Skip navigation
WestminsterSA
WestminsterSA Calculating status...
Currently Being Moderated

Unable to activate via TMG

Aug 7, 2012 5:48 PM

Tags: #error #authorization #failed #activation #digital_editions #adobe_digital_editions

I am unable to activate Digital Editions on our school network. We need to use this software, as the library is now doing ebook loans.

I am able to go to http://adeactivate.adobe.com/

When I open up Digital Editions it asks for my username and password (for the Microsoft TMG proxy) but fails over and over and I receive the E_ADEPT_IO ActivationServiceInfo Error%20#2032

I do not see anything in the TMG logs when I open Digital Editions and enter in the password.

I have also tested with the Firewall on the desktops disabled.

1721 Views   14 Replies   Latest reply: Frustrated in AZ, Nov 20, 2012 11:05 PM
 
Replies
  • WestminsterSA
    Currently Being Moderated
    1. WestminsterSA,
    Aug 9, 2012 3:43 PM   in reply to WestminsterSA
    Report

    BUMP

     
    |
    Mark as:
  • WestminsterSA
    Currently Being Moderated
    2. WestminsterSA,
    Aug 9, 2012 4:39 PM   in reply to WestminsterSA
    Report

    I managed to chat with an Adobe representative. He gave me basic fixes.

    Then he told me that Adobe only support the install of Digital Edition as a Local Administrator on a network with no proxies. I explained how that was very bad for security and he closed the chat session.

    This is terrible, considering we HAVE TO use these terrible proprietary ACSM files in our school because that is what the ebook borrowing software we will be using, uses.

     
    |
    Mark as:
  • WestminsterSA
    Currently Being Moderated
    3. WestminsterSA,
    Aug 9, 2012 7:27 PM   in reply to WestminsterSA
    Report

    I have now figured out at which stage it is failing.

    Using http://www.wireshark.org/download.html I discover that Digital Editions is successful in accessing http://adeactivate.adobe.com/adept/ActivationServiceInfo which downloads ActivationServiceInfo.acsm

    It appears to be failing after downloading that file.

    This means that Digital Editions is having no problem going through the firewall until after it downloads that file and tries to run it.

     

    This is the proxy error I receive at that stage "Expert Info (Chat/Sequence): HTTP/1.1 407 Proxy Authentication Required ( Forefront TMG requires authorization to fulfill the request. Access to the Web Proxy filter is denied.  )"

     

    Why does it authenticate fine to the proxy for the first part but fails for the second part?

     
    |
    Mark as:
  • WestminsterSA
    Currently Being Moderated
    4. WestminsterSA,
    Aug 10, 2012 12:19 AM   in reply to WestminsterSA
    Report

    I have so far discovered that I need to allow adobe.com and macromedia.com through my proxy as anonymous users.

    Why the hell doesn't Adobe Digital Editions use the system wide proxy? This can be fixed? Why can't it use the system wide proxy. This just seems mental to me.

     
    |
    Mark as:
  • Frustrated in AZ
    Currently Being Moderated
    5. Frustrated in AZ,
    Aug 10, 2012 6:45 AM   in reply to WestminsterSA
    Report

    I read the thread, and I'm puzzled.

     

    First, ADE was never intended to be used via a network.  It's just a

    library management system designed to be used by one user at a time.  If

    the Adobe rep tried to get it running on a network, he probably wasn't

    trained in ADE.

     

    Next, I think you're confused - and probably others are as well.  ADE works

    with the implementation of Digital Rights Management (DRM) that comes from

    Adobe Content Server - which is entirely separate software.  And that may

    be why you think you have to use ADE. But that's not true.  ADE is not the

    only implementation of DRM.

     

    Digital rights have been incorporated into several other software systems

    that are used commercially (in contrast to ADE), and some of those systems

    are being used for multiple users in a situation like yours.  The most

    obvious one is Overdrive.  It's used by a large number of libraries and

    publication houses to distribute and manage multiple sites and multiple

    users.  If you're thinking of 'distributing' textbooks to students, that's

    a parallel to libraries loaning ebooks to patrons, and Overdrive will work

    just fine for that.

     

    I'm sure that this isn't the answer you were looking for, but....

     

    =================

     
    |
    Mark as:
  • WestminsterSA
    Currently Being Moderated
    6. WestminsterSA,
    Aug 12, 2012 4:16 PM   in reply to Frustrated in AZ
    Report

    First, I have never said I wanted to run it via the network. I said I want it to run on a local machine. The problem is that all the machines can only access the Internet via our Microsoft Forefront Threat Management Gateway. This is where the problem lies. The reason this fails is that ADE is NOT authenticating to the proxy. It appears to be using the system wide proxy but then tries to access the Internet using an anonymous user. This is bad software design.

     

    Next, I think you didn't read my comments very well. The company that we are working with, to allow students to borrow eBooks, uses ACSM files which requires us to use ADE. Do not make assumptions.

     

    We are using http://www.wheelersbooks.com.au/info/ebooks/

     
    |
    Mark as:
  • Frustrated in AZ
    Currently Being Moderated
    7. Frustrated in AZ,
    Aug 12, 2012 11:37 PM   in reply to WestminsterSA
    Report

    Thanks for clarifying the environment.  That helps.

     

    But, as far as the use of ADE is concerned, the website that you've

    referenced states that they use Digital Rights Management.  I didn't go far

    into the site, but you should not make the assumption that you must use

    Digital Editions, perhaps because it's from the same vendor as the DRM

    protection software.  You could use Calibre, Overdrive, Bluefire Reader (or

    Apple software) and achieve the same results.  .ascm files work with all of

    those products (but Apple has implemented DRM a bit differently).

     

    I'm not an Adobe employee, nor did I work on the design of the software.

    However, I have worked in programming extensively during my 40 year career,

    and I've been emmeshed in similar design situations.  The blending of

    distribution from a central point and software that's designed to be

    downloaded individually from the vendor's site doesn't work well - and

    that's why I commented on the 'network' side of things.  The software

    coding gets difficult if access to the Internet is controlled by a gateway,

    which I think is what you're saying.  It's not that Adobe has a 'bad

    design' - it's that Adobe did not design its software to be downloaded in

    your environment.

    I understand the need to try to manage access to the Internet in an

    environment like yours.  In my experience, resolving this conundrum

    involves figuring out whether you will permit the user to download

    according to the software's expectations or not.  The alternative that

    might work is to have the users download the software directly from

    whichever product vendor you select.  I don't think you'll have this issue

    if you use Overdrive or Calibre.  I can't speak for Bluefire Reader.

     

    ==============

     
    |
    Mark as:
  • WestminsterSA
    Currently Being Moderated
    8. WestminsterSA,
    Aug 13, 2012 5:49 PM   in reply to Frustrated in AZ
    Report

    From Calibre's FAQ:

    How do I use purchased EPUB books with calibre?

    Most purchased EPUB books have DRM. This prevents calibre from opening them. You can still use calibre to store and transfer them to your ebook reader. First, you must authorize your reader on a windows machine with Adobe Digital Editions. Once this is done, EPUB books transferred with calibre will work fine on your reader. When you purchase an epub book from a website, you will get an ”.acsm” file. This file should be opened with Adobe Digital Editions, which will then download the actual ”.epub” ebook. The ebook file will be stored in the folder “My Digital Editions”, from where you can add it to calibre.

     

    Overdrive Media Console doesn't seem to resolve the problem either.

     

    If Adobe did not design it's software to work with a local computer system wide proxy.... why does it? It uses the system proxy but then fails at authentication. This IS bad software design.

     

    We have resolved the issue by allowing anonymous connections through TMG for the websites ADE contacts during use. This is not a good solution but it at least has it working for now.

     
    |
    Mark as:
  • Luis.Portocarrero.Pinto
    Currently Being Moderated
    9. Luis.Portocarrero.Pinto,
    Nov 20, 2012 2:46 PM   in reply to WestminsterSA
    Report

    Hi WestminsterSA, I have the same problem. Can you tell me please How should I configure my proxy server? Thanks in advanced

     
    |
    Mark as:
  • Frustrated in AZ
    Currently Being Moderated
    10. Frustrated in AZ,
    Nov 20, 2012 3:31 PM   in reply to Luis.Portocarrero.Pinto
    Report

    I answered WestminsterSA concerning downloading via his school's network.

    I missed a part of the answer, however, and he repeated part of the

    question:

     

    "If Adobe did not design it's software to work with a local computer system

    wide proxy.... why does it? It uses the system proxy but then fails at

    authentication. This IS bad software design."

    He fails to understand that his school proxy settings - anonymous - are not

    connected in any way to the way ADE is coded.  It was never designed as

    anything other than a 1:1 software system: the user connects directly with

    Adobe.  Your network is passing stuff up the line, but it's failing at the

    network's authentication, not at ADE's.  My comments about use in a

    networked environment are still valid.  And that's not 'bad software

    design" at all.

     

    To both of you: the suggestions I have for server configuration are made in

    a vacuum, because I don't know anything about your IT environment or who

    controls what portions of it.  Given that ADE wants to connect directly

    with Adobe to be installed, AND ADE anticipates a direct connection with

    the ebook sources, I'm not sure that you can do anything at all with the

    servers.  However, if your servers can be configured to permit ADE to

    connect directly with Adobe, or vice versa, then you 'may' be able to get

    ADE to run effectively.  The prototype is the WIndows 7 firewall, which

    acts as a 'network' front end.

     

    In the US, schools libraries and universities in general do not use ADE for

    students or patrons.  They use more robust, multi-user systems like

    Overdrive (not Calibre - they do not have a DRM module).  You do not HAVE

    to run ADE in order to get DRM-enabled material.  What's tripping you up -

    and many more than just you two - is the fact that Adobe's Content Server

    Manager CSM) is the core of DRM processing in several of the epublication

    management systems.  Because CSM is in widespread use, AND because Digital

    Editions is able to interact with it by design (Adobe product to Adobe

    product), many, many sources for ebooks combine the two, and tell you that

    you 'must' use ADE.  Overdrive would take exception to that.

     

    My overall suggestion is to sit down with the IT department and hash this

    out IF lots of the students are going to use or are using ebooks for

    classes and research.  It sounds like neither of your institututions has

    thought this out thoroughly.  Yes, that's an oversimplification, and may

    not be possible.  But you should try!

     

    ================

     

     

     

     

     

     

    On Tue, Nov 20, 2012 at 3:46 PM, Luis.Portocarrero.Pinto <

     
    |
    Mark as:
  • WestminsterSA
    Currently Being Moderated
    11. WestminsterSA,
    Nov 20, 2012 5:46 PM   in reply to Luis.Portocarrero.Pinto
    Report

    You need to allow anonymous connections through your proxy for particular adobe activation sites. I can't remember what they are now, but if you monitor anonymous connections to TMG when attempting to activate you will see the sites requested.

     

    "If Adobe did not design it's software to work with a local computer system

    wide proxy.... why does it? It uses the system proxy but then fails at

    authentication. This IS bad software design."

    He fails to understand that his school proxy settings - anonymous - are not

    connected in any way to the way ADE is coded. It was never designed as

    anything other than a 1:1 software system: the user connects directly with

    Adobe. Your network is passing stuff up the line, but it's failing at the

    network's authentication, not at ADE's. My comments about use in a

    networked environment are still valid. And that's not 'bad software

    design" at all.

    You fail to understand how proxying works. The anonymous part is because ADE is not using the system wide proxy credentials supplied to it for the whole of the connection. This is due to the way it is coded. The software is using the correct proxy settings for the most part but is not passing the authentication through for the entirety of the activation. This has absolutely nothing to do with the proxy itself. If the software is not using supplied credentials when talking to the proxy server it is not going to be allowed through.

    Basically ADE is going... "I will send this through the proxy but I'm not going to supply credentials with it." This is bad software design. This design will only work with a filter that filters ALL traffic without any authentication. This is an issue lots of people face with iOS and Android because lots of apps don't use a system wide proxy and also have no way to enter in credentials for a proxy. This is simply people writing software and ignoring the fact that people will use proxies that require authentication.

     
    |
    Mark as:
  • Frustrated in AZ
    Currently Being Moderated
    12. Frustrated in AZ,
    Nov 20, 2012 7:50 PM   in reply to WestminsterSA
    Report

    I've been working with software for over 30 years.  I understand the way

    proxying works from the lowest level.  Do not lecture me on how you think

    it should work.

     

    ADE does not supply credentials because it does not know that it's

    operating in a proxy environment.  The proxy server doesn't tell it that it

    is - and it wouldn't matter anyway, because ADE's 'bad' design is not

    intended to operate in that environment.  Period.

     

    ==========

     
    |
    Mark as:
  • WestminsterSA
    Currently Being Moderated
    13. WestminsterSA,
    Nov 20, 2012 8:13 PM   in reply to Frustrated in AZ
    Report

    Except for the fact that ADE presents you with a popup requesting you enter in the credentials for the proxy... but fails to passthrough those credentials.

     
    |
    Mark as:
  • Frustrated in AZ
    Currently Being Moderated
    14. Frustrated in AZ,
    Nov 20, 2012 11:05 PM   in reply to WestminsterSA
    Report

    Sorry.  The proxy server is asking for those credentials, not ADE.

     

    We're back to the fact that ADE is not intended for use in a network.

     

    ===========

     
    |
    Mark as:
Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Answers + Points = Status

  • 10 points awarded for Correct Answers
  • 5 points awarded for Helpful Answers
  • 10,000+ points
  • 1,001-10,000 points
  • 501-1,000 points
  • 5-500 points