Digest Access authentication
Hello dear developers.
Everything we've faced in a Digest Access authentication?
I have a sript to server that allow to send me there an any files, a file store. It works perfectly with Android client. Now, I need to implement this type of functionality using AIR on the PlayBook.
I have not found a native way to solve my task, then I begin to set up my own.
According to the documentation to
http://en.Wikipedia.org/wiki/Digest_access_authentication
I send a request to the server using simple script:
var request:URLRequest = new URLRequest(SERVER_URL); request.authenticate = false; request.method = URLRequestMethod.POST; var urlLoader:URLLoader = new URLLoader(); urlLoader.addEventListener(HTTPStatusEvent.HTTP_RESPONSE_STATUS, httpResponseStatusHandler); urlLoader.addEventListener(HTTPStatusEvent.HTTP_STATUS, httpStatusHandler); urlLoader.addEventListener(Event.COMPLETE, complateHandler); urlLoader.addEventListener(IOErrorEvent.IO_ERROR, ioErrorHandler); urlLoader.load(request);
and get the necessary 401 error but without any information that I need to create a header for the next request, such as:
WWW-Authenticate: Digest realm="[email protected]", qop="auth,auth-int", nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", opaque="5ccc069c403ebaf9f0171e9517f40e41"
Have experience with digest authentication?
Thanks in advance.
Yuriy.
I found a solution to the question.
First of all I would like to answer on '-> authenticate URLRequest' property. It is set to 'false' for one simple reason - the application is already allowed in the service to upload files to the server, it is strictly forbidden "by design" application architecture to have 'Auth' pop window whenever the user needs to download files on the server.
So, we set this property to false.
Then, back to the code, I was on the right track. What I have done is to use:
urlLoader.addEventListener(HTTPStatusEvent.HTTP_RESPONSE_STATUS, httpResponseStatusHandler);
to get:
event.responseHeaders
So it looks like:
private function httpResponseStatusHandler(event:HTTPStatusEvent):void {
var array:Array = event.responseHeaders;
}
The analysis of each element of the array, I can get a data that I need to use for the next stage of the authorization:
Request Header name: WWW-Authenticate, value: Digest realm="MyRealm", nonce="l2iaxyy2BAA=d1f22aa7378131c0b1481ae68084e40559e21973", algorithm=MD5, qop="auth"
So, there it is, now we have all we need Digest auth.
More information on Digest authentication you can find here:
http://www.ietf.org/RFC/RFC2617.txt
Please, feel free to ask any questions about it.
Tags: BlackBerry Developers
Similar Questions
-
Several methods to access authenticated by RADIUS box
I am trying to configure a number of different access methods all to be authenticated by the same ACS server. Basically, I want to be able to authenticate users on the level of exec of switches on the management UI http for some Aironet 350, on the network through the Aironet 350 or the network through some 1721 connection in a 3745.
I want to be able to control access to each of these methods through the AD groups with are then mapped to groups within the ACS.
I have authentication on a test switch works well, so I know that the ACS to the AD process works correctly.
Thank you
Hello
Seems good... you can pass the same Test switch and to implement in the production network.
-
View 5.1.1 without box of remote access authentication
I have started to notice a problem since upgrade to view 5.1.1 when some users try to access their vm while working remotely via the Security Server Internet connection they initially get the error failed to connect as the current user, which is normal, but once you click ok, you should get a popup dialog box for entering your credentials authentication , but they're not getting it. With a user that I tested, I ended up retarting to the Security Server and it worked normally, but now the problem is back... anyone had seen this before? I don't see anything in the events of the view administrator, and I am search in the logs on the Security server but have not spotted something again.
Uninstall the client of the view and remove the feature of saying things to open a session as the current user. To my knowledge that they were not being updated much on view in the 5.1.1 client release. If it does not try to use a 5.0 client view.
This article help me? http://KB.VMware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalID=1025691
Are there errors that popup in the event logs?
-
Hello
I created a page and want to control the user or group access to this page in the portal Navigator. I tried the grant access in the access section to add a group that is able to display this page. When I tried to access this page using the connection of the different user, he is able to see the page. Is it possible to control access to the page such that authentication is needed?
Thank you.Yes. Thats right in your case you can try clear the cache... ? You will find under "Invalidation of the Cache" on the access page.
To ensure that privileges changes are effective immediately, you can clear the cache entries associated with this object by clicking Clear Cache.
-
Best practices in the selection of the type of authentication
Hello
I use Jdeveloper 11.1.2.1. I had reviewed the security and best practices (sorry Chris!) on the selection of authentication types.
Frankly, I prefer basic HTTP authentication because it creates a popup of connection for you (simple - less coding), but I met some documents which make me wonder if this is to be avoided.
1. This tutorial uses an approach based on the forms: http://docs.oracle.com/cd/E18941_01/tutorials/jdtut_11r2_29/jdtut_11r2_29.html
2. this video of Frank Nymphius (in 42 minutes) uses Basic authentication: http://download.oracle.com/otn_hosted_doc/jdeveloper/11gdemos/AdfSecurity/AdfSecurity.html
3. fusion Developer Guide for Oracle Application Development Framework 11 g Release 2 (11.1.2.1.0) says:
The most commonly used types of authentication are authentication HTTP Basic and form authentication
It also indicates that the forms-based login page is a JSP or HTML file, [and] you will not be able to change with ADF Faces components.
4. the States of Oracle Fusion Developer Guide (Frank Nymphius) which has a side effect of basic authentication is that a user will be authenticated for all other applications that are running on the same server - you must not use it if your application requires disconnecting...
5. the manual of Jdeveloper Oracle 11 g tells that basic authentication must NOT be used at all (page 776) because it is used primarily for older browsers and is NOT secure according to current standards.
I was able to use Basic authentication, and Digest Http authentication very well, did not attempt to based on the forms for the moment.
For fun, I tried to choose the type of authentication of Client HTTPS and received this very worthy error message (and readable - wonder for java, huh?):
RFC 2068 Hypertext Transfer Protocol--HTTP / 1.1:
10.4.2 401 unauthorized
The request requires user authentication. It MUST contain a header field WWW-Authenticate (section 14.46) containing a fault that is applicable to the requested resource. The client MAY repeat the request with a suitable authorization (section 14.8) header field. If the application already includes identification of the authorization information, then the 401 response indicates that authorization was refused for those credentials. If the 401 response contains the same challenge as the previous answer, and that user agent has already attempted at least once authentication, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include diagnostic information relevant. HTTP access authentication is explained in section 11
I'm sure there is one that depends on the answer to that, but I would use the most reasonable and safe type - without too much cost if possible.Hello
Basic authentication makes base64 encoding and is OK to use if the site is accessed from HTTPS. The browser actually sends authentication of users with every request, which makes this approach - if used outside of https - less than optimal. The base forms authentication is easy to implement and more record only basic authentication, it sends a name of user and password to each request. The recommendation is always use HTTPS for secure sites. Most of our samples describing the connection use https as it is a configuration that is not extended within what samples are supposed to demonstrate. For safety, "without much overhead if possible" means to weaken security. In your case, if you have tried the digest authentication so I guess that's the one with the least amount of overload
Frank
-
Cannot enable authentication for 802. 1 x
Original title: I can't change the properties on my wireless adapter to get the authentication of 802. 1 x. I get the error message.
I get an error message when I right click on my wireless connection. I want to access authentication of 802. 1 x. need help, please.
You see the error of not being able to find a certificate because you select 802.1 x.
For a home wireless network, you don't want the box "Enable IEEE 802. 1 x authentication for this network"to check.
What was the problem that you entered in the Properties dialog box of your first wireless adapter? Normally, see you the list of available wireless networks, select one, click Connect and enter the password when you are prompted.
I suggest that return you to the "Wireless networks" tab of the properties of the wireless adapter dialog box (it should look like this) and "Delete" all entries in the list of "Favorite networks." Then go to list "View wireless networks" and connect from there.
In addition, the foregoing assumes that you use Windows to configure your wireless network card (see the checkmark in the screenshot linked above). If you use another utility - that came with your computer or your wireless adapter - you should disable that and activate windows (using the checkbox) or read the guide of the user for the utility to determine how to set up your wireless security.
-
Dot1x question: authentication MAB will never be failure or timeout
Hello
I have a problem when the switch will try to authenticate a device with MAB and it will never, or timeout.
Here's the situation: where a device has 802 authentication. 1 x active but not a invalid parameters (or missing certificate).
The switch will start dot1x for the customer and it will not be (a). He will switch to dot1x to MAB and... silence.
I use a WS-C2960-24LT-L with IOS 15.0 (2) SE.
Config:
interface FastEthernet0/16 switchport access vlan 155 switchport mode access authentication event fail action authorize vlan 550 authentication event server dead action authorize vlan 550 authentication event no-response action authorize vlan 550 authentication port-control auto mab dot1x pae authenticator dot1x timeout quiet-period 3 dot1x timeout tx-period 1 spanning-tree portfast spanning-tree bpduguard enable end
Newspapers:
Dec 4 17:34:51.064 GMT: %LINK-3-UPDOWN: Interface FastEthernet0/16, changed state to up Dec 4 17:34:51.147 GMT: %AUTHMGR-5-START: Starting 'dot1x' for client (e89a.8fb0.67c3) on Interface Fa0/16 AuditSessionID 0A011246000001187AA1F62B Dec 4 17:34:52.070 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/16, changed state to up Dec 4 17:34:54.234 GMT: %DOT1X-5-FAIL: Authentication failed for client (e89a.8fb0.67c3) on Interface Fa0/16 AuditSessionID 0A011246000001187AA1F62B Dec 4 17:34:54.234 GMT: %AUTHMGR-7-RESULT: Authentication result 'timeout' from 'dot1x' for client (e89a.8fb0.67c3) on Interface Fa0/16 AuditSessionID 0A011246000001187AA1F62B Dec 4 17:34:57.321 GMT: %DOT1X-5-FAIL: Authentication failed for client (e89a.8fb0.67c3) on Interface Fa0/16 AuditSessionID 0A011246000001187AA1F62B Dec 4 17:34:57.321 GMT: %AUTHMGR-7-RESULT: Authentication result 'timeout' from 'dot1x' for client (e89a.8fb0.67c3) on Interface Fa0/16 AuditSessionID 0A011246000001187AA1F62B Dec 4 17:35:00.601 GMT: %DOT1X-5-FAIL: Authentication failed for client (Unknown MAC) on Interface Fa0/16 AuditSessionID 0A011246000001197AA21094 Dec 4 17:35:00.601 GMT: %AUTHMGR-7-RESULT: Authentication result 'no-response' from 'dot1x' for client (Unknown MAC) on Interface Fa0/16 AuditSessionID 0A011246000001197AA21094 Dec 4 17:35:00.601 GMT: %AUTHMGR-7-FAILOVER: Failing over from 'dot1x' for client (Unknown MAC) on Interface Fa0/16 AuditSessionID 0A011246000001197AA21094
SH int fa0/16 session auth
Interface: FastEthernet0/16 MAC Address: Unknown IP Address: Unknown Status: Running Domain: UNKNOWN Oper host mode: single-host Oper control dir: both Session timeout: N/A Idle timeout: N/A Common Session ID: 0A011246000001197AA21094 Acct Session ID: 0x00000380 Handle: 0x1700011A Runnable methods list: Method State dot1x Failed over mab Running
You can see above that is still running MAB but this device is not listed on the local store ID sequence or any where. If I run the command 'No mab', the switch will respond will be unavailable methods more and nothing more.
Interface MAC Address Method Domain Status Session ID Fa0/16 (unknown) N/A UNKNOWN No Methods 0A011246000001197AA21094
However, when I remove the command MAB; reset the port; He eventually fail to dot1x and move to restricted VLAN.
It is this value by default design or the drop between the switch and the ACS authentication? Should I just use MAB where it is needed?
Thank you in advance.
On your configuration of the interface, I normally expect to see flex active thus auth:
authentication priority dot1x mab authentication order dot1x mab authentication event fail action next-method
-
How to access directly to the forgotten password page?
Hello
Im trying to use the single sign-on password resets and the link to the IOM password page.
My problem is that when I try to redirect to ip:port/xlWebApp/forgetPassword.do?method=displayVerifyUserId I get this error
Error 401 - non authorized
Of RFC 2068 Hypertext Transfer Protocol - HTTP/1.1:
10.4.2 401 unauthorized
The request requires user authentication. It MUST contain a header field WWW-Authenticate (section 14.46) containing a fault that is applicable to the requested resource. The client MAY repeat the request with a suitable authorization (section 14.8) header field. If the application already includes identification of the authorization information, then the 401 response indicates that authorization was refused for those credentials. If the 401 response contains the same challenge as the previous answer, and that user agent has already attempted at least once authentication, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include diagnostic information relevant. HTTP access authentication is explained in section 11.
How can I go directly to the forgotten password page without going through the portal of the IOM?
It works for me:
http://
>: 14000, identity, faces, forgotpassword Also, you have the IOM - OAM integration?
If so, you can try to access with http://
: 7777/identity/faces/forgotpassword . Its work for me in the PS2 & PS3...~ J
-
"Adobe Flash Access Overview on protected streaming" white paper States the following:
Flash Access supports the business logic of the licensing stage decoupling based on the chips in use with Flash Media Server deployments. For example, when users visit a web portal for rental or to subscribe to the content, they may need to authenticate by providing a user ID and password to confirm their registration. They might also need a financial transaction. The web portal enters the results of these operations in an authentication token that is sent to the client application. The customer can then include the token in the licence application. The license server checks the authenticity of the token before issuance of the licence. Check token is stateless and was completed independently by each server without reference to a database or another shared state. Token is based on a secret or public key shared infrastructure (PKI).
This raises the following questions:
- How the web portal must generate the token? This is a serialized AuthenicationToken or some other binary token?
- If it's an AuthenicationToken, then how the web portal must generate a token such as this feature is part of the license server?
- How the chips are based on a shared secret or PKI? What is incorporated into the class AuthenticationToken ?
As I read, the paragraph refers to the regime "of custom authentication", not the authentication scheme name of user/password supported and as such, it is not to use serialized Flash Access AuthenticationTokens. What is meant by "custom authentication" is quite honestly, not very clear in the documentation. I believe that the following scenerios should work, if I would be interested in your comments from anyone:
In the first scenario, the "portal" should generate a custom binary token and pass this token to the client flash in response. How the token is passed is an exercise left to the reader. It could be loaded via a cookie, JavaScript or ActionScript. It doesn't really matter. Nevertheless, the token is eventually read by the Flash client and applied using the DRMManager.setAuthenticationToken (...) method. The license server must then retrieve the token by using RequestMessageBase.getRawAuthenticationToken (...). In this case, the token format is completely defined by the developer or provider. The flash never access client issues a query for the authentication License Server Manager (/flashaccess/authentication/v1 / *).
A second case, which I am not sure would work, would be the flash client requests a token for authorization as usual, using DRMManager.authenticate (...), but the license server authentication requests handler returns a token custom instead of a serialized AuthenticationToken. The workflow would then proceed as described in the first case.
A third case, the Flash client is able to authenticate with the name of user and password standard schema, but the license server may ignore the username/password real name (data can be same passwords and usernames dummy). The license server would generate an AuthenticationToken, but would benefit from ApplicationProperies to store its information "custom token. The token would be then sent back to the customer and in turn transmitted to the same license server. The license server then inspect AuthenticationToken.getCustomProperties to determine the appropriate course of action.
No matter what scenario is used, I have a few concerns with custom authentication tokens:
First of all, this forum has several questions about custom authentication tokens. The documentation is not clear on what is intended and how exactly these tokens must be produced, transferred and consumed. It would be very useful for Adobe to provide an example with its reference implementation code.
Second, as developers of server Flash Access License remain to design their own authentication scheme customized, there is a real concern that the invented approach can be precarious, allowing re-use of authentication tokens. A published set of best practices would help to ensure custom tokens are generated in a way that does not leak the information, allow attacks by replay or session hijacking.
Finally, there seems to be some confusion about the use of tokens for authentication and authorization. The reference implementation clearly only use them for authentication, as the RefImplLicenseReqHandler makes additional checks the database for the authenticated user is allowed (subscriber) to access the content. However, the paragraph quoted above suggests using these tokens for authentication and authorization. At least, that's what I understand by the notion that "audit token is stateless and was completed independently by each server without referring to a database or other shared state. I don't see how that's possible, unless the token contains authentication and authorization information. I'm wrong?
I appreciate the thoughts of someone else on the custom authentication tokens. Thank you.
-Aaron J
The workflow for "custom authentication" is exactly what you described in your first scenario. Namely, the client application gets a token through certain channels and calls DRMManager.setAuthenticationToken (...) to provide the token. When the client requests a license from the license server, this token is included in the request. The server application calls RequestMessageBase.getRawAuthenticationToken (...) for the access token and perform any validation is required for this type of token before issuing the permit. With a custom authentication, the SDK AuthenticationToken class is not used - this class is only used to represent the authentication tokens issued by using the name of user and password Flash Access authentication scheme. A custom authentication token can be binary data - the Flash Access SDK is not involved in the generation or to consume these chips - it's your server implementation to manage the following steps.
The motivation behind the 'custom authentication' scheme is not to force content providers to invent a new way to authenticate users, but to allow you to take advantage of all infrastructure you already have in place. For example, if you are already running the SAML tokens to authenticated users, you can continue to do so, and you would just plug the SAML validation code in your license server. As a general rule, an authentication token is signed to prevent tampering. It would be possible to generate a signature using a symmetric key or with a private key. Then, checking on the server would involve checking the signature, either by using the same shared symmetric key or with the public key corresponding to the private key. (This is what is meant by 'token is based on a secret or public key shared infrastructure (PKI) ")
Although the API reference to "authentication tokens", it would also be possible to take advantage of this authorization mechanism. For example, if you have a web portal to access the information on which a user is allowed to access the content, the Portal could issue an authorization token that says that the user X is allowed to play the content Y and Z. When the license server receives this token in a license application for content, simply, check the token is still valid and that the token States it is allowed to grant access to the content Y. This workflow, the license server doesn't have access to the database that contains authorization information, making it easier to deploy the server in a highly scalable way.
Is this address your questions and concerns?
-
VPN Cisco IPSEC - ISAKMP id_connexion
Hi Experts,
We have a site to site VPN IPSEC between a router Cisco 1801 and 800F fortigate firewall.
Works VPN, but a quesiton that I are just Conn Isakmp id changes very frequently and I wanted to just make sure that I understood why.
When I run the isakmp crypto to show its command, I get the following:
IPv4 Crypto ISAKMP Security Association
DST CBC conn-State id
1.2.3.4 5.6.7.8 QM_IDLE 2455 ACTIVE
1.2.3.4 5.6.7.8 2454 MM_NO_STATE ACTIVE (deleted)In the time it took me to write this, it has changed:
IPv4 Crypto ISAKMP Security Association
DST CBC conn-State id
1.2.3.4 5.6.7.8 QM_IDLE 2457 ACTIVE
1.2.3.4 5.6.7.8 2456 MM_NO_STATE ACTIVE (deleted)
1.2.3.4 5.6.7.8 2455 MM_NO_STATE ACTIVE (deleted)So, for me it looks like the phase ISKAMP 1 re-lance his SA very frequently. I put the ISAKMP policy as follows:
World IKE policy
Priority protection Suite 10
encryption algorithm: three key triple a
hash algorithm: Message Digest 5
authentication method: pre-shared Key
Diffie-Hellman group: #5 (1536 bit)
lifetime: 86400 seconds, no volume limitTherefore, should - that means that the Phase 1 SA should only re-iniate 86400 seconds?
Any information would be appreciated,
Thank you very much
Jonathan
Hello
It seems you have DPD (isakmp crypto KeepAlive) configured on your router. This determines the accessibility of the other VPN endpoint, and we are not to understand thanks for the packages "R U THERE" (due to the problem of the DOI) that we send them, ISAKMP marks the tunnel as death and tears down.
Traffic on the tunnel seems so the tunnels, and then DPD expires them again.
Flip through your configuration for the "keepalive" order and if it is set for periodicals, set the KeepAlive for 'on demand' (which should be the default) so that we only send DPD when we are unable to determine whether the tunnel is alive because no traffic is coming on it.
This doc link is old, but he describes the functionality well enough:
http://www.Cisco.com/en/us/docs/iOS/12_3t/12_3t7/feature/guide/gtdpmo.html
-Jason
-
VPN does not work with the ip address of overlap?
When I plugged my adsl router and I have ip address is 10.1.1.1/8 can I use remote access vpn closing on firewall and authentication works very well and I put the ip address of the pool is 10.7.0.1/16 but I can not access this local lan if I made up of my pc and got 2x2.102.x.y ip address then I connected I can't access no problem local network and vpn remote access authentication.
It is question of routing on pc with overlapping ip or not?
Please clarify or provide useful link
Thank you
Hello
It seems that it is a problem of nat - t.
Make sure that the head of VPN network has "isakmp nat - t" (if that's a PIX). If a hub, make sure that "IPsec NAt - T" is enabled.
Additionally, make sure that on the client, "Enable Transparent tunneling" is checked, with IPSec over UDP NAT/PAT selected.
HTH,
-Kanishka
-
Dot1x: no failling above comments - vlan
Hello
I am deploying dot1x in the office and I will have little difficulty with allowing to achieve the two dot1x with mab and then switch on the vlan comments.
A simple scenario where a device of the end-user cannot provide authentication, I want the switch to automatically put the user on the vlan comments. I did not allow for periodicals of authentication at the lowest of excessive authentication and I configured maximum attemps but the switch will constantly try to authenticate the device.
Switch model: WS-C2960-24LT-L with 15.0 (2) SE6.
The switch configuration:
aaa accounting dot1x default start-stop group radius aaa authentication dot1x default group radius dot1x system-auth-control
Port configuration:
interface FastEthernet0/15 switchport access vlan 144 switchport mode access authentication event fail action next-method authentication event server dead action authorize vlan 550 authentication event no-response action authorize vlan 550 authentication host-mode single-host authentication order dot1x mab authentication priority dot1x mab authentication port-control auto authentication violation restrict mab dot1x pae authenticator dot1x max-req 3 dot1x max-reauth-req 1 spanning-tree portfast !
Any help will be greatly appreciated.
UPDATE: see the comments below.
Good job on your own Oliver problem and for taking the time to update everyone here! (+ 5 from me). If your problem is resolved you must mark the thread as answered ;)
-
I installation of the NAC for role based on the user assignment of VLAN deployed as OOB VG L2. I have a default access, authentication and configuration of VLAN user. The user VLANis for comments. Thus, a guest opens it broswer and the customer is prompted to enter credentials. Credentials are accepted. The browser refreshes IP and I get a "... limited connectivity. 169.254.etc... ». I get this error when I apply ACL below the interface ' user vlan "(i.e. ip access-group 110 in), when the ACL is not assign everything works fine and the comments can roam my entire internal network. My DHCP/DNS is on the 10.0.0.0 network. Anyone have any ideas why I get this error?
access-list 110 deny ip 192.168.41.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 110 deny ip 192.168.41.0 0.0.0.255 172.16.0.0 0.15.255.255
access-list 110 permit ip 192.168.41.0 0.0.0.255 192.168.41.0 0.0.0.255
access-list 110 deny ip 192.168.41.0 0.0.0.255 192.168.0.0 0.0.255.255
access-list 110 permit ip 192.168.41.0 0.0.0.255 any
Hi there-
What Vlan and the property is intellectual property the guest user when he experiences the web page contestant powers?
What vlan and IP do you want comments to have once the client authenticates as a guest?
My first thought is that your ACL denies requests DHCP and DNS request, since you mention the DHCP and DNS are on the 10.0.0.0/8 network.
thxs
Peter
-
ACS 5.2 synchronization with Windows 2008 AD but can not see groups
Hi friends,
Recently, I worked with the CSA (installed on VMWare) 5.2. At first, I was using a Win Server 2003 Enterprise edition AD, and he had no problem with the AD and the authority of CA. Because some of my customers use Win Server 2008 I change the advertising platform for Win Server 2008 Enterprise edition (x 64).
I didn't really have a great experience with Win server platforms, and for what I've seen, the Services of Win Server 2003 deployment is easier than is the Win Server 2008.
So, when I used the Win 2003 server, I can not only synchronize the ACS with AD but also use some groups created on the announcement to perform network access authentication. When I try to do the same with Win Server 2008 AD the CSA and the server is synchronized, but when I want to add groups for the purposes of authentication it is zero, absolutely nothing... so I can't do any test.
Also, I searched for information on the compatibility between the ACS 5.2 and Win Server 2008 platforms, and in the end, the platforms are compatible.
Any idea?
Thanks in advance.
Jose M Cortes:
Hi Jose,
Thank you for letting me know, glad your problem is solved now.
Feel free to ping back in case you need assistance with GBA in the future.
Kind regards
Fede
--
If this helps you or answers to your question if it you please mark it as 'responded' or write it down, if other users can easily find it.
-
Purge of the endpoint group RegisteredDevices?
Is it possible to purge automatically endpoints in the endpoint identity group RegisteredDevices? So if endpoint is saved by using the automatic provisioning workflow, I would that the user access authenticated auth for 24 hours, then they must be re - authenticate, so their device may not be in RegisteredDevices, after 24 hours. Thank you.
Hi Josh,.
An application is filed for the same under this id CSCua70707. Currently the only way that I believe is to manually delete endpoints by checking reports of the endpoints that have been registered and also profiled.
Maybe you are looking for
-
Hello, I am a student and I bought my first Macbook Pro 3 weeks. I love it and was not able to get my hands on it since! So today when I came home and was about to check my e-mail, it happened suddenly empty! Black! I tried to reboot several times wi
-
Need DC for Satellite U400-15 b DC power Jack
Hello Anyone know where I can source a DC power jack to replace the motherboard of a U400-15B? I've scoured the web without success. Thank you
-
W520 - Support for Windows Server 2008 R2
Hi all Is there a statement of official support from Lenovo to Win2008 R2 running on the W520? I had a lot of problems to operate correctly on the W500 and don't want to fall into this trap... Kind regards Baris
-
I had Security Center windows 2011 which is a virus.how do that I get rid of this, it doesn't let me do the web thanks to warnings from the Security Center, because it maintains changig my web page
-
BlackBerry Q5 can I block incoming phone numbers?
Is it possible for phone numbers of block to call me on my Q5? If yes how?