Password Synchronization Connector Error in SSL secure mode (636)

Similar Messages

• AD password synchronization connector error

  Hi,
  I have installed the AD password synchronization connector 9.1.1. to Windows 2003 SP2 server successfully.
  When I tried to reset the users password I can see from the 20120518OIMMain.log file the following errors:
  Debug [5/18/2012 8:20:19 PM] The SOAP start element is
  Debug [5/18/2012 8:20:19 PM] <SPMLv2Document xmlns="http://xmlns.oracle.com/OIM/provisioning">
  Debug [5/18/2012 8:20:19 PM] The SOAP end element is
  Debug [5/18/2012 8:20:19 PM] </SPMLv2Document>
  Debug [5/18/2012 8:20:19 PM] The path is
  Debug [5/18/2012 8:20:19 PM] /spmlws/HttpSoap11
  Debug [5/18/2012 8:20:19 PM] End of sgsloidi::setParameters
  Debug [5/18/2012 8:20:19 PM] <?xml version="1.0" encoding="UTF-8"?>
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns0="http://xmlns.oracle.com/OIM/provisioning"><env:Body><env:Fault><faultcode>env:Server</faultcode><faultstring>Internal Server Error (Caught exception while handling request: java.rmi.RemoteException: null; nested exception is:
  *     java.lang.NullPointerException)*</faultstring></env:Fault></env:Body></env:Envelope>
  Debug [5/18/2012 8:20:19 PM] Inside sgsloidiOIMGeneralErrorHandler
  Debug [5/18/2012 8:20:19 PM] Unable to update USR_NAME. There are error messages in the searchReponse. Please check log for details
  Debug [5/18/2012 8:20:19 PM] Password updation failed in child process
  Can anyone tell me what's wrong with it? please..
  What's I should check?
  Thank a lot.

  1. Check your ports, make sure they are open.
  2. For password sync you'll need to have SSL certificates configured so AD, OIM and the connector can talk securely. Make sure the proper keystore is used and certificate is present on all 3 (the connector includes the guide to install them)
  With the above I got my connector working to this point. Hope that helps.
  - JP

• AD-OIM password synchronization connector error

  Hi,
  I have installed the AD password synchronization connector 9.1.1. to Windows 2003 SP2 server successfully. When I reset the users password I can see from the 20091217OIMMain.log file the following errors:
  Debug [12/17/2009 2:08:31 PM] The SOAP start element is
  Debug [12/17/2009 2:08:31 PM] <SPMLv2Document xmlns="http://xmlns.oracle.com/OIM/provisioning">
  Debug [12/17/2009 2:08:31 PM] The SOAP end element is
  Debug [12/17/2009 2:08:31 PM] </SPMLv2Document>
  Debug [12/17/2009 2:08:31 PM] The path is
  Debug [12/17/2009 2:08:31 PM] /spmlws/HttpSoap11
  Debug [12/17/2009 2:08:31 PM] End of sgsloidi::setParameters
  Debug [12/17/2009 2:08:31 PM] <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><faultcode xmlns="">env:Server</faultcode><faultstring
  xmlns="">Internal Server Error</faultstring><faultactor xmlns=""></faultactor></env:Fault></env:Body></env:Envelope>
  Debug [12/17/2009 2:08:31 PM] Inside sgsloidiOIMGeneralErrorHandler
  Debug [12/17/2009 2:08:31 PM] Unable to update USR_NAME. There are error messages in the searchReponse. Please check log for details
  Debug [12/17/2009 2:08:32 PM] Password updation failed in child process
  Where is this searchResponce log file? I tried to see all the Windows log files, which has been updated after my password reset, but none of them has any errors which makes sense or the time would match. Also in 20091216043_PasswordChange.log everthing seems to go okay.
  SPML web service is deployed and up and I can hit that URL from my machine. I don't get any printouts to the OIM log file.
  Any ideas...? Thanks a bunch!
  -J-

  1. Check your ports, make sure they are open.
  2. For password sync you'll need to have SSL certificates configured so AD, OIM and the connector can talk securely. Make sure the proper keystore is used and certificate is present on all 3 (the connector includes the guide to install them)
  With the above I got my connector working to this point. Hope that helps.
  - JP

• Password changes in AD - Password Synchronization Connector Issue

  Hey all,
  Newbie question/problem... I have the 9.1.1.0 version of the AD Password Synchronization Connector installed on all domain controllers in my AD. My OIM system is IDM 9.1.0.1 running with JBoss.
  When a password is changed on the target machine that OIM is connected to, the password synchronizes across to OIM fine.
  When I change a password on another DC, the password does not synchronize. I check the logs and instead get an error saying... User not found. This shows in the AD eventlog as well saying... user not found in AD, please verify the configuration parameters.
  The weird thing is... if I change my OIM host to point to the 2nd DC that threw that error and change the Password Synchronization Connector to point to itself as the host, the password change will now work and synchronize back to OIM. The password change on the original DC will now throw the same error, user not found.
  I am totally stumped on this one... any help would be greatly appreciated.
  Thanks in advance.
  -B

  Well finally figured it out... each password synchronization connector on each domain controller must:
  for the host entry: use the IP of the current Domain controller box you are installing on
  for the OIM host: enter the OIM server's hostname (not ip)
  Just wanted to share my pains and struggles so others wouldn't have to.

• Password Synchronization Connector Installation

  Hello friends,
  About Password Synchronization Connector, my query is:
  You can install this connector, with a different user account with administrator account used to start the server in Active Directory.
  thanks

  Another query, this has to be used in the installation of the connector, in addition to the permit program should install another permit what should you be assigned in the Active Directory?
  Thank you for responding, there is some documentation that specifies your claim.

• Password Sync Connector Error 11gR2

  Hi all,
  I am using following products
  IDM 11.1.2.0,
  activedirectory-11.1.1.5.0 connector with Patch P14190610_111150_Generic.
  MSFT_PSync_91150 for Password Sync.
  Please let me know that AD Password Sync Connector 9.1.1.5 can be configured with OIM *11gR2* ?
  Because I am getting error *"Password updation failed in child process "* I have used the same connector with OIM 11.1.1.5.0 (11gR1) and it was working fine. do i need to make any changes / settings in the OIM for AD Resource also?
  Thanks

  thanks for your reply,
  Please can you help me on the following ....
  I have installed AD PasswordSync Connector 9.1.1.5.0 (MSFT_AD_PSync_9.1.1.5.0) with newly released patch MSFT_AD_PSync_9.1.1.5.6 (patch 14627510). I am getting error that Password updation failed in child process
  its not making any sence as the same connector was working fine with 11gR1. I have uninstalled and reconfigured the connector but no luck.
  Can you through some light on it?
  what i think that there is some communication issue between IDM and AD server, I have check the communication and found no issue. is it that SSL is compulsory for this connector although its not mentioned in any of the document.
  +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  ebug [10/09/12 14:09:27] Inside sgsloidi::setParameters
  Debug [10/09/12 14:09:27] The SOAP start element is
  Debug [10/09/12 14:09:27] <processRequest xmlns=""><sOAPElement>
  Debug [10/09/12 14:09:27] The SOAP end element is
  Debug [10/09/12 14:09:27] </sOAPElement></processRequest>
  Debug [10/09/12 14:09:27] The path is
  Debug [10/09/12 14:09:27] /spmlws/OIMProvisioning
  Debug [10/09/12 14:09:27] End of sgsloidi::setParameters
  Debug [10/09/12 14:09:27] Begin function sgsloidi::queryADUserAttribute()
  Debug [10/09/12 14:09:27] Inside sgsladac c-tor
  Debug [10/09/12 14:09:27] AD Host
  Debug [10/09/12 14:09:27] 172.20.20.135
  Debug [10/09/12 14:09:27]
  Debug [10/09/12 14:09:27] AD Port
  Debug [10/09/12 14:09:27] 389
  Debug [10/09/12 14:09:27]
  Debug [10/09/12 14:09:27] AD Base DN
  Debug [10/09/12 14:09:27] DC=YYYt,DC=vvv,DC=www
  Debug [10/09/12 14:09:27]
  Debug [10/09/12 14:09:27] Inside ConnectToADSI
  Debug [10/09/12 14:09:27]
  ADSI Bind success full
  Debug [10/09/12 14:09:27] Begin function sgsladac::searchAttrValue()
  Debug [10/09/12 14:09:27] [Base DN : DC=yyy,DC=vvv,DC=www]; [Filter : (&(objectClass=user)(samAccountName=IDM005))]; [Attribute : samAccountName]
  Debug [10/09/12 14:09:27] Search success with one result.
  Debug [10/09/12 14:09:27] End function sgsladac::searchAttrValue()
  Debug [10/09/12 14:09:27] End function sgsloidi::queryADUserAttribute()
  Debug [10/09/12 14:09:27] Inside sgsladac destructor
  Debug [10/09/12 14:09:27] <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault><faultcode>env:Client</faultcode><faultstring>Unknown method</faultstring></env:Fault></env:Body></env:Envelope>
  Debug [10/09/12 14:09:27] Inside sgsloidiOIMGeneralErrorHandler
  Debug [10/09/12 14:09:27] Unable to update IDM005. There are error messages in the searchReponse. Please check log for details
  Debug [10/09/12 14:09:27] Inside sgsladds::sgslperwriteData YOOOO
  Debug [10/09/12 14:09:27] Inside sgsladac c-tor
  Debug [10/09/12 14:09:27] AD Host
  Debug [10/09/12 14:09:27] 172.20.20.135
  Debug [10/09/12 14:09:27]
  Debug [10/09/12 14:09:27] AD Port
  Debug [10/09/12 14:09:27] 389
  Debug [10/09/12 14:09:27]
  Debug [10/09/12 14:09:27] AD Base DN
  Debug [10/09/12 14:09:27] DC=yyy,DC=vvv,DC=www
  Debug [10/09/12 14:09:27]
  Debug [10/09/12 14:09:27] Only dataattribute
  Debug [10/09/12 14:09:27] Got Registry enteries
  Debug [10/09/12 14:09:27] contact
  Debug [10/09/12 14:09:27] description
  Debug [10/09/12 14:09:27] Got Entiredn
  Debug [10/09/12 14:09:27] OU=oimpwdsyncmoetest.gov.kw,ou=OIMADPasswordSync,DC=yyy,DC=vv,DC=wwww
  Debug [10/09/12 14:09:27] Encrypted record already exists in Datastore
  Debug [10/09/12 14:09:27] Already Exists
  Debug [10/09/12 14:09:27] Encrypted record already exists in Datastore
  Debug [10/09/12 14:09:27] Already Exists
  Debug [10/09/12 14:09:27] Inside sgsladdsSearchUser
  Debug [10/09/12 14:09:27] Firing Search Request
  Debug [10/09/12 14:09:27] AD search for a user objectGUID is successfull
  Debug [10/09/12 14:09:27] Count success
  Debug [10/09/12 14:09:27] Search result fetched
  Debug [10/09/12 14:09:27] 0:430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
  Debug [10/09/12 14:09:27] --------------------&&&----------------
  Debug [10/09/12 14:09:27] Inside sgsladds::sgsladdsgetData NEW Look
  Debug [10/09/12 14:09:27] 0:430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
  Debug [10/09/12 14:09:27] Encoded Data Extracted in sgsladdsgetData
  Debug [10/09/12 14:09:27] 430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
  Debug [10/09/12 14:09:27] Moving out sgsladdsgetData
  Debug [10/09/12 14:09:27] Encoded Data Extracted
  Debug [10/09/12 14:09:27] 430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
  Debug [10/09/12 14:09:27] Incrementing the MAX_RETRY LIMIT:
  Debug [10/09/12 14:09:27] 1
  Debug [10/09/12 14:09:27] numretries ======
  Debug [10/09/12 14:09:27] 1
  Debug [10/09/12 14:09:27] Inside sgslcodsupdateChild
  Debug [10/09/12 14:09:27] 1:430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
  Debug [10/09/12 14:09:27]
  Encrypted record data updated successfully
  Debug [10/09/12 14:09:27] Inside sgsladac destructor
  Debug [10/09/12 14:09:27] End of sgsloidiOIMGeneralErrorHandler
  Debug [10/09/12 14:09:27] Password updation failed in child process
  Debug [10/09/12 14:09:27]
  Relaxing while processing records from datastore
  Debug [10/09/12 14:09:29]
  About to UNBIND datastore after processing the Records
  Debug [10/09/12 14:09:29]
  Deleting datastore object pointer
  Debug [10/09/12 14:09:30] Datastore --- Connect to AD
  Debug [10/09/12 14:09:30]

• Password Synchronization Connector in HA

  Hello friends,
  As I can configure the Password Synchronization plug idm Oracle Identity Manager on Oracle WebLogic Server deployed in Cluster (2 nodes)
  Thanks.

  Yes, you can configure it for 2 nodes in clustered environment. Refer http://docs.oracle.com/cd/E11223_01/doc.904/e10450.pdf 2.3 4. You need to install connector on one node and configure it on both, if it is 11g.
  regards,
  GP

• AD Password Sync connector 9.1.1 With OIM 11g R2 - ERROR OVER SSL

  I have set up AD password sync with from AD to OIM 11G R2
  The password syncs from AD to OIM 11G R2 on non ssl port 389.
  But if fails on SSL Port 636.
  Errors in OIMMain.Log:_
  Debug [10/11/2012 10:49:34 AM] Inside ConnectToADSI
  Debug [10/11/2012 10:49:34 AM]
  ldap_connect failed with
  Debug [10/11/2012 10:49:34 AM] Server Down
  Debug [10/11/2012 10:49:34 AM]
  Steps Carried Out thus far:_
  AD is up and running.
  Configured AD Password Sync Connector on 636 and selected ssl.
  Created Certificate on OIM host, configured custom identity key store on weblogic. Restarted Weblogic.
  Imported Certificate to AD. After this, restarted the AD
  I can Telnet port 636 from OIM Box and also connect to AD through LDAP Browser on 636 and view OU and CN, so this seems fine.
  Provisioning from OIM through Connector Server to AD works over SSL and this works fine.
  Help would be appreciated.
  Many Thanks

  This question is now been fixed.
  Instead of explicitly stating 636 for SSL,
  Use the same port 389 for ssl and also configured oim port to be 140001 which is the ssl port for oim in the configuration of OIM Password Sync.
  Export Certificates from AD to java security keystore and to weblogic keystore
  Export .pem certificate created on OIM host machine to AD.
  Restart weblogic, oim and AD
  Everything would work fine.
  For all the other information, refer to doc.
  Thanks

• AD Password Sync Connector in SSL Mode

  Hi,
  The AD Password Sycn connector works fine with non-SSL , but not in SSL mode.
  This is the log generated-
  Debug [11/19/12 15:35:08] Start getting config parameters from registry
  Debug [11/19/12 15:35:08] oimhost is
  Debug [11/19/12 15:35:08] abc.com
  Debug [11/19/12 15:35:08]
  Debug [11/19/12 15:35:08] oimport is
  Debug [11/19/12 15:35:08] 14001
  Debug [11/19/12 15:35:08]
  Debug [11/19/12 15:35:08] oimsslclient is
  Debug [11/19/12 15:35:08] PwdSync
  Debug [11/19/12 15:35:08]
  Debug [11/19/12 15:35:08] oimuserattr is
  Debug [11/19/12 15:35:08] Users.User ID
  Debug [11/19/12 15:35:08]
  Debug [11/19/12 15:35:08] oimusessl is
  Debug [11/19/12 15:35:08] Y
  Debug [11/19/12 15:35:08]
  Debug [11/19/12 15:35:08] oimappservertype is
  Debug [11/19/12 15:35:08] 1
  Debug [11/19/12 15:35:08]
  Debug [11/19/12 15:35:08] End of sgsloidi::getConfigParamters
  Debug [11/19/12 15:35:08] Inside sgsloidi::setParameters
  Debug [11/19/12 15:35:08] The SOAP start element is
  Debug [11/19/12 15:35:08] <processRequest xmlns=""><sOAPElement>
  Debug [11/19/12 15:35:08] The SOAP end element is
  Debug [11/19/12 15:35:08] </sOAPElement></processRequest>
  Debug [11/19/12 15:35:08] The path is
  Debug [11/19/12 15:35:08] /spmlws/OIMProvisioning
  Debug [11/19/12 15:35:08] End of sgsloidi::setParameters
  Debug [11/19/12 15:35:09] Look for client cert
  Debug [11/19/12 15:35:09] Search the opened store
  Debug [11/19/12 15:35:09] Inside sgsloidiOIMDownErrorHandler
  Please suggest.

  Instead of explicitly stating 636 for SSL,
  Use the same port 389 for ssl and also configure oim port to be same(ex:140001) which is the ssl port for oim in the configuration of OIM Password Sync.
  Export Certificates from AD to java security keystore and to weblogic keystore
  Export .pem certificate created on OIM host machine to AD.
  Restart weblogic, oim and AD
  Everything would work fine.
  For all the other information, refer to doc.

• OIM AD password Sync connector. Connection to AD through SSL

  Hi.
  I am trying to configure AD password sync connector 9.1.1.5 with patch 14627510 to connecto to AD through SSL.
  At this moment, connector is able to connect to OIM through SSL but not to the AD. If i set AD port number to 389 on the connector configuration, everything works fine.
  If i set it to 636, it is not able to connect to the AD.
  I've imported the AD SSL certificate to <connector install directory>\OIMADPasswordSync\_jvm\lib\security\cacerts and restarted the domain controller but still no luck.
  To test that the certificate and everything else is OK, i've also installed a jxplorer and imported the same certificate into <jexplorer install directory>\jxplorer321\security\cacerts. Jxplorer is able to connect to the AD through SSL on port 636 so user credentials, certificate, etc.. are ok
  Connector documentation doesn't mention anything regarding SSL connection to AD, it only describes SSL connection to OIM.
  Anyone has donde this before? Is there any additional step i should follow to enable SSL connection from AD password sync connector to AD? Does the connector support SSL connection to AD?
  Regards.

  have you tried importing the cert in cacerts under $JAVA_HOME?

• Error Installing AD Password sync connector in windows 2008

  HI,
  i am trying to install AD Password sync connector in windows 2008 but i am getting following error.
  **Error occurred while uploading prepAD.ldif. , please refer to %TEMP%\oimpwdsync.log. Please upload**
  **prepAD.ldif to Active Directory Domain Controller before applying ACLs.**
  Thanks,

  Dont do any thing. just restart your machine,a dn re-configure, because first time passwordsync10.dll has not initialized on AD machine. after that just put same parameter value what you have given previously. it will work
  same time verify if AD Authentication or xelsysadm Authentication is wrong

• I am not having problems with wifi but ipad will not accept my password in the secure mode. anyone else having the same problem?

  I am having problems with the Ipad accepting my password in the secure mode in Wifi. I can get into wifi when the secure mode is off. This only started when I downloaded the lastest update for the Ipad. Anyone else having the same problems?  I have rebooted the Rotar and still doesn't work.

  I am not.
  Which secure mode are you using with your wireless network - WEP or WPA?
  Have you tried forgetting this network on your iPad, and/or resetting network settings on your iPad? Both will require rejoining the network and the latter will require rejoining every wi-fi network your iPad has access to when returning within range of the network.

• SSL errors connecting to secure sites

  <blockquote>Locking thread.<br>
  Please continue in your previous thread: [[/questions/891765]]</blockquote>
  I had earlier posted a query on a problem connecting to https sites. refreshing the network card parameters seems to have solved the problem.
  But again the problem has resurfaced and I am getting frequent error " SSL received a record with an incorrect Message Authentication Code.
  (Error code: ssl_error_bad_mac_read) "
  It is becoming very irritating since it is preventing me to access most of the https site including gmail. The most frustrating part is that the occurrence is not predictable. When the error comes and I click ok, the page is resubmitted and many of the times the page is loaded properly. The problem again occurs when I want to proceed to the next page.
  Any suggestion would be highly appreciated.

  I've removed the solved status from this thread as you still seem to have this problem.
  Are you using a direct connection or a proxy?<br />
  Do you have a router or security software (firewall) that might cause this problem?<br />
  Do you have problems with other secure https connections?
  You can see the connection settings here:
  *Tools > Options > Advanced : Network : Connection > Settings
  See "Firefox connection settings":
  *https://support.mozilla.com/kb/Firefox+cannot+load+websites+but+other+programs+can
  From [/questions/893358 another post] by you:
  <blockquote>refreshing the network card parameters seems to have solved the problem.<br />
  <br />
  But again the problem has resurfaced and I am getting frequent error <br />
  " SSL received a record with an incorrect Message Authentication Code.<br />
  <br />
  (Error code: ssl_error_bad_mac_read) "<br />
  <br />
  It is becoming very irritating since it is preventing me to access most of the https site including gmail. The most frustrating part is that the occurrence is not predictable. When the error comes and I click ok, the page is resubmitted and many of the times the page is loaded properly. The problem again occurs when I want to proceed to the next page.</blockquote>

• SCCM Connector errors out at 29% synchronization

  I have successfully integrated AD and SCCM into Service Manager, but the connector I created for SCCM stops at 29% synchronization with errors. I'm not actually sure how to determine what the error is in particular nor can I seem to solve this problem. I
  have checked non-information logs this is what came up with relation to SCCM:
  Data synchronization failed by Connector - SCCM.Importer.Inventory.SCCMConnector.6395a7bb03f44083bb045a16f119ce83.:Microsoft.EnterpriseManagement.ServiceManager.Connector.Sms.SmsConnector.
  Exception type:ConnectorException
  Exception message:getCurrentBatch failed . Exception type:DatabaseLayerException
  Exception message:Command type:Text
  Any suggestions would be greatly appreciated -- thanks.

  Hi ,
  Faced same problem , SCCM connector synchronization fails at 11%
  About the environment setup
  1. SCCM 2012 R2 CU1
  2. SCSM 2012 R2
  Event logscontains the below
  Inner Exception:
  Exception message:Invalid object name 'SCCM_Ext.vex_GS_NETWORK_ADAPTER'..
  StackTrace:  
  at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
  at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
  at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
  at System.Data.SqlClient.SqlDataReader.TryConsumeMetaData()
  at System.Data.SqlClient.SqlDataReader.get_MetaData()
  at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString)
  at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async, Int32 timeout, Task& task, Boolean asyncWrite, SqlDataReader ds)
  at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, TaskCompletionSource`1 completion, Int32 timeout, Task& task, Boolean asyncWrite)
  at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method)
  at System.Data.SqlClient.SqlCommand.ExecuteReader(CommandBehavior behavior, String method)
  at System.Data.SqlClient.SqlCommand.ExecuteDbDataReader(CommandBehavior behavior)
  at System.Data.Common.DbCommand.System.Data.IDbCommand.ExecuteReader(CommandBehavior behavior)
  at System.Data.Common.DbDataAdapter.FillInternal(DataSet dataset, DataTable[] datatables, Int32 startRecord, Int32 maxRecords, String srcTable, IDbCommand command, CommandBehavior behavior)
  at System.Data.Common.DbDataAdapter.Fill(DataSet dataSet, Int32 startRecord, Int32 maxRecords, String srcTable, IDbCommand command, CommandBehavior behavior)
  at System.Data.Common.DbDataAdapter.Fill(DataSet dataSet, String srcTable)
  at Microsoft.EnterpriseManagement.ObjectOrientedDatabaseLayer.DatabaseAccessLayer.GetDataSet(DataSetRequest request).
  StackTrace:  
  at Microsoft.EnterpriseManagement.ServiceManager.Connector.SessionManager.DataProvider.throwConnectorException(String method, String message, Object[] values)
  at Microsoft.EnterpriseManagement.ServiceManager.Connector.SessionManager.DataProvider.createBatchInfoForRealSource(SessionBase session, Int32 SessionTableId, EnumTableStatus status)
  at Microsoft.EnterpriseManagement.ServiceManager.Connector.SessionManager.DataProvider.PrepareBatchInfo(SessionBase session)
  at Microsoft.EnterpriseManagement.ServiceManager.Connector.SessionManager.DataProvider.GetNextBatch(IConnectorSession connectorSession, Boolean batchInfoOnly)
  at Microsoft.EnterpriseManagement.ServiceManager.Connector.Datacenter.SessionHost.DataSync()
  log indicates some sccm object is missing 'SCCM_Ext.vex_GS_NETWORK_ADAPTER'
  Any suggestions???

• SSL and security modes

  We are getting ready to implement SSL on the Portal Server and after reading the documentation, I'm not sure which security mode we need to be in. Will mode 0 be fine as long we require SSL on IIS on the portal server?

  Hi Eric,
  You mentioned that your site is in mode 2. How was the performance? Are you using an accelerator? Please send me the link if that is alright. We have been playing with https (mode 2) but no success since all admin tasks stopped working. Our next step is to install a separate portal inside the firewall....Any tips would be appreciated.
  Thanks,
  Leona------- Eric Whitley wrote on 9/17/04 10:33 AM -------
  I think you'll want to at least set SSL mode to 1. I'm going to just write out my understanding of things, and I only really have PT 4.5 WS in production, so if I'm off, well... somebody correct me. :)
  Something to keep in mind - Plumtree needs to "know" which SSL mode you're setting up so it can construct the links for all click-throughs (http://myservervs https://myserver).
  0 = no SSL. Even if you place SSL on IIS Plumtree won't care - in fact, if you click on 'require SSL' on IIS, I think you'll run into problems. Plumtree won't construct URLs with the appropriate "https" prefix, which will likely cause problems.
  1 = apply security to pages that need it. Login pages, document click-throughs, etc. as defined in the secure activity spaces configuration. Plumtree will apply the "https" to only those pages/links.
  2 = SSL everything, everywhere. Our portal current has this configuration.
  Clicking on "require SSL" on the virtual directory will only deal with the IIS portion - you still need to indicate to Plumtree how much/where you want it applied so it can construct the links appropriately. Try setting "1" to see if it will get you where baseline security - our clients and global security team force us to SSL everything conceivable, so we use setting "2".
  That help?
  Eric