GANYMEDE user through the console?

Hi all

We had a strange problem with authentication via GANYMEDE. Logging on to a switch via VTY works well... I enter my user name and PW and start at the privileged exec prompt. But when I am trying to connect through the console, I won't get it priviledge rights exec without entering in a passage of the ena. This phenomenon occurs in different versions of IOS.

Config looks like this:

AAA new-model

AAA authentication login default group Ganymede + local

the AAA authentication enable default group Ganymede + activate

default AAA authorization exec group Ganymede + none

AAA authorization network default group Ganymede + local

AAA accounting send stop-record an authentication failure

AAA accounting newinfo periodic update 15

AAA accounting exec default start-stop Ganymede group.

orders accounting AAA 15 by default start-stop Ganymede group.

Default connection accounting AAA power Ganymede group.


username privilege 15 password

RADIUS-server host x.x.x.x

RADIUS-server host x.x.x.x

RADIUS-server timeout 25

radius-server key

Line con 0

exec-timeout 0 0

line vty 0 4 aso.

Any ideas?

Kind regards



What you are experiencing is a behavior of Cisco implements voluntarily. As has been explained to me, to directly enter mode privilege is a combination of authentication and authorization. For the vty ports it is enabled. For the console, it is the authentication, but not the component of the authorisation. The reason for this is that it is easy to misconfigure the framework for approval of the configuration. It's one thing to lock you into the vty ports and it's something of another (and more serious) If you lock you out of the console. So as a safety mechanism Cisco only default not apply permission on the console. You will need to enter the password to enable on the console.



Tags: Cisco Security

Similar Questions

  • The Task Manager currently has two active users in the console session, but I am the only user.

    Task Manager

    my task manager currently has two active users in the console session. I am the only user of the computer and when clicking on USERS it always shows only one user. What or OMGE could be the cause.


    Open the Task Manager->, click on users-> right click on another user who isn't currently active and choose log off.

    This can occur when the user account is not properly disconnected.

    I hope this helps.

  • How do you perceive a swing through the console Panel?

    While I'm not a Swing / GUI developer, I have a question. How do you perceive a simple swing through the console panel?

    I created a simple method of hand [see below]. It compiles perfectly, but when I go to run the compiled file, nothing happens. He returned to the command line. I have a feeling I'm missing something, but I don't know exactly what it is. Can someone point me in the right direction?

    Thank you!

         public static void main (String args[]) {
              JPanel header = new JPanel();
              JPanel spacer = new JPanel();
              spacer.setPreferredSize(new Dimension(150, 20));
              spacer.setPreferredSize(new Dimension (150, 20));     
              JLabel title = new JLabel("Current Testing");
              JPanel spacer2 = new JPanel();
              spacer2.setPreferredSize(new Dimension(150, 20));
              spacer2.setPreferredSize(new Dimension (150, 20));
              JSeparator jSep = new JSeparator();

    You must add the Group of experts to a top-level container and display this container.

    Start by reading the Swing tutorial [url]. Maybe start with the section "use of the Swing components. Choose a component that you want to use, and look at this article for examples of work.

  • What is the proper way to create a user who can connect through the Console, but not through the VMWare Client?

    I did the following steps:

    1. create a user

    2. assign the Group root (remove all the other group of the user)

    What's my not just?

    Thank you!

    It is the way to do it.   Either you must be part of the root group to be given to the role admin (or a bespoke) at the level of the host to access the DCUI.

    If you create a user is added to the root group, but is assigned all permissions (either singularly or through a group) on the host then, then the user will be able to connect to the DCUI but not the client vSphere (or any other method of the API).

  • Something wrong with the profile of all the users of the IOM

    Hi all

    I don't know what is happening but everytime I login with a user id and password of the IOM and click on the profile of the user in the Console of the Self Service, I get this error thrown:


    on the user interface. Also, in the diagnostic server logs, this is the entry:

    [2012 07-26 T 12: 16:47.989 + 05:30] [oim_server1] [NOTIFICATION] [IAM-0060016] [oracle.iam.platform.auth.impl] [tid: [ASSETS].] [ExecuteThread: '3' for the queue: "(self-adjusting) weblogic.kernel.Default"] [username: xelsysadm] [APP: IOM #] the IP address from which flows the browser is
    [2012 07-26 T 12: 16:48.317 + 05:30] [oim_server1] [WARNING] [] [oracle.iam.consoles.faces.mvc.common] [tid: [ASSETS].] [ExecuteThread: '3' for the queue: "(self-adjusting) weblogic.kernel.Default"] [username: xelsysadm] [APP: # IOM] java.lang.NullPointerException
    [2012 07-26 T 12: 16:48.317 + 05:30] [oim_server1] [ERROR] [] [oracle.iam.consoles.faces.mvc.common] [tid: [ASSETS].] [ExecuteThread: '3' for the queue: "(self-adjusting) weblogic.kernel.Default"] [username: xelsysadm] [APP: IOM #]

    This happens for all users. Same xelsysadm. Please help me solve this problem. Its quite urgent. There, it is not concrete and specific error shown in newspapers, so I'm totally confused. And this error started happening after I changed some attributes through the administration and then mapped these attributes to RequestDataSet through MDS. However, these pages work fine. Perhaps the profile has still some attribute that I deleted in the administration page, or something. I'm not sure. Impossible to find any specific set of data for the profile in the MDS. I only demand, create user, alter user and these other sets of data. If someone knows what page of profile uses the data set, then please reply. Any help is very appreciated.

    Thank you

    Did you change the visibility of the user usr_locale attribute? Normally it is visible, but if you removed the visibility of this attribute in your configuration of user attribute you will get this error.

  • Change the DB connector via the console design


    I installed the DB connector with the GTC feature in IOM No change is required for reconciliation and it works very well, how ever, I need to reach my own adapter for the provision of a new user. Is it well if I'm going to change the definition of process via the console design, since Oracle and Oracle support documentation we ask is not to change the connector through the console of design? In addition, this connector can be exported and imported as the rest of the connectors or what I create in each new environment?

    Thank you

    It will work, but if you redefine the GTC connector modifications will be overwritten.

    On the side of the support of support for changes to all of the artifacts created by GTC varied per person support and time. It is not officially supported (most of the time).

    Best regards
    / Martin

  • Error deleting project or a resource of Xquery in the Console of the OSB


    I am trying to remove a console of the OSB project, but it generates this error: "error: end of file unexpected after null. Is there a way I can go on file system and manually delete the project? Is not let me re - deploy the project to the server of the OSB. Please notify.

    Thank you


    Is there another way to remove the server from the OSB project? Any help would be greatly appreciated in this regard.

    Under the root of the domain, there is the OSB / directory that contains all projects of the BSO and other whatnot. I had to clean this one (renamed to osb.old) because it has been corrupted and OSB just didn't let do me anything through the console. It went well, the server became clean and I transferred the same tree of project from scratch.

    I shouldn't remind you however that you save better the whole area before you do.


  • Change the privileges of the user of the operating system in application


    Oracle Fusion Middleware 11 GR 1 material

    WebLogic Server 11 GR 1 material PS4

    We have a security problem that we cannot solve. In application the trigger BUTTON WHEN PRESSED, we open the .pdf on remote server using web.show_document documents. We are in need to restrict access to documents only by the application. To explain. The user should not be able to access the file somehow, but by application on the key. For the moment, we are in little trouble, because the user can access the document by using the address bar in the browser or just type the address in the browser. I am aware that this issue has more with OS privileges as any parameter of Oracle. I would like to know is there a way to restrict the privileges of the user at least OS at the OS level and grant access to the user through the Oracle application?

    Kind regards

    S Pax

    If you want to completely on app I see two different ways.

    1 put the files on a share on your application server and make them off-limits via http. To view a file, it load to the client through the WEBUTIL_FILETRANSFER.AS_TO_CLIENT of WEBUTIL and display it using CLIENT_HOST.

    2 put the files in a database table. To view a file, load it to the customer through the WEBUTIL_FILETRANSFER of WEBUTIL. DB_TO_CLIENT and show it using CLIENT_HOST.

  • How can I make javascript - entry via the console action/target - easier to navigate?

    Hi all

    Someone find that navigate the continuous and uninterrupted lines constituting the blocks/paragraphs of the text in the JavaScript code, entered through the console of the target/action, is of a daunting task, especially when making some amends?

    Other than the obliques, which seem to cause problems when published and displayed through some browsers - does anyone have a cross-platform solution for separating the code in lines sensible and readable for ease of navigation?

    Thanks much for any help.

    Edge 2014.1.1

    Mac OS 10.7.5

    Cross-platform IE10 upwards browsers

    I would like to make a table of the name of each item and a table for the text.


    Enter the code to run when the composition is fully charged here

    panels of var is ['panel_1_text', 'panel_1_text_2', 'start_text', 'panel_2_text'];.

    var = [] info

    "Through Phase 3...",

    "appropriate here text."

    "appropriate here text."

    "appropriate here text."


    for (i = 0; i<>

    SYM.$(panels[i]).html (info [i]);


  • Dreamweaver freezes every morning, the console shows he's going through all my fonts?

    I'm on a mac, 10.9.2, with Dreamweaver CC (just what is the latest version). Every morning, after the start-up of Dreamweaver, I get about a minute or two, then it freezes. When I check the console log, I see that he's going through all of my fonts. I could publish the newspaper, but it's the same line over and over again, just with different fontnames (and unfortunately I don't maaaany fonts, but only a few of them are active):

    Note the performance of CoreText: customer called CTFontCreateWithName() using the name "Futura Light" and got with name 'FuturaBT-Light' PostScript fonts For optimal performance, use only PostScript names when calling this API.

    I have to admit that I don't know what that means, or what to do about it? CC other applications do not do that, only Dreamweaver (which shouldn't need to all fonts at first, with the exception of a few standard fonts-batteries). Anyway, usually I force - quit Dreamweaver and after that it works fine (as fine as Dreamweaver is usually the case, at least).

    A note on the side - here at the office, we use Universal Type Client of Extensis font management.

    Any help? Good ideas? Lucky guesses? ;-)

    Thank you

    We have checked the issue & looks like DW starts scanning all Extensis font at startup. We are studying it.

    In the meantime, it would be great if you can file a bug here. This will help us to give priority to it based on the number of requests from users.

  • Mapping network drives through the command prompt to another user

    Right now I am implementing a batch file that will map the readers of network for other user accounts. Currently, I can only card readers for the connected account and no one else. Is there a way to do it through the command prompt, or I have to use powershell. Really, I'd rather it be done through the command prompt as I already all the completed script, with the exception of this part.

    Thank you

    EDIT: After further review, I conclude that there is no possible way to do it. Simply, it is not included in all orders that I could find. If someone finds, then great, but if not, like I did is as follows:

    Check the user credentials against a master list which also has passwords.

    Once a match, use this user name and corresponding password.

    Run this to authenticate by using the Group Policy Editor.

    You can map drives with group policy or by using a startup script (= batch file) that contains one or more of the following commands:

    NET use / persistent: no
    NET use q: \\ServerName\ShareName / User: David SomePassword

    NET use q: \\ServerName\ShareName / User: David *.

    Note that the incorporation of the passwords in a batch file is a serious safety hazard that is why the second command is preferable.

  • Is FDMEE runing through the user interface or batch process?

    In an event of jython script, how can I determine if the FDMEE process is run through the user interface or as part of a batch?

    Use the method getBatchJobDetails (BigDecimal pLoadId) API, if it returns a result set, then there a batch process, if it is not it is not.

  • error during the upgrade of form of the user in the sysadmin IOM console


    While trying to update the UserForm, I get error below. What could be the problem here.

    It worked a few days back.

    [2015 07-29 T 10: 47:41.807 - 07:00] [oimext_server1] [NOTIFICATION] [] [oracle.iam.platform.entitymgr.impl] [tid: [ASSETS].] [ExecuteThread: '0' for the queue: "(self-adjusting) weblogic.kernel.Default"] [username: xelsysadm] [ecid: 77744a889dde03de:4484be9e:14edad031c8 :-8000-0000000000000393,0] [APP: IOM #] [IDDM: 0000KvQoy6OEoIs6wjyWMG1LiGdA000003] provider initialization data for the entity type - user of the type UserDataProvider

    [2015 07-29 T 10: 47:42.021 - 07:00] [oimext_server1] [WARNING] [] [oracle.adf.controller.faces.lifecycle.Utils] [tid: [ASSETS].] [ExecuteThread: '0' for the queue: "(self-adjusting) weblogic.kernel.Default"] [userId: xelsysadm] [ecid: 77744a889dde03de:4484be9e:14edad031c8 :-8000-0000000000000393,0] [APP: oracle.iam.console.identity.sysadmin.ear #V2.0] [IDDM: 0000KvQoy6OEoIs6wjyWMG1LiGdA000003] ADF: addition of the following JSF error message: error returned is: JTA transaction suddenly cancelled (perhaps due to a timeout); nested exception is weblogic.transaction.RollbackException: an unexpected exception in beforeCompletion: sync=org.eclipse.persistence.transaction.JTASynchronizationListener@2120ece2 []

    Inner exception: java.sql.SQLException: ORA-01691: impossible to extend lob IAMEXT_OIM segment. SYS_LOB0000354182C00002$ $ by 128 in tablespace IAMEXT_OIM

    Error code: 1691


    link = > [6 bound parameters]

    Query: InsertObjectQuery (oracle.iam.configservice.vo.ConfigAudit@2120ed23) oracle.iam.ui.platform.exception.OIMRuntimeException: error returned is: JTA transaction suddenly cancelled (perhaps due to a timeout); nested exception is weblogic.transaction.RollbackException: an unexpected exception in beforeCompletion: sync=org.eclipse.persistence.transaction.JTASynchronizationListener@2120ece2

    Inner exception: java.sql.SQLException: ORA-01691: impossible to extend lob IAMEXT_OIM segment. SYS_LOB0000354182C00002$ $ by 128 in tablespace IAMEXT_OIM

    Error code: 1691


    link = > [6 bound parameters]

    Query: InsertObjectQuery (oracle.iam.configservice.vo.ConfigAudit@2120ed23)

    at oracle.iam.ui.platform.exception.OIMErrorHandler.reportServiceException(

    at oracle.iam.ui.platform.exception.OIMErrorHandler.reportException(

    at oracle.adf.model.binding.DCDataControl.reportException(

    at oracle.adf.model.binding.DCBindingContainer.reportException(

    at oracle.adf.model.binding.DCBindingContainer.reportException(

    at oracle.adf.model.binding.DCControlBinding.reportException(

    at oracle.jbo.uicli.binding.JUCtrlActionBinding.reportException(

    at oracle.jbo.uicli.binding.JUCtrlActionBinding.doIt(

    at oracle.adf.model.binding.DCDataControl.invokeOperation(

    at oracle.jbo.uicli.binding.JUCtrlActionBinding.invoke(

    at oracle.adf.controller.v2.lifecycle.PageLifecycleImpl.executeEvent(

    at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding._execute(

    at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding.execute(

    at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)

    at sun.reflect.NativeMethodAccessorImpl.invoke(

    at sun.reflect.DelegatingMethodAccessorImpl.invoke(

    at java.lang.reflect.Method.invoke(

    at com.sun.el.parser.AstValue.invoke(

    Thank you

    java.sql.SQLException: ORA-01691: impossible to extend lob IAMEXT_OIM segment. SYS_LOB0000354182C00002$ $ by 128 in tablespace IAMEXT_OIM

    This error indicates that your IAMEXT_OIM tablespace has reached the max limit.

    Increase the size of the tablespace or purge unnecessary data

  • Any creative ways to prevent some users from always using the console?

    Our Organization strives to encourage people to use RDP to access servers, but also provides the use of the console as a backup.  We want users to use the console as sparingly as possible.  Any suggestions on ways that allow the use of the console but make sure users will choose RDP on the console?  Perhaps bringing to logout the user after a period of time?

    My first reaction is of course the sharks with laser beams on their heads but I don't understand how this can cause logistical and budgetary problems. My second idea would be to only allow access to the consoles of a jumpbox they also RDP. So I guess that users would acquiesce to all RDP'ing to the box, that they wanted to administer anyway rather than the double jump, but give them the Console in case there was a situation of emergency or clear need.

  • Removing stubborn users of the CC for teams of Console

    I'm an admin for CC 29 users on behalf of teams. I used the console to start new accounts for different users and deleted users who have left and started new ones in their place.

    However, I am having a little difficulty with two uses I've done in the past. I can not delete these two accounts and I can not use because the accounts do not show users valid within the team more, and the accounts state that they are free accounts and when we try to use them they are just a trial accounts and expire.

    The question is:

    How can I remove these stubborn accounts? They only removed in the console, but appear again and again.


    Please see a manage your cloud creative teams membership

    If problems persist, please contact customer service

    * Be sure to stay connected with your Adobe ID before accessing the link above *.

    Kind regards


Maybe you are looking for

  • HP Pavilion 17 TS 17-e169: processor and other upgrades of questions for a HP 17-e169

    Hi, I am considering an upgrade of processor, possibly an I-5 intel or maybe an I-7 for my machine. The vehicle currently has a plug i - 3 3130 m G2 (pga998b).  I use the latest version of the bios, v27 and all chipset drivers and equipment are up to

  • Senha incorreta

    Boa noite. Toda vez than entro no Messenger I have than trocar senha, porque diz as an esta incorreta, uma Solução gostaria senha... POIS não quero ter ficar trocando todos os dias a minha senha do Hotmail. Att Francielen Paes

  • WHAT should I DO WITH THIS ZIP FOLDEER pxengine4_28_16a

    I don't know if I should open it in files shared or what to with it, that I had been downloading free downloads for my computer so I could connact one of my electronic keyboards to my software like pro tools, cakewalk ect. I don't know what it is or

  • Wamp server which could not start due to lack of MVCR110. DLL

    I installed a wamp server that failed to start due to lack of MVCR110. DLL. but later, I downloaded the MVCR110. Update the DLL and install and the application started successfully. But the apache installation failed due to lack of VCRUNTIME140. DLL.

  • View requirements for Cisco C20

    Hello I have a Cisco C20 I'll setup.  I'm about to buy the poster and the research for the needs. HDMI is all I need right?  I don't want to make a sort of rookie mistake. All special HDMI cables? Thank you for your time.