Search Results

Search found 270 results on 11 pages for 'ntlm'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 8/11 | < Previous Page | 4 5 6 7 8 9 10 11  | Next Page >

  • Window 2003 Server - Logon Failure error message in Event Viewer

    - by user45192
    Hi guys, I received alot of event logged in the event viewer with this message. I notice is always the same user id which encounters this error. The user id is use by an application to access the database. However, this account does not exits on this server. How do I trace the services/program use by this user id which causes these error messages? Reason=Unknown user name or bad password&&User Name=&&Domain=&&Logon Type=3&&Logon Process=NtLmSsp&&Authentication Package=NTLM&&Workstation Name=&&Caller User Name=-&&Caller Domain=-&&Caller Logon ID=-&&Caller Process ID=-&&Transited Services=-&&Source Network Address=-&&Source Port=-&&User=SYSTEM&&ComputerName=

    Read the article

  • Setting up Kerberos SSO in Windows 2008 network

    - by Arturs Licis
    We recently introduced Kerberos (SPNEGO) Single Sign-on in our web-portal, and tested it on a Windows network with Windows 2003 domain controller. Now, trying to test it on Windows 2008 R2 controlled network, SSO just doesn't work due to defective tokens. Up to the moment I was pretty sure that there's something wrong about environment and that were NTLM tokens. We double checked IE settings etc, but nothing helped. Then we checked the following settings for both users (logged on a client test-machine, and the one used as a Service Principal): This account supports Kerberos AES 128 bit encryption. This account supports Kerberos AES 256 bit encryption. .. and error message changed to ' GSSException: Failure unspecified at GSS-API level (Mechanism level: Encryption type AES256CTS mode with HMAC SHA1-96 is not supported/enabled) It makes me think that Internet Explorer receives Kerberos tokens at all times, and there's just some configuration missing, or it was ktpass.exe to be incorrectly executed. Here's how ktpass.exe was invoked: C:ktpass /out portal1.keytab /mapuser USER /princ HTTP/[email protected] /pass *

    Read the article

  • Chrome - Why am I automatically authenticated to a web app even after clearing browser cookies?

    - by Howiecamp
    I am accessing a web application using Chrome. If I sign out of the app and clear all Chrome history/cookies/etc (even Flash cookies which are now handled by Chrome in the same Clear History area) and then re-access the site, I am automatically logged in without being prompted for credentials. I then launched Chrome in Incognito mode and was able to reproduce the same behavior. However, the I was prompted upon the first logon while in Incognito mode. The web application behaves as expected in Internet Explorer 10. Some info about the application: It's a Sharepoint site using NTLM authentication The credentials are Active Directory-based, as the username is domain\username My connection is over the Internet and there is no AD relationship between my local Windows account, my Windows PC. In other words I (meaning my locally logged on user and my PC) are not in any way part of their AD domain. The site is running SSL on port 443 Why might Chrome be automatically authenticating me?

    Read the article

  • Constant prompts for credentials from one Mac Outlook 2011 client

    - by Top__Hat
    The majority of my Exchange users are all on Windows 7 and have no issues (at least using Outlook...) but a subset of the executives are ardent Mac users running Outlook 2011 for OS X. One of these clients is prompted every 5-10 minutes for credentials. Ticking the checkbox to remember credentials does not fix the situation. Mac version is 10.7.2. I have already removed and rebuilt the EWS virtual directory on my Client Access server. Outlook anywhere is set to NTLM authentication. None of the Microsoft clients are experiencing this issue. What else can I do to make this issue go away?

    Read the article

  • Accessing SVN Repository on external drive

    - by Stephen
    I've installed SVN on my Raspberry PI and configured it to access the repository on an external hard drive. In /etc/fstab, I've have the following: //192.168.1.12/SHARE/repos /media/repos cifs sec=ntlm,username=Guest,password=,_netdev,dir_mode=0777,file_mode=0777 0 0 This mounts with no issues. When I go to add a project to the repository using the following command: sudo svn import mywebsite/ file://media/repos/mainrepository/mywebsite/ -m "Initial Upload" I get the following error: svn: E170000: Unable to connect to a repository at URL 'file://media/repos/mainrepository/mywebsite' svn: E170000: Unable to open an ra_local session to URL svn: E170000: Local URL 'file://media/repos/mainrepository/mywebsite' contains unsupported hostname The only thing I think maybe causing the issue is the file settings: drwxrwxrwx 2 root root 0 Jun 11 2009 repos As you can see the owner is root, I think it needs to be www-data, but for some reason I can't change it. Any help appreciated.

    Read the article

  • IIS 7 with PHP in Domain with Windows Authentication

    - by Michal Saiyan Hajdony
    I have Windows Server 2008 R2 x64b installed with IIS 7, PHP 5.5. This server is added to domain exampledomain , so I have win authentication enabled and all others disabled. I left the two default providers NTLM and negotiate, I granted IIS_IUSRS read access to wwwroot. So far it has worked for me only as I am added to the Administrators group which has read/write access to wwwroot folder. Yet, when someone else is trying to connect, he gets a credentials window and when he puts the domain name and password he cannot get access to the page. The issue is solved when I add read permission to "Domain users" - then all works fine. BUT. My issue is that if one opens windows explorer and types \\servername\wwwroot one can see the files and read them. I have never configured IIS before so I know I miss some really important thing. How can I solve the file visibility problem?

    Read the article

  • Windows 8.1 keeps prompting for Network Share Credentials after every log on or restart

    - by Peret del Trunfa
    I have a Network drive Shared in a Workgroup with 3 clients. Two clients with Windows 7 have persistent connections to the Share. No issues with those two. My windows 8.1 client keeps prompting for credentials at every restart / log on. I spent hours looking around for a solution: I have stored cred in cred manager, and tried every possible combination (WORKGROUP\user , COMPUTERNAME\user, user, .. and so on). I have changed NT and NTLM negotiation in policy manager. I've compared the settings under GPO network security with a working win 7 computer, everything is pretty much the same. -I've captured Wireshark to see SMB negotiation process, honestly I see the messages flowing around, and the share sending AUTH DENIED.. which means is how the 8.1 client formats the request.... that makes the share reject it.. Now I still don't really know why. Any ideas would be appreciated.

    Read the article

  • I can't add PPA repository behind the proxy (with @ in the username)

    - by kenorb
    I'm trying to add the ppa repository (as a root) with the following command: export HTTP_PROXY="http://[email protected]:[email protected]:8080" add-apt-repository ppa:nilarimogard/webupd8 Traceback (most recent call last): File "/usr/bin/add-apt-repository", line 125, in <module> ppa_info = get_ppa_info_from_lp(user, ppa_name) File "/usr/lib/python2.7/dist-packages/softwareproperties/ppa.py", line 84, in get_ppa_info_from_lp curl.perform() pycurl.error: (56, 'Received HTTP code 407 from proxy after CONNECT') Unfortunately it doesn't work. Looks like curl is connecting to the proxy, but the proxy says that Authentication is Required. I've tried with .curlrc, http_proxy env instead, but it doesn't work. strace -e network,write -s1000 add-apt-repository ppa:nilarimogard/webupd8 socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP) = 4 socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 4 connect(4, {sa_family=AF_INET, sin_port=htons(8080), sin_addr=inet_addr("165.x.x.232")}, 16) = -1 EINPROGRESS (Operation now in progress) getsockopt(4, SOL_SOCKET, SO_ERROR, [0], [4]) = 0 getpeername(4, {sa_family=AF_INET, sin_port=htons(8080), sin_addr=inet_addr("165.x.x.232")}, [16]) = 0 getsockname(4, {sa_family=AF_INET, sin_port=htons(46025), sin_addr=inet_addr("161.20.75.220")}, [16]) = 0 sendto(4, "CONNECT launchpad.net:443 HTTP/1.1\r\nHost: launchpad.net:443\r\nUser-Agent: PycURL/7.22.0\r\nProxy-Connection: Keep-Alive\r\nAccept: application/json\r\n\r\n", 146, MSG_NOSIGNAL, NULL, 0) = 146 recvfrom(4, "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: BASIC realm=\"proxy\"\r\nCache-Control: no-cache\r\nPragma: no-cache\r\nContent-Type: text/html; charset=utf-8\r\nProxy-Connection: close\r\nSet-Cookie: BCSI-CS-91b9906520151dad=2; Path=/\r\nConnection: close\ Maybe it's because there is @ sign in the username? Wget works with proxy fine. Related: How do I add a repository from behind a proxy? Environment Ubuntu 12.04 curl 7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 curl Features: GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP

    Read the article

  • Squid 3 and Internet Explorer 11 with authentication

    - by StBlade
    Need some help. My college has up until now been running Squid 3 on Ubuntu 12.02 and now 14.04 successfully. That was till recently. Our WSUS server is dishing out updates to all our workstations of which Internet Explorer 11 is one of them. Now all of a sudden users do not need to authenticate via the squid proxy to be able to use the internet. This makes it rather difficult as I also use SARG to generate usage logs for all users each day. All our workstations also have Chrome on them, and Chrome authenticates fine via the Squid proxy. Doing a couple of Googles, I ran into and article, where someone made mention that Microsoft has deprecated digest and basic authentication from IE 11. Reason was given that Office 2013 was giving problems as it was not giving the popup screen for authentication when Office tries to download templates from the internet. I have run into this problem, but by setting those sites to not authenticate via squid fixed the problem. Has anyone else run into something similiar? Would changing to NTLM or Kereberos be a solution?

    Read the article

  • Cannot Boot, How to recover

    - by Kendor
    Am running 11.10 64-bit with Gnome-shell. Something happened late Friday whereby my machine never gets to the login screen. I do get to an Ubuntu splash logo, after that I get a text screen that it hangs on. The screen is referring to issues with mounting various network resources, including VMWare and also some references to my NAS that are in fstab. If I hit "esc" I can get to the GRUB menu and into recovery console. If I try to do a file system check, I run into a similar error screen that I see when trying to boot normally. A possible clue here is that during my last good session I made some mods to the /etc/hosts file to reference another system which I'm connecting to with Synergy. I don't believe I have hardware issues as I'm able to boot properly with a Live USB and connect to my network/Internet. A few more tidbits. I have regular Dejadups backups on my NAS. I have a good Clonezilla whole drive image which is 4-6 weeks old.. My home is encrypted. I thought I'd try blowing away my hosts file via live USB, but when I mounted the hard drive everything was read-only and I couldn't figure out how to replace it. P.S. I logged in via CLI and modded the host file to remove the entry I'd made, to no avail. System continue to gets stuck on the following: CIFS VFS: default security mechanism requested. The default security mechanism will be upgraded from ntlm to ntlmv2 in kernel version 3.1s Would love some sober advice on how to attack this.

    Read the article

  • How to mount private network shares on login?

    - by bainorama
    I've read all the existing entries I could find on using pam_mount but none of them seem to work for me. I'm trying to automatically mount shares on my local NAS at user login time. The usernames and passwords on my NAS shares match my local user name and password, but there is no LDAP/AD server. My pam_mount.conf has the following: <volume fstype="cifs" server="bain-brain" path="movies" user="*" sgrp="bains" mountpoint="/home/%(USER)/movies" options="user=%(USER),dir_mode=0700,file_mode=700,nosuid,nodev" /> When I login, I see the following in /var/log/auth.log: Oct 13 10:21:26 bad-lattitude lightdm: pam_mount(misc.c:380): 29 20 0:20 / /home/alastairb/movies rw,nosuid,nodev,relatime - cifs //bain-brain/movies rw,sec=ntlm,unc=\\bain-brain\movies,username=alastairb,uid=1000,forceuid,gid=1000,forcegid,addr=10.1.1.12,file_mode=01274,dir_mode=0700,nounix,serverino,rsize=61440,wsize=65536,actimeo=1 The folder /home/alastairb/movies is present but empty (can't see the files which are on the NAS in the respective share folder). In Nautilus, the share is shown in the sidebar under "Computer", and clicking on this takes me to the correct folder, but again, its empty. Any ideas as to what I'm doing wrong?

    Read the article

  • IIS 7 Authentication: Certain users can't authenticate, while almost all others can.

    - by user35335
    I'm using IIS 7 Digest authentication to control access to a certain directory containing files. Users access the files through a department website from inside our network and outside. I've set NTFS permissions on the directory to allow a certain AD group to view the files. When I click a link to one of those files on the website I get prompted for a username and password. With most users everything works fine, but with a few of them it prompts for a password 3 times and then get: 401 - Unauthorized: Access is denied due to invalid credentials. But other users that are in the group can get in without a problem. If I switch it over to Windows Authentication, then the trouble users can log in fine. That directory is also shared, and users that can't log in through the website are able to browse to the share and view files in it, so I know that the permissions are ok. Here's the portion of the IIS log where I tried to download the file (/assets/files/secure/WWGNL.pdf): 2010-02-19 19:47:20 xxx.xxx.xxx.xxx GET /assets/images/bullet.gif - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 200 0 0 218 2010-02-19 19:47:20 xxx.xxx.xxx.xxx GET /assets/images/bgOFF.gif - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 200 0 0 218 2010-02-19 19:47:21 xxx.xxx.xxx.xxx GET /assets/files/secure/WWGNL.pdf - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 401 2 5 0 2010-02-19 19:47:36 xxx.xxx.xxx.xxx GET /assets/files/secure/WWGNL.pdf - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 401 1 2148074252 0 2010-02-19 19:47:43 xxx.xxx.xxx.xxx GET /assets/files/secure/WWGNL.pdf - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 401 1 2148074252 15 2010-02-19 19:47:46 xxx.xxx.xxx.xxx GET /manager/media/script/_session.gif 0.19665693119168282 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 200 0 0 203 2010-02-19 19:47:46 xxx.xxx.xxx.xxx POST /manager/index.php - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 200 0 0 296 2010-02-19 19:47:56 xxx.xxx.xxx.xxx GET /assets/files/secure/WWGNL.pdf - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 401 1 2148074252 15 2010-02-19 19:47:59 xxx.xxx.xxx.xxx GET /favicon.ico - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 404 0 2 0 Here's the Failed Logon attempt in the Security Log: Log Name: Security Source: Microsoft-Windows-Security-Auditing Date: 2/19/2010 11:47:43 AM Event ID: 4625 Task Category: Logon Level: Information Keywords: Audit Failure User: N/A Computer: WEB4.net.domain.org Description: An account failed to log on. Subject: Security ID: NULL SID Account Name: - Account Domain: - Logon ID: 0x0 Logon Type: 3 Account For Which Logon Failed: Security ID: NULL SID Account Name: jim.lastname Account Domain: net.domain.org Failure Information: Failure Reason: Unknown user name or bad password. Status: 0xc000006d Sub Status: 0xc000006a Process Information: Caller Process ID: 0x0 Caller Process Name: - Network Information: Workstation Name: - Source Network Address: 10.5.16.138 Source Port: 50065 Detailed Authentication Information: Logon Process: WDIGEST Authentication Package: WDigest Transited Services: - Package Name (NTLM only): - Key Length: 0 This event is generated when a logon request fails. It is generated on the computer where access was attempted. The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe. The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network). The Process Information fields indicate which account and process on the system requested the logon. The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases. The authentication information fields provide detailed information about this specific logon request. - Transited services indicate which intermediate services have participated in this logon request. - Package name indicates which sub-protocol was used among the NTLM protocols. - Key length indicates the length of the generated session key. This will be 0 if no session key was requested. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" /> <EventID>4625</EventID> <Version>0</Version> <Level>0</Level> <Task>12544</Task> <Opcode>0</Opcode> <Keywords>0x8010000000000000</Keywords> <TimeCreated SystemTime="2010-02-19T19:47:43.890Z" /> <EventRecordID>2276316</EventRecordID> <Correlation /> <Execution ProcessID="612" ThreadID="692" /> <Channel>Security</Channel> <Computer>WEB4.net.domain.org</Computer> <Security /> </System> <EventData> <Data Name="SubjectUserSid">S-1-0-0</Data> <Data Name="SubjectUserName">-</Data> <Data Name="SubjectDomainName">-</Data> <Data Name="SubjectLogonId">0x0</Data> <Data Name="TargetUserSid">S-1-0-0</Data> <Data Name="TargetUserName">jim.lastname</Data> <Data Name="TargetDomainName">net.domain.org</Data> <Data Name="Status">0xc000006d</Data> <Data Name="FailureReason">%%2313</Data> <Data Name="SubStatus">0xc000006a</Data> <Data Name="LogonType">3</Data> <Data Name="LogonProcessName">WDIGEST</Data> <Data Name="AuthenticationPackageName">WDigest</Data> <Data Name="WorkstationName">-</Data> <Data Name="TransmittedServices">-</Data> <Data Name="LmPackageName">-</Data> <Data Name="KeyLength">0</Data> <Data Name="ProcessId">0x0</Data> <Data Name="ProcessName">-</Data> <Data Name="IpAddress">10.5.16.138</Data> <Data Name="IpPort">50065</Data> </EventData> </Event>

    Read the article

  • Does GoDaddy supports RESTful services via WCF

    - by Amir Naor
    After deploying a WCF RESTful service that i created using the REST started kit, i got several errors that i managed to solve following this post: http://www.edoverip.com/edoverip/index.php/2009/01/30/running-wcf-on-godaddy Now i'm stuck with this error: IIS specified authentication schemes 'Basic, Anonymous', but the binding only supports specification of exactly one authentication scheme. Valid authentication schemes are Digest, Negotiate, NTLM, Basic, or Anonymous. Change the IIS settings so that only a single authentication scheme is used I saw that others got to this point without a solution. GoDaddy support dont know nothing. Is it possible at all? Are there any web hosting services that you know that support that?

    Read the article

  • Building cURL & libcurl with Visual Studio 2010

    - by KTC
    With the help of question #197444, I have managed to build cURL & libcurl from source on Windows from within the Visual Studio 2010 IDE, OpenSSL 1.0.0, and zlib 1.2.5. The problem I see is that at the moment, if I run the resulting curl.exe with the argument -V, then the version that it report is curl 7.20.1 (i386-pc-win32) libcurl/7.20.1 OpenSSL/0.9.8d zlib/1.2.3 Protocols: dict file ftp ftps http https imap imaps ldap pop3 pop3s rtsp smtp smtps telnet tftp Features: AsynchDNS Largefile NTLM SSL libz Note the versions reported for both OpenSSL & zlib doesn't match if what I actually used. Any idea on how to fix this? p.s. Is there a clear list of optional components that can be compiled into libcurl and what options/preprocessor directive to use? (e.g. SSPI, libidn, ...?)

    Read the article

  • How should I use this SetSPN command when installing SharePoint

    - by Paul Rowland
    In the SharePoint install document I have it says, If you use a domain user account for the SQL Server service account, you must make sure that a valid service principal name (SPN) for that account and instance of SQL Server on their database server exists in their environment. This is the case regardless of whether you use NTLM or Kerberos authentication for Office SharePoint Server 2007. You must configure the SPN for that account in the domain using the Setspn.exe command-line tool. Setspn.exe is installed by default on computers running Windows Server 2008. Run the following command on a computer that is joined to the same domain as the user/service account. setspn -a <http/<farmclusterdnsname> <serviceaccountname> What should the parameters be in this case? I guess the serviceaccountname would be 'domain\username' not sure what the first parameter should be though. This is the technet link for SetSPN.

    Read the article

  • Consume a WebService with Integrated authentication from WPF windows application

    - by Tr1stan
    I have written a WPF windows application that consumes a .net WebService. This works fine when the web service in hosted to allow anonymous connections, however the WebService I need to consume when we go live will be held within a website that has Integrated Authentication enabled. The person running the WPF application will be logged onto a computer within the same domain as the web server and will have permission to see the WebService (without entering any auth info) if browsing to it using a web browser that is NTLM auth enabled. Is it possible to pass through the details of the already logged in user running the application to the WebService? Here is the code I'm currently using: MyWebService.SearchSoapClient client = new SearchSoapClient(); //From the research I've done I think I need to something with these: //UserName.PreAuthenticate = true; //System.Net.CredentialCache.DefaultCredentials; List<Person> result = client.FuzzySearch("This is my search string").ToList(); Any pointers much appreciated.

    Read the article

  • SQL Server 2008, Kerberos and SPN

    - by andrew007
    Hi, I installed SQL Server 2008 on a Win XP SP2 workstation in a AD domain and configured to run with the "Network Service" account. In my error log I have the following message (Event ID:26037): The SQL Server Network Interface library could not register the Service Principal Name (SPN) for the SQL Server service. **Error: 0xd, state: 13**. Failure to register an SPN may cause integrated authentication to fall back to NTLM instead of Kerberos. This is an informational message. Further action is only required if Kerberos authentication is required by authentication policies. The strange thing is that I have another SQL Server 2008 installation in a Win 2003 server configured in the same way and there I do not have this message. My questions are: Does anybody know if there are limitations with Kerberos on Windows XP and SQL Server? Why the SPN is not automatically registered on Win XP when I use the "Network Service" but it works on Windows 2003 server? THANKS!

    Read the article

  • J2SE Proxy Authentication

    - by Alan
    We use 2 SIMILAR Microsoft ISA Proxy Server 2003 to connect to internet. Each Proxy has different Login style, as below : Server-1 : nt-domain\alan Server-2 : [email protected] Logon in IE, Firefox and my Phonecell via Wifi all are fine. But, a problem appears when we run a java application J2SE Ver 4, 5 and 6, where it needs internet authentication. Logon to Server-2 is OK, but FAIL for Server-2 (style : [email protected]). Note : Both proxy seen using Windows authentication, type : negotiate NTLM Appreceate if you can help or for any suggest. Thank you, Alan L

    Read the article

  • Can't connect to Office Communication Server through Unified Communications API

    - by Robin Clowers
    I am trying to connect to Office Communication Server using the Unified Communications Managed API. I have tried my user and a fresh user enabled for OCS. Both account can successfully log into the Office Communicator client, but fail using the API. When creating the network credential, if I pass in the username in the form domain\username, I get this error: SupportedAuthenticationProtocols=Ntlm, Kerberos Realm=SIP Communications Service FailureReason=InvalidCredentials ErrorCode=-2146893044 Microsoft.Rtc.Signaling.AuthenticationException: The log on was denied. Check that the proper credentials are being used and the account is active. ---> Microsoft.Rtc.Internal.Sip.AuthException: NegotiateSecurityAssociation failed, error: - 2146893044 If I leave off the domain in the username I this error: ResponseCode=404 ResponseText=Not Found DiagnosticInformation=ErrorCode=4005,Source=OCS.mydomain.com,Reason=Destination URI either not enabled for SIP or does not exist

    Read the article

  • Windows Impersonation failed

    - by skprocks
    I am using following code to implement impersonation for the particular windows account,which is failing.Please help. using System.Security.Principal; using System.Runtime.InteropServices; public partial class Source_AddNewProduct : System.Web.UI.Page { [DllImport("advapi32.dll", SetLastError = true)] static extern bool LogonUser( string principal, string authority, string password, LogonSessionType logonType, LogonProvider logonProvider, out IntPtr token); [DllImport("kernel32.dll", SetLastError = true)] static extern bool CloseHandle(IntPtr handle); enum LogonSessionType : uint { Interactive = 2, Network, Batch, Service, NetworkCleartext = 8, NewCredentials } enum LogonProvider : uint { Default = 0, // default for platform (use this!) WinNT35, // sends smoke signals to authority WinNT40, // uses NTLM WinNT50 // negotiates Kerb or NTLM } //impersonation is used when user tries to upload an image to a network drive protected void btnPrimaryPicUpload_Click1(object sender, EventArgs e) { try { string mDocumentExt = string.Empty; string mDocumentName = string.Empty; HttpPostedFile mUserPostedFile = null; HttpFileCollection mUploadedFiles = null; string xmlPath = string.Empty; FileStream fs = null; StreamReader file; string modify; mUploadedFiles = HttpContext.Current.Request.Files; mUserPostedFile = mUploadedFiles[0]; if (mUserPostedFile.ContentLength >= 0 && Path.GetFileName(mUserPostedFile.FileName) != "") { mDocumentName = Path.GetFileName(mUserPostedFile.FileName); mDocumentExt = Path.GetExtension(mDocumentName); mDocumentExt = mDocumentExt.ToLower(); if (mDocumentExt != ".jpg" && mDocumentExt != ".JPG" && mDocumentExt != ".gif" && mDocumentExt != ".GIF" && mDocumentExt != ".jpeg" && mDocumentExt != ".JPEG" && mDocumentExt != ".tiff" && mDocumentExt != ".TIFF" && mDocumentExt != ".png" && mDocumentExt != ".PNG" && mDocumentExt != ".raw" && mDocumentExt != ".RAW" && mDocumentExt != ".bmp" && mDocumentExt != ".BMP" && mDocumentExt != ".TIF" && mDocumentExt != ".tif") { Page.RegisterStartupScript("select", "<script language=" + Convert.ToChar(34) + "VBScript" + Convert.ToChar(34) + "> MsgBox " + Convert.ToChar(34) + "Please upload valid picture file format" + Convert.ToChar(34) + " , " + Convert.ToChar(34) + "64" + Convert.ToChar(34) + " , " + Convert.ToChar(34) + "WFISware" + Convert.ToChar(34) + "</script>"); } else { int intDocLen = mUserPostedFile.ContentLength; byte[] imageBytes = new byte[intDocLen]; mUserPostedFile.InputStream.Read(imageBytes, 0, mUserPostedFile.ContentLength); //xmlPath = @ConfigurationManager.AppSettings["ImagePath"].ToString(); xmlPath = Server.MapPath("./../ProductImages/"); mDocumentName = Guid.NewGuid().ToString().Replace("-", "") + System.IO.Path.GetExtension(mUserPostedFile.FileName); //if (System.IO.Path.GetExtension(mUserPostedFile.FileName) == ".jpg") //{ //} //if (System.IO.Path.GetExtension(mUserPostedFile.FileName) == ".gif") //{ //} mUserPostedFile.SaveAs(xmlPath + mDocumentName); //Remove commenting till upto stmt xmlPath = "./../ProductImages/"; to implement impersonation byte[] bytContent; IntPtr token = IntPtr.Zero; WindowsImpersonationContext impersonatedUser = null; try { // Note: Credentials should be encrypted in configuration file bool result = LogonUser(ConfigurationManager.AppSettings["ServiceAccount"].ToString(), "ad-ent", ConfigurationManager.AppSettings["ServiceAccountPassword"].ToString(), LogonSessionType.Network, LogonProvider.Default, out token); if (result) { WindowsIdentity id = new WindowsIdentity(token); // Begin impersonation impersonatedUser = id.Impersonate(); mUserPostedFile.SaveAs(xmlPath + mDocumentName); } else { throw new Exception("Identity impersonation has failed."); } } catch { throw; } finally { // Stop impersonation and revert to the process identity if (impersonatedUser != null) impersonatedUser.Undo(); // Free the token if (token != IntPtr.Zero) CloseHandle(token); } xmlPath = "./../ProductImages/"; xmlPath = xmlPath + mDocumentName; string o_image = xmlPath; //For impersoantion uncomment this line and comment next line //string o_image = "../ProductImages/" + mDocumentName; ViewState["masterImage"] = o_image; //fs = new FileStream(xmlPath, FileMode.Open, FileAccess.Read); //file = new StreamReader(fs, Encoding.UTF8); //modify = file.ReadToEnd(); //file.Close(); //commented by saurabh kumar 28may'09 imgImage.Visible = true; imgImage.ImageUrl = ViewState["masterImage"].ToString(); img_Label1.Visible = false; } //e.Values["TemplateContent"] = modify; //e.Values["TemplateName"] = mDocumentName.Replace(".xml", ""); } } catch (Exception ex) { ExceptionUtil.UI(ex); Response.Redirect("errorpage.aspx"); } } } The code on execution throws system.invalidoperation exception.I have provided full control to destination folder to the windows service account that i am impersonating.

    Read the article

  • How to configure WCF Service with Https WindowsAuthentication?

    - by Melania
    I am trying to figure it out how to set configurations on my service and Silverlight client App to work on Secure Windows Authentication. I have my service configured like this: <binding name="currentCustomBinding"> <binaryMessageEncoding /> <httpsTransport authenticationScheme="Ntlm" bypassProxyOnLocal="true" /> </binding> </customBinding> <serviceMetadata httpGetEnabled="False" httpsGetEnabled="True" /> <serviceDebug includeExceptionDetailInFaults="false" /> </behavior> <service name=" OperationService" behaviorConfiguration=" OperationServiceBehavior"> <endpoint address="" behaviorConfiguration=" OperationServiceBehavior" binding="customBinding" bindingConfiguration="currentCustomBinding" contract="OperationService" /> </service> Any ideas? 10q

    Read the article

  • SharePoint 2010 - two web applications - single sign on --> do I need claims based auth.?

    - by user333571
    Hi! We are planning to create two sharepoint web applications using SharePoint 2010 Enterprise Edition. All Users that have access to web app 1, should also be able to access web app 2. This authentication shall be powered by server 2003 active directory. -- do I need to use claims based authentication? If so -- can I use Windows Based Authentication with NTLM for that? The only thing I really want is that users navigating from web app 1 to web app 2 (and vice versa) do not have to authenticate twice. I do NOT want to configure Kerberos if it is not absolutely necessare though... Can you give me any hints? Thanks!

    Read the article

  • IIS Active Directory double handshake hickup

    - by AngryHacker
    I have a .net 2.0 click-once application that connects to IIS web services on Windows 2003 R2 64-bits. The IIS is setup with Integrated Windows Authentication. So whenever a web service call is made to IIS web services, there is a double handshake taking place: Client Request #1 GetEmployeeList Server Response #1 <- 401 HTTP/1.1 401 Unauthorized WWW-Authenticate: Negotiate WWW-Authenticate: NTLM Client Request #2 REQUEST Header... Server Response #2 <- 200 Data Received Lately, however, Server Response #1 will sometimes (a good 20 percent of the calls) take a massive amount of time (like 25 to 30 seconds). How do I debug this problem? Is this a Active Directory problem or a Domain Controller problem?

    Read the article

  • sharepoint wss 3.0 user domain

    - by user549966
    I've inherited a sharepoint wss 3.0 farm that is pulling users from 2 different domains, say domainA and domainB. So if I go into Add User and Browse, and type Smith, it is coming up with domainA\jsmith and domainB\jsmith. The company has moved away from domainA and uses only domainB now. So I want to remove domainA from the sharepoint configuration. I don't need to migrate existing sharepoint users, I just want for the domainA users to stop showing up when new users are added. I've been through every page I can find in Central Administration and I don't see where the names of the domain controller(s) are specified. It is using windows auth / NTLM.

    Read the article

  • Which SharePoint Authentication Mode Should I be using for this scenario?

    - by Dynamic
    I currently have a sharepoint 2010 site for which NTLM windows authentication has been enabled (by default it is against Active Directory I believe). I'd need to change this so that I have 1 custom login page which accepts username/password/domain and validates those information against the active directory, then if that was valid, I'll write logic to logon to another webservice which is located on another server and returns me a unique sessionId that I can store (as a cookie) for further use. Please could you advise which authentication mode I can use to create this custom login page? should that be FBA against AD? not sure how that works. Thanks in advance.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 4 5 6 7 8 9 10 11  | Next Page >