Policy ASBVGM is missing

Similar Messages

• Updating policies and Policy Database or Policy Updates without server restart

  Hi again,
  I have implemented the flash access reference implementation server including setting up all example database tables (so we have a central database server).  I have started updating policies for the application "whitelist" features and have run into some questions below.
  The Protecting Content documentation states:
            "If your license server has access to a database for storing policies, you can retrieve the updated policy from the database and call LicenseRequestMessage.setSelectedPolicy()"
  This leads to two questions:
  1)  The reference implementation doesn't store any Policies in the database (it stores them on the filesystem in the Resources Directory).     I can not find any documentation or examples of how to "retrieve the updated policy from the database".     Can somebody please point me to an example or documentation on how to store policies in the database so I can simply LicenseRequestMessage.setSelectedPolicy()?
  2)  As the reference implementation stores policies on the disk I had to use policy update lists when I whitelisted an AIR app.     However, the reference server did not honor the policy update list till I restarted the flash access reference server.      How can I notify the flash access server of the change to the update policy list without restarting the server?
  Thank you,
  -R

  Hello,
  Please see my answers below.
  Answer 1>
  If you want to store the binary representation of the policy in the database, you can invoke Policy.getBytes() and store the returned byte[] as a blob in the database. For details on how to store such binary data in a database, you should consult the documentation for you database. Then, to rebuild a policy that had been stored in a database, you can obtain the byte[] stored in the database, and invoke new Policy(byte[]) with it to reconstruct that policy instance.
  See the following javadocs:
        * Retrieves an encoded byte array representation of the policy.
        * <p>If this <code>Policy</code> was created from an empty constructor, the revision number
        * will be <code>1</code>.  If this was an existing policy and changes were made to the policy,
         * the revision number will be incremented by one. Otherwise, the revision number will not change.</p>
        * <p>The validity of the policy is first checked before encoding into a byte array.  Encoding will fail
        * if {@link #checkValidity()} throws an exception.</p>
         * @return A serialized representation of the policy.
        * @throws PolicyModificationException The <code>Policy</code> cannot be serialized because it was created with a newer version and was modified.
        * @throws PolicyException The <code>Policy</code> is missing required fields or contains conflicting entries.
        * @throws EncodingException Unable to encode the <code>Policy</code> to a byte array.
        public byte[] getBytes() throws PolicyException, EncodingException;
        * This constructor parses an existing policy from the given byte array.
         * @param policy The policy from which to construct this <code>Policy</code>.
        * @throws EncodingException Unable to parse the byte array into a <code>Policy</code>.
        * @throws PolicyException The <code>Policy</code> is missing required fields or contains conflicting entries.
        public Policy( byte[] policy ) throws PolicyException, EncodingException;
  Answer 2>
  In order to implement automatic configuration updates of policy update lists on the flash access server, you will need to tweak the Reference Implementation code, to monitor the file update state and re-load the PolicyUpdateList if it changes. The code snippet below, taken from the com.adobe.flashaccess.refimpl.util.ParamsReader.buildHandlerConfiguration() method, should serve as an example of how the PolicyUpdateList is loaded and then set on the HandlerConfiguration instance for it to take effect for a particular license acquisition request. In the case of the reference implementation, this code (below) is only invoked once, during server initialization. That is why a server restart is necessary for subsequent changes to take effect. However, nothing prevents this code form being invoked elsewhere, and that implementation is entirely upto the customer, to achieve the desired outcome.
        PolicyUpdateList pul = PolicyUpdateListFactory.loadPolicyUpdateList(pulInputStream);
        if (pul != null)
              X509Certificate issuerCert = null;
              if (hsmEnabled)
                    issuerCert = getHSMCertificate(props, hsmUtils, "RevocationList.verifySignature.X509Certificate");
              else
                    String pulSignatureCertFile = props.getProperty("RevocationList.verifySignature.X509Certificate");
                    if (pulSignatureCertFile != null)
                          InputStream pulSignerInputStream = new FileInputStream(resourcesDir + pulSignatureCertFile);
                          issuerCert = CertificateFactory.loadCert(pulSignerInputStream);
              if (issuerCert != null)
                    pul.verifySignature(issuerCert);
                    context.setPolicyUpdateList(pul);
  Regards,
  Safdar

• EX90 missed calls

  Hi ,
  Is there any feature about missed calls notification with an e-mail for Cisco Tandberg Ex90s?
  Could not we follow apart from that we can see the missed calls or received calls on history list?  Do you have any idea about it?
  Thank you.

  I am updating as many forums I can with the following information: 
  We have updated our policy on handling missed calls very recently for the Fascinate.
  We normally don't request people to call in,but if you are reading this, that may be your best option.  Call 800-922-0204 option 3 for tech support.  Choose the option foradvanced devices and PDAs. This will get you to tech support.
  We do have different options available for customers experiencing this issue while we work on the permanent fix to this problem. 
  You also have the option to PM me with your cell number, and I'd be happy to review this in detail via phone call or PM. 
  Thanks for you patience.  I know this has been a rocky road for some of you.

• Office 2013 disable privacy option but no GPO

  Hello,
  I want to disable the following privacy options but cant find any GPO setting for it. Somebody know where the settings are located?
  Allow the Research task pane to check for and install new services
  Allow sending files to improve file validation
  Thanks.

  Hi,
  Office Administrative Template file doesn’t include those privacy settings (there are many Group Policy Settings are missing from the Administrative Template).
  I would suggest you to use Process Monitor to get related registry keys and push the changes out through Group Policy Preferences:
  http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx
  Thanks,
  Ethan Hua CHN
  TechNet Community Support

• PGP Encryption Error using OpenPGP

  Hi all,
  I am trying PGP Encrption using Custom module in one of the scenario's.
  While Executing the code on my local system(simple java project) i am getting following error.
  Exception in thread "main" java.lang.RuntimeException: NYI
       at cryptix.jce.provider.elgamal.ElGamalCipher.engineGetParameters(ElGamalCipher.java:120)
       at javax.crypto.Cipher.a(DashoA12275)
       at javax.crypto.Cipher.init(DashoA12275)
       at cryptix.openpgp.algorithm.PGPElGamal.encrypt(PGPElGamal.java:550)
       at cryptix.openpgp.packet.PGPPublicKeyEncryptedSessionKeyPacket.encrypt(PGPPublicKeyEncryptedSessionKeyPacket.java:153)
       at cryptix.openpgp.provider.PGPEncryptedMessageBuilder.engineBuild(PGPEncryptedMessageBuilder.java:283)
       at cryptix.message.EncryptedMessageBuilder.build(EncryptedMessageBuilder.java:253)
       at text.Encrypt.main(Encrypt.java:128)
  Has anyone experienced similar error.
  Please Help!
  Mayank

  Hi,
  This usually happens when Unlimited strength jurisdiction policy files are missing for your JDK ...
  Java 6 u2013 http://java.sun.com/javase/downloads/index.jsp
  Java 5 u2013 http://java.sun.com/javase/downloads/index_jdk5.jsp#docs
  Java 1.4 u2013 http://java.sun.com/j2se/1.4.2/download.html#docs
  Hope this helps
  Chris

• Error when invoking NotificationServices - PolicySet Invalid

  Hi All,
  This is our internally build composite NotificationService which is used by all our other composites including AIA for fault and other runtime notifications. It has functionality to both email and create human work flow. We have tested in our DEV environment and works perfectly fine (deployed from JDeveloper). Now its more SIT time and we using WSLT to deploy it in TEST evnironment, deploy works fine but during runtime we get this error:
  Error from the Web Services invoke:
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault><faultcode>env:Server</faultcode><faultstring>PolicySet Invalid: WSM-06158 PolicyReference The policy referenced by URI "oracle/no_authentication_service_policy" does not exist in the repository. </faultstring><faultactor/><detail><exception>javax.xml.ws.soap.SOAPFaultException: PolicySet Invalid: WSM-06158 PolicyReference The policy referenced by URI "oracle/no_authentication_service_policy" does not exist in the repository. </exception></detail></env:Fault></env:Body></env:Envelope>
  Error in the composite instance:
  <fault>
  <bpelFault>
  <faultType>0</faultType>
  <remoteFault>
  <part name="summary">
  <summary>PolicySet Invalid: WSM-06158 PolicyReference The policy referenced by URI "oracle/no_authentication_service_policy" does not exist in the repository. </summary>
  </part>
  <part name="detail">
  <detail>javax.xml.ws.soap.SOAPFaultException: PolicySet Invalid: WSM-06158 PolicyReference The policy referenced by URI "oracle/no_authentication_service_policy" does not exist in the repository. </detail>
  </part>
  <part name="code">
  <code>owspe:PolicyAccess</code>
  </part>
  </remoteFault>
  </bpelFault>
  </fault>
  I tried invoking the same service from soapUI and it works fine for the emailing part, but fails if another composite tries to call it. I checked all policies and nothing is attached to any of the composites. Hence my setup is pretty much the same as DEV, I'm not able to tell the difference between DEV and TEST as it looks same to me. I also removed all the policies that get attached automatically when deploy from weblogic domain -> base domain -> Policies Set.
  What am I missing here?
  Thanks,
  Babs

  Hi All,
  For the record.
  Its all working now, this Oracle document had the information we needed
  http://docs.oracle.com/cd/E23943_01/web.1111/b32511/diagnosing.htm
  Policy Access Error After an Application Invokes Web Service
  After an application attempts to invoke a Web service, a policy access error such as the following appears:
  • WSM-06156: The policy URI is missing, empty or contains invalid characters.
  • WSM-06158: The referenced policy does not exist in the repository.
  • WSM-02017: The document was not found in the repository.
  Problem
  The problem may be:
  • The policy URI is missing or the policy name is misspelled.
  • The Policy Manager is down
  • The policy does not exist in the repository
  • The policy attachment is not in effect due to a cache delay.
  Solution
  To diagnose and solve policy access issues:
  1. Verify that the Policy Manager is running as described in "Diagnosing Problems with Oracle WSM Policy Manager" and "Unable to Connect to the Policy Manager".
  2. Verify that the mds-owsm datasource connection is reachable and available. For more information, see "Understanding and Managing Data Sources" in Oracle Fusion Middleware Administrator's Guide.
  3. Verify that the policy exists in the Oracle WSM repository by viewing the contents of the repository using the Policy Manager Validator page. For details about accessing the Validator page and viewing the contents of the repository, see "Diagnosing Problems with Oracle WSM Policy Manager".
  4. If the policy exists in the repository, verify that the policy URI is consistent with the policy URI in the repository.
  5. If the policy does not exist in the Oracle WSM repository, do one of the following:
  o For predefined policies:
   Verify that the repository has been upgraded with all of the latest predefined policies using the upgradeWSMPolicyRepository() command as described in "Upgrading the Oracle WSM Policies in the Repository".
   Reset the contents of the repository using the resetWSMPolicyRepository command as described in "Rebuilding the Oracle WSM Repository".
  oFor a custom policy:
   Import it into the repository as described in "Importing Web Service Policies". For information on creating a custom policy, see "Creating Web Service Policies".
  6. Check if the user is in a role that has the right permission granted. To modify any roles or permissions, refer to "Modify the User's Group or Role".
  7. Verify the policy accessor and cache delay.
  The amount of time it takes for a policy attachment to take effect is determined by the Oracle WSM policy accessor and policy cache property settings. By default, this delay can be up to a maximum of 11 minutes. To reduce the amount of the delay, if necessary, you can tune the following cache property settings:
  o Policy Accessor
  cache.refresh.initial, default 600000 milliseconds (10 minutes)
  cache.refresh.repeat, default 600000 milliseconds (10 minutes)
  o Policy Cache
  cache.tolerance, default is 60000 milliseconds (1 minute)
  For details about tuning these properties, see "Configuring Platform Policy Properties".
  Thanks,
  Babs

• AccessControlException (createClassLoader)

  Hi All,
  I am getting an error while calling EJB from an applet.
  my weblogic.policy file contains
  grant codeBase "file:/d:/weblogic/-" {
  all the default permission...from installation
  permission java.lang.RuntimePermission "getClassLoader";
  permission java.lang.RuntimePermission "createClassLoader";
  -Djava.security.policy==d:/weblogic/wlserver6.0/lib/weblogic.policy
  am I missing anything
  regards
  bain
  ++++++++++++++++++++++++++++++++++++++++++++
  Java(TM) Plug-in: Version 1.3.0-C
  Using JRE version 1.3.0 Java HotSpot(TM) Client VM
  User home directory = C:\WINNT\Profiles\Administrator
  Proxy Configuration: no proxy
  JAR cache enabled.
  Beginning Applet initialization...
  caught a SecurityException. That's OK.
  java.security.AccessControlException: access denied
  (java.lang.RuntimePermission createClassLoader)
  at java.security.AccessControlContext.checkPermission(Unknown Source)
  at java.security.AccessController.checkPermission(Unknown Source)
  at java.lang.SecurityManager.checkPermission(Unknown Source)
  at java.lang.SecurityManager.checkCreateClassLoader(Unknown Source)
  at java.lang.ClassLoader.<init>(Unknown Source)
  at java.security.SecureClassLoader.<init>(Unknown Source)
  at
  weblogic.utils.classloaders.GenericClassLoader.<init>(GenericClassLoader.java:88)
  at
  weblogic.utils.classloaders.GenericClassLoader.<init>(GenericClassLoader.java:80)
  at
  weblogic.j2ee.ApplicationManager.loadFromNetwork(ApplicationManager.java:233)
  at
  weblogic.j2ee.ApplicationManager.loadClass(ApplicationManager.java:134)
  at weblogic.rjvm.ClassTableEntry.getDescriptor(ClassTableEntry.java:37)
  at
  weblogic.rjvm.InboundMsgAbbrev.getDescriptor(InboundMsgAbbrev.java:132)
  at
  weblogic.rjvm.MsgAbbrevInputStream.readClassDescriptor(MsgAbbrevInputStream.java:171)
  at
  weblogic.common.internal.ChunkedObjectInputStream.readObject(ChunkedObjectInputStream.java:90)
  at
  weblogic.common.internal.ChunkedObjectInputStream.readObject(ChunkedObjectInputStream.java:114)
  at weblogic.rmi.internal.ObjectIO.readObject(ObjectIO.java:47)
  at
  weblogic.rmi.internal.BasicRemoteRef.unmarshalReturn(BasicRemoteRef.java:136)
  at
  weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java:251)
  at
  weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java:225)
  at
  weblogic.jndi.internal.ServerNamingNode_WLStub.lookup(ServerNamingNode_WLStub.java:121)
  at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:323)
  at javax.naming.InitialContext.lookup(Unknown Source)
  at com.wcomnet.Vector.TestApplet1.lookupHome(TestApplet1.java:268)
  at com.wcomnet.Vector.TestApplet1.start(TestApplet1.java:167)
  at sun.applet.AppletPanel.run(Unknown Source)
  at java.lang.Thread.run(Unknown Source)
  Applet started...

  Its not the IP that's restricting you - it's creating a ClassLoader. I don't believe you can create a ClassLoader unless you have all-permissions.

• The right ACL-POSTURE-REDIRECT in ISE

  I have an issue in  ACL-POSTURE-REDIRECT to download the NAC agent. I got the right page to download and install the agent from the access switch. However, I got error status-2 when trying to download the agent. The intial ACL was as follows
  ip access-list extended ACL-POSTURE-REDIRECT
  deny udp any any eq domain
  deny udp any host "ISE_IP" eq 8905
  deny udp any host "ISE_IP" eq 8906
  deny tcp any host "ISE_IP" eq 8443
  deny tcp any host "ISE_IP" eq 8905
  permit ip any any
  Then I modified to be like this
  ip access-list extended ACL-POSTURE-REDIRECT
  deny udp any any eq domain
  deny ip any host "ISE_IP"
  permit ip any any
  The second access list did work for me, but not all the time. !! so which access list should I apply
  Thanks

  This issue applies to user sessions during the client  provisioning phase of authentication. The Possible Causes The client  provisioning resource policy could be missing required settings.
  Ensure that a client provisioning policy exists in Cisco ISE. If yes,  verify the policy identity group, conditions, and type of agent(s)  defined in the policy.(Also ensure whether or not there is any agent  profile configured under Policy >Policy Elements > Results >  Client Provisioning > Resources > Add > ISEPosture Agent  Profile, even a profile with all default values.)• Try reauthenticating  the client machine by bouncing the port on the accessswitch

• Radius Nac

  Hi,
  I try to mount a NAC lab with the following architecture :
  - 802.1x on switch ports
  - ACSv5 with an external database (windows) for machine and user authentification
  - ACS v5 do vlan assignement and it works great.
  - Nac Manager
  - Nac agent on workstations : tried with CTA or CAA
  I try to add a posture validation to check for the presence of an antivirus.
  So I insalled a NAC Manager and add a "External Policy Check" on my ACS policy rule.
  The Endpoint has CTA or CCA for posture validation.
  It seems ACS doen't even try to make the request to the manager. I get the following error in ACS :
  STEP_79=15038 Skipping External Policy because of missing or malformed required attributes
  My question is : What do I need to do external posture validation with acs5 to a Nac Manager.
  The guide reference I used is : http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.0/user/guide/common_scenarios.html#wp1053461
  Thanks for your answer
  Regards

  I think with radius the vlan select and dynamic vlan assignment are two different topics. You can have ISE set users on different vlans within the same WLAN as long as the interface is present on the controller. I have tested this and works just fine.
  The vlan select maybe a topic that the wireless folks can shed some light on.
  Thanks
  Tarik Admani
  *Please rate helpful posts*

• UAG 2010 SP4 Cold Fusion Web Application "You Are Not Authorized To Access This Application" error

  Hi folks,
  2010 UAG SP4 publishing a web app that is a Cold Fusion login page.
  The portal trunk is set to not verify URLs and open with that page directly rather than a Portal page, I also have it set to not install client components, basically using UAG as a reverse proxy with some other items. 
  The published app does not require authentication and all users are authorized the path is as follows:
  /index.cfm?FuseAction=Security.Login
  And the hostname is set as www.apps.x.x.edu name removed but is correct. UAG has an http to https redirection and it requires https. 
  The Portal Link has https://xxxx as the address which is correct as it is using an SSL connection to the backend web server and I can reach the page successfully from the UAG server by simply browsing. 
  I previously had the application launching within the portal but the client does not want the extra step so I removed the portal interaction all together and while I had the application launching within the portal, it worked. I'm not certain what changed
  to make it fail, though. 
  In the Web Monitor I receive this error:
  A request on trunk nonuvaportal; Secure=1 failed because of an unknown application. The URL is /index.cfm?FuseAction=Security.Login. The source IP address is 137.54.129.238. The user is .
  Any help or tips or advice would be superb.
  Thanks,
  Justin

  And an update, I did another application publishing on a separate trunk/portal to a similar page
  /index.cfm?FuseAction=Programs.Home
  And I get the same error. Is there a switch/setting/policy I am missing to allow it to run those?

• Webservice https passthru using UAG 2010

  Hi Team,
  I have an application which need to be allowed from externally using https traffic. Application authentication need to be hadled by the webservice in the backend . Which means i need to allow without authentication in UAG.
  I did below steps already and am almost close to the fix. But need your expert advice to proceed please.
  1) Created a new trunk and unchecked authentication settings for the trunk
  2)Disabled component installation and scripting under session tab
  3)Created an application specific web application for the site .
  After above am able to access the portal from the browser. But there is an office  template update application which uses this URL in the backend. But application traffic is failing throuhg this and below it the error
  head><title>Object moved</title></head>
  <body><h1>Object Moved</h1>This object may be found <a HREF="/InternalSite/InitParams.aspx?referrer=/InternalSite/Login.asp&resource%5Fid=DDD75E7316B94F199BFB1B4C3AF3AD2A&login%5Ftype=10&site%5Fname=globaltemplate&secure=1&URLHASH=bb4bf683%2D5644%2D4405%2D87d7%2D61fd457997bd&orig%5Furl=https%3A%2F%2Fgtupdate%2Deu%2Ecorporateroot%2Enet%2F">here</a>.</body>
  UAG web monitor logs does not giveany error. But i see for the application trafffic it shows as an un authenticated traffic.
  Request to suggest if anyone has clarity on the  issue. Also let me know in case you need more details.
  Please keep in mind am able to get the page without any authentication pop up thru browser. But not from the application. Thanks in advance

  And an update, I did another application publishing on a separate trunk/portal to a similar page
  /index.cfm?FuseAction=Programs.Home
  And I get the same error. Is there a switch/setting/policy I am missing to allow it to run those?

• Gave a PO Box address, but being delivered by UPS

  So I pre ordered the new Majora's Mask 3D a while back, and I finally got it to stick without randomly cancelling.
  Well, I put a PO box shipping address because it's the only way I can reliably get my mail in middle-of-nowhere Texas and my neighbors aren't very trustworthy. Problem is, when I got my shipping confirmation email a few days ago, my order status on Best Buy's website under my account still says the PO box shipping address, but the tracking number they gave me is for UPS, who cannot deliver to PO boxes, and it says it's being shipped to my home address, which is not good, because not only would I probably not be there when it's delivered during the day, but I also didn't give an apartment number because it was completely unnecessary in what was SUPPOSED to be a PO box delivery.
  What gives? What hidden policy did I miss for this to happen? Nowhere can I find a rule stating that video games can't be shipped to PO boxes, and even if they couldn't, shouldn't that automatically cancel my order so I could at least know that I need to order it from somewhere else?

  Hello Arcalithe,
  I apologize for the numerous hassle you've experienced with your order.  We appreciate your business and I'll be happy to see what's going on with your order.  I'm sending you a private message.  Make sure you’re logged in, and click on the envelope icon on the upper right-hand corner of the page to check your forum inbox.
  Thank you for reaching out to us and I look forward to hearing from you.  
  Blake|Social Media Specialist | Best Buy® Corporate
   Private Message

• I have a water damage iPhone 5s would like to change to new set with top up the money. But the staff told me it couldn't be done due to some of my minor parts are missing according to company policy. I need advise as I want to change it.

  Hi all,
  I have a water damage iPhone 5s was bring to service center to have new set change with top up the money. Well, the staff were told me that the phone can't be change due to some of minor parts are missing in the phone. He said this is due to company policy. I would like to check is that nothing can do with this missing minor parts? I really doubt the policy of the Apple as I was told as long as you bring to the service center, they will assists. As Apple is a well known brand top of the world, but the servicing is really make me so disappointed! I really doubt should I still continue to support the Apple product with helpless service!
  Would like to take this opportunity to seek the professional advise in order to get my phone change back.
  Appreciate very much!
  Thanks.

  Well, your service is handled by an Authorized Apple Service Center. If they refuse to handle the claim, that is well within their rights. Apple as well could void a claim under the same circumstances. I'm not saying that you did or did not modify the device, but you could try and talk to a supervisor there and make another request. You can also try and contact Apple by obtaining a number with this support document and describe your problem. http://support.apple.com/kb/HE57

• Windows 8 - Folder Redirection policy missing from GP Results.

  Hi guys! This has been giving me a hard time the last day or so.  I've got some Win8 machines in our 2003 domain. I've got some GPO's applying with WMI filtering for win8 machines. Mostly these are ok, but i'm having a huge problem with Desktop Folder
  Redirection. 
  After a fresh build and first login, everything works fine. Drive mappings are all there and the Desktop is redirected to to users home drive on the file server. This is being done with Advanced settings using group membership and set to "Create a folder
  for each user under the root path" \\dfs1\users. This location is correct and permissions are fine of course as everything works for a while.
  After a little while or some unknown event, this redirection stops working.
  check these two screengrabs. These are different users on different machines. The machines are identical, are in the same OU and have the same image. The users are different but have the same group memberships and are in the same OU. 
  This is a working machine. Not the Folder Redirection component was processed and the Policy exists.
  This machine is not working. Folder Redirection is processed, but the Policy is missing. Running a gpresult /v on this machine yields: 
   Folder Redirection
       N/A
  It was working fine yesterday and this morning. Now at some point a policy refresh stopped it from working. Just trying to figure out what! These are the exact settings currently in place for our win 7 machines which all work just fine. Going a bit crazy
  tbh and usually when i post questions i figure it out shortly afterwards anyway huhu. Any help is appreciated! 
  h 

  well I though this issue was gone when I switched to a new Task Sequence in SCCM every machine that was built with that was working fine with Folder Redirection happening as it's meant to be. That was for about a week, now it's back to not working.
  here's a snippet of the gpsvc.log file pertaining to FD.
  GPSVC(43c.11f4) 08:59:47:231 ProcessGPOs(User): Processing extension Folder Redirection
  GPSVC(43c.11f4) 08:59:47:231 ReadStatus: Read Extension's Previous status successfully.
  GPSVC(43c.11f4) 08:59:47:231 CompareGPOLists: The lists are the same.
  GPSVC(43c.11f4) 08:59:47:231 CompareGPOLists: The lists are the same.
  GPSVC(43c.11f4) 08:59:47:231 GPLockPolicySection: Sid = S-1-5-21-2272506071-1675830810-3538462175-3230, dwTimeout = 30000, dwFlags = 0x0
  GPSVC(43c.11f4) 08:59:47:231 CGPApplicationService::LockPolicySection.
  GPSVC(43c.11f4) 08:59:47:231 WaitForServiceInitialization: Beginning WaitForSingleObject.
  GPSVC(43c.11f4) 08:59:47:231 WaitForServiceInitialization: Completed WaitForSingleObject.
  GPSVC(43c.11f4) 08:59:47:231 CPolicyCriticalSectionCollection: LockPolicySection called for user <S-1-5-21-2272506071-1675830810-3538462175-3230>
  GPSVC(43c.11f4) 08:59:47:231 SID = S-1-5-21-2272506071-1675830810-3538462175-3230
  GPSVC(43c.11f4) 08:59:47:231 bMachine = 0
  GPSVC(43c.11f4) 08:59:47:231 Global Sync Lock Called
  GPSVC(43c.11f4) 08:59:47:231 Writer Lock got immediately.
  GPSVC(43c.11f4) 08:59:47:231 Global Lock taken successfully
  GPSVC(43c.11f4) 08:59:47:231 ProcessGPOList: Entering for extension Folder Redirection
  GPSVC(43c.11f4) 08:59:47:231 UserPolicyCallback: Setting status UI to Applying Folder Redirection policy...
  GPSVC(43c.11f4) 08:59:47:231 ProcessGPOList: No changes. CSE will not be passed in the IwbemServices intf ptr
  GPSVC(43c.5d0) 08:59:47:231 CGroupPolicySession::QueueItemForPolicyApplication::-- (Status: 997)
  GPSVC(43c.5d0) 08:59:47:231 CGPApplicationService::UserLogonEvent::-- (Status: 997)
  GPSVC(43c.11f4) 08:59:47:231 ProcessGPOList: Extension Folder Redirection returned 0x0.
  GPSVC(43c.11f4) 08:59:47:231 ProcessGPOList: Extension Folder Redirection status was not updated because there was no changes and no transition or rsop wasn't enabled
  GPSVC(43c.11f4) 08:59:47:231 CGPApplicationService::UnLockPolicySection.
  GPSVC(43c.11f4) 08:59:47:231 WaitForServiceInitialization: Beginning WaitForSingleObject.
  GPSVC(43c.11f4) 08:59:47:231 WaitForServiceInitialization: Completed WaitForSingleObject.
  GPSVC(43c.5d0) 08:59:47:231 Setting GPsession state = 1
  GPSVC(43c.5d0) 08:59:47:231 User SID = <S-1-5-21-2272506071-1675830810-3538462175-3230>
  GPSVC(43c.11f4) 08:59:47:231 CPolicyCriticalSectionCollection: UnLocked successfully
  GPSVC(43c.5d0) 08:59:47:231 CGroupPolicySession::QueueItemForPolicyApplication::++ (bTriggered: 0, bConsole: 1)
  GPSVC(43c.5d0) 08:59:47:231 PolicyApplicationState is True.
  GPSVC(43c.5d0) 08:59:47:231 AsyncThreadsProcessing is False.

• Novelty policy - missing tables

  Hello all,
  I have implemented Oracle Audit Vault along with Database Firewall version 12.1.2.3 (currently latest version) and I have a small problem with defining a novelty policy.
  I have configured secured targets and audit trails, everything works like a peach, alerts are being raised and the reports generated, even sent to my e-mail. I have also successfully implemented the DB firewall as a proxy and it successfully blocks an IP etc. The problem is when I try to configure a novelty policy to block certain command classes from certain tables in my DB. There aren't any to choose from in the novelty policy section. I have turned on auditing on multiple tables in my DB (like I said, reporting and alerting works fine). Am I missing something. I have read the instructions and it only says that I need to check the tables in novelty policy configuration to which the rules apply. It doesn't say anything what to do if there are no tables to choose from. I found that there was a bug in a previous 12c version, but I have the latest one.
  Has anyone else encountered such a problem and managed to resolve it.
  Thanks for your help in advance and best regards,
  Blaz

  Dear All
  for me reports are working, alerts & e-mail notification working fine, but firewall policy wont working properly
  nothing working even configures properly
  Creating Login and Logout Policies for Database Users
  Masking Sensitive Data
  Setting a Policy for Invalid SQL
  Configuring Global Firewall Policy Settings
  Thanks
  Muba.