User domain\SPFservice is not authorized to perform request using authentication type Negotiate

Hi,
I have installed WAP/SPF in the same domain via express installation.  The SPF domain service account is sysadmin on the SPF database.  The SPF domain service account is running as identity in IIS application pool.  I have registered SPF in
WAP via SPFcomputeraccount\LocalSPFaccount.  The LocalSPFaccount is member of the 4 local groups created by the SPF setup.  The domain SPF service account is member of the VMM administrators.
When a new tenant want to subscribe to a hosting plan I get an error "One or more errors occurred while contacting the underlying resource providers. The operation may be partially completed. Details: Failed to create subscription".
When I look in the eventviewer of the SPF server in ManagementODataService, I can see "User domain\SPFservice is not authorized to perform request using authentication type Negotiate".
SPF/VMM are both on the latest update rollup.  The VMM console is also updated on the SPF server. 
I can successfully reproduce the troubleshooting steps from http://blogs.technet.com/b/privatecloud/archive/2013/11/08/troubleshooting-windows-azure-pack-spf-amp-vmm.aspx.

Hi,
During the install it is also asking you to specify groups during the installation (4 x) Is the user you specified als spf runas account also member of those group in the AD?
So you have 4 groups created on the local box by the installation. But also 4 specified during the installation. Check if the account is member of those group(s) as well, reboot the spf and you should be up and running.
Best regards, Mark Scholman. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Similar Messages

  • System error - User not authorized to access requested Info Object!

    Hi, Experts,
    I have a user ID begin with S***, but when I click some links, the following message shows:
    "System error - User not authorized to access requested Info Object!"
    How could I have authorization to see these links?
    Thanks!
    Lorrie

    Hi Lorrie,
    If you are a superuser, you should not get this error.
    If not, you can not change any autohorizations.
    Check it out.  For your job, you have to be a super user.
    Thanks,
    Gordon

  • User "DOMAIN\username" could not be found on the machine

    Created a template using the "ZENworks Personality Migration Template Builder" to migrate the settings for the currently logged in user. Then created a "Store Personality" bundle in ZCC.... gettting this error when I then try and run that bundle on the assigned workstation (testing on mine at the moment). Thoughts??

    The log file "C:\Program Files\Novell\ZENworks\logs\PersonalityMigration\Pe rsonalityLog.xml" reads...
    <Log>
    <Group Name="PersonalityMigrationCore started at: 16/06/2009 4:42:20 PM" Level="Debug">
    <Group Name="Stored settings and files into "C:\TEMP\TEST.pnp"" Level="Standard">
    <Item Name="There was an error retrieving user details for the user "DOMAIN\USER". The error was: Logon failure: unknown user name or bad password." Level="Detailed" />
    </Group>
    </Group>
    </Log>

  • TS1389 I have a new mac, but every time I try to transfer purchases from my iphone to it, it says it is not authorized. And it uses a very old default email. I then authorize it, it tells me it is authorized already. I tried unauthorizing and re-authorizi

    I have a new mac, but every time I try to transfer purchases from my iphone to it, it says it is not authorized. But it IS!~ And it uses a very old default email. I then authorize it, it tells me it is authorized already. I tried unauthorizing and re-authorizing. I have looked up help and done what it says. I tried finding users/shared/sc info  but that file is not on this Mac. My Mac is fully updated.
    please help.

    I should add that it's an HP photosmart 4280.I found it online and it shows the Mac 0SX operating system.

  • Not authorized to show content using airplay

    Just bought an Apple TV. I can push content to it from my iPad or iPod fine, and I can access my iTunes account on my computer fine. However when my boyfriend comes over, he cannot push content to the Apple TV from his iPad. The airplay icon shows fine, but when he tries, it says that he is not authorized to play content on this device. It doesn't make sense because when we were at his parent's place over Christmas, I was able to push content from my iPad to their Apple TV with no problems, even though I've never been there before and no authorizations were needed. We tried this with four or five different videos and songs, but to no effect. Each time it told us that it wasn't authorized. We also tried signing into the Apple TV using his iTunes account, but were still told the device wasn't authorized to play his content. Can anyone help?

    Did you try turning airplay off/on via ATV? Maybe rebooting the iPad? Having both devices signed into the same account?

  • Oracle drive and oradav - ORA-20504: User not authorized to perform the req

    Anyone have any idea why we may not be allowed to copy files to portal?
    We have checked the edit region to allow all files, quota is unlimited and we're using portal as a priviledged user (manage) for the page group.
    For some reason we are globally blocked from copying files to /dav_portal/portal.
    Any suggestions?

    I have the exact same problem on Oracle Portal 10.1.4 while I'm using Windows XP. I never had the webdav problem when I was using Windows 2000/NT on older versions of the portal. There is a note on Metalink (Note:338932.1) that seems relevant to this issue but I haven't been able to try WebDAV while using a different OS than Windows XP to confirm that is the bug I've encountered. The solution in that note says "Wait for the bug fix (no earlier than Portal 11.0) OR Use a client other than Windows XP."
    I found another note (Note:367860.1) with the solution being to install and use the Oracle Drive client. Did that, and still got an "Error 5: Access is denied" alert when trying to add a file to a plain portal page with NO tabs and a single Items region that allows users to add content to it. Next, under that page's properties on the Items tab, in the Default WebDAV Types section, changed Default Regular Files to Simple File and tried adding a file using WebDav and ta-daaaa! It worked. However, I don't want to use the Simple File item type, I want to use the regular File!!! And yes, I have made some customizations to the File item (changed defaults, re-order attributes, etc.) Not sure what to do next. Any ideas???

  • ORADAV problems - ORA-20504: User not authorized to perform the req

    Anyone have any idea why we may not be allowed to upload files to portal via oradav or webdav?
    We have checked the edit region to allow all files, quota is unlimited and we're using portal as a priviledged user (manage) for the page group.
    We are however allowed to upload "zip" files only, but we're not allowed to unzip them! Apparently we're prohibited from uploading or creating files, since unzipping creates files, it fails as well.
    Any suggestions?

    bump

  • Not Authorized HTTP Error 401. The requested resource requires user authentication.

    Hi All,
    I have MDS web application on one server and MDS DB on another, both in same domain .
    MDS web application is created as new website on same IIS with SharePoint and have their own port assign
    In IIS Windows Authentication is added and enabled.
    Users do have function permission and module enabled.
    MDS is accessible only on server where web application is.
    When it is accessed from any computer within domain error is
    Not Authorized
    HTTP Error 401. The requested resource requires user authentication.
    Can anyone offer any suggestions?
    Thanks
    Zorko

    Hi Zorko,
    The issue may happen in case:
    1. The Master Data Service(MDS) web application is running under a domain user account
    2. You didn't register a Service Principal Name(SPN) for the account
    3. You are using fully qualified domain name(FQDN) or host name to access the MDS
    4. You are able to access the MDS by IP address(http://<ip address>)
    If I am right, it is because of the browser choose to use Kerberos authentication to connect to the MDS.
    So then, to fix the issue, please:
    Register SPN for the application pool account. Enable the delegation.
    Or, please force the web site to use NTLM authentication only.
    For more information, please see:
    How to use SPNs when you configure Web applications that are hosted on Internet Information Services:
    http://support.microsoft.com/kb/929650
    Forcing NTLM Authentication (IIS 6.0):
    http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/7258232a-5e16-4a83-b76e-11e07c3f2615.mspx?mfr=true
    Thanks,
    Jinchun Chen
    Jinchun Chen(JC)
    TechNet Community Support

  • I have performed Home Sharing, I was able to import half of trhe songs and apps, it says im not authorized even though I authorized the new computer? Why?

    I purchased a new computer (windows 7) and I am trying to perform home sharing from my existing computer (Windows XP), I have been able to import half my songs and half my apps and tv shows, but I am missing half of them, when I try to manually import them it tells me that I am not authorized to perform this, WHY???

    brianfromhaverhill wrote:
    WHY???
    could it be you used more than one Appple ID to purchase items from the iTunes store ?

  • BW Hana Trial on AWS, not authorized

    An error from Amazon Web Services occurred: AMAZON : User: arn:aws:iam::767900948628:user/SRI1 is not authorized to perform: iam:GetUser on resource: arn:aws:iam::767900948628:user/SRI1
    Hi I'm getting this error when I tried to create the Instance on AWS, I have went through the FAQ's but not able to compelete this,
    appreciate your response on this.
    Thanks
    Sriaknth M

    Hello Dave,
    i have made a test in CAL. I created a new group in IAM and then added the following four roles:
    1 Groups Selected
    Group: new
    Users
    Permissions
    Summary
    This view shows all policies that apply to this group.
    Policy Name
    Actions
    AmazonEC2FullAccess-new-201404291610 Show
    Manage Policy | Remove Policy | Simulate Policy
    AmazonVPCFullAccess-new-201404291625 Show
    Manage Policy | Remove Policy | Simulate Policy
    AWSAccountUsageReportAccess-new-201404291625 Show
    Manage Policy | Remove Policy | Simulate Policy
    ReadOnlyAccess-new-201404291625 Show
    Manage Policy | Remove Policy | Simulate Policy
    Then created a new user inside this group and generated credentials for this user.
    Added a CAL account and successfully started an instance in our UI.
    The user has no polices attached to it. I did not get any errors in CAL.
    Could you please tell us where did you get this error, on which action in CAL?
    Is the process of creating IAM permissions the same, as mine?
    Best Regards,
    Aleksandar

  • How to find out what computers user logged on? (not at the moment but history)

    Domain Controller: Windows 2012 R2 - Unfortunately, I don't manage DC but my own OU (computers and users)
    I have a user working mid-night shift reporting that he received error message "The group policy client service fail the logon, access denied". He is using multiple PC and he did not remember which PC gave him the error message. How do I find out
    which computers he logged on? I have access to my domain OU. I can manage my own Computers and Users objects in my domain (no domain controller in my department)
    I searched internet but most of them are finding out which computer user is currently logging on - not the history, thanks.
    Thang Mo

    To fix this error, please follow the steps given below and check if it helps you to resolve the issue :
    1. Logon to the machine with a machine administrator account (assuming this issue is with a domain account, if not logon to the machine using another account with administrative privilege).
    2. Move the machine to a work-group from domain. (If it was part of one work-group then change it to another one or join a domain.) You could do this through Control Panel\System and Security\System and then Change Settings.
    3. Restart the machine and logon with a machine administrator account.
    4. Delete your user profile data (or move it a different location) completely from c:\users. "C" in my case is system directory but if you have a different one then use that one.
    5. Join the machine back to domain account (or to work-group that the machine was originally joined to), and restart the machine.
    6. Logon with your domain account that you were having trouble with. Keep fingers crossed.
    If all goes well, you should be logged on.
    Coming to the second query, if the user are in DC, you can try our free tool
    Lepide last logon reporter that will help you to get the logon details by specifying Domain Name/IP of the Domain Controller,  User Name, Common Name and Last Logon Time.
    Lepide - Simplifying IT Management

  • Why is my Computer not authorized only when using the remote ?

    I am new to Itunes. I have taken a huge collection of my CDs and loaded them into Itunes having it save them as MP3 files. I can from the computer keyboard play any of them just fine. I hooked up the computer to my home theater system (including video hook up) my idea was that I could use the computer remote to control ITunes. However when I select a track using the remote I get a message telling me the computer is not authorized and I need to enter an Itunes store ID number. Whats the deal can ITunes only recognize if you purchase from them, can I not use my own purchased CDs??? -or- am I just doing something wrong? Any ideas would be welcomed, I have loaded about 16,000 tracks of music I already own. It would take forever to play each track so the remote will work. Oh, and it does, if I lay it first from the keyboard then the remote will play that track as well.... wierd

    I am on Quick Time 7.1.3
    I also tried the Option, choose library, no dice. The library is functioning fine. I plays anything I want if I work directly on the computer. It only gives the "not authorized message when I use the remote control.

  • Crystal add on works for admin user on server but not regular user

    Hi
    The crystal add on has been installed and working for months. Another colleague was working with it, not sure what happened but it stopped working. I was able to re-register and get it working on a user's workstation using fat client. It is installed on the server. Some users user remote desktop to connect to the server.
    If I login to the server as an admin user - i login to SAP as manager and can use the add on. Works fine.
    If I login to the server as a regular user, login as manager into SAP, I get an installation error with the Crystal add on. Since it is already installed and working - why when i login to the same server as a different windows login but SAME manager SAP user - why would it not work?
    I'm using crystal reports full version on the server because that is where I edit the reports.
    The workstations have the runtime installed.
    HELP!

    hi
    the error when I login as the user on the server is :
    Add-on Crystal Reports for SAP Business One: Add-on %s - uninstall failed.
    Which I don't understand at all b/c if I login on the same server as a different windows login
    with admin rights it works fine.
    What log file are you speaking of? I'm new to add on installs.
    I don't even install SAP I work with crystal reports but got stuck dealing with this add on.
    thanks!

  • SharePoint Designer workflow gives Claims Authentication error for some users. Problem getting output claims identity. The specified user or domain group was not found.

    We have a SharePoint Enterprise 2013 system at RTM level.  We've installed Workflow Manager 1.0 by following the steps at
    http://technet.microsoft.com/en-us/library/jj658588.aspx.  For the final step of Validating the Installation we created a simple list-level workflow and verified that the workflow
    is invoked successfully.  This is working successfully, but only for a single user.  If other users in the same site collection try to invoke the workflow on this same list we get the ULS Log Error:
    Claims Authentication          af3zp Unexpected STS Call Claims Saml: Problem getting output claims identity. Exception: 'Microsoft.SharePoint.SPException: The specified user or domain group was not found. --->
    System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated.
    followed by:
    Failed to issue new security token. Exception: Microsoft.SharePoint.SPException: The specified user or domain group was not found. ---> System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated.
    (as details below).
    All accounts that are attempting to use the Test Workflow (both working and non-working user accounts) are valid AD accounts and are included in the User Profile Sync that runs nightly.  All have Contribute or Design permission level (and for testing,
    Full Control). 
    What could cause the Claims Authentication to fail when certain users attempt to launch the workflow?
    Thank you for your response.
    Jim Mac.
    08/29/2013 10:22:51.94  w3wp.exe (0x2020)                        0x26D8 SharePoint Foundation        
     Claims Authentication          af3zp Unexpected STS Call Claims Saml: Problem getting output claims identity. Exception: 'Microsoft.SharePoint.SPException: The specified user or domain group was
    not found. ---> System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated.     at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType,
    Boolean forceSuccess)     at System.Security.Principal.NTAccount.Translate(Type targetType)     at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity,
    SPClaim loginClaim)     --- End of inner exception stack trace ---     at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdent... 94aa5c2d-fa45-9b83-b203-a92b20102583
    08/29/2013 10:22:51.94* w3wp.exe (0x2020)                        0x26D8 SharePoint Foundation        
     Claims Authentication          af3zp Unexpected ...ity, SPClaim loginClaim)     at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(String
    encodedIdentityClaimSuffix)     at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.CreateTokenCacheReferenceFromTokenSignature(SPRequestInfo requestInfo, IClaimsIdentity identity)     at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.AugmentTokenCacheReferenceClaim(SPRequestInfo
    requestInfo, IClaimsIdentity identity)     at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.AugmentOutputIdentityForRequest(SPRequestInfo requestInfo, IClaimsIdentity outputIdentity)     at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.GetOutputClaimsIdentity(IClaimsPrincipal
    principal, RequestSecurityToken request, Scope scope)'. 94aa5c2d-fa45-9b83-b203-a92b20102583
    08/29/2013 10:22:51.94  w3wp.exe (0x2020)                        0x26D8 SharePoint Foundation        
     Claims Authentication          fo1t Monitorable STS Call: Failed to issue new security token. Exception: Microsoft.SharePoint.SPException: The specified user or domain group was not found. --->
    System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated.     at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)    
    at System.Security.Principal.NTAccount.Translate(Type targetType)     at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim loginClaim)    
    --- End of inner exception stack trace ---     at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKeyClaim(IClaimsIdentity claimsIdentity, SPClaim logi... 94aa5c2d-fa45-9b83-b203-a92b20102583
    08/29/2013 10:22:51.94* w3wp.exe (0x2020)                        0x26D8 SharePoint Foundation        
     Claims Authentication          fo1t Monitorable ...nClaim)     at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(String encodedIdentityClaimSuffix)    
    at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.CreateTokenCacheReferenceFromTokenSignature(SPRequestInfo requestInfo, IClaimsIdentity identity)     at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.AugmentTokenCacheReferenceClaim(SPRequestInfo
    requestInfo, IClaimsIdentity identity)     at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.AugmentOutputIdentityForRequest(SPRequestInfo requestInfo, IClaimsIdentity outputIdentity)     at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.GetOutputClaimsIdentity(IClaimsPrincipal
    principal, RequestSecurityToken request, Scope scope)     at Microsoft.IdentityModel.Securi... 94aa5c2d-fa45-9b83-b203-a92b20102583
    08/29/2013 10:22:51.94* w3wp.exe (0x2020)                        0x26D8 SharePoint Foundation        
     Claims Authentication          fo1t Monitorable ...tyTokenService.SecurityTokenService.Issue(IClaimsPrincipal principal, RequestSecurityToken request)     at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.Issue(IClaimsPrincipal
    principal, RequestSecurityToken request) 94aa5c2d-fa45-9b83-b203-a92b20102583

    Hi Aries,
    I am facing issue with work flow where Workflow goes to Suspend mode.
    I am facing an issue with SP2013 Custom Workflow developed using Visual Studio 2012.
    Objective of the Custom workflow: User fills the form and submit, list get updated and workflow will initiate and go for the process.
    Issue: After the deployment of WF, for first time when user is filling the form and submit, list is getting updated. But the Workflow Goes to "Suspend" mode. (
    This Custom Workflow has a configuration file where we are providing other details including ID of Impersonator (farm is running under Claim Based Authentication).
    Work flow works fine once when the Impersonator initiate the workflow (Fill the form and submit for approval) and everything works fine after that.
    Following steps are already performed
    1.Make sure User profile synchronization is started.
    2.Make sure the user is not the SharePoint system user.
    3.Make sure the user by whom you are logged is available in User Profile list.
    4.Step full synchronization of User Profile Application.
    From the ULS logs it seems the user's security token from the STS service and User profile service is not being issued.
    Appreciate any thoughts or solution.
    Following are the log files.
    <-------------------------------Information taken from "http://YYYY.XXXXX.com/sites/xxxx/_layouts/15/wrkstat.aspx" where it is showing workflow status as "Suspend"------->
    http://yyyy.XXXX.com/sites/xxxx/_vti_bin/client.svc/sp.utilities.utility.ResolvePrincipalInCurrentcontext(input=@ParamUser,scopes='15',sources='15',inputIsEmailOnly='false',addToUserInfoList='False')?%40ParamUser='i%3A0%23.w%7CXXXXX%5Csps_biscomdev'
    Correlation Id: f5bd8793-a53c-2127-bfb1-70bc172425e8 Instance Id: 14a985a0-60c8-42db-a42c-c752190b8106
    RequestorId: f5bd8793-a53c-2127-0000-000000000000. Details: RequestorId: f5bd8793-a53c-2127-0000-000000000000. Details: An unhandled exception occurred during the execution of the workflow instance. Exception details: System.ApplicationException: HTTP 401
    {"error_description":"The server was unable to process the request due to an internal error. For more information about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the <serviceDebug>
    configuration behavior) on the server in order to send the exception information back to the client, or turn on tracing as per the Microsoft .NET Framework SDK documentation and inspect the server trace logs."} {"x-ms-diagnostics":["3001000;reason=\"There
    has been an error authenticating the request.\";category=\"invalid_client\""],"SPRequestGuid":["f5bd8793-a53c-2127-8654-672758a68234"],"request-id":["f5bd8793-a53c-2127-8654-672758a68234"],"X-FRAME-OPTIONS":["SAMEORIGIN"],"SPRequestDuration":["34"],"SPIisLatency":["0"],"Server":["Microsoft-IIS\/7.5"],"WWW-Authenticate":["Bearer
    realm=\"b14e1e0f-257f-42ec-a92d-377479e0ec8d\",client_id=\"00000003-0000-0ff1-ce00-000000000000\",trusted_issuers=\"00000005-0000-0000-c000-000000000000@*,[email protected]79e0ec8d\"","NTLM"],"X-Powered-By":["ASP.NET"],"MicrosoftSharePointTeamServices":["15.0.0.4420"],"X-Content-Type-Options":["nosniff"],"X-MS-InvokeApp":["1;
    RequireReadOnly"],"Date":["Fri, 10 Apr 2015 19:48:07 GMT"]} at Microsoft.Activities.Hosting.Runtime.Subroutine.SubroutineChild.Execute(CodeActivityContext context) at System.Activities.CodeActivity.InternalExecute(ActivityInstance
    instance, ActivityExecutor executor, BookmarkManager bookmarkManager) at System.Activities.Runtime.ActivityExecutor.ExecuteActivityWorkItem.ExecuteBody(ActivityExecutor executor, BookmarkManager bookmarkManager, Location resultLocation)
    ULS Log
    04/16/2015 15:22:03.70 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation Authentication Authorization agb9s Medium OAuth request. IsAuthenticated=False, UserIdentityName=, ClaimsCount=0 f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.70 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation Runtime ajd6k Verbose Value for isAnonymousAllowed is : False f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.70 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation Runtime ajd6l Verbose Value for checkAuthenticationCookie is : True f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.70 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8b Verbose Looking up context  site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.70 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8f Verbose Site lookup is replacing
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
    http://inetdev. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8g Verbose Looking up typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8b Verbose Looking up context  site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8f Verbose Site lookup is replacing
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
    http://inetdev. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8g Verbose Looking up typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (GET:http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly)). Execution Time=18.7574119057031 f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8b Verbose Looking up context  site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8f Verbose Site lookup is replacing
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
    http://inetdev. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8g Verbose Looking up typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.71 w3wp.exe (0x1C74) 0x1AB8 SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.73 PowerShell.exe (0x29BC) 0x2B9C SharePoint Foundation General narq Verbose Releasing SPRequest with allocation Id {AF89E1D7-C47F-467B-8FD4-D7DC768820EE} 
    04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8b Verbose Looking up context  site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA 
    04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. 
    04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8f Verbose Site lookup is replacing
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
    http://inetdev. 
    04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8g Verbose Looking up typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. 
    04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. 
    04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Request (GET:http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly)). Parent No 
    04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8b Verbose Looking up context  site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA 
    04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. 
    04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8f Verbose Site lookup is replacing
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
    http://inetdev. 
    04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8g Verbose Looking up typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. 
    04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. 
    04/16/2015 15:22:03.73 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Logging Correlation Data xmnv Medium Name=Request (GET:http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly) f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.74 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Application Authentication Pipeline). Parent Request (GET:http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly) f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.74 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8b Verbose Looking up context  site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.74 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.74 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8f Verbose Site lookup is replacing
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
    http://inetdev. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.74 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8g Verbose Looking up typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.74 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Claims Authentication ah25l Medium SPJsonWebSecurityBaseTokenHandler: ValidateActorIsSelfIssuer! Issuer '00000005-0000-0000-c000-000000000000' is not self
    issuer. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Getting Site Subscription Id). Parent [S2S] Getting token from STS and setting Thread Identity f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8b Verbose Looking up context  site
    http://inetdev/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
    http://inetdev/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8f Verbose Site lookup is replacing
    http://inetdev/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
    http://inetdev. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8g Verbose Looking up typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Getting Site Subscription Id). Execution Time=0.341314329055788 f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.75 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Reading token from Cache using token signature). Parent [S2S] Getting token from STS and setting Thread
    Identity f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.76 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General ajji6 High Unable to write SPDistributedCache call usage entry. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.76 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Reading token from Cache using token signature). Execution Time=7.5931438213516 f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.76 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Application Authentication ajwpx Medium SPApplicationAuthenticationModule: Failed to build cache key for user  f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.76 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Topology aeayb Medium SecurityTokenServiceSendRequest: RemoteAddress: 'http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc' Channel:
    'Microsoft.IdentityModel.Protocols.WSTrust.IWSTrustChannelContract' Action: 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue' MessageId: 'urn:uuid:fd5eba94-c39d-4667-89bd-089411c87f09' f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.77 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation Topology aeax9 Medium SecurityTokenServiceReceiveRequest: LocalAddress: 'http://c1vspwfe01.vitas.com:32843/SecurityTokenServiceApplication/securitytoken.svc'
    Channel: 'System.ServiceModel.Channels.ServiceChannel' Action: 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue' MessageId: 'urn:uuid:fd5eba94-c39d-4667-89bd-089411c87f09' f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.77 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation Monitoring nasq Medium Entering monitored scope (ExecuteSecurityTokenServiceOperationServer). Parent No f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation Claims Authentication ah25l Medium SPJsonWebSecurityBaseTokenHandler: ValidateActorIsSelfIssuer! Issuer '00000005-0000-0000-c000-000000000000' is not self
    issuer. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation General narq Verbose Releasing SPRequest with allocation Id {F17590DF-49D9-439D-86BC-5AE6416BB765} f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation General 6t8b Verbose Looking up  site
    http://inetdev/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
    http://inetdev/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation General 6t8f Verbose Site lookup is replacing
    http://inetdev/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
    http://inetdev. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation General 6t8g Verbose Looking up typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation General narq Verbose Releasing SPRequest with allocation Id {3847D5A4-15C6-4AF9-B062-E22BB555DF4F} f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Portal Server User Profiles ae0s1 High Identity claims mapped to '0' user profiles. Claims: [nameid: '', nii: 'windows', upn: '', smtp: '', sip: ''], User Profiles: f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Portal Server User Profiles ae0sr Unexpected UserProfileException caught.. Exception Microsoft.Office.Server.Security.UserProfileNoUserFoundException: 3001002;reason=The
    incoming identity is not mapped to any user profile account in SharePoint. Possible cause is that no user profiles are created in user profile database. Contact your administrator.     at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetSingleUserProfileFromClaimsList(UserProfileManager
    upManager, IEnumerable`1 identityClaims)     at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.<>c__DisplayClass2.<GetMappedIdentityClaim>b__0() is thrown. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Portal Server User Profiles ae0su High The set of claims could not be mapped to a single user identity. Exception 3001002;reason=The incoming identity is not mapped
    to any user profile account in SharePoint. Possible cause is that no user profiles are created in user profile database. Contact your administrator. has occured.  f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation Claims Authentication ae0tc High The registered mappered failed to resolve to one identity claim. Exception: Microsoft.Office.Server.Security.UserProfileNoUserFoundException:
    3001002;reason=The incoming identity is not mapped to any user profile account in SharePoint. Possible cause is that no user profiles are created in user profile database. Contact your administrator.     at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetSingleUserProfileFromClaimsList(UserProfileManager
    upManager, IEnumerable`1 identityClaims)     at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.<>c__DisplayClass2.<GetMappedIdentityClaim>b__0()     at Microsoft.SharePoint.SPSecurity.<>c__DisplayClass5.<RunWithElevatedPrivileges>b__3()    
    at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated secureCode)     at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(WaitCallback secureCode, Object param)     at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(CodeToRunElevated
    secureCode)     at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetMappedIdentityClaim(Uri context, IEnumerable`1 identityClaims)     at Microsoft.SharePoint.IdentityModel.SPIdentityClaimMapperOperations.GetClaimFromExternalMapper(Uri
    contextUri, List`1 claims) f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation Claims Authentication af3zp Unexpected STS Call Claims Saml: Problem getting output claims identity. Exception: 'Microsoft.Office.Server.Security.UserProfileNoUserFoundException:
    3001002;reason=The incoming identity is not mapped to any user profile account in SharePoint. Possible cause is that no user profiles are created in user profile database. Contact your administrator.     at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetSingleUserProfileFromClaimsList(UserProfileManager
    upManager, IEnumerable`1 identityClaims)     at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.<>c__DisplayClass2.<GetMappedIdentityClaim>b__0()     at Microsoft.SharePoint.SPSecurity.<>c__DisplayClass5.<RunWithElevatedPrivileges>b__3()    
    at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated secureCode)     at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(WaitCallback secureCode, Object param)     at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(CodeToRunElevated
    secureCode)     at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetMappedIdentityClaim(Uri context, IEnumerable`1 identityClaims)     at Microsoft.SharePoint.IdentityModel.SPIdentityClaimMapperOperations.GetClaimFromExternalMapper(Uri
    contextUri, List`1 claims)     at Microsoft.SharePoint.IdentityModel.SPIdentityClaimMapperOperations.ResolveUserIdentityClaim(Uri contextUri, ClaimCollection inputClaims)     at Microsoft.SharePoint.IdentityModel.SPIdentityClaimMapperOperations.GetIdentityClaim(Uri
    contextUri, ClaimCollection inputClaims, SPCallingIdentityType callerType)     at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.GetLogonIdentityClaim(SPRequestInfo requestInfo, IClaimsIdentity inputIdentity, IClaimsIdentity
    outputIdentity, SPCallingIdentityType callerType)     at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.EnsureSharePointClaims(SPRequestInfo requestInfo, IClaimsIdentity outputIdentity, SPCallingIdentityType callerType)    
    at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.AugmentOutputIdentityForRequest(SPRequestInfo requestInfo, IClaimsIdentity outputIdentity)     at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.GetOutputClaimsIdentity(IClaimsPrincipal
    principal, RequestSecurityToken request, Scope scope)'. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.78 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation Claims Authentication fo1t Monitorable STS Call: Failed to issue new security token. Exception: Microsoft.Office.Server.Security.UserProfileNoUserFoundException:
    3001002;reason=The incoming identity is not mapped to any user profile account in SharePoint. Possible cause is that no user profiles are created in user profile database. Contact your administrator.     at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetSingleUserProfileFromClaimsList(UserProfileManager
    upManager, IEnumerable`1 identityClaims)     at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.<>c__DisplayClass2.<GetMappedIdentityClaim>b__0()     at Microsoft.SharePoint.SPSecurity.<>c__DisplayClass5.<RunWithElevatedPrivileges>b__3()    
    at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated secureCode)     at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(WaitCallback secureCode, Object param)     at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(CodeToRunElevated
    secureCode)     at Microsoft.Office.Server.Security.UserProfileIdentityClaimMapper.GetMappedIdentityClaim(Uri context, IEnumerable`1 identityClaims)     at Microsoft.SharePoint.IdentityModel.SPIdentityClaimMapperOperations.GetClaimFromExternalMapper(Uri
    contextUri, List`1 claims)     at Microsoft.SharePoint.IdentityModel.SPIdentityClaimMapperOperations.ResolveUserIdentityClaim(Uri contextUri, ClaimCollection inputClaims)     at Microsoft.SharePoint.IdentityModel.SPIdentityClaimMapperOperations.GetIdentityClaim(Uri
    contextUri, ClaimCollection inputClaims, SPCallingIdentityType callerType)     at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.GetLogonIdentityClaim(SPRequestInfo requestInfo, IClaimsIdentity inputIdentity, IClaimsIdentity
    outputIdentity, SPCallingIdentityType callerType)     at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.EnsureSharePointClaims(SPRequestInfo requestInfo, IClaimsIdentity outputIdentity, SPCallingIdentityType callerType)    
    at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.AugmentOutputIdentityForRequest(SPRequestInfo requestInfo, IClaimsIdentity outputIdentity)     at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.GetOutputClaimsIdentity(IClaimsPrincipal
    principal, RequestSecurityToken request, Scope scope)     at Microsoft.IdentityModel.SecurityTokenService.SecurityTokenService.Issue(IClaimsPrincipal principal, RequestSecurityToken request)     at Microsoft.SharePoint.IdentityModel.SPSecurityTokenService.Issue(IClaimsPrincipal
    principal, RequestSecurityToken request) f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.79 w3wp.exe (0x0C48) 0x1318 SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (ExecuteSecurityTokenServiceOperationServer). Execution Time=17.1551132895382 f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.79 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Claims Authentication fsq7 High SPSecurityContext: Request for security token failed with exception: System.ServiceModel.FaultException: The server was
    unable to process the request due to an internal error.  For more information about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the <serviceDebug> configuration behavior) on the server in
    order to send the exception information back to the client, or turn on tracing as per the Microsoft .NET Framework SDK documentation and inspect the server trace logs.     at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.ReadResponse(Message
    response)     at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr)     at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken
    rst)     at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo, SPRequestSecurityTokenProperties properties) f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.79 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Claims Authentication 8306 Critical An exception occurred when trying to issue security token: The server was unable to process the request due to an internal
    error.  For more information about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the <serviceDebug> configuration behavior) on the server in order to send the exception information back to
    the client, or turn on tracing as per the Microsoft .NET Framework SDK documentation and inspect the server trace logs.. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.79 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Application Authentication Pipeline). Execution Time=52.3525336320678 f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.79 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Application Authentication ajezs High SPApplicationAuthenticationModule: Error authenticating request, Error details { Header: {0}, Body: {1} }.  Available
    parameters: 3001000;reason="There has been an error authenticating the request.";category="invalid_client" {"error_description":"The server was unable to process the request due to an internal error.  For more information
    about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the <serviceDebug> configuration behavior) on the server in order to send the exception information back to the client, or turn on tracing as
    per the Microsoft .NET Framework SDK documentation and inspect the server trace logs."} . f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.79 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 8nca Medium Application error when access /sites/testrpa2/_vti_bin/client.svc, Error=The server was unable to process the request due to an internal
    error.  For more information about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the <serviceDebug> configuration behavior) on the server in order to send the exception information back to
    the client, or turn on tracing as per the Microsoft .NET Framework SDK documentation and inspect the server trace logs.   at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.ReadResponse(Message response)     at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken
    rst, RequestSecurityTokenResponse& rstr)     at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst)     at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context,
    Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo, SPRequestSecurityTokenProperties properties)     at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForApplicationAuthentication(Uri context,
    SecurityToken onBehalfOf)     at Microsoft.SharePoint.IdentityModel.SPApplicationAuthenticationModule.<>c__DisplayClass4.<GetLocallyIssuedToken>b__3()     at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated
    secureCode)     at Microsoft.SharePoint.IdentityModel.SPApplicationAuthenticationModule.ConstructIClaimsPrincipalAndSetThreadIdentity(HttpApplication httpApplication, HttpContext httpContext, SPFederationAuthenticationModule fam)    
    at Microsoft.SharePoint.IdentityModel.SPApplicationAuthenticationModule.AuthenticateRequest(Object sender, EventArgs e)     at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()    
    at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.79 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8b Verbose Looking up context  site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.79 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8f Verbose Site lookup is replacing
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
    http://inetdev. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8g Verbose Looking up typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8b Verbose Looking up context  site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in the farm SharePoint_Config_QA f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8d Verbose Looking up the additional information about the typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8f Verbose Site lookup is replacing
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly with the alternate access url
    http://inetdev. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8g Verbose Looking up typical site
    http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation General 6t8h Verbose Found typical site /sites/testrpa2 (407ba20c-079b-4b99-9e70-f86e6e13ddde) in web application SPWebApplication Name=SPDEV - 80. f5bd8793-a53c-2127-8485-418c67f110f6
    04/16/2015 15:22:03.80 w3wp.exe (0x1C74) 0x183C SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (GET:http://inetdev:80/sites/testrpa2/_vti_bin/client.svc/site/ReadOnly)). Execution Time=62.2890618779761 f5bd8793-a53c-2127-8485-418c67f110f6
    Regards
    Sakti

  • AnyConnect error " User not authorized for AnyConnect Client access, contact your administrator"

    Hi everyone,
    it's probably just me but I have tried real hard to get a simple AnyConnect setup working in a lab environment on my ASA 5505 at home, without luck. When I connect with the AnyConnect client I get the error message "User not authorized for AnyConnect Client access, contact your administrator". I have searched for this error and tried some of the few solutions out there, but to no avail. I also updated the ASA from 8.4.4(1) to 9.1(1) and ASDM from 6.4(9) to 7.1(1) but still the same problem. The setup of the ASA is straight forward, directly connected to the Internet with a 10.0.1.0 / 24 subnet on the inside and an address pool of 10.0.2.0 / 24 to assign to the VPN clients. Please note that due to ISP restrictions, I'm using port 44455 instead of 443. I had AnyConnect working with the SSL portal, but IKEv2 IPsec is giving me a headache. I have stripped down certificate authentication which I had running before just to eliminate this as a potential cause of the issue. When running debugging, I do not get any error messages - the handshake completes successfully and the local authentication works fine as well.
    Please find the current config and debugging output below. I appreciate any pointers as to what might be wrong here.
    : Saved
    ASA Version 9.1(1)
    hostname ASA
    domain-name ingo.local
    enable password ... encrypted
    xlate per-session deny tcp any4 any4
    xlate per-session deny tcp any4 any6
    xlate per-session deny tcp any6 any4
    xlate per-session deny tcp any6 any6
    xlate per-session deny udp any4 any4 eq domain
    xlate per-session deny udp any4 any6 eq domain
    xlate per-session deny udp any6 any4 eq domain
    xlate per-session deny udp any6 any6 eq domain
    passwd ... encrypted
    names
    name 10.0.1.0 LAN-10-0-1-x
    dns-guard
    ip local pool VPNPool 10.0.2.1-10.0.2.10 mask 255.255.255.0
    interface Ethernet0/0
    switchport access vlan 2
    interface Ethernet0/1
    interface Ethernet0/2
    interface Ethernet0/3
    interface Ethernet0/4
    interface Ethernet0/5
    interface Ethernet0/6
    interface Ethernet0/7
    interface Vlan1
    nameif Internal
    security-level 100
    ip address 10.0.1.254 255.255.255.0
    interface Vlan2
    nameif External
    security-level 0
    ip address dhcp setroute
    regex BlockFacebook "facebook.com"
    banner login This is a monitored system. Unauthorized access is prohibited.
    boot system disk0:/asa911-k8.bin
    ftp mode passive
    clock timezone PST -8
    clock summer-time PDT recurring
    dns domain-lookup Internal
    dns domain-lookup External
    dns server-group DefaultDNS
    name-server 10.0.1.11
    name-server 75.153.176.1
    name-server 75.153.176.9
    domain-name ingo.local
    object network obj_any
    subnet 0.0.0.0 0.0.0.0
    object network LAN-10-0-1-x
    subnet 10.0.1.0 255.255.255.0
    object network Company-IP1
    host xxx.xxx.xxx.xxx
    object network Company-IP2
    host xxx.xxx.xxx.xxx
    object network HYPER-V-DUAL-IP
    range 10.0.1.1 10.0.1.2
    object network LAN-10-0-1-X
    access-list 100 extended permit tcp any4 object HYPER-V-DUAL-IP eq 3389 inactive
    access-list 100 extended permit tcp object Company-IP1 object HYPER-V-DUAL-IP eq 3389
    access-list 100 extended permit tcp object Company-IP2 object HYPER-V-DUAL-IP eq 3389 
    tcp-map Normalizer
      check-retransmission
      checksum-verification
    no pager
    logging enable
    logging timestamp
    logging list Threats message 106023
    logging list Threats message 106100
    logging list Threats message 106015
    logging list Threats message 106021
    logging list Threats message 401004
    logging buffered errors
    logging trap Threats
    logging asdm debugging
    logging device-id hostname
    logging host Internal 10.0.1.11 format emblem
    logging ftp-bufferwrap
    logging ftp-server 10.0.1.11 / asa *****
    logging permit-hostdown
    mtu Internal 1500
    mtu External 1500
    ip verify reverse-path interface Internal
    ip verify reverse-path interface External
    icmp unreachable rate-limit 1 burst-size 1
    icmp deny any echo External
    asdm image disk0:/asdm-711.bin
    no asdm history enable
    arp timeout 14400
    no arp permit-nonconnected
    object network obj_any
    nat (Internal,External) dynamic interface
    object network LAN-10-0-1-x
    nat (Internal,External) dynamic interface
    object network HYPER-V-DUAL-IP
    nat (Internal,External) static interface service tcp 3389 3389
    access-group 100 in interface External
    timeout xlate 3:00:00
    timeout pat-xlate 0:00:30
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    timeout floating-conn 0:00:00
    dynamic-access-policy-record DfltAccessPolicy
    aaa-server radius protocol radius
    aaa-server radius (Internal) host 10.0.1.11
    key *****
    radius-common-pw *****
    user-identity default-domain LOCAL
    aaa authentication ssh console radius LOCAL
    http server enable
    http LAN-10-0-1-x 255.255.255.0 Internal
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec ikev2 ipsec-proposal DES
    protocol esp encryption des
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal 3DES
    protocol esp encryption 3des
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES
    protocol esp encryption aes
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES192
    protocol esp encryption aes-192
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES256
    protocol esp encryption aes-256
    protocol esp integrity sha-1 md5
    crypto ipsec security-association pmtu-aging infinite
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
    crypto map External_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
    crypto map External_map interface External
    crypto ca trustpoint srv01_trustpoint
    enrollment terminal
    crl configure
    crypto ca trustpoint asa_cert_trustpoint
    keypair asa_cert_trustpoint
    crl configure
    crypto ca trustpoint LOCAL-CA-SERVER
    keypair LOCAL-CA-SERVER
    crl configure
    crypto ca trustpool policy
    crypto ca server
    cdp-url http://.../+CSCOCA+/asa_ca.crl:44435
    issuer-name CN=...
    database path disk0:/LOCAL_CA_SERVER/
    smtp from-address ...
    publish-crl External 44436
    crypto ca certificate chain srv01_trustpoint
    certificate <output omitted>
      quit
    crypto ca certificate chain asa_cert_trustpoint
    certificate <output omitted>
      quit
    crypto ca certificate chain LOCAL-CA-SERVER
    certificate <output omitted>
      quit
    crypto ikev2 policy 1
    encryption aes-256
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 policy 10
    encryption aes-192
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 policy 20
    encryption aes
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 policy 30
    encryption 3des
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 policy 40
    encryption des
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 enable External client-services port 44455
    crypto ikev2 remote-access trustpoint asa_cert_trustpoint
    telnet timeout 5
    ssh LAN-10-0-1-x 255.255.255.0 Internal
    ssh xxx.xxx.xxx.xxx 255.255.255.255 External
    ssh xxx.xxx.xxx.xxx 255.255.255.255 External
    ssh timeout 5
    ssh version 2
    console timeout 0
    no vpn-addr-assign aaa
    no ipv6-vpn-addr-assign aaa
    no ipv6-vpn-addr-assign local
    dhcpd dns 75.153.176.9 75.153.176.1
    dhcpd domain ingo.local
    dhcpd option 3 ip 10.0.1.254
    dhcpd address 10.0.1.50-10.0.1.81 Internal
    dhcpd enable Internal
    threat-detection basic-threat
    threat-detection scanning-threat shun except ip-address LAN-10-0-1-x 255.255.255.0
    threat-detection statistics access-list
    threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
    dynamic-filter use-database
    dynamic-filter enable interface Internal
    dynamic-filter enable interface External
    dynamic-filter drop blacklist interface Internal
    dynamic-filter drop blacklist interface External
    ntp server 128.233.3.101 source External
    ntp server 128.233.3.100 source External prefer
    ntp server 204.152.184.72 source External
    ntp server 192.6.38.127 source External
    ssl encryption aes256-sha1 aes128-sha1 3des-sha1
    ssl trust-point asa_cert_trustpoint External
    webvpn
    port 44433
    enable External
    dtls port 44433
    anyconnect image disk0:/anyconnect-win-3.1.02026-k9.pkg 1
    anyconnect profiles profile1 disk0:/profile1.xml
    anyconnect enable
    smart-tunnel list SmartTunnelList1 mstsc mstsc.exe platform windows
    smart-tunnel list SmartTunnelList1 putty putty.exe platform windows
    group-policy DfltGrpPolicy attributes
    vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless
    webvpn
      anyconnect profiles value profile1 type user
    username write.ingo password ... encrypted
    username ingo password ... encrypted privilege 15
    username tom.tucker password ... encrypted
    class-map TCP
    match port tcp range 1 65535
    class-map type regex match-any BlockFacebook
    match regex BlockFacebook
    class-map type inspect http match-all BlockDomains
    match request header host regex class BlockFacebook
    class-map inspection_default
    match default-inspection-traffic
    policy-map type inspect dns preset_dns_map
    parameters
      message-length maximum client auto
      message-length maximum 1500
      id-randomization
    policy-map TCP
    class TCP
      set connection conn-max 1000 embryonic-conn-max 1000 per-client-max 250 per-client-embryonic-max 250
      set connection timeout dcd
      set connection advanced-options Normalizer
      set connection decrement-ttl
    policy-map type inspect http HTTP
    parameters
      protocol-violation action drop-connection log
    class BlockDomains
    policy-map global_policy
    class inspection_default
      inspect ftp
      inspect h323 h225
      inspect h323 ras
      inspect rsh
      inspect rtsp
      inspect esmtp
      inspect sqlnet
      inspect skinny 
      inspect sunrpc
      inspect xdmcp
      inspect sip 
      inspect netbios
      inspect tftp
      inspect ip-options
      inspect dns preset_dns_map dynamic-filter-snoop
      inspect http HTTP
    service-policy global_policy global
    service-policy TCP interface External
    smtp-server 199.185.220.249
    privilege cmd level 3 mode exec command perfmon
    privilege cmd level 3 mode exec command ping
    privilege cmd level 3 mode exec command who
    privilege cmd level 3 mode exec command logging
    privilege cmd level 3 mode exec command failover
    privilege cmd level 3 mode exec command vpn-sessiondb
    privilege cmd level 3 mode exec command packet-tracer
    privilege show level 5 mode exec command import
    privilege show level 5 mode exec command running-config
    privilege show level 3 mode exec command reload
    privilege show level 3 mode exec command mode
    privilege show level 3 mode exec command firewall
    privilege show level 3 mode exec command asp
    privilege show level 3 mode exec command cpu
    privilege show level 3 mode exec command interface
    privilege show level 3 mode exec command clock
    privilege show level 3 mode exec command dns-hosts
    privilege show level 3 mode exec command access-list
    privilege show level 3 mode exec command logging
    privilege show level 3 mode exec command vlan
    privilege show level 3 mode exec command ip
    privilege show level 3 mode exec command failover
    privilege show level 3 mode exec command asdm
    privilege show level 3 mode exec command arp
    privilege show level 3 mode exec command ipv6
    privilege show level 3 mode exec command route
    privilege show level 3 mode exec command ospf
    privilege show level 3 mode exec command aaa-server
    privilege show level 3 mode exec command aaa
    privilege show level 3 mode exec command eigrp
    privilege show level 3 mode exec command crypto
    privilege show level 3 mode exec command ssh
    privilege show level 3 mode exec command vpn-sessiondb
    privilege show level 3 mode exec command vpnclient
    privilege show level 3 mode exec command vpn
    privilege show level 3 mode exec command dhcpd
    privilege show level 3 mode exec command blocks
    privilege show level 3 mode exec command wccp
    privilege show level 3 mode exec command dynamic-filter
    privilege show level 3 mode exec command webvpn
    privilege show level 3 mode exec command service-policy
    privilege show level 3 mode exec command module
    privilege show level 3 mode exec command uauth
    privilege show level 3 mode exec command compression
    privilege show level 3 mode configure command interface
    privilege show level 3 mode configure command clock
    privilege show level 3 mode configure command access-list
    privilege show level 3 mode configure command logging
    privilege show level 3 mode configure command ip
    privilege show level 3 mode configure command failover
    privilege show level 5 mode configure command asdm
    privilege show level 3 mode configure command arp
    privilege show level 3 mode configure command route
    privilege show level 3 mode configure command aaa-server
    privilege show level 3 mode configure command aaa
    privilege show level 3 mode configure command crypto
    privilege show level 3 mode configure command ssh
    privilege show level 3 mode configure command dhcpd
    privilege show level 5 mode configure command privilege
    privilege clear level 3 mode exec command dns-hosts
    privilege clear level 3 mode exec command logging
    privilege clear level 3 mode exec command arp
    privilege clear level 3 mode exec command aaa-server
    privilege clear level 3 mode exec command crypto
    privilege clear level 3 mode exec command dynamic-filter
    privilege cmd level 3 mode configure command failover
    privilege clear level 3 mode configure command logging
    privilege clear level 3 mode configure command arp
    privilege clear level 3 mode configure command crypto
    privilege clear level 3 mode configure command aaa-server
    prompt hostname context
    no call-home reporting anonymous
    call-home
    profile CiscoTAC-1
      no active
      destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
      destination address email [email protected]
      destination transport-method http
      subscribe-to-alert-group diagnostic
      subscribe-to-alert-group environment
      subscribe-to-alert-group inventory periodic monthly
      subscribe-to-alert-group configuration periodic monthly
      subscribe-to-alert-group telemetry periodic daily
    Cryptochecksum:41a021a28f73c647a2f550ba932bed1a
    : end
    Many thanks,
    Ingo

    Hi Jose,
    here is what I got now:
    ASA(config)# sh run | begin tunnel-group
    tunnel-group DefaultWEBVPNGroup general-attributes
    address-pool VPNPool
    authorization-required
    and DAP debugging still the same:
    ASA(config)# DAP_TRACE: DAP_open: CDC45080
    DAP_TRACE: Username: tom.tucker, aaa.cisco.grouppolicy = DfltGrpPolicy
    DAP_TRACE: Username: tom.tucker, aaa.cisco.username = tom.tucker
    DAP_TRACE: Username: tom.tucker, aaa.cisco.username1 = tom.tucker
    DAP_TRACE: Username: tom.tucker, aaa.cisco.username2 =
    DAP_TRACE: Username: tom.tucker, aaa.cisco.tunnelgroup = DefaultWEBVPNGroup
    DAP_TRACE: Username: tom.tucker, DAP_add_SCEP: scep required = [FALSE]
    DAP_TRACE: Username: tom.tucker, DAP_add_AC:
    endpoint.anyconnect.clientversion="3.1.02026";
    endpoint.anyconnect.platform="win";
    DAP_TRACE: Username: tom.tucker, dap_aggregate_attr: rec_count = 1
    DAP_TRACE: Username: tom.tucker, Selected DAPs: DfltAccessPolicy
    DAP_TRACE: Username: tom.tucker, DAP_close: CDC45080
    Unfortunately, it still doesn't work. Hmmm.. maybe a wipe of the config and starting from scratch can help?
    Thanks,
    Ingo

Maybe you are looking for

  • HP Envy 100 won't stay connected. Go back to usb cable how? (Mac OS 10.5.8)

    I'm on a Mac (OS 10.5.8).  I just changed from USB cable to wireless two days ago.  Everything was printing fine from my Envy 100 D410e.  Today, it won't print anything -- says it's not connected, but my Network Diagnostics says everything is fine.  

  • All share options missing

    I have updated almost everything I can think of in imovie. Why can I not export the movie  I easily imported into itune?

  • Re-deploying replica aware EJBs

              How does one update an app server with a new EJB when the app server           is running in a cluster? Doing a re-deploy on the EJB in a single instance           can even be a problem. First, you can have beans that are cached and        

  • Sender receiver assignment - jump command not available

    Hi Experts, i want to create a sender receiver assignement between two queries. For several month i already tested the sender receiver assignemnt and it works, so i deleted the dummy. Now i tried to create a new assignment, but after i execute the se

  • Mountain lion update slowed down my macbook pro

    hey guys, I just updated to mountain lion however, after the installation, my macbook pro has been noticably slow. slow booting, slow when operating installed programs, chrome/safari got slowed down as well. Also it freezes for couple of seconds and