Copy link to clipboard
Copied
Our work environment uses authenticating proxies for Internet connectivity - how do I configure Creatvive Cloud applications to work with that? For example, the Adobe Application Manager doesn't recognize the proxy (nor ask for its password) and hence fails to work.
I appreciate the frustration you must be experiencing here, and that these workarounds are not ideal for a corporate environment. I am working with our engineering teams to address these issues, and this information should be useful in finding a solution.
The list above is unfortunately incomplete; please ensure that the following domains are whitelisted:
*.adobe.com
*.adobelogin.com
*.adobeoobe.com
If you are still experiencing problems, please run our Log Collector tool; for example, the file "PDAp
...Copy link to clipboard
Copied
@ADOBE This is embarassing and not acceptable. Professional companies need a proxy config asap. This shouldn't be hard to implement.
Copy link to clipboard
Copied
After communication with Adobe they sent me a list of ports that needed White listing:
ccmdl.adobe.com:80
swupmf.adobe.com:80
swupdl.adobe.com:80
https://na1mbls.licenses.adobe.com
https://ims-na1.adobelogin.com
https://adobeid-na1.services.adobe.com
https://na1r.services.adobe.com
http://activate.adobe.com
https://activate.adobe.com
http://adobe.activate.com
https://adobe.activate.com
ccmdls.adobe.com:443
ims-na1.adobelogin.com:443
na1r.services.adobe.com:443
prod-rel-ffc-ccm.oobesaas.adobe.com:443
lm.licenses.adobe.com:443
www-du1.adobe.com
Maybe this will help
Copy link to clipboard
Copied
Hi,
Same problem in our environment with proxy server.
This is embarassing and not acceptable. Professional companies need a proxy config asap.
Adobe wasn't aware that entreprises were equiped with Proxies??
The Creative Cloud is more expensive than before for users who can't change their versions each 3 years and administrators have to waste many hours in order to deploy these software. It's not acceptable.
@Customers: where can we find alternatives to Adobe Products?
Copy link to clipboard
Copied
I can't believe this is still an unsolved issue!
I'll be forced to cancel the renewal of my Adobe Creative cloud if they don't allow us to change the configuration for our proxies.
=(
Copy link to clipboard
Copied
I was able to get this working. We use IronPort WSAs. I created a custom URL Category that included .adobe.com and adobesc.com. Then, created a corresponding identity and set it to not require authentication. I added the custom URL category to the appropriate access policy and set to "Allow", not "Monitor". We were all able to install and update Creative Cloud after this.
Copy link to clipboard
Copied
Hmmmmm. I'm in a large corporation that has *tight* control over installations for software and network settings. Simply saying "Hey - turn off these sites for proxy. Adobe says they're cool so we're good to go." will get me fired. Period.
Installing software that is not on the 'approved' list will also get me fired. (It starts to look "hackerish".)
Is there any solution that does not require me to apply bandaids or violate company (and government) standards?
Really, I'm sick and tired of this. It's been, what, a year and a half? Either fix the proxy issue or update to CS7 so I can get on with things.
Copy link to clipboard
Copied
Hey Guys,
I had the same issue and got the same Screen like @ShackyC ´s post
After a Long Research i finally found this link.
I tried out the Settings and it worked.
Allow Adobe Creative Cloud Through a Proxy Server « Sammits World
I hope it will help you
Copy link to clipboard
Copied
I hate it when people reply "I have that problem too", but has anyone found any other possible solutions to this problem? I've tried all proposed solutions but with no success. I have been in touch with Adobe and after an hour I got nothing more than those solutions given above. There must be a tool that can show where the connection fails? All I get is a 404 error (yes I know what that means!). I'm working in a corporate environment and have similar restrictions as described by @TomCalderwood so I'm sure there is more to it and Adobe should know the fix. My sincerest thanks to anyone who can get this working!
Copy link to clipboard
Copied
try wireshark
Copy link to clipboard
Copied
So it's 2015 and they haven't fixed this since 2012?? I'm in the same boat where there's no way Adobe is getting fancy treatment and bypassing the proxy server. We are too big of a company with too many privacy issues attached.
Fix it, Adobe, or sell out to somebody that can.
Copy link to clipboard
Copied
Adobe, shame on you. Stop thinking that Creative Cloud users are single professionals connected to the internet with a 20 bucks soho router. In this world also exist low to mid to big companies who use web proxies (do you know? yeah, those hardware/software appliances which can filter web traffic, after user authentication). It's simply r-i-d-i-c-u-l-o-u-s that such a big company completely ignore all the complains on such a big issue (unable to authenticate with any web proxy) of the world's most famous graphic suite. WAKE UP, Adobe!!!
Copy link to clipboard
Copied
At present, NTLM is unfortunately not supported as an authentication mechanism.
You may find more information using a software proxy such as Charles Web Debugging Proxy • HTTP Monitor / HTTP Proxy / HTTPS & SSL Proxy / Reverse Proxy which can be configured as an intermediary between your applications and a corporate proxy server.
If you are still seeing problems with this, please provide details of the software/hardware version of your proxy server and the type of authentication used (e.g. Kerberos, simple etc.).
Copy link to clipboard
Copied
This is obviously not a solution. NTLM is not supported ? That's a first interesting point, why not be clear on this since 3 years this topic is opened ?
So now that you tell us NTLM is not supported, which URL we have to bypass for authentication ? Please don't answer ALL URLs used by Creative Cloud software, as there is tens of it !!!
And our proxy solution also make SSL inspection, can you please give us a (short) list of URL we need to bypass for SSL inspection ?
Proxy solution is 20 McAfee WebGateway appliances spread worldwide, running last available software (7.4.2.7.0 as of today).
Thanks for your (professional) answer to come, Dominic.
Copy link to clipboard
Copied
I appreciate the frustration you must be experiencing here, and that these workarounds are not ideal for a corporate environment. I am working with our engineering teams to address these issues, and this information should be useful in finding a solution.
The list above is unfortunately incomplete; please ensure that the following domains are whitelisted:
*.adobe.com
*.adobelogin.com
*.adobeoobe.com
If you are still experiencing problems, please run our Log Collector tool; for example, the file "PDApp.log" is saved to the %TEMP% directory and may provide further information; otherwise, I would ask that you raise a case with our support team via the support portal at https://www.adobe.com/support/ and provide the log collection archive so that we can look in to the logs in more detail (they may contain network-specific information, so I would suggest not posting their contents here). Please feel free to mention this thread, however.
Copy link to clipboard
Copied
Dominic, thank you for posting. However, I don't think anyone at adobe has a clue how frustrating this is. Otherwise it would not be an issue. I will make sure your additions are added to my firewall and proxy equipment, but I'm not holding my breath.
In addition it might be better for adobe support to not say too much. That diagnostic tool you are suggesting? Don't bother. One it doesn't pull copies of the log files. It looks like it is doing something, and it doesn't extract any information. In addition if you watch the progress of the data collection you will see that 3 directory paths use double backslashes (\\) and then the data collection fails for that directory path. Why did it fail I wonder, could it be the double backslashes between directory names? Whoever did the coding for that tool did not do a very good job.
Sooo, right now adobe can't get out of it's own way. Certain key aspects of it's product were released without being thoroughly tested, and there is no fix, The diagnostic tools to find the problem don't work. Technicians on the support team don't have a clue. What else could there be? Not much is left that could be wrong.
Am I being critical...you bet.
ccmdls.adobe.com
443
ims-na1.adobelogin.com
80
443
ims-prod06.adobelogin.com
443
na1r.services.adobe.com
80
443
prod-rel-ffc-ccm.oobesaas.adobe.com
443
lm.licenses.adobe.com
80
443
ccmdl.adobe.com
80
swupmf.adobe.com
80
swupdl.adobe.com
80
Copy link to clipboard
Copied
To address your issue regarding the Log Collector, it may be that it cannot access the logs if the user account is redirected to another location. In this case, you can view the logs at the following locations:
Windows 32-bit (XP, Vista, 7)
Windows 64-bit (XP, Vista, 7)
Mac OS
Windows XP
\Documents and Settings\<user name>\Local\Application Data\temp
Windows Vista, 7
\Users\<user name>\AppData\Local\temp
Mac OS
/tmp
Copy link to clipboard
Copied
No!!! The problem is that the log collector is using incorrect syntax to obtain the log files. Instead of taking my word for it run it for yourself. I have downloaded the exe, and it has been emailed to me. Both versions if they are different have the same problem.
If I could edit the file for you and send it back as something usable for others I would do it for free. I did send the log files individually.
Copy link to clipboard
Copied
Perhaps this is best discussed directly, as the log collector is secondary to the issue at hand here regarding the use of a proxy server. Please message me your contact details on this forum, and we'll be in touch.
Copy link to clipboard
Copied
Hi Dominique,
Has adobe found a solution yet? as this is the second month we haven't been able to use the Adobe CC services for 15 users...
Thanks in advance.
Steve
Copy link to clipboard
Copied
Hi Steve,
please provide details of your proxy server and the authentication methods enabled on it, either in this thread or via direct message, so we can look in to this. If you would like to message me your contact details, I'll have someone get in touch.
thanks
Dominic
Copy link to clipboard
Copied
Hi Dominique,
We use Zscaler Proxy cloud service and have whitelisted the following addresses
*.adobe.com
*.adobe.io
*.adobelogin.com
*.adobeoobe.com
*.data-web.fr/
*.dscms.akamai.net
*.elb.amazonaws.com
ims-na1.adobelogin.com
ims-prod06.adobelogin.com
na1r.services.adobe.com
prod-rel-ffc-ccm.oobesaas.adobe.com
prod-rel-ffc.oobesaas.adobe.com
Creative cloud can connect, you can download software etc..
But when we click on license software, we get this message
Internet connection required for subscriptions
What's missing?
Thanks
Steve
Copy link to clipboard
Copied
When I see the huge amount of security issues in Adobe products, having Adobe domains (*.adobe.com) SSL and malware scanning whitelisted is just no way for security team, it's not a solution. Adobe must improve security topics handling in their products and services, and in a near future you must provide a better support for this particular case. Users are angry, and so we are in IT teams... Please hear us.
Copy link to clipboard
Copied
Soooo true. Their solutions are a joke. Here is what I was given and told. I was told by their 2nd level support that there is very little support for proxies and firewalls for CCT. I was given a list of items to verify which I am going to do when I can this week, but it won't be fruitful. The other alternative for companies is wait. ready??
Purchase the Creative Cloud for the Enterprise, sounds reasonable right? I thought maybe that would be a slightly more expensive solution, but alleviate the headaches I have been having. Called my account manager at CDW to find out the additional charges for the upgrade. Adobe is so reasonable. It would only be $35,000/year with a commitment of 3 years for my 18+ users. Only $100,000.00,how reasonable.
Adobe is does not care about their customers, the frustration and hours of work it took me to get out of the 1st Tier support zoo is one problem they have to address, the security problems with their CCT offerings is another, learning what good customer service entails would be another area.
Copy link to clipboard
Copied
Hi Steve,
Have you already gone through the network endpoint documentation?
It appears you've already hit up most of the listed web URLs.
I'm running into a similar issue with my organization's proxy and firewall, so i'm collecting information to speak with my networking team to create some firewall and proxy rules.
It looks like there are about 15 AWS addresses that CC tries to hit just during the login process when performing a wireshark capture. I'm sure most of them are simply redundant hosts since it was unable to communicate with each one, which causes it to try the next host.
Hopefully the AWS hosts get resolved via the core service endpoints listed in the document. I'll post the results if I can get some rules in place to try it out.
Josh Smith
Technical Infrastructure Specialist
American Fidelity
Copy link to clipboard
Copied
Really? 3 years this has been going on and you still need us to take up valuable time running logs and pestering our IT departments? The solutions you have provided indicate that you know what is causing the problem but have not done whatever is necessary to solve it.
This is so discouraging for me as the problem just popped up. I've been using the Cloud for several years now and this morning is the first time I've had this problem. I don't have much hope of ever updating my Adobe Cloud software again, if this is how Adobe has approached this problem!
I work for a large insurance company and our IT department will sneer when I give them the solution you have provided.