[SOLVED]winbind ... Error looking up domain users
I have followed the Active Directory intergration Wiki to the letter, but stuck at the winbind section when i do i wbinfo -u or i get Error looking up Domain users or domain groups....
[gigabyteme@wkstn1-arch ~]$ sudo wbinfo -u
[sudo] password for gigabyteme:
Error looking up domain users
[gigabyteme@wkstn1-arch ~]$ wbinfo -u
Error looking up domain users
[gigabyteme@wkstn1-arch ~]$ wbinfo -g
failed to call wbcListGroups: WBC_ERR_WINBIND_NOT_AVAILABLE
Error looking up domain groups
[gigabyteme@wkstn1-arch ~]$
Here is my krb.conf file....
[libdefaults]
default_realm = CLICK-IT.CA
clockskew = 300
ticket_lifetime = 1d
forwardable = true
proxiable = true
dns_lookup_realm = true
dns_lookup_kdc = true
[realms]
CLICK-IT.CA = {
kdc = CITADSVR01.CLICK-IT.CA
admin_server = CITADSVR01.CLICK-IT.CA
default_domain = CLICK-IT.CA
[domain_realm]
.citadsvr01.click-it.ca = CLICK-IT.CA
.click-it.ca = CLICK-IT.CA
click-it.ca = CLICK-IT.CA
click-it = CLICK-IT.CA
[appdefaults]
pam = {
ticket_lifetime = 1d
renew_lifetime = 1d
forwardable = true
proxiable = false
retain_after_close = false
minimum_uid = 0
debug = false
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/kdc.log
admin_server = FILE:/var/log/kadmind.log
and here is my smb.conf file
/etc/samba/smb.conf
[Global]
netbios name = WKSTN1-ARCH
workgroup = CLICK-IT
realm = CLICK-IT.CA
server string = %h ArchLinux Host
security = ads
encrypt passwords = yes
password server = citadsvr01.click-it.ca
idmap config * : backend = rid
idmap config * : range = 10000-20000
winbind use default domain = no
winbind enum users = Yes
winbind enum groups = Yes
winbind nested groups = Yes
winbind separator = +
winbind refresh tickets = yes
template shell = /bin/bash
template homedir = /home/%D/%U
preferred master = no
dns proxy = no
wins server = pdc.example.com
wins proxy = no
inherit acls = Yes
map acl inherit = Yes
acl group control = yes
load printers = no
debug level = 3
use sendfile = no
Any help with this would be greatly aprecieated...
Last edited by 0n3 (2014-03-28 05:27:43)
0n3 wrote:Please mark as solved, for some reason the winbindd service wasnt being started, i enabled and started it manually and it works now
You need to do that yourself.
https://wiki.archlinux.org/index.php/Fo … ow_to_Post
Similar Messages
-
Acrobat x pro crashes (error 6) under domain user account
Acrobat X Pro (installed under CS6 Suite) crashes when run under a domain users account (receives error 6, uninstall/reinstall product). I've done this many times with the same result. My feeling is that the problem is related to permissions/rights issues as the product works fine when logged into the local administrator account. Any thoughts/comments would be appreciated.
Acrobat X Pro (installed under CS6 Suite) crashes when run under a domain users account (receives error 6, uninstall/reinstall product). I've done this many times with the same result. My feeling is that the problem is related to permissions/rights issues as the product works fine when logged into the local administrator account. Any thoughts/comments would be appreciated.
-
I am getting 2 errors through the event viewer that prevents TFS 2013 authentication for local domain users, also this error started appearing after having TFS upgraded to [ 12.0.30723.0 (Tfs2013.Update3) ].
1st Error (from administrative events):
The Execute method of job definition Microsoft.SharePoint.Administration.SPUsageImportJobDefinition (ID a51a0244-765d-433b-8502-0bb0540ad1fd) threw an exception. More information is included below.
Access to the path 'C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\LOGS' is denied.
Tried so far:-
- changed the path to another folder from "Diagnostic Logging" in another drive, but still getting the same error.
2nd Error (from application server):
DistributedCOM error
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{000C101C-0000-0000-C000-000000000046}
and APPID
{000C101C-0000-0000-C000-000000000046}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
Which I already got fixed using the following steps on a thread I opened before (but still getting the same error).
https://social.technet.microsoft.com/Forums/windows/en-US/3896e35c-b99a-4d30-b662-f92d337c8d6f/windows-servers-components-services-and-regedit-permissions-are-grayed-out-for-my-admin-account?forum=winservergen
Other Fixes I tried
- Found on another topic that it is not sharepoint that is causing the problem, but it is the generated ASP.NET web pages used for testing is causing the memory to fill up due to cashing on RAM, the fix suggested to change IIS cashing from RAM to HD to prevent
loading up using w3wp.exe from processes.
Concern
- by checking other topics for people having the same problem, it was mentioned that this error appeared after the lastest TFS update, is there is a fix for it ?Hi Kpdn,
Thanks for your post.
All your participation and support are very important to build such harmonious/ pleasant / learning environment for MSDN community.
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey. -
Error message "The specified user or domain group was not found" when trying to access certain sites
Hello.
My setup is as such (this is a testing environment), spread over two virtual machines:
-Windows Server 2012 with AD DS and MS SQL Server 2012
-SharePoint Server 2013
When trying to access a lot of site collections in different web applications, I am given this error message. The error message started suddenly appearing, and I do not know what caused it. It started happening after I turned on Request Management Service
Application, though I can't see how that would cause this, and it was not fixed after I turned it off.
I have the necessary permissions, as I have been able to log on to the sites before without any issue. I am using a domain administrator account who is a site collection administrator.
At first I thought it was an issue related to User Profile Service Application, as I was having issues starting the Synchronisation instance. I deleted and re-installed UPS, got synchronisation to work, and it still does not work. I have made no changed
to the AD schema. I have not moved any accounts recently, and I have not deleted any accounts.
Here are the ULS log entries. It seems to have been truncated some.
06/11/2014 10:17:31.94 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Authentication Authorization agb9s Medium Non-OAuth request. IsAuthenticated=True, UserIdentityName=0#.w|sp\administrator, ClaimsCount=26 dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Database ahjqp High [Forced due to logging gap, cached @ 06/11/2014 10:17:31.95, Original Level: Verbose] SQL connection time: 0.0556 dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High UserAgent not available, file operations may not be optimized. at Microsoft.SharePoint.SPFileStreamManager.CreateCobaltStreamContainer(SPFileStreamStore spfs, ILockBytes ilb, Boolean copyOnFirstWrite, Boolean disposeIlb) at Microsoft.SharePoint.SPFileStreamManager.SetInputLockBytes(SPFileInfo& fileInfo, SqlSession session, PrefetchResult prefetchResult) at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromDocumentRowset(Guid databaseId, SqlSession session, SPFileStreamManager spfstm, Object[] metadataRow, SPRowset contentRowset, SPDocumentBindRequest& dbreq, SPDocumentBindResults& dbres) at Microsoft.SharePoint.SPSqlClient.GetDocumentContentRow(Int32 rowOrd, Object ospFileStmMgr, SPDocumentBindRequest& dbreq, SPDocumentBindResults& dbres... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.02* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High ...) at Microsoft.SharePoint.Library.SPRequestInternalClass.GetFileAndMetaInfo(String bstrUrl, Byte bPageView, Byte bPageMode, Byte bGetBuildDependencySet, String bstrCurrentFolderUrl, Int32 iRequestVersion, Byte bMainFileRequest, Boolean& pbCanCustomizePages, Boolean& pbCanPersonalizeWebParts, Boolean& pbCanAddDeleteWebParts, Boolean& pbGhostedDocument, Boolean& pbDefaultToPersonal, Boolean& pbIsWebWelcomePage, String& pbstrSiteRoot, Guid& pgSiteId, UInt32& pdwVersion, String& pbstrTimeLastModified, String& pbstrContent, UInt32& pdwPartCount, Object& pvarMetaData, Object& pvarMultipleMeetingDoclibRootFolders, String& pbstrRedirectUrl, Boolean& pbObjectIsList, Guid& pgListId, UInt32& pdwItemId, Int64& pllListFlags, Boolean& pbAccessDenied, Guid& pgDocid, Byte& piLevel, UInt64& ppermMask, ... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.02* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High ...Object& pvarBuildDependencySet, UInt32& pdwNumBuildDependencies, Object& pvarBuildDependencies, String& pbstrFolderUrl, String& pbstrContentTypeOrder, Guid& pgDocScopeId) at Microsoft.SharePoint.Library.SPRequestInternalClass.GetFileAndMetaInfo(String bstrUrl, Byte bPageView, Byte bPageMode, Byte bGetBuildDependencySet, String bstrCurrentFolderUrl, Int32 iRequestVersion, Byte bMainFileRequest, Boolean& pbCanCustomizePages, Boolean& pbCanPersonalizeWebParts, Boolean& pbCanAddDeleteWebParts, Boolean& pbGhostedDocument, Boolean& pbDefaultToPersonal, Boolean& pbIsWebWelcomePage, String& pbstrSiteRoot, Guid& pgSiteId, UInt32& pdwVersion, String& pbstrTimeLastModified, String& pbstrContent, UInt32& pdwPartCount, Object& pvarMetaData, Object& pvarMultipleMeetingDoclibRootFolders, String& pbst... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.02* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High ...rRedirectUrl, Boolean& pbObjectIsList, Guid& pgListId, UInt32& pdwItemId, Int64& pllListFlags, Boolean& pbAccessDenied, Guid& pgDocid, Byte& piLevel, UInt64& ppermMask, Object& pvarBuildDependencySet, UInt32& pdwNumBuildDependencies, Object& pvarBuildDependencies, String& pbstrFolderUrl, String& pbstrContentTypeOrder, Guid& pgDocScopeId) at Microsoft.SharePoint.Library.SPRequest.GetFileAndMetaInfo(String bstrUrl, Byte bPageView, Byte bPageMode, Byte bGetBuildDependencySet, String bstrCurrentFolderUrl, Int32 iRequestVersion, Byte bMainFileRequest, Boolean& pbCanCustomizePages, Boolean& pbCanPersonalizeWebParts, Boolean& pbCanAddDeleteWebParts, Boolean& pbGhostedDocument, Boolean& pbDefaultToPersonal, Boolean& pbIsWebWelcomePage, String& pbstrSiteRoot, Guid& pgSiteId, UInt32& pdwVersion,... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.02* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High ... String& pbstrTimeLastModified, String& pbstrContent, UInt32& pdwPartCount, Object& pvarMetaData, Object& pvarMultipleMeetingDoclibRootFolders, String& pbstrRedirectUrl, Boolean& pbObjectIsList, Guid& pgListId, UInt32& pdwItemId, Int64& pllListFlags, Boolean& pbAccessDenied, Guid& pgDocid, Byte& piLevel, UInt64& ppermMask, Object& pvarBuildDependencySet, UInt32& pdwNumBuildDependencies, Object& pvarBuildDependencies, String& pbstrFolderUrl, String& pbstrContentTypeOrder, Guid& pgDocScopeId) at Microsoft.SharePoint.SPWeb.GetWebPartPageContent(Uri pageUrl, Int32 pageVersion, PageView requestedView, HttpContext context, Boolean forRender, Boolean includeHidden, Boolean mainFileRequest, Boolean fetchDependencyInformation, Boolean& ghostedPage, String& siteRoot, Guid& siteId, Int64& bytes, ... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.02* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High ...Guid& docId, UInt32& docVersion, String& timeLastModified, Byte& level, Object& buildDependencySetData, UInt32& dependencyCount, Object& buildDependencies, SPWebPartCollectionInitialState& initialState, Object& oMultipleMeetingDoclibRootFolders, String& redirectUrl, Boolean& ObjectIsList, Guid& listId) at Microsoft.SharePoint.ApplicationRuntime.SPRequestModuleData.FetchWebPartPageInformationForInit(HttpContext context, SPWeb spweb, Boolean mainFileRequest, String path, Boolean impersonate, Boolean& isAppWeb, Boolean& fGhostedPage, Guid& docId, UInt32& docVersion, String& timeLastModified, SPFileLevel& spLevel, String& masterPageUrl, String& customMasterPageUrl, String& webUrl, String& siteUrl, Guid& siteId, Object& buildDependencySetData, SPWebPartCollectionInitialState& initialState, ... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.02* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High ...String& siteRoot, String& redirectUrl, Object& oMultipleMeetingDoclibRootFolders, Boolean& objectIsList, Guid& listId, Int64& bytes) at Microsoft.SharePoint.ApplicationRuntime.SPRequestModuleData.GetFileForRequest(HttpContext context, SPWeb web, Boolean exclusion, String virtualPath) at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.InitContextWeb(HttpContext context, SPWeb web) at Microsoft.SharePoint.WebControls.SPControl.SPWebEnsureSPControl(HttpContext context) at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.GetContextWeb(HttpContext context) at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.PostResolveRequestCacheHandler(Object oSender, EventArgs ea) at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IEx... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.02* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High ...ecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error) at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb) at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompl... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.02* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files 00000 High ...etion(IntPtr pHandler, RequestNotificationStatus& notificationStatus) at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags) dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Files aiv4w Medium Spent 0 ms to bind 3356 byte file stream dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Logging Correlation Data xmnv Medium Site=/ dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Monitoring b4ly High Leaving Monitored Scope (PostResolveRequestCacheHandler). Execution Time=66.6457 dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x1BC0 SharePoint Portal Server User Profiles ajk4d Medium UserProfileProperty_WCFLogging::Begin ProfilePropertyServiceClient.ExecuteOnChannel acc2999c-dfbc-a0b4-a4e8-f962e574ee66
06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x1BC0 SharePoint Portal Server User Profiles ajk35 Medium MossClientBase_WCFLogging::Begin MossClientBase.ExecuteOnChannel acc2999c-dfbc-a0b4-a4e8-f962e574ee66
06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x1BC0 SharePoint Portal Server User Profiles ajk36 Medium MossClientBase_WCFLogging:: MossClientBase.ExecuteOnChannel - Executing codeblock on channel acc2999c-dfbc-a0b4-a4e8-f962e574ee66
06/11/2014 10:17:32.02 w3wp.exe (0x1904) 0x1BC0 SharePoint Foundation Topology e5mc Medium WcfSendRequest: RemoteAddress: 'http://sp13:32843/44fa09d6891d4d7bb9856a0da10f6a84/ProfilePropertyService.svc' Channel: 'Microsoft.Office.Server.UserProfiles.IProfilePropertyService' Action: 'http://Microsoft.Office.Server.UserProfiles/GetProfileProperties' MessageId: 'urn:uuid:ec3c0f34-3285-4771-a7a1-24039cb4ced8' acc2999c-dfbc-a0b4-a4e8-f962e574ee66
06/11/2014 10:17:32.03 w3wp.exe (0x1904) 0x0FAC Web Content Management Publishing 7fz3 Medium Setting [Display] as the FormContext.FormMode for the current page dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High DelegateControl: Exception thrown while adding control 'Microsoft.SharePoint.Publishing.Navigation.PortalSiteMapDataSource': Microsoft.SharePoint.SPException: The specified user or domain group was not found. ---> System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated. at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess) at System.Security.Principal.NTAccount.Translate(Type targetType) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) --- End of inner exception stack trace --- at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(IClaimsIdentity claimsIdentity, String encodedIdentityClaimSuffix) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(String encodedIdentityClaimSuffix) at Microsoft.SharePoint.Utilities.SPUtility.GetFullUserKeyFromFullName(String fullName) at Microsoft.SharePoint.SPGlobal.CreateSPRequestAndSetIdentity(SPSite site, String name, Boolean bNotGlobalAdminCode, String strUrl, Boolean bNotAddToContext, Byte[] UserToken, SPAppPrincipalToken appPrincipalToken, String userName, Boolean bIgnoreTokenTimeout, Boolean bAsAnonymous) at Microsoft.SharePoint.SPSite.get_Request() at Mi... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...crosoft.SharePoint.SPSite.OpenWeb(Guid gWebId, Int32 mondoHint) at Microsoft.SharePoint.Publishing.CachedObjectFactory.OpenWebFromSuperUserSite(Guid webId) at Microsoft.SharePoint.Publishing.CacheManager..ctor(SPSite site) at Microsoft.SharePoint.Publishing.CacheManager.GetManager(SPSite site, Boolean useContextSite, Boolean allowContextSiteOptimization, Boolean refreshIfNoContext) at Microsoft.SharePoint.Publishing.CachedAreaLookup.EnsureLookup(Boolean errorsAsExceptions) at Microsoft.SharePoint.Publishing.CachedAreaLookup.GetCachedAreaOrException() at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigationCache.GetCachedWebInfo(CachedAreaLookup cachedAreaLookup) at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigationCache.GetWebNavigationSetting... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...s(CachedAreaLookup cachedArea, CachedAreaLookup& parentCachedArea, Exception& loadError) at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigation.GetEffectiveProviderSettingsList(CachedAreaLookup cachedArea, Boolean includeInheritedSettings) at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigation.GetEffectiveProviderSettings[T](CachedAreaLookup cachedArea, String siteMapProviderName, Boolean includeInheritedSettings, CachedAreaLookup& cachedAreaWithSettings) at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigation.GetEffectiveProviderSettings[T](SPWeb web, String siteMapProviderName, Boolean includeInheritedSettings) at Microsoft.SharePoint.Publishing.Navigation.SwitchableSiteMapProvider.GetCurrentWrappedProvider() at Microsoft.SharePoint.Publis... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...hing.Navigation.SwitchableSiteMapProvider.get_RootNode() at Microsoft.SharePoint.Publishing.Navigation.SwitchableDataSourceBehavior.AssignProperties(SiteMapProvider targetProvider) at Microsoft.SharePoint.Publishing.Navigation.PortalSiteMapDataSource.OnInit(EventArgs e) at System.Web.UI.Control.InitRecursive(Control namingContainer) at System.Web.UI.Control.AddedControl(Control control, Int32 index) at Microsoft.SharePoint.WebControls.DelegateControl.AddControlResilient(Control ctl) dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High DelegateControl: Exception thrown while adding control 'Microsoft.SharePoint.Publishing.Navigation.PortalSiteMapDataSource': Microsoft.SharePoint.SPException: The specified user or domain group was not found. ---> System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated. at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess) at System.Security.Principal.NTAccount.Translate(Type targetType) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) --- End of inner exception stack trace --- at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(IClaimsIdentity claimsIdentity, String encodedIdentityClaimSuffix) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(String encodedIdentityClaimSuffix) at Microsoft.SharePoint.Utilities.SPUtility.GetFullUserKeyFromFullName(String fullName) at Microsoft.SharePoint.SPGlobal.CreateSPRequestAndSetIdentity(SPSite site, String name, Boolean bNotGlobalAdminCode, String strUrl, Boolean bNotAddToContext, Byte[] UserToken, SPAppPrincipalToken appPrincipalToken, String userName, Boolean bIgnoreTokenTimeout, Boolean bAsAnonymous) at Microsoft.SharePoint.SPSite.get_Request() at Mi... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...crosoft.SharePoint.SPSite.OpenWeb(Guid gWebId, Int32 mondoHint) at Microsoft.SharePoint.Publishing.CachedObjectFactory.OpenWebFromSuperUserSite(Guid webId) at Microsoft.SharePoint.Publishing.CacheManager..ctor(SPSite site) at Microsoft.SharePoint.Publishing.CacheManager.GetManager(SPSite site, Boolean useContextSite, Boolean allowContextSiteOptimization, Boolean refreshIfNoContext) at Microsoft.SharePoint.Publishing.CachedAreaLookup.EnsureLookup(Boolean errorsAsExceptions) at Microsoft.SharePoint.Publishing.CachedAreaLookup.GetCachedAreaOrException() at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigationCache.GetCachedWebInfo(CachedAreaLookup cachedAreaLookup) at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigationCache.GetWebNavigationSetting... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...s(CachedAreaLookup cachedArea, CachedAreaLookup& parentCachedArea, Exception& loadError) at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigation.GetEffectiveProviderSettingsList(CachedAreaLookup cachedArea, Boolean includeInheritedSettings) at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigation.GetEffectiveProviderSettings[T](CachedAreaLookup cachedArea, String siteMapProviderName, Boolean includeInheritedSettings, CachedAreaLookup& cachedAreaWithSettings) at Microsoft.SharePoint.Publishing.Navigation.TaxonomyNavigation.GetEffectiveProviderSettings[T](SPWeb web, String siteMapProviderName, Boolean includeInheritedSettings) at Microsoft.SharePoint.Publishing.Navigation.SwitchableSiteMapProvider.GetCurrentWrappedProvider() at Microsoft.SharePoint.Publis... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...hing.Navigation.SwitchableSiteMapProvider.get_RootNode() at Microsoft.SharePoint.Publishing.Navigation.SwitchableDataSourceBehavior.AssignProperties(SiteMapProvider targetProvider) at Microsoft.SharePoint.Publishing.Navigation.PortalSiteMapDataSource.OnInit(EventArgs e) at System.Web.UI.Control.InitRecursive(Control namingContainer) at System.Web.UI.Control.AddedControl(Control control, Int32 index) at Microsoft.SharePoint.WebControls.DelegateControl.AddControlResilient(Control ctl) dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High DelegateControl: Exception thrown while adding control 'ASP._controltemplates_15_metadatanavtree_ascx': Microsoft.SharePoint.SPException: The specified user or domain group was not found. ---> System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated. at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess) at System.Security.Principal.NTAccount.Translate(Type targetType) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) --- End of inner exception stack trace --- at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyCla... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...im(IClaimsIdentity claimsIdentity, SPClaim loginClaim) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(IClaimsIdentity claimsIdentity, String encodedIdentityClaimSuffix) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(String encodedIdentityClaimSuffix) at Microsoft.SharePoint.Utilities.SPUtility.GetFullUserKeyFromFullName(String fullName) at Microsoft.SharePoint.SPGlobal.CreateSPRequestAndSetIdentity(SPSite site, String name, Boolean bNotGlobalAdminCode, String strUrl, Boolean bNotAddToContext, Byte[] UserToken, SPAppPrincipalToken appPrincipalToken, String userName, Boolean bIgnoreTokenTimeout, Boolean bAsAnonymous) at Microsoft.SharePoint.SPSite.get_Request() at Microsoft.SharePoint.SP... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...Site.OpenWeb(Guid gWebId, Int32 mondoHint) at Microsoft.SharePoint.Publishing.CachedObjectFactory.OpenWebFromSuperUserSite(Guid webId) at Microsoft.SharePoint.Publishing.CacheManager..ctor(SPSite site) at Microsoft.SharePoint.Publishing.CacheManager.GetManager(SPSite site, Boolean useContextSite, Boolean allowContextSiteOptimization, Boolean refreshIfNoContext) at Microsoft.Office.DocumentManagement.MetadataNavigation.MetadataNavigationSettings.GetCachedArea(SPWeb web) at Microsoft.Office.DocumentManagement.MetadataNavigation.MetadataNavigationContext.GetMetadataNavigationHintsForList(SPWeb web, Guid listGuid) at Microsoft.Office.DocumentManagement.MetadataNavigation.MetadataNavigationSettings.GetMetadataNavigationSettings(SPWeb web, Guid sourceListId, Boolean check... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8sl1 High ...WebPropHint) at Microsoft.Office.DocumentManagement.MetadataNavigation.MetadataNavigationContext.get_NavigationSettings() at Microsoft.Office.DocumentManagement.MetadataNavigation.MetadataNavigationContext.EnsurePageInitEventHandling(Control controlOnPage) at Microsoft.Office.Server.WebControls.MetadataHierarchyDataSourceControl.OnInit(EventArgs e) at System.Web.UI.Control.InitRecursive(Control namingContainer) at System.Web.UI.Control.InitRecursive(Control namingContainer) at System.Web.UI.Control.InitRecursive(Control namingContainer) at System.Web.UI.Control.AddedControl(Control control, Int32 index) at Microsoft.SharePoint.WebControls.DelegateControl.AddControlResilient(Control ctl) dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General 8nca Medium Application error when access /SitePages/Home.aspx, Error=Some or all identity references could not be translated. at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess) at System.Security.Principal.NTAccount.Translate(Type targetType) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Runtime tkau Unexpected System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated. at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess) at System.Security.Principal.NTAccount.Translate(Type targetType) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General ajlz0 High Getting Error Message for Exception System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> Microsoft.SharePoint.SPException: The specified user or domain group was not found. ---> System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated. at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess) at System.Security.Principal.NTAccount.Translate(Type targetType) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) --- End of inner exception stack trace --- at Microsoft.SharePoint.Administration.... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General ajlz0 High ...Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(IClaimsIdentity claimsIdentity, String encodedIdentityClaimSuffix) at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(String encodedIdentityClaimSuffix) at Microsoft.SharePoint.Utilities.SPUtility.GetFullUserKeyFromFullName(String fullName) at Microsoft.SharePoint.SPGlobal.CreateSPRequestAndSetIdentity(SPSite site, String name, Boolean bNotGlobalAdminCode, String strUrl, Boolean bNotAddToContext, Byte[] UserToken, SPAppPrincipalToken appPrincipalToken, String userName, Boolean bIgnoreTokenTimeout, Boolean bAsAnonymous) at Microsoft.SharePoint.... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General ajlz0 High ...SPSite.get_Request() at Microsoft.SharePoint.SPSite.OpenWeb(Guid gWebId, Int32 mondoHint) at Microsoft.SharePoint.Publishing.CachedObjectFactory.OpenWebFromSuperUserSite(Guid webId) at Microsoft.SharePoint.Publishing.CacheManager..ctor(SPSite site) at Microsoft.SharePoint.Publishing.CacheManager.GetManager(SPSite site, Boolean useContextSite, Boolean allowContextSiteOptimization, Boolean refreshIfNoContext) at Microsoft.SharePoint.Publishing.Internal.WebControls.PublishingRibbon.OnLoad(EventArgs e) at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General ajlz0 High ... System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.HandleError(Exception e) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteS... dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03* w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General ajlz0 High ...tep(IExecutionStep step, Boolean& completedSynchronously) dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.03 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation General aat87 Monitorable dbc2999c-6f92-a0b4-a4e8-f7ed10437e35
06/11/2014 10:17:32.05 w3wp.exe (0x1904) 0x0FAC SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (GET:http://sp13:80/SitePages/Home.aspx)). Execution Time=97.7205 dbc2999c-6f92-a0b4-a4e8-f7ed10437e35This is a very generic error message.
What user you are trying to search. Are you using username, display name or email address when searching
Was any domain related changed done
What if that users tried to logon to sharepoint site.
Does this error occur with all the account when you click edit? If not, based on the error,
the user account which might be removed from Active Directory or renamed accidentally. Please have a check.
Try to follow below:
http://architectevangelist.wordpress.com/2010/12/07/sharepoint-2010-the-specified-user-or-domain-group-was-not-found/ -
"Unable to check revocation" error while checking CDP from non-domain user account
Hi!
I use 3-tier PKI infrastructure:
Stand-alone offline Root CA: RootCA;
Stand-alone offline Intermediate subordinate CA: SubCA;
Enterprise CA: EntSubCA.
In certificate we have three CDP point for CRL check:
ldap:///, http:// and file://
I have Windows 2008 R2 server joined to domain.
I use command certutil –verify –urlfetch <filename.cer> >check.txt for revocation checking of certificate.
When I use domain user account for revocation checking, all OK.
I have access to any CDP and all fine.
But when i use local server user account, I haven't access to ldap:/// and process failed although all other links is OK.
My question is "why check fail with non-domain user accout while other CDP point succesfully verifed"?
Here is the logfile from local user:
Issuer:
CN=EntSubCA
DC=DED
DC=ROOT
Subject:
CN=servername.domain_name
Cert Serial Number: 5a896145000300006ee2
dwFlags = CA_VERIFY_FLAGS_ALLOW_UNTRUSTED_ROOT (0x1)
dwFlags = CA_VERIFY_FLAGS_IGNORE_OFFLINE (0x2)
dwFlags = CA_VERIFY_FLAGS_FULL_CHAIN_REVOCATION (0x8)
dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000)
dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000)
ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN (0x20000000)
HCCE_LOCAL_MACHINE
CERT_CHAIN_POLICY_BASE
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
ChainContext.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
ChainContext.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
ChainContext.dwRevocationFreshnessTime: 5 Days, 23 Hours, 15 Minutes, 48 Seconds
SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
SimpleChain.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
SimpleChain.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
SimpleChain.dwRevocationFreshnessTime: 5 Days, 23 Hours, 15 Minutes, 48 Seconds
CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=1000040
Issuer: CN=EntSubCA, DC=DED, DC=ROOT
NotBefore: 05.02.2015 20:03
NotAfter: 05.02.2016 20:03
Subject: CN=servername.domain_name
Serial: 5a896145000300006ee2
SubjectAltName: DNS Name=servername.domain_name
Template: Machine
70 e4 6b 16 05 a1 62 e3 6d 24 96 ff 44 74 ee a2 3e ce df 18
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
Element.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
Element.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
---------------- Certificate AIA ----------------
Failed "AIA" Time: 0
Error retrieving URL: Logon failure: unknown user name or bad password. 0x8007052e (WIN32: 1326)
ldap:///CN=EntSubCA,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=DED,DC=ROOT?cACertificate?base?objectClass=certificationAuthority
Verified "Certificate (0)" Time: 0
[1.0] file://\\ca\crl\EntSubCA.crt
Verified "Certificate (0)" Time: 4
[2.0] http://webserver/crl/EntSubCA.crt
---------------- Certificate CDP ----------------
Failed "CDP" Time: 0
Error retrieving URL: Logon failure: unknown user name or bad password. 0x8007052e (WIN32: 1326)
ldap:///CN=EntSubCA,CN=ca,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=DED,DC=ROOT?certificateRevocationList?base?objectClass=cRLDistributionPoint
Verified "Base CRL (018d)" Time: 0
[1.0] file://\\ca\crl\EntSubCA.crl
Failed "CDP" Time: 0
Error retrieving URL: Logon failure: unknown user name or bad password. 0x8007052e (WIN32: 1326)
[1.0.0] ldap:///CN=EntSubCA,CN=ca,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=DED,DC=ROOT?deltaRevocationList?base?objectClass=cRLDistributionPoint
Old Base CRL "Delta CRL (018d)" Time: 0
[1.0.1] file://\\ca\crl\EntSubCA.crl
Old Base CRL "Delta CRL (018d)" Time: 4
[1.0.2] http://webserver/crl/EntSubCA.crl
Verified "Base CRL (018d)" Time: 4
[2.0] http://webserver/crl/EntSubCA.crl
Failed "CDP" Time: 0
Error retrieving URL: Logon failure: unknown user name or bad password. 0x8007052e (WIN32: 1326)
[2.0.0] ldap:///CN=EntSubCA,CN=ca,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=DED,DC=ROOT?deltaRevocationList?base?objectClass=cRLDistributionPoint
Old Base CRL "Delta CRL (018d)" Time: 0
[2.0.1] file://\\ca\crl\EntSubCA.crl
Old Base CRL "Delta CRL (018d)" Time: 4
[2.0.2] http://webserver/crl/EntSubCA.crl
---------------- Base CRL CDP ----------------
Failed "CDP" Time: 0
Error retrieving URL: Logon failure: unknown user name or bad password. 0x8007052e (WIN32: 1326)
ldap:///CN=EntSubCA,CN=ca,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=DED,DC=ROOT?deltaRevocationList?base?objectClass=cRLDistributionPoint
OK "Base CRL (018d)" Time: 0
[1.0] file://\\ca\crl\EntSubCA.crl
Failed "CDP" Time: 0
Error retrieving URL: Logon failure: unknown user name or bad password. 0x8007052e (WIN32: 1326)
[1.0.0] ldap:///CN=EntSubCA,CN=ca,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=DED,DC=ROOT?deltaRevocationList?base?objectClass=cRLDistributionPoint
Old Base CRL "Delta CRL (018d)" Time: 0
[1.0.1] file://\\ca\crl\EntSubCA.crl
Old Base CRL "Delta CRL (018d)" Time: 4
[1.0.2] http://webserver/crl/EntSubCA.crl
OK "Base CRL (018d)" Time: 4
[2.0] http://webserver/crl/EntSubCA.crl
Failed "CDP" Time: 0
Error retrieving URL: Logon failure: unknown user name or bad password. 0x8007052e (WIN32: 1326)
[2.0.0] ldap:///CN=EntSubCA,CN=ca,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=DED,DC=ROOT?deltaRevocationList?base?objectClass=cRLDistributionPoint
Old Base CRL "Delta CRL (018d)" Time: 0
[2.0.1] file://\\ca\crl\EntSubCA.crl
Old Base CRL "Delta CRL (018d)" Time: 4
[2.0.2] http://webserver/crl/EntSubCA.crl
---------------- Certificate OCSP ----------------
No URLs "None" Time: 0
CRL 018d:
Issuer: CN=EntSubCA, DC=DED, DC=ROOT
33 af 4d be 0e 35 45 94 bc 8b 3f d9 c1 60 e7 0c c4 83 17 b6
Application[0] = 1.3.6.1.5.5.7.3.2 Client Authentication
Application[1] = 1.3.6.1.5.5.7.3.1 Server Authentication
CertContext[0][1]: dwInfoStatus=102 dwErrorStatus=0
Issuer: CN=SubCA
NotBefore: 13.11.2014 19:12
NotAfter: 13.11.2017 19:22
Subject: CN=EntSubCA, DC=DED, DC=ROOT
Serial: 6109015b000100000008
Template: SubCA
9b 04 17 9f c5 fe 52 ca a5 58 49 6c c6 18 fa db 13 b3 92 9e
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
---------------- Certificate AIA ----------------
Failed "AIA" Time: 0
Error retrieving URL: The network path was not found. 0x80070035 (WIN32: 53)
file://\\sub_ca\CertEnroll\sub_ca_SubCA(1).crt
Verified "Certificate (0)" Time: 0
[1.0] file://\\ca\crl\SubCA.crt
Verified "Certificate (0)" Time: 4
[2.0] http://webserver/crl/SubCA.crt
---------------- Certificate CDP ----------------
Verified "Base CRL (32)" Time: 0
[0.0] file://\\ca\crl\SubCA.crl
Verified "Base CRL (32)" Time: 4
[1.0] http://webserver/crl/SubCA.crl
---------------- Base CRL CDP ----------------
No URLs "None" Time: 0
---------------- Certificate OCSP ----------------
No URLs "None" Time: 0
CRL 32:
Issuer: CN=SubCA
8d a9 9d 51 65 a3 8e 77 02 22 40 57 62 70 e8 f6 c5 2e 60 1e
CertContext[0][2]: dwInfoStatus=102 dwErrorStatus=0
Issuer: CN=RootCA
NotBefore: 28.05.2008 12:09
NotAfter: 28.05.2058 12:19
Subject: CN=SubCA
Serial: 616bd19f000100000004
Template: SubCA
06 d2 47 e7 dc 8f a7 97 a2 b8 c3 92 03 19 24 0c 47 45 22 14
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
---------------- Certificate AIA ----------------
Verified "Certificate (0)" Time: 0
[0.0] file://\\ca\crl\RootCA.crt
Verified "Certificate (0)" Time: 4
[1.0] http://webserver/crl/RootCA.crt
---------------- Certificate CDP ----------------
Verified "Base CRL (1c)" Time: 4
[0.0] http://webserver/crl/RootCA.crl
Verified "Base CRL (1c)" Time: 0
[1.0] file://\\ca\crl\RootCA.crl
---------------- Base CRL CDP ----------------
No URLs "None" Time: 0
---------------- Certificate OCSP ----------------
No URLs "None" Time: 0
CRL 1c:
Issuer: CN=RootCA
dc 98 2f 8d 16 9c 64 6e b2 74 89 95 9a 6c 1b 77 fd 58 63 fb
CertContext[0][3]: dwInfoStatus=10c dwErrorStatus=0
Issuer: CN=RootCA
NotBefore: 27.05.2008 16:10
NotAfter: 27.05.2110 16:20
Subject: CN=RootCA
Serial: 258de6fbd3bbab92460530e9e9f10536
5d e4 56 38 13 0a 52 aa 66 51 25 61 19 33 c9 d7 a2 c7 dd 38
Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4)
Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
---------------- Certificate AIA ----------------
Verified "Certificate (0)" Time: 0
[0.0] file://\\ca\crl\RootCA.crt
Verified "Certificate (0)" Time: 4
[1.0] http://webserver/crl/RootCA.crt
---------------- Certificate CDP ----------------
Verified "Base CRL (1c)" Time: 0
[0.0] file://\\ca\crl\RootCA.crl
Verified "Base CRL (1c)" Time: 4
[1.0] http://webserver/crl/RootCA.crl
---------------- Base CRL CDP ----------------
No URLs "None" Time: 0
---------------- Certificate OCSP ----------------
No URLs "None" Time: 0
CRL 1c:
Issuer: CN=RootCA
dc 98 2f 8d 16 9c 64 6e b2 74 89 95 9a 6c 1b 77 fd 58 63 fb
Issuance[0] = 1.2.700.113556.1.4.7000.233.28688.7.167403.1102261.1593578.2302197.1
Exclude leaf cert:
5b 8d 96 39 f8 a3 6f af f3 89 bc 8d 78 e2 da 53 21 b8 ff aa
Full chain:
ca 99 30 47 9b ad ab ce 97 cc 70 80 a5 4e 11 b3 1a 83 98 78
Verified Issuance Policies: None
Verified Application Policies:
1.3.6.1.5.5.7.3.2 Client Authentication
1.3.6.1.5.5.7.3.1 Server Authentication
ERROR: Verifying leaf certificate revocation status returned The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885613)
CertUtil: The revocation function was unable to check revocation because the revocation server was offline.
CertUtil: -verify command completed successfully.What you have discovered is the reason to *not* use LDAP URLs for CDP and AIA extensions in your PKI. To access those URLs, the account must access to the URLs. In your output, it is quite clear that the local account does not have necessary permissions
(you also use FILE URLs for publication, which again is not recommended).
The best practice is to use a single URL for the CDP extension. It should be an HTTP URL that is hosted on a highly available (internally and externally accessible) Web cluster.
For the AIA extension, it should contain two URLs: one for the CA certificate - again to an internally and externally accessible, highly available Web cluster and one for the OCSP service - also
an internally and externally accessible, highly available Web cluster.
the other issue is that the root CA is *not* trusted when run by a non-domain account. How are you adding the trusted root CA. It is recommended to do this by running
certutil -dspublish -f RootCA.crt.
This will ensure that the computer account trusts the root CA. In your output, the root CA certificate is not trusted.
Brian -
I've seen multiple blogs and forums with similar problems and SQL 2012 or 2008. But no solutions that work for me.
I have installed SQL Server in mixed mode (SQL and Windows authentication). I can create new Login accounts in either mode. However, I cannot get an AD security group Login account to work. I am trying to add group 'DOMAIN\Domain Admins' or 'SERVER\Administrators'
as a Login so that any of the domain's administrator accounts can open SQL Server Management Studio and act as an 'sa' account on this server.
I have deleted the SQL account 'DOMAIN\Domain Admins'.
I have restarted SQL.
I have restarted the Win2K8r2 server.
I have launched SSMS as Administrator from the desktop of SERVER.
I have launched SSMS as another user (and used 'DOMAIN\user' to lauch it) from the desktop of SERVER.
I can create a login account named 'DOMAIN\user' (who happens to be a member of the 'DOMAIN\Domain Admins' group) and give this account 'sa' security, and when I do that, this account works as expected...
How do I add a security group as a Login account and give all members of that group the ability to be an 'sa' account?Hi geoperkins,
Are you getting the following error message?
Error: 18456, Severity: 14, State: 11
Login failed for user <Domain\user>. Reason: Token-based server access validation failed with an infrastructure error.
If that is the case, the issue could be due to that the Windows login has no profile or that permissions could not be checked due to UAC. Please disable UAC firstly and check if it is successful to log in SQL Server.
Another reason could be that the domain controller could not be reached. You may need to resort to re-creating the login. Create a new group in AD, add users to the new group, then add the group to the local admin group and create login for the group in SQL
Server.
There is a connect item describing similar issue for your reference.
https://connect.microsoft.com/SQLServer/feedback/details/680705/cant-login-to-sql-using-windows-authentication-when-user-is-in-a-domain-security-group
For more details about above error, please review the following blog.
http://sqlblogcasts.com/blogs/simons/archive/2011/02/01/solution-login-failed-for-user-x-reason-token-based-server-access-validation-failed-and-error-18456.aspx
Thanks,
Lydia Zhang
Lydia Zhang
TechNet Community Support -
On Yahoo Mail...and ONLY Yahoo Mail..I get a 404 error after entering my user name and password. This doesn't happen with IE, just Firefox, and just Yahoo Mail. I tried uninstalling and reinstalling FF; no change. Yahoo was absolutely no help whatsoever; can you solve the mystery? Thanks
HI Emmet,
thanks so much for your posts back. I really appreciate it and yes that does help to know that you could not get it working.
I did have some success, in removing the SSL Authentication checkbox in the smtp server settings - I found that this allowed my friend to be able to send mail from the mail app via his sbcglobal (yahoo) account.
So that did help but of course the messages do not have ssl encryption and I'm not sure how big a deal that is for an individual. He is able to receive mail but unless the SSL authentication box is unchecked, he cannot send.
i hope that helps anyone out there also!
Thanks also for the tip about sparrow - yes I have heard of it and it is very popular, he may end up using that in the end.
Thanks again, much appreciated.
Felix -
SQL 2012 sp2 "The permissions granted to user 'DOMAIN\user' are insufficient ..."
1st let me set the tone by admitting I am not real familiar with SQL, I'm more of an Operations Admin. So this is not a new question I think, although I am having difficulty finding an applicable solution. Using SQL Server 2012 sp2 on a Windows
2012R2 server. This is configured to be a SCOM DB server; while on the SQL server itself I open IE and attempt to go to the following URL http://scomsql/reportserver_SCOM I get the
following error.
Reporting Services Error
The permissions granted to user 'DOMAIN\user' are insufficient for performing this operation. (rsAccessDenied) Get Online Help
SQL Server Reporting Services
I have looked at the Reporting Services Config. Mgr. and it looks like the Report Mgt. URL is set for port 80 and no SSL is configured. The rsreportserver.config file has the SecureConnectionLevel set to "0"
My domain account is listed under Security\Logins and holds the 'Server Roles' of public and sysadmin, 'User Mapping' is DBO for the 'ReportServer$SCOM' and 'ReportServer$SCOMTempDB' and the role membership shows db_owner and public for these as well.
Any assistance with getting this working would be greatly appreciated.
# When I wrote this script only God and I knew what I was doing. # Now, only God Knows!Hi Wasisname,
The Reporting Services error rsAccessedDenied occurs when a user does not have permission to perform an action. To troubleshooting this issue, please make sure that you have sufficient permission and the report server name is correct.
In fact, reporting Services uses role-based security to grant user access to a report server, and there are two types of roles: Item-level roles and System-level roles. On a new installation, only local administrators have access to a report server. In order
to grant access to visit the URL http://server:port/ReportServer to users, a local administrator must create a role assignment to define the tasks a user can perform. To solve this problem, please refer to the
following steps:
Start Report Manager by going to URL
http://scomsql/reportserver_SCOM.
Click Site Settings at the top right of the page.
Click Security in the left pane.
If a role assignment already exists for the user, click Edit.
Otherwise, click New Role Assignment. In user, enter the user account.
Select appropriate access, and then click Apply.
The issue may be caused by the UAC or Internet Explorer security setting, please try to follow this steps:
1. Open the Internet options of the IE and add the report server URL into trusted site in the Security tab.
2. Run the IE as administrator.
Besides, if the user need to have access to reports, folders, models and shared data sources, we can assign Item-level roles on the root node (the Home folder) or on specific folders or items.
For more information about Configuring a Native Mode Report Server for Local Administration, please refer to the following document:
http://msdn.microsoft.com/en-us/library/bb630430(v=sql.110).aspx
If you have any more questions, please feel free to ask.
Thanks,
Wendy Fu
If you have any feedback on our support, please click
here.
Wendy Fu
TechNet Community Support -
Unable to browse internet on a domain user's computer through ASA 5503 Firewall
Dear All,
I am trying to configure my new firewall for the last one month but still unable to fix it. I have a domain in windows 2012 standard edition and the firewall with unlimited license. Here is the output of show startup-config. Please note that prpgb.org is my local domain.
prpgbasa# show startup-config
: Saved
: Written by enable_15 at 02:50:45.169 PKT Thu Nov 20 2014
ASA Version 8.2(5)
hostname prpgbasa
domain-name prpgb.org
enable password AExqpLntfuzsVQrq encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 10.0.0.1 255.0.0.0
interface Vlan2
nameif outside
security-level 0
ip address 202.142.XXX.YY 255.255.255.252
ftp mode passive
clock timezone PKT 5
dns server-group DefaultDNS
domain-name prpgb.org
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 202.142.XXX.YZ 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 10.0.0.0 255.0.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet 10.0.0.0 255.0.0.0 inside
telnet timeout 5
ssh 10.0.0.0 255.0.0.0 inside
ssh timeout 5
console timeout 0
dhcpd dns 10.0.0.2 255.0.0.0
dhcpd dns 208.67.222.222 208.67.220.220 interface inside
dhcpd lease 86400 interface inside
dhcpd domain prpgb.org interface inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:23c0af4b2ddf9e925f83ce13909ab900
prpgbasa#
You all are requested to have a look into the problem and suggest me the modifications.
ThanksDear All,
I have solved the issue. I have done the following in-order to browse internet on domain user computers. Here are the steps
1. I have disabled my internal DHCP server in the domain.
2. Then I have configured the ASA DHCP server in the default IP address scheme i.e. 192.168.1.100-200
3. I have Connected my ASA to a switch first then from there I connected a cable to my Domain's Server WAN interface. The LAN (192.168.1.2)interface of the Domain server is also plugged into the same switch.
4. I am using my Domain Server's DNS for name resolution and forward queries which are not served by my domain to open dns server.
It works perfectly so far but before applying or setting up the entire netowrk i want your help to look into the configuration file for corrections if i am making any mistakes. Thanks again for your help and here is the output of show confing.
prpgbasa# show startup
: Saved
: Written by Ghaffar at 02:11:24.319 PKT Mon Dec 8 2014
ASA Version 8.2(5)
hostname prpgbasa
domain-name prpgb.org
enable password AExqpLntfuzsVQrq encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ddns update hostname PRPGB.ORG
dhcp client update dns server both
ip address 192.168.1.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 202.142.XXX.YY 255.255.255.252
ftp mode passive
clock timezone PKT 5
dns domain-lookup inside
dns server-group DefaultDNS
name-server 192.168.1.2
domain-name prpgb.org
object-group network obj_any
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 202.142.XXX.YY 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL
aaa authentication serial console LOCAL
aaa authentication enable console LOCAL
http server enable
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet 192.168.1.0 255.255.255.0 inside
telnet timeout 5
ssh 192.168.1.0 255.255.255.0 inside
ssh timeout 5
console timeout 0
dhcpd address 192.168.1.100-192.168.1.200 inside
dhcpd dns 192.168.1.2 interface inside
dhcpd lease 86400 interface inside
dhcpd domain prpgb.org interface inside
dhcpd update dns both interface inside
dhcpd enable inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
username ABC password FL01QCj0LaLWTID0 encrypted privilege 15
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect icmp
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:7c4930a079158c0cb10a42813d3690cd
prpgbasa#
Please suggest me if there are any recomendations.
Thanks in advance.
Ghaffar -
Accessing SSRS report for Domain Users
Hello,
I have created the SSRS report and deployed it on report server. I would like to add browsing credential to all the users in the User Domain. so i have added the domain name on report server but even domain users are not able to access these report.
Please help me to resolve this issue.what error they are receiving while browing the reports?
Hope you have provided the permissions on the reports as mentioned in below links:
http://technet.microsoft.com/en-us/library/ms157363(v=sql.105).aspx
http://technet.microsoft.com/en-us/library/aa337471(v=sql.105).aspx
http://technet.microsoft.com/en-us/library/aa337385(v=sql.105).aspx
http://technet.microsoft.com/en-us/library/aa337494(v=sql.105).aspx
Please click the Mark as answer button and vote as helpful if this reply solves your problem -
Error while saving record "User:johndoe": Error -14071
I have added my augmented users from the AD server. When I select user and to apply a setting under Preferences I get this on attempting an "Apply", Error while saving record "User:johndoe":Error -14071. I'm authenticating to my LDAP not AD/All Domains.
I have the server bound correctly to the AD server. Bound to AD, then promoted to OD master.
Tried WGM from another Mac, same error.
I recall my AD admin extending the ad schema last year for OS X 10.4.
Thoughts? Thanks.Thanks David and Mabel, and all for the suggestions. I did go through "Leveraging Active..." prior to posting. I did try your method of canceling the authorization to WGM and viewing Directories. I would select a user from this method and try to apply something from MCX, but still got the -14070 error. Yes, I do have my client bound 1st OD, 2nd AD, with OD first on the search policy for the client.
I though I had solved my issue by authenticating to WGM and LDAP. Then selecting Groups and the Members tab, I define an OD group and select that group. I can then click the "+" towards the right of the window. Then select my AD there which populates. I can add my AD groups or single users to my OD group. Then I'm able to apply MCX settings. But, no "blue" circle next to the group's silhouette. How is my method possibly incorrect?
Also, at some point I unbound my client from AD and it seems the client is ok with getting AD info off my OD server. Example, my AD sharepoint mounts for PHD.
But, I do have a pause of 20 secs. are more when logging into the client as well as accessing applications. Side effect of my method? -
System Update error "An error occurred while gathering user information"
I honestly think that i'm never going to stop running into issues with Lenovos software....
Anyways, i've reinstalled countless times trying every way to fix things and nothing works. I will post my log for others to look at and hopefully help me out.
[Lenovo System Update build: 2015-01-15 5.06.0027] 3/4/2015 5:58:34 PM
Info 2015-03-04 , 05:58:34
at Tvsu.Environment.EnvironmentManager..ctor()
Message: Starting Environment Manager...
Info 2015-03-04 , 05:58:36
at Tvsu.Nls.NlsResources..ctor()
Message: Starting the instance of NLS@Runtime
Info 2015-03-04 , 05:58:36
at Tvsu.Nls.NlsResources..ctor()
Message:
The active language is: EN
The default language is: EN
The OS language is: EN
The language loaded type is: OS
Severe 2015-03-04 , 05:58:36
at Tvsu.Sdk.SuSdk.StartApplication()
Message: Application runs with the framework: 4.0.30319.34209
Info 2015-03-04 , 05:58:36
at Tvsu.Engine.DataBase.InitializeDataBase()
Message: Initializing the DataBase from file: updates.ser
Info 2015-03-04 , 05:58:36
at Tvsu.Sdk.SuSdk.StartApplication()
Message: Starting the Application
Info 2015-03-04 , 05:58:36
at Tvsukernel.Logic.GUIController.StartGUI(Boolean showsplash)
Message: Starting GUI...
Info 2015-03-04 , 05:58:36
at Tvsukernel.Logic.GUIController.StartGUI(Boolean showsplash)
Message: MainFrame created successfully
Info 2015-03-04 , 05:58:36
at Tvsukernel.Logic.GUIController.StartGUI(Boolean showsplash)
Message: GUI -- Welcome screen
Info 2015-03-04 , 05:58:36
at Tvsukernel.Logic.GUIController.BackToMain()
Message: Setting Welcome screen...
Info 2015-03-04 , 05:58:36
at Tvsukernel.FlowScreens.MainFrame.SetScreen(String screen, RoutedEventHandler[] eh)
Message: Loading Welcome screen on Action pane.
Info 2015-03-04 , 05:58:39
at Tvsukernel.Logic.GUIController.SearchUpdates(Object sender, EventArgs args)
Message: Starting the Search process...
Info 2015-03-04 , 05:58:39
at Tvsukernel.FlowScreens.MainFrame.SetScreen(String screen, RoutedEventHandler[] eh)
Message: Loading Search screen on Action pane.
Info 2015-03-04 , 05:58:39
at Tvsukernel.Logic.ProgressThread.InitSearch()
Message: GUI -- Reporting progress for the Search
Info 2015-03-04 , 05:58:39
at Tvsu.Sdk.SuSdk.GetSystemProperties()
Message: Get the System Properties
Info 2015-03-04 , 05:58:39
at Tvsu.Engine.Task.Task.StartExecution()
Message: PreTask
Info 2015-03-04 , 05:58:39
at Tvsu.Engine.Task.Task.StartExecution()
Message: Start
Info 2015-03-04 , 05:58:39
at Tvsu.Engine.Task.Task.Start()
Message: Starting the task
Info 2015-03-04 , 05:58:39
at Tvsu.Engine.Task.Task.Start()
Message: The current process is:HelloProcess
Info 2015-03-04 , 05:58:39
at Tvsu.Engine.Task.Task.Start()
Message: Executing the PreProcess HelloProcess
Info 2015-03-04 , 05:58:39
at Tvsu.Engine.Task.Task.Start()
Message: Executing the StartProcess HelloProcess
Info 2015-03-04 , 05:58:39
at Tvsu.Engine.Process.HelloProcess.DownloadHelpFile()
Message: The chm help file is already present in the system
Info 2015-03-04 , 05:58:39
at Tvsu.Engine.Process.HelloProcess.Start()
Message: The test.properties file was not found, the normal Hello process will continue.
Info 2015-03-04 , 05:58:39
at Tvsu.Engine.Process.HelloProcess.Start()
Message: HelloProcess Started
Info 2015-03-04 , 05:58:39
at Tvsu.Engine.Process.HelloProcess.Start()
Message: Client level: HelloLevel_9_14_00
Info 2015-03-04 , 05:58:39
at Tvsu.Engine.Process.HelloProcess.DownloadUDF(String helloClientLevel)
Message: The UDF will be downloaded from: https://download.lenovo.com/ibmdl/pub/pc/pccbbs/agent/SSClientCommon/HelloLevel_9_14_00.xml
Info 2015-03-04 , 05:58:39
at Tvsu.Engine.Process.HelloProcess.DownloadUDF(String helloClientLevel)
Message: The UDF will be downloaded to-> C:\ProgramData\Lenovo\SystemUpdate\session\system\SSClientCommon\HelloLevel_9_14_00.xml
Info 2015-03-04 , 05:58:39
at Tvsu.ConnectionSettings.ConnectionSettings.GetConnectionForURL(String url)
Message: Creating a new Connection Settings Bean instance to Host: download.lenovo.com
Info 2015-03-04 , 05:58:39
at Tvsukernel.CustomControls.Step.<>c__DisplayClass7.<set_Image>b__6()
Message: Setting PROCESSING status.
Info 2015-03-04 , 05:58:39
at Tvt.ConnectionSettings.ConnectionSettings.GetConnectionForURL(String url)
Message: Direct connection found
Info 2015-03-04 , 05:58:39
at Tvsu.FileDownloader.HttpsDownload.GetProxy(ConnectionSettingsBean connBean)
Message: Connection type set to DIRECT in ConnectionSettingsBean
Severe 2015-03-04 , 05:58:39
at Tvsu.FileDownloader.HttpsDownload.Init(FileDownloadInfo fileInfo)
Message: Debug Log: Init method:GET
Info 2015-03-04 , 05:58:39
at Tvsu.Engine.Process.HelloProcess.Start()
Message: UDF download status is -> Downloaded
Info 2015-03-04 , 05:58:39
at Tvsu.Engine.Process.HelloProcess.ParseUDF(String udfPath)
Message: Parsing the UDF file
Severe 2015-03-04 , 05:58:39
at Tvsu.Engine.Process.HelloProcess.Start()
Message: Error reading C:\ProgramData\Lenovo\SystemUpdate\session\system\SSClientCommon\HelloLevel_9_14_00.xml, this XML file is not well-formed
Exception:
Message: Root element is missing.
Type: System.Xml.XmlException
at System.Xml.XmlTextReaderImpl.Throw(Exception e)
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Xml.XmlTextReaderImpl.Read()
at System.Xml.XPath.XPathDocument.LoadFromReader(XmlReader reader, XmlSpace space)
at System.Xml.XPath.XPathDocument..ctor(TextReader textReader)
at Tvsu.Engine.Process.HelloProcess.ParseUDF(String udfPath)
at Tvsu.Engine.Process.HelloProcess.Start()
Info 2015-03-04 , 05:58:39
at Tvsu.Egather.EgatherManager.GetEgatherParser(String type)
Message: Running egather minimal.....
Info 2015-03-04 , 05:58:39
at Tvsu.Egather.EgatherExecutor.RunAsWindowsService(String directory, String command, String arguments)
Message: /execute ia.exe /arguments -filename$C:\Program Files (x86)\Lenovo\System Update\egather\sysrecomin$ -probes REGIONAL_SETTINGS GATHERER_INFORMATION SYSTEM_SUMMARY -local /directory $C:\Program Files (x86)\Lenovo\System Update\egather\$ /type COMMAND /securitycode a7db21fdc747d5e6f213b2b4c6632dc5dbfe5162 /timeout 300000
Info 2015-03-04 , 05:58:39
at Tvsu.Egather.EgatherExecutor.RunAsWindowsService(String directory, String command, String arguments)
Message: FileName Path: C:\Program Files (x86)\Lenovo\System Update\TvsuCommandLauncher.exe
Info 2015-03-04 , 05:58:39
at Tvsu.Egather.EgatherExecutor.ExecuteEgather(String fileOutput, String args)
Message: RC eGatherer: 0
Severe 2015-03-04 , 05:58:39
at Tvsu.Egather.EgatherManager.GetEgatherParser(String type)
Message: Unable to execute egather
Severe 2015-03-04 , 05:58:39
at Tvsu.Engine.Process.HelloProcess.Start()
Message: Error getting the Egather parser
Exception:
Message: Could not find file 'C:\Program Files (x86)\Lenovo\System Update\egather\sysrecomin.XML'.
Type: System.IO.FileNotFoundException
at Tvsu.Egather.EgatherManager.GetEgatherParser(String type)
at Tvsu.Egather.EgatherManager.get_EgatherMinimal()
at Tvsu.Engine.Process.HelloProcess.Start()
Severe 2015-03-04 , 05:58:39
at Tvsu.Engine.Task.Task.StartExecution()
Message: An error occurred while the task: HelloTask executed the process: HelloProcessthe message from exception isError getting the Egather parser
Exception:
Message: Error getting the Egather parser
Type: Tvsu.Engine.Process.EgatherException
at Tvsu.Engine.Task.Task.Start()
at Tvsu.Engine.Task.Task.StartExecution()
Info 2015-03-04 , 05:58:39
at Tvsukernel.CustomControls.Step.<>c__DisplayClass7.<set_Image>b__6()
Message: Setting FAILED status.
Info 2015-03-04 , 05:58:39
at Tvsukernel.Logic.GUIController.ShowErrorMessage(Exception e)
Message: Error while gathering user information.
Exception:
Message: Error getting the Egather parser
Type: Tvsu.Engine.Process.EgatherException
at Tvsu.Engine.Task.Task.StartExecution()
at Tvsu.Sdk.SuSdk.GetSystemProperties()
at Tvsukernel.Logic.ProgressThread.InitSearch()
Info 2015-03-04 , 05:58:39
at Tvsukernel.Dialogs.Messages.ShowStaticMessage(String message, String title, MessageType t, Boolean check)
Message: Showing ERROR Message: < An error occurred while gathering user information. >
Info 2015-03-04 , 05:58:41
at Tvsukernel.Logic.GUIController.BackToMain()
Message: Setting Welcome screen...
Info 2015-03-04 , 05:58:41
at Tvsukernel.FlowScreens.MainFrame.SetScreen(String screen, RoutedEventHandler[] eh)
Message: Loading Welcome screen on Action pane.
Info 2015-03-04 , 05:58:41
at Tvsukernel.Logic.GUIController.AskBeforeClosing()
Message: Close System Update?
Info 2015-03-04 , 05:58:41
at Tvsukernel.Dialogs.Messages.ShowStaticMessage(String message, String title, MessageType t, Boolean check)
Message: Showing QUESTION Message: < Are you sure you want to close System Update? >
Info 2015-03-04 , 05:58:42
at Tvsukernel.Logic.GUIController.AskBeforeClosing()
Message: Application will close now? True
Info 2015-03-04 , 05:58:42
at Tvsukernel.FlowScreens.MainFrame.OnClosing(CancelEventArgs e)
Message: User wanted to close System Update, or the package force a reboot.
Severe 2015-03-04 , 05:58:42
at Tvsu.Sdk.SuSdk.ShutDownApplication()
Message: Has happened an exception while the UNCAuthenticator.Shutdown() was executedShare name can not be null or empty
Info 2015-03-04 , 05:58:42
at Tvsu.Engine.DataBase.ShutDownDataBase()
Message: Shutting down the DataBase, saving any data into file: updates.ser
Info 2015-03-04 , 05:58:42
at Tvsu.Environment.EnvironmentManager.closeEM()
Message: Closing Environment Manager.
Info 2015-03-04 , 05:58:43
at Tvsu.Sdk.SuSdk.ShutDownApplication()
Message: Shut Down the Application
One thing I noticed is that if I visit the download link for the HelloLevel_9_14_00.xml here: https://download.lenovo.com/ibmdl/pub/pc/pccbbs/agent/SSClientCommon/HelloLevel_9_14_00.xml
It shows up completely blank but everything HelloLevel_9_13_00.xml and < shows up fine for me. It appears this is the same issue the log is reporting saying that "this XML file is not well-formed" could this be a Lenovo issue though? No one else has reported this exact problem though so I guess not.
My model is a Thinkpad Edge E540 (20C6008SUS) with Windows 8.1
Solved!
Go to Solution.The hello level 9_14 is expected behavior. The link is currently set blanks. Down the road, when a newer version of SU is available, and Lenovo wants SU to self update, this link will contain the self update information.
As you saw, hello level9_13 contains data.
My notes:
systemupdate506-01-15-2015.exe System Update 5.06.0027 hl=14 (02/05/2015)
systemupdate506-11-04-2014.exe System Update 5.06.0024 hl=13 (11/24/2014)
>>>> users of SU 5.6.0024 , which is hello level 13, will be offered self update of SU to the current release.
====
Your failure is here:
Info 2015-03-04 , 05:58:39
at Tvsu.Egather.EgatherExecutor.RunAsWindowsService(String directory, String command, String arguments)
Message: FileName Path: C:\Program Files (x86)\Lenovo\System Update\TvsuCommandLauncher.exe
Info 2015-03-04 , 05:58:39
at Tvsu.Egather.EgatherExecutor.ExecuteEgather(String fileOutput, String args)
Message: RC eGatherer: 0
Severe 2015-03-04 , 05:58:39
at Tvsu.Egather.EgatherManager.GetEgatherParser(String type)
Message: Unable to execute egather
Severe 2015-03-04 , 05:58:39
at Tvsu.Engine.Process.HelloProcess.Start()
Message: Error getting the Egather parser
Exception:
Message: Could not find file 'C:\Program Files (x86)\Lenovo\System Update\egather\sysrecomin.XML'
================
SU runs ia.exe(inventory agent) via tvsucommandlauncher via the SU service in windows services.
Expected output is the creation of two XML's:
'C:\Program Files (x86)\Lenovo\System Update\egather\sysrecomin.XML'
'C:\Program Files (x86)\Lenovo\System Update\egather\sysreco.XML'
These two .xmls contain information about your system such as machine type and model.
This message stated:
Message: RC eGatherer: 0
I dont think ia.exec ever got executed.
===
In c\programdata\lenovo\systemupdate\logs
Post
tvsu_exec.log
Tvsucommandlauncher.log
service.log (inside the SUservice logs folder).
Go into windows services, and find entry name System Update and make sure it is set to start type=manual..
==
DId your system ship from the factory with System Update installed?
Have you ever run a prior release of SU on your system with success, or is this your first time using Su on your system? -
Error logging into runtime user
My coworker recently added a new windows agent that is on a different domain than her Tidal master and is getting the error
*** Error logging into runtime user when she tries to run a job through Tidal.
She verified that the runtime user has the proper rights on the agent server, she logged onto the agent as the runtime user and ran the script from the job manually and it ran successfully.
Is there a known problem with using a runtime user that was created in domainA but trying to run a job on an agent server in domainB?
ThanksIt turns out that the problem was with the userid the agent service was running under. She changed the service to run with the Local System credentials and the problem was solved.
-
Hi
I have an SCCM 2012 SP1 CU3 installation on a Server 2008 R2 + SQL 2008 R2.
I'm having trouble delegating Reporting Services Web Access to a standard domain user.
I have followed the instructions from these blogs:
http://blog.coretech.dk/kea/creating-the-reporting-user-role-in-configmgr-2012/
http://www.wolffhaven45.com/blog/sccm/assigning-users-to-configmgr-reportusers-group-in-sccm-2012/
No matter how I try, I cannot get the reports to show for a standard domain user. In the console no reports are showing and in the web access I get
"User domain\user does not have required permissions........"
The only thing that is consistenly working when I test is to put the AD Group on the Security Role "Full Administrator".
Then everything will show up.
Any ideas on how to troubleshoot this?Thanks everyone for helping me with tips. I have now solved the problem. It was the permissions from SCCM that did not replicate to the Reporting Server.
In srsrp.log I got these error messages:
Could not retrieve the reporting service name for instance 'MSSQLSERVER'
Invalid class
Could not stop the reporting serviceAfter googling a litte I found these 2 sites with similiar problems:http://social.technet.microsoft.com/Forums/en-US/d4a7f93a-506f-4e3f-b5fc-bd2b087277da/ssrs-permissions-do-not-add?forum=configmanagergeneral
http://www.microtom.net/microsoft-system-center/software-distribution/sccm-2012-reporting-services-do-not-install
So I ran the command for SQL 2008 R2: mofcomp.exe C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqlmgmproviderxpsp2up.mof
and BAAM, everything started to work =)
/ALX -
SSAS issue with Domain user account
Hi
I have SSAS 2008 R2 set up running on Windows Server 2012 Standard.
The server is registered as a part of domain.
I have had an issue of domain user accounts accessing to a cube and it's starting to get worse. There has been no problem with a local user account (I set up a few for testing purpose).
I ran the role report from BIDS Helper and it finds all the domain user accounts invalid.
It looks like SSAS is not talking well with the domain server (Windows 2003 server standard) to verify user credentials. But the thing is that everyone is ok with the domain server except for SSAS. IT does not have a clue what's going on here and everything
is just pointing at me right now.
I'd like to know if there is anyway to monitor that communication between SSAS and domain server for user credential verification and any guideline on how to resolve it. Most of time, it just works again.. like 10 minitues later.. it resolves by itself.
But this time, not!!!
All I know is that 1. Registering the server as a part of domain 2. use domain user account to set the security.
MY IT department has set up network monitoring tool and says that they are 100% percent working (No connection loss. It's monitoring Active directory as well). The application installed is 'ManageEngine Applications Manager'
I don't know what to do here.
P.S Will it be related something like 'Error
while Add user to SSAS Server - The trust relationship between the primary domain and the trusted domain failed' but it's all the domain accounts including mine are not working.
Cheers!!!First check your DNS servers setting on the server you have SSAS installed. You should only use the IP addresses of the DNS servers (e.g. Domain Controllers) of your domain. Active Directory relies on proper DNS server settings. Adding public DNS servers,
even if they are on the bottom of the list, will mess up name resolving Active Directory names. This should have been done when IT had provisioned the server. Same goes for own workstation if you run your development/management software not on the server.
Second make sure SSAS is running under a service account that has access to Active Directory. This can be either a domain account, the local system account, or the network service account. Running SSAS under a local account or the local service account will
not work because local accounts do not have access to Active Directory. Running SSAS under either a Managed Service Account or a Virtual Account will not work because those features require the domain at least the Windows Server 2008 R2 functional
level.
Third make sure the account you use to log on to SSAS is a domain account and has appropriate permissions in SQL Server and SSAS. Local accounts and SQL Server account do not have access to Active Directory
Maybe you are looking for
-
Errors when trying to extract via UD Connect (BI 7.0)
Hi all, in a BI 7.0 system I can't select any UD Connect source object on the "Extraction" tab page of the DataSource maitenance screen. If I type the table name (which is "DICTIONARY") into it and then hit the "Proposal" tab page, I get the followin
-
Looking for answers/help to understand how can I "fix" this
Hola ...again I got a div nav with a color, a width and a high properties that are crossover with a line in my CSS Inspector If I hover on it, it dispaly this "background-color does not apply to your selection because it is not inherited. It is appli
-
I have problem with sharge to visa no accpted
Hi I have problem with sharge to visa no accpted
-
Month Difference - Function Module needed
Hi Experts, In my report, I am using mcs0-spmon as select options; one of my inputs where the user will enter month and year in the selection screen . e.g. 04.2008 to 07.2008 I want to calculate the month difference and it should not exceed 3 months.
-
Hi I have enrolled in the Microsoft IT academy, and was able to complete the work, when one day the check at the beginning no longer detected acrobat reader plugin. i updated and reinstalled acrobat reader, but it is still not picking up the plugin.