MAF: Implementation of the Secure Mobile Workstation

Similar Questions

• The problem of the implementation of the security of the Oracle iAssets

  I have a pressing concerns as the topic. I've already implemented HRMS Oracle steps for employees in different locations.
  
  If I want to establish the responsibility of the user to different locations of iAssets, can I put a deposit for below:
  a. users can search only, and transfer their own locations for assets
  b. clear the field of net book value of iAssets users
  
  Thank you very much ~ ~

  Hello

  To hide a field, you can try to customize the form

  Concerning

• Apple Watch does not appear in the security/privacy settings my mac (2015)

  Apple Watch does not appear in the security/privacy settings unlock my mac (2015) for auto

  Hi abcd_bruce,

  Thanks for stopping by Apple Support communities. I understand that you are eager to implement the feature Auto Unlock on your MacBook Pro. It is a new system and I'll be happy to help you with this.

  Looks like you did a few steps already to help lift this step. In this article, automatically unlock your Mac with your Apple Watch, he goes over all the steps that must be done to implement this place. If you already followed all these steps and are still problems, then the next step would be to start the Mac in safemode, and then check if you are able to see the Apple Watch see the implementation of the security and privacy preferences.

  Try safe mode if your Mac does not end commissioning

  Have a good night!

• Windows 7 connection error "the security on the server database has not a computer account for this workstation trust relationship"

  Could someone help me by giving the solution on this error message:
  "THE SECURITY ON THE SERVER DATABASE DOESN'T HAVE A COMPUTER ACCOUNT FOR THIS WORKSTATION TRUST RELATIONSHIP"

  http://TechNet.Microsoft.com/en-us/library/ee849847 (WS.10) .aspx

• What are the security risks to open port 80 on workstations?

  Hi all

  in our environment, there is an application that opens port 80 on workstations when it is installed, but it is not allowed on preimeter FW

  could you please tell what are the security risks for leaving port 80, opened on the workstations? or it is considered to be safe unless it is not allowed on the preimeter FW?

  Thank you & best regards

  This issue is beyond the scope of this site and must be placed on Technet or MSDN

  http://social.technet.Microsoft.com/forums/en-us/home

  http://social.msdn.Microsoft.com/forums/en-us/home

• Connection to the local network after the connection to the Client AnyConnect Secure Mobility Client

  I connect to my network of business using Secure Mobility Client of Cisco AnyConnect.  Once connected, I can no longer print on my printer LAN attached and other local resources.  I use the router E4200 of Cisco/Lyncsys on my local network and can re - connect to storage on the local network by putting in place of Port Forwarding port 21 and the sharing of MS Windows FTP folders.  However, I can't connect to a client of the Terminal Services by transferring port 3389.  Is there a way to connect to the local LAN after scoring in the VPN connection.  I can connect to sites HTTP/HTTPS regulars and more than another type of connectiins, just not my own local resources.

  Thanks in advance... JS

  Happy to help, for what it's worth. Please mark question as answered if it is indeed and rate if the response is useful.

• AnyConnect Secure Mobility - disable the auto launch at the connection

  Hello

  I recently put the hands on the last client of v3.1.01 Secure VPN mobility.  We are upgrading the former client anyconnect 2.4 there are many changes that is catch us by surprise.

  The biggest problem I have right now, it's the new mobility VPN starts automatically when a user logs into a machine.  We would like to disable this connection automatic/launch.  With the former client 2.4 we simply disabled the AnyConnect Service in Services.msc default and it starts when a user is ready to connect.

  Any suggestions on how to do it?

  John,

  I'm sorry, I missed actually version "3.1".

  To disable the "AutoConnectOnStart" Please add the previous piece of code to the XML profile:

  fake

  The XML profile is located in the following path:

  The directory path of the BONE

  Windows 7 and Vista

  C:\ProgramData\Cisco\Cisco AnyConnect secure mobility Client\Profile\

  Windows XP

  C:\Document and Settings\All Users\Application Data\Cisco\Cisco AnyConnect secure mobility Client\Profile

  Mac OS X and Linux

  / opt/cisco/anyconnect/profile /.

  I enclose you an example of the XML profile.

  Additional information:

  Auto Connect on start now disabled by default

  HTH.

  Portu.

  Please note all useful posts

  Post edited by: Javier Portuguez

• Failed to download or run the customer of Cisco Anyconnect secure mobility

  I'm trying to download and install the VPN client on my laptop to access my work computer.  I tried the automatic online download and received this error:

  "Cannot install the Client AnyConnect Secure Mobility Client 3.1.00495 with the Installer error: incorrect function."  A VPM connection cannot be established. »

  I also tried the manual download, but my computer won't run the executable.  I'm running on Windows 7 64 bit.  Any help would be appreciated.

  You can try the fix below.  The user made the same mistake.

  https://supportforums.Cisco.com/discussion/11916796/AnyConnect-secure-mobility-client-3100495-Installer-error

  "I was able to install the client correctly by creating a new temporary user account and uses this account to install the client on a global scale on the machine. After successful installation, remove the temporary user account. It worked for me and it was easy. It may not work for all instances of this issue. »

  I hope this helps.

  Please evaluate the useful messages.

  Thank you.

• Delete the profile of AnyConnect secure mobility Client for Windows

  Hello

  My Cisco AnyConnect Secure Mobility Client for Windows (Version 3.1.04063 in fact) has stored some Clientprofiles. How can I remove one of these profiles if I do not need more?

  I already searched the registry and the file system but without success. I don't know where this information is stored.

  Any suggestions?

  Thank you

  They are individual xml files in a hidden directory. The location on Windows 7 is:

  C:\ProgramData\Cisco\Cisco AnyConnect secure mobility Client\Profile

  The complete inventory of their storage location for various operating systems can be found in the Guide of Administration AnyConnect.

• AnyConnect Secure Mobility Client, the Module of access network, wired PEAP

  Hello

  I tested AnyConnect Secure Mobility Client, Module of access network as supplicant with PEAP authentication for wired network users. With the default configuration it works well.  With the default configuration is to trust the root CA certificates installed on the operating system.  Do you know how to set up NAM that it will validate certificate ACS with specific root CA certificate?

  In the profile Module of access network Editor, there are two options on the certificates:

  One is trusted certificate authority which has two options by its self first is too trust any certification authority root certificate that is installed on the operating system and the second is to import root CA certificate in the profile. Potentially second option can help in my case, I can manually import certificates of CA root in each profile. But I think it will be difficult to update root CA certificates in the future in this way.

  Second is Trusted Certificate Server rules, this option have corresponding capacity in certificate common name.  For what can be used this option?

  Capture screen I have attached included the path to the exported root CA certificate. What I did was the Root CA certificate to export to a file and include that cert in the profile (it's manual CA supply directly via the profile editor).

  If you have already added the CA certificate root in the trust store client certifcate through a Group Policy object, you can select the other option "Trust root certification authority installed on the operating system", which will work fine.

  If you do not have an internal root certification authority to issue the certifcates and rely on self-generated certificcate ACS management and for EAP authentication, you need to include the generated certificate locally each device in order to have the confidence of the customer the CSACS device.

• Help the customer to secure mobility; Untrusted Cert questions

  Hello

  I have an ASA5505 running on version 9.0 (2) and I'm trying to configure AnyConnect VPN access.

  When I use Secure Mobility Client and try to connect to the VPN, I get an alert saying:

  Security Warning: no reliable VPN server certificate!  AnyConnect cannot check the VPN server: XXX.XXX. XX. XX

  Certifiate does not match the name of the server

  Certificate comes from an untrusted source.

  Certificate is not identified for this purpose.

  I use the DynDNS service to register my IP address in the public domain, and which seems to be operational. I put the my ASA host name and domain to match the DNS entry? For example, host name xyz 123. net domain for the DNS entry xyz.123.net.

  I also use certificates self-signed with 2048 module. What is the problem? I know that it is the cause of the error "no reliable source", but I'm not sure about the other two.

  Your self-signed certificate will have incorporated any hostname and domain were in place at the time it was created. If your clients access the VPN gateway by using its DNS name, the certificate must match the DNS name to avoid the error "does not match".

  The error 'not reliable' can be fixed by importing the certificate into the store root of trust the customer CA.

  I'm not positive on the last of them. Sounds like something wrong with the actual certificate - maybe some options when it was created.

• Using transform (MST) and group policy to install the Cisco Secure mobility Client

  I created a modification transformation .mst file to install the Cisco Secure mobility Client.  I installed the client by using Group Policy.  When I rebooted my computer that customer installs and restarts.  Is there a property that I can add to the transformation so that the restart will not be required?

  If I do the installation using the MSIEXEC command, I can use the /norestart variable.

  Thank you

  Alex

  Alex,

  For some reason, the screenshot not attached to my previous post.

  It must be visible on the 'Table' tab, then 'Property' field in your MSI Editor tool.

  

  HTH!

  Kind regards

  Nick

• AnyConnect Secure Mobility Client using against the old ASA pictures

  Hello

  Will be AnyConnect Secure Mobility Client 3.x works correctly when the ASA code is less than 8.4?

  I thought that you can not use AC 3.x on what anyone older than ASA 8.4, but it does mean completely not supported or some things work and others are not supported? I just need basic vpn connection and authentication works.

  I have to support a mixture of ASAs with different versions, some 8.2 (x) and some 8.3 (x) and a few 8.4 (x) and want to know if this is definitely not recommended to even try to make a vpn connection and authentication with the older ASA code thanks to the new customer.

  Thank you.
  

  The VPN client AnyConnect 3.0 portion requires ASA 8.0 (4). But due to the increase of the size of the package of 4 MB in AnyConnect 2.5 AnyConnect to 21 MB in AnyConnect 3.0, you will first need to put the flash card and memory ASA.

  Click on the link

  http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect30/release/notes/anyconnect30rn.html#wp1578520.

• How to restrict access to the workstations on the Security Server

  Hello

  I wonder if it is possible to limit access to desktop view to some groups, if the connection is from a security server. To explain it a bit further

  * We have users who access it offices internally to a thin/Zeroclient. They comes to connect to their office pool.

  * Other users have a thick client with client view installed.

  * Others have a laptop and cann access their workstations to "everywhere" with client access or view html

  Only users in the latter group should be able to connect on a security server. Right now anyone who knows the URL of the Security Server can access as long as it has right to your desktop.

  I'm sure that this is possible, but I don't know how...

  Another option is to use the external radius authentication. In this way, that you don't have to have separate categories.

• MAF: Addition of the Cordova.Dialogue Plugin "CDVNotifications".

  Hello Oracle Community:

  If I understand the MAF sta ck is no longer ships with the Cordova.Dialogues plugin called "CDVNotistories" (see previous Discussion Forum Thread HERE)

  
  

  That is why any programmatic attempt to popup a message using the container ADFMF to invokeContainerJavaScriptFunction using the navigator.notification.alert method will fail to run. 

  
  

  Use case: I need to display the confirmation that users are connected successfully.  Here's how I did it in the ADF Mobile.

  () AdfmfContainerUtilities.invokeContainerJavaScriptFunction

  "CustomLogin.phone", "navigator.notification.alert."

  (New Object() {"successful connection.."});

  
  

  
  

  ASK:

  Implementation of an IOS directories are the files .h & ".m" to place in?  If the .h, .js files ".m" are not in the right directory I can not 'Add' the plugin in JDev.

  
  

  
  

  
  

  
  

  I spent the time to research in the Oracle documentation on the subject.  Some of the links that I've referenced are:

  
  

  Links:

  • http://docs.Oracle.com/middleware/mobile200/mobile/develop/MAF-apps-create.htm#CACHCGJE / / good.  Lack of details on where to place the files .h & ".m" for IOS
  • https://blogs.Oracle.com/mobile/entry/introduction_to_custom_cordova_plugin / / Feb2015: big if creating a new plugin
  • https://blogs.Oracle.com/mobile/entry/integrating_cordova_plugin_with_oracle / / Aug2014:
  • https://docs.Oracle.com/middleware/maf211/mobile/develop-MAF/MAF-apps-integrate-plugins.htm#ADFMF25116
  • https://blogs.Oracle.com/IMC/entry/how_to_add_cordova_nfc / / Feb2015: Basic example Android (Android requires only the .js = easier implementation file)
  • Cordova Plugin registry

  YouTube Tuts

  • FEB2015 @ https://blogs.oracle.com/mobile/entry/introduction_to_custom_cordova_plugin
  • NOV2013 @ https://www.youtube.com/watch?v=jT4O4Wt9PXw
  • NOV2014 @ https://blogs.oracle.com/emeapartnerweblogic/entry/integrating_cordova_plugin_with_oracle

  Hi @,TreeStrepek,

  having the Dialogs Cordova Plugin working in the MAF 2.1.2 is trivial. Given that the MAF has full support for plugins to Cordova, it is very easy to integrate.

  You must follow the steps thees:

  1. Locate the source Cordova Plugin Dialogs: the source code is provided with the MAF extension. You can find it at [JDEVELOPER_HOME]/jdev/extensions/oracle.maf/CordovaPlugins

  

  2 source plugin copy of your MAF project: this step is optional.

  3. Add the plugin in "maf - application.xml": open the tab "Plugins". In "Additional Plugins", click on "+" button and navigate to the location of the source code of the plugin.

  

  Navigation.notification is now available to use. Now your code will work:

  () AdfmfContainerUtilities.invokeContainerJavaScriptFunction

  "CustomLogin.phone", "navigator.notification.alert."

  (New Object() {"successful connection.."});