch The Vampire Diaries.
  Also follow.
  Please Follow this link the watch Supernatural.
  Also Click here to watch online.
  Please Click this to watch the watch Arrested Development.
  Also click here.
  Please Click this to watch the watch Bates Motel.
  Also follow.
  Please watch online the watch Breaking Bad.
  Also follow.
  Please source the watch Hannibal.
  Also Follow this link.
  Please Click here to watch the watch The Walking Dead.
  Also watch online.
  Please Click here to watch online the watch Greys Anatomy.
  Also watch online.
  Please Follow this link the watch Criminal Mind.
  Also Follow link.
  Please Follow link the watch Mad Men.
  Also click here.
  Please Follow this link the watch Dexter.
  Also Follow this link.
  Please Click here to watch the watch Sherlock.
  Also Follow this link.
  Please Follow link the watch Revolution.
  Also click here.
  Please click here the watch Grimm.
  Also click here.
  Please source the watch Da Vincis Demons online.
  Also Follow link.
  Please Get here the watch defiance online.
  Also Click here to watch.
  Please source the watch modern family online.
  Also Click here to watch.

• Remoteapp and Desktop Connections Self signed Cert

  I know there are similar post on this subject though I did not find the answer that I was looking for.  I am using rdweb services to publish applications over a WAN connection to our remote office as our SQL server applications reside in our main office.
  Both offices are on the same domain/network. I do not need rdweb services to be accessed via the internet to outside users so I am relying on the internal cert to make all of this work internally.  At this time the rdweb interface works fine but the remote
  office would like to utilize the RemoteApp and Desktop connections so they will not have to use the web interface but I get the same error message everyone else has posted about there being a problem with the certificate and I am not able to get any further
  in the wizard at this time.
  I have created my own self signed certificate via the Remote Desktop GUI, exported the cert and imported to my client PC but still it does not work.  I don't have alot of experience with the certs and possibly am doing something wrong so will give the
  info to see if someone can help me out.
  Server name: TS1
  Domain: coa.local
  I have created the certificate several times with the following: ts1.coa.local, *.coa.local. Once done I have exported the cert and imported to the Trusted root auth of the local computer. I have then launched the Remoteapp and Desktop wizard and filled
  in the field with https://ts1/rdweb which did not work. I tried https://ts1.coa.local/rdweb which also did not work. Am I not filling in the correct syntax or is there something else I might be missing as it stops there and tells me there is a problem with
  the websites certificate.  I am stumped and hope someone can help me out as I have burned alot of time trying to make this work. 
  Thank you

  Have you made any progress on this problem?

• Server.app does not authenticate network admin users

  Running fresh installation of Lion Server 10.7.3. I'm logged in as the original, local, administrator.
  I open Server.app and successfully log in to the local machine with the local administrator creditials. I create a networked user allowed to administer the machine. Close Server.app window.
  Attempt to log in as the new networked administrator. I get a message about using the server's self-signed certificate. I click accept, then the log-in shakes it head, won't let network admin log-in. Repeated attempts to log in do not show the certificate warning -- the log-in fails every time, though.
  Attempt to log is as local admin, works OK.
  How to fix?

  Hi Stefan, I have the Server app problem here on my Xserve 2009 and it happened after about 14 days of working correctly. No users or groups(850 network) show in the panes other than the two local admin users on the server. The +/- buttons are greyed out also. If you enter some letters for a search in Users/Groups it will actually display the network users containing the letters and eventually it populates the window with network users up to the usual 500+ limit but refresh and they all disappear again. Thinking back before it happened I used WGM to add a new user instead of Server and it was shortly after when the users "disappeared" and the+- buttons greyed out. I dont have much confidence in Server app at the moment and im just glad WGM/SA is still in operation. I agree with Danny_Sch that Server app starts to act strangely after using WGM
         WGM acts as usual with all my 850 users showing from the OD and Server admin shows all my services running ok. All users can log in and out fortunately at the moment. This happened initially when I migrated to Lion and I had to use my OD archive demoting and promoting to master to get it to work but I dont want to have to rebuild the whole thing again as we have very limited downtime to do it in a big institution etc. I'm trawling the net looking for a fix but no definitive answer. Has anyone reported this as a bug to Apple I wonder?

• Self-signed certificate support

  Good morning everyone.
  I have a fair number of web-available applications that I make so using self-signed certificates. I've tried several of them, and it looks as though without a certificate authority, the iPhone's version of Safari won't support them. Has anyone else had any luck with this?
  I also tried an expired certificate, and the same occurred. Essentially the wheel just spins and nothing ever happens, almost as if there is a secret dialog somewhere that I can't see, and the process is waiting for me to click Ok.
  Interested in others' experiences.
  Thanks!
  Greg

  I'm having a similar problem. The Cisco wireless network here in my office has a log in page that should be displayed whenever a user tries to log in. When Safari on my iPhone connects, it redirects to the log in page, but I get nothing but the spinning wheel.

• Renewed Self signed cert not visible in certmgr.msc

  I am helping a friend's small company with their IT needs and just renewed their self signed exchange certificate. Both the old and new certs show up in the exchange management shell, but only the old cert shows up in Cert Manager MMC on the server.
  Comparing the two certs in the Exchange mgmt shell, the only real difference is with the RootCAType. The old shows "GroupPolicy", and the new shows "None".
  How do I get the new cert into the "Trusted Root Cert... Authorities" in certmgr.msc?

  Don't do certmgr.msc that opens the user store by default. Open mmc than add snap in, certficates store and select local computer and not user.
  James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
  I cannot even see the Add/Remove Snap-In option in my computer management/mmc. Also, there is no console root present. How do I fix this
  Fixed it. You need to open mmc.exe and not computer management. 
  Steps - 
  search for mmc.exe, open it.
  file > add/remove snap-in > Highlight certificates >
  add button > snap in will always manage certificates for
  == My User Account > ok.
  The other options besides, are computer account, network service. I don't know their purpose.

• (Self-)signing a MIDlet for use on ~10 phones without spending money

  Hello everyone,
  I just spend like 4 hours researching how to sign MIDlet and I am totally confused.
  Instead of asking for general instructions I am going to explain what I want to do. Hopefully that will enable people to tell me whether or not this is possible and what steps I should take.
  What I want to do:
  * I have a MIDlet (JAR+JAD pair), written for J2ME CLDC 1.1/MIDP 2.0
  * This program needs to read and write files, as well as access GPS (using the Location API). I have specified the needed permissions in the JAD file (MIDlet-Permissions and MIDlet-Permissions-Opt)
  * The end goal is to be able to run this program on a limited number (<=10) of phones. All phones are Nokia handsets running S60 3rd Ed. FP1/2. They are owned by my organisation so the IMEI numbers are known
  * And now for the important thing: the program should not throw runtime warnings when files are accessed or the location API is used
  * Because this is an entirely non-commercial thing the whole process should not cost me any money
  So far I've been testing this application on a single Nokia N95-2 (8GB). Because the MIDlet is unsigned (or at least I believe that is why) it throws lots of runtime warnings (concerning file access and location access, eg: "Allow application X to read user data?" YES/NO). So this is exactly what I need to avoid when deploying this program on the ~10 other phones.
  I understand that it is most likely impossible to achieve this with a single "signed" file that can be deployed on all 10 phones. However, supposing there is some free(!) "(self-)signing" procedure that produces a MIDlet that will work without the runtime warnings on a specific phone (identified by IMEI#), I am perfectly willing to go through this procedure for every phone/IMEI involved.
  So is this possible? And if so, what are the steps I should take. Please give me as much info as possible. I've been googling for hours and I ave yet to find a decent explanation for a scenario like this.
  Thanks in advance!

  It is my understanding (from posts on other forums) that the procedure explained on that webpage ( [http://browndrf.blogspot.com|http://browndrf.blogspot.com] ) only works/worked on Nokia S60 2nd edition devices, due to a bug (or feature?) in Nokia's MIDP implementation. In the 3rd edition of the S60 platform this bug was fixed so the procedure no longer works.
  As for my own project, we bit the bullet and got ourselves a Verisign certificate after all (for a whooping $500). So the problem is solved, although it wasn't exactly cheap.
  Thanks for your helpful comments.
  Regards,
  M.S.

• Can't find my data from Time Machine network backup

  Migration assistant shows inconsistent sizes for applications, computer settings and other files/folders, about 30GB when I had 270 GB only in pictures.
  I did a clean Mavericks install.
  How do I find my data from the TimeMachine network backup?
  The size of the TimeMachine backup is consistent with what I had before ( >300 GB)...so how do I recover it?.
  I'm using a new user account name in the clean installation.
  Thanks

  Read a few threads about this being a problem with account access, so I renamed the account in my new installation to the account name used to create the backup and found the old accounts....now when trying to proceed it told me there was a conflict with the account name and i had to use a different one!!.
  Apple has stopped to be simple...
  So how are we suppose to use the migration assistant if either way there is a problem? ( using same or different account name )...

• Self signed Extension not visible in Indesign CC although installed in Extension manager CC

  I have a HTML Extensions which I self signed (by creating a self signed certificate) using ZxpSignCmd. I exported my Extension in ZXP format
  and it got installed under Indesign CC 32 bit.
  But when i open indesign and check for my extension, I cannot find it under Extensions Tab.
  Pleas note that when I copy the ZXP contents in the "C:\Users\CS47\AppData\Roaming\Adobe\CEPServiceManager4\extensions", It appear in Indesign CC.
  But i need to install it using Extension manager.
  I can't find another thread with a similar issue so please let me know how to deal with this.

  I have a HTML Extensions which I self signed (by creating a self signed certificate) using ZxpSignCmd. I exported my Extension in ZXP format
  and it got installed under Indesign CC 32 bit.
  But when i open indesign and check for my extension, I cannot find it under Extensions Tab.
  Pleas note that when I copy the ZXP contents in the "C:\Users\CS47\AppData\Roaming\Adobe\CEPServiceManager4\extensions", It appear in Indesign CC.
  But i need to install it using Extension manager.
  I can't find another thread with a similar issue so please let me know how to deal with this.

• ACS 5.3 / Self Signed / Certificate base auth

  Hello,
  Our ACS (5.3) has self signed certificate, we have exported it and declared it in Certificate Authorities.
  We have exported it to have a Trusted Certificate for client machine.
  This certificat has been installed on a laptop.
  The wlc is successfully setup for eap (peap & eap-fast has been tested > ok)
  I have this error in the log:
  12514 EAP-TLS failed SSL/TLS handshake because of an unknown CA in  the client certificates chain
  I think the Access Policies (identity & authorization) are misconfigured:
  > I allowed Host Lookup, PAP/ASCII, MSCHAPV2, EAP-MD5, EAP-TLS, PEAP, EAP-FAST
  > Identity: System:EAPauthentication match EAP-TLS
  id Source: AD in which AD, Internal Users, Password based, certificate based CN Username are enabled
  > authorization: System:WasMachineAuthenticated=True
  Thanks for your help,
  regards,

  Hello,
  I found the answer here:
  https://supportforums.cisco.com/message/1298039#1298039
  ACS self-signed certificate is not compatible with EAP-TLS
  Thanks,

• Problem with importing and creating self signed SSL certificate

  Mac Pro, 10.7.2 Server.  Attempting to import or create a self signed certificate for use as ichat.domain.com to encrypt iChat service.  Server is acutally called server.domain.com but has an alias of ichat.domain.com.  I understand that this is probably not best practice but I would like to keep things this way since we have one server, run multiple services on it, but want to continue to connect to each service at SERVICE.domain.com.  We have been using this type of mismatched certificate with success since 10.4 or so.
  I am working through setup of 10.7 Server to replace our 10.6 server. 
  Tried upgrade of 10.6 to 10.7 installation.  The installation made a mess of some services and our Open Directory, but did move the certificate over and allowed iChat service to function properly.
  Clean install and setup of 10.7 Server.  Exported self signed certificate, private key, and encryption password from 10.6 Server and functioning 10.7 upgraded Server.
  On import or manual creation of certificate get the following error:
  Error
  Check your server's logs for more information.  The error (code 5001) was: Expected SecKeychainItemImport to return a SecIdentityRef, but it did not
  Log shows:
  Dec 29 17:56:55 server servermgrd[498]: -[CertsRequestHandler(HelperAdditions) importP12Data:passphrase:error:]: importedItems = (
                "<SecCertificate 0x7fcf6ed43c00 [0x7fff78d96f40]>"
  I have tried importing and manually creating other certificates with a variety of names with success.  I assume that there is something buried somewhere that is causing this particular one to be a problem.  Other than manually removing any remnants of the certificate from /etc/certficates I do not have any ideas what to try.  I am essentially ready to move this server to 10.7 except for this problem and would like to avoid a reinstall.
  Suggestions?
  -Erich

  Take a look here.
  https://bbs.archlinux.org/viewtopic.php?id=146649
  Maybe it's a problem with your network.