POXML Transmission using Authentication Methods

Guys,
My client has provided me with a trusted CA certificate. The moment PO is approved, my client expects from me to send POXML file to his website using his trusted CA certificate by establishing him as a Trading Partner (Supplier) via XML gateway responsibility. One of the oracle guide link talks about it [pasted below] but I could not understand much from it. It will be great help if one of you guide me on this.
Oracle XML Gateway User's Guide
Looking forward to receiving your reply. Thanks.
-Sunil

The limit is indeed on the WLC. You can only have 2048 records. These records can be account logons, mac addresses etc. They all pull from the same pull.
If you are only managing a few macs then it may not be so bad. If you are doing 50+ it will be a pain. Also it adds little value. Anyone can spoof a mac address get around mac filtering.
Does that help ?
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
‎"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."

Similar Messages

Issue with SharePoint foundation 2010 to use Claims Based Auth with Certificate authentication method with ADFS 2.0

I would love some help with this issue. I have configured my SharePoint foundation 2010 site to use Claims Based Auth with Certificate authentication method with ADFS 2.0 I have a test account set up with lab.acme.com to use the ACS.
When I log into my site using Windows Auth, everything is great. However when I log in and select my ACS token issuer, I get sent, to the logon page of the ADFS, after selected the ADFS method. My browser prompt me which Certificate identity I want
to use to log in and after 3-5 second
and return me the logon page with error message “Authentication failed”
I base my setup on the technet article
http://blogs.technet.com/b/speschka/archive/2010/07/30/configuring-sharepoint-2010-and-adfs-v2-end-to-end.aspx
I validated than all my certificate are valid and able to retrieve the crl
I got in eventlog id 300
The Federation Service failed to issue a token as a result of an error during processing of the WS-Trust request.
Request type: http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
Additional Data
Exception details:
Microsoft.IdentityModel.SecurityTokenService.FailedAuthenticationException: MSIS3019: Authentication failed. ---> System.IdentityModel.Tokens.SecurityTokenValidationException:
ID4070: The X.509 certificate 'CN=Me, OU=People, O=Acme., C=COM' chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. 'A certification chain processed
correctly, but one of the CA certificates is not trusted by the policy provider.
at Microsoft.IdentityModel.X509CertificateChain.Build(X509Certificate2 certificate)
at Microsoft.IdentityModel.Tokens.X509NTAuthChainTrustValidator.Validate(X509Certificate2 certificate)
at Microsoft.IdentityModel.Tokens.X509SecurityTokenHandler.ValidateToken(SecurityToken token)
at Microsoft.IdentityModel.Tokens.SecurityTokenElement.GetSubject()
at Microsoft.IdentityServer.Service.SecurityTokenService.MSISSecurityTokenService.GetOnBehalfOfPrincipal(RequestSecurityToken request, IClaimsPrincipal callerPrincipal)
--- End of inner exception stack trace ---
at Microsoft.IdentityServer.Service.SecurityTokenService.MSISSecurityTokenService.GetOnBehalfOfPrincipal(RequestSecurityToken request, IClaimsPrincipal callerPrincipal)
at Microsoft.IdentityServer.Service.SecurityTokenService.MSISSecurityTokenService.BeginGetScope(IClaimsPrincipal principal, RequestSecurityToken request, AsyncCallback callback, Object state)
at Microsoft.IdentityModel.SecurityTokenService.SecurityTokenService.BeginIssue(IClaimsPrincipal principal, RequestSecurityToken request, AsyncCallback callback, Object state)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract.DispatchRequestAsyncResult..ctor(DispatchContext dispatchContext, AsyncCallback asyncCallback, Object asyncState)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract.BeginDispatchRequest(DispatchContext dispatchContext, AsyncCallback asyncCallback, Object asyncState)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract.ProcessCoreAsyncResult..ctor(WSTrustServiceContract contract, DispatchContext dispatchContext, MessageVersion messageVersion, WSTrustResponseSerializer responseSerializer, WSTrustSerializationContext
serializationContext, AsyncCallback asyncCallback, Object asyncState)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract.BeginProcessCore(Message requestMessage, WSTrustRequestSerializer requestSerializer, WSTrustResponseSerializer responseSerializer, String requestAction, String responseAction, String
trustNamespace, AsyncCallback callback, Object state)
System.IdentityModel.Tokens.SecurityTokenValidationException: ID4070: The X.509 certificate 'CN=Me, OU=People, O=acme., C=com' chain building
failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. 'A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider.
at Microsoft.IdentityModel.X509CertificateChain.Build(X509Certificate2 certificate)
at Microsoft.IdentityModel.Tokens.X509NTAuthChainTrustValidator.Validate(X509Certificate2 certificate)
at Microsoft.IdentityModel.Tokens.X509SecurityTokenHandler.ValidateToken(SecurityToken token)
at Microsoft.IdentityModel.Tokens.SecurityTokenElement.GetSubject()
at Microsoft.IdentityServer.Service.SecurityTokenService.MSISSecurityTokenService.GetOnBehalfOfPrincipal(RequestSecurityToken request, IClaimsPrincipal callerPrincipal)
thx
Stef71

This is perfectly correct on my case I was not adding the root properly you must add the CA and the ADFS as well, which is twice you can see below my results.
on my case was :
PS C:\Users\administrator.domain> $root = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("C:\
cer\SP2K10\ad0001.cer")
PS C:\Users\administrator.domain> New-SPTrustedRootAuthority -Name "domain.ad0001" -Certificate $root
Certificate : [Subject]
CN=domain.AD0001CA, DC=domain, DC=com
[Issuer]
CN=domain.AD0001CA, DC=portal, DC=com
[Serial Number]
blablabla
[Not Before]
22/07/2014 11:32:05
[Not After]
22/07/2024 11:42:00
[Thumbprint]
blablabla
Name : domain.ad0001
TypeName : Microsoft.SharePoint.Administration.SPTrustedRootAuthority
DisplayName : domain.ad0001
Id : blablabla
Status : Online
Parent : SPTrustedRootAuthorityManager
Version : 17164
Properties : {}
Farm : SPFarm Name=SharePoint_Config
UpgradedPersistedProperties : {}
PS C:\Users\administrator.domain> $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("C:\
cer\SP2K10\ADFS_Signing.cer")
PS C:\Users\administrator.domain> New-SPTrustedRootAuthority -Name "Token Signing Cert" -Certificate $cert
Certificate : [Subject]
CN=ADFS Signing - adfs.domain
[Issuer]
CN=ADFS Signing - adfs.domain
[Serial Number]
blablabla
[Not Before]
23/07/2014 07:14:03
[Not After]
23/07/2015 07:14:03
[Thumbprint]
blablabla
Name : Token Signing Cert
TypeName : Microsoft.SharePoint.Administration.SPTrustedRootAuthority
DisplayName : Token Signing Cert
Id : blablabla
Status : Online
Parent : SPTrustedRootAuthorityManager
Version : 17184
Properties : {}
Farm : SPFarm Name=SharePoint_Config
UpgradedPersistedProperties : {}
PS C:\Users\administrator.PORTAL>

How to migrate users, which have been using the Windows Authentication method

Hi everybody,
I have to migrate a productive SQL Server 2008 Database from one to another different server. The problem is that a lot of users have been using this DB throught the Windows Authentication method. Because the migration should be faster as possible, I would
like to use a SQL script in order to streamline the process. Does anyone know if it is possible to do it?
Thank you in advance,
Regards

Apart from transfer logins scripts Ashwin and Stan mentioned, I usually run following script in order to re-establish orphan users to establish if any SQL logins.
set nocount on
declare @username    sysname,
        @errcode     int
select @errcode = 0
select @username = min(name)
from sysusers (nolock)
where uid <> gid and
      name not in ('guest', 'sys', 'INFORMATION_SCHEMA') and
      suser_sname(sid) is null and
      issqlrole = 0
while @username is not null
begin
   if exists (select 1
              from master.dbo.syslogins (nolock)
              where name = @username)
   begin
      exec sp_change_users_login @Action = 'Update_One',
                                 @UserNamePattern = @username,
                                 @LoginName = @username
      select @errcode = @@error
      if @errcode = 0
         print 'The user ''' + @username + ''' was re-established in database!'
      else
         print 'Failed to re-establish user ''' + @username + ''' in database!'
   end
   else
   begin
      print 'The user ''' + @username + ''' does not have login ID. So, drop it from database!'
      exec sp_dropuser @username
   end
   select @username = min(name)
   from sysusers (nolock)
   where uid <> gid and
         name not in ('guest', 'sys', 'INFORMATION_SCHEMA') and
         suser_sname(sid) is null and
         issqlrole = 0 and
         name > @username
end
go

Authentication failed because Outlook doesn't support any of the available authentication methods.

When attempting to check and send email from my Mac via iCloud, I keep getting the error "Authentication failed because Outlook doesn't support any of the available authentication methods." I have change just about everything I can see available, but continue to get this message.
I am able to send email via iCloud using my .Me and .Mac adresses, and that tells me that it is not able to store "sent emails" on iCluud and will store them loaclly on my computer. I can handle this, but whem going to iCloud Web page haave nothing withing the "sent" mailbox.
Using OS 10.7.2, and Outlook 2011 version 14.1.3
Thanks in advance......

I got the following from the microsoft Web site. Also, the SMPT port must be overwriten. Use port 587
This article contains information about the compatibility of Microsoft Outlook for Mac 2011 and Apple iCloud. Outlook for Mac 2011 does not support Apple iCloud calendar (CalDAV) and contact (CardDAV) synchronization. Outlook for Mac 2011 does support iCloud Mail. For steps on how to configure your iCloud email account in Outlook for Mac 2011, go to the "More Information" section of this article.
To configure your Apple iCloud email account in Microsoft Outlook for Mac 2011, follow these steps:
Start Outlook 2011.
On the Tools menu, click Accounts.
Click the plus sign in the lower-left corner, and then select E-mail.
Enter your E-mail Address and Password, and then click Add Account.
Note: The new account will appear in the left navigation pane of the Accounts dialog box.
Enter one of the following in the Incoming server box:
mail.me.com (for me.com mail addresses)
mail.mac.com (for mac.com mail addresses)
Click to select Use SSL to connect (recommended) under the Incoming server box.
Enter one of the following in the Outgoing server box:
smtp.me.com (for me.com mail addresses)
smtp.mac.com (for mac.com mail addresses)
Click to select Use SSL to connect (recommended) under the Outgoing server box.
After you have entered the incoming and outgoing server information, Outlook 2011 will start to receive your email messages.
Note: You can click Advanced to enter additional settings, such as leaving a copy of each message on the server.

Want to send information in Header dynamically using HTTP adapter using post method

Hi ,
I have a requirement to send below information in http Adapter header dynamically using post method. which will be authenticated by third party system.
Authorization : WSSE realm="SDP", profile="UsernameToken", type="AppKey" X-WSSE : UsernameToken Username="XXXX", PasswordDigest="Qd0QnQn0eaAHpOiuk/0QhV+Bzdc=", Nonce="eUZZZXpSczFycXJCNVhCWU1mS3ZScldOYg==", Created="2013-09-05T02:12:21Z"
I have followed below link to create UDF
http://scn.sap.com/thread/3241568
As if now my third party system is not available while sending request I am getting 504 gateway error. is there any approach I can validate my request is working fine?
Regards,

Hi Abhay,
Correct me if I'm wrong but I think WSSE requires a SOAP Envelope. If that is the case, there are two approaches: the first one is to use SOAP Axis and the second one is just to build SOAP Envelope via Java mapping.
You also need to test it successfully externally, capture the request and replicate it in XI.
Hope this helps,
Mark

Authentication method for JCo connection in XSS installation

Hi All,
I have a query which perplexes me. I am implementing XSS (ESS/MSS) on SAP Portal EP6 SR1 with an ECC5 backend for prototype purposes.
When I follow SAP's help steps to setup JCo connections, it states that for the metadata connection you should use a security authentication method of 'User/Password', but for the application data connection you should use a security authentication method of 'Ticket'.
Does anyone know why the difference in methods here? Is it possible to use 'User/Password' for both? Any thoughts would be appreciated.

Hi john,
User -ID /Pwd method can be used to access the backend for both types of Data as per your scenario.
User -ID /Pwd method and logon tickets both can be used to access data in backend.
The difference lies in the scenario with which you are accessing the back-end.
If all your portal users are same as backend users then you can select Logon ticket methods.
If they are going to be different then you need User-ID /Pwd method .
Check the following link to get a clear picture:
<a href="http://help.sap.com/saphelp_ep50sp2/helpdata/en/4d/dd9b9ce80311d5995500508b6b8b11/frameset.htm">Scenario to use type of SSO</a>
Hope it helps.
Regards,
Vivekanandan

Problem with using isAuthenticate method in my applet

Hi everyone
I want to be sure that everytime that I select my applet the secure channel has been opened. I found isAuthenticate method from SecurityService Interface and I think that I can use this method in my applet's select method for this purpose. But when I declare an object as this type like this:
SecurityService Objsecurity;
to use its isAuthenticate method , I'm able to build my code and make the cap file successfully but I recieve error 6F F6 while loading my applet, And I can't find the meaning of this error in GP.
I'll appreciate it if anyone could tell me how can I use this method in my applet .
And the other question is is there any other way to find out the authentication have been done or not?
Best Regards
Shili

Hi Pedja,
Thanks for the prompt reply.
I have been following the link you mentioned to create ADF security and successfully implementedthe first part where if i directly give any internal page url it redirects me back to login page.
Instead of using weblogic-sql authenticator, i wanted to manually authenticate the user in loginbean.java where i check the username passowrd against the db.
I had also implemented the method to access username,password mentioned in the following thread
Re: ADF security on my jspx page as login page
Insted of using authentication.login, i am calling the db method to do the validation.
The thing is after my db validation it does redirect me to the success page(menu.jspx). but when i click links on menu.jspx it redirects me back to login page.
so i understand that user is not yet set in the session.
I am stuck at the point how do i code the login.jspx, currently my login.jspx does not have any j_security_check and i think this is what is creating the problem.
while searching for adding jsecurity in jspx i landed on the blog of 2006 and started using that.
Can you please point me to some link which explains how to code login.jspx , i have been trying hard for couple of days.
Thanks again
ash

Cisco ISE multiple EAP authentication methods question

With Cisco ISE can you have various clients each using different EAP methods, such as PEAP for Windows machines, MD5 for legacy and TLS for others?
My current efforts seem to fail as if a device gets a request from the ISE for an EAP method it doesnt understand it just times out.
Thanks in advance.

Multiple EAP Methods work fine. If your Clients are being crap you could try forcing then to use a specific set of Allowed Authentication Method by creating more specific Authentication rules.
Sent from Cisco Technical Support iPad App

User Authentication Method not found?

I'm using OSX but a co-worker is running 9.2.2 and is having trouble accessing a server on the corporate Microsoft network.
I can get to the server using OSX but when she selects the server (which does show up in the Chooser list) she gets an error message saying that "the User Authentication Method could not be found" and she should check the AppleTalk folder in her extensions folder. AppleTalk folder? Check it for what?
What must we do to get access to the new server?
Thanks.

For OS 9 to talk to an MS server requires that the server has Client Services for Macintosh fired up and yes, sometimes also that the client Mac has a Microsoft User Authentication Module installed and configured.
Microsoft says that without the MS UAM, she should still be able to
Log on to the special Microsoft UAM Volume on the computer running Windows 2000 Server to access the MS UAM file.
If she can't get that far and there are no other symptoms, the network administrator needs adjust the security settings on the server, or reinstall Client Services for Macintosh…
Then drag the MS UAM file to your AppleShare(c) Folder in your System Folder. Instructions follow. (Users outside North America, see the "International Concerns" section later in the Release Notes before proceeding.)
To gain access to the Microsoft Authentication files on the computer running Windows 2000 Server
1. On the Macintosh Apple menu, click Chooser.
2. Double-click the AppleShare icon, and then click the AppleTalk(c) zone in which the computer running Windows 2000 Server, with Services for Macintosh, resides. (Ask your system administrator if you're not sure of the zone.)
3. From the list of file servers, select the Windows 2000 Server computer, and then click OK.
4. Click the Registered User or Guest option, as appropriate, and then click OK.
5. Click the Microsoft UAM Volume, and then click OK.
6. Close the Chooser dialog box.
To install the authentication files on the Macintosh workstation
1. On the Macintosh Desktop, double-click the Microsoft UAM Volume.
2. Locate the "MS UAM Installer" file on the Microsoft UAM Volume, then double-click it.
3. Click Continue in the installer welcome screen.
The installer will report whether the installation succeeded.
If the installation has succeeded, when Macintosh users of this workstation connect to the Windows 2000 Server computer, they will be offered Microsoft Authentication.

ASA to ACS: how to distinguish different authentication methods?

I have SSL VPN Clients connecting to an ASA 5520 using RADIUS to a backend Cisco ACS. I want to support two authentication options for the clients. The first is a certificate combined with an Active Directory username & password. The second is a token-name & one-time-password.
Setting these two authentication methods up on the ASA is no problem ... I can configure user selectable connection profiles that have the wanted authentication settings. The ACS can handle both the AD and token credentials.
Here's the problem. I need to be able to distinguish on the ACS if a connection request was certificate authenticated or not. I don't want users choosing to do a token/OTP connection and then entering in their AD credentials instead. the ACS won't know that this AD authentication request wasn't properly combined with a certificate.
I've used NAR settings in the past to control what user databases an AAA client can authentication against, however, if the two authentication methods are coming from the same AAA client (the ASA), what can I do?

I guess this should be possible with a feature called NAP,( network access profiles). Here you can define which database to use for any specific request. We can filter request on the basis of attributes sent in the authentication request.
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/user/NAPs.html
Regards,
~JG

OAM - Authorization based on the authentication method

We are using OAM 10g for a customer to protect a large number of web application. In order to access those applications a user can chose from several authentication methods (e.g. client certificate, SecureId and mobile TAN). All applications use the same cookie domain and OAM provides SSO to the user. The customer now wants to define access rules for each of the applications based on the chosen authentication method.
In other words, he wants to have the flexibility to define rules such as the following:
Application A: Only accessible with client certificates
Application B: Only accessible with mobile TAN
Application D: Only accessible with SecureId or mobile TAN
Application E: Accessible with any authentication method
In order to implement this with OAM we would have assign each authentication method a different authentication level and define authorization rules that depend on those authentication levels (maybe using a custom authorization plug-in). According to the OAM documentation it doesn't seem possible to reference the authentication level in a authorization rule.
Does anyone know a way to implement these requirements.
Any help is appreciated.
Best regards,
Donat

This is how I think we can do this.
Write Authentication plug-in which adds which authentication scheme was used to login to the application in one of the multivalued attribute in OID. Write Authorization plug-in also which checks this value and makes authentication decision.
One more approach is, Create as many attributes in OID as number of authentication schemes you have. Each of them is a flag representing whether user is logged in with the authentication scheme or not. When user authenticates using an authentication scheme, turn on that flag. Also flush access server user profiles cache. In the authorization rule, use this flag to make authorization decisions. Using this approach, you do not have to write authorization plugin but this may not be scalable approach as you might have to create a new attribute in OID when new authentication scheme is added.
You can also keep this information somewhere in database or flat file and use that information in authentication and authorization plugin.
I hope one of this solutions will help you.
Thanks
Kiran Thakkar

None of the available endpoints supports authentication methods user/pass

Dear All
i create a destination in the ce7.1.but when i test the destination in the ws navigator ,but it cant not run , the error is:
The destination [YHSendMessage02] supports the following authentication methods [User Name/Password (Basic)], but none of the available endpoints supports them. The supported authentication types are [None]. Either the destination has to be updated or a new endpoint should be used
i test the ws in the navigator dont used the destination ,it work well, so i think maybe some wrong in my ce about the destination 'configuration.
best regards

The following message returned from SAP:
Root of the problem is found. The problem occurs as PI WSDLs doesn't contain security settings. Lack of security settings breaks consumption of those services. I'm working on providing a fix to enable consumption of such services.
Looking at a WSDL generated by PI (example):
<wsp:Policy wsu:Id="OP_si_servicename"/>
The policy contains no transportbinding or authentication methods at all.
Looking at a WDSL generated by ECC (example):
<wsp:Policy wsu:Id="BN_BN_si_ManageCustomizingCustomerService_binding">
      <saptrnbnd:OptimizedXMLTransfer uri="http://xml.sap.com/2006/11/esi/esp/binxml" wsp:Optional="true" xmlns:saptrnbnd="http://www.sap.com/webas/710/soap/features/transportbinding/"/>
      <saptrnbnd:OptimizedXMLTransfer uri="http://www.w3.org/2004/08/soap/features/http-optimization" wsp:Optional="true" xmlns:saptrnbnd="http://www.sap.com/webas/710/soap/features/transportbinding/"/>
      <wsp:ExactlyOne xmlns:sapsp="http://www.sap.com/webas/630/soap/features/security/policy" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">
         <wsp:All>
            <sp:TransportBinding>
               <wsp:Policy>
                  <sp:TransportToken>
                     <wsp:Policy>
                        <sp:HttpsToken>
                           <wsp:Policy>
                              <sp:HttpBasicAuthentication/>
                           </wsp:Policy>
                        </sp:HttpsToken>
                     </wsp:Policy>
                  </sp:TransportToken>
                  <sp:AlgorithmSuite>
                     <wsp:Policy>
                        <sp:TripleDesRsa15/>
                     </wsp:Policy>
                  </sp:AlgorithmSuite>
                  <sp:Layout>
                     <wsp:Policy>
                        <sp:Strict/>
                     </wsp:Policy>
                  </sp:Layout>
               </wsp:Policy>
            </sp:TransportBinding>
         </wsp:All>
      </wsp:ExactlyOne>
   </wsp:Policy>
At the moment SAP is working on a fix to solve this problem.

None of the authentication methods supported by this client are supported by your server.

Dear Exchange Admin
We have implemented exchange server .
MAPI profile configuration in outlook is working fine.but when we try to configure POP3 in outlook ,without SMTP authentication it is fine.
But when we enable SMTP authentication ,it is getting the following error
"None of the authentication methods supported by this client are supported by your server.
Kindly help
Ashraf

This worked for me today, as I had the same issue.
I had to set encryption to TLS to get it to work, and the server names as yahoo.co.uk...
In Outlook 2013, click File | Add Account.
Select Manual setup or additional server types.
Click Next.
Select POP.
Click Next.
On the “Account Settings” page, enter your account settings:
Your Name: The name you want to show when you send email.
Email address: Your full Yahoo email address.
Account Type: POP3
Incoming Mail Server: pop.mail.yahoo.com
Outgoing Mail Server: smtp.mail.yahoo.com
User Name: Your Yahoo ID.
Password: Your Yahoo account password.
Leave the “Require logon using Secure Password Authentication” option unchecked.
Click More Settings.
Click the Outgoing Server tab.
Select the My outgoing server (SMTP) requires authentication box.
Click Use same settings as my incoming mail server.
Click the Advanced tab. Enter advanced information:
Incoming server (POP3) port: 995
Select This server requires an encrypted connection (SSL).
Outgoing server (SMTP) port: 465, 587, or 25
Set the encryption type to SSL or TLS
Set your desired server timeout and delivery options.
- We recommend leaving a copy of messages on the server.
Click OK.
Restart Outlook.
Click Send/Receive All Folders.
You can now retrieve emails from your Yahoo Mail account in Outlook 2013.

No option to change "Incoming server authentication method" to None on iPhone 6?

I just upgraded to an iPhone 6 and did a restore from my 5...... Problem is my pop e-mail account won't connect.... It still connects on both my iPad and iPhone 5, both of which are iOS 8. The only setting that differs between the two that work and my new iPhone is under the "Incoming server authentication method" setting. On the working devices, nothing has a check mark. On the new iPhone, "Password" is checked, and I can't find a way to uncheck it (there is no "none" option).
Surely I should be able to work around this?

Hello 83preston,
After reviewing your post, I have located an article that can help troubleshoot email issues. It contains a number of troubleshooting steps and helpful advice for the issue you are experiencing:
Get help with Mail on iPhone, iPad, and iPod touch
"Username or password is incorrect" with POP3 account
Before you check your email on your iOS device, close any other email programs and close any webmail sites you may have open on another computer.
To see if your account is a POP3 account, use the Mail Settings Lookup tool or follow these steps:
Go to Settings > Mail, Contacts, Calendars and tap the account.
Look for the label POP ACCOUNT INFORMATION.
If your email provider offers IMAP, remove the POP3 account, then add the account with your provider's IMAP settings. POP3 communicates with one mail client at a time. If more than one mail client tries to connect, you might see a username or password error.
Thank you for contributing to Apple Support Communities.
Cheers,
BobbyD

2011 outlook gives the following error: "Authentication failed because Outlook doesn't support any of the available authentication methods."

Upgraded my computer to 10.9.2 Mavericks and now my 2011 outlook gives the following error: "Authentication failed because Outlook doesn't support any of the available authentication methods." Anybody know how to fix it? Thank you.

I got the following from the microsoft Web site. Also, the SMPT port must be overwriten. Use port 587
This article contains information about the compatibility of Microsoft Outlook for Mac 2011 and Apple iCloud. Outlook for Mac 2011 does not support Apple iCloud calendar (CalDAV) and contact (CardDAV) synchronization. Outlook for Mac 2011 does support iCloud Mail. For steps on how to configure your iCloud email account in Outlook for Mac 2011, go to the "More Information" section of this article.
To configure your Apple iCloud email account in Microsoft Outlook for Mac 2011, follow these steps:
Start Outlook 2011.
On the Tools menu, click Accounts.
Click the plus sign in the lower-left corner, and then select E-mail.
Enter your E-mail Address and Password, and then click Add Account.
Note: The new account will appear in the left navigation pane of the Accounts dialog box.
Enter one of the following in the Incoming server box:
mail.me.com (for me.com mail addresses)
mail.mac.com (for mac.com mail addresses)
Click to select Use SSL to connect (recommended) under the Incoming server box.
Enter one of the following in the Outgoing server box:
smtp.me.com (for me.com mail addresses)
smtp.mac.com (for mac.com mail addresses)
Click to select Use SSL to connect (recommended) under the Outgoing server box.
After you have entered the incoming and outgoing server information, Outlook 2011 will start to receive your email messages.
Note: You can click Advanced to enter additional settings, such as leaving a copy of each message on the server.

POXML Transmission using Authentication Methods

Similar Messages

Maybe you are looking for