Need of a rule on the NAC to deny access to the XP machines
We run NAC 4.9.1 and I'm trying to think of a way to refuse any client Windows XP to get full network access. I created a new cheque which examines the registry key under:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\ProductName
For any string that contains "Windows XP." I have it on Audit right now and I see in the newspapers that the XP mahcines hit this requirement.
Now, how can I deny that check?
Hello
The NAC itself has rules of compliance different OS that you want to allow on your network.
Simply create a compliance rule indicating that you only allow windows 7. It works much better than the condition of the registry.
I used to support this product back to Cisco, but unfortunately I don't have access to a NAC server so I don't know where exactly is this option.
If you need more help feel free to ask and I'll be happy to help you.
Kind regards
Erdelgad
Tags: Cisco Security
Similar Questions
-
Create an alert only rule on the virtual machines in a Service
I'm under vFoglight 6.7.1. I set of services including virtual machines. I want to change the rules, such as disk space, to pull it from the virtual machines in this alert service. This would allow me to define groups for different email alerts. Someone has an idea how to do this?
Hello Chris,
Hope this helps https://support.quest.com/SolutionDetail.aspx?id=SOL88998
Sincerely,
Prasad Gadgil
-
Need of a component of the virtual machine for a program where I can find one?
I just bought a program for windows 7 80 people have it but it doesn't work on my computer, a warning appears saying its lack a component of VM, I after troubleshooting it says its fixed the program but it comes up saying its compapitble how can I solve this virtual machine what program should I use. This new program s.
Hello whitelotus,
If the program is not compatible, then you try to install and run the program in compatibility mode.
Use the following steps:
(1) right click on the program
2) click Properties
3) click on the Compatibility tab
(4) select run this program in compatibility mode and select Windows Vista or other operating system, the program has been run successfully.
Check out the link here: make sure to run older programs in this version of Windows
http://Windows.Microsoft.com/en-us/Windows7/make-older-programs-run-in-this-version-of-Windows
If compatibility is not successful, then try and self-test program compatibility issues:
1. open the program compatibility problems theStart button.
Then click on Control Panel. In the search box, type troubleshooting tool, then clickTroubleshooting. Under programs, clickRun done for previous versions of Windows.
2. follow the instructions in the troubleshooting.
If you are unable to install a program, insert the installation disc for the program and, using the Troubleshoot utility, navigate to the program setup file, usually called Setup.exe, Install.exe, or something similar. This utility is not designed to work on programs that have an .msi file name extension.
If you are running Windows 7 Professional or Ultimate version, install Windows Virtual PC and Windows XP mode (http://www.microsoft.com/windows/virtual-pc/default.aspx) and run your software in Windows XP.
If you run Windows 7 Home Premium, try VirtualBox (www.virtualbox.org) or VMware Player (www.vmware.com), or any other software virtualization part 3rd and install a separate copy of Windows XP (family or professional edition) for this purpose. You can find the virtualization software free that will run on Windows 7 Home Premium.
Hope that answers your question.
Sincerely,
Marilyn
Microsoft Answers Support Engineer
Visit our Microsoft answers feedback Forum and let us know what you think -
usable RAM is less to installed in the Virtual Machine
Hi Admins,
I have a 64-bit VM win2008R2. Recently, I've increased the RAM to 64 GB to 32 GB.
But when I look in the system 64 GB (32 GB usable) properties.
This means that the virtual machine has only 32 GB? what needs to be done for the virtual machine to use 64 GB?
could you please help me?
Noufel
You have not written what edition you have, but for example the 'standard' and 'web' editions have maximum 32 GB of RAM. In order to use more, you must have Enterprise/Datacenter/HPC edition...
-
I have a question about WINXP rules in the NAC server and more specifically, if a rule reports a failure, but it's part of a! the rule, this means - happening? For example:
/ * Style definitions * / table. MsoNormalTable {mso-style-name : « Table Normal » ; mso-tstyle-rowband-taille : 0 ; mso-tstyle-colband-taille : 0 ; mso-style-noshow:yes ; mso-style-priorité : 99 ; mso-style-parent : » « ;" mso-rembourrage-alt : 0 à 5.4pt 0 à 5.4pt ; mso-para-marge-top : 0 ; mso-para-marge-droit : 0 ; mso-para-marge-bas : 10.0pt ; mso-para-marge-left : 0 ; ligne-hauteur : 115 % ; mso-pagination : widow-orphelin ; police-taille : 11.0pt ; famille de police : « Calibri », « sans-serif » ; mso-ascii-font-family : Calibri ; mso-ascii-theme-font : minor-latin ; mso-hansi-font-family : Calibri ; mso-hansi-theme-font : minor-latin ; mso-bidi-font-family : « Times New Roman » ; mso-bidi-theme-font : minor-bidi ;}
&(!pc_Windows_ehkeyctl|pc_XP_MCE_KB973768_MS09-037) (red indicates failure)
The NAC is reported as a check failed:
pc_Windows_ehkeyctl, File Check [$SYSTEM_ROOT\ehome\ehkeyctl.dll is]
It is a failure because it finds the file and there is a negative on the rule?
What about this:
/ * Style definitions * / table. MsoNormalTable {mso-style-name : « Table Normal » ; mso-tstyle-rowband-taille : 0 ; mso-tstyle-colband-taille : 0 ; mso-style-noshow:yes ; mso-style-priorité : 99 ; mso-style-parent : » « ;" mso-rembourrage-alt : 0 à 5.4pt 0 à 5.4pt ; mso-para-marge-top : 0 ; mso-para-marge-droit : 0 ; mso-para-marge-bas : 10.0pt ; mso-para-marge-left : 0 ; ligne-hauteur : 115 % ; mso-pagination : widow-orphelin ; police-taille : 11.0pt ; famille de police : « Calibri », « sans-serif » ; mso-ascii-font-family : Calibri ; mso-ascii-theme-font : minor-latin ; mso-hansi-font-family : Calibri ; mso-hansi-theme-font : minor-latin ; mso-bidi-font-family : « Times New Roman » ; mso-bidi-theme-font : minor-bidi ;}
&(!pc_XP_2115168_MS10-052_FileChk|pc_XP_2115168_MS10-052)
The first part of the reports as passage, and the second reports failure... but logically, this part of the rule must pass because only after the first part? Which apparently correct?
Thank you!
Gavin - Budd
He actually reports a failure audit - and in many cases, it is expected (and confusing!). For example, with Windows controls preconfigured, if it is a 32-bit client you will see fail the verification of 64-bit.
Same with your second example check
&(!pc_XP_2115168_MS10-052_FileChk|pc_XP_2115168_MS10-052)
We expect that it is not the first cheque or spend the second control - but one of these controls will show as failed. Clear as mud?
-
Loops rule in the clouds of the OPA
Hi OPA developers,.
We currently use the OPA Cloud (may 2015) for the requirements on annual sales. Unfortunately found an error of loop rule to requirements such as:
* an e balance at beginning of the yearmust be equal to its previous year-end balance less pension his previous year of
* but a balance end of year is equal to balance at the beginning of the year more value temp of the year
The year is an entity. Balance of year and end of year sale run loop in a debugger because even if we refer to the previous year, he always uses the same entity instance attribute. Loop rule is not supported in the cloud (as opposed to how we can configure the properties of the rule in the version on site).
Please let know us if you have a work around to do this. The only alternative we have is to turn them into global attributes and enter the number of the year in the name, such as the balance of the year 2nd = 1st year sale - 1 year temp value, balance of 3 year = 2nd year balance - 2nd year temp value, etc. But then, it is instances of entity year 100 x each attribute start and end loop so it will be a very large document/s for us to create and to business users to maintain.
If all goes well there is something we can use entity and relationship functions... but always try to figure out how to do. Any help is very appreciated!
Thank you!
Unfortunately there is no support for rule lines in the version of may 2015. We are looking for by adding back to a later version.
I'm guessing that your example is simplified, but you wrote it you don't need a loop of rule to solve. The final value is just:
InstanceSum (years, value temp of the year) - InstanceSum (the years, pension year of)
-
Hello everyone I use Oracle Database EE 11.2.0.4 with DG.
In these cases, I need to get Enterprise Manager Database Control running against DB with no CARS and no DG I do the following:
I have SQLPLUS logon as user SYS or SYSTEM and drop the account sysman and business objects:
DECLARE
CURSOR c1 IS
SELECT master, synonym_name name
OF dba_synonyms
WHERE table_owner = "SYSMAN";
BEGIN
TO r1 c1 LOOP
IF r1.owner = "PUBLIC" THEN
RUN IMMEDIATELY "DROP PUBLIC SYNONYM ' |" R1. Name;
ON THE OTHER
RUN IMMEDIATELY "DROP SYNONYM ' |" R1. Owner: '. ' || R1. Name;
END IF;
END LOOP;
END;
/
Mgmt_view DROP USER CASCADE;
/
DROP ROLE mgmt_user;
/
Sysman DROP USER CASCADE;
/
After that, I run
EMCA - config dbcontrol db-rest recreate
But what do I do in case I have 2 servers (primary and standby) work according to the rules of the DG?
Hello
It is not possible to monitor and administer a basic physical or logical standby, IE using Enterprise Manager Database Control Data Guard. This is mainly due to the fact that Database Control is designed to monitor the 1-database and an environment Data Guard, by definition, includes more than 1 database.
If you attempt to run emca against a database of pending, you will get an error like (i.e. ORA-01219: database is not open).
Of course, database Control, can be used to monitor the current main database (with no capacity to administer or control Data Guard related features). In such a case, failover Database Control needs to be reconfigured to run on the new primary database using the commands described in detail in Note 278100.1 how to remove, create and recreate DB Control In A Database, section c. recreate/ReConfig DB control, Option 2 10 g. recreate the control DB Configuration files and repository.
Enterprise Manager Grid Control or Cloud control provides the functionality for display, monitor, and administer the primary and standby databases in a Data Guard configuration.
Reference: It is Possible to configure the database for a logical or physical Standby Database command? (Doc ID 315116.1)
You can effectively use EM 12 c cloud control to monitor and manager ensures DB
Ref to the link for more details below
Set up and manage to Oracle Data Guard with Oracle Enterprise Manager Cloud control 12 c
Kind regards
Rahul
-
How to make consolidation operator (~) instead of (+) by placing it in the rules of the load.
Because by default it will make my child (+) values after build in the cube. I don't want one by one change the operator of consolidation in the values of the child to (~) in the outline. It must therefore be made in the rules of the load. For your information, for my build parameter dimension, I have defined this reference generation and in the dimension of the generation properties, I put as a generation like the field and field number 2. I can't find the setting to make all my child operator of consolidation so that it takes (~) in the rules of the load. Thank you
What I have in my .txt file. that is open in the loading rules that have columns.
Value1
Value2
Value3
What I did after having built the loading rules in the cube.
Stored MyDimensionName # Default # (3)
Value1 (+)
Value2 (+)
Value3 (+)
What I want to achieve.
Stored MyDimensionName # Default # (3)
Value1 (~)
Value2 (~)
Value3 (~)
Hello, I did it before I saw your reply. I add a first column to help to create a field using text, and I type in ~. So total I now have two columns
Field1 Field2
Value1 ~.
Value2 ~.
Value3 ~.
After that, for my dimension build setting, I put it as a reference of generation. In the generation of dimension properties, I put it Field1 as generation for the field and field2 as a property for the field. I have set as number2 Field1 and field2 as number2. I need to change my stored MyDimensionName # Default # (3) stored MyDimensionName # Default # (3) (Label only) If no, it will not work. That's how I did it. Haven yet tried your method. That means that u create using a field using text that is gen1 for column1, and ~ to Column3? In total it is therefore 3 columns?
-
Script to display the VM who do not respect the rules of the DRS
Hello
I'm looking for Powercli script to get some information from DRS rules:
I explain the details of the bellows of the application
I have 2 DRS rules:
The first rule (R1) run several VMS on ESX Details. The ESX name starts with SRV1xxxx... The virtual machine are on data warehouses whose name starts with DTX1_...
The second rule (R2) run several VMS on ESX Details. The name of ESX starts with SRV2xxxx. The virtual machine are on data warehouses whose name starts with DTY2_...
For 2 rules above, I need to be sure that VM running on the datastore DTX1, are on servers ESX, named SRV1xxx, then VM that are running on the DTY2 data store, are on the ESX servers named SRV2xxx
Summary:
Rule 1: List of virtual machine that runs on DTX1 and SRV1xxxx
Rule 2: List of virtual machine that is running on DTY2 and SRV2xxxx
The script should check and view the virtual machines that do not respect the rules. For example, if a virtual computer runs DTX1 and SRV2xxx, or a virtual computer runs on DTX2 and SRV1xxx, I need to put the name of the virtual machines in an excel file and send the result by mail.
Thanks for your help.
Kind regards
Try this variation
Get - VM |
Select Name,
@{N = "Datastore"; E={$_. ExtensionData.Config.Files.VmPathName.Split(']') [0]. "Split('[') [1]}},"
@{N = "Iddm"; E={$_. ExtensionData.Config.Files.VmPathName.Split(']') [0]. Split('[') [1] - match ' \D+(?
\d+)\D+' |) Out-Null; $matches ['number']}}, @{N = 'ESXi'; E={$_. VMHost.Name}},
@{N = "ESXid"; E={$_. VMHost.Name.Split('.') [0] - match ' \D+(?
\d+)\D+' |) Out-Null; $matches ['number']}} | where {$_.} Iddm - not $_. ESXid} |
Select the name of the data store, ESXi
-
Mechanism of sorting in the rules of the takeover bid
Hi all
I have few attributes to the person entity level in my data model.
My requirement is to choose #3 older people of the household attribute according to age.
How we have implemented the OPA sorting mechanism? If we can sort, then how to choose the first/last n records out of it?
Please notify.
Kind regards
Mohan
You need not all alleged relationships to determine 3 older people. See my example above (e.g. the person is the most senior person if...) A second option is to determine a rank of digital age for all people (eg. rank of age from = 1 + the number of persons for which it is true that...). Then your only problem will be what to do when when more than three people have a rank of 3 or less. Keep in mind that policy/rules must be deterministic... is you don't peut/don't must not assume that a third person can be chosen "at random" and therefore must specify how you will choose between two people of the same age.
No to the question of counters, counters have only meaning in the code of procedure, rules and policies not declarative. Counters to assume a sequence of assessment (i.e. the procedural execution) and therefore, a variable can contain a different value at different points in time during the execution sequence. Declarative policies / rules define the conditions in which a fact can be determined without regard to the order in which she or other policies will be evaluated.
-
Access rule to the rule-driven event Variables
Hello!
Background:
Here's what I'm trying to do: I was hoping someone might be able to help me with this.
I created an event rule without a scope that will be sent, if the name of the event contains a prefix set, as follows;
{if(@event_name.) Contains ("MYFILTER_")}
Returns true;
} else {}
Returns false;
}
The action is a command line action that activates a special probe in SNMP before that we have installed on the server.
The problem:
I want to access a variable in the variable filter rule. Essentially, EACH rule containing MYFILTER_ as a prefix has a variable defined as a variable of @callGroup RULE. This variable considers the specified parent service and tire part of the name of the service that we have designed to be always the band guard for this alarm/event.
The solution that I'm looking should look like this:
On the event rule:
Variable: callGroup
Type: Expression
Value of the expression: @event.get ("callGroup");
On the MYFILTER_ rule:
Variable: callGroup
Type: Expression
Value of the expression:
def foundParent = false;
targetService def = 'unknown ';
i = 0;
While (i< scope.parents.size()="" &&="">
obj = scope.parents def
;{if (obj.topologyTypeName.Equals ("FSMService"))}
If (obj. Name.Contains(":") & obj.name.contains("-")) { //This is the regular expression to our designated 'parents services' }
targetService = obj.name;
foundParent = true;
}
}
i ++ ;
}
{if(!foundParent)}
for (x = 0; x
for (y = 0; y)
obj = Scope.parents [x] .parents
;{if (obj.topologyTypeName.Equals ("FSMService"))}
If (obj. Name.Contains(":") & obj.name.contains("-")) { //This is the regular expression to our designated 'parents services' }
targetService = obj.name;
foundParent = true;
}
}
}
}
}
originService = targetService.split(":");
parentService = originService [0];
Return parentService.split ("-") [0];
Bottom Line: How can I access this other value or a variable existing rule from the interface of event action rule?
access to the content of the rule Variables is unfortunately not possible by using the generated alarm or event driven rule.
But I think you can use the same rule of expression led to the event. The only problem is that your event driven rule is not you need to replace worn with
Server. TopologyService.getObject(@event.topologyObjectID)
Like this
def scopedObject = server.TopologyService.getObject(@event.topologyObjectID) // use the @event to find the alarm scope !!! def foundParent = false;def targetService = "unknown"; i=0;while(i < scopedObject.parents.size() && !foundParent){ def obj=scopedObject.parents; if(obj.topologyTypeName.equals("FSMService")){ if(obj.name.contains(":") && obj.name.contains("-")){ //This is the regex of our designated "parent services" targetService = obj.name; foundParent = true; } } i++;}
if(!foundParent){ for(x=0;x -
Copy of the CSS rules in the new page
Is it possible to copy all my changes to a preset CSS, header liquid two columns and footer presenting, in a preset, two static column header, and implantation of the footer so I don't have to redo all the rules on the new page?
Thank you
scriptmemory
Hello
It's a little difficult to say what changes you need without seeing the page. But if the CSS is in the top of the page, then you must save the old page as a new page, then only change the CSS that makes the liquid columns fixed px size.
Cristian Dorobantescu
Of the Flexi CSS layouts - creating CSS layouts in Dreamweaver without coding
-
rule to the CSS style question
Hello
I have a < h1 > and < h2 > rule of style to get the effect voor my headers as can be seen here: http://www.ecstechnics.com/modules/page.phtml?dimensionid=17 & pageid = 23
I think the main header (< h1 >) style rule I can do easily: simply apply the correct font style and that's all.
But for the header < h2 > I need a colored line extending the width of my liquid main content container, unless she is disturbed by a floating picture. Example on the same site: http://www.ecstechnics.com/modules/page.phtml?dimensionid=24 & pageid = 37
The line spans a certain width (preference with my container of liquid, if it is not fixed wide), but if a picture or other object interferes, I want to shorten accordingly.
Is this possible? All advice please?
Thank you!!
Erik
CSS:
rehydration {}
border-bottom: 1px solid red;
Width: 400 PX;
}
{of scale
border-bottom: 1px solid red;
Width: 100%
}
HTML:
It's short
It is wide
Does that help?
Nancy O.
ALT-Web Design & Publishing
Web | Graphics | Print | Media specialists
www.Alt-Web.com/
www.Twitter.com/ALTWEB -
I need sample file database containing the product, market, measures etc.
I need sample file database containing the product, market, measures etc. to load data into basic sample applications. Where can I get it?In my view, that he must be present in your system. You can download the data in environmental assessments, and then you will find a data file called "Calcdat.txt". This is the data file that doesn't have any rule file. You can also find it in the following folder:
C:\Hyperion\products\Essbase\EssbaseServer\app\Sample\Basic\Calcdat.txthttp://hyperionexpert.blogspot.com/
-
Just updated to Mac OS Server says I need an earlier version of the server cannot be updated
I've just updated for Mac OS Server 5.2 (from 5.1) will not let me connect to my server saying that I need an earlier version of the server as this version (5.2) cannot be updated.
How can I go back to 5.1?
The error:
Impossible to set up the server.
This version of the server does not support upgrading server data on this volume. To upgrade your database server, you need to install an older version of the server and OS X.
Maybe you are looking for
-
I recently transferred a large number of my photos from my iPhone to my pic 5s runs Windows 10. Everything worked well and they were then removed from my iPhone. However I noticed that I still have an album of 674 photos still on phone photos about 2
-
Is - this free update of 10.2.1 to 10.2.3? It is not released in App Store as other previous updates? Juha of Finland
-
Cannot install the update error
I'm trying to update my iPhone 6 16 GB running iOS to iOS 9.3.1 9.2.1 but when I try to install the OTA update it says "cannot install the update." How could I solve this problem? The contact ID is not available because the unit is gray with a white
-
Maintenance for Satellite 1900 305 manual?
Are there downloadable for Toshiba laptops service manuals - as some other manufacturers have on their Web sites. I have the usual problem with a laptop computer when the power connector is intermittent. I suspect that there is need to resolder as I
-
Impossible to install the graphics driver for Satellite L50-B-1EE
Hello I can't install the intel graphics hd on my laptop?