Selection rule for the 5.2 Cisco ACS Service

Hello dear,

I'm trying to configure the Cisco ACS 5.2 to Dot1x of authentication for clients on windows 7 & windows XP, I did all the steps but I could not create Service rule, it gives me an error message that you can see in the attached screenshot.

After that I specify the allowed protocols it gives me the choice to choose the choice of identity and the is ' t it give me this error.

your help is very appreciated.

Kind regards

Ibrahim

Try another browser like Hussam suggested and let us know the results.

I updated FireFox to 15.0.1 and now I am not able to manipulate many parameters with ACS 5.3
Version of this browser is extremely stupid with ACS 5.x, but it shows not all message boxes. It just does not display the page when you click on the link.

If different browsers show the same question, I would say that you restart the machine (physical or virtual) completely and try again.

It is also best to upgrade to the latest patch, if this is not already the case.

Greetings,

Amjad

Rating of useful answers is more useful to say "thank you".

Tags: Cisco Security

Similar Questions

Available rules for the transformation of the URL in the cartridge 5.9.6 Java

Dear all,

We have recently improved our cartridge java Java EE 5.8.3 to servers-Java version 5.9.6 Appliction. We are aware that the 5.9.6 version got some default rules for the transformation of the URL. But as we have upgraded, we are not able to find these rules. Please let us know the default rules available for the transformation of the URL.

Thanks in advance.

Kind regards

Red Amandine

Hello

Check if this link under edocs help.

[See:edocs.quest.com/.../frameset.htm]

Best regards

Golan

How to create the user account of readonly for all devices to CISCO ACS?

Elements of strategy > ... > Authorization and permissions > The peripheral Administration > Shell profiles > Edit: 'ReadOnly '.

I tried all levels of privilege, but I am unable to connect to the "asdm" with only the privilege to read.

so, can someone help me?

I'm not an expert on all devices, but I can tell you that while you can use a name of user and password to access all devices, you can't have a "generic" set of rules. AAA services operate different based on the model/platform. For example, ASAs, WLCs and Nexus devices are completely different compared to the standard IOS routers and switches. For this this situation (ASDM read-only), you must check for this useful post:

https://supportforums.Cisco.com/message/853437

Thanks for the note!

Renew the certificate in Cisco ACS for PEAP authentication

Hi, we installed in laptops wireless customer a certificate created by Cisco ACS to authenticate, but its about to expire.

How can I do to renew the certificate whithout affecting users.

(1) Yes, we can generate a new cert but install the latter.

(2) install generated new cert on the client.

(3) install the new cert in ACS.

Good plan and will probably work.

Kind regards

~ JG

Note the useful messages

Register with different versions of the CSA to Cisco ACS primary

Hello, I updated a backup unit of two ACS to the 5.4.0.46.0a version first I changed it to standalone, and now I'm trying to save for the main CSA that is running the 5.1.0.44.2 version

And I get this error

This failure has occurred: com.cisco.nm.acs.im.certificate.Certificate; incompatible local class: stream classdesc serialVersionUID = 8507982043664257993, local class serialVersionUID = 1927357986028617243. Your changes have not been saved. Click OK to return to the list page.

What can I do to solve it?

Kind regards

The primary and the secondary must be run on the same code.

Jatin kone
-Does the rate of useful messages-

With the help of Cisco ACS 5.2 (GANYMEDE +) with other than Cisco devices

Hi all

I was hoping that someone could help me with what might be a silly question. I'm trying to implement a solution whereby an operator can control all their nodes (other than Cisco) network via GANYMEDE + involved nodes are

Juniper M10i running Junos 9.2, M120

M320 running Junos 8.5 Juniper

Extremes of BD8810 and BD8806 running 12.4.1.17 XOS

3804 Alpine extreme Extremeware 7.8.3.5 running

My question is, can I use Cisco ACS 5.2 (or 4.2) to authenticate using GANYMEDE + to these other than Cisco devices. Has anyone else done this or I have to use RADIUS? If someone has done this are problems of interoperability with Cisco CS and Junos or XOS extreme. Thank you

/ John

John,

We have a very large deployment of Juniper (T-series, series MX, etc.). We use Cisco ACS and GANYMEDE to manage these devices. The configuration of the ACS is fairly simple. You'll want to create users to connect and match them to the classes on your JUNOS routers. Here is an example:

set system login user uid of engineering 2000
Set system login user engineering genius-class class
set the connection user uid to NOC 2001 System
Set system login user AC AC-class class

define the system connection Engineering-class idle-timeout 15
define a connection system class engineering-class permissions all
define the system connection AC-class idle-timeout 15
define the connection class AC system class view permissions
Set connection AC-class permissions see the system configuration

We use two classes of genius and NOC. One is defined as a read / write and the second read-only. This is in turn then mapped in ACS (in our case version 4.2) by user or group (preferred). First, you change the configuration of the interface and add a Ganymede junos-exec service and do not enter the Protocol field. Then, you change the attributes of the user group. I've attached screenshots for both on this subject.

Hope this helps.

Derek

The upgrade to Cisco ACS SE and Remote Agent

Hello

Currently we are upgrading the PDC to Windows Server 2008, Standard Edition R2.

I am little confused with information available for upgrade scenarios. Appearing on the current working versions.

Cisco ACS SE - version 4.1 Build 23 5 Patch 1

Cisco ACS Remote Agent version 4.2 (0.124)

The new operating system will work on 64-bit, I think that the current ACE SE and the remote agent can / must be upgraded.

My existing versions, give the possible scenarios of upgrade available for me. After that upgraded SE and Remote Agent should work for the 64 bit OS.

Thanks in advance!

Yes, it is not possible to upgrade the ACS ACS 5.2 existing to level 4.1. They are two different boxes run on a different platform.

Unfortunately ACS 4.x does not support windows 2008 r2.

5.2 ACS is the only option left, and you will need to buy a new box of seprate with the new licnese for this.

Concerning

Bellefroid

Note the useful messages

How to restore the password on Cisco ACS 5.4

Hello!

Try to restore the Cisco ACS 5.4 password installed on vmware. Where can I get the password recovery DVDs? There is no software in the list on the site.

TAC may provide to you. You will need to open a folder and the application.

HTH

How can I disable the encryption Cipher Block Chaining (CBC) for the server SSH on ACS 5.5.0.46?

Hi, a security audit found that the server SSH on our 5.5.0.46 ACS service is configured to support encryption of the network (CBC, Cipher Block Chaining) load balancing. This may allow a recovery attackerto the message plaintext to the ciphertext.

The Adviser is to enable the encryption mode cipher CTR or GCM - how is this possible? Is this something that you can run the command line?

Thank you.

Unfortunately at this time there is not a supported method to disable this option on ACS.

This issue is addressed by:

CSCup58251 Assessment Cisco Secure ACS CVE-2008-5161

https://Tools.Cisco.com/bugsearch/bug/CSCup58251/?reffering_site=dumpcr

All versions of the ACS are affected.

This vulnerability is fixed at 5.7 ACS version which should be published between mid and end of may 2015

Tariq

Announcement for the external database - Secure ACS 5.2 or LDAP

I'm working on the project with Secure ACS 5.2. I'm trying to determine the external database appropriate to use. LDAP or directly to the AD?

In addition, the field in which I connect to a several subdomains. All users are currently in the subdomains, but will move to the root domain later. How do I set up the connection, I have to connect to each subdomain or can I connect just to the root?

Thank you

Hello

If you are using PEAP (mschapv2) [password based authentication] your best bet is to tie ACS to AD, because PEAP-mschapv2 is a hash mechanism that is only supported when you bind to AD, it will not work if you use the ldap integration.

Your best option is to connect ACS for the root domain, so he can use the transitive trust relationships to find the information in its subdomains.

Thank you

Tarik Admani
* Please note the useful messages *.

How to create a parameterized report - select "- ALL -" for the Department and manager does not.

I downloaded the app OEHR sample of objects and followed the steps in Oracle® Application Express Advanced Tutorials
Version 3.2.

The report and the settings seem to work fine except when I get 'everything' for service or manager I get no corresponding success.

What is the way most effective to get 'everything' if the user selects all for dept and mgr - so we would like to return all records in the table.

Snipprt region

Enter search

Search used
Dept
Mgr

Here is the sql code that was provided as part of the turitoral.

SELECT

'OEHR_EMPLOYEES '. "" EMPLOYE_ID ""EMPLOYE_ID"

'OEHR_EMPLOYEES '. "" NAME ""FIRST NAME",

'OEHR_EMPLOYEES '. "" LAST_NAME ""NAME,"

'OEHR_EMPLOYEES '. "" ""E-MAIL. "

'OEHR_EMPLOYEES '. "' PHONE_NUMBER '"PHONE_NUMBER. "

'OEHR_EMPLOYEES '. "' HIRE_DATE ' 'HIRE_DATE ',.

'OEHR_EMPLOYEES '. "" JOB_ID ' "JOB_ID,

'OEHR_EMPLOYEES '. "" TREATMENT ""TREATMENT. "

'OEHR_EMPLOYEES '. "" COMMISSION_PCT ""COMMISSION_PCT. "

'OEHR_EMPLOYEES '. "" MANAGER_ID ""MANAGER_ID. "

'OEHR_EMPLOYEES '. "" DEPARTMENT_ID ""DEPARTMENT_ID ".

"#OWNER # '." OEHR_EMPLOYEES' 'OEHR_EMPLOYEES '.

WHERE

(lower (first_name) like '%' | lower(:P1_NAME) |) '%' OR

Lower (last_name) like '% "| Lower(:P1_NAME) | '%')

AND department_id = decode(:P1_DEPT,'%null%',department_id,:P1_DEPT)

AND manager_id = decode(:P1_MGR,'%null%',manager_id,:P1_MGR)

Hello

Use this...

SELECT

'OEHR_EMPLOYEES '. "" EMPLOYE_ID ""EMPLOYE_ID"

'OEHR_EMPLOYEES '. "" NAME ""FIRST NAME",

'OEHR_EMPLOYEES '. "" LAST_NAME ""NAME,"

'OEHR_EMPLOYEES '. "" ""E-MAIL. "

'OEHR_EMPLOYEES '. "' PHONE_NUMBER '"PHONE_NUMBER. "

'OEHR_EMPLOYEES '. "' HIRE_DATE ' 'HIRE_DATE ',.

'OEHR_EMPLOYEES '. "" JOB_ID ' "JOB_ID,

'OEHR_EMPLOYEES '. "" TREATMENT ""TREATMENT. "

'OEHR_EMPLOYEES '. "" COMMISSION_PCT ""COMMISSION_PCT. "

'OEHR_EMPLOYEES '. "" MANAGER_ID ""MANAGER_ID. "

'OEHR_EMPLOYEES '. "" DEPARTMENT_ID ""DEPARTMENT_ID ".

"#OWNER # '." OEHR_EMPLOYEES' 'OEHR_EMPLOYEES '.

WHERE

(: P1_NAME IS NULL OR)

(: P1_NAME IS NOT NULL AND)

(

(lower (first_name) like '%' | lower(:P1_NAME) |) '%') OR

(lower (last_name) like '%' | lower(:P1_NAME) |) '%')

)

) AND

(: P1_DEPT IS NULL or department_id =: P1_DEPT) AND

(: P1_MGR IS NULL or manager_id =: P1_MGR)

Exception while trying to get the selected value for the choice of SelectOne in ADF Mobile

I added the following code after arriving through this post https://forums.oracle.com/thread/2536419
DCBindingContainer dcBindings = (DCBindingContainer) BindingContext.getCurrent () .getCurrentBindingsEntry ();
DCIteratorBinding iterBind = (DCIteratorBinding) dcBindings.get ("facilitySelectItems");
Attribute String = (String) iterBind.getCurrentRow () .getAttribute (0);
But Jdeveloper complained class BindingContext wasn't available and I get the jar file adfm.jar has not been added to the project. I added it manually the path C:\JDeveloper11r24\oracle_common\modules\oracle.adf.model_11.1.1\adfm.jar. Once I've deployed code on an android emulator, I get the below error. Can someone please?
07-25 13:18:03.812: D/CordovaLog (869): [SEVERE - oracle.adfmf.framework - adf.mf.internal - logError] request: {classname: oracle.adfmf.framework.api.Model; method: evaluateMethodExpression; params: [0: #{pageFlowScope.IBCMSearchBean.getSearchParams}] [1:] [2: {}] [3:] ;} exception: {message: oracle/adf/model/binding/DCBindingContainer (unsupported major.minor version 50.0); the severity: ERROR; .Guy: oracle.adfmf.framework.exception.AdfException; .exception: true ;}}}
The version of the compiler maximum the JDev shows that 1.4. And I'm using version 11.1.2.4.0 for JDeveloper. The JDK version is 1.6.0_24.

Sorry I missed the question!

First of all, to get the value of selectedItem in selectOneChoice do not have another function in the domain controller. Here is an excellent article by Frank that explains this. Or you can use the below function to get the selected value immediately. Here the market is the value of selectOneChoice attribute. I wasn't aware of this method until you have read this article.

{} public void getAndSetMarketValue (market of the object)

ValueExpression ve = (ValueExpression) AdfmfJavaUtilities.getValueExpression ("#{bindings.marketSelectItems}", Object.class);

AmxAttributeBinding attrBinding = (AmxAttributeBinding) ve.getValue (AdfmfJavaUtilities.getAdfELContext ());

access the iterator that populates the list of values in

the selectManyChoice component

AmxIteratorBinding amxListIterator = attrBinding.getIteratorBinding ();

the AmxIteratorBinding is a wrapper for the BasicIterator

iterator which sets out the information we need

ListIterator BasicIterator = amxListIterator.getIterator ();

for each index value, query the name of the service (you can

access and attribute from the line) to display

SelectedValue = string

(String) listIterator.getAttributeValueAtIndex (((New Integer ((String) market))) .intValue (), "Value");

}

Second, you can use #{row} in commandLink's action since it is something that is evaluated when the user clicks on the link and we do not have access to #{line} after that the entire component is rendered. To remedy this give an action for the commandlink which is a function in the bean and the function of bean back to the action of the link selected.

ListOfReports.amx

.......

.......

LoginBean.java

......

public String returnClickValue() {}

Option of string = AdfmfJavaUtilities.evaluateELExpression("#{viewScope.selectedItem}").toString ();

return option;

}

......

Force evaluation of the rules for the non-existent entities and unknown attributes...
Hi all

I have another issue potentially easy for the gurus of the OPA in this forum - there must be a simple explanation to this question but I'm just not see it.

The problem that I am having with several of my rules, it's that the conclusion is not evaluated due to the non-existent entity instances or unknown entity attributes. As an example of the first scenario, I have a rule that checks for the existence of an instance of an entity with a type and status. The conclusion is evaluated as if there is at least an instance of this entity, otherwise, the conclusion remains unknown.

Similarly, I wrote an equation to annualize all its (financial) obligations in a case, where the frequency of the obligation can be weekly, fortnightly, monthly, etc.. I created an attribute for each type of frequency, which are then added to the equation. The issue in this example, is that the equation does not conclude if there is not a value for each attribute in the equation. For example, if:

assign 1 = A + B + C

where A = 1, B = 2 and C is unknown, does not examine the attribute from 1 to 3, but will remain unknown. Logically, I expect that the lack of a digital defaults to 0, and rather unknown attribute value, but this is not the case.

I looked at the 'Certain and known operator rule examples' help topic to try to understand how assign a value to an unknown attribute, but the example at the bottom of the topic page does not provide a sufficient explanation as to how the logic:

point of the total team = team 1 round points + points of the round 2 team + team of turn 3 points

the team of the round 1 points = 0 if
Round 1 team points (such as recorded by the team) is unknown

the team from round 2 points = 0 if
etc.

It seems from the example that there are 2 attributes used to the same variable: [team of the Tower, 1 points] and [team of the round 1 points (such as recorded by the team)]. It is not clear to me how the original equation can be concluded if the values are stored in the alternate attribute [points of the round 1 team (such as recorded by the team)] etc.

I have also considered using fragments of rule by the help topic "Prove an attribute using multiple rules", while I could use two equations separated to set the value of an attribute according to the circumstances, that is to say:

assign 1 = A + B + C

1 = 0 if attribute
attribute 1 is unknown

This attempt results in a logic loop error, probably because I am trying to set the value of an attribute based on the same attribute value.

Any help will be greatly appreciated!
Philippe
Hi Philippe,.

I suggest the following way to solve this problem, although there are other ways too.
You can use a table of rules for it.

Open a Working Document, and then press 'Alt + Z' created a rules table.

Use the following rule: -.
Keep the text in bold in the left-hand column and the text in italics as a condition for the title in the right column. Use a correct indentation during the compilation of the rules.

-------------------------------------------
Attribute 1
-------------------------------------------
*0*     any
A is unknown or

Uncertain East
and
any
B is unknown or
B is uncertain
and
any
C is unknown or
C is uncertain
----------------------------------------------
Has any
B is unknown or
B is uncertain
and
any
C is unknown or
C is uncertain
----------------------------------------------
A + B C is unknown or
C is uncertain
-----------------------------------------------
A+B+C in the opposite case

Thank you
Sofiane

Take into account the selected color for the entire application

Hi all
I use 11.1.7.
and my new requirement is "if I select all color(ex: blue) it will reflect all of the application.". "once more I select Green reflect the entire application with the green. How can achieve. Please help me.
Thanks and regards

Hello

What technology do you use? ADF Faces? You use the count? When the click on the button set a variable scope/bean. On the next page, set the af inlineStyle: document with scope/bean variable that you define in the login page.

ex:

inlineStyle = "background-color: #{pageFlowScope.bgcolor};'"

Arun-

Is there as a resource for a list of parameters available for the Windows Vista Edition accounts service Home Premium x 64?

Original title: suggested settings for the service accounts for vista Home prem x 64

Is it a rsesource for a list ofs suggested settings for the service accounts vista Home prem x 64?

Hi elmjyo,

You try to interact with any server? If so, what kind of server?

You can follow this link & check if it helps.

http://answers.Microsoft.com/en-us/Windows/Forum/windows_vista-files/how-to-create-service-account-in-Vista-Home-Basic/598cd8b4-e35a-4d67-aab9-07651aa5d52c

Hope the helps of information.
Please post back and we do know.

Selection rule for the 5.2 Cisco ACS Service

Similar Questions

Maybe you are looking for