Dialin VPN - a way to restrict specific users?

Similar Questions

• Cisco ASA 5510 - restrictions of VPN (AnyConnect) based on the AD user or IP address

  Hello

  I want to test how to restrict access user on an ASA 5510 AnyConnect. In politics, I can define what networks will go through the VPN tunnel and which not (split tunneling). The ASA has a LDAP connection and only AD users with a special security group can connect over AnyConnect.
  On the other hand I would like to restrict access for special users within a VPN policy.

  So my question:
  What are your recommendations to implement this szenario?

  My two ideas would be:
  1. the access rules based on the user of the AD.
  2. special reserve IP addresses in the pool of addresses AnyConnect for some users, so I can limit access to the normal firewall rules base based on the source IP address.

  What are your recommendations and is it possible to realize my ideas (and how)?

  Thanks in advance

  Best regards

  Hello

  I will suggest that you configure a second ad group in the server and another group strategy in the ASA, you can configure certain access on each group policy "the installer of the filters, assign different split political tunnel, different ACL' and in the ad server, you can assign users for example to the AD Group A and AD Group B based on the access you want to give them now , you must configure LDAP mapping to assign the user specific group policy that you want based on the AD group that they belong.

  You can follow this documentation that will help you configure the LDAP Mapping:

  http://www.Cisco.com/c/en/us/support/docs/security/ASA-5500-x-series-NEX...

  Best regards, please rate.

• Restrict the user to associate a specific type + definition assets

  Hello

  Is there a way to restrict user access to associate only active special definition for a type of asset to FatWire 7.6.2

  For example: If there are 2 definitions for a type of asset (flex), while creating the attribute type-active, I am able to select the type of assets but no particular definition.

  Any suggestions or ideas.

  Kind regards

  Guddu

  Unfortunately, out of the box this feature is not available in version 7.6.2 FatWire (available in 11 g).

  You must create a custom attribute Editor by extending the PickAsset attribute Editor to achieve this.

  Kind regards

  Ravi Guntuku

• Possible way is to restrict the user to the planning an application

  Hello Experts,

  I have a requirement as I want to restrict bit user related to the demand for labour in the planning depends on business unit and product.

  that is... The test user could not access of the user to the company as an employee depends on some operational units and related products. So is it possible to do outside the [Chronicle] manual process.

  Thanks in advance...

  Are you just wanting to restrict access to specific members to enter data to or it also includes being able to 'see' only the data based on some examples.  For example, in the type of financing plan, I have write access to the Dept 123 for all accounts of actual Net profit, I want they have read access to this Department?  In this case, I would make sure that specific effective accounts, that I make sure that the user/group has only read access.

  Thank you

  Mark

• Limit or restrict a Signature field to a specific user

  Hi all

  I'm relatively new to using LiveCycle and spin ARE 8.2 and Acrobat 9.0 Pro.  I have a 2 part question:

  (1) is there a way to cancel a signature to a specific user field? I created a form with some fields of signature. The first signature field is a 'applicant' (this field is accessible to anyone who uses the form).  The second signature field is intended for an "approver" (no one in particular), and the third signature field is for an "approver co" (individual).

  (2) an event is raised after the respective user has digitally signed the form? (for example after the applicant sign, an email is generated to the approver)

  Thank you very much in advance for the help.

  H

  If you go into the settings of signature, you can specify the signing certificate

• Specific user restrictions

  Can I do the restrictions more specific user and only aloow them access to change certain pages and not what have incontext editing?

  Hi Matt,

  Unfortunately you can only allow or disallow editing of page under "roles/permissions.  There is no additional restrictions that can be applied in the case at this stage.

  Site-> user roles settings

  Reference KB - http://kb.worldsecuresystems.com/785/bc_785.html

  Kind regards

  -Sidney

• Restrict a user/group to allow access only to specific shared services groups

  Hello team,

  I have EMP 11.1.2.2. I created different groups) a ' Admin_groupA') b ' App_groupA' c) "App_groupB" under the native directory. I have configured Shared services-> administrator to this 'AdmingroupA '. Those who belong to this group "AdmingroupA" is able to add a new user to the directory of companies to provide access to the group 'App_groupA '. But I don't want the users of 'Admin_groupA' to access 'App_groupB '.

  Since I put in service Shared services administrator privelge to this group of "AdmingroupA", "AdmingroupA" users are able to access "App_groupB" also. Can you please let me know how I can limit 'AdmingroupA' to provide access to users to the group "App_groupA".

  Thank you for your valuable contributions.

  You said, as you have configured administrator privileges of shared services to this 'AdmingroupA '. I don't think that you can restrict the user from this group to provide access to other users.

  ...

  Did you hear about delegate user management? Managing Director can view and manage only those users and groups which they are responsible. Good read on the your hss version Administrator's guide and see if it helps!

  See you soon

  BP

• A-team Mobile Accelerator persistence: persistence specific user?

  Hey,.

  is it possible to store user-specific responses of RESTING in the sqlite DB and also reading for the current user?

  The idea is that another user can log on to the same device and receives different data from webservice - but the old user data could contain changes offline and cannot be deleted.

  A column for the specific user in each table would solve that problem, but it is possible to map a variable session scope of te to a column in the persistence - mapping.xml to hold the data of the user next to eachother and filter for the current user?

  Thanks for the help!

  Marcus

  Marcus,

  Best way to do this is to override the executeLocalFindAll method in your class of service to restrict the query based on the current user. Something like this:

  @Override

  List protection executeLocalFindAll()

  {

  DBPersistenceManager h = getLocalPersistenceManager();

  ArrayList searchAttrs = new ArrayList ();

  searchAttrs.add ("UserName");

  String userName = (String) AdfmfJavaUtilities.evaluateELExpression("#{securityContext.userName}");

  Return pm.find (Department.class, username, searchAttrs);

  }

  To get the current username stored with each row in each table, is a little more complicated, you can not specify such a value in persistence - mapping.xml.

  What you could do is:

  -Add the user name attribute to each data object

  -Add the USER_NAME column for each table

  -Add the mapping of attr user name for each class descriptor in the persistence-mapping

  -In the constructor by default each Java class data object, set the user name in assessing #{securityContext.userName}

  After a service call is made, the created entities will all have the username and these features are used to create lines in the comic book.

  When loading of the lines of the DB, this value by default user name will be substituted bby the value stored in the DB (but if alweays filter on the current user is not serious)

  Or, another approach is to create a subclass of the DBPersistenceManager and override the insertEntity method to add the user name attribute or, if you want to add the column, not the attribute to each entity, override the method insertRow.

  Note that in waiting for the actions of synchronization data by a previous user will be synchronized first when the current user is back online.

  Steven Davelaar,

  Oracle Mobile A-team.

• I want to restrict a user on my netowrk as to how long they can stay on their machine. How do I do that?

  original title: the user limits

  I want to restrict a user on my netowrk as to how long they can stay on their machine. How do I do that? Another words I want their machine to stop the ' ts say after 3.5 hours.

  One way is to give that salute their shutdown of PC by a timer. You can try this comment in the comment line:

  stop-i

  And add the PCs you want to stop and set the timer to shutdown therm.

  I also suggest to take a look at:

  http://social.technet.Microsoft.com/forums/en-us/winserverGP/thread/1e1db4e8-6975-457d-b6d5-9d733feaf952/

• Exclude the specific user to logging of GBA?

  Hello

  .

  My client and I are looking for a way to exclude servers AAA (ACS) for a specific user actions/commands, log if logging continues for other users as AAA clients on devices have been configured with networks:

  .

  AAA accounting-off Ganymede controls +.

  .

  I have found no solution so far, either on the side of the ACS, or on the side controls and aaa IOS.

  .

  (Although it looks like a potential security problem), can someone advise?

  .

  Thank you for your cooperation.

  Yvon.

  Yvon,

  Don't you can't exclude a single user to connect.  Accounting is a global command.

  I guess you probably have a script that generates a large amount of registration data?

  -Jesse

• Remove specific user of 'Security of file form' - on all the issues?

  Hello

  I learned to keep about 80 cases and two users in particular have access to each folder specifically. Now, I have to manually delete these users from each folder...

  Is there a way to remove the user from access to records without doing it manually?

  Coulnd't ' nt find this option in the dry file or XML.

  Thank you

  Javier

  You can define these users like none using importsecurity.cmd.

  There are option SL_CLEARALL with importsecurity.cmd, but you can reapply the security all users who have access to these files and will just remove those two users when you import with the SL_CLEARLL option.

  Concerning

  Celvin Kattookaran

• How to disable vCenter opens a session for a specific user?

  Hello
  I need to know how to disable the log in vCenter 5 for a specific user.
  Thank you

  Hi Tim,.

  If you use Joulex Energy Manager 3.0.4 or above, you can change the way Sensordata is extracted from SOAP on CIM - please follow the instructions at http://download.joulex.net/doc/3.0.0/html/pages/en/#general/ac/ac_vmware, for example to define the extended property vmware.usegwt = 1 in your vmware hosts.

  Best regards

  David

• Allow only specific users based on the list of users in a table

  We have a situation where we allow specific users that are stored in a table.
  

  create table ALLOW_USERS (username varchar2(30) );
  
  CREATE OR REPLACE TRIGGER USERS_TRIGGER
     AFTER LOGON
     ON DATABASE
  DECLARE
  BEGIN
    IF DBMS_STANDARD.LOGIN_USER NOT IN (SELECT USERNAME FROM ALLOW_USERS)
  
           THEN
                 RAISE_APPLICATION_ERROR (-20001, 'Unauthorized login');
         END IF;
  END;
  /
  
  Warning: Trigger created with compilation errors.
  
  SQL> show error
  Errors for TRIGGER USERS_TRIGGER:
  
  LINE/COL ERROR
  -------- -----------------------------------------------------------------
  3/3      PL/SQL: Statement ignored
  3/38     PLS-00405: subquery not allowed in this context

  How to use the subquery above the trigger? or is there a better way to achieve required results.
  
  -Thank you

  I'm surpised nobody reported to functions attribute Event for customer event triggers and ora_login_user in particular:

  CREATE OR REPLACE
    TRIGGER NOT_SYS.RESTRICTED_USERS_TRIG
      AFTER LOGON
      ON DATABASE
      DECLARE
          v_cnt NUMBER;
      BEGIN
          SELECT  COUNT(*)
            INTO  v_cnt
            FROM  not_system.ALLOW_RESTRICTED_USERS
            WHERE username = ora_login_user;
          IF v_cnt = 0
            THEN
              RAISE_APPLICATION_ERROR(-20001,'Unauthorized login');
          END IF;
  END;
  / 
  

  SY.

  Published by: Solomon Yakobson on June 3, 2013 15:43

• Always track a specific user

  Good afternoon!
  
  Is there a way to always draw (up to this that disabled) and the specific user instead of only a session specific itself? If the fact, how to activate it?
  
  Thank you very much!

  There may be better ways, but I use this logon triggers. Like this:

  CREATE OR REPLACE TRIGGER TRIGGER_TRACE_01
  AFTER LOGON ON DATABASE
  DECLARE
    STR VARCHAR2(127);
  BEGIN
    --
    IF USER = 'THEONE' THEN
       STR := 'ALTER SESSION SET TRACEFILE_IDENTIFIER=''TRACE_THEONE''';
       EXECUTE IMMEDIATE STR;
       STR := 'ALTER SESSION SET EVENTS ''10046 TRACE NAME CONTEXT FOREVER, LEVEL 8''';
       EXECUTE IMMEDIATE STR;
    END IF;
    --
  END TRIGGER_TRACE_01;
  

• Hide the headings for specific users/groups

  Hello
  
  Is this possible with WEBhelp, hide/Exclude subjects for specific user groups / users?
  
  Currently, we use html/chm help. There is a project for our main software. I have another project for an add-on that is integrated in the table of contents of the main project using the merged help function. We only install help for this module when the customer has purchased this module. So the customers who do not have this module do not have help to make it.
  
  It is possible something similar with WEBhelp (Pro)? I ask because we go to WEBhelp (Pro). In this case, there is no help by the customer file, but one for all the world. Is there a way to display only the additional items to customers who use this module?
  
  * The only way I can think is to integrate all this into a single project and publish twice (one with and one without the themes of the additional module) using the tags of the construction. Or is there a way to let the RoboEngine/RoboServer merger it on the fly, but based on the criterion that the customer has the module?
  * This additional help project can be added to the main help as a teaser for other customers also use this module (others cannot buy unless you are a franchisor of a group of specific hotel for which we have developed the module)
  
  Thank you

  Hi John-Pierre. RoboServer this is impossible on the fly. Tags of the generation are the way to go. Simply create a new tag, apply it on the subjects you want no franchises user to see, then apply the tag to your SSL to exclude it from the output. Viola, you have your username not franchisees to help. Simply remove this label from construction of the SSL for users of franchises so that they get everything. You can also create two identical WehHelp Pro SSL - 1 vote against and no label construction and the other with a construction tag to avoid you to have to remember to add/remove.

  How your application will know files that help write? Is this a separate executable? I know that it is possible for the INSTALLATION. EXE to check the license before installing the modules, but I never went to the bottom of this line.

  BTW, build tags can be used on all types of output.