ASA 8.3 and VPN name/alias
May be a stupid question, but after upgrading to ASA 8.3 aliases for name that appeared in views VPN (Site to Site VPN, VPN Sessions) no longer work.
Before the update to 8.3 when I had an object of name to an IP address or a network name to IP address appeared in brackets () in the VPN site list to site making much easyer to keep an overview of VPN connection profiles. Now I just see the Plains IP-addresses.
It is similarly to display the details of session of site to site VPN connection. Here, I used to display the names of the networks in the session. Now I see only the addresses OF the network makes it much harder to keep an overview.
Is it possible to revert to the old behavior without returning to a software before 8.3?
Grateful for any help or suggestion
Dirk
Dirk,
It is not as tested as a release from typical mainetnance you get, but we run tests of regression on the subject before releasing him--only to limited quantity.
Think of it as 8.3.2 + collection of bug fixes
Weather, that it is safe or not, so concerned about safety but annoyed by the bug, you can run the acting on one of the units of failover. If you see some side effects you fail to the device performs no intermediate code.
Marcin
Tags: Cisco Security
Similar Questions
-
With the help of ASA 5510 L2L and VPN L2TP
I would let my remote users access to all resources bhind the ASA and my remote branches.
Here's my setup. ASA5510 as a hub to the data center.
172.21.x.x of internal network directly connected
DMZ directly connected 172.22.1.x.x
L2L branch1 VPN 10.47.x.x
L2L branch2 VPN 10.47.y.x
172.21.y.x remote users L2TP Windows Client
I can access my internal resources related to the ASA but not the DMZ or branch offices. I need injection road routing and reverse?
You also need to configure crossed. http://goo.GL/vLqAR
-
ASA VPN server and vpn client router 871
Hi all
I have ASA 5510 as simple VPN server and 871 router as simple VPN client. I want to have the user ID and permanent password on 871 and not to re - enter username and password since 871 uses dynamic IP address and every time I have to ' cry ipsec client ezvpn xauth "and type user name and password.
any suggestions would be much appreciated.
Thank you
Alex
Do "crypto ipsec client ezvpn show ' on 871, does say:
...
Save password: refused
...
ezVPN server dictates the client if it can automatically connect with saved password.
Set "enable password storage" under the group policy on the ASA.
Kind regards
Roman
-
Hello
I set up a lab for RA VPN with a version of the ASA5510 8.2 and VPN Client 5 software using digital certificates with Microsoft CA on a Windows 2003 server. I did the configuration based on this document from Cisco's Web site:
Now, the vpn works fine, but now I need to configure a tunnel-different groups so I can provide different services to different users. The problem I have now is that I don't know how to set it up for the certificate is the name of tunnel-group. If I do an ASA debug crypto isakmp I get this error message:
% ASA-713906 7: IP = 165.98.139.12, trying to find the group through OR...
% 3 ASA-713020: IP = 165.98.139.12, no group found by matching well payload ID: unknown
% ASA-713906 7: IP = 165.98.139.12, trying to find the group via IKE ID...
% 3 ASA-713020: IP = 165.98.139.12, no group found by matching well payload ID: unknown
% ASA-713906 7: IP = 165.98.139.12, trying to find the group via IP ADDR...
% ASA-713906 7: IP = 165.98.139.12, trying to find the group using default group...
% ASA-713906 7: IP = 165.98.139.12, connection landed on tunnel_group DefaultRAGroupSo, basically, when using certificates I connect always VPN RA only with the group default DefaultRAGroup. Do I have to use a model of different web registration for application for a certificate instead of the user model? How can I determine the OU on the user certificate so that match tunnel-group?
Please help me!
Kind regards
Fernando Aguirre
You can use the group certificate mapping feature to map to a specific group.
This is the configuration for your reference guide:
http://www.Cisco.com/en/us/partner/docs/security/ASA/asa82/configuration/guide/IKE.html#wp1053978
And here is the command for "map of crypto ca certificate": reference
http://www.Cisco.com/en/us/docs/security/ASA/asa80/command/reference/C5.html#wp2186685
Hope that helps.
-
GANYMEDE + for the unified management of ASA and VPN auth
Hello, I have ASA 5540 and 4.2 ACS (AD backend), I want authentic unified management and vpn access.
For example, I have two groups in ACS (mapping AD): Admins, VPN access.
I wish that Admins have full access (shell, VPN) and "Access VPN" only vpn, without shell of any kind.
I understand how to do with RADIUS - use 'Service-type' and network access profile, but how to do it with GANYMEDE +?
There is something
I explained to him almost the same scenario in the post of 2008
https://Cisco-support.hosted.Jivesoftware.com/message/853751#853751
To achieve this, you should have even ASA added to GANYMEDE and RADIUS AAA cleint.
Since you want to group admin must have FULL access so don't change anything on this group.
Now vpnaccess Group on ACS must have only access to the VPN, then here you need to implement IP-based NAR
Go into the setup of the Group > ip based NAR
I hope this helps.
Rgds, jousset
Note the useful posts ~
-
remote VPN and vpn site to site vpn remote users unable to access the local network
As per below config remote vpn and vpn site to site vpn remote users unable to access the local network please suggest me a required config
The local 192.168.215.4 not able ping server IP this server connectivity remote vpn works fine but not able to ping to the local network vpn users.
ASA Version 8.2 (2)
!
host name
domain kunchevrolet
activate r8xwsBuKsSP7kABz encrypted password
r8xwsBuKsSP7kABz encrypted passwd
names of
!
interface Ethernet0/0
nameif outside
security-level 0
PPPoE client vpdn group dataone
IP address pppoe
!
interface Ethernet0/1
nameif inside
security-level 50
IP 192.168.215.2 255.255.255.0
!
interface Ethernet0/2
nameif Internet
security-level 0
IP address dhcp setroute
!
interface Ethernet0/3
Shutdown
No nameif
no level of security
no ip address
!
interface Management0/0
Shutdown
No nameif
no level of security
no ip address
management only
!
passive FTP mode
clock timezone IST 5 30
DNS server-group DefaultDNS
domain kunchevrolet
permit same-security-traffic intra-interface
object-group network GM-DC-VPN-Gateway
object-group, net-LAN
access extensive list ip 192.168.215.0 sptnl allow 255.255.255.0 192.168.2.0 255.255.255.0
192.168.215.0 IP Access-list extended sheep 255.255.255.0 allow 192.168.2.0 255.255.255.0
tunnel of splitting allowed access list standard 192.168.215.0 255.255.255.0
pager lines 24
Enable logging
asdm of logging of information
Outside 1500 MTU
Within 1500 MTU
MTU 1500 Internet
IP local pool VPN_Users 192.168.2.1 - 192.168.2.250 mask 255.255.255.0
ICMP unreachable rate-limit 1 burst-size 1
enable ASDM history
ARP timeout 14400
NAT-control
Global 1 interface (outside)
NAT (inside) 1 0.0.0.0 0.0.0.0
Route outside 0.0.0.0 0.0.0.0 59.90.214.1 1
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-registration DfltAccessPolicy
the ssh LOCAL console AAA authentication
AAA authentication LOCAL telnet console
AAA authentication http LOCAL console
AAA authentication enable LOCAL console
LOCAL AAA authentication serial console
Enable http server
x.x.x.x 255.255.255.252 out http
http 192.168.215.0 255.255.255.252 inside
http 192.168.215.0 255.255.255.0 inside
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Crypto ipsec transform-set esp-3des esp-sha-hmac RIGHT
life crypto ipsec security association seconds 28800
Crypto ipsec kilobytes of life - safety 4608000 association
Crypto-map dynamic dynmap 65500 transform-set RIGHT
card crypto 10 VPN ipsec-isakmp dynamic dynmap
card crypto VPN outside interface
card crypto 10 ASA-01 set peer 221.135.138.130
card crypto 10 ASA - 01 the transform-set RIGHT value
crypto ISAKMP allow outside
crypto ISAKMP policy 10
preshared authentication
3des encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 65535
preshared authentication
the Encryption
sha hash
Group 2
lifetime 28800
Telnet 192.168.215.0 255.255.255.0 inside
Telnet timeout 5
SSH 0.0.0.0 0.0.0.0 outdoors
SSH timeout 5
Console timeout 0
management-access inside
VPDN group dataone request dialout pppoe
VPDN group dataone localname bb4027654187_scdrid
VPDN group dataone ppp authentication chap
VPDN username bb4027654187_scdrid password * local store
interface for identifying DHCP-client Internet customer
dhcpd dns 218.248.255.141 218.248.245.1
!
dhcpd address 192.168.215.11 - 192.168.215.254 inside
dhcpd allow inside
!
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
Des-sha1 encryption SSL
WebVPN
allow outside
tunnel-group-list activate
internal kun group policy
kun group policy attributes
VPN - connections 8
Protocol-tunnel-VPN IPSec
Split-tunnel-policy tunnelspecified
Split-tunnel-network-list value split tunnel
kunchevrolet value by default-field
test P4ttSyrm33SV8TYp encrypted password username
username kunauto password bSHrKTGl8PUbvus / encrypted privilege 15
username kunauto attributes
Strategy Group-VPN-kun
Protocol-tunnel-VPN IPSec
tunnel-group vpngroup type remote access
tunnel-group vpngroup General attributes
address pool VPN_Users
Group Policy - by default-kun
tunnel-group vpngroup webvpn-attributes
the vpngroup group alias activation
vpngroup group tunnel ipsec-attributes
pre-shared key *.
type tunnel-group test remote access
tunnel-group x.x.x.x type ipsec-l2l
tunnel-group ipsec-attributes x.x.x.x
pre-shared key *.
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
Review the ip options
inspect the netbios
inspect the rsh
inspect the rtsp
inspect the skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect the tftp
inspect the sip
inspect xdmcp
inspect the icmp
!
global service-policy global_policy
context of prompt hostname
call-home
Profile of CiscoTAC-1
no active account
http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address
email address of destination [email protected] / * /
destination-mode http transport
Subscribe to alert-group diagnosis
Subscribe to alert-group environment
Subscribe to alert-group monthly periodic inventory
monthly periodicals to subscribe to alert-group configuration
daily periodic subscribe to alert-group telemetry
Cryptochecksum:0d2497e1280e41ab3875e77c6b184cf8
: end
kunauto #.Hello
Looking at the configuration, there is an access list this nat exemption: -.
192.168.215.0 IP Access-list extended sheep 255.255.255.0 allow 192.168.2.0 255.255.255.0
But it is not applied in the States of nat.
Send the following command to the nat exemption to apply: -.
NAT (inside) 0 access-list sheep
Kind regards
Dinesh Moudgil
P.S. Please mark this message as 'Responded' If you find this information useful so that it brings goodness to other users of the community
-
I'll put up Anyconnect to replace our customers of Cisco IPsec VPN, since it is end of life. A part of the process is to get an SSL certificate and a FULL domain name to use for this. I've got that and it is applied to the ASA very well. Now we don't get these warnings to the subject it is not not sure and such.
The problem is that we use a non-standard port for the SSL VPN from 443 is already sent to an internal device. I have unused public addresses to the external interface of the ASA, but I don't know how I could use them. I would like to have a different IP address for SSL VPN, so I don't have to mess with the port forward that is currently in place. I read on proxy arp, but that looks like it could be a problem. I could have someone connect another cable to a different interface on the ASA (5512-X) and assign this static interface I want for the VPN, but I'm not sure it will work well. We have connections VPN site to site in place as well. Can I have the ASA listening on two different interfaces at the same time?
Recap:
IP 1 - address primary NAT, Site at tunnels put end here, some Cisco IPsec VPN terminate customer
IP 2 - want to have all customers of Anyconnect connect here, to migrate all legacy Cissco IPsec clients until they are all over Anyconnect.
Key is that I can not stop listening on IP 1 for site-to-site connections.
Thoughts?
Thank you!
On the SAA, you cannot use the additional IPS for VPN.
If tcp/443 is already used for an external server, then I would reconfigure the DNS entry for it to use the second IP address that must be sent to the internal server. You can then use the IP interface of the ASA for AnyConnect.
-
Error of tunneling to ASA 5505 using "Software VPN Client"
Here's my current network:
I'm VPN tunnel in the ASA using the Cisco VPN Client software.
Here is my config ASA config: http://pastebin.com/raw.php?i=ad6p1Zac
Here's my entry for the VPN Client connection information:
(Password: cisco)
When I try to connect, I get the message error "the received HASH load cannot be verified.
What is this error and how can I solve it?
I think you need to enter this information in the fields of group authentiation:
(Just below "Group authentication")
Name: vpnclientgroup
Password: [just what you entered as a pre shared key below]
tunnel-group vpnclientgroup ipsec-attributes pre-shared-key *****
After the establishmet tunnel you will get a password pop up, that you enter "David" and the associated password.
-
Unable to pass traffic between ASA Site to Site VPN Tunnel
Hello
I have problems passing traffic between two ASA firewall. The VPN tunnel is up with a dynamic IP and static IP address. I have attached a diagram of the VPN connection. I'm not sure where the problem lies and what to check next. I think I have all the roads and in the access lists are needed.
I've also attached the ASA5505 config and the ASA5510.
This is the first time that I've set up a VPN connection any guidance would be greatly appreciated.
Thank you
Adam
Hello
Regarding your opinion of configuration Remote Site ASA that you have not added the internal networks of the Central Site VPN L2L configurations at all so the traffic does not pass through the VPN.
access-list outside_1_cryptomap extended permit ip 10.1.1.0 255.255.255.128 10.182.226.0 255.255.*.* access-list exempt extended permit ip 10.1.1.0 255.255.255.128 10.182.226.0 255.255.*.* access-list exempt extended permit ip 10.1.1.0 255.255.255.128 10.182.0.0 255.255.*.* access-list exempt extended permit ip 10.1.1.0 255.255.255.128 192.168.170.0 255.255.*.* access-list exempt extended permit ip 10.1.1.0 255.255.255.128 192.168.172.0 255.255.*.* access-list exempt extended permit ip 10.1.1.0 255.255.255.128 140.15.0.0 255.255.*.*
Take a look at ACL configurations above. The 'exempt' ACL is used in configurations NAT0 and tells the ASA what traffic of exempting from NAT. "outside_1_cryptomap" ACL is used to tell the traffic between the subnets should be using the L2L VPN connection.
So in short on the Remote Site ASA these ACLs should be identical. Make additions to the LIST of VPN L2L, then try again.
I would also like to point out that to ensure that the Central ASAs L2L VPN ACL Site contains the same networks. The ACL on the Central Site will, of course, its internal subnets as the source and the site LAN remote destination.
THW out of ' crypto ipsec to show his " shows you that only the SA between binding Site Central network and the Remote Site LAN was established. Others have not formed as the configuration is lacking at LEAST on the Remote Site ASA. Can also be the Central Site.
-Jouni
-
problem with Ezvpn and VPN from Site to Site
Hello
I want to set Ezvpn and VPN Site to another but the problem is that the EasyVpn that would only work at the Site to the Site does not at all
I have set up 1 card for two VPN with different tagged crypto
I had execlude the traffice to NOT be natted to, and when I remove the Ezvpn site to another work well
crypto ISAKMP policy 100
BA aes
md5 hash
preshared authentication
Group 2
!
crypto ISAKMP policy 10000
BA aes 256
preshared authentication
Group 5
key address 123456 crypto isakmp (deleted)ISAKMP crypto client configuration group easyvpn
easyvpn key
domain ezvpn
pool easyvpn
ACL easyvpn
Save-password
Split-dns cme
MAX User 9
netmask 255.255.255.0
!Crypto ipsec transform-set esp - aes 256 esp-sha-hmac vpn
Crypto-map dynamic easyvpn 10
Set transform-set dmvpn
market arriere-route
!
!
address-card crypto easyvpn local Dialer1
card crypto client easyvpn of authentication list easyvpn
card crypto isakmp authorization list easyvpn easyvpn
client configuration address card crypto easyvpn answer
easyvpn 100 card crypto ipsec-isakmp dynamic easyvpn
easyvpn 1000 ipsec-isakmp crypto map
defined by the peers (deleted)
Set transform-set vpn
game site addressinterface Dialer1
the negotiated IP address
IP mtu 1492
NAT outside IP
IP virtual-reassembly
encapsulation ppp
Dialer pool 1
PPP authentication chap callin pap
PPP chap hostname
PPP chap password
PPP pap sent-name to user
easyVPN card cryptoDSL_ACCESSLIST extended IP access list
deny ip 100.0.0.0 0.0.0.255 101.1.1.0 0.0.0.255
deny ip 100.0.0.0 0.0.0.255 70.0.0.0 0.0.0.255
IP 100.0.0.0 allow 0.0.0.255 any
refuse an entire ip
easyvpn extended IP access list
IP 100.0.0.0 allow 0.0.0.255 70.0.0.0 0.0.0.255
IP extended site access list
IP 100.0.0.0 allow 0.0.0.255 101.1.1.0 0.0.0.255Best regards
The sequence number of card crypto for the static mapping crypto (site to site vpn) should be higher (ie: sequence number must be lower) than the ezvpn (map dynamic crypto).
In your case, you must configure as follows:
map easyvpn 10 ipsec-isakmp crypto
defined by the peers (deleted)
Set transform-set vpn
game site addressmap easyvpn 150 - ipsec-isakmp crypto dynamic easyvpn
Hope that solves this problem.
-
ASA problem inside the VPN client routing
Hello
I have a problem where I can't reach the VPN clients with their vpn IP pool from the inside or the asa itself. Connect VPN clients can access internal network very well. I have no nat configured for the pool of vpn and packet trace crypt packages and puts it into the tunnel. I'm not sure what's wrong.
Here are a few relevant config:
network object obj - 192.168.245.0
192.168.245.0 subnet 255.255.255.0
192.168.245.1 - 192.168.245.50 vpn IP local pool
NAT (inside, outside) static source any any destination static obj - 192.168.245.0 obj - 192.168.245.0 no-proxy-arp-search to itinerary
Out of Packet trace:
Firewall # entry packet - trace inside the x.x.x.x icmp 8 0 192.168.245.33
Phase: 1
Type: ACCESS-LIST
Subtype:
Result: ALLOW
Config:
Implicit rule
Additional information:
MAC access list
Phase: 2
Type:-ROUTE SEARCH
Subtype: entry
Result: ALLOW
Config:
Additional information:
in 192.168.245.33 255.255.255.255 outside
Phase: 3
Type: ACCESS-LIST
Subtype: Journal
Result: ALLOW
Config:
Access-group acl-Interior interface inside
access list acl-Interior extended icmp permitted an echo
Additional information:
Phase: 4
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional information:
Phase: 5
Type: INSPECT
Subtype: np - inspect
Result: ALLOW
Config:
Additional information:
Phase: 6
Type:
Subtype:
Result: ALLOW
Config:
Additional information:
Phase: 7
Type: NAT
Subtype:
Result: ALLOW
Config:
NAT (inside, outside) static source any any destination static obj - 192.168.245.0
obj - 192.168.245.0 no-proxy-arp-search to itinerary
Additional information:
Definition of static 0/x.x.x.x-x.x.x.x/0
Phase: 8
Type: VPN
Subtype: encrypt
Result: ALLOW
Config:
Additional information:
Phase: 9
Type: CREATING STREAMS
Subtype:
Result: ALLOW
Config:
Additional information:
New workflow created with the 277723432 id, package sent to the next module
Result:
input interface: inside
entry status: to the top
entry-line-status: to the top
output interface: outside
the status of the output: to the top
output-line-status: to the top
Action: allow
There is no route to the address pool of vpn. Maybe that's the problem? I don't know than that used to work before we went to 8.4.
Check if the firewall is enabled on your host from the client ravpn and blocking your pings.
-
the service name and the name of the database are different.
Hello
I had created a database with name PROD, latter I renamed DB HAVE according to the request of management.
But I notice the following things.
1 OS ORACLE_SID variable level is always PROD. (.bash_profile also I have this entries)
2. starting at sql prompt DB_NAME is HAVE.
3 al ' service_name watch listener and instance name is PROD.
can someone please explain me, why oracle behaves like that.
Our applications work correctly with any questions so far.
[oracle@qual ~] $ echo $ORACLE_SID
PROD
[oracle@qual ~] $ sqlplus "/ as sysdba".
SQL * more: Release 10.2.0.1.0 - Production on Tue Mar 5 10:35:01, 2013
Copyright (c) 1982, 2005, Oracle. All rights reserved.
Connect to an instance is idle.
SQL > startup
ORACLE instance started.
Total System Global Area 608174080 bytes
Bytes of size 1220868 fixed
209719036 variable size bytes
394264576 of database buffers bytes
Redo buffers 2969600 bytes
Mounted database.
Open database.
SQL > select name from v$ database;
NAME
---------
HAVE
SQL >! lsnrctl status
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on March 5, 2013 10:38:30
Copyright (c) 1991, 2005, Oracle. All rights reserved.
Connection to (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST=qual.com) (PORT = 1521)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 10.2.0.1.0 - Production
Start date March 5, 2013 10:36:54
Uptime 0 days 0 hours 1 minutes 35 seconds
Draw level off
Security ON: OS Local Authentication
SNMP OFF
Parameter Listener of the /u001/app/oracle/product/10.2.0/network/admin/listener.ora file
The listener log file /U001/app/Oracle/product/10.2.0/network/log/listener.log
Summary of endpoints listening...
(DESCRIPTION = (ADDRESS = (PROTOCOL = tcp)(HOST=qual.com) (PORT = 1521)))
(DESCRIPTION = (ADDRESS = (PROTOCOL = ipc) (KEY = EXTPROC0)))
Summary of services...
Service 'PLSExtProc' has 1 instance (s).
Instance of 'PLSExtProc', status UNKNOWN, has 1 operation for this service...
Service "HAVE" has 1 instance (s).
Instance of "PROD", State LOAN, has 2 managers of this service...
Service 'PRODT_XPT' has 1 instance (s).
Instance of "PROD", State LOAN, has 2 managers of this service...
The command completed successfully
SQL > exit
Disconnected from the database to Oracle 10 g Enterprise Edition Release 10.2.0.1.0 - Production
With partitioning, OLAP and Data Mining options
[oracle@qual ~] $This last I changed the name of DB to HAVE
Change the DB_NAME is not the ORACLE_SID. You must manually change the ORACLE_SID.
Stop the database instance.
Copy $ORACLE_HOME/dbs/initPROD.ora to $ORACLE_HOME/dbs/initPRODT.ora. (I assume that DB_NAME has already been upgraded IN the initPROD.ora)
Change your ORACLE_SID of PROD WERE and disconnect and connect again.
Make sure that your ORACLE_SID is now HAVE and that $ORACLE_HOME/dbs/initPRODT.ora
Now start the database instanceHemant K Collette
-
Apex access user meta-data such as first name and family name
Is it possible to access the metadata user such as the name and surname of the logged-on user? I know how to get the username through APP_USER, but I'd like to be able to access the other meta-data user that are stored in the user record. Thanks for any help.
Published by: Klabautermann on February 22, 2013 10:52Klabautermann wrote:
fac586,.. .to not to mention when one of my users will on the lamb and change their alias... :-) I agree with your observation of 3NF, and am happy insert the user ID and join for the statement, but what to attach to? I can't find a file specifications for user apex data table, and the suspect is not generally available in view of the apex_util.fetch_user requires permission from the admin.
No, it is accessible to the public through the view of APEX APEX_WORKSPACE_APEX_USERS. The data in the view are visible to one workspace schemas.
Note however that for the serious long term production use Oracle (and me) recommends creating a sign personalized with user data in your own tables.
-
SmartView: Full member name + Alias?
Hello
I'm currently implementing Essbase 11.1.2 (newb!). I'm willing to allow users to create reports where the account dimension shows both the alias and the name of the Member. This can be in 2 separate cells or a single cell (where they would be joined). Currently, it seems that my only option in Smartview is either / or.
Here is an example:
ACCT # / Description
12345 salaries
12346 payroll
12347 benefits
I did my best to research, but nothing helped. My current thinking was to build a 2nd table alias that makes this (concatenate Member + Alias). However, I hope to not have to query the system twice (1 default alias, alias 2nd handset) source.
Thanks for all the help/thoughts you may have!
RushI'm afraid you have touched a (always there, but I think it'll be fixed very soon now) limitation of SmartView with Essbase (mandatory data soruce given the comment of alias).
What was so frustrating, you can see in the Options of-> the Member but grayed out Options dialog box. And of course, it's there in the add-in.
At least alias changing tables is just a right-click in the connection manager.
Kind regards
Cameron Lackpour
-
"Writing" the 'address book' s behaviour varies duration s 'email' and 'full name '.
In most of my 'Contact's there is only an e-mail address, but some, the most important, have more. If I choose "Write", and "Full name" or ("Name") is not empty, then an e-mail address truncated, with unbalanced quotation marks, appears in the outgoing message. If "Display Name" is empty, each e-mail address gets its own line. Just what is planned here?
(Other than that I rather keep "Display Name" empty because I don't want my posts automatically decorated.)
There is also a bug to officially support comma delimiter mail address, just because it works is not supported. One address per line is Thunderbird officially how it.
I added a Contact with the nickname "Cathy" and e-mail '[email protected], [email protected] '.
Please a picture so I have an idea of what you mean. If your collage email addresses in the email address field separated by commas (and that's what I read) then it is a problem. It is not supported.
Maybe you are looking for
-
mirror printing with an HP Officejet 4500 G510n-z?
Can I mirror printing with an HP Officejet 4500 G510n-z? I don't see the option in the print properties. just need a confrim. Thank you!
-
Google cloud printer with instant ink... ?
I don't know if I'm looking for a Unicorn of gold here, but is there a google cloud printer that is instant compatible ink?
-
Update window blocked when checking for updates
-
Just noticed that since the transition from XP to W7 Pro, my right click on a file does not have an option to "copy to folder". Cannot copy, which requires then go to another disk where I might want to drop. Is - this another "improvement" in MSFT en
-
no access after vm migration to n1kv
After that I've migrated a virtual machine to n1kv. virtual machines do not have network access. I did a show inte vethernet 109 status and State is in place. VLAN is correct. other virtual machines on this vlan works very well. duplex/speed is autom