Search This Blog

Thursday, November 29, 2007

Microsoft IAS uses Global catalog

We had a case when users could not use wireless when WAN link to HQ was down. The reason is that Cisco wireless authentication (WPA2-Enteprise EAP) is done on the local DC with IAS, but Global catalog was not enabled on the DC. Since the WAN link to HQ Global catalog was not available users could not connect to wireless. Error message:

Event Type: Error
Event Source: IAS
Event Category: None
Event ID: 3
Date: 11/27/2007
Time: 5:25:18 PM
User: N/A
Computer: xxx
Access request for user host/xxx was discarded.
Fully-Qualified-User-Name =
NAS-IP-Address = xxx
NAS-Identifier = xxx
Called-Station-Identifier = xxx
Calling-Station-Identifier = xxx
Client-Friendly-Name = xxx
Client-IP-Address = xxx
NAS-Port-Type = Wireless - IEEE 802.11
NAS-Port = 215
Proxy-Policy-Name = Use Windows authentication for all users
Authentication-Provider = Windows
Authentication-Server =
Reason-Code = 4
Reason = The Active Directory global catalog cannot be accessed.

For more information, see Help and Support Center at
0000: 00 00 00 00 ....

The workaround - enable GC on all DCs used for wireless.

Thursday, November 15, 2007

Windows Desktop Search

WDS found itself in the midst of a controversy on October 25, 2007 when WDS 3.01 was automatically pushed out and installed to Windows systems when they updated themselves via WSUS. Microsoft hasn't yet responded on the situation.

Tuesday, November 13, 2007

HP UPS R5500 XR firmware

Latest firmware for UPS is 2.04, during the upgrade UPS may switch off the segment, althought in theory it should not.

Cisco ASA new releases

Cisco released ASA 8.0(3), Secure Desktop and AnyConnect 2.1.0148 around Nov 7 2007

Cisco ASA WebVPN cifs "Error contacting host."

There is a bug CSCsk29306 in ver. 8.0(2) and it looks like in 8.0(3) it still not solved. Workaround - reload.