See 5.1 and external users...
Hello
I'm a new 5.1 installation deployment view and came to the point of wanting to grant external users access to their desktop using PCoIP. I have currently only a single connection to the server in place and don't get any display on external clients unless I have activate the option 'Use PCoIP Secure Gateway for connections PCoIP desktop' and specify the external IP address that I am NAT'ing in the login server. However, once I do that, it breaks the connectivity for all of my internal users. Deactivation of the PCoIP Secure Gateway option restores internal connectivity, but then I'm back to square one and only a black screen and disconnected my external when users I'm trying to connect to the desktop computer.
Roll on a new security server will solve this problem for me? Or do I need a second connection to my external users server instead? We have no DMZ area... Is there any question, place security server (if it's the real solution) on the same local network as my existing connection server segment?
Thanks for any help!
-Matt
Here is the video I made which will answer your questions on the servers VMware View and security for external access: http://www.virtualdojo.com/content/how-configure-security-server-security-servers-101
Tags: VMware
Similar Questions
-
Access for interal AND external users through a single login server?
Hey,.
Apart from redundancy, it is possible to have a single connection server that allows internal users AND external access virtual resources?
For external access, I have associated my login server security server. It works perfectly if I activate the PCoIP Secure Gateway option on my server of connection and enter the public IP address of the Security server.
But with this configuration internal users are not able to connect (listing the works of resources, but the connection fails).
If I disable the PCoIP Secure Gateway option, internal users can access, but not external users via the Security server.
Any contribution is appreciated.
Thank you very much!
No, it's the only way you can do it for internal users and external to share the same login server - activation of the MTP setting is by CS. If you want to PSG on for external users (and it is practically a necessity unless you use a third-party VPN), but offshore for internal users, they will point to the servers of different connection and so you'll need two.
-
Separate authentication for external and internal users?
Hello
Asked me to come with a CEP for a client who wants a new system APEX is accessible to internal and external users. The client security team want to have two separate copies of the request for the APEX and both copies of the auditor of the APEX on separate databases on two separate servers from Weblogic to support different security requirements for both internal and external users. I don't think that is necessary as APEX should be able to impose conditions depending on what type of user is connected, by questioning the cookie passed in which could contain a flag to say whether the user is internally and externally. In addition, CAE can be used to further restrict external access.
The middleware for the customer solution is managed by a third party, who have made the following recommendations:
The domestic channel requires SSO to configure on WebLogic while the outside lane. Internal users must be validated on Active Directory, with RSA Authentication Manager used for external users. We cannot set up a listener APEX instance to use and not to use SINGLE sign-on at the same time. Two applications are necessary.
Now, I understand from my understanding limited the listener of the APEX, it is possible to implement different rules depending on the type of user to access. However, might just as well not be managed from Magnatune APEX? We could write a custom authentication procedure that verifies again road and the SSO user authentication cookie or otherwise, as required.
So my question is this: can it really be necessary to implement two versions of an APEX application, with two distinct on different servers APEX headphones, to meet the security requirements of separate here? Ultimately at the end of the day if that's what the customer wants, we have to build it, but I'm looking to reassure them via a CEP that won't be necessary. I think that the seller of hardware/middleware recommend that the client just because they do not know available in APEX itself custom authentication options.
Please forgive any simplifications or the lack of details in the above - I'm more a developer APEX as a person of the infrastructure and a bit of a 'newbie' where the listener APEX is concerned. All advice gratefully appreciated!
Graham.Hi Graham,
It's a matter of people paranoid how and to what extent they trust their own infrastructure. Things could be easier than to split the environments, but I don't know if I just depends on the cookie because cookie can be easily rigged. But I think that the following architecture would be safe:
1 internal users connect APEX listener somehow security team requires, come to APEX and maybe be identified using the internal IP address (range). To simulate the INVESTIGATION period should be difficult for external users.
2. external users connect APEX listener through a defined gateway, preferably a proxy. All future requests through this gateway would be considered external users.
You may add additional logic to the proxy, for example use something like 'mod_headers' in Apache HTTPD to add a page header to requests, so that you may identify as external users.
You could, of course, also put it the other Tower and allow internal users to use some proxy to enforce certain rules of IP based address, or perhaps a few additional references as authentication for access to the proxy (which again could be transparent user in AD-configuration, at least if you stick with IE).You can easily implement the separation in your custom authentication process. But this architecture also allows some other compromise: even if someone does not trust your application logic to handle two types of application successfully, you can also use the proxy to enforce the specific call for an application id. Certainly you don't need to duplicate the infrastructure...
Most of the companies already have a proxy for external users, for example to activate SSL and to hide other internal resources, for load balancing,... so I think you just need to put some configuration of the existing infrastructure and end up needing no component additional. Even if there is no proxy and yet, it would be an element of very light weight, easy to handle.So far, all this has nothing to do with the earpiece of the APEX. It's 'just' a web front-end for the instance of the APEX in the database. I wouldn't put a logic of network security in this service, but the split things upward front. The APEX listener can be patched to add some logic, but which was not supported.
I think that this would work and should be sufficient for most of the safety requirements.
If my picture was not painted understandable, let me know.-Udo
-
Can I restrict external users to see others?
Hello
Is there a way to keep external users to see other external users in a group?
We have a number of reference documents which should be accessible from a number of suppliers, but users will not be able to converse. I wouldn't have to duplicate these documents into several groups.
BillBill,
Yes, there is a way to do this:
1. create groups by the supplier so that they are separate groups - they get a default workspace etc..
2. create the workspace of reference and add all the information you need to get the provider.
3 Add the GROUP for each provider to the workspace of reference - by ensuring that they are only spectators.This will allow users to see the reference space, but you won't see their group - none of the others - in the list of participants of the workspace. As they are spectators Thare is no chan that they can change a file and have their identity displayed by accident.
Phil
-
Display both internal users and external v5.0
Hello
I have an evironment of configuration using view 5 for internal users using PCOIP (about 500). I want to enable some of these users access to a virtual computer from outside the workplace. Currently I only use 1 connection to the server. I can use this connection to the server to enable PCOIP internal and external / RDP connections or I need to connect 2 servers, one for internal and an external? I'm just trying to understand how it fits into the picture, I intend on using a security server. If explained elsewhere then please point me to it, but I tried to search.
Thank you.
Depends on how they access, most of the cases you need an another view connection to the server that is configured for PCoIP tunneling and external URL is what your users will connect from the outside.
Its really easy to install, install another (choose the replica), highlight the original, then you configure the settings above and you're done.
Linjo
-
TMac new user: I installed lighthouse to my Admin profile and see no light in my user profile. It's a new stand-alone Mac computer. How do I enter other profiles on this PC (Mac) Headlight?
Thanks Ned,.
This is new for me. The name is LightRoom.
I found the solution: install in each profile using the same numbers of activation. Seems OK now. Thanks again.
-
Potential new user - several work stations and external hard drive
Hello
I am considering the purchase of Lightroom, but wanted to run my script by the group to see if it works for me.
I have a desktop at home and at work, in addition to a laptop that I use when the place. The laptop is only used to unload the memory cards and do organize basic, not image processing.
At home, I have a database of image (XnView) that I use to organize my files, and then go to the bridge to convert my RAW TIF files. When I did work on my images, I use Beyond Compare to synchronize my internal image with an external drive. Outside we're going with me both as a backup, but that allows me to do more editing on my schedule for dinner. Any changes to the work is then synchronized to the internal drive to the House.
At home, the internal drive is designated as H (I use Windows) while the outside is the G drive. At work, when I plug the external hard drive, I put to come as the H drive. In this way, the files of database for XnView, residing on both internal and external, discs are loaded and XnView is none the wiser. OK, so that was a long introduction to my questions...
First of all, if I use Lightroom, can I use it on multiple computers as long as I use it never simultaneously on more than one?
Second, if I save the catalog on the internal H drive home, and then synchronize on the external drive, Lightroom to work just start and play these files of database unconscious because it is now an external hard drive?
Third, Lightroom has a built-in synchronization feature to do this, or I would continue using Beyond Compare to synchronize the two disks until I run Lightroom?
Thank you!
Mark
Just to add. I use LR on two machines (sometimes three), there is no problem with the license, there is no activation and LR is designed for the Pro who obviously needs to be mobile. The images in the catalogue are on an external drive. These are also saved on my studio machine. The catalogue is also on the disk external and also duplicated on both computers. and saved on separate hard drives.
I work from the catalog on disk external when working on the top of the Tower in the studio, or as appropriate on machines borrowed in the field. Some would say that a catalog runs slower on an external drive. While the construction of previews, recording of the xmp data (or in my case direct to DNG) and import are a little slower with the help of an external drive, there is not slowing the work of real treatment.
It means that I have a general catalogue of all my images which is always up to date. It works very well without any problems.
-
CUPS, Jabber IM for iPhone, Mobile and external access
Hello world
How do you provide external secure access for email Instant Jabber for iPhone client and the Cisco Mobile customer on an iPhone?
There are so-called security SSL for Jabber Instant Messaging, but is unable to find all the information on how. The Cisco Mobile client appears to the needs of the AnyConnect VPN client and encourage users to connect via VPN, first...
After a bit of bumping into a wall your head wondering why there was no documentation for external access to Cisco Jabber for iPhone, I realized that Cisco Jabber IM for iPhone is an entirely different product and Jabber for iPhone seems to be the new name of Cisco Mobile customers. Yet, the only documentation I can find for the Jabber Instant Messaging is that I can "security by using the Secure Sockets Layer (SSL) encryption" but no information on implimenting it with CUPS.
On top of that, the Jabber IM for iPhone can not make calls but rather calls Cisco Mobile, which raises the question of providing external access to this too, and the only solution I've ever found is to use the AnyConnect VPN client on the device also. Suddenly, it seems to offer a solution of Cisco Unified Communications on an iPhone, I need three different and is applications is no longer quite as unified.
Thank you
Mark
Conclusions you drew on the product names are correct. They are transitioning to Jabber like a brand name, but it did not in the iOS VoIP client yet. The most recent Cisco Jabber for Android is the first to include Secure Connect (remote access protected or ensure access transparent, aka). The BU seems characteristic knocking out on a single platform and then replicating them on others before moving on to the next batch of features. I don't have a specific timetable to share but expect customers to iOS updated in the coming months with Secure Connect.
With regard to the separate clients: I can see both sides of this room. The more I use them more, I agree with the decision to keep them separated and cross-launch when necessary. If you think it is consistent with the way the user interacts already with their phone: voice and texting are two separate applications. I suspect that the developers also get some benefits by keeping things more targeted (e.g. less than test whenever they change something). The only downside to this approach is that each app consumes its own tunnel AnyConnect on the SAA.
-
I am a first time user to windows 7 Professional and need to learn how to access files that are connected to the computer by an external flash drive or an external hard drive.
External or external flash drives hard drives can be connected to windows 8 computers or windows xp to view the files, but when then identical external or external flash drives hard drives are connected to two computers with windows 7 Professional there are settings automatically don ot all access to the external hard drive or flash drive external files.
When the computer display, it displays the external hard drive.
When I left click top produces a pop up with the title bar: location is not available
Content: H: | is not accessible.
Access is denied.
When I right click on the hard drive and then click the Security tab, it displays:
Name of the object: H: |
To continue, you must be an administrative user with permission to view this object's security properties.
Do you want to continue?
Then I clicked on continue and it displays:
Owner
You do not have permission to view this object's security properties. To view its security properties, you can try to take possession of the object. As owner, you can also control who gets the permissions on the object. Please note that once you take possession, the previous owner may not have access to the object.
To try to take possession of the object, select an account from the list, and then click OK.
Name of the object: H: |
Current owner: unable to display current owner.
Change in ownership to:
the two choices are my name or administrators
I then chose an and apply and ok and it did not work.
I then chose the other and apply and ok and it did not work.
Then I clicked on other users or groups and entered everyone and that no longer works.
I am the only user of this computer brand new.
When I click on accounts Panel then user control and security for the family and then user accounts, it displays my name as administrator password.
What are the steps that I can buy an external hard drive or buy a flash drive or use the ones I already have and use them with this computer which has windows 7 Professional?
How is the switch of the property did not work?
I went back to safety again and this time stayed at the bottom for special permissions or advanced settings.
And yet when I kept getting location is not available
H:\ is not accessible.
Access is denied.
How do change you windows 7 Professional so that you can have access to your own files on an external hard drive or an external flash drive.
Please list the steps.
Thank you
This problem has been resolved in collaboration with support of higher HP for Z book 17 mobile workstation.
Steps:
(1) determines that it is not NTFS problem
(2) using the MSCONFIG the problem has been isolated to a single service
When this service has been disabled and after reboot, the problem of access to the files is resolved.
Results: HP had installed software on the HP Z book 17 laptop or mobile workstation which, by default, block communication with external hard drives and flash drives external.
This HP Client Security software replaces or blocks all right click changes settings become apparent. It blocks the change of ownership. It blocks the administrator privileges. It blocks all is used.
The HP Client Security software has been changed and changed to deny privileges (default setting) to allow the communication with external drives. When you go into the setting for this software, it is now a humming noise and maybe I need to download the drivers and software again to see if this problem is also corrected.
Thanks for your comments. I spent a lot of time on this and didn't understand why all right-click methods had failed. The default software setting HP deny had trumped right click all changes.
-
External user followed in Captivate first
If I understand correctly, there are some limitations to the use of external user accounts (self-registration of service too), when it comes to monitoring the progress and performance of users in the LMS.
As we work with elderly test subjects that might not be very technologically inclined, we would prefer to sign upward and as easy as possible, and if the Adobe ID is simply not ideal.
Is there an alternative?
Hi Thomas,
With external user Adobe ID is not necessary. Simply send the registration of external users link to the user where it will ask you to register itself. User can use any email ID (his personal e-mail ID) to register for this external group and you will see increased County on your side of seat.
After registering, the user will be directed to the home page of the learner. Later user needs to use the external link and the registered e-mail ID and password to connect.
Kind regards
MILIN
-
Creation of authenticated external users
Greetings,
Recently, we migrated our security team for Windows XP to Windows 7. With this upgrade, they were forced to stop using the java Oracle 9i Enterprise Manager to manage security and users of the database. I was able to find the point of view--> DBA Oracle SQL Developer tab which allows to CREATE AS, CREATE, etc., but under the CREATE USER, I don't see anywhere where the tool helps one user other than a normal database account authenticated. We have a few key where we create authenticated externally (EXTERNAL) users and databases is simply not an option. Is this feature anywhere in the tool?
Thank you
Bradd
I have connected it to be addressed in a future version.
In the meantime, you can:
- create a snippet of code to perform this operation
- Use the existing dialog box and copy the SQL in the spreadsheet and edit/run away
-
"Direct connection to the desktop" and external clients
Hi all
I'm doing a View 4 u1 installation with a connection to the server and a security server. I just want to confirm with the setting to view administrator, check box "direct connection on the desktop.
I find that if I check it, then external clients of internet do not work - can see the office pools, but at launch, the customer will see appear in the taskbar, disappear. When I uncheck, all external clients work very well.
my understanding is that this check box determines whether RDP traffic will be dug by the connection to the server or it will go straigh from the clients to view offices. I though that this setting affects only internal clients. I don't see how it affects external clients that connect through the Security server.
When you look at 'netstat' of external clients, trying to run the office, I can see the threshold to appear when the customer view disappears, it will also disappear. Looks like when the box is check (direct connection), the client view external attempts to establish the RDP directly on desktop computers, apparently, it won't work. So, how can a direct connection for internal clients only?
TCP 192.168.20.2:56473 winxp - 04:ms - wbt-Server SYN_SENT
any ideas?
Thank you
Ming
In our environment, we have our external users (Security Server) use a broker who has direct connect disabled while internal users use a different set of brokers that are defined to use direct connect.
If you have found this device or any other useful post please consider the use of buttons useful/correct to award points
-
E.M.P. Provisioning when using an external user directory
I intend to use an external user directory, probably MSAD.
Now I understand supply is done in the native directory. How can I get the users that exist in the directory of the external user is displayed in the native directory OR how do I do for the provisioning of users that exist in the directory of the external user?EssbaseApprentice wrote:
According to the documentation, only native directory users can be assigned to the supply. However, I seem to be able to right click on a user under MSAD and > it provision.You can configure AD users just as native users, so do the same thing you did with native users.
See you soon
John
http://John-Goodwin.blogspot.com/ -
Configuration of external user MSAD directory
Hello
I try to configure the external user MSAD Hyperion Shared Services 9.3.1 directory and got to succeed. After restarting the services, I'm not able to find the MSAD directory in the users directories and show as below
Order of directory name search Type directory
1 NATIVE native directory
MSADDIR not used MSAD
When I try to test the connection it shows successful.
Can someone help me on this.
Any help would be greatly appreciated.
Concerning
PrakashVDid you follow the process that I gave the link to?
See you soon
John
http://John-Goodwin.blogspot.com/ -
This line where you can see your bookmarks and stuff are gone... ! How can I get that back?
my laptop is 93.1% full so its quite slow work... I was on a website and I tried to click right (I needed to copy something) and the computer was slow, it didn't work. (already happened). so I tried a few times right click and before I new it this line where you can see your bookmarks (and other stuff) had disappeared. ! I tried right click again to see if I could get back, but it did not work. then I tried to turn off the computer and it still does not work. How can I get that back? and if I get it back, all my favorites will be gone?
Versions of Firefox 3.6 + have a feature to allow the user to hide the Menu bar.
Press the Alt key to temporarily show the Menu bar, then open view > toolbars and select menu bar, so it has a check mark.
The F10 can also be used on most PCs to temporarily reveal the menu bar.
Maybe you are looking for
-
Hello I have a similar problem on an issue which was published in 2009 and who was never apparently resolved. I have installed the latest updates 'critiques' to my computer that runs vista standard 32-bit and initially things seemed to work, although
-
Water inside my z2... impermeable to water?
Everyone has water inside their z2... Who is supposed to be waterproof? Yes, each cover has been properly sealed.
-
Symbol of staircase blackBerry Smartphones
Hello people I have a strange symbol on my BB whenever I have made or get a phone call, it looks like a blue staircase with a black background. He began to appear last week. Anyone know what it is? Thank you and best regards, Márcio Souza
-
I already called pay to make it clear that I don't want to continue this subscription.Please delete my account is it you please, since it seems that we can't do it yourself. In addition, on may not even respond to emails that you send. Adobe don't li
-
Digital Signature error message
I use Windows 7 64 bit, Adobe Acrobat XI and imported my certificate of personal digital signature and certificate signing authority. They show in the preferences, but mine has a yellow triangle with an exclamation point in front of her. When I try t