List ACS 4.0 and area
Hello
We have ACS 4.0 on a windows 2003 sp1.
The server is a member of a domain.
I have to configure an LDAP to auth to another AD server in my network?
Is this the only way trust between the AD withour?
Jan
As far as I've seen if you plan with the external ad server authentication LDAP must be configured for the authentication of users to work.
Tags: Cisco Security
Similar Questions
-
original title: sending Emails
When you send an Email to someone not in my contact list "Check names" appears and says not in the contacts list, and are not sent.
Remember - this is a public forum so never post private information such as numbers of mail or telephone!
Ideas:
- You have problems with programs
- Error messages
- Recent changes to your computer
- What you have already tried to solve the problem
If you use a POP3 Protocol account, please post on the forum network, e-mail and put online:
http://social.answers.Microsoft.com/forums/en-us/vistanetworking/threads
If you use Hotmail, please report it to Windows Live Solution Center, son of Hotmail:
http://www.windowslivehelp.com/forums.aspx?ProductID=1 . for the benefits of others looking for answers, please mark as answer suggestion if it solves your problem. -
Not possible to export a list of virtual machines that are created in the past 7, 30, 120 and 180 days since an imported csv file containing the date of creation of virtual machine. My questions is the correct statement to the variable: $VmCreated7DaysAgo: $_CreatedOn "-lt" $CDate7.
# #SCRIPT_START
$file = "C:\Users\Admin\Documents\WindowsPowerShell\08-18-2014\VM-Repo.csv".
$Import = import-csv $file
$VMCreatedLast7RDayRepoFile = "C:\Users\Admin\Documents\WindowsPowerShell\08-18-2014\Last7Days.csv".
$start7 = (get-Date). AddMonths(-1)
$CDate7 = $start7. ToString('MM/dd/yyyy')
$VmCreated7DaysAgo = $Import | Select-object - property name, Powerstate, vCenter, VMHost, Cluster, file, Application, CreatedBy, CreatedOn, NumCpu, MemoryGB | Where-Object {$_.} CreatedOn - lt $CDate7} | Sort-Object CreatedOn
$TotalVmCreated7DaysAgo = $VmCreated7DaysAgo.count
$VmCreated7DaysAgo | Export-Csv-path $VMCreatedLast7RDayRepoFile - NoTypeInformation - UseCulture
Write-Host "$TotalVmCreated7DaysAgo VMs created in 7 days" - BackgroundColor Magenta
Invoke-Item $VMCreatedLast7RDayRepoFile
# #SCRIPT_END
You can use the New-Timespan cmdlet in the Where clause, it returns the time difference between 2 DateTime objects.
An example of this cmdley
New-TimeSpan-start (Get-Date). AddDays(-7)-end (Get-Date). Select days - ExpandProperty
In your case, you could do
Where {(New Timespan-démarrer ([DateTime] $_.))} CreatedOn) - end $start7). {7 days - gt}
But beware of negative numbers.
-
What are these startup items and are they harmful
Hello
I have a M55-S325. I noticed a few items on my list of startup in the System Configuration utility
TCtrlIOhook.exe
TPSMain.exe
Ltmoh.exe
AGSMMSG.exe
Apoint.exe
TFncKy.exeSo my Question is what are and are they harmful
If so how do I remove them.
Help, pleaseHi David,
The items you listed are real items used by your operating system, although they can be stopped if you want without making any real damage. This will largely depend on if you want to use all functions in which they are involved.
For example, TCtrllOhook.exe and TPSMain.exe are associated with the Toshiba power management utility.
Ltmoh.exe and AGRSMMSG.exe are you installed the modem.
Apoint.exe is associated with you pointing device (Touchpad or other).
TFncKY.exe is related to the function of function keys of Toshiba.
Of course, if you do not use your internal modem then the modem associated elements can be stopped without any bad Effect, even Toshiba function keys.
Kind regards
-
Create a script to list all the .bat and .cmd files with the dir command &
Hello
Im trying to create a script that will list all the .bat and .cmd files in a specific folder and add the data to a new file (file.txt) - example below:
dir c:\>desktop\file.txt/OD
dir d:\>>desktop\file.txt
dir f:\jobs\*.bat>>desktop\file.txt/ODIM able to search the F drive and the list of all the .bat files using a generic parameter, but ideally id like to search for .bat and .cmd files, but whenever I have it try does not work. Any ideas?
I tried the following:
dir c:\>desktop\file.txt/OD
dir d:\>>desktop\file.txt
dir f:\jobs\*.bat,*.cmd>>desktop\file.txt/ODAny help is appreciated, the reason for which I need to check all the .bat and .cmd files is to ensure that the scripts on a cluster are all data, so need them all listed in a doc if possible
Thank you
Hello
Thank you for visiting the Microsoft answers community site. Your question of Windows 7 is more complex than what is generally answered in the Microsoft Answers forums. It is better suited for guys official script Forum. Please ask your question in the official Scripting Guys Forum.
http://social.technet.Microsoft.com/forums/en-us/iTCG/threads
-
retrieving a list of all named and Notifiers queues
is there a way to get a list of all named and Notifiers queues are open
No, you will need to register somewhere as get you them.
-
Who are Speedy PC Pro and are they safe to use?
My computer is slow with the almost complete hard drive, but a lot of is things that I did not, but don't know how to get rid of, where the lure of the above for me to do. PS am not very technical!
Hello
Process the sites too hyping registry cleaners and optimizers system like snake oil. People are more likely
cause problems while fixing anything.SpeedyPC reputation on WOT (Web Of Trust)
http://www.MyWOT.com/en/scorecard/www.SpeedyPC.com------------------------------------------------------------
If you need more help get a real computer store (that makes its own domestic service).
---------------------------------------------------------------
Use the startup clean and other methods to try to determine the cause of and eliminate
the questions.---------------------------------------------------------------
What antivirus/antispyware/security products do you have on the machine? Be one you have NEVER
on this machine, including those you have uninstalled (they leave leftovers behind which can cause
strange problems).----------------------------------------------------
Follow these steps:
Start - type this in the search box-> find COMMAND at the top and RIGHT CLICK – RUN AS ADMIN
Enter this at the command prompt - sfc/scannow
How to analyze the log file entries that the Microsoft Windows Resource Checker (SFC.exe) program
generates in Windows Vista cbs.log
http://support.Microsoft.com/kb/928228Also run CheckDisk, so we cannot exclude as much as possible of the corruption.
How to run the check disk at startup in Vista
http://www.Vistax64.com/tutorials/67612-check-disk-Chkdsk.html==========================================
After the foregoing:
How to troubleshoot a problem by performing a clean boot in Windows Vista
http://support.Microsoft.com/kb/929135
How to troubleshoot performance issues in Windows Vista
http://support.Microsoft.com/kb/950685Optimize the performance of Microsoft Windows Vista
http://support.Microsoft.com/kb/959062
To see everything that is in charge of startup - wait a few minutes with nothing to do - then right-click
Taskbar - the Task Manager process - take a look at stored by - Services - this is a quick way
reference (if you have a small box at the bottom left - show for all users, then check that).How to check and change Vista startup programs
http://www.Vistax64.com/tutorials/79612-startup-programs-enable-disable.htmlA quick check to see that load method 2 is - using MSCONFIG then put a list of
those here.
--------------------------------------------------------------------Tools that should help you:
Process Explorer - free - find out which files, key of registry and other objects processes have opened.
What DLLs they have loaded and more. This exceptionally effective utility will show you even who has
each process.
http://TechNet.Microsoft.com/en-us/Sysinternals/bb896653.aspxAutoruns - free - see what programs are configured to start automatically when you start your system
and you log in. Autoruns also shows you the full list of registry and file locations where applications can
Configure auto-start settings.
http://TechNet.Microsoft.com/en-us/sysinternals/bb963902.aspx
Process Monitor - Free - monitor the system files, registry, process, thread and DLL real-time activity.
http://TechNet.Microsoft.com/en-us/Sysinternals/bb896645.aspxThere are many excellent free tools from Sysinternals
http://TechNet.Microsoft.com/en-us/Sysinternals/default.aspx-Free - WhatsInStartUP this utility displays the list of all applications that are loaded automatically
When Windows starts. For each request, the following information is displayed: Type of startup (registry/Startup folder), Command - Line String, the product name, Version of the file, the name of the company;
Location in the registry or the file system and more. It allows you to easily disable or remove unwanted
a program that runs in your Windows startup.
http://www.NirSoft.NET/utils/what_run_in_startup.htmlThere are many excellent free tools to NirSoft
http://www.NirSoft.NET/utils/index.htmlWindow Watcher - free - do you know what is running on your computer? Maybe not. The window
Watcher says it all, reporting of any window created by running programs, if the window
is visible or not.
http://www.KarenWare.com/PowerTools/ptwinwatch.aspMany excellent free tools and an excellent newsletter at Karenware
http://www.KarenWare.com/===========================================
Vista and Windows 7 updated drivers love then here's how update the most important.
This is my generic how updates of appropriate driver:
This utility, it is easy see which versions are loaded:
-Free - DriverView utility displays the list of all device drivers currently loaded on your system.
For each driver in the list, additional useful information is displayed: load address of the driver,
Description, version, product name, company that created the driver and more.
http://www.NirSoft.NET/utils/DriverView.htmlFor drivers, visit manufacturer of emergency system and of the manufacturer of the device that are the most common.
Control Panel - device - Graphics Manager - note the brand and complete model
your video card - double - tab of the driver - write version information. Now, click on update
Driver (this can do nothing as MS is far behind the certification of drivers) - then right-click.
Uninstall - REBOOT it will refresh the driver stack.Repeat this for network - card (NIC), Wifi network, sound, mouse, and keyboard if 3rd party
with their own software and drivers and all other main drivers that you have.Now in the system manufacturer (Dell, HP, Toshiba as examples) site (in a restaurant), peripheral
Site of the manufacturer (Realtek, Intel, Nvidia, ATI, for example) and get their latest versions. (Look for
BIOS, Chipset and software updates on the site of the manufacturer of the system here.)Download - SAVE - go to where you put them - right click - RUN AD ADMIN - REBOOT after
each installation.Always check in the Device Manager - drivers tab to be sure the version you actually install
presents itself. This is because some restore drivers before the most recent is installed (sound card drivers
in particular that) so to install a driver - reboot - check that it is installed and repeat as
necessary.Repeat to the manufacturers - BTW in the DO NOT RUN THEIR SCANNER device - check
manually by model.Look at the sites of the manufacturer for drivers - and the manufacturer of the device manually.
http://pcsupport.about.com/od/driverssupport/HT/driverdlmfgr.htmHow to install a device driver in Vista Device Manager
http://www.Vistax64.com/tutorials/193584-Device-Manager-install-driver.htmlIf you update the drivers manually, then it's a good idea to disable the facilities of driver under Windows
Updates, that leaves about Windows updates but it will not install the drivers that will be generally
older and cause problems. If updates offers a new driver and then HIDE it (right click on it), then
get new manually if you wish.How to disable automatic driver Installation in Windows Vista - drivers
http://www.AddictiveTips.com/Windows-Tips/how-to-disable-automatic-driver-installation-in-Windows-Vista/
http://TechNet.Microsoft.com/en-us/library/cc730606 (WS.10) .aspx===========================================
Refer to these discussions because many more excellent advice however don't forget to check your antivirus
programs, the main drivers and BIOS update and also solve the problems with the cleanboot method
first.Problems with the overall speed of the system and performance
http://support.Microsoft.com/GP/slow_windows_performance/en-usPerformance and Maintenance Tips
http://social.answers.Microsoft.com/forums/en-us/w7performance/thread/19e5d6c3-BF07-49ac-a2fa-6718c988f125Explorer Windows stopped working
http://social.answers.Microsoft.com/forums/en-us/w7performance/thread/6ab02526-5071-4DCC-895F-d90202bad8b3I hope this helps.
Rob Brown - Microsoft MVP<- profile="" -="" windows="" expert="" -="" consumer="" :="" bicycle="" -="" mark="" twain="" said="" it="">->
-
I can't get rid of ccSvcHst.exe in the list of icons in notification area.
I can't get rid of ccSvcHst.exx in the list of icons in notification area. He indicates that he belongs to Norton Internet Security. My new computer came with Norton on it. Natch. First things to get out were three Norton programs. The free 60 day trial of Norton internet Security, Norton backup program and VIP access. I used the function uninstaller in the control panel of Windows 7 sp 1. When I noticed this ccSvcHst.exe in the list of the notification icons, I guessed that it was a case of undesirable residue left by Norton, so I used the removal tool mentioned on this site.
http://us.Norton.com/support/kb/web_view.jsp?wv_type=public_web&docURL=20080710133834EN&LN=en_US
But ccSvcHst.exe is always in the list of icons in notification area. And I wonder how much other stuff hidden Norton is still on this new computer. I would appreciate any advice on how to get rid of it. There may be a third party removal tool that is safe and not provided by Norton that could be more complete.
Thank you
Department of public works
We need remove IconStreams, PastIconStreams in the registry key, and then restart...
See: -
My question is very simple: I believe! How can I remove scanners listed in Windows Fax and Scan App under 'Tools'-> 'Scan routing? This really should not be so dang hard when I do an install, and regedit, I looked at most of the places are to get rid of any residue. However, when I get back in Windows FAX and Scan, inevitiably I see printers / scanners way back when I bought this laptop.
I use Windows 7 Home Premium as my operating system.
I think I'll try the following:
Uninstall Norton & reboot
Reinstall your HP printer using the latest version of the full software features on HP site, preferably in the usb connection.
Test the printer or use HP diagnostics to test its operation, then uninstall HP printing via programs & features software.
Then use the HP utility to completely re - move
http://h10025.www1.HP.com/ewfrf/wc/softwareDownloadIndex?CC=UK&LC=en&DLC=en&softwareitem=MP-49133-2
If all goes well, that should put an end to this
(With the help of uninstalling programs & features should remove the printer from the "Devices and Printers")
-
WLC / ACS / AD - domain and laptops no - domain (802. 1 X / PEAP)
Hi all
I implement a solution based on 4404 WLC, 1113 ACS and Microsoft AD. What I want to achieve is to have two WIFI (SSID), that can be used by users on laptops of the domain, the other can be used by the users in the domain on personal laptops. Field portable computers will have full connectivity, but personal laptops will be restricted.
I created the two SSID using 802. 1 X by ACS / Remote Agent and can authenticate and connection OK.
I thought I should have user auth and auth machine for laptops of area but just user auth for personal laptops.
I have unauthenticated machines go to one group ACS or blocked, but I need to enable them in if they are on the SSID restricted. I can't quite understand how to have two SSID is authenticating with the same ACS / AD - one green and the other.
I'm on the right track?
Anyone done this before or have any bright ideas?
See you soon,.
John
With the use of WLAN access based on the SSID, users can be authenticated based on the SSID they use to connect to the WLAN. The Cisco Secure ACS server is used to authenticate users. Authentication happens in two stages on the Cisco Secure ACS:
1 authentication EAP
2 resulting SSID authentication of network (NARS) on Cisco Secure ACS Access Restrictions
For the new designation and configuraiton following URL can help you:
http://www.Cisco.com/en/us/Tech/tk722/tk809/technologies_configuration_example09186a00807669af.shtml
-
ACS, Service access and authorization
I'm under ACS 5.2 and I'm trying to set up 3 new SSID, which 2 are not guaranteed and 1 which is secure. I'm trying to understand the best way to allow their evolution on which network they come. All authentication requests are from the same devices, LAN controllers without wire, so NDG cannot be used as criteria. I was watching either create 3 Access Services and using selection rules, or by creating 1 Service access and using permission to choose. However, I can't find an attribute to use for determining what network they came.
Anyone has a suggestion for the best way to do it? I have
Go to the elements of the policy-> Conditions of network-> end of Station filters and create a rule CLI/DNIS that includes the name of the SSID, and then use it as a condition to any rule you create for authentication. The SSID will be preceded by MAC address, then enter * ssidname (i.e., match whatever it is before the name SSID, then match the SSID). For example, if the SSID is called lab, then you must enter * lab.
Then go to access-> Service selection policies and create a service selection rule that has end Station filter as a criterion.
-
Hello
I try to load the attributes of the CNA for IBM Corporation (TSCM) of the FTP (the attributes of the NAC management), but these do not appear in the system
Configuration-> Configuration-> CSV connection failed attempts Configuration or CSV file past Authentication Configuration file.
My server is ACS 4.0 device. On ACS 3.3 my attributes of the NAC is working well.
[attr #0]
Vendor id = 2
name of the vendor = IBM Corporation
application = 50 ID
SCM = application name
attribute id = 00020
attribute name = political Version
Profile attribute = off
type of the attribute = string
[attr #1]
Vendor id = 2
name of the vendor = IBM Corporation
application = 50 ID
SCM = application name
attribute id = 00021
name of the attribute = number of Violation
Profile attribute = off
type of attribute unsigned whole =
[attr #2]
Vendor id = 2
name of the vendor = IBM Corporation
application = 50 ID
SCM = application name
attribute id = 00010
Action = attribute name
Out = attribute profile
the attribute type = String
I loaded the list with attributes for Symantec on ACS 4.0 and it is OK, but for Tivoli Security Compliance doesn't work.
Please help me if you have a solutions!
Thank you!
Hello
Well Yes, you can't have a space between the name of the seller, I case that after loading the file I do not have the attribute of the GBA unit, but can see logging. After the reboot of the ACS that's ok.
I also, can deployment of the NAC with IBM TSCM, you share the experince? What version of client TSCM, we should use? I can't get the 5.1.0 version but it looks like no need version 5.1.2 above only can patch the last update.
Thank you
-
Problem ACS 4.0 and Server RSA Token
Hello
We are having a problem trying to get 4.0 for Windows GBA authenticate users on a Server Token RSA wireless.
Our Cisco 1200 AP series is configured for WPA2 and LEAP Authentication. He points to the ACS server for RADIUS authentication. Now, it works very well for users with a static password defined on the internal database of GBA. However, for obvious security reasons, we? d as the transmitted authentication to our server internal RSA.
I installed RSA Agent on the same server as the ACS along (after adding the sdconf.rec file in the System32 folder). The RSA server was added to the ACS external database and a user configured to use the Token RSA server for password.
When we try to authenticate, the ACS fails the attempt with reason? External DB passes invalid?. The same user can authenticate successfully during the use of the RSA test authentication tool that is installed on the ACS server under the RSA Agent software.
After running some debugs a pix in front of the servers, I see traffic to and from the servers when you use the test tool (that works), but it looks like GBA doesn't? t even send traffic to the RSA server during authentication.
Any help or advice appreciated.
Thank you
no no no no! Do not use EVER of RSA with WIFI + PAP.
The token + pin can be sniffed and is good for 60 seconds... on the Wifi which is disastrous.
-
Confusion of Windows Update lists 115 available updates and my update list installed
After the necessary at the beginning to W8 update, why MS update screen say I've never updated my computer, lists 115 available updates and my list update installed (by the bottom of the list available) shows many updates successfully, some of which are on the available MS update list and my updated history list (from the top to the left of) the MS list of updates available) shows a lot of failed installs updates than any other list under successful? I'm confused that those to whom I have to download and install.
Hello
Read this information on the refreshment and allow Windows Update to do its job.
Refreshing retains data, with some exceptions (see below).
http://www.eightforums.com/tutorials/2293-refresh-Windows-8-a.html
Note
What settings will be retained- All user accounts.
- Files in the files of all users C:\Users\(user-name) . (ex: desktop, My Documents, my music, etc...)
- Wireless network connections
- Applications on the Windows Store will be kept.
- Mobile broadband connections
- Parameters of BitLocker and BitLocker To Go
- Drive letter assignments
- Customizers like the lock screen background and desktop wallpaper
- Choices you make during the Windows Welcome, such as the accounts of users and computer name, will not change.
- Settings network, libraries, and Windows Update will not change.
- Parameters of Customer Experience Improvement Program will not change.
- Error report settings Windows will not change.
- Some drivers may or may not be deleted.
Which settings will NOT be preserved
- File type associations
- Display settings
- User settings
- The Windows Firewall settings
- Application settings
- All installed 3rd party desktop programs (not the apps Store). A list of removed apps will be saved on your desktop once the update is complete to let you know what programs have been removed.
- You change PC settings return to their default values.
- Installed Windows updates will be removed.
- Some drivers may or may not be deleted.
See you soon.
-
list - restrictive entry visibility and external xml file in the drop-down list
The question applies to the OPA 10.1, but if a solution requires a version more recent OPA (e.g., 12.1) we can update so please let me know what version your answer applies to.
I have a series of tabs of a spreadsheet Excel that map different categories on each other and I want to implement this OPA so that there are six screens with drop-down lists and visible elements two on-screen menu will depend on the selected item in the display 1. list to display 3 items will depend on the selected item in the screen 2, which depends on the item selected on the screen 1, etc..
For example,.
1 screen can be States:
Maryland
Virginia
New York City
Georgia
...
2 screen could then be counties: assuming that Virginia has been selected...
Accomack
Albemarle
Alleghany
...
3 screen could be cities: assuming that Accomack is selected...
Exmore
Parksley
...
Basically I have large spreadsheet list of lists with items (one list a 2040 pieces) and so I can't manually enter easily list items. I would like to 'specify the name of the list' and have the OPA to use an xml list (easily created my spreadsheet), but the OPA Help menu says "NOTE: this implementation of the xml list does not support default values or visibility...» "So it seems that I won't be able to make invisible inapplicable list items. So, to use the fictitious example above, if I chose the State of Maryland, I will not applicable to Virginia or any other State counties, but Maryland is visible; Yet, all counties in the country should be included in the list in the first place.
If someone knows a solution or another solution to this problem (other than creating custom functions) so please let me know.
"Out of the box' for 10.1 you can try the following:
Have simply a separate list for each of the sub-components. He can do even a little painful, but you have not at least custom functions or custom controls.
On the first screen you have the attribute collection the State using the list of States (provided via xml).
On the second screen you have the County collection attribute - but repeated 50 times - and then use visibility to show/hide the template you want (which then has the correct xml for the counties in the State).
On the third screen you have your attribute for the city (once again the same attribute for each list) but isn't there it gets a little mean to 50 times counties in the State.
In terms of writing that required visibility rules that you can probably leverage Excel to do much of the building of the rule for you to lists (remembering that the compiler takes that you as the user see in Excel, not the function that sees Excel)- so there is not a lot of extra work in the perspective of rules.
The sticking point will simply put all of these attributes and binds the attribute visibility for the right control (and right xml).
Proceed with caution (extreme!), but... If you're already Automation to create the XML lists from Excel, then you might want to automate the creation of xml screen. But be very careful. I've seen some projects that have used automatically generated screens and they did the job of the ok - but certainly a warning any time major health you do not use OPM to generate a component of OPM.
Then... it is possible to do it manually - but you probably want to get involved some automation.
Maybe you are looking for
-
Moving the mouse to any results on the ground in time. For example: when I moved the mouse to the "Détails" box, it was entirely 2 seconds before I saw an indication that I could enter data. What reading mail on Yahoo, if I want to mark an item to mo
-
Cursor randomly freezes and jumps to life on Tecra 8200 with Win XP
Tecra 8200 with Win XP Professional The cursor randomly freezes and jumps to life after a few seconds, very rarely, I have to re - start.This happens as well with the mouse of keyboard or mouse remotely. Hope someone can help because it's driving cra
-
When I receive the ordered recovery disk
Hello I have orderd (at least) a cd of restoration on site with a amount of prepayment, I transferd the money through my Bank since Wednesday. How can I know if Toshiba recived the money or not? and how I followed with my shipment?My time of order 12
-
HP ENVY m6-k010dx fn key locked
I have a HP Envy m6-k010dx and it seems that the fn button is locked. Whenever I hit the volume buttons or brightness that it's as if I was now pressed the key fn as well. Does anyone know how to fix this?
-
Dispositivoscarlett 2 i 4 focusrite
Hello. My name is Cesar, I want to configure my interface, but I can't, I already check drivers, but it still. I was looking in you tube, but in my country, Peru, is not usual. Is posible send me information in Spanish please? Thank you.