XGrid: Authentication failure, Kerberos, Sandbox and parallel code with MPI

Similar Messages

• New MBA and Parallels 6 with Windows 7

  Hi everyone. Can anyone tell me if they've tried the new MacBook Air with Parallels 6 and Windows 7? Any problems?
  I'm seriously consideirng buying a new 13" MBA for work (which requires Windows) but want to make sure they "play nice" before I make the plunge. Any feedback would be greatly appreciated!
  Thanks,
  Keith

  Hey all!
  I just thought I'd chime in! I have loaded Parallels 6 to run Windows 7 on my MacBook Pro. I had 4 GB of RAM on my MBP and found I would get some pretty slow performance when running Parallels. It all depended what I was doing. I used Office 2007 alot and Visual Studio.
  I upgraded to 8 GB of RAM and it was the best Mac decision I've made since buying my MBP. I bought it from an eBay store for $120 and installed it myself... unbelievable difference!
  I would like to ask, why are you choosing the MB Air? I have never really played with one but it seems very limiting - not upgradeable, basically no ports, no CD ROM.
  For the same money, you can get a MUCH more powerful MBP. The MBP is pretty thin and light-weight anyway. I'm just curious what the niche for MBAs is.
  Good luck with your Mac purchases... any Mac is a good Mac!

• Wism2 SNMP Authentication Failure

  I cannot seem to communicate with my new Wism2 via SNMP.
  The configuration is the same as on my Wism 1, same version of code, same SNMP settings and strings and subnets.
  Slot  Controller  Service IP       Management IP    SW Version    Controller Type    Status
  ----+-----------+----------------+----------------+------------+------------------+---------------
  1     1           192.168.10.2     10.XX.XX.10      7.0.116.0    WS-SVC-WISM-1-K9   Oper-Up
  1     2           192.168.10.3     10.XX.XX.15      7.0.116.0    WS-SVC-WISM-1-K9   Oper-Up
  3     1           192.168.10.4     10.XX.XX.20      7.0.116.0    WS-SVC-WISM-2-K9   Oper-Up
  SNMPWalk of the Wism1 controllers is fine.  SNMPWalk of the Wism2 just gets me a timeout.
  The snmplog does occasionally register an Authentication failure
  Trying V1 and V2c with the same results.
  Any advice?

  on thew new WiSM2 did you issue the command config network-mgmt-via-dyamic interface enable?
  by default the WLC has issues with responding to requests from the wire, for a subnet that it is configured to use.  The above is the workaround to this situation.
  Per the best practices guide, "It is important to avoid configuring a dynamic  interface in the same sub network as a server that has to be reachable  by the controller CPU, for example a RADIUS server, as it might cause  asymmetric routing issues."
  HTH,
  Steve

• Flash javascript and Activecontent code

  I've got an animated chatbot that uses a variety of swfs and
  phps and a big external JavaScript to work. It works fine with the
  old style embed and object code, with the same variety of swfs and
  phps and external JS.
  But when I try to use the
  <script src="AC_ActiveX.js"
  type="text/javascript"></script>
  <script src="AC_RunActiveContent.js"
  type="text/javascript"></script>
  and I code the main Flash piece like this:
  <script type="text/javascript">
  AC_FL_RunContent( 'codebase','
  http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0',
  'width','540','height','360','swliveconnect','true','src','whinbarnexp','quality','high',' pluginspage',
  http://www.macromedia.com/go/getflashplayer','movie1','whinbarnexp'
  </script>
  The above broken into lines to make more readable here.
  but when I run it it doesn't work right, and the error
  console advises:
  "movie1 has no properties."
  and points to the first line of the big function in the
  JavaScript "brain" of the chatbot:
  shesaid=movie1.GetVariable("coder")
  What am I doing wrong? It's got to be within this code since
  the same "brain" file works fine with old style object/embed
  coding.

  Sorry Dan,
  This has got nothing to do with the question I asked.
  I know about the Microsoft "patch" and have already allowed
  for it.
  @ndyB
  "-->dan mode" <[email protected]> wrote in
  message
  news:e3ag7h$oob$[email protected]..
  > Read this:
  >
  http://www.smithmediafusion.com/blog/?p=114
  >
  > Then, here is a simple way.
  > You need to do three things and I will give examples as
  follows.
  >
  > 1. all of the <object> tag must be taken out and
  put into a .js file and
  > placed within a function where you document.write the
  <object tag>
  > 2. you must include that .js file in the header of the
  html where the swf
  > resided
  > 3. call the js function from step 1
  >
  >
  > --Here is a sample of Step 1, save this file as
  commFile.js:
  >
  > function commM()
  > {
  > document.write('<object
  > classid="clsid
  27CDB6E-AE6D-11cf-96B8-444553540000"
  > codebase="
  http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0"
  > width="410" height="345">\n');
  > document.write('<param name="movie"
  value="/mySWF.swf">\n');
  > document.write('<param name="quality"
  value="high">\n');
  > document.write('<embed src="/mySWF.swf"
  quality="high" +'"
  > pluginspage="
  http://www.macromedia.com/go/getflashplayer"
  > type="application/x-shockwave-flash" width="410"
  > height="345"></embed>\n');
  > document.write('</object>\n');
  > }
  >
  > --Here is a sample for Step 2, put this in the head of
  your html page:
  >
  > <script src="commFile.js"
  type="text/javascript"></script>
  >
  > --Here is a sample for Step 3, place this code on the
  spot of the page
  > where
  > you want your flash to show up:
  >
  > <script
  type="text/javascript">commM();</script>
  >
  >
  > That should be all you need.
  >
  > --
  >
  > Dan Mode
  > *Must Read*
  http://www.smithmediafusion.com/blog
  > *Flash Helps*
  http://www.smithmediafusion.com/blog/?cat=11
  >
  >
  >

• Difference between parallel sequence and parallel operation in a routing.

  Hi Experts,
  Can any one explain me with example the difference between parallel sequence and parallel operation in a routing? wHEN CAN WE USE PARALLEL OPEARTION AND PARALLEL SEQUNCE WITH COMPONENT ALLOCATION.
  Regards
  Deepak sharma

  I think u need to modify ur quest... i think u r asking about Parallel sequence and alternate seq. Below are the details from SAP site.
  A parallel sequence enables you to process several operations at the same time.
  You use an alternative sequence for example, if
  --The production flow is different for certain lot-size ranges
  For instance you can machine a work piece on conventional machine or on NC machines. A NC machine has a longer set-up time than a conventional machine. However the machining costs are considerably less. Therefore whether you use NC machines will depend on the lot size.
  ---The production flow changes under certain business conditions.
  For instance, if you have a capacity problem, you have some production steps performed externally by a vendor.

• WAP321 Authentication failure log codes

  Devices that have previoulsy connected to the WAP are still able to connect but any new device to the environment is not.  If I delete the network from an existing device that device is no longer able to authenticate and connect to the WAP.  Log entries below show the following errors for a single MAC.  This happened once before and to solve the issue I reentered the key into the SSID setup on the WAP.  All devices had to delete the existing SSID from their list of networks but then they were able to rejoin.  I don't want to ask users to do that again.  Any help on the log entries below is greatly appreciated!
  Jul 19 2013 01:42:34
  info
  hostapd[1078]
  wlan0: IEEE 802.11 STA 90:18:7c:b1:79:ea deauthed from BSSID c4:64:13:0c:e3:00 reason 1
  Jul 19 2013 01:42:34
  info
  hostapd[1078]
  Station 90:18:7c:b1:79:ea had an authentication failure, reason 16
  Jul 19 2013 01:42:32
  warn
  hostapd[1078]
  Received invalid EAPOL-Key MIC (msg 2/4)
  Jul 19 2013 01:42:32
  info
  hostapd[1078]
  Station 90:18:7c:b1:79:ea had an authentication failure, reason 22
  Jul 19 2013 01:42:31
  info
  hostapd[1078]
  Station 90:18:7c:b1:79:ea had an authentication failure, reason 22
  Jul 19 2013 01:42:30
  warn
  hostapd[1078]
  Received invalid EAPOL-Key MIC (msg 2/4)
  Jul 19 2013 01:42:30
  info
  hostapd[1078]
  Station 90:18:7c:b1:79:ea had an authentication failure, reason 22
  Jul 19 2013 01:42:30
  info
  hostapd[1078]
  wlan0: IEEE 802.11 STA 90:18:7c:b1:79:ea associated with BSSID c4:64:13:0c:e3:00
  Jul 19 2013 01:42:30
  info
  hostapd[1078]
  wlan0: IEEE 802.11 Assoc request from 90:18:7c:b1:79:ea BSSID c4:64:13:0c:e3:00 SSID KnightIns1

  Hi, My name is Eric Moyers. I am a Network Support Engineer in the Cisco Small Business Support Center. Thank you for using the Cisco Community Post Forums.
  Reason Code 16: Authentication failed due to a user credentials mismatch.
  Reason-Code 22: The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server.
  I am not sure what is causing this. However I would ask that you do two things. While everything is working normally go to Administration/Support Information and download a diagnostic file. Label it with a date WAP321 and the word "good". Save it somewhere. When this happens again, before doing anything go back in and get another diagnostic file label it the same except with the word "bad".
  Call in and open a support case and have the engineer notify me that you have opened one and also give them a reference to this community support thread.
  I will work with your engineer to see what is happening.
  Thanks
  Eric Moyers    .:|:.:|:.
  Cisco Small Business US STAC Advanced Support Engineer
  CCNA, CCNA-Wireless
  866-606-1866
  Mon - Fri 09:00 - 18:00 (UTC - 05:00)
  *Please rate the Post so other will know when an answer has been found.

• HI, Im using Iphone 4 and i recently got my IOS updated to IOS7 and  now im getting the error message as "PDP authentication failure" Im using Aircel carrier.

  HI, Im using Iphone 4 and i recently got my IOS updated to IOS7 and  now im getting the error message as "PDP authentication failure" Im using Aircel carrier.
  Please let me know how to fix this issue

  update...
  I am not one to give up. So I called AT&T today. Now they are telling me they canceled my order because they were unable to fulfill my order. Basically, AT&T told me they sold out so they canceled my order so I can proceed to reorder again. It took them 4 days to realize this. I will be lucky if I get a new phone by Christmas. I am sure they will find a way to cancel my order again.
  Again, I argued, how is this my fault. I placed my order at the store around 11 a.m. Pacific time. My friend ordered his phone online sometime after me. He got his but my order was canceled. AT&T tried to explain to me that they sold over 600,000 phones, almost 500 per minute during there peak. Again, I asked, how this was my fault.
  I can understand over selling the phone. It is a great product. There is no reason to cancel my order. You adjust my order and tell me you will let me know when my phone will be in. I would have been mad that my phone was going to be late but I would have survived. At least I would be getting one.
  At this point, I have no order and AT&T or Apple website will allow me to order one. I just want to get in the QUEUE for one.
  Frustrated.

• How to solve the error message "Could not activate cellular data network: PDP authentication failure"when using 3g or gPRS on safari with an iphone 4 and latest software updates

  Please can someone help me to solve the error message "Could not activate cellular data network: PDP authentication failure"when using 3G or GPRS on safari with an iphone 4GS and latest software updates. I have tried resetting the network and phone settings. I have restored the factory settings on itunes and still the problem persists.

  All iPhones sold in Japan are sold carrier locked and cannot be officially unlocked by the carrier. If you unlocked it, it was by unauthorized means (hacked), and support cannot be given to you in this forum.
  Hacked iPhones are subject to countermeasures by Apple, particularly when updating the firmware. It is likely permanently re-locked or permanently disabled.
  Message was edited by: modular747

• I have problem c connecting to cellular data network. There is massage "couldn't activate cellular data network, PDP authentication failure". What is it and how I solve this problem?

  I have problem c connecting to cellular data network. There is massage "couldn't activate cellular data network, PDP authentication failure". What is it and how I solve this problem?

  If you have a data only plan for the iPad with your carrier, if no change after powering your iPad off and on you will need to contact your carrier.

• Unable to connect to FDM workbench and workspace Authentication failure 2007

  Hi
  I am not able to login to FDM workbench and workspace  through Admin user . when i tried to login i am getting Authentication Failure 2007 message.
  i had created .udl file and checked whether its connecting to SQL DB its working fine  i am getting successful  message .
  i had checked whether the user is  in tsecusers in database  tables  . i am able to see  Admin user in tsecuser in  database tables
  Hi tried  deprovisioned the Admin user  and reprovisioned the user but no luck
  but when i created new user and given permission to Application has a Administrator . its working fine with new user .
  How  can i connect with Admin user .
  Thanks

  Hi Thanos
  Thanks for you reply
  i had raised a SR  in my oracle support waiting for reply  . Its upgrade application from 11.1.1.3 to 11.1.2.2 . i am not able to connect from Admin user also .
  In SQL DB UniqueID is NULL
  after removing admin  from tsecuser user i am able to add also in tsecuser.
  Thanks

• I'm getting a PDP authentication failure message and cannot connect over 3G. Help?!

  A few days ago I suddenly started getting an error message when trying to connect to the internet over 3G.  "Could not activate cellular data network. PDP authentication failure" 
  I am in Germany, on Telekom.  Have called Telekom customer service and went to the Telekom retail store.  Neither could figure out the problem and advised I do a factory restore on the iphone via iTunes.  I did that and am still getting the error message. 
  The only weird thing that happened before the error started showing up is I had called Telekom the night before to add a U.S. data roaming package to my phone plan for an upcoming stateside trip.  They told me to text "W2S" to 7277 in order to add the U.S. data roaming plan.  I did that, and the next morning this error started popping up.  Don't know if that is related or coincidence. 
  I am traveling to the states in a few days and would really like to get this cleared up.  The only option Telekom has left for me is to mail my phone in to Apple.  :-( 

  If I may ask, what country are you from?
  To note, what you see is just not possible from a radio communication level, you're the first I've ever seen with this problem. (see photo and footnote below)
  Since you said the Carrier option is available, can you go to it, turn off automatic and see what networks show? Normally it you will see At&t and T-mobile, however, if you see Sprint,  you will need to go talk to Apple.
  But if T-mobile does show, select it and see if your phone connects.
  If not, remove the SIM card reboot the phone and try again.
  I'm sorry about not being clear about the phone number,  while connected to the Verizon network, is the phone number showing your T-mobile one or is it something different?
  For reference,
  Normally, what you will see in the status bar when on the Verizon network when not on 3G/LTE is the 1X symbol.
  GPRS is a completely different communication type from 1X and Verizon doesn't support it. If you visit a Verizon store (or T-mobile) the staff will probably be surprised and confused about what your phone is showing.

• What's the difference between "login block-for X attempts X within X" and "security authentication failure rate X"?

  What's the difference between, just for example, "login block-for 100 attempts 15 within 100" and "security authentication failure rate 3"?
  Please ignore the numbers, I need to know what the differences are in commands and what they do, what they affect.

  security authentication failure rate number_of_failed_attempts : A global configuration mode command used to specify the maximum number of failed attempts (in the range of 2 to 1024) before introducing a 15-second delay
  login block-for 100 attempts 15 within 100 : Block all access after 15 failed login attempts within 100 Secs for the period of 100Secounds (1.40 Minutes).
  The Cisco IOS Login Enhancements (Login Block) feature allows users to enhance the security of a router by configuring options to automatically block further login attempts when a possible denial-of-service (DoS) attack is detected.
  The login block and login delay options introduced by this feature can be configured for Telnet or SSH virtual connections. By enabling this feature, you can slow down "dictionary attacks" by enforcing a "quiet period" if multiple failed connection attempts are detected, thereby protecting the routing device from a type of denial-of-service attack.

• The test couldn't sign in to Outlook Web App due to an authentication failure. Extest_ account.

  Hi.
  I'm using SCOM 2012 R2 and have imported the Exchange server 2010 MP.
  I have runned the TestCasConnectivityUser.ps1 script and almost everything is okay except for the OWA test login.
  The OWA rule is working for some time until (I think) SCOM is doing a automatic password reset of the extest_ account. Then I get the OWA error below. The other test connectivity are working. Any suggestions.
  One or more of the Outlook Web App connectivity tests had warnings. Detailed information:
  Target: xxx|xxx
  Error: The test couldn't sign in to Outlook Web App due to an authentication failure.
  URL: https://xxx.com/OWA/
  Mailbox: xxxx
  User: extest_xxx
  Details:
  [22:50:08.936] : The TrustAnySSLCertificate flag was specified, so any certificate will be trusted.
  [22:50:08.936] : Sending the HTTP GET logon request without credentials for authentication type verification.
  [22:50:09.154] : The HTTP request succeeded with result code 200 (OK).
  [22:50:09.154] : The sign-in page is from ISA Server, not Outlook Web App.
  [22:50:09.154] : The server reported that it supports authentication method FBA.
  [22:50:09.154] : This virtual directory URL type is External or Unknown, so the authentication type won't be checked.
  [22:50:09.154] : Trying to sign in with method 'Fba'.
  [22:50:09.154] : Sending HTTP request for logon page 'https://xxx.com/CookieAuth.dll?Logon'.
  [22:50:09.154] : The HTTP request succeeded with result code 200 (OK).
  [22:50:09.373] : The test couldn't sign in to Outlook Web App due to an authentication failure.
  URL: https://xxx.com/OWA/
  Mailbox: xxx
  User: extest_xxx
  [22:50:09.373] : Test failed for URL 'https://xxx/OWA/'.
  Authentication Method: FBA
  Mailbox Server: xxx
  Client Access Server Name: xxx
  Scenario: Logon
  Scenario Description: Sign in to Outlook Web App and verify the response page.
  User Name: extest_xxx
  Performance Counter Name: Logon Latency
  Result: Skipped
  Site: xxx
  Latency: -00:00:00.0010000
  Secure Access: True
  ConnectionType: Plaintext
  Port: 0
  Latency (ms): -1
  Virtual Directory Name: owa (Default Web Site)
  URL: https://xxx.com/OWA/
  URL Type: External
  Error:
  The test couldn't sign in to Outlook Web App due to an authentication failure.
  URL: https://xxx.com/OWA/
  Mailbox: xxx
  User: extest_xxx
  Diagnostic command: "Test-OwaConnectivity -TestType:External -MonitoringContext:$true -TrustAnySSLCertificate:$true -LightMode:$true"
  EventSourceName: MSExchange Monitoring OWAConnectivity External
  Knowledge:
  http://go.microsoft.com/fwlink/?LinkID=67336&id=CB86B85A-AF81-43FC-9B07-3C6FC00D3D42
  Computer: xxx
  Impacted Entities (3):
  OWA Service - xxx, xxx - xxx, Exchange
  Knowledge:     View additional knowledge...
  External Knowledge Sources
  For more information, see the respective topic at the Microsoft Exchange Server TechCenter
  Thanks
  MHem

  Hi,
  Based on the error, it looks like an OWA authentication failure.
  Have you tried post this to LYNC forums?
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Windows authentication failure on SharePoint 2013 zone

  I am attempting to set up a Windows authentication zone in a SharePoint 2013 installation for use by the search crawler.  The zone has been configured to use NTLM in order to eliminate Kerberos from the equation.  The result of my
  attempts to access the Windows authentication zone is a 403 error.  Central Administration is working on the same server, and of course is using Windows authentication.
  I know about the issue of using Windows authentication to localhost, and have configured the backconnectionhostnames entry in the registry.  To prove that I can use Windows authentication using the intended host name for the SharePoint zone, I have
  set up a test IIS site that binds to the host name used by the zone, and successfully authenticated using Windows authentication.
  From monitoring the ULS logs it's obvious that I'm actually successfully completing Windows authentication, and getting a SharePoint claim, but from that point I'm being denied by SharePoint.  I do know that my Windows credentials has site collection
  administrator privileges.  The most interesting failure in the ULS log appears to be:
  SPApplicationAuthenticationModule: Authorization header doesn't contain Bearer, can't try to perform application authentication.
  Another odd thing is that after the ULS indicates I have failed authentication, I'm redirected to /_layouts/AccessDenied.aspx instead of the login page defined in web.config.  I have tried many things, including enabling Kernel-mode authentication. 
  Below is an excerpt from my ULS logs:
  SPApplicationAuthenticationModule: There is no Authorization header, can't try to perform application authentication.
  Non-OAuth request. IsAuthenticated=False, UserIdentityName=, ClaimsCount=0
  [Forced due to logging gap, cached @ 12/01/2014 15:48:32.53, Original Level: Verbose] Value for isAnonymousAllowed is : {0}
  [Forced due to logging gap, Original Level: Verbose] Value for checkAuthenticationCookie is : {0}
  Claims Windows Sign-In: Sending 401 for request 'https://crawler.my.host/' because the user is not authenticated and resource requires authentication.
  [Forced due to logging gap, cached @ 12/01/2014 15:48:32.56, Original Level: VerboseEx] Sending HTTP response {0} - {1}:{2}.
  [Forced due to logging gap, Original Level: Verbose] SPRequestModule.PreSendRequestHeaders
  Leaving Monitored Scope (Request (GET:https://crawler.my.host:443/)). Execution Time=5320.19544383434
  Name=Timer Job SchedulingApproval
  Leaving Monitored Scope (Timer Job SchedulingApproval). Execution Time=16.4101862108173
  Name=Timer Job SchedulingApproval
  Leaving Monitored Scope (Timer Job SchedulingApproval). Execution Time=14.9021733209109
  Name=Timer Job SchedulingApproval
  [Forced due to logging gap, cached @ 12/01/2014 15:48:32.95, Original Level: Verbose] Completed deserializing the type named {0} and with id {1}.
  [Forced due to logging gap, Original Level: VerboseEx] SPFederationAuthenticationModule.OnEndRequest: Start
  SPFederationAuthenticationModule.OnEndRequest: User was being redirected to authenticate.
  Leaving Monitored Scope (Timer Job SchedulingApproval). Execution Time=17.2175513927049
  Claims Windows Sign-In: Sending 401 for request 'https://crawler.my.host/' because the user is not authenticated and resource requires authentication.
  Name=Request (GET:https://crawler.my.host:443/)
  Micro Trace Tags: 0 nasq
  Leaving Monitored Scope (Request (GET:https://crawler.my.host:443/)). Execution Time=9.54646470431298
  Name=Request (GET:https://crawler.my.host:443/)
  SPTokenCache.ReadTokenXml: Successfully read token XML 'mydomain\myuser'.
  Token Cache: Failed to get token from distributed cache for '0).w|s-0-0-0-0-0-0-1234'.(This is expected during the process warm up or if data cache Initialization is getting done by some other thread).
  Token Cache: Reverting to local cache to get the token for '0).w|s-0-0-0-0-0-0-1234'.
  Token Cache: Entry missing for user 'mydomain\myuser'.
  Token Cache: Failed to get token from distributed cache for '0).w|s-0-0-0-0-0-0-1234'.(This is expected during the process warm up or if data cache Initialization is getting done by some other thread).
  Token Cache: Reverting to local cache to get the token for '0).w|s-0-0-0-0-0-0-1234'.
  Claims Windows Sign-In: User 'mydomain\myuser' for request url 'https://crawler.my.host/' does not have a cached SessionSecurityToken.
  [Forced due to logging gap, cached @ 12/01/2014 15:48:33.24, Original Level: VerboseEx] We are in claims windows only mode for for request url '{0}'.
  [Forced due to logging gap, Original Level: VerboseEx] Reverting to process identity
  [Forced due to logging gap, cached @ 12/01/2014 15:48:33.71, Original Level: Verbose] Completed deserializing the type named {0} and with id {1}.
  SPSecurityContext: Added JsonWebSecurityTokenHandler to trust channel factory
  SPSecurityContext: Replaced WSTrustRequestSerializer with SPTrust13RequestSerializer
  SPSecurityContext: The SecurityTokenServiceBehavior is attached to the TrustChannel.
  SecurityTokenServiceSendRequest: RemoteAddress: 'http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc' Channel: 'Microsoft.IdentityModel.Protocols.WSTrust.IWSTrustChannelContract' Action: 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue'
  MessageId: 'urn:uuid:f175f6ef-a93d-4efe-9173-1fba74b1eed2'
  SecurityTokenServiceReceiveRequest: LocalAddress: 'http://servername:32843/SecurityTokenServiceApplication/securitytoken.svc' Channel: 'System.ServiceModel.Channels.ServiceChannel' Action: 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue' MessageId:
  'urn:uuid:f175f6ef-a93d-4efe-9173-1fba74b1eed2'
  Entering monitored scope (ExecuteSecurityTokenServiceOperationServer). Parent No
  STS Call: Issuing new security token.
  SPSecurityTokenServiceManager!EnsureSharePointLogonRequestClaims: Found primary sid claim. Value: 's-0-0-0-0-0-0-1234'.
  Using claim provider 'System' for operation because it is default and it is visible.
  Excluding claim provider 'AD' for operation because it is not default and .
  Using claim provider 'AllUsers' for operation because it is default and it is visible.
  Excluding claim provider 'Forms' for operation because it is not default and .
  Using claim provider 'User Profile Claim Provider' for operation because it is default and it is visible.
  STS Call Claims Windows: Setting cookie lifetime to: Microsoft.IdentityModel.Protocols.WSTrust.Lifetime
  STS Call Claims Windows: Successfully requested sign-in claim identity for user 'mydomain\myuser'.
  STS Call: Successfully issued new security token.
  Leaving Monitored Scope (ExecuteSecurityTokenServiceOperationServer). Execution Time=13.187150880908
  [Forced due to logging gap, cached @ 12/01/2014 15:48:34.87, Original Level: Verbose] The SecurityTokenServiceHeaderInfo including the correlation ID was added.
  Leaving Monitored Scope (ExecuteSecurityTokenServiceOperationCaller:http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue). Execution Time=719.713539011243
  [Forced due to logging gap, cached @ 12/01/2014 15:48:35.60, Original Level: Verbose] ____{0}={1}
  Claims Windows Sign-In: Siginging in the the user 'mydomain\myuser' for request url 'https://crawler.my.host/'.
  Updating X.509 certificate validation policy
  [Forced due to logging gap, cached @ 12/01/2014 15:48:36.26, Original Level: Verbose] Completed deserializing the type named {0} and with id {1}.
  Adding X.509 certificate thumbprint '493E6806F4178EDD685BE5EA0AAF79ED30FB4A90' to root authority trust
  SPLocalLoginProvider: Initializing and creating S2S Claim Mappings
  SPLocalLoginProvider: Initialized S2S Claim Mappings.
  [Forced due to logging gap, cached @ 12/01/2014 15:48:36.37, Original Level: Verbose] Completed deserializing the type named {0} and with id {1}.
  [Forced due to logging gap, Original Level: Verbose] Deserializing the type named {0} and with id {1}.
  [Forced due to logging gap, cached @ 12/01/2014 15:48:37.17, Original Level: Verbose] Completed deserializing the type named {0} and with id {1}.
  [Forced due to logging gap, Original Level: Verbose] Deserializing the type named {0} and with id {1}.
  [Forced due to logging gap, cached @ 12/01/2014 15:48:37.96, Original Level: Verbose] Completed deserializing the type named {0} and with id {1}.
  [Forced due to logging gap, Original Level: VerboseEx] SPFederationAuthenticationModule.OnSessionSecurityTokenCreated: Start
  [Forced due to logging gap, cached @ 12/01/2014 15:48:38.10, Original Level: VerboseEx] SPSam.SetPrincipalFromSessionToken: End
  [Forced due to logging gap, Original Level: Verbose] Looking up {0} site {1} in the farm {2}
  Token Cache: Failed to add token from distributed cache for '0).w|s-0-0-0-0-0-0-1234'.(This is expected during the process warm up or if data cache Initialization is getting done by some other thread).
  Token Cache: Reverting to local cache to Add the token for '0).w|s-0-0-0-0-0-0-1234'.
  Token Cache: Successfully added token to cache for '0).w|s-0-0-0-0-0-0-1234'.
  SPTokenCache.ReadTokenXml: Successfully read token XML '0).w|s-0-0-0-0-0-0-1234,0#.w|mydomain\myuser,123456789012345,True,dpoRtB/hPcjVrEaJtqVWxhY8Pbfm++oHwWQ5TCB9jBlLx5n2Ky5OqGXM7ntfLB0kqIJNDUkeQrl4wL7xW2m4r0rV1TiOUf+e2mpHq8WOgN67puRViZbCxCkwmmxUpE/1OVNcDFXRCh26tvVFieK99LKZn8BJUtmP8RqxtwtwqBolNjCyZ3rfSSmtFyM3pdWjphdj312R9Lcp9/EhTpvvV1J2lFCig901ZGaPo7zOw3pFyXl1eDs+gF2Bcbc7/mMZw67/gEccsFaekBVH1TK0d9qqr6P/ISeEgzhlK4DChV94ntsw8m8Pb255yTL8WrbTykMFV3jC7R2MvqCmiKGK+g==,https://crawler.my.host/'.
  Claims Windows Sign-In: Not writing a cookie for request 'https://crawler.my.host/'.
  Claims Windows Sign-In: Successfully signed-in the the user 'mydomain\myuser' for request url 'https://crawler.my.host/'.
  Updating header 'LOGON_USER' with value '0#.w|mydomain\myuser' for the request url 'https://crawler.my.host/'.
  Leaving Monitored Scope (SPClaimsCounterScope). Execution Time=4957.74267399907
  SPApplicationAuthenticationModule: Authorization header doesn't contain Bearer, can't try to perform application authentication.
  Non-OAuth request. IsAuthenticated=True, UserIdentityName=0#.w|mydomain\myuser, ClaimsCount=27
  Leaving Monitored Scope (PostAuthenticateRequestHandler). Execution Time=31.2877754016223
  Micro Trace Tags: 0 nasq,69 air4a,1 air4b,22 air4a,0 air4b,1641 aeayb,732 b4ly,654 erv2,58 erv3,1814 air36,0 air37,42 b4ly,5 agb9s,39 b4ly
  Leaving Monitored Scope (Request (GET:https://crawler.my.host:443/)). Execution Time=5101.04328902137
  SPFederationAuthenticationModule.OnEndRequest: User was being redirected to authenticate.
  [Forced due to logging gap, cached @ 12/01/2014 15:48:38.24, Original Level: Verbose] {0}
  [Forced due to logging gap, Original Level: VerboseEx] SPRequestParameters: AppPrincipal={0}, UserName={1}, UserKye={2}, RoleCount={3}, Roles={4}
  Site=/
  [Forced due to logging gap, cached @ 12/01/2014 15:48:38.37, Original Level: Verbose] {0}
  [Forced due to logging gap, Original Level: VerboseEx] Reverting to process identity
  [Forced due to logging gap, cached @ 12/01/2014 15:48:38.40, Original Level: VerboseEx] No SPAggregateResourceTally associated with thread.
  [Forced due to logging gap, Original Level: VerboseEx] Reverting to process identity
  [Forced due to logging gap, cached @ 12/01/2014 15:48:38.48, Original Level: VerboseEx] No SPAggregateResourceTally associated with thread.
  [Forced due to logging gap, Original Level: VerboseEx] Reverting to process identity
  Access Denied for /. StackTrace:    at Microsoft.SharePoint.Utilities.SPUtility.HandleAccessDenied(HttpContext context)     at Microsoft.SharePoint.IdentityModel.SPFederationAuthenticationModule.OnEndRequest(Object sender,
  EventArgs eventArgs)     at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()     at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)    
  at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error)     at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb)     at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest
  wr, HttpContext context)     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr
  rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)     at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)    
  at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr
  nativeRequestContext, IntPtr moduleData, Int32 flags)     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
  Leaving Monitored Scope (SPFederationAuthenticationModule.OnEndRequest). Execution Time=351.625416079418
  Entering monitored scope (Request (GET:https://crawler.my.host:443/_layouts/AccessDenied.aspx?Source=https%3A%2F%2Fcrawler%2Emy%2Ehost)). Parent No
   

  I'm extending an existing claims based web application.  The way I'm testing authentication is by attempting to log in to the Windows authentication zone using the browser and an account with site collection administrator privileges.  I've also
  tried using the intended crawler service account, but that also fails authentication.
  With regard to the default zone issue, I've already experimented with using both the default zone and another zone, but neither works.
  BTW, I already have this working in a SharePoint 2013 development environment, and a similar configuration has been in a SharePoint 2010 production environment for over a year, which makes this a particularly maddening problem.
  I have enabled Failed Request Tracing, and get a 401.1, 401.2, then a 403 (which says it was caused by the 401.2).  I'm not sure of the significance, but the 403 trace shows the module for the 401.2 to be UrlAuthorizationModule, while the module for
  the 403 error is FederatedAuthentication.
  Per my ULS trace included in my original post, it appears that I'm actually getting a SharePoint claim.

• Authentication Failure (Password Mismatch)

  Hi there.
  I am having a nightmare trying to get my web server working under Snow Leopard. To cut a long story short the server died and I had to restore it using a disk image before I migrate it to a new mavericks server. For obvious reasons I'd like to get everything working before I migrate.
  Whenever a users tries to access a secure page (mainly for svn access) they get rejected. If I try to access the page via safari/chrome I get a pop up window asking for a username and password. If the user enters their correct name and password it is constantly rejected (the name and password work elsewhere for email etc).
  In the logs on the server I get:
  [Wed Feb 05 16:34:33 2014] [error] [client 192.168.0.56] mod_auth_apple: User XXX authentication failure for "/xxx/xxxxxx": Password mismatch according to checkpw
  [Wed Feb 05 16:34:33 2014] [notice] [client 192.168.0.56] mod_auth_apple: Authenticating using lookupd or checkpw failed, and no configured htaccess file (AuthUserFile)
  If in Versions I try to refresh the svn repository I get:
  OPTIONS of 'https://[email protected]/svn/project'://[email protected]/svn/project': authorization failed: Could not authenticate to server: rejected Basic challenge (https://server.name.com)
  I am also having issues with iCal Server and AFP which makes me think there is some authorisation service which is corrupt/broken?
  Any help MOST appreciated as I am tearing my hair out here!
  Yours,
  Nic

  Ok something I have worked out by a bit of trial and error.
  NEVER run a server with two HDDs both with clones/installs of Mac OS.
  My server had the internal (faulty HDD) with the original server install called Macintosh HD. The clone was on a USB drive called SnowLeopardServer_Backup.
  Now for the most part the server worked (because most stuff uses Unix and proper paths). However it looks like all of apples stuff (Web services, iCal server and AFP) use the full path or at least components of them do. So because the server was originally set up on an HDD called Macintosh HD I can only suspect that it was freaking out by 1) now being on an HDD called something else and 2) that there was another HDD there called Macintosh HD.
  I have now renamed my old HDD to something else and renamed all the OS folders in it to something different too. I also renamed the clone drive to Macintosh HD.
  So far I turned on Web services and AFP and they work perfectly I have not turned on iCal yet as I want to ensure each service is working before turning on another.
  Also finally got the holy grail of Kerberos and Open Directory triangle working. I though that the iCal/Web/AFP not working with accounts was Open Directory related so I backed it up (and WGM), change to standalone and then tried to go back to a Master. It complained about the DNS not being set up and I finally found a post saying that you need to have your DNS set to point at 127.0.0.1 in the System Preferences > Network settings. I changed that and boom no more complaints about bad DNS
  Nic.