Terrible error with kerberos, win2003 - Checksum failed!
Now i'm trying to use CAS SSO with kerberos for authentication.
I done all settings by instruction, see this tutorial http://www.ja-sig.org/wiki/display/CASUM/SPNEGO.
So, the error is: Failure unspecified at GSS-API level (Mechanism level: Checksum failed).
I guess, there is a problem with encryption type, but i don't know how to resolve it. Please help
My stacktrace shown below:
Caused by: GSSException: Failure unspecified at GSS-API level (Mechanism level:
Checksum failed)
at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:
741)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java
:323)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java
:267)
... 75 more
Caused by: KrbException: Checksum failed
at sun.security.krb5.internal.crypto.ArcFourHmacEType.decrypt(ArcFourHma
cEType.java:85)
at sun.security.krb5.internal.crypto.ArcFourHmacEType.decrypt(ArcFourHma
cEType.java:77)
at sun.security.krb5.EncryptedData.decrypt(EncryptedData.java:168)
at sun.security.krb5.KrbApReq.authenticate(KrbApReq.java:267)
at sun.security.krb5.KrbApReq.<init>(KrbApReq.java:134)
at sun.security.jgss.krb5.InitSecContextToken.<init>(InitSecContextToken
.java:79)
at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:
724)
... 77 more
Caused by: java.security.GeneralSecurityException: Checksum failed
at sun.security.krb5.internal.crypto.dk.ArcFourCrypto.decrypt(ArcFourCry
pto.java:388)
at sun.security.krb5.internal.crypto.ArcFourHmac.decrypt(ArcFourHmac.jav
a:74)
at sun.security.krb5.internal.crypto.ArcFourHmacEType.decrypt(ArcFourHma
cEType.java:83)
... 83 more
Thank you for advice, my friend.
I have analyzed info in TGS-REQ request, but i could not find any SPN in it.
Please see this screenshot and say me: where is needed SPN in ticket?
Here is my full configuration:
[logging]
[libdefaults]
ticket_lifetime = 24000
default_realm = MYCORP.KUBA
dns_lookup_kdc = true
dns_lookup_realm = true
default_tkt_enctypes = rc4-hmac des3-hmac-sha1 des-cbc-crc
default_tgs_enctypes = rc4-hmac des3-hmac-sha1 des-cbc-crc
[realms]
MYCORP.KUBA = {
kdc = mycorp.kuba:88
admin_server = mycorp.kuba:749
default_domain = mycorp.kuba
[domain_realm]
.mycorp.kuba = MYCORP.KUBA
mycorp.kuba = MYCORP.KUBA
[domain_realm]
.mycorp.kuba = MYCORP.KUBA
[appdefaults]
autologin = true
forward = true
forwardable = true
encrypt = true
<bean class="org.jasig.cas.support.spnego.authentication.handler.support.JCIFSConfig"
p:jcifsDomainController="xxx"
p:jcifsNetbiosWins="xxx"
p:jcifsServicePrincipal="HTTP/MYUSER.mycorp.kuba"
p:jcifsServicePassword="secret"
p:useSubjectCredsOnly="true"
p:kerberosDebug="true"
p:kerberosRealm="MYCORP.KUBA"
p:kerberosKdc="xxx"
p:kerberosConf="c:/winnt/krb5.conf"
p:loginConf="C:/mypath/WEB-INF/login.conf"
/>
jcifs.spnego.initiate {
com.sun.security.auth.module.Krb5LoginModule
required
debug=true
realm="MYCORP.KUBA"
principal="HTTP/MYUSER.mycorp.kuba"
storeKey=true
doNotPrompt=false
client=true
refreshKrb5Config=true
storePass=true
isInitiator=false
useKeyTab=true
useTicketCache=false
keyTab="c:\a.keytab"
jcifs.spnego.accept {
com.sun.security.auth.module.Krb5LoginModule
required
debug=true
realm="MYCORP.KUBA"
principal="HTTP/MYUSER.mycorp.kuba"
storeKey=true
doNotPrompt=false
client=true
refreshKrb5Config=true
storePass=true
isInitiator=false
useKeyTab=true
useTicketCache=false
keyTab="c:\a.keytab"
setspn -A HTTP/MYUSER.mycorp.kuba myuser
ktpass -out a.keytab -princ HTTP/[email protected] -pass secret -mapuser [email protected] -ptype krb5_nt_principal -crypto RC4-HMAC-NTWhat is wrong with it? Please correct it if you can?
Similar Messages
-
Error with VF02-header-output fails
Hi all
Vf02 is giving some errors, when you try to print the invoice via header-output
it complains that it failed to process
and when i try to get the detailed log
it says can not load the graphics!!
i checked se78 to find out the graphics but could not succeed much
this sis a smartform i think
can you please give some advise?hi sai
how can you check whether the graphic fits in smartforms?
i have not done smartforms before
please let me know -
Notification Center error with "apsd: MIG demux failed"
This error is flooding:
1/16/13 11:12:41.029 PM apsd[33669]: MIG demux failed. This message ID is invalid: 0x72fd8
killing apsd doesn't help.
I cannot open Notification Center by the icon on the menu bar, while two-finger gesture can. But I cannot close that, and cmd+tab, space switching, dock don't work, until "killall -HUP Dock". Well, the error message is still there.
I'm running OS X 10.8.3 (12D50)I don't know if problems in beta version should be posted here...
-
Checksum failed while authenticating via Kerberos
Hi All,
I having a problem getting authentication using kerberos to work, I get the message checksum failed. The environment is Windows 2008 Server as DC and IE 8 as client and the application is running inside JBoss (in this case I am using the negotiation-toolkit) and the following trace is in the server.log. Can someone point me in the right direction for solving this problem, i've configured two local environments using w2k3 and w2k8 which are both working just fine but in the customers network it fails with the following trace:
l
2011-03-30 11:33:21,845 TRACE [org.jboss.security.SecurityRolesAssociation] (http-0.0.0.0-8888-1) Setting threadlocal:{}
2011-03-30 11:33:21,846 TRACE [org.jboss.security.plugins.authorization.JBossAuthorizationContext] (http-0.0.0.0-8888-1) Control flag for entry:org.jboss.security.authorization.config.AuthorizationModuleEntry{org.jboss.security.authorization.modules.DelegatingAuthorizationModule:{}REQUIRED}is:[REQUIRED]
2011-03-30 11:33:21,846 TRACE [org.jboss.security.negotiation.NegotiationAuthenticator] (http-0.0.0.0-8888-1) Authenticating user
2011-03-30 11:33:21,846 DEBUG [org.jboss.security.negotiation.NegotiationAuthenticator] (http-0.0.0.0-8888-1) Header - Negotiate 2011-03-30 11:33:21,847 TRACE [org.jboss.security.negotiation.common.MessageTrace.Request.Base64] (http-0.0.0.0-8888-1) 2011-03-30 11:33:21,847 TRACE [org.jboss.security.negotiation.common.MessageTrace.Request.Hex] (http-0.0.0.0-8888-1)2011-03-30 11:33:21,848 TRACE [org.jboss.security.negotiation.common.NegotiationContext] (http-0.0.0.0-8888-1) associate 176127440
2011-03-30 11:33:21,850 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.SPNEGO] (http-0.0.0.0-8888-1) Begin isValid, principal:FFE8282EB0A470619839BBD7EDF16A5E, cache info: null
2011-03-30 11:33:21,850 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.SPNEGO] (http-0.0.0.0-8888-1) defaultLogin, principal=FFE8282EB0A470619839BBD7EDF16A5E
2011-03-30 11:33:21,850 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (http-0.0.0.0-8888-1) Begin getAppConfigurationEntry(SPNEGO), size=13
2011-03-30 11:33:21,850 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (http-0.0.0.0-8888-1) End getAppConfigurationEntry(SPNEGO), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.negotiation.spnego.SPNEGOLoginModule
ControlFlag: LoginModuleControlFlag: requisite
Options:
name=serverSecurityDomain, value=host
name=password-stacking, value=useFirstPass
[1]
LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:
name=usersProperties, value=props/spnego-users.properties
name=rolesProperties, value=props/spnego-roles.properties
name=password-stacking, value=useFirstPass
2011-03-30 11:33:21,850 TRACE [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] (http-0.0.0.0-8888-1) initialize
2011-03-30 11:33:21,850 TRACE [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] (http-0.0.0.0-8888-1) Security domain: SPNEGO
2011-03-30 11:33:21,850 DEBUG [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] (http-0.0.0.0-8888-1) serverSecurityDomain=host
2011-03-30 11:33:21,850 TRACE [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] (http-0.0.0.0-8888-1) login
2011-03-30 11:33:21,850 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (http-0.0.0.0-8888-1) Begin getAppConfigurationEntry(host), size=13
2011-03-30 11:33:21,850 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (http-0.0.0.0-8888-1) End getAppConfigurationEntry(host), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: com.sun.security.auth.module.Krb5LoginModule
ControlFlag: LoginModuleControlFlag: required
Options:
name=principal, value=host/[email protected]
name=useKeyTab, value=true
name=storeKey, value=true
name=keyTab, value=/DATA/jbossserver.host.keytab
name=debug, value=true
name=doNotPrompt, value=true
2011-03-30 11:33:21,850 INFO [STDOUT] (http-0.0.0.0-8888-1) Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator true KeyTab is /DATA/jbossserver.host.keytab refreshKrb5Config is false principal is host/[email protected] tryFirstPass is false useFirstPass is false storePass is false clearPass is false
2011-03-30 11:33:21,850 INFO [STDOUT] (http-0.0.0.0-8888-1) KeyTab instance already exists
2011-03-30 11:33:21,850 INFO [STDOUT] (http-0.0.0.0-8888-1) Added key: 23version: 4
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) Ordering keys wrt default_tkt_enctypes list
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) Using builtin default etypes for default_tkt_enctypes
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) default etypes for default_tkt_enctypes:
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) 3
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) 1
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) 23
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) 16
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) 17
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) .
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) principal's key obtained from the keytab
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) Acquire TGT using AS Exchange
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) Using builtin default etypes for default_tkt_enctypes
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) default etypes for default_tkt_enctypes:
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) 3
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) 1
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) 23
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) 16
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) 17
2011-03-30 11:33:21,851 INFO [STDOUT] (http-0.0.0.0-8888-1) .
2011-03-30 11:33:21,852 INFO [STDOUT] (http-0.0.0.0-8888-1) >>> KrbAsReq calling createMessage
2011-03-30 11:33:21,852 INFO [STDOUT] (http-0.0.0.0-8888-1) >>> KrbAsReq in createMessage
2011-03-30 11:33:21,852 INFO [STDOUT] (http-0.0.0.0-8888-1) >>> KrbKdcReq send: kdc=rm-hq-dc1.shipyard.local UDP:88, timeout=30000, number of retries =3, #bytes=158
2011-03-30 11:33:21,852 INFO [STDOUT] (http-0.0.0.0-8888-1) >>> KDCCommunication: kdc=rm-hq-dc1.shipyard.local UDP:88, timeout=30000,Attempt =1, #bytes=158
2011-03-30 11:33:21,853 INFO [STDOUT] (http-0.0.0.0-8888-1) >>> KrbKdcReq send: #bytes read=633
2011-03-30 11:33:21,854 INFO [STDOUT] (http-0.0.0.0-8888-1) >>> KrbKdcReq send: #bytes read=633
2011-03-30 11:33:21,854 INFO [STDOUT] (http-0.0.0.0-8888-1) >>> EType: sun.security.krb5.internal.crypto.ArcFourHmacEType
2011-03-30 11:33:21,854 INFO [STDOUT] (http-0.0.0.0-8888-1) >>> KrbAsRep cons in KrbAsReq.getReply host/jbossserver
2011-03-30 11:33:21,855 INFO [STDOUT] (http-0.0.0.0-8888-1) principal is host/[email protected]
2011-03-30 11:33:21,855 INFO [STDOUT] (http-0.0.0.0-8888-1) EncryptionKey: keyType=23 keyBytes (hex dump)=0000: 4F C6 44 97 D0 B8 9C 96 A9 79 5B 87 EB 44 71 33 O.D......y[..Dq3
2011-03-30 11:33:21,855 INFO [STDOUT] (http-0.0.0.0-8888-1) Added server's keyKerberos Principal host/[email protected] Version 4key EncryptionKey: keyType=23 keyBytes (hex dump)=
0000: 4F C6 44 97 D0 B8 9C 96 A9 79 5B 87 EB 44 71 33 O.D......y[..Dq3
2011-03-30 11:33:21,855 INFO [STDOUT] (http-0.0.0.0-8888-1) [Krb5LoginModule] added Krb5Principal host/[email protected] to Subject
2011-03-30 11:33:21,855 INFO [STDOUT] (http-0.0.0.0-8888-1) Commit Succeeded
2011-03-30 11:33:21,858 DEBUG [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] (http-0.0.0.0-8888-1) Subject = Subject:
Principal: host/[email protected]
Private Credential: Ticket (hex) =
0000: 61 82 01 1F 30 82 01 1B A0 03 02 01 05 A1 13 1B a...0...........
0120: 9E 96 D4 ...
Client Principal = host/[email protected]
Server Principal = krbtgt/[email protected]
Session Key = EncryptionKey: keyType=23 keyBytes (hex dump)=
0000: 81 5B 77 9E C3 74 46 AC 87 26 B0 00 5C B6 56 6E .[w..tF..&..\.Vn
Forwardable Ticket false
Forwarded Ticket false
Proxiable Ticket false
Proxy Ticket false
Postdated Ticket false
Renewable Ticket false
Initial Ticket false
Auth Time = Wed Mar 30 11:33:17 CEST 2011
Start Time = Wed Mar 30 11:33:17 CEST 2011
End Time = Wed Mar 30 21:33:17 CEST 2011
Renew Till = null
Client Addresses Null
Private Credential: Kerberos Principal host/[email protected] Version 4key EncryptionKey: keyType=23 keyBytes (hex dump)=
0000: 4F C6 44 97 D0 B8 9C 96 A9 79 5B 87 EB 44 71 33 O.D......y[..Dq3
2011-03-30 11:33:21,858 DEBUG [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] (http-0.0.0.0-8888-1) Logged in 'host' LoginContext
2011-03-30 11:33:21,858 DEBUG [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] (http-0.0.0.0-8888-1) Creating new GSSContext.
2011-03-30 11:33:21,866 INFO [STDOUT] (http-0.0.0.0-8888-1) Found key for host/[email protected](23)
2011-03-30 11:33:21,867 INFO [STDOUT] (http-0.0.0.0-8888-1) Entered Krb5Context.acceptSecContext with state=STATE_NEW
2011-03-30 11:33:21,868 INFO [STDOUT] (http-0.0.0.0-8888-1) >>> EType: sun.security.krb5.internal.crypto.ArcFourHmacEType
2011-03-30 11:33:21,869 ERROR [STDERR] (http-0.0.0.0-8888-1) Checksum failed !
2011-03-30 11:33:21,870 TRACE [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] (http-0.0.0.0-8888-1) Result - GSSException: Failure unspecified at GSS-API level (Mechanism level: Checksum failed)
2011-03-30 11:33:21,870 ERROR [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] (http-0.0.0.0-8888-1) Unable to authenticate
GSSException: Failure unspecified at GSS-API level (Mechanism level: Checksum failed)
at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:741)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:323)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:267)
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule$AcceptSecContext.run(SPNEGOLoginModule.java:294)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:337)
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:118)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:552)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:486)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebRealm.java:384)
at org.jboss.security.negotiation.NegotiationAuthenticator.authenticate(NegotiationAuthenticator.java:127)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)
Caused by: KrbException: Checksum failed
at sun.security.krb5.internal.crypto.ArcFourHmacEType.decrypt(ArcFourHmacEType.java:85)
at sun.security.krb5.internal.crypto.ArcFourHmacEType.decrypt(ArcFourHmacEType.java:77)
at sun.security.krb5.EncryptedData.decrypt(EncryptedData.java:168)
at sun.security.krb5.KrbApReq.authenticate(KrbApReq.java:267)
at sun.security.krb5.KrbApReq.<init>(KrbApReq.java:134)
at sun.security.jgss.krb5.InitSecContextToken.<init>(InitSecContextToken.java:79)
at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:724)
... 35 more
Caused by: java.security.GeneralSecurityException: Checksum failed
at sun.security.krb5.internal.crypto.dk.ArcFourCrypto.decrypt(ArcFourCrypto.java:388)
at sun.security.krb5.internal.crypto.ArcFourHmac.decrypt(ArcFourHmac.java:74)
at sun.security.krb5.internal.crypto.ArcFourHmacEType.decrypt(ArcFourHmacEType.java:83)
... 41 more
2011-03-30 11:33:21,871 INFO [STDOUT] (http-0.0.0.0-8888-1) [Krb5LoginModule]: Entering logout
2011-03-30 11:33:21,871 INFO [STDOUT] (http-0.0.0.0-8888-1) [Krb5LoginModule]: logged out Subject
2011-03-30 11:33:21,872 TRACE [org.jboss.security.negotiation.spnego.SPNEGOLoginModule] (http-0.0.0.0-8888-1) abort
2011-03-30 11:33:21,872 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] (http-0.0.0.0-8888-1) initialize
2011-03-30 11:33:21,872 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] (http-0.0.0.0-8888-1) Security domain: SPNEGO
2011-03-30 11:33:21,872 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] (http-0.0.0.0-8888-1) findResource: null
2011-03-30 11:33:21,872 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] (http-0.0.0.0-8888-1) Properties file=vfsfile:/DATA/jboss-5.1.0.GA/server/default/conf/props/spnego-users.properties, defaults=null
2011-03-30 11:33:21,872 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] (http-0.0.0.0-8888-1) Loaded properties, users=[]
2011-03-30 11:33:21,872 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] (http-0.0.0.0-8888-1) findResource: null
2011-03-30 11:33:21,872 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] (http-0.0.0.0-8888-1) Properties file=vfsfile:/DATA/jboss-5.1.0.GA/server/default/conf/props/spnego-roles.properties, defaults=null
2011-03-30 11:33:21,872 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] (http-0.0.0.0-8888-1) Loaded properties, users=[[email protected], [email protected]]
2011-03-30 11:33:21,872 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] (http-0.0.0.0-8888-1) abort
2011-03-30 11:33:21,872 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.SPNEGO] (http-0.0.0.0-8888-1) Login failure
javax.security.auth.login.LoginException: Unable to authenticate - Failure unspecified at GSS-API level (Mechanism level: Checksum failed)
at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:141)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:552)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:486)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebRealm.java:384)
at org.jboss.security.negotiation.NegotiationAuthenticator.authenticate(NegotiationAuthenticator.java:127)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)
2011-03-30 11:33:21,873 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.SPNEGO] (http-0.0.0.0-8888-1) End isValid, false
2011-03-30 11:33:21,873 TRACE [org.jboss.security.negotiation.common.NegotiationContext] (http-0.0.0.0-8888-1) clear 176127440
2011-03-30 11:33:21,873 TRACE [org.jboss.security.SecurityRolesAssociation] (http-0.0.0.0-8888-1) Setting threadlocal:null
2011-03-30 11:33:21,873 TRACE [org.jboss.security.SecurityRolesAssociation] (http-0.0.0.0-8888-1) Setting threadlocal:nullThanks! That did the trick.
For those who aren't sure what we're talking about, here are the details. In the inspector tab of the user's record in Workgroup Manager, there's an item called AuthenticationAuthority. For servers that use Kerberos, it should have at least two attributes, one for ApplePasswordServer and one for Kerberos.
The Kerberos entry should look something like this:
;Kerberosv5;0x4de7dafb19f92bf00000008b0000207c;[email protected];
MYSERVER.MYDOMAIN.COM;1024 35 1501888096699469040706569854027123220425732604738787130135110270232071940183724 3
78199029604219894640418726569868666187867257570714183982184166144733112632082318
21356466533532379022305132046121848691642928615842396713606475071069113591094835
025483043226511805720826544139932983788313141311383927555379596135211 [email protected]:123.45.67.89
When you copy the attribute from a working user, there are two items that need to be changed (assuming you have only one kerberos realm). The first item is the long string of letters and numbers after ;Kerberosv5; in the first line. That's the user's UUID. The second is the user's short name ("fred" in the example above). The easiest way to make the changes is to paste the attribute into a text editor (TextEdit, or TextWrangler if you have it). Copy the user's UUID from the problematic account, and paste it over the one in the text you previously copied and pasted. Then change the short name to match the problematic user. Then copy the entire block from your text editor, select AuthenticationAuthority and click the New Value button. Click in the Text: field and paste. The Hex field will take care of itself. Click OK, then Save your changes.
Of course before you start making changes like this to your directory, make sure you have a good back up to revert back to in case something gets messed up. -
SSPI handshake failed with error code 0x8009030c and Login failed for user''
I got the following error when tried to connect to local machine in the
non-domain environment with Windows Authentication by SSMS.
"SSPI handshake failed with error code 0x8009030c while establishing a connection with integrated security."
"Login failed for user''. the user is nothing associated with a trusted SQL server connection."
questions
1,if I saw the "SSPI handshake failed ", does it means it must used Kerberos but failed? or it is also possible used the NTLM but failed?
2,Any ideas for this issue?
Please click the Mark as Answer button if a post solves your problem!Hi Michael,
Firstly, "SSPI Handshake Failed" error happens usually when connection failed between the server and domain controllers or failed Kerberos authentication. For more details about "SSPI Handshake Failed" error, please review this
FAQ.
Secondly, regarding to your error message, it could be caused by loopback check. To resolve the issue, please set the DisableLoopbackCheck registry entry to 1 by performing the following steps.
1.Click Start, click Run, type regedit, and then click OK.
2.Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
3.Right-click Lsa, point to New, and then click DWORD Value.
4.Type DisableLoopbackCheck, and then press ENTER.
5.Right-click DisableLoopbackCheck, and then click Modify.
6.In the Value data box, type 1, and then click OK.
7.Exit Registry Editor.
8.Restart the computer.
There is a similar blog about your scenario for your reference.
http://www.bhcblog.com/2009/10/08/fix-for-login-failed-for-user-the-user-is-not-associated-with-a-trusted-sql-server-connection/
Thanks,
Lydia Zhang
If you have any feedback on our support, please click
here.
Lydia Zhang
TechNet Community Support -
Remote PowerShell Connection to Lync Server With Kerberos authentication Fails
Hi everyone ,
Remote PowerShell to Lync Server With Kerberos authentication Fails .. Is there any reason for not being able to connect when authentication specified as Kerberos . But exactly same code works when Authentication is specified as "Negotiate"
E.g :
Error -
$session=New-PSSession -ConfigurationName Microsoft.Powershell -ConnectionUri https://serverName.lync.com/ocspowershell/ -Credential $cred -Authentication Kerberos
[serverName.lync.com] Connecting to remote server failed with the following error message : The WinRM client cannot process the request. The authentication mechanism requested by the client is not supported by the server or unencrypted traffic is disabled in
the service configuration. Verify the unencrypted traffic setting in the service configuration or specify one of the authentication mechanisms supported by the server. To use Kerberos, specify the computer name as the remote destination. Also verify
that the client computer and the destination computer are joined to a domain.To use Basic, specify the computer name as the remote destination, specify Basic authentication and provide user name and password. Possible authentication mechanisms reported by
server: Digest Negotiate For more information, see the about_Remote_Troubleshooting Help topic.
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [], PSRemotingTransportExc
eption
+ FullyQualifiedErrorId : PSSessionOpenFailed
Works -
$session=New-PSSession -ConfigurationName Microsoft.Powershell -ConnectionUri https://serverName.lync.com/ocspowershell/ -Credential $cred -Authentication NegotiateHi,
Please double check if Windows Update is the latest version, if not, please update and then test again.
Please also ensure that the workstation you are using has network access to the Certificate Authority that signed the certificate.
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support -
Exchange Management Console couldn't start with Kerberos authentication failed
When I was making changes to Client Access\owa settings, chaning from Basic authentication to Form authentication (upn name) then changed to Basic again. It was ok after changing to Form authentication but moment after changing back to Basic, I couldn't
no longer access owa (blank page when one vertical line) and in Exchange Management Console, I got "Initialization failed" - The following error occured while attempting to connect to the specified Exchange server 'sgp-ex1.mydomain.com':
The attempt to connect to http://sgp-ex1.mydomain.com/powershell using "Kerberos" authentication failed: Connecting to the remote server failed with the following error message: The WinRM client cannto process
the request. It cannot determine the content type of the HTTP response from the destination computer. The content type is absent or invalid. For more information, see the about_Remote_Troubleshooting Help topic.
I tried the troubleshooting tool from Exchange team blog:
http://blogs.technet.com/b/exchange/archive/2010/12/07/3411644.aspx. It give 3 possible causes for this error: 1. WSMan module entry is missing from global module section of c:\Windows\System32\InetSrv\Config\ApplicationHost.config; 2. Kerbauth module shows
up as Managed module or has been loaded in the Default Web Site Level; 3. The Path of the Powershell virtual directory has been modified.
I checked carefully, all the 3 causes do not apply to my situation as WSman entry is in order, the Kerbauth is native and local and the path of Powershell virtual directory is correct.
I find that in Application log, there are Event 2297 and 2307 dumped at the time of failure:
The worker process for application pool 'MSExchangeSyncAppPool' encountered an error 'Confiugration file in not well-formed XML' trying to read configuration data from file '\\?\C:\inetpubl\temp\apppools\MSExchangeSyncAppPool\MSExchangeSyncAppPool.config',
line number '2'. The data field contains the error code.
Help is very much appreciated.
Valuable skills are not learned, learned skills aren't valuable.Unfortunately, all the links you provided didn't help.
The first link contains 3 methods:1 Removing WinRM feature and reinstalling. 2 Rename the web.config file in location C:\inetpub\wwwroot 3 Have you installed Microsoft Dynamics CRM 4. I?
As my server is Windows 2008 R2, the first method does not apply. I couldn't find any web.config in c:\Inetpub\wwwroot. The web.config however is found in many times in .netframework and winsxs directories. The 3rd method doesn't apply as I don't have CRM.
The 2nd link contains 3 possible causes. The first 2 are the same as the ones I mentioned in my initial post. I couldn't verify the last cause because when open Exchange Management Shell, I got this error: [sgp.ex1.mydomain.com] connecting to remote server
failed with the following server failed with the following error message: The WinRM client cannot process the request, it cannot determine the content type of the HTTP response from the destination computer. The content type is absent or invalide. For more
information, see the about_Remote_Troubleshooting Help topic.
I do not think the user is not remote powershell enabled because the problem happened suddenly, while I was making changes to Authentication settings of OWA(default) in Client Access in Exchange Management Console. If the user account is not remote powershell
enabled, then I couldn't event connect to EMC in the first place.
The last link didn't help because I could open up modules under PowerShell virtual directory in IIS.
I think since the event log is saying MSExchangeSyncAppPool.config and DefaultAppPool.config not well-formed XML, that might be a clue.
In the event id 2307 this is the message:
The worker process for application pool 'DefaultAppPool' encountered an error 'Configuration file is not well-formed XML
' trying to read configuration data from file '\\?\C:\inetpub\temp\apppools\DefaultAppPool\DefaultAppPool.config', line number '2'. The data field contains the error code.
Valuable skills are not learned, learned skills aren't valuable. -
I got an issue with OS of widows 7.
unable to scan documents to user's PC.am getting error message "Authentication with the destination has failed. Check settings. To check the current status, press [Scanned Files Status
Other Windows xp PC can do this.
How can I fix this problem?
Printer Model :C2051 /mp2001spHi,
I searched for the error and it is mentioned in Ricoh's website:
Messages Displayed on the Control Panel When Using the Scanner Function
http://support.ricoh.com/bb_v1oi/pub_e/oi_view/0001045/0001045718/view/trouble/int/0036.htm
Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
Message
Cause
Solution
“Authentication with the destination has failed. Check settings. To check the current status, press [Comm. Status/Print].”
The entered login user name or login password is not correct.
Check that the user name and password are correct.
Check that the ID and password for the destination folder are correct.
A password of 128 or more characters may not be recognized.
From the solution, it mentioned that the issue could relate to user account or its password.
Please let me know if it is in domain environment. If so, please test to log the same user account currently on Windows 7 to Windows XP and see if issue persists.
Also please test to directly access the scanning folder on printer server to see if there is any issue in accessing the destination folder. -
The Volume Shadow Copy service initially was running under the context of System, so we thought that ‘System’ doesn’t have permissions to access network shares.
When the Volume Shadow Copy service was running under the context of System, this was the error logged:
“failed with following error code '0x8078014B' (There was a failure in creating a directory on the backup storage location.).”
Which is likely due to not having permissions to write to the network location.
This is a scheduled backup trying to write to a network location, so we changes the service to run under the context of an account that does have permissions to write to the network share.
Then the error changed to this:
“failed with following error code '0x8078006B' (Windows Backup failed to create the shared protection point on the source volumes.).”
HRESULT 0x8078006b
DetailedHRESULT 0x8004230f
ErrorMessage %%2155348075
BackupState 12
VolumesInfo <VolumeInfo><VolumeInfoItem Name="C:" OriginalAccessPath="C:" State="15" HResult="-2139619228" DetailedHResult="0" PreviousState="0" IsCritical="1" IsIncremental="0"
BlockLevel="0" HasFiles="1" HasSystemState="0" IsCompacted="0" IsPruned="0" IsRecreateVhd="0" FullBackupReason="0" DataTransferred="0" NumUnreadableBytes="0" TotalSize="0"
TotalNoOfFiles="0" Flags="1604" BackupTypeDetermined="0" SSBTotalNoOfFiles="0" SSBTotalSizeOnDisk="0" /><VolumeInfoItem Name="D:" OriginalAccessPath="D:" State="15" HResult="-2139619228"
DetailedHResult="0" PreviousState="0" IsCritical="0" IsIncremental="0" BlockLevel="0" HasFiles="1" HasSystemState="0" IsCompacted="0" IsPruned="0" IsRecreateVhd="0"
FullBackupReason="0" DataTransferred="0" NumUnreadableBytes="0" TotalSize="0" TotalNoOfFiles="0" Flags="68" BackupTypeDetermined="0" SSBTotalNoOfFiles="0" SSBTotalSizeOnDisk="0"
/></VolumeInfo>
We aren’t really seeing anything that gives any hint on what the issue is.
Any ideas? Thanks in advance!We are trying to back up folders/files from 2 local drives (C: & D:), both of which have only 10% space used, and 100 GB free.
We are attempting to back the files up to a Remote Shared File (and there is 100+ GB free space out there).
If we try another network location, we receive the exact same error.
This is Windows Server 2012, not running Hyper-V and is a physical server not a VM.
Thank you for the link.
Looking in:
Event Viewer / Application and Service Logs / Microsoft / Windows / Backup / Operational
But it doesn’t seem to give any more details:
Log Name:
Microsoft-Windows-Backup
Source:
Microsoft-Windows-Backup
Date:
7/8/2013 8:00:12 PM
Event ID:
5
Task Category: None
Level:
Error
Keywords:
User:
SYSTEM
Computer:
servername.edu
Description:
The backup operation that started at '2013-07-09T02:00:06.273000000Z' has failed with following error code '0x8078006B' (Windows Backup failed to create the shared protection point on the source volumes.).
Please review the event details for a solution, and then rerun the backup operation once the issue is resolved.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Backup" Guid="{1DB28F2E-8F80-4027-8C5A-A11F7F10F62D}" />
<EventID>5</EventID>
<Version>3</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x4000000000000000</Keywords>
<TimeCreated SystemTime="2013-07-09T02:00:12.872602100Z" />
<EventRecordID>30</EventRecordID>
<Correlation />
<Execution ProcessID="3028" ThreadID="3996" />
<Channel>Microsoft-Windows-Backup</Channel>
<Computer>servername.edu</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="BackupTemplateID">{A421E864-A115-4288-8D12-F4878CF8A248}</Data>
<Data Name="HRESULT">0x8078006b</Data>
<Data Name="DetailedHRESULT">0x8004230f</Data>
<Data Name="ErrorMessage">%%2155348075</Data>
<Data Name="BackupState">12</Data>
<Data Name="BackupTime">2013-07-09T02:00:06.273000000Z</Data>
<Data Name="BackupTarget">\\servername\BACKUP</Data>
<Data Name="NumOfVolumes">2</Data>
<Data Name="VolumesInfo"><VolumeInfo><VolumeInfoItem Name="C:" OriginalAccessPath="C:" State="15" HResult="-2139619228" DetailedHResult="0" PreviousState="0" IsCritical="1" IsIncremental="0" BlockLevel="0" HasFiles="1" HasSystemState="0"
IsCompacted="0" IsPruned="0" IsRecreateVhd="0" FullBackupReason="0" DataTransferred="0" NumUnreadableBytes="0" TotalSize="0" TotalNoOfFiles="0" Flags="1604" BackupTypeDetermined="0" SSBTotalNoOfFiles="0" SSBTotalSizeOnDisk="0" /><VolumeInfoItem
Name="D:" OriginalAccessPath="D:" State="15" HResult="-2139619228" DetailedHResult="0" PreviousState="0" IsCritical="0" IsIncremental="0" BlockLevel="0" HasFiles="1" HasSystemState="0" IsCompacted="0" IsPruned="0" IsRecreateVhd="0" FullBackupReason="0" DataTransferred="0"
NumUnreadableBytes="0" TotalSize="0" TotalNoOfFiles="0" Flags="68" BackupTypeDetermined="0" SSBTotalNoOfFiles="0" SSBTotalSizeOnDisk="0" /></VolumeInfo></Data>
<Data Name="SourceSnapStartTime">2013-07-09T02:00:06.289250300Z</Data>
<Data Name="SourceSnapEndTime">1601-01-01T00:00:00.000000000Z</Data>
<Data Name="PrepareBackupStartTime"><TimesList><Time Time="1601-01-01T00:00:00.000Z" /><Time Time="1601-01-01T00:00:00.000Z" /></TimesList></Data>
<Data Name="PrepareBackupEndTime"><TimesList><Time Time="1601-01-01T00:00:00.000Z" /><Time Time="1601-01-01T00:00:00.000Z" /></TimesList></Data>
<Data Name="BackupWriteStartTime"><TimesList><Time Time="1601-01-01T00:00:00.000Z" /><Time Time="1601-01-01T00:00:00.000Z" /></TimesList></Data>
<Data Name="BackupWriteEndTime"><TimesList><Time Time="1601-01-01T00:00:00.000Z" /><Time Time="1601-01-01T00:00:00.000Z" /></TimesList></Data>
<Data Name="TargetSnapStartTime">1601-01-01T00:00:00.000000000Z</Data>
<Data Name="TargetSnapEndTime">1601-01-01T00:00:00.000000000Z</Data>
<Data Name="DVDFormatStartTime"><TimesList></TimesList></Data>
<Data Name="DVDFormatEndTime"><TimesList></TimesList></Data>
<Data Name="MediaVerifyStartTime"><TimesList></TimesList></Data>
<Data Name="MediaVerifyEndTime"><TimesList></TimesList></Data>
<Data Name="BackupPreviousState">2</Data>
<Data Name="ComponentStatus"><ComponentStatus></ComponentStatus></Data>
<Data Name="ComponentInfo"><ComponentInfo></ComponentInfo></Data>
<Data Name="SSBEnumerateStartTime">1601-01-01T00:00:00.000000000Z</Data>
<Data Name="SSBEnumerateEndTime">1601-01-01T00:00:00.000000000Z</Data>
<Data Name="SSBVhdCreationStartTime">1601-01-01T00:00:00.000000000Z</Data>
<Data Name="SSBVhdCreationEndTime">1601-01-01T00:00:00.000000000Z</Data>
<Data Name="SSBBackupStartTime">1601-01-01T00:00:00.000000000Z</Data>
<Data Name="SSBBackupEndTime">1601-01-01T00:00:00.000000000Z</Data>
<Data Name="SystemStateBackup"><SystemState IsPresent="0" HResult="0" DetailedHResult="0" /></Data>
<Data Name="BMR"><BMR IsPresent="0" HResult="0" DetailedHResult="0" /></Data>
<Data Name="VssFullBackup">false</Data>
<Data Name="UserInputBMR">false</Data>
<Data Name="UserInputSSB">false</Data>
<Data Name="BackupSuccessLogPath">
</Data>
<Data Name="BackupFailureLogPath">
</Data>
<Data Name="EnumerateBackupStartTime"><TimesList><Time Time="1601-01-01T00:00:00.000Z" /><Time Time="1601-01-01T00:00:00.000Z" /></TimesList></Data>
<Data Name="EnumerateBackupEndTime"><TimesList><Time Time="1601-01-01T00:00:00.000Z" /><Time Time="1601-01-01T00:00:00.000Z" /></TimesList></Data>
<Data Name="PruneBackupStartTime"><TimesList><Time Time="1601-01-01T00:00:00.000Z" /><Time Time="1601-01-01T00:00:00.000Z" /></TimesList></Data>
<Data Name="PruneBackupEndTime"><TimesList><Time Time="1601-01-01T00:00:00.000Z" /><Time Time="1601-01-01T00:00:00.000Z" /></TimesList></Data>
<Data Name="BackupFlags">0x9</Data>
<Data Name="ComponentInfoSummary"><ComponentInfoSummary ComponentInfoArrayPresent="1" TotalComponents="0" SucceededComponents="0" /></Data>
</EventData>
</Event> -
Import error imp-00017: following statement failed with oracle error 1659:
Hi all,
I am trying to import a file (dmp) which is of 1.63GB size,
when I type
imp
dbname/pwd@db
c:\filepath
30720
no
no
yes
yes
yes
I am getting the error imp-00017: following statement failed with oracle error 1659:
-- end it says Ora-01659 unable to allocate minextents beyond 1 in tablespace USERS
--unable to create INITIAL extent for segment in tablespace USERS
--import terminated successfully with warnings
when I looked into
select maxbytes,file_name from dba_data_files where tablespace_name='USERS';3.4360+10 c:\oracle\product\10.2.0\oradata\orcl\users01.dbf
kindly help me in solving this is.
Regards,
aak
Edited by: AAK 460425 on Apr 12, 2009 6:33 PMThanks,
select bytes from user_free_space where tablespace_name='USERS'
BYTES
458752
720896
458752
655360
43384832
is the size less?
My apology I have updated this in the below thread, which is same as this one.
Re: Import error -
I have recently upgraded a clients servers to Windows Server 2012 & since doing so have lost the ability to scan to folder.
Both servers are domain controllers and previously on a 2008 domain controller I would have had to make the following change to allow scan to folder:
Administrative Tools
Server Manager
Features
Group Policy Manager
Forest: ...
Default Domain Policy
Computer configuration
Policies
Windows Settings
Security Settings
Local Policies
Security Options
Microsoft Network Server: Digitally Sign Communications (Always)
- Define This Policy
- Disabled
However I have applied this to the Windows 2012 server but am still unable to scan, possibly due to added layers of security in server 2012. The error on the scanner is Authentication with the destination has failed check settings.
I have also tried the following at the server:
Policies -> Security Policies
Change Network Security: LAN Manager authentication level to: Send LM & NTLM - Use NTLMv2 session security if negotiated.
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients and uncheck the require 128 bit.
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers and uncheck the require 128 bit
I have created a user account on the server for the ricoh and set this in the settiings of the Ricoh and verified everything is correct.
Are there any other things I have missed?I can email anybody the firmware module if interested and how to...
Tell me your model and email
If your offer still stands we have an Aficio MP C3300
Firmwareversion
Modulnavn Version Delnummer
System/Copy 1.13 D0255562H
Network Support 8.16.1 D0255563D
Font EXP 1.03 D0255588
OptionPCLFont 1.02 D0255589
animation 1.3.1 D0255568A
Fax 01.10.00 D0255569B
RemoteFax 01.10.00 D0255564B
Printer 1.11 D0255572A
RPCS 3.7.5.4.1 D0255574A
Option PCL 1.00 D0255580A
Scanner 01.17 D0255570C
Network DocBox 1.00 D0255567B
Web Support 1.06 D0255565B
Web Uapl 1.07 D0255566C
libcvm(v4) 4.13 D4135765B
GWFCU3-13(WW) 03.00.00 D3935570C
PowerSaving Sys 1.10 D0255560C
Engine 1.51:09 D0255117E
OpePanel 1.03 D0251492A
LANG0 1.03 D0251496
LANG1 1.03 D0251496
ADF 03.420:02 D3665604
Finisher 01.090:03 D3725112
Best Regards/
Henrik Plougstad
henrik(a)pieroth.dk -
Post Author: LeeCUK
CA Forum: Authentication
I have installed Enterprise XIR2 onto a Windows 2003 server and all services are running.I have installed the client on another windows 2003 server and I can connect to the console via the web.
Firstly desktop intel would not work and gave me the error below, however a new entry appeared in my server dropdown with servername (.Net Portal) and after selecting this Desktop intell worked.
When I try to run designer I dont get the extra server in the dropdown nor does it connect when tryped manually and gives me the same error I was getting for desktop intel.
Im using enterprise authentication
Has anyone figured this out please?
The error im getting is below[repo_proxy 13] SessionFacade::openSessionLogon with user info has failed(Transport error: Communication failure.(hr=#0x80042a01)Post Author: jsanzone
CA Forum: Authentication
LeeCUK:
The [repo_proxy 13] error seems to be a catch-all for BO in that I've worked with this software (XI R2) for 1 1/2 years now and each time I've encountered [repo_proxy 13] it has been for a different reason, thus, you're going to have to apply troubleshooting checks all over the place until you find the problem. In my particular case I just resolved my [repo_proxy 13] error I've been working on this week, and here was my scenario. Our server in the lab died due to a hard drive failure, so we cut our losses and installed a new & more powerful server. When the rebuild was done I could not connect from my laptop to the repository via Designer (good old [repo_proxy 13] error). After much angst, etc, etc I found out that the servers in the CMC (/businessobjects/enterprise115/admin/en/admin.cwrwere">http://<server>/businessobjects/enterprise115/admin/en/admin.cwrwere) were all down except for one (even though CCM showed all servers "up"). When I went to start the servers in the CMC I was prompted for an account, and no matter what account I tried it won't work. So I went back to the CCM servers and stopped them all, then changed the default account it was using from LocalSystem to the administrator account, restarted all servers in CCM, went back to CMC and noted that all servers were now up as well. Then I went back to my laptop and used Designer and was able to successfully log in. Thus, the end of my story, however, it seems that many [repo_proxy 13] errors have different beginning and endings. For instance, a year ago I had the same [repo_proxy 13] error and brought it to BO tech support. They determined that I had to uninstall my client from my laptop, clean out the registry for any references to BO keys, and remove the c:\program files \Business Objects folder, then reinstall, and sure enough it worked in that case, but not in this case when I tried it again. By digging deeper I found out the root cause to my current problem, and voila, I'm in!
Good luck! -
ASO - checksum fail with JDBC thin client on Windows
I'm trying to configure Oracle Advanced Security for SQL Developer. I'm using SQL Developer 1.5.1 (downloaded with the included JDK). When configuring the connection I select Connection Type: Advanced. My JDBC URL is:
jdbc:oracle:thin:@(description=(address=(protocol=tcp)(host=hostname.com)(port=1234))(connect_data=(service_name=DVLP)(SQLNET.ENCRYPTION_CLIENT=REQUESTED)(SQLNET.ENCRYPTION_TYPES_CLIENT=AES256)(SQLNET.CRYPTO_CHECKSUM_CLIENT=REQUESTED)(SQLNET.CRYPTO_CHECKSUM_TYPES_CLIENT=MD5)))
This works great in Linux. But on a fully patched Windows XP machine when I try to connect I get "Io exception: Checksum fail Vendor code 17002"
Note that this is only a problem with the thin client. If I use the OCI client (jdbc:oracle:oci:@....) it works fine.
Also note that the db to which I'm trying to connect is a 10g database with these sqlnet.ora parameters:
#ASO Encryption
sqlnet.encryption_server=required
sqlnet.encryption_client=required
sqlnet.encryption_types_server=(AES256,3DES168,3DES112)
sqlnet.encryption_types_client=(AES256,3DES168,3DES112)
#ASO Checksum
sqlnet.crypto_checksum_server=requested
sqlnet.crypto_checksum_client=requested
sqlnet.crypto_checksum_types_server = (MD5)
sqlnet.crypto_checksum_types_client = (MD5)
SQLNET.INBOUND_CONNECT_TIMEOUT_LSNR1251=120
# Require clients to be Oracle 10g or higher
SQLNET.ALLOWED_LOGON_VERSION = 10
Has anyone else seen this?
Thanks for your help!As a test I created a simple Java program to connect to the db. I used the same ojdbc5.jar that is shipped with sql developer. My test program ran fine. So it would seem the problem is SQL Developer specific.
The class:
import java.sql.*;
public class testJDBC_ASO {
public static void main(String[] args) throws SQLException {
DriverManager.registerDriver (new oracle.jdbc.OracleDriver());
Connection conn = DriverManager.getConnection
("jdbc:oracle:thin:@(description=(address=(protocol=tcp)(host=hostname.com)(port=1234))(connect_data=(service_name=DVLP)(SQLNET.ENCRYPTION_CLIENT=REQUESTED)(SQLNET.ENCRYPTION_TYPES_CLIENT=AES256)(SQLNET.CRYPTO_CHECKSUM_CLIENT=REQUESTED)(SQLNET.CRYPTO_CHECKSUM_TYPES_CLIENT=MD5)))",
"username", "password");
Statement stmt = conn.createStatement();
ResultSet rset = stmt.executeQuery("select BANNER from SYS.V_$VERSION");
while (rset.next())
System.out.println (rset.getString(1)); /
stmt.close();
The output:
C:>java -cp ojdbc5.jar;. testJDBC_ASO
Oracle Database 10g Enterprise Edition Release 10.2.0.3.0 - 64bi
PL/SQL Release 10.2.0.3.0 - Production
CORE 10.2.0.3.0 Production
TNS for Solaris: Version 10.2.0.3.0 - Production
NLSRTL Version 10.2.0.3.0 - Production
Edited by: RichardJQ on Oct 31, 2008 1:52 PM -
I tried my first Windows CD burn with iTunes; the burn fails at different points during the burn, with error codes 4450 or 4280.
I have the same problem, after years of everything working great. Last time this happened I tried using a different brand of CD and it worked, but I must warn you that now iTunes rejects all three brands I have been trying to use.
-
Airport Utility `install failed' error with both 6.0 and 6.1
Hi folks
I am running Mac OS X Lion 10.7.4 (11E53) and cannot get the Airport Utility to run at all. [5.5.3] The application icon flickers as though it is about to launch and then nothing happens.
I have tried other 5.x downloads and they all fail because I am running OS X Lion 10.7.4.
Doing a standard Software Update or using a download of 6.x from the Apple Support site, the installer comes up with an `install failed' error with both 6.0 and 6.1, having gotten through the complete process and looking like they were `successful'.
It's the only time in two years and many updates later that i have come across this issue, so I am unsure how to start to tackle it.
Any ideas or suggestions please?
Thanks in advance.Welcome to Apple Communities
Backup your files and try this:
1. Reboot from recovery partition (or as in my case USB recovery drive)
2. Select Re-install Mac OS X
3. Allow the process to run through multiple restarts
4. When reinstall process is complete run software update (side note, my software update would not launch as long as my USB recovery stick was plugged in, weird)
5. Run all updates saving the Airport Utility 6.0 until last.
6. Install the airport utility from software update.
Maybe you are looking for
-
Hi there. We have two iphone 3gs' and an Ipad 2 all operate on IOS 5 but one of the iphones syncs on another computer. The other two sync on our other computer. Those two will only play internet radio for a short time and then they stop playing the p
-
Microsoft.SqlServer.Management.IntegrationServices dll is missing
Hi, I need to load a package programatically that is deployed to the SSIS catalog with the project deployment model. All the doc points to doing this using Microsoft.SqlServer.Management.IntegrationServices namespace; file: Microsoft.SqlServer.Manage
-
Hi forum, would like to know how to launch Dreamweaver from the command line such that Dreamweaver could be used from the Terminal or as an External Tool to other applications (i.e. Java IDE). I'm running on Mac OSX and there is no single executable
-
Oracle RAC help...
Hi Friends, I have a challenge here...Would appreciate if anyone can help me.. I have to install 10.2.0.3 Oracle RAC on windows 2003 server 64 bit. My issue is now the server names and ips are set and I am going to install the RAC. But the client nee
-
I use Dreamweaver (8.0.2) which I have been using for several years without incident. Now, I am unable to see my remote files. When I click on the icon that connects to the remote host (or when I right click "Put" the file to upload to the remote ser