Server 2012 R2 'Required OS Not Detected'

December 10, 2014, 2:21 am

≪ Previous: how to do backup large files quickly and compress the backup without taking up much space

Hopefully a simple one...

I have exported a CAB file (SCCM DCM) from from Security Compliance Manager based on the Server 2012 R2 Member Servers baseline.

I have applied this to a new Configuration Baseline in SCCM and deployed it to a 2012 R2 Server.

This server never becomes compliant, according to the SCCM Compliance Report on the server all of the Compliance Rules are failing because the Expression "Required OS" returns a value of "Not-Detected"

The description in the applied baseline report reads "The Member Server baseline includes settings that are suitable for all servers running Windows Server 2012 R2 regardless of role.", so that would suggest its the correct baseline for the server.

Thanks all!

↧

Export GPO Backup Error

December 17, 2014, 5:04 pm

≫ Next: Security Compliance Manager 3.0, Comparing Baseline error. "The node to be inserted is from a different document context"

≪ Previous: Server 2012 R2 'Required OS Not Detected'

Using SCM 3.0.60.0, I have imported 2 Custom Baselines from GPO Backup folders. When I go to export those same baselines in the GPO Backup format, 1 of them works fine, the other gives me this error:

Setting Save files in this format has following errors:

Rule Save files in this format has error: The string is missing with ID: '

' in setting 'Save files in this format'.

Any help figuring out what is going on here?

-Kyle

↧

Security Compliance Manager 3.0, Comparing Baseline error. "The node to be inserted is from a different document context"

December 18, 2014, 3:23 pm

≫ Next: Export to excel error

≪ Previous: Export GPO Backup Error

I downloaded a MS 2012 R2 baseline, created a duplicate of that, customized the duplicated baseline as per out infra & locked it.
Ran a compare between the original MS baseline & the customized one. Worked perfect.

I exported the customized baseline in GPO Backup folder format.

Now accidentally I deleted the customized baseline from SCM console, as well as the Original MS baseline.
Never mind I imported the customized baseline back on the tool from the backup I created & again downloaded the default MS baseline.

So now again I've the customized baseline which I imported as well as the original MS baseline with me.
But when I run a comparison between them it gives me an error as " "The node to be inserted is from a different document context"

But if the same imported customized baseline I compare it with any other Original MS baseline, it gives me the correct results without error.

It just gives me the error only when I compare the Customized baseline with it's Original baseline.

Any helps please?

Here's the complete error details:-

=============================
System.ArgumentException
==================
The node to be inserted is from a different document context.
------------------
Program Location:

at System.Xml.XmlNode.AppendChild(XmlNode newChild)
   at Microsoft.SecurityComplianceManager.ClientObjects.Settings.Setting.CompareExportInfo(XmlDocument xmlDoc, XmlElement xmlSetting, Setting compareSetting)
   at Microsoft.SecurityComplianceManager.ClientObjects.Settings.Setting.Compare(XmlDocument xmlDoc, Setting compareSetting)
   at Microsoft.SecurityComplianceManager.ClientObjects.Baselines.Baseline.Compare(Baseline baselineB, String filePath)
   at Microsoft.SecurityComplianceManager.UI.CompareBaselines.ButtonOKClick(Object sender, RoutedEventArgs e)

↧

Export to excel error

January 12, 2015, 3:05 am

≫ Next: Cannot open database 'XTrans' requested by the login. The login failed. Login failed user 'domain\user'

≪ Previous: Security Compliance Manager 3.0, Comparing Baseline error. "The node to be inserted is from a different document context"

Hi,

I am getting a compile error (Method or data Member not found) when exporting any baseline to excel. I am using excel 2007 and have all the add-ins enabled.

Regards,

↧

Cannot open database 'XTrans' requested by the login. The login failed. Login failed user 'domain\user'

February 8, 2012, 5:16 am

≫ Next: Failed to install Important Updates

≪ Previous: Export to excel error

Hi, everybody.

After successfully installing SCM 2.0, I'm getting an error when launching it:

Cannot open database 'XTrans' requested by the login. The login failed. Login failed user 'domain\user'

I'm suspecting it may be because I ran SCM setup with the machine in a Workgroup, and later joined the domain. So when I log on with a domain account, it is not recognized by SCM's SQL Express.

I would uninstall SCM and reinstall it now with the domain user account. Any other thoughts?

I wish I could use the same SCM VM for different AD forests, but I'm fearing I will have to have one VM machine for each... (which means more disk space).

Hope you can help.

Thanks and regards,

Mario

↧

Failed to install Important Updates

January 28, 2015, 4:21 am

≫ Next: Policies missing in SCM Windows 8.1 Security Compliance Baseline v1.0

≪ Previous: Cannot open database 'XTrans' requested by the login. The login failed. Login failed user 'domain\user'

Error Code 0x8007045D afetr failing to install updates via SCCM/SMS

↧

Policies missing in SCM Windows 8.1 Security Compliance Baseline v1.0

January 28, 2015, 7:42 am

≫ Next: Win 8.1 LocalGPO Computer Security Policies Not Applying

≪ Previous: Failed to install Important Updates

Hello,

I have installed SCM 3.0.60 (downloaded from this link: Microsoft Security Compliance Manager) on a Windows 8.1 Virtual Machine. Because I could not connect my VM to internet at the moment, I imported the Windows 8.1 Security Compliance Baseline (downloaded from this link SCM Baselines for Windows 8.1, IE 11 and Server 2012 R2 are now live!) and the baseline attachment in SCM. The import process ran well and I then created a custom baseline based on the Win8.1 Computer Security Compliance 1.0 baseline (using the Duplicate action in SCM). During my customization I have noticed that some policies were missing from my custom baseline. After verifying the original baseline I have noticed that the policies were missing in it also. I connected my VM to the internet and clicked on the Download Microsoft baselines automatically action in SCM. SCM downloaded additional baselines (Office 2013, SQL Server 2012,...). I was expecting the Win8.1 baseline to be updated but it was not. The policies are still missing and I cannot complete my customization. For information the missing policies that I've noticed are the following:

Under Computer Configuration\Administrative Templates\Windows Components\File Explorer
All policies are missing except "Configure Windows SmartScreen" and "Turn off Data Execution Prevention for Explorer"

Under Computer Configuration\Administrative Templates\Windows Components\Syncyour settings theses polices are missing:
--> Do not sync
--> Do not sync app settings
--> Do not sync browser settings
--> Do not sync desktop personalization
--> Do not sync on metered connections
--> Do not sync other Windows Settings
--> Do not sync passwords
--> Do not sync personalize

Under Computer Configuration\Administrative Templates\System\KDC these policies are missing
--> KDC support for claims, compound authentication and Kerberos armoring
--> User forest search order
--> Warning for large Kerberos tickets
--> Provide information about previous logons to client computer

It seems that theses policies are not present in the Package.XML file that is included in the Windows-8.1-Security-Compliance-Baseline.cab.

Does anyone ever experience the same issue?

Anyone know if there is an updated version of the Windows 8.1 Security Compliance Baseline ? (the version downloaded from the link i supplied above is v1.0)

Regards,

François

↧

Win 8.1 LocalGPO Computer Security Policies Not Applying

January 28, 2015, 8:17 am

≫ Next: SCM 3.0 Check For Updates continously fail

≪ Previous: Policies missing in SCM Windows 8.1 Security Compliance Baseline v1.0

I was able to modify LocalGPO.msf to properly detect Win8.1. I also downloaded and copied the most recent Win8.1 baselines. cscript LocalGPO.msf /Path:<path to GPOBackup for Computer Policy> appears to work correctly (no errors). I restart the workstation and check gpedit.msc. The policies are unchanged. An example: I want to require Ctr+Alt+Del. I've got the policy in SCM configured to disabled (Do Not Require Ctrl+Alt+Del set to disabled). However the policy is still showing as "Not Configured" even though I've applied the baseline policy. Thoughts or suggestions?

↧

SCM 3.0 Check For Updates continously fail

January 30, 2015, 12:28 pm

≫ Next: Accessing a file share on a Member Server with Win 2012r2 SCM policy applied, by a non domain PC

≪ Previous: Win 8.1 LocalGPO Computer Security Policies Not Applying

Is anyone experiencing Auto Download failures with SCM 3.0 ??

I keep getting the operation was aborted. The operation timed out. No issues going through the Proxy from the SCM box to other sites. Manual download works fine

Message location within the error generated by SCM Auto Download

t System.Net.HttpWebRequest.GetResponse()
at System.Xml.XmlDownloadManager.GetNonFileStream(Uri uri, ICredentials credentials, IWebProxy proxy, RequestCachePolicy cachePolicy)
at System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn)
at System.Xml.XmlTextReaderImpl.OpenUrlDelegate(Object xmlResolver)
at System.Threading.CompressedStack.runTryCode(Object userData)
at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode code, CleanupCode backoutCode, Object userData)
at System.Threading.CompressedStack.Run(CompressedStack compressedStack, ContextCallback callback, Object state)
at System.Xml.XmlTextReaderImpl.OpenUrl()
at System.Xml.XmlTextReaderImpl.Read()
at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
at System.Xml.XmlDocument.Load(XmlReader reader)
at System.Xml.XmlDocument.Load(String filename)
at Microsoft.SecurityComplianceManager.UI.DownloadBaselineList.LoadData(Boolean showDialogIfNotFound)

Wireshark capture shows the URL where the index for the downloads reside. The URL includes download.microsoft.comhttp://

Full request URI: http://download.microsoft.comhttp://download.microsoft.com/download/A/D/E/ADE1F0AA-8D6C-4DAB-9C87-6A06B04B6925/RssFeed_BaselineUpdateV3dot0.xml

Greatly appreciate any assistance

↧

Accessing a file share on a Member Server with Win 2012r2 SCM policy applied, by a non domain PC

January 30, 2015, 4:31 pm

≫ Next: Security Compliance Manager Install Issue

≪ Previous: SCM 3.0 Check For Updates continously fail

Hi All,

I am using SCM to build various policies and GPO templates for domain joined servers, mainly based on the Windows 2012r2 Member Server template. For the most part, this is great. With regard to network shares, computers outside of the domain cannot connect to a share on Member Server within the domain, which is what would be required most of the time. When a machine from outside of the domain attempts to access a share on a member server with the SCM template applied, I see the following entry in the 'Security' event log:

Log Name:      Security
Source:        Microsoft-Windows-Security-Auditing
Date:          31/01/2015 00:13:06
Event ID:      4625
Task Category: Logon
Level:         Information
Keywords:      Audit Failure
User:          N/A
Computer:      Inside-Domain-Machine.mydom.com
Description:
An account failed to log on.

Subject:
   Security ID:       NULL SID
   Account Name:       -
   Account Domain:       -
   Logon ID:       0x0

Logon Type:           3

Account For Which Logon Failed:
   Security ID:       NULL SID
   Account Name:       Administrator
   Account Domain:       Outside-Domain-PC

Failure Information:
   Failure Reason:       The user has not been granted the requested logon type at this machine.
   Status:           0xC000015B
   Sub Status:       0x0

Process Information:
   Caller Process ID:   0x0
   Caller Process Name:   -

Network Information:
   Workstation Name:   Outside-Domain-PC
   Source Network Address:   x.x.x.x
   Source Port:       49485

Detailed Authentication Information:
   Logon Process:       NtLmSsp
   Authentication Package:   NTLM
   Transited Services:   -
   Package Name (NTLM only):   -
   Key Length:       0

This event is generated when a logon request fails. It is generated on the computer where access was attempted.

The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).

The Process Information fields indicate which account and process on the system requested the logon.

The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
   - Transited services indicate which intermediate services have participated in this logon request.
   - Package name indicates which sub-protocol was used among the NTLM protocols.
   - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.

However, I have need for some machines that I don't want to be domain joined to access shares on some member servers. What is the best way to achieve this?

There are obviously GPOs that affect this connection, as I can always put File server into a OU which blocks inheritance in order to temporarily make a connection, but I want to find something a little more permanent.

I also have a PKI also setup. Is it possible to use certificates to create an authentication? Of course, in its current guise, I can't actually connect to the CA either in order to issue an online request. Again I could move the CA into the blocked OU temporarily, or create an offline request, but this seem a little clumsy.

Any pointers would be gratefully received.

Cheers

Chris

↧

Security Compliance Manager Install Issue

February 6, 2015, 9:27 am

≫ Next: Activating MS Office 2013 ProPlus via KMS running on the same server

≪ Previous: Accessing a file share on a Member Server with Win 2012r2 SCM policy applied, by a non domain PC

My issue stems from needing to set the MSS: settings under Group Policy Management for STIG compliance.

To do this a required install of the Security Compliance Manager is necessary. However upon downloading SCM 3.0 and 2.0 and attempting to install I am running into the issue where during the prerequisite checks it prompts a failure of Total Physical Memory.

More exact description of the error:

You are installing on Microsoft Windows NT 6.1.7601 Service Pack 1 with only 0 MB memory. Microsoft Security Compliance Manager requires at least 512MB of total physical memory.

The instance of windows I am attempting to install on is a new installation of Windows Server 2008 R2 SP1 and is not running as a VM.

Any ideas as to what my issue is?

Thanks for your time.

Ross

↧

Activating MS Office 2013 ProPlus via KMS running on the same server

February 6, 2015, 9:36 am

≫ Next: SCM export as SCAP: Issue with external variables

≪ Previous: Security Compliance Manager Install Issue

Given: Microsoft Windows Server 2008 R2 Enterprise 64-bit, all the latest security updates applied.

KMS service set up and running, all the recommended updates applied (to handle possible activation issues for Windows 8 etc)

Microsoft Office 2013 Standard deployed on the server mentioned above and on workstations on intranet, volume licensing in effect (proper KMS key for activation of Microsoft Ofice 2013 has been entered).

Problem: I can't activate MS Office 2013 installation running on the same server where KMS service is being run.

There are no entries in KMS event log related to this failure.

Everything was restarted, reinstalled etc several times already (including installing 32-bit and 64-bit versions of the Office).

Output of slmgr.vbs /dlv 2E28138A-847F-42BC-9752-61B03FFF33CD:

---------------------------
Windows Script Host
---------------------------
Software licensing service version: 6.1.7601.17946

Name: Office 15, KMSHostVL edition
Description: Office 15, VOLUME_KMS channel
Activation ID: 2e28138a-847f-42bc-9752-61b03fff33cd
Application ID: 0ff1ce15-a989-xxxx-xxxx-xxxxxxxxxxxx
Extended PID: 55041-00206-234-486666-03-xxxx-xxxx.xxxx-xxxxxxx
Installation ID: 01683679734050124078134659xxxxxxxxxxxxxxxxxxxxxxxxxxx
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88342
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88343
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88345
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88344
Partial Product Key: xxxxx
License Status: Licensed
Remaining Windows rearm count: 4
Trusted time: 2/05/2015 10:00:12 AM

Key Management Service is enabled on this machine
    Current count: 0
    Listening on Port: 1688
    DNS publishing enabled
    KMS priority: Normal

Key Management Service cumulative requests received from clients
    Total requests received: 0
    Failed requests received: 0
    Requests with License Status Unlicensed: 0
    Requests with License Status Licensed: 0
    Requests with License Status Initial grace period: 0
    Requests with License Status License expired or Hardware out of tolerance: 0
    Requests with License Status Non-genuine grace period: 0
    Requests with License Status Notification: 0

---------------------------
OK
---------------------------

Output of cscript ospp.vbs /dstatus

Microsoft (R) Windows Script Host Version 5.8
Copyright (C) Microsoft Corporation. All rights reserved.

---Processing--------------------------
---------------------------------------
SKU ID: b13afb38-cd79-4ae5-xxxx-xxxxxxxxxxxx
LICENSE NAME: Office 15, OfficeStandardVL_KMS_Client edition
LICENSE DESCRIPTION: Office 15, VOLUME_KMSCLIENT channel
LICENSE STATUS:  ---OOB_GRACE---
ERROR CODE: 0x4004f00c
ERROR DESCRIPTION: Run the following: cscript ospp.vbs /ddescr:0x4004f00c
Last 5 characters of installed product key: GVGXT
        DNS auto-discovery: KMS name not available
        Activation Interval: 120 minutes
        Renewal Interval: 10080 minutes
        KMS host caching: Enabled
---------------------------------------
---------------------------------------
---Exiting-----------------------------

↧

SCM export as SCAP: Issue with external variables

February 6, 2015, 12:38 pm

≫ Next: SCM 3.0 Install Fails Installation Prereq./Windows 7

≪ Previous: Activating MS Office 2013 ProPlus via KMS running on the same server

SCM can export some of the baselines as SCAP v1.0 XML files (including CPE, OVAL and XCCDF).

Here's an excerpt of an OVAL file generated by SCM for Windows 7:

<definitions><definition ...>
    ...<title>Network security: Do not store LAN Manager hash value on next password change</title><criteria><criterion negate="false" test_ref="oval:microsoft.com:tst:1" ... /></criteria></definition>
  ...</definitions><tests>
  ...<registry_test id="oval:microsoft.com:tst:1"><object object_ref="oval:microsoft.com:obj:1" /><state state_ref="oval:microsoft.com:ste:1" /></registry_test>
  ...</tests><objects>
  ...<registry_object id="oval:microsoft.com:obj:1" ...><hive>HKEY_LOCAL_MACHINE</hive><key>System\CurrentControlSet\Control\Lsa</key><name>NoLMHash</name></registry_object>
  ...</objects><states>
  ...<registry_state id="oval:microsoft.com:ste:1" ...><value var_ref="oval:microsoft.com:var:1" datatype="int" operation="equals" /></registry_state>
  ...</states><variables>
  ...<external_variable id="oval:microsoft.com:var:1" ... />
  ...</variables>

As you can see, "oval:microsoft.com:var:1" is defined as an external variable. Unless the value of this external variable is specified, no OVAL tool (such as OVALDI) can evaluate this XML file against a given Windows 7. (In fact, there are over 400 external variables in this XML file.)

Can SCM export an OVAL file which includes the value of the external variables?

↧

SCM 3.0 Install Fails Installation Prereq./Windows 7

February 11, 2015, 6:58 am

≫ Next: Can SCM use a remote database and/or can that database be on SQL Server 2008 R2?

≪ Previous: SCM export as SCAP: Issue with external variables

Hi all,

Downloaded the most recent SCM version and went to install and have a curious error popping up.

Checking Security Compliance Manager Installation Prerequisite...

FIND: =: No such file or directory

I have tried erasing all temporary files and AppData from past failed installs, removed and reinstalled VC++ 2010 (correct version), and restarting. This thing is driving me crazy, any thoughts on a fix?

Edit: Windows 7

↧

Can SCM use a remote database and/or can that database be on SQL Server 2008 R2?

January 6, 2012, 9:56 am

≫ Next: Download Updates for Windows Server 2012 R2 Security Baseline..every time I open SCM

≪ Previous: SCM 3.0 Install Fails Installation Prereq./Windows 7

So two questions:

1) Can SCM use a remote SQL Server database rather than on the local machine? So SCM is installed, for example on AppServer but the database we want it to use is installed on DBServer.

2) Can SCM use a SQL Server 2008 R2 database rather than just SQL Server 2008?

TIA

Michael MacGregor, Senior SQL Server DBA

↧

Download Updates for Windows Server 2012 R2 Security Baseline..every time I open SCM

February 13, 2015, 7:32 am

≫ Next: Exporting error "Nothing can be exported until at least one setting is configured"

≪ Previous: Can SCM use a remote database and/or can that database be on SQL Server 2008 R2?

Each and every time I open SCM, I am prompted to download the Windows Server 2012 R2 Security Baseline 1.0 Fr, August 15 2004... Doesn't matter if I've installed it before or not.

Anyone else seeing this problem? Does anyone know why this is happening or how I can get it to stop? I tried uninstalling SCM and reinstalling, but the problem continues.

SCM is installed on a Windows 7 virtual machine, if that is relevant.

Thank you,

Rob

↧

Exporting error "Nothing can be exported until at least one setting is configured"

August 7, 2014, 11:02 am

≫ Next: Export GPO Backup Missing Settings

≪ Previous: Download Updates for Windows Server 2012 R2 Security Baseline..every time I open SCM

I imported a GPO Folder export into Microsoft Security Compliance Manager.
Then, I went to export it as SCCM DCM 2007 (.cab) so that I can prepare to import it into SCCM for Configuration Baseline data.

However, Compliance Manager throws me an error which I haven't run into on any other GPO's I've done the same process for.

Does anyone know what this mean and how I can fix this?

After import, I go to Export:

Save it as file name USGCB WIN7 User Settings_DCM.CAB

Immediately get this message, so it doesn't save after all:

---------------------------
Microsoft Security Compliance Manager
---------------------------
Nothing can be exported until at least one setting is configured.
---------------------------
OK
---------------------------

Does anyone know what needs to be configured? It seems to me the settings are configured? I haven't got this message until this one and I've done about 10 other exports with no issue.

↧

Export GPO Backup Missing Settings

February 26, 2014, 1:39 am

≫ Next: LocalGPO Tool for Windows 8.1

≪ Previous: Exporting error "Nothing can be exported until at least one setting is configured"

Hi. I'm trying to use SCM 3.0 to implement the WS2008R2SP1 Domain Controllers Security Compliance 1.1 in a newly promoted DC.

The baseline has 393 unique settings but when I tried to export it to a GPO backup folder and then import it back to SCM, I only get 220 unique settings. Is this a bug or a default behavior of SCM 3.0?

↧

LocalGPO Tool for Windows 8.1

October 24, 2013, 12:34 pm

≫ Next: Security Compliance Manager 3.0 "The data could not be exported to Excel" (Office 365 complication)

≪ Previous: Export GPO Backup Missing Settings

I've downloaded the latest SCM 3.0 but the LocalGPO tool will not work. It tells me that windows 8.1 is not supported. Is there an update that I am missing or a work around?

Thanks,

Peter

↧

Security Compliance Manager 3.0 "The data could not be exported to Excel" (Office 365 complication)

February 26, 2015, 11:01 am

≫ Next: Extra Registry Settings - Missing admx ?

≪ Previous: LocalGPO Tool for Windows 8.1

Situation: *I have a bad feeling there is no actual fix for this other than to uninstall and install msdn office 2013 instead... but, I am posting this not only for posterity/Internet searches, but also for the Developers of the SCM 3.0.

I am posting this so that they know they will need to readdress their workmanship of the macro-based Excel Compare; since, to assume that everyone has Macros turned "on" in the first place is a VERY BAD assumption, but also if/when there are problems in adding VBA/"Always On Macro Support - as in some Admins won't allow this in their environment because Users are stupid and click on anything"... it would behoove them not to assume that such an environment exists; they should develop their tools for the "Least Privileged User" and the Most Restrictive setup of toolsets... Don't "Ass-u-me".

Win 7 workstation - domain joined, I am a domain admin, but running the tool on desktop as User

SCM 3.0, Office 365 (FYI... you absolutely no control over Excel/Office Tools "Features" in Office 365. You "should have" Visual Basic for Applications available for Macros to work correctly from the Solution Accelerator. But you have no way of knowing whether or not it is actually installed and/or working when its Office 365, due to only "Repair" or "Uninstall" options are available. "Change", i.e., "Add or Remove Features" is not available in the 365 version.)

**************OK, with that said and off my chest ***********************

Have 2 GPOs imported, ready to "Compare/Merge". In the Compare/Merge Screen, click on Export to Excel > Excel Opens, however:

It prompts you to "Export to Excel" which is actually a "Save As" dialog box... which defaults to My Documents (first Screenie) and give you the error (seen in second screenshot). Compare/Merge pops open a "CompareExport.xlsm" file which is supposed to AutoLaunch via an Excel Macro and show you your settings.

The file has no data.

***UPDATE: I don't know if this will work for others? But I chose "Desktop" lastly, and it finally worked /sigh effing sigh...

I am not about to solution their own product for them; but it seems (guess) that perhaps there is a "security feature" in regards to "where" exactly you are trying to save the file? WHo knows... Just keep messing about, you may have luck...

Grrrrrrr

↧