Problem with shell command authorization

Similar Questions

• Shell command authorization

  Hi all

  I'm having a problem with the Shell command authorization. I have a user that I just want to be able to display the configuration of installation, it is for the auto config to archives on an hourly basis.

  I have configuered the device with the following orders of aaa:

  AAA new-model

  AAA group Ganymede Server + ACS

  AAA authentication login default group ACS

  /NOAUTH AAA authentication login no

  AAA authorization config-commands

  AAA authorization exec default group Ganymede + group ACS

  /NOAUTH AAA authorization exec no

  AAA authorization commands 15 default ACS group

  AAA authorization commands 15 /NOAUTH no

  AAA accounting command 15 arrhythmic default group ACS

  The static account I have set up ok logs and can show config etc. Access to the conf t is disabled, which is good, but for some reason, it can run any command show rather than just who is this all I welcomed in the Shell command authorization.

  Unmatched command is defined for refuse and allowed unparalleled arguments are not checked.

  ACS is 3.3 2 and switch I tested running 12.1 (9) EA1

  Any ideas?

  Most of 'show' command are level 1 controls. You can check this by logging in as a normal user, issue a private "sho" to make sure that you are at level 1, and then type 'sho ip road', "sho ver", etc., you will see that all work fine.

  Your AAA commands say only the switch to allow level 15 commands, so when you do a "sho ver" or similar this order will not be sent offshore to the ACS server for authorization.

  If you add the following:

  AAA authorization commands 1 default ACS group

  so, what do you have to fix, but be careful because it is easy to lock you out of power mode enable (add 'enable' in your command set too).

  You should also noticed all those who 'show' commands were not their statement in detail either, because you have enabled also only accounting for level 15 commands.

• How to activate 'Shell command authorization games '.

  Hello

  I use aaa on Ganymede to check the user to active directory ms.

  I set up a new "Set Shell command authorization" see the attachment for more details.

  But it does not work. So, I just want to check if the use of a command works or not.

  You can see in the file attached, I tried something with the command 'show '.

  But if I connect I am still able to use "view aaa servers" example, but in the 'show' commandbox I asked the agrument "refuse the aaa" inside.

  Why doesn't this work?

  Thanks for the help

  BB

  BB,

  Not sure why you want to do it this way. Trick here is to give all users a priv 15 and then set the permission command, defined according to your need.

  Overlooking priv 15 does not mean that the user will be able to run all the commands. You can set permission set and allow that you want specific orders, the user should be able to run.

  So pls rate this help

  Kind regards

  ~ JG

• Problem with Xcode command-line tool

  Hello

  Last week I upgraded my macbook pro with the latest OS X Capitan and 7.3 of Xcode.

  I also installed the command line for Xcode Tools.

  But there is a problem because the "command-line tools" in Xcode do not work, for example, I am getting following error:

  MyMacBookPro-5: ~ make amitc$ xcrun

  xcodebuild: error: SDK '/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer /SDKs/MacOSX10.10.sdk' is not found.

  xcrun: error: cannot find the utility 'make', not a tool of development or on the WAY.

  Does anyone know any solution to this problem?

  (I don't understand why he's trying of MacOSX10.10.sdk, while it must search for MacOSX10.11.sdk).

  With our thanks,

  Amit.

  You agree with the terms and conditions of the license?

  sudo xcodebuild-license

• Help ACS shell command authorization

  Hello

  I wanted to only allow users to use the command interface. But when I have enabled terminal config of ACS shell command, all commands are allowed. How can I limited users having only permission for command interfaces?

  Thank you

  Two things may be wrong

  (1) you do not have the following command on your AAA Client:

  AAA authorization config-commands

  (2) you have clicked on the 'unmatched orders' = allowed radio option in ACS, take a look on:

  http://www.Cisco.com/en/us/products/sw/secursw/ps2086/products_configuration_example09186a00808d9138.shtml

  Concerning

  Farrukh

• How to communicate effectively with Adobe, service customer-problem with credit card authorization

  Maybe someone of you had such a problem with purchose - I bought the plan in creative cloud, but there was no e-mail coming after the purchose and what I see in my bank account information - my payment is waiting for authorization (already too long). In my profile, it seems that I have not buy aything.

  Contact customer support. Make sure that you are connected with the Adobe ID that you used to purchase the plan. I'm also moving your post on the creative forum Cloud.

  Contact the customer service

• I have a problem with the command prompt.

  Original title: cmd.exe

  I have a system where this problem started a couple of weeks.   When I run a command to a command (any order), it displays the results as expected.  But if I run the command with "cmd /c command", for example "cmd /c date", the screen is erased before the result is displayed.  It is also a problem if I am using perl or python or any other tool when I run a system command and wait to capture the output.  There is always a pagefeed at the beginning of the output character.  Because this behavior started recently tried to restore the system to a point where I knew that this was not the case.   But that did not help.   Any ideas?

  Thank you
  JHS-

  OK, you can ignore it.  I thought about it.   I had created an autorun.cmd file which included a cls command.

  Sorry for the noise.

  JHS-

• problems with the command-line command pc

  on the side of mac, I work from command line. But on the pc side I can't understand this.

  on a mac, this is

  deleteF="rm -r "+myNumPhoto.slice(0,39)+"imaging/*";
        app.system(deleteF);
  

  on the PC I'm trying to do the same thing with this.

  deleteF = "RD/s \\TEST\test".

  It runs the command, but I get the system cannot very well the specified file.

  If I run the slashes on the other hand, it works not at all of the suggestions would be greatly appreciated.

  much of the problem was with all the obliques. They must return the characters. That said I ended up doing a string. Here's what I used.

      myNumPhoto=app.document.presentationPath;
      s=myNumPhoto.slice(0,42)
      s.toString();
      s=s+"imaging";
        deleteF="RD /S /Q "+s;
        addF="MD "+s;
        app.system(deleteF);
        app.system(addF);
  

  I had to delete the folder, and then add it in back on the PC because the command RD except no wildcard characters.

• Problem with the commands pack/unpack

  Hi friends, I have a problem.
  
  I have 2 boxes of physical, 192.101.1.104 (1) 192.101.1.102 (2).
  
  (1) I have installed weblogic 10.3 on the first box and created a domain it and server administrator.
  (2) I opened the admin console and created 2 managed servers (i) (ii) MS1, MS2 that both are created under "192.101.1.104". I created a machine (Machine A) and awarded the two servers so that 'Machine - A'. I started Node manager in "192.101.1.104" and I am able to see its available.
  (3) now, I installed weblogic server (Server bare no field) in "192.101.1.102" and I installed as shown below
  
  Will be installed the JDK and the following products:
  
  
  WebLogic Platform 10.3.4.0
  * | ___WebLogic server *.
  * | | ___Core application Server *.
  * | | ___Configuration assistant and modernize the framework *.
  * | | ___Web 2.0 Server HTTP Pub - Sub *.
  * | | ___WebLogic SCA *.
  * | | ___WebLogic JDBC Drivers *.
  * | | ___Third party JDBC Drivers *.
  * | | ___WebLogic Server customers *.
  * | | ___WebLogic web Server Plugins *.
  * | | ___UDDI and Xquery Support *.
  * | * ___JDKs
  * | ___SUN SDK 1.6.0_21 *.
  
  Scheduled installation size: 914,1 MB
  
  
  Because I want to use "192.101.1.102" for just for managed servers.
  
  (4) now, I used the pack command in my "192.101.1.104" box to pack the field so that I could use this field packed in "192.101.1.102" box.
  
  It's the syntax I used for my order of pack in '192.101.1.104 '.
  */Home/staging/Oracle/middleware/wlserver_10.3/common/bin/Pack.sh-Gere = true - domain = "/ home/development stage/Oracle/Middleware/user_projects/domains/myDomain»-template="/home/staging/bea/user_templates/myDomain.jar "-template_name = ' My Weblogic Domain»-log=/home/staging/bea/wlscldompack.log-log_priority = INFO."
  
  She has created myDomain.jar file in ' / home/scene/bea/user_templates implementation.
  
  (5) I used the 'scp' command to transfer this file from '192.101.1.104' to '192.101.1.104 '. while I can unpack the jar file there.
  
  He transferred perfectly with defects.
  
  As I said in my "192.101.1.102" machine is seen naked weblogic server and no field
  
  under this directory (the two machines with the same directory structure)
  
  "/ home/Oracle/stage/Middleware implementation.
  
  the directory structure is (below the directory before unpacking structure)
  
  drwxrwxrwx 8 4096 27 Mar 16:23 jdk160_21 d87231 d87231
  drwxrwxrwx 2 d87231 d87231 4096 Mar 27 17:21 connects
  drwxrwxrwx 7 d87231 d87231 36864 Mar 27 16:23 modules
  d87231 d87231 - rwxrwxrwx 1 622 27 Mar 16:23 ocm.rsp
  -rwxrwxrwx 1 d87231 d87231 73531 Mar 27 16:23 registry.dat
  -rwxrwxrwx 1 d87231 d87231 2024 Mar 27 16:23 registry.xml
  drwxrwxrwx 8 d87231 4096 27 Mar 16:23 utils d87231
  drwxrwxrwx 9 4096 27 Mar 16:23 wlserver_10.3 d87231 d87231
  
  (6) now used the command to unzip below.
  
  /Home/staging/Oracle/middleware/wlserver_10.3/common/bin/unpack.sh-template=/home/staging/mydomain.jar-domain = / home/getting Scene/oracle/middleware/user_projects/domains/mydomain-log=wlscldomunpack.log-log_priority = INFO
  
  Its unpacked with out any problem.
  
  I went to the newly created directory structure
  
  which is under ' / home/Oracle/stage/Middleware implementation.
  
  d87231 d87231 - rwxrwxrwx 1 282 Mar 27 17:29 field - registry.xml
  drwxrwxrwx 8 4096 27 Mar 16:23 jdk160_21 d87231 d87231
  drwxrwxrwx 2 d87231 d87231 4096 Mar 27 17:21 connects
  drwxrwxrwx 7 d87231 d87231 36864 Mar 27 16:23 modules
  d87231 d87231 - rwxrwxrwx 1 622 27 Mar 16:23 ocm.rsp
  -rwxrwxrwx 1 d87231 d87231 73531 Mar 27 16:23 registry.dat
  -rwxrwxrwx 1 d87231 d87231 2024 Mar 27 16:23 registry.xml
  drwxr-x - 3 d87231 d87231 4096 Mar 27 17:29 user_projects
  drwxrwxrwx 8 d87231 4096 27 Mar 16:23 utils d87231
  drwxrwxrwx 9 4096 27 Mar 16:23 wlserver_10.3 d87231 d87231
  
  
  
  I see under
  
  
  * "/ home/development stage/Oracle/Middleware/user_projects/domains/mydomain/servers ' * '"
  
  
  
  *[d87231@localhost servers] $ pwd *.
  * / Home/development stage/Oracle/Middleware/user_projects/domains/mydomain/servers *.
  *[d87231@localhost servers] $*.
  *[d87231@localhost servers] $ ls - l *.
  Total 8
  drwxr-x - 3 d87231 d87231 4096 Mar 27 17:29 AdminServer
  *[d87231@localhost servers] $*.
  
  
  It is not created all the managed servers, even if I used
  '- handled = true' in my pack order.
  
  can any body if you please help me what was wrong with my work above.
  
  Another question, like when I'm unpacking in '192.101.1.102', it should ask me the new managed server names isn't?... why he asked me. I'm not sure my question is correct or not.
  
  My doubt is if the first box is to have 2 managed servers with names MS1 and MS2 and port 7003, 7005, managed server names should change in '192.101.1.102' box, correct me if I'm wrong. Ports are not required to change since the IP address is different.
  
  
  The 192.101.1.104 under mydomain/servers directory structure is
  
  * / Home/development stage/Oracle/Middleware/user_projects/domains/mydomain/servers *.
  *[d87231@localhost servers] $ ls - l *.
  
  drwxrwxrwx 7 d87231 d87231 4096 Mar 21 23:42 AdminServer
  d87231 d87231 drwxr - 3 4096 Mar 26 15:19 domain_bak
  drwxrwxrwx 7 d87231 d87231 4096 26 Mar 15:08 MS1
  drwxrwxrwx 7 d87231 d87231 4096 Mar 26 15:19 MS2
  
  The file config.xml in 192.101.104 is to be entered for these servers managed as well.
  
  This (192.101.1.104) physical server is to have 2 managed servers as I explained at the beginning, I ran the command of pack for this area. But the packaged jar file is not managed servers.
  Please see the light on this and please help me what mistake I make here.
  
  
  Thank you very much
  Peter

  I just tried the below scenario my test environment.

  *./Pack.sh-Gere = true - domain = / home/bonbons/myDrive/weblogic/user_projects/domains/portail-banc-template=/home/candy/myDrive/weblogic/wlserver_10.3/common/templates/domains/myportal.jar-template_name = "myportal" - log = myportal.log *.

  Portal-bench area contain - ms1, ms2 managed instance. This command will create a managed server template.

  Another box running the unpack command and created the new domain such as portalbench or same (managed server model) domain name.

  unzipped the domain correctly created.

  OUTPUT
  =====
  *./Unpack.sh-domain = / home/bonbons/myDrive/weblogic/user_projects/domains/portalbench-template=/home/candy/myDrive/weblogic/wlserver_10.3/common/templates/domains/myportal.jar*
  < read="" template="" from="">

  succeed: model read from ' / home/candy/myDrive/weblogic/wlserver_10.3/common/templates/domains/myportal.jar '.

  < set="" config="" option="" domainname="" to="">

  If you look at the file config.xml and ms1, ms2 directory will be unavailable after bring the managed server model, the config.xml and ms1, ms2 directory will be available.

  I enclose my domain server managed after decompression structure.

  .
  | - bin
  | | - nodemanager
  | | ' - wlscontrol.sh
  | | - server_migration
  | | ' - wlsifconfig.sh
  | | - service_migration
  | | ' - readme.txt
  | | - setDomainEnv.sh
  | | - startManagedWebLogic.sh
  | | - startWebLogic.sh
  | | - stopManagedWebLogic.sh
  | ' - stopWebLogic.sh
  | - config
  | | - config_bootstrap.xml
  | | - configCache
  || | - crc.ser
  | | ' - ver.ser
  | | - config.lok
  | | - deployments
  | | ' - readme.txt
  | | - diagnostics
  | | ' - readme.txt
  | | - jdbc
  | | ' - readme.txt
  | | - jms
  | | ' - readme.txt
  | | - nodemanager
  | | ' - nm_password.properties
  | | - Security
  | | ' - readme.txt
  | ' - start
  | ' - readme.txt
  | - fileRealm.properties
  | - init-info
  | | - area - info.xml
  | | - oraclehomesubs.xml
  | | - security.xml
  | | - startscript - unsub.xml
  | | - startscript.xml
  | ' - tokenValue.properties
  | - lib
  | | - hsql.jar
  | | - Portal - service.jar
  | | - portlet.jar
  | ' - readme.txt
  | - Security
  | | - DefaultAuthenticatorInit.ldift
  | | - DefaultRoleMapperInit.ldift
  | | - SerializedSystemIni.dat
  | ' - XACMLRoleMapperInit.ldift
  | - servers
  | ' - AdminServer
  | ' - security
  | ' - boot.properties
  | - startManagedWebLogic_readme.txt
  ' - startWebLogic.sh

  19 directories, 37 files

  Its works for me.

  Thank you
  Reverchon

• Problem with the command line APEXEXPORT after upgrading to 3.2

  Hello
  
  After the upgrade to 3.1.2 to 3.2 Apex (upgrade went well), I get the following error message when you try to do an export of command-line applications:
  
  Exception in thread "main" java.lang.UnsupportedClassVersionError: oracle/apex/APEXExport (unsupported major.minor version 49.0)
  at java.lang.ClassLoader.defineClass0 (Native Method)
  at java.lang.ClassLoader.defineClass(ClassLoader.java:539)
  at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:123)
  at java.net.URLClassLoader.defineClass(URLClassLoader.java:251)
  in java.net.URLClassLoader.access$ 100 (URLClassLoader.java:55)
  in java.net.URLClassLoader$ 1.run(URLClassLoader.java:194)
  at java.security.AccessController.doPrivileged (Native Method)
  at java.net.URLClassLoader.findClass(URLClassLoader.java:187)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:289)
  to Sun.misc.Launcher$appclassloader$ AppClassLoader.loadClass (Launcher.java:274)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:235)
  at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:302)
  
  Any ideas? It worked perfectly fine before the upgrade... I use Oracle 10.2.0.4 database JDBC jar files.
  
  Thank you
  Matthias Hoys

  Hello

  Machines virtual Java is backward compatible, so you can use the JDBC 1.4 with JVM 1.5 or later without problem, no need to download new classes.

  And Yes, I think that it is best to go directly to JDK1.6... Here I have 1.6 and use the tool to export Apex with the 10g JDBC classes without problems.

  Luis

• I have a problem with the command window terminal

  I'm doing a bootable disc. I glue in the sudo command and can't go any further. When I am invited to my password it's like my keyboard is disconnected. Comparing what I feel for YouTube videos, I noticed that I see things a little differently and maybe that's the key and I'm open to suggestions. That's what I see after the command and click on back:

  Last login: Thursday, August 11 at 17:20:16 on ttys000

  : ~ * sudo/Applications/Install\ OS\ X\ El\ Capitan.app/Contents/Resources/createinstallmedia--volume/Volumes/ElCapInstaller--applicationpath Applications / Install\ OS\ El\ Capitan .app X\ - nointeraction

  CAUTION: Improper use of the sudo command could lead to data loss

  or the deletion of important system files. Recheck your

  If you type when you use sudo. Type "man sudo" for more information.

  To continue, enter your password, or type Ctrl-C to abort.

  Password:

  After the password: is a small logo, a rectangle with a key in it. At this point, I am unable to type anything, the back button still works, but I'm unable to type anything later. What I'm doing wrong or not understanding? I'm new on this.

  Password entry is not included. It seems that nothing is entered, but everything you type is received. Type your password, and then press return. You will then receive a short prompt asking you to enter 'y' or 'n'. The first will take action. The abandonment of the latter.

• Problem with the command net user. Please help ASAP!

  What is happening on Windows XPI logged on as administrator on my computer, then in the command prompt, I typed: net user administrator active: / Yes (and pressed enter). After that I restarted the computer, I can not connect, and was my password (password). Please help me as soon as POSSIBLE. Thank you!

  Your syntax is incorrect for the command "net user".  You probably wanted to enter the command:

  NET user administrator / Active: Yes

  The syntax of the command 'net user' (according to this article) is:
      net user [Username [password |]] *] [options]] [/domain/domain]

  All options begin with a forward slash character (/)

  By omitting the character "/" before "active:", you have probably changed the password of user 'Administrator' in "active:" or "active: / Yes" depending on whether you entered a space before the 'yes '.  Try to connect as an administrator when you enter that as your administrator password.

  HTH,
  JW

• Arguments using Wild-Card in Shell command authorization

  The Shell permission command Set allows the use of wild-card?

  For example, according to command shell permission, what can I put the arguments if I want to enable the command show interface fastethernet 0/1-24 run?

  And also, what should I put in as argument for a ip address if I want to allow "ping x.x.x.x"?

  Thanks in advance.

  Hello

  There are two wildcard characters used under authority of command Shell is the first ' ^ ' sign which designates anything that comes after this is accepted and the second wildcard is ' $' which means anything that is before. In your case, you can use

  Interface FastEthernet 0 1 ^

  and

  Ping ^.

  These commands allow access each Fastethernet and ping to an IP address.

• problem with the command stop and buttons

  Hello world.

  Here's my scenario

  I have a project where I have 5 buttons (all on separate layers) I want to put a link to the image 2, image 3, image 4, part 5 and part 6.

  Thus, for example, I want my topic is to link to the Framework 2 and last new button, to link to the image 3

  The separate pages are housed on the layer 'layer of page '.

  Please see the image below to see what I mean

  

  I'm using the code snippets in cs5 to do this, so I am using the command "click go to frame and play" and change the number of the framework accordingly.

  My problem is when I use the command to stop on the first frame. If I do not use the command the swf allows to select the 6 images constantly, but when I use the command stop buttons do not work because the application has stopped.

  Anyone could shed some light on this problem?

  It may be a case for the use of your gotoAndPlay() where you need gotoAndStop().  If you are on the frame you say to go to play, he can't go anywhere to get there, and stop it is already sold out, so it will play thru to the next stop.

• Satellite A80: Problem with Toshiba command buttons

  Hello, I ve had a Satellite A80 whith buttons for play, stop, rewind and move in the pre-installed software: windows media player and Intervideo windvd 5. But I ve desinstalled intervideo 5 (I have did´t way to do it) and installed a version update 7 Intervideo

  Anyone know how I can continue to use this button with the new software of Intervideo 7.

  In the control of Toshiba program is not allowed to anable another video software.

  Thank you very much and excuse my englih

  Hello

  Have you checked the settings in the properties of the Toshiba control?
  There are two tabs. Please check if the option control of DVD video in the section select drive under the multimedia applications tabs is selected.
  Here, you have to choose WinDVD.

  Good bye