Solved: IronPort windows activation

Bogdan Nita · ‎12-07-2012

Hello,

I have a IronPort S170 and I am trying to activate windows online for workstations that use ironport.

On the workstation i get the 0x80072f8f error.

I have tried activating windows without going through Ironport and works fine.

Is there a way I can permit windows activation through ironport ?

Thank you.

Chris Illsley · ‎12-07-2012

Hello,

Have a look at what is getting blocked, log onto the IronPort via SSH, then:

grep

1 Accesslogs

IP address of system that is trying the activation

Tail logs: Y

From there see what is getting denied and change your custom category accordingly.

Thanks

Chris

IronPort1> grep

Currently configured logs:

1. "accesslogs" Type: "Access Logs" Retrieval: FTP Poll

2. "authlogs" Type: "Authentication Framework Logs" Retrieval: FTP Poll

3. "avc_logs" Type: "AVC Engine Logs" Retrieval: FTP Poll

4. "bypasslogs" Type: "Proxy Bypass Logs" Retrieval: FTP Poll

5. "cli_logs" Type: "CLI Audit Logs" Retrieval: FTP Poll

6. "dca_logs" Type: "DCA Engine Logs" Retrieval: FTP Poll

7. "external_auth_logs" Type: "External Authentication Logs" Retrieval: FTP Poll

8. "feedback_logs" Type: "Feedback Logs" Retrieval: FTP Poll

9. "ftpd_logs" Type: "FTP Server Logs" Retrieval: FTP Poll

10. "gui_logs" Type: "GUI Logs" Retrieval: FTP Poll

11. "haystackd_logs" Type: "Haystack Logs" Retrieval: FTP Poll

12. "idsdataloss_logs" Type: "Data Security Logs" Retrieval: FTP Poll

13. "logderrorlogs" Type: "Logging Logs" Retrieval: FTP Poll

14. "mcafee_logs" Type: "McAfee Logs" Retrieval: FTP Poll

15. "musd_logs" Type: "Mobile User Security Daemon Logs" Retrieval: FTP Poll

16. "pacd_logs" Type: "PAC File Hosting Daemon Logs" Retrieval: FTP Poll

17. "proxylogs" Type: "Default Proxy Logs" Retrieval: FTP Poll

18. "reportd_logs" Type: "Reporting Logs" Retrieval: FTP Poll

19. "reportqueryd_logs" Type: "Reporting Query Logs" Retrieval: FTP Poll

20. "saas_auth_log" Type: "SaaS Auth Logs" Retrieval: FTP Poll

21. "shd_logs" Type: "SHD Logs" Retrieval: FTP Poll

22. "snmp_logs" Type: "SNMP Logs" Retrieval: FTP Poll

23. "sntpd_logs" Type: "NTP Logs" Retrieval: FTP Poll

24. "sophos_logs" Type: "Sophos Logs" Retrieval: FTP Poll

25. "status" Type: "Status Logs" Retrieval: FTP Poll

26. "system_logs" Type: "System Logs" Retrieval: FTP Poll

27. "trafmon_errlogs" Type: "Traffic Monitor Error Logs" Retrieval: FTP Poll

28. "trafmonlogs" Type: "Traffic Monitor Logs" Retrieval: FTP Poll

29. "uds_logs" Type: "UDS Logs" Retrieval: FTP Poll

30. "updater_logs" Type: "Updater Logs" Retrieval: FTP Poll

31. "wbnp_logs" Type: "WBNP Logs" Retrieval: FTP Poll

32. "webcat_logs" Type: "Web Categorization Logs" Retrieval: FTP Poll

33. "webrootlogs" Type: "Webroot Logs" Retrieval: FTP Poll

34. "welcomeack_logs" Type: "Welcome Page Acknowledgement Logs" Retrieval: FTP Poll

Enter the number of the log you wish to grep.

[]> 1

Enter the regular expression to grep.

[]> 192.169.192.168

Do you want this search to be case insensitive? [Y]>

Do you want to search for non-matching lines? [N]>

Do you want to tail the logs? [N]> y

Do you want to paginate the output? [N]>

Press Ctrl-C to stop.

View solution in original post

Chris Illsley · ‎12-07-2012

Hello,

You can add the below to bypass authentication:

Otherwise, you could do a grep and see what user agent it supplies and create an identity based on this.

Thanks

Chris

Bogdan Nita · ‎12-07-2012

Hello mooncat76,

I added the following list to bypass authentication:

.microsoft.com, activation.sls.microsoft.com, crl.microsoft.com, go.microsoft.com, sls.microsoft.com

(I couldn't add the list provided by you).

, but no success in activating windows.

Thank you!

Chris Illsley · ‎12-07-2012

Hello,

Have a look at what is getting blocked, log onto the IronPort via SSH, then:

grep

1 Accesslogs

IP address of system that is trying the activation

Tail logs: Y

From there see what is getting denied and change your custom category accordingly.

Thanks

Chris

IronPort1> grep

Currently configured logs:

1. "accesslogs" Type: "Access Logs" Retrieval: FTP Poll

2. "authlogs" Type: "Authentication Framework Logs" Retrieval: FTP Poll

3. "avc_logs" Type: "AVC Engine Logs" Retrieval: FTP Poll

4. "bypasslogs" Type: "Proxy Bypass Logs" Retrieval: FTP Poll

5. "cli_logs" Type: "CLI Audit Logs" Retrieval: FTP Poll

6. "dca_logs" Type: "DCA Engine Logs" Retrieval: FTP Poll

7. "external_auth_logs" Type: "External Authentication Logs" Retrieval: FTP Poll

8. "feedback_logs" Type: "Feedback Logs" Retrieval: FTP Poll

9. "ftpd_logs" Type: "FTP Server Logs" Retrieval: FTP Poll

10. "gui_logs" Type: "GUI Logs" Retrieval: FTP Poll

11. "haystackd_logs" Type: "Haystack Logs" Retrieval: FTP Poll

12. "idsdataloss_logs" Type: "Data Security Logs" Retrieval: FTP Poll

13. "logderrorlogs" Type: "Logging Logs" Retrieval: FTP Poll

14. "mcafee_logs" Type: "McAfee Logs" Retrieval: FTP Poll

15. "musd_logs" Type: "Mobile User Security Daemon Logs" Retrieval: FTP Poll

16. "pacd_logs" Type: "PAC File Hosting Daemon Logs" Retrieval: FTP Poll

17. "proxylogs" Type: "Default Proxy Logs" Retrieval: FTP Poll

18. "reportd_logs" Type: "Reporting Logs" Retrieval: FTP Poll

19. "reportqueryd_logs" Type: "Reporting Query Logs" Retrieval: FTP Poll

20. "saas_auth_log" Type: "SaaS Auth Logs" Retrieval: FTP Poll

21. "shd_logs" Type: "SHD Logs" Retrieval: FTP Poll

22. "snmp_logs" Type: "SNMP Logs" Retrieval: FTP Poll

23. "sntpd_logs" Type: "NTP Logs" Retrieval: FTP Poll

24. "sophos_logs" Type: "Sophos Logs" Retrieval: FTP Poll

25. "status" Type: "Status Logs" Retrieval: FTP Poll

26. "system_logs" Type: "System Logs" Retrieval: FTP Poll

27. "trafmon_errlogs" Type: "Traffic Monitor Error Logs" Retrieval: FTP Poll

28. "trafmonlogs" Type: "Traffic Monitor Logs" Retrieval: FTP Poll

29. "uds_logs" Type: "UDS Logs" Retrieval: FTP Poll

30. "updater_logs" Type: "Updater Logs" Retrieval: FTP Poll

31. "wbnp_logs" Type: "WBNP Logs" Retrieval: FTP Poll

32. "webcat_logs" Type: "Web Categorization Logs" Retrieval: FTP Poll

33. "webrootlogs" Type: "Webroot Logs" Retrieval: FTP Poll

34. "welcomeack_logs" Type: "Welcome Page Acknowledgement Logs" Retrieval: FTP Poll

Enter the number of the log you wish to grep.

[]> 1

Enter the regular expression to grep.

[]> 192.169.192.168

Do you want this search to be case insensitive? [Y]>

Do you want to search for non-matching lines? [N]>

Do you want to tail the logs? [N]> y

Do you want to paginate the output? [N]>

Press Ctrl-C to stop.

Bogdan Nita · ‎12-10-2012

Thank you for all your help mooncat76 !