Reader caching credentials?
Maybe this belongs in a Reader forum somewhere but I arrived at the issue / question through testing LiveCycle Rights Management so I'm starting here ...
I'm seeing some odd behavior accessing policy-protected documents.
Adobe Reader appears to cache the username / password to make it easier for you to open multiple policy-protected pdfs in the same session. There appears to be a problem, however, if you use more than one valid username / password combination to open documents secured by the same LiveCycle server.
Say you Person A routinely use both User A and User B for opening policy protected documents that have been protected by LiveCycle server A.
If you open Document A that only allows User A to access it and you provide your User A username and password, you can open the document just fine. If you then try to open Document B that only allows User B to access it, you will not be given an opportunity to enter User B's username and password. Instead you receive the "This document is locked. You do not have permission to open it. Contact the person who sent you this document and ask them to give you permission to open it." error message.
You will not have an opportunity to enter User B's username and password until you 1) forcibly terminate AcroRd32.exe OR reboot your PC.
I'm using LiveCycle 8.2 SP2 and Reader 8.1.4 (KB 408682).
Can anyone replicate this behavior? Is this to be expected?
The behavior you are experiencing is expected.
Acrobat\Reader does establish a session with the RM server once a user successfully authenticates to a rights managed document (i.e. the document opens).
For the duration of the session, the user id and password is retained and used when another rights managed PDF is opened. The session is ended when a) Acrobat or Reader is closed or B) the session times out (session length is determined by a configuration value on the server)
In your scenario, even though User A and User B are the same person, Rights Management only knows about the currently logged in user (User A), for the session duration. This is why the document protected for User B will not open until you authenticate as User B.
Regards
Steve
Similar Messages
-
Cached credentials are not working on the lock screen (Windows 7)
Hello all,
We are having a difficult time trying to troubleshoot a problem with credential caching seemingly not working on the lock screen for our laptop users. Users are instructed to logon to the laptop while connected to the domain to cache their credentials. The
user then leaves the network, and is able to log in to the laptop using cached credentials. The laptop locks either due to a manual lock, or due to an inactivity timer. The user tries to relog and is presented with the error “no logon servers available to
service the request.” Users are reporting the problem from both home and public networks. We have been able to recreate the issue by logging on the laptop while in the office and setting our internal wireless network to manually connect, and then simply clicking
start > shutdown arrow > lock. Many users have reported that they were able to get back into the laptop after a hard shut down, but would be unable to log in again if they returned to the lock screen. One user has reported that selecting other credentials
> switch user > other user while on the lock screen and then entering in his DC credentials would allow him to get back into the laptop. I was unable to recreate this workaround on our test machine. I also tried to logon using the switch user account
with the “.\username” method to see if that would look for cached credentials. One user has reported that he was unable to hard shut down the computer to get back in. He also reported that he tried to pull the battery and give it time before trying again.
We have set the value for “Interactive logon: Number of previous logons to cache” to 50. The status of “Interactive Logon: Require Domain Controller to unlock workstation” is disabled. We have tried to turn the Wi-Fi switch off and then back on while on
the lock screen. Error logs that we think are related to the problem include – Event ID:5719, NETLOGON and Event ID:4343, NlaSvc error 0x4C6 and error 0x51
I have a slightly sinking feeling it has something to do with NLA thinking that they are connected to a domain while on the lock screen, but this is pure speculation. Thanks for reading my post and any potential solutions are greatly appreciated!I'd try them over here.
Windows IT Pro forums on TechNet
Regards, Dave Patrick ....
Microsoft Certified Professional
Microsoft MVP [Windows]
Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. -
Windows 7 802.1x wifi profile issue with cached credentials
We have a wireless network that is setup as WPA2-Enterprise AES using 802.1x. We have a user that is constantly having his account locked out. When we trace where it's coming from, it's from our
radius server (which is only used for this one wireless network). We have already deleted the profile and recreated it. If we uncheck the option to remember the username/password, and enter that manually at prompt, it connects fine. As soon as we check that
option back, it fails and will keep failing and eventually lock out his acocunt. We have recreated his user profile and the wifi profile with no luck. I've done the following http://security.stackexchange.com/questions/15574/how-do-i-clear-cached-credentials-from-my-windows-profile
but to no avail. There are no credentials listed when I go this route. Can someone shed light as to where it is hiding these credentials?Hi
Maybe change settings on RADIUS server to allow more than 5 successive login attempts.
If you look at the windows security log on the radius server can you see if it giving errors of bad username or password?
Hope this helps. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. -
HELP! Slow logon with Cached Credentials off domain. Have xperf files.
Having issues when you take a corporate laptop off domain and log in using cached credentials. Login times range from 2-4 minutes. This is with SSD. No problem logging in on network. Only way to speed up login off network is disable wireless. I ran
xperf both on network and off network. I have xperf files that can be emailed. Anybody got an idea?When trying to log in with domain credential offsite, your laptop is trying to contact DC from public Internet before using cached credentials. Without network, it will try cached credentials directly. According with my knowledge, you can't force cached
credentials, the process is Automatic.
Therefore, the only solution is disconnecting the network cable or using a local user instead.
And this tool in the following link can help you findout exactly what is holding up the login process. You can check the result by youself.
http://blogs.technet.com/b/askpfeplat/archive/2012/06/09/slow-boot-slow-logon-sbsl-a-tool-called-xperf-and-links-you-need-to-read.aspx -
No Cached Credentials - error ID 40721
I updated Appworld on my Curve 8900 when it first became available a couple of weeks ago and immediately started getting the message about something being wrong with this session and try again. I tried a couple of things like deleting and re installing AppWorld, and now I get the message "No Cached Credentials. Error ID 40721" whenever I try to upgrade apps or download new ones. I have complete access from AppWorld online with my computer browser. I have updated my Blackberry ID and my payment options. I am still unable to use AppWorld on my device.
Solved!
Go to Solution.Believe me...I understand financial constraints...I've been unemployed since being laid off last October...
carpenter wrote:
I inherited my boss's device when he upgraded. Just deactivated the BES policy and I was good to go.
Oh I do hope you did that properly...there are very specific methods to do so, and many methods folks think work actually do not (e.g., the on-device WIPE commands do not touch the IT Policy).
carpenter wrote:
BTW would it be possible to downgrade my version of AW?
Typically, you can access two versions of AW. The most current version (which you already have) and the version that was packaged with your BB OS. To fall back to that, you have to reload your OS so that you can regain that version of AW. But, nothing in between is "officially" available -- though I've seen links from time to time of folks hosting unofficial AW versions (no...I have no list).
Good luck!
Occam's Razor nearly always applies when troubleshooting technology issues!
If anyone has been helpful to you, please show your appreciation by clicking the button inside of their post. Please click here and read, along with the threads to which it links, for helpful information to guide you as you proceed. I always recommend that you treat your BlackBerry like any other computing device, including using a regular backup schedule...click here for an article with instructions.
Join our BBM Channels
BSCF General Channel
PIN: C0001B7B4 Display/Scan Bar Code
Knowledge Base Updates
PIN: C0005A9AA Display/Scan Bar Code -
Hi Everyone,
My BB had ben eaten by my dog and I just received my new device from the service. I got a brand new one, with all my datas saved from the old one. It is great, everything works, but when I try to download anything from the app world, it says no cached credentials, error id:40721. I tried everything what I found online in forums (because many people have the exact same problem), but nothing worked. My device thinks that I have no network connection, while I am abée to use the browser. I could not even download apps through my PC. Since it says I'm not connected to the network, it does not allow me to do anything. Any ideas?
Thanx
Solved!
Go to Solution.Hi csippesz
On your previous device are you using Blackberry Application like BBM,Facebook etc and do you have blackberry internet service in your account .
First try this :
On Your Home Screen Go to Options - Device - Advance System setting - Host Routing Table - there press the Menu Key than Click Register Now .Wait and see if any Registration message comes .after that perform a battery pull restart like this:
While Device is Powered On remove the Battery wait for a min. then re-insert it back wait till the device take a long Reboot.
Prince
Click " Like " if you want to Thank someone.
If Problem Resolves mark the post(s) as " Solution ", so that other can make use of it.
Click " Like " if you want to Thank someone.
If Problem Resolves mark the post(s) as " Solution ", so that other can make use of it. -
No cached credentials. (ID error :40721)
Hi,
I have some problemes on my Blackberry.
I want to download, for example WhatsApp, I have internet with wifi but it can't be download it(by Apps Store of Blackberry on my phone Desktop), and show me this error:
" No cached credentials. (ID error :40721) "
I need help please.
Thanks a lot.virajpatel wrote :
even i have same problem with it.
i can't download any thing from bb app world .
Hi virajpatel
Please Contact your Carrier and make sure that sufficent data plan is enabled on your Account,after that Go through those steps suggested in Knowledge Base and see if problem resolves.
Prince
Click " Like " if you want to Thank someone.
If Problem Resolves mark the post(s) as " Solution ", so that other can make use of it.
Click " Like " if you want to Thank someone.
If Problem Resolves mark the post(s) as " Solution ", so that other can make use of it. -
Authenicated with Cached Credentials
I have 2 identical Mac Book Pro laptops (I use one as a backup). I do a full backup of the production Mac using SuperDuper and install it on the other to use as a replacement if needed. They are never on the network (Windows 2003/AD) at the same time. When logging into the network on the backup laptop a message pops up saying Authenicated with Cached Credentials. After several times of logging in you are no longer able to log in at all. Is there something I need to clear that I am missing?
Hi beachbum 2013, and a warm welcome to the forums!
Hmmm, might see if this is of any help...
http://www.scribd.com/doc/6075527/Group-Policies-for-Mac-OS-X
Next time it won't login, try logging out, then logon to your Mac, click the Other... button on the logon screen and use domain/username as your logon information. -
Find a error in storm 9530 :- No Cached credentials.(Error id : 40721)
Hey Friends Please Help Me for this error .!
when i am download any apps from blackberry app world then above error stop me .
how can i manage it . please help me......hello,
please read this article from the public knowledge base.
KB32439 Error 40721: No Cached Credentials appears when accessing BlackBerry App World
The search box on top-right of this page is your true friend, and the public Knowledge Base too: -
We want to create a small portable application in our network that accesses a server on the internet using an internal proxy that requires integrated windows authentication (NTLM) from a standard domain client PC(non admin) running in
user mode after the client logged in. We wonder if such a PE is able to access cached credentials (LSASS hashes). If you read that browsers like chrome can access cached credentials with integrated
authentication I wonder if that is really possible. In my understanding no portable 3rd party application that gets executed after the user is logged in is able to access such stored hash
values (only maybe some hacker tools that run under system account can dump such hashes). But maybe it is possible. Very happy if someone can point me in the right direction.
Thx
OliverHi Oliver,
The closest method I can relate is Kerberos Delegation, which allows an application to reuse the end-user credentials to access recourses hosted on a different server.
More information for you:
Kerberos Delegation
http://blogs.msdn.com/b/autz_auth_stuff/archive/2011/05/03/kerberos-delegation.aspx
About Kerberos constrained delegation
https://technet.microsoft.com/en-us/library/cc995228.aspx?f=255&MSPPError=-2147217396
Best Regards,
Amy
Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] -
On opening message says unable to read cache, purge cache. Purging the cache does not help and Bridge continues to hang. Was working fine before.
Mac? REad this http://forums.adobe.com/thread/1237168
-
Query performance problem - events 2505-read cache and 2510-write cache
Hi,
I am experiencing severe performance problems with a query, specifically with events 2505 (Read Cache) and 2510 (Write Cache) which went up to 11000 seconds on some executions. Data Manager (400 s), OLAP data selection (90 s) and OLAP user exit (250 s) are other the other event with noticeable times. All other events are very quick.
The query settings (RSRT) are
persistent cache across each app server -> cluster table,
update cache in delta process is checked ->group on infoprovider type
use cache despite virtual characteristics/key figs checked (one info-cube has1 virtual key figure which should have a static result for a day)
=>Do you know how I can get more details than what's in 0TCT_C02 to break down the read and write cache events time or do you have any recommandation?
I have checked and no dataloads were in progres on the info-providers and no master data loads (change run). Overall system performance was acceptable for other queries.
ThanksHi,
Looks like you're using BDB, not BDB JE, and this is the BDB JE forum. Could you please repost here?:
Berkeley DB
Thanks,
mark -
Trying to log into a RDS server using cached credentials
I have a Windows Server 2012 R2 with Remote Desktop Services installed and it is a member server in my domain. As a test, I have cut the network connection between the RDS server and the domain controller. I can log into the
RDS server at the console with my cached domain account, but I can't RDP into the server with my cached domain accout. It is telling me the specified domain either does not exist or could not be contacted. Does RDS sessions not
use cached credentials ? I have set the Group Policy Option: Interactive logon: Number of previous logons to cache (in case domain controller is not available) to 30. That didn't seem to make any difference. Thanks for any
help with this problem.Hi,
By default Network Level Authentication (NLA) will be used for RDP connections, and this requires the domain controller to be available. If you needed to you could disable the requirement to use NLA in the collection properties and set a custom rdp
property so that clients would not attempt to use NLA when they connect. The downside of this approach is clients will never use NLA when connecting and instead will see a server-side log on screen, and may get multiple prompts for credentials.
It is preferred to use NLA where possible, which in most cases it is since modern clients support it.
-TP -
GP - Offline Adobe: How to modify Reader rights credentials
Hi,
I have implemented offline adobe forms (Impersonalized) using guided procedures.
-- I have created an interactive form callable object using an xdp template.
-- Used Create Impersonalized form option and activated the object.
-- In the manage impersonalized forms section, created a form using the object.
-- The form created doesn't allow me to add attachments or comments.
I have worked with online interactive forms too and the PDF rendered there allows me to add attachements.
I have checked both the forms' readers rights credentials.
Form rendered using GP doesn't have the option 'You have the rights to add attachments'
But I need to attach some docs to this form. How can I achieve this.
How to modify the reader rights credentials so that I can add attachments.
Version:
Adobe reader 8.1.1
Adobe ALD 8.0
SAP NetWeaver 7.0 (2004s) SPS 15
Edited by: Subramanya Srinivas Mullapudi on Oct 17, 2008 1:32 AMNot possible
-
Unable to read cache when I re-open Bridge
Each time I reopen Bridge I get an error message saying: Unable to read cache. The thumbnails need to be regenerated each time I open program. Have tried purging cache, etc. Still no luck.
Are you using a distributed Bridge Cache or a central bridge cache?
Maybe you are looking for
-
I have an iPad 2 with most recent update 8.1.3. I have been experiencing connection problems, wifi dropping all the time. I get the prompts to enter passwords for iCloud and i Tunes all the time. I finally synched my Apple ID with my iTunes ID but th
-
Any clues on why my Mac won't update the OS to the newest version? I am currently running OS 10.6.8. My husband is running the same computer but 10.7.5...this despite my requests for updates. Thoughts?
-
ICE - Content Transfer & Performance
Hi, We are implementing a Content Management System using KM on EP6SP14. We have a staging Portal to create the content, transfer it to Production Portal using ICE, and render it from there. Issues - ICE does not provide 'On demand' PUSH. Secondly IC
-
Printing in CS3 - What in the world?
Intermittently, these errors popup. I have 2 printers installed, both Postscript. Is this a Photoshop problem, or an OS problem?
-
itunes used to accept and sync ipod touch but all of a sudden it gives me a box that says it cannot be used because the apple mobile device service is not started.what is the mobile device service and how do i start it?