Wmp54g and 1252 unable to negotiate machine auth

Similar Messages

• I have just purchased a new windows pc running windows 8 and am unable to install itunes 11 on my machine, when i tick download now it takes me to a screen that wants to show me whats new but has no tab to run installation or continue past whats new

  I have just purchased a new windows pc running windows 8 and am unable to install itunes 11 on my machine, when i tick download now it takes me to a screen that wants to show me whats new but has no tab to run installation or continue past whats new

  Use a different browser.
  iTunes can only be installed and run in desktop mode.

• I just replaced my hard drive and restored everything from Time machine. However, I am unable to open iphoto and the following message appears Your photo library was not found. Do you want to find your iPhoto Library?

  I just replaced my hard drive and restored everything from Time machine. However, I am unable to open iphoto and the following message appears Your photo library was not found. Do you want to find your iPhoto Library?
  Where do I find this library?
  thanks
  Shak

  Twas quite a hassle if I am honest which was eventually resolved but I don't feel qualified to help anyone through the process as it required a trip to my local apple store and a genius bar appointment.
  Personally, I would do anything like moving pictures out of folders etc. Certainly not creating a new users. i don't think that is an elegant solution
  Try the following which MAY just about rescue the situation for you but if they don't work you may have to do something more drastic.
  (1) Holding down Cmd & Alt at the same time, start iPhoto by clicking on the iPhoto icon. From the resulting menu choose Rebuild photo library by selecting all available options given to you and then pressing REBUILD!
  If that doesn't work
  (2) Fire up Utilities. Go to migration assistant. Chose 'From another Time machine back-up'. Open the 'Users' option that comes up next and from there select Pictures, then uncheck everything else like Applications etc (you don't want to do a full migration of everything) and click go.
  If that doesn't work, take a deep breath and this step is rather complicated but it worked for me. First of all close iPhoto! Then go to new Finder window.
  From the Finder window choose Pictures, then iPhoto library, press CMD and the letter i. It brings up a new window. Go to Sharing & permissions. From there select the padlock to unlock settings. and then select User account, then press the 'cog' icon next to +/- abd choose Apply to enclosed items.
  This may take a while. Once completed, re-open iPhoto.
  And that should (I stress should) cure it.
  Good luck.

• Wired Dot1x and forcing machine auth on windows

  I've got wired dot1x authentication working ok. the ACS server backs off to a windows domain so machine level authentication works fine. However I can't see a way of forcing windows to only ever do machine authentication. Has anyone else looked at this? I could enable the option on the ACS server to require a previous machine auth before it accepts a user auth but it can only cache this for a limited amount of time. The only way to get a machine auth is for there not to be a user logged on at the time. If we accept user auth then any user can bring their own machine onto the network but we this is what we want to stop and only allow bank standard (i.e. domain members) machines on the network.
  cheers
  Mike

  Right, you need AuthMode = 2.
  If onlky allowing domain memebers onto the network is the primary goal, then you may also want to consider:
  * The Machine Access Restriction feature on ACS (what you referred to before as a cache, but does help for mitigation of this threat).
  * Denying dial-in permisssions on user accounts (but this may break other things you may be using for remote access).
  Example: If someone brought in there PC from home with virtually any supplicant on it, they're on the network as long as their NT credentials check out (whether machine-auth fails or not, b/c remember they can configure their own supplicant).

• When I start the program I instantly see this message:  "Adobe Bridge encountered a problem and is unable to read the cache, please try purging the central cache in cache preferences to correct the situation".  I have tried this and it only results in a s

  When I start the program I instantly see this message:  "Adobe Bridge encountered a problem and is unable to read the cache, please try purging the central cache in cache preferences to correct the situation".  I have tried this and it only results in a stalled/locked program.  I have tried restarting my machine multiple times and tried reconfiguring how the cache is managed.  Do you have anyone who could walk me through each step to correct this problem which just started two days ago.  I have owned this program for at least a year now...

  BOILERPLATE TEXT:
  Note that this is boilerplate text.
  If you give complete and detailed information about your setup and the issue at hand,
  such as your platform (Mac or Win),
  exact versions of your OS, of Photoshop (not just "CS6", but something like CS6v.13.0.6) and of Bridge,
  your settings in Photoshop > Preference > Performance
  the type of file you were working on,
  machine specs, such as total installed RAM, scratch file HDs, total available HD space, video card specs, including total VRAM installed,
  what troubleshooting steps you have taken so far,
  what error message(s) you receive,
  if having issues opening raw files also the exact camera make and model that generated them,
  if you're having printing issues, indicate the exact make and model of your printer, paper size, image dimensions in pixels (so many pixels wide by so many pixels high). if going through a RIP, specify that too.
  etc.,
  someone may be able to help you (not necessarily this poster, who is not a Windows user).
  a screen shot of your settings or of the image could be very helpful too.
  Please read this FAQ for advice on how to ask your questions correctly for quicker and better answers:
  http://forums.adobe.com/thread/419981?tstart=0
  Thanks!

• My bridge is not working normally and keep given me this message : bridge encountered a problem and is unable to read the cache . Please try purging the central cache in cache preferences to correct the situation

  My bridge is not working normally and keep given me this message : bridge encountered a problem and is unable to read the cache . Please try purging the central cache in cache preferences to correct the situation

  And did you then actually purge the cache?
  Please realize that you have given ZERO details.
  BOILERPLATE TEXT:
  Note that this is boilerplate text.
  If you give complete and detailed information about your setup and the issue at hand,
  such as your platform (Mac or Win),
  exact versions of your OS, of Photoshop (not just "CS6", but something like CS6v.13.0.6) and of Bridge,
  your settings in Photoshop > Preference > Performance
  the type of file you were working on,
  machine specs, such as total installed RAM, scratch file HDs, total available HD space, video card specs, including total VRAM installed,
  what troubleshooting steps you have taken so far,
  what error message(s) you receive,
  if having issues opening raw files also the exact camera make and model that generated them,
  if you're having printing issues, indicate the exact make and model of your printer, paper size, image dimensions in pixels (so many pixels wide by so many pixels high). if going through a RIP, specify that too.
  etc.,
  someone may be able to help you (not necessarily this poster, who is not a Windows user).
  a screen shot of your settings or of the image could be very helpful too.
  Please read this FAQ for advice on how to ask your questions correctly for quicker and better answers:
  http://forums.adobe.com/thread/419981?tstart=0
  Thanks!

• WMP54GS and WRT54GS = dropped connections

  I have had the WMP54GS and WRT54GS setup for around 2 years now. I have version 2 of the router, and everything has been fine up until a couple weeks ago. Lately I have been getting randomly dropped from the router. I already have the latest firmware for the router, and have tried changing the channel, and the operating mode to G only, but nothing helps. Sometimes drops occur ever few minutes, sometimes they are so constant that I cant even connect at all. I will refresh my network list and the network will not show up for a few seconds, and then it will, so I will try and connect and it will say Unable to connect.
  Sometimes when I refresh the network list and it will show my network like 4 times... like this
  SSID
  SSID 1
  SSID 2
  SSID 3
  I have SSID broadcast off if that makes any difference...
  I have no idea what is going on, is this a problem with the router or the network card? What should I do? thanksMessage Edited by jls1986 on 05-03-200709:38 AM

  First of all, give your network a new unique SSID. Do not use "linksys". If you are using "linksys" you may be trying to connect to your neighbor's router.  Also, do not use your old SSID.   Also set "SSID Broadcast" to "enabled". This will help your computer find and lock on to your router's signal.
  After you have completed the above stuff, then go into your computer, to your "Preferred Networks"  (sometimes called "Profiles" ) and delete all networks named "linksys", also delete all entries with your old SSID.  While you are there, delete any network that you don't recognize, or that you no longer use.  Add your new network with your new SSID, encryption method (if any), and key (if any).  Reboot your modem, router, and computer.  Then try to connect to your new network.  Once you have connected, return to "Preferred networks" and set your computer to connect to your new SSID automatically.  If you have an option that says, "Connect to any available network", turn it off.
  If you are running any peer-to-peer (P2P) software (BitTorrent, Ares, etc.), this is known to cause disconnection problems.  Go into the P2P software and reduce the number of connections that the software can make.
  Poor wireless connections are often caused by radio interference from other 2.4 GHz devices. This includes wireless phones, wireless baby monitors, Bluetooth (including Bluetooth game controllers), microwave ovens, wireless mice and keyboards, and your neighbor's wireless network. Even some 5+ GHz phones also use the 2.4 Ghz band. Unplug these devices, and see if that corrects your problem.
  In your router, try a different channel. There are 11 channels in the 2.4 GHz band. Usually channel 1, 6, or 11 works best. Check out your neighbors, and see what channel they are using. Because the channels overlap one another, try to stay at least +5 or -5 channels from your strongest neighbors. For example, if you have a strong neighbor on channel 9, try any channel 1 through 4.
  Hope this helps.
  Message Edited by toomanydonuts on 05-04-200705:02 AM
  Message Edited by toomanydonuts on 05-04-200705:05 AM

• Windows 7 Supplicant Configuration - ISE PEAP w Machine Auth

  Can anyone tell me the settings for the Windows 7 supplicant that works with ISE and PEAP using machine authentication?  I have an authorization profile that permits the user login only after machine 'WasAuthenticated'.  I have only found this to work by setting the Windows 7 supplicant up to use Single-Sign-On before Windows logon and to specify 'User or Machine' authentication.  Then I'm only successful if I have both wired and wireless connected/on and I perform a logoff/reboot.  Surely this isn't right.  What if a user logs on without any connection with cached credentials and then wants to use wireless?  Can't they just perform both machine and user auth over the wireless connection regardless of prior machine/auth states?  I used the videos from LABMINUTES to configure the policies, but I don't need the ACLs for the WLAN controller because these are autonomous APs.
  Regards,
  Scott

  Microsoft will send both and only cares if one passes. This is the same with radius. ACS and ISE allows you to check to see if the user was authenticated which happens initially on boot. After the initial machine auth, the windows machine will only send user creds. The was machine auth is a workaround to be able to do both. The issue is that when the timeout of the machine creds happen, the devices has to be rebooted. In Cisco Live 2012, they even suggested you don't do this due to not knowing when the cached credentials ACS or ISE will keep this info.
  Sent from Cisco Technical Support iPhone App

• 802.1x machine auth w/ certificate authority

  Two quick questions ...
  I am building a lab for 802.1x, I want to use peap w/ mschap v2 and I want to do machine authentication only.  I have AD and CA services running on a test windows 2003 server. I have ACS setup, my AD is connected, my switch is configured and now I am stuck on the CA portion and I am not sure if I am doing it right, I can't seem to find documentation that outlines this piece specific to the scenerio I described above, perhaps someone can give me a hand. 
  I browse to the CA, request a certificate >  advanced certificate request > create and submit request to this CA >
  From this point I am suppose to select a certificate template.  The docs I have found say to use a "webserver" template and select the option to "export keys to file".  When I attempt this the export key option is greyed out.  I google and some people say only Enterprise edition supports this, I am running Enterprise R2 so I don't see the problem.  All of the other templates available allow me to export except for webserver.
  1) my question is for the lab scenerio I detailed above what type of certifcate template should I be using? if your answer is a "webserver" template can you perahps tell me why I cannot export to a file?
  2) Do my client machines require a certificate to be installed prior to connecting to the 802.1x switch? from what I read using peap mschap v2 coupled with machine authentication you do not require a certificate on each machine.  During initial 802.1x authentication the certificate will be pushed from the ACS over to the client.  I believe the one caveat is that the client machine will require to be modified to list the new CA or ACS server as a trusted root authority.  I need some clarity on this subject, I will not have the option to install a certicate on each machine prior to 802.1x auth.  Please confirm
  Any help is appreciated, thanks!
  If there are any links that someone can provide that have details on this setup please share

  I am going through this process currently also, and I can tell you what I have gathered so far.
  These notes are applicable to Machine, or Machine & User authentication, Wired and/or Wireless 802.1x.
  The certificate must be present on each client machine in order to connect.    The thing that I am finding annoying is that when we used the Microsoft IAS Radius, the certificate enrollment was seamless.   The domain clients just seemed to "automatically" have the certificate installed on their machines (pushed down by the Domain), that matches the certificate presented by the IAS Radius server during the authentication process (Of course, because it's all within the same domain).  Easy as pie, windows magic...
  But suppose we want to use Cisco ACS or our own radius server ?   Well the first thing I tried was to use a Certificate signed by our internal Linux CA.  The Windows domain administrator was not able to set up the Linux CA as a "trusted intermediate", which I don't fully understand.   Instead he asked me to purchase a certificate from a Trusted CA such as Verisign or DigiCert.  By the way I found a list of Microsoft trusted Intermediates here:
  http://social.technet.microsoft.com/wiki/contents/articles/2592.aspx
  The Windows Domain Administrator will do 3 things :
  1) Configure Certificate Auto-Enrollment Policy for the Certificate we purchase
  2) Configure the Wired & Wireless Autoconfig service settings Group Policy Objects
  3) Set the Wired Autoconfig service to start.
  I will have to
  1) Generate the CSR & Import the puchased signed certificate into the ACS(s).
  Now, that said, there must be an easier way to do this!  If anyone has notes on whether or not the following is possible, it would be appreciated & interesting:
  1) Can the Windows Domain sign my CSR ?  If so - how
  2) Can the Windows Domain be configured to trust our Linux CA ? If so - how
  Good luck to you dot1xers

• I have premiere elements 4.0  and have installed it on 2 PC's, which I have upgraded and am unable to install it onto my new PC.

  Please help, I bought Premiere Elements 4.0 about 7 years ago and have upgraded my PC for a 3rd time and am unable to install it onto my new machine. Please can someone tell me how I can get it installed without having to buy a new version.

  sir don
  Several considerations.
  Adobe allows you to use the same purchased activated serial number on no more than 2 of your computers. If you want to install that same purchased activated serial
  number on a 3rd computer, then you are going to have to remove Premiere Elements 4 from one of those other computers. There is no Deactivation option within the opened 4 program, so I suspect the regular uninstall the Control Panel way will do the job. (There may be a deactivation message in the uninstall dialogs when you are uninstalling the program.)
  What computer operating system does your new computer use? I have found Premiere Elements 4 to work on Windows 7 64 bit and Windows 8.1 64 bit. But, I have not been
  using it a lot lately except for troubleshooting for others here.
  Please let me know if I have targeted your question. If not, please point out what I have not and give more details of what you seek.
  Thank you.
  ATR

• Is the file "MSIT Machine Auth CA 2(1).crl" detecting as a trojan/malware on FEP 2010 ?

  Hi Team,
  In our organization, recently alarmed with a Malware named
  Exploit:JS/Fiexp.C .When Security team started investigating they found that user has accessed the link:
  hxxp://mscrl.microsoft.com/pki/mscorp/crl/MSIT%20Machine%20Auth%20CA%202(1).crl.
  The URL matches the html page that was quarantined. This particular link downloads a file named
    “MSIT Machine Auth CA 2(1).crl”.Also noticed, the communication on and around time was towards Microsoft.
  Security team wanted to know whether FEP signature File has matches some parameter in the file (“MSIT Machine Auth CA 2(1).crl”)
  which triggered this FEP alert.
  Please provide your inputs on this.
  Sudam Bisi
  Cognizant Tech.

  Hi,
  It seems that the file I downloaded from the link has no problem.
  Please upload the file you downloaded and provide the detail for this malware when FEP detected it(such as logs and how the FEP described the malware. I suspect that something might be added into the file when downloading.
  Best Regards,
  Joyce
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Dot1x machine auth before user auth required

  We are looking at setting up dot1x in our libraries however I have been asked to see if there is a way to force a switch port to require machine auth before user auth.  The reason for this is a problem we have that users will disconnect the ethernet cable from the library computer and plug it into theirs.  If they have an AD account, they could in theory authenticate on this port. We want to discourage them from disconnecting these ports as we then don't know the computer has been unplugged and then it is no longer on the network and doesn't get updates/ghosted.
  Also, would it maybe be better to just allow a specific group of user accounts to connect to these jacks, and if so what would be the best way?  Location settings on the port?
  We are using ISE 1.2 to do authentication for these switches.

  Hi Zach-
  There are several different ways to prevent non-domain computers from gaining access to the network. I will try to list a few of them starting with the easiest and least expensive/labor intensive methods:
  1. Do only Machine-based authentication. This eliminates the user from having to enter credentials and ISE will simply query AD for valid computer domain membership.
  2. Use EAP-Chaining. This is the only method that truly gives you user+machine authenticaiton. However, it does require that you push the Cisco Any-Connect client to all endpoints
  3. Deploy PKI and use EAP-TLS authentication with Digital Certificates. With this method only domain computers/users can get a certificate and ISE can still query AD for user or machine AD membership
  4. Perform Posture and check for something that is domain specific. For instance, a fake registry key or file that is being created when a machine joins to the domain. With this method ISE can still ask for User authentication but also require posture check. You can then set the policy that if posture fails but user auth succeeds then the user will only get guest access.
  I hope this helps.
  Thank you for rating!

• Unable to resolve machine names - Anyconnect

  We have an ASA5505 configured for client and clientless VPN access. When using the AnyConnect VPN client, we are unable to resolve machine names without having to fully qualify the domain. For example, instead of specifying exchange we must specify exchange.domain.com. We can connect/ping using IPs. When using the Cisco VPN Client, we are able to resolve names just fine using only the machine name. Both connections show the same correct WINS and DNS servers. I'm not sure where to start looking to resolve this. Any ideas? Thanks!
  Versions:
  ASA 8.0(4)
  ASDM 6.1(5)51
  AnyConnect 2.3.0185

  have you configured the default-domain value <>
  HTH>

• Where are my photos?  just tried to access time capsule after my first back up and am unable to open iphoto to verify they were backed up.

  where are my photos?  just tried to access time capsule after my first back up and am unable to open iphoto to verify they were backed up.

  You can't open your backups directly with apps.
  But you can see some types of files in your backups.  If you're still on Snow Leopard (or Lion with iPhoto '09 or earlier), see the gray box at the end of Time Machine - Frequently Asked Question #15.
  If you're on Lion with iPhoto '11, you can use the Finder to see the iPhoto library, per the beginning of that same link.  All you can see there is the library and size.

• Cisco ACS 5.1 Machine Auth Problem

  Hi All,
  I have a query regarding ACS 5.1 using EAP-PEAP (machine auth plus user name and password). I have successfully setup AD authentication using Machine auth and user credentials and this works ok for corporate wireless devices and users.
  My ACS rules are machine auth against AD computers which gives a positive/pass, then a rule against user but ensuring the device is a valid domain device with "was machine authenticated = TRUE".
  The problem is when using a Windows 7 device (laptop) and logging in using the local admin account I successfully connect to the network but the local Admin account is not in AD. By default the W7 wireless adapter under security>advanced settings> specify authentication mode is computer authentication only.The W7 client doesn't send over any user credentials?
  Has anyone come across this problem before? Do I need to tweek the W7 clients via GP or is there a way of stopping just machine authentication with out a valid user name and password?
  Realy appreciate any responses and thank you in advance. 
  Jason

  check out
  http://technet.microsoft.com/en-us/library/dd759219.aspx