The local authorization configuration
I have our ASA of authenticating to the ACS (Ganymede +) and using authorization ACS that all works, but when the ACS server is unavailable I can log on by using local authentication but I have no right to leave. Is it possible to grant full permission rights to the local user if ACS is unavailable?
I use
ssh
AAA console ssh
Hello You should have a local user on the SAA with privilege 15 You can add a local user like this: privilege of password (config) #username 15 If this user account will have full access when your Ganymede goes down. HTH JK Please evaluate the useful messages- Tags: Cisco Security Ideas: Remember - this is a public forum so never post private information such as numbers of mail or telephone! Hi sanjeevkode, Thank you for visiting the website of Microsoft Windows Vista Community. As the question you posted typically associated with third party software / application that has its own way of program codes and call the corresponding system resources when installing and running. Therefore, I also suggest you to join the VMware Forums for the best support. VMware communities: http://communities.vmware.com/home.jspa In the meantime I suggest you try these options / methods IMPORTANT NOTE: Microsoft provides this information as a convenience to you. Proposed changes could lead to serious problems. Microsoft cannot guarantee that problems would be solved as a result of the suggestions. Changes to settings are at your own risk. Option 1: If you go to computer management, and then to the list of Services and find the VMware authorization Service, it appears as stopped? If so, you need to start Option 2: Try logging on as an administrator Local host during installation first workstation, rather than you connect with a domain ID Option 3: The question can be caused also by your security program such an antivirus or a firewall of Windows /Defender that can have conflicting parameters as to not not to perform certain tasks. I suggest you temporary disable antivirus and firewall and check the result again. You must enable security programs new that had disabled you Option 4: The problem could be linked to a local or domain group policy. Make sure that the local account is defined as 'local user __vmware_user__' in the local Administrators group and the permissions of "Log on locally" and "Log on as a service. The two parameters are available in the "* Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment *" branch of domain group policy or local. Let me know if it worked. Thank you and best regards, [If this post can help solve your problem, please click the 'Mark as answer' or 'Useful' at the top of this message.] [Marking a post as answer, or relatively useful, you help others find the answer more quickly.] Original title: Octashape streaming system Hello A dialog box appears on my screen: What should I do? And if this does not work between the firewall what is the solution? Thank you! [Moved from the community centre of Participation] You seem to have installed a useless program, Octoshape. http://www.bing.com/search?q=Octoshape You should be able to remove it from programs and features (or the list of installed programs, depending on your version of Windows.) Don Hello Today, I have the different situation: Sequence: We have 25 systems in the field with 2 links from different suppliers and working with BIO metric access. Suddenly admin changed the router's IP and network IPs to switch different range when he requested the change IPs newly given according to IP configured in router and switch. 5 systems I changed the static IP in all systems through the local administrator and tried to connect by using access biometric .i found only 10 systems took the static IP and the rest of the systems did not the. I tried thanks to rinse / renew / other commands and methods varied, but he was not taken at last I checked ipconfig and found that the ststus autoconfiguration IP service: 192.164.152.58 such as that not given earlier. After changing in ok and properties ipv4. So again see properties ipv4 value if you change the different value, but ipconfig shows that I never gave other PIS .NO updates are installed in the system. I know is questions. Note *: when using images of backup IP address is accepted and works fine How to configure and use the local storage dirve and usb My company bought a server DMM cisco as well as 10 players of 4310 g dmp. I tried to work on mine here to get it all working. Let me expose what we would do first before to get into the details. The cental DMM will it play any content and be used to create and manage the content here at company wehre I am. However my boss wants to send dmp individual players (4310 g) out to our factories across the country. He wants me to be able to creat content or allow a person managing the exact address to edit the content and then push the content from the server DMM to corporate local DPM record either on local storage or attached thumb order. I guess my questions on what are the following. (1) is it necessary to push the content locally for playback? Willingness to play the content of our dmm on the wan to do lots of traffic? Presentations could be as simple as a welcome page based presentation playing images video and flash. (2) based on local content would be a wise decision I'll have to see exactly how this is done poorly. In the settings of the dmp, I see the setting of local storage and turned it on and set to read/write. In regard to the command of thumb gose exactly how I implement that so that DPM can see? I plug to the back of the drive, and it seems that it is active but the management console of the player I don't see anyway to actaully see if she knows the USB. (3) how will push the content for local storage and control of the DMM thumb? It looks like I can send things to the storage internal if package transfer and or advanced/DPM deployment tasks or server file. What exactly is the difference between these two? (4) Lastly how I actually play the local content of the dmp? Can I set this up on a schedule of the dmm just like I would if he played the local dmm? I searched through the documentation, but I have not found any good docs who are clear to actually how to do these things. So, any help would be appreciated. Thanks in advance. gec5741 Hi Glen, Here are the answers to your questions It is not required to push the content locally, you can also play the DMM directly. The main advantage of playing on the spot, is that you can transfer the videos several hours or days before the presentation begins to be played if you deploy content off hours and then, when he's ready to start playing the new presentation. If you play directly the content of the DMM, the content will be transferred at the time of the DMP starts playback. This may fail if the WAN link is saturated at that time here. You don't need to do anything to enable USB storage, simply plug it in. To confirm that the DMP is able to see it properly, the simplest way is to connect to the DPM via FTP and confirm that he has a «usb_2» directory This "usb_2" directory, where is the USB drive is mapped. The task of "File transfer" will just do this, transfer a file to the DMP. The deployment package is smarter and will transfer all the contents of a presentation and organize them in a structure that can be used to read the content locally. You should always use the deployment package. Yes, she may be scheduled as any other presentation. I suggest you have a look at the link below. He explains the steps required to configure the deployment package and read the content deployed with it. I hope everything is clear now, but if you have any questions, let me know. I'll try to answer. Daniel I use a pc at home on my wireless router which is password protected. Under the local security policy, if enable password to access interactive domain requirement, what happens? [Activate: interactive logon: requires authorization by domain controller...] I block someone tries to access my pc via a domain or I will block my access? I use windows 8 and windows 7 HP, (different PC) Hi Laurie, Thanks for posting your query in Microsoft Community. According the information you have provided, I understand that you need information about the interactive logon to the local security for the domain policy. I will certainly give you with this information. Logon information must be provided to unlock a locked computer. For domain accounts, this security setting determines whether a domain controller must be contacted to unlock a computer. If this setting is disabled, a user can open the computer using cached credentials. If this setting is enabled, a domain controller must authenticate the domain account used to unlock the computer. If you face problems more when working with Windows Mail on the Microsoft Community Forum. I shared my wireless network connection to my laptop with my Tower and I tried to change some things static ip and now my turn gets no internet at all. Here is my ip config for my laptop
Ethernet has no default gateway so he does not know where to look for information. Its IP address indicates he can't get an IP address to the router, or the external DHCP/DNS servers. Go to network & share > change adapter settings > Ethernet > properties >... Enter the IP Address of the gateway by default even in wifi. ESXi 5.1 configured as a NTP server, do not sync with the Local PC I have a 5.1 ESXi server configured as an NTP server and a Windows Server 2008 R2 local PC that are not sync. I understand well, it is not recommended for ESXi, but I read [1] [2] that, whenever an ESXi server is running as a client, it also acts as a server, so I enabled as a NTP client in vSphere by ticking the NTP client, adding some servers to the server list, and then click on run, and I also activated the 123 incoming/outgoing port by adding the shell of ESXi firewall settings. I'm pretty sure it isn't a firewall problem. I completely disabled the firewall on my local PC. Running "w32tm keyboardists computers: - IP address of the server -" give me the time of the server and running the software NTPQuery gives me an answer back on port 123 of the server time. I tried: - Date/time settings (right-click on notification area-> set date/time-> Internet time-> set as the IP address of the server) - sync fails (* an error has occurred while Windows timed with - server IP-*) - Group Policy Editor (Computer Configuration\Administrative Templates administration\systeme\service Time Service, currently disabled but because I heard this causes problems) - synchronization fails - The registry editor (HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\settings) - synchronization fails - Command prompt, using: This updates the registry properly, but the outputs "the computer did not resync because no time data was available." And when I use the command "w32tm/query/source" the source is always "The local CMOS clock." Here is the output from w32tm/query /configuration Any ideas? Thanks in advance. Your ESXi server response shows that the leap indicator is 3 and the server stratum is 0. This means that ESXi NTP server is synchronized and unable to provide a valid reference time to customers. We recommend that you configure your ESXi host with valid upstream NTP servers such as: as described in the KB article or alternatively your internet service provider NTP servers. Although not recommended, you can configure ESXi to allow a reference time by using the own system clock If you can not configure ESXi to synchronize to external NTP servers upstream. UI, tab Configuration, using software (time setting), properties, Options, and NTP settings. Specify "127.127.1.0" as your single NTP server. Don't forget to check the box "restart NTP service to apply the changes. then click OK twice to close the dialog boxes. Wait a few minutes for NTP sync, then try your test. According to RFC 4330, NTP-SNTP (Simple) customers must not use time in a package of NTP response if the stratum returned is 0 (and the leap indicator is 3). Apparently, your client Windows NTP Simple is more the RFC. Steps to install and configure Node Manager on the local machine and remote Hello Sanjay Basically if I understand your question, you have A machine where you had installed ""(permet de supposer admin serveur) and "VAS_MS1_A VAS_ADM_A" (lets assume the managed server.» And on the second machine B you want to create a managed server 'VAS_MS2_B' which must be controlled by node manager, so that you can start console, auto restart the managed server and perform other activities such as the migration of servers using nodemanager. If this is correct, this is the sequence of steps. Since you say you are on windows, I start from the principle WebLogic version 10'3 Machine has (1) install the BEA. Machine B (1) on this machine install BEA
Orders above fits machine with nodemanager. The first parameter is "domestic field", now if you see "c:\". ' directory 'VASDomains' will be created. Second parameter is nodemanager House, now if you go into nodemanager houses that some properties will be updated.
If you want more details on "nodemanager", dedicated to my 'vasweblogic.blogspot.com' blog, not a lot of messages but post nodemanager can help you. I hope that's what you're looking for, have a nice day. Naour Vijay. Is it possible to configure Windows XP to open the LOCAL instead of the REMOTE file? This is the situation: I wish Windows to open the local file previously synced in my hard drive, rather than opening the remote version, just like what happens when you work in offline mode. The reason is that I need to access the documents are big enough, and it works very quickly when I'm working offline, of course, but when I'm online, I would be able to work faster and the system should open the local version of the document, at least as long as the remote version is no different , or even if it is, it would be great to manually run synchronization but always opening the local version, thus optimising speed.
Hey Check the tips and tricks for remote desktop connection http://gegeek.com/gegeek_articles/remote_desktop_tips/remote_desktop_tips.htm See you soon! How to add the attribute authorization 4.2 GBA Dear experts, ACS, I am using 4.2 ACS to authenticate and authorize the GANYMEDE + traffic from the appliance Steelhead of Riverbed WAN Optimizers. One of the tasks of configuration is to add the attribute authorization following the 4.2 ACS. Service = {rbt-exec After reviewing all options on ACS configuration, I am at lost. I don't know where to put this attribute. Please point me in a good direction. Thank you very much! Hi Kevin - I can steer you in the right direction- This should help some of the way-this article suggests a problem where it won't give you full access, but I have not tested: http://community.riverbed.com/T5/Steelhead-appliance/TACACS-authentication-monitor-access/m-p/7417 Cannot establish connection/local authorization on 6500's I have a need to allow a small group of level-15 users temporary access to several 6500 switches (12.2 - 33 SXJ2 code execution), but do not want to provide the password secret enable that is used on the the rest of the network (over 1200 devices). I tried to eliminate the AAA using the command "no aaa new-model", but I was told that I could not remove aaa while there are active sessions, and 'local connection' appeared more as an option for the vty lines. So, I created a database of local user, called the 'support' that I used to replace the entry 'group' in sections of the authentication and authorization of our AAA config and connection on vty 0 4. [The username is given a privilege level of 15 with an individual password for authentication. (e.g. username privilege 15 password 0 xxxxx jsmith)] I changed our AAA configuration to support the local login, but could not establish a "mode" (i.e. the prompt #) with any account. I have can log on locally, but only to a normal "user mode" (i.e. > prompt). Here is the config current, modified, and sanitized for our AAA sections and line vty 0 4. Please tell me what needs for the stay, and what to go. Thank you! P.S.: for reasons of security, we want to track individual activity, so need the accounting AAA part to stay. AAA new-model I'll have to probably more information until I can provide more help but since I see in the snip-it, you have configured aaa and your AAA server is a GANYMEDE server +. If this is the case you should keep in mind the following: 1. If the authentication/authorization commands refer to the GANYMEDE group + then you will need to add a 'local' at the end of the command. This will allow local accounts to use when the AAA server is down/unavailable 2. keep in mind that local users will ONLY be used when the AAA server is down/unavailable. You cannot have a mixture of the two Question, since you have a GANYMEDE server +, why don't you just create temporary accounts directly on the server GANYMEDE + accounts vs local? You can get very granular like that and don't allow some commands on some devices, during a certain time of day, etc... I hope this helps and thank you for the rating! I can connect to the local network, but not to the internet Why in an internet connection, I can connect to the Local network, but not to the Internet. I recommend you read some threads here in the forum about similar issues. Good bye HP OfficeJet Pro 8600, connected to the local network but cannot print printer on the same local network. Work tried fixing it but all attempts fail. Firewall disabled. Printer recognizes the router's LAN. Was also pointed out that the port does not communicate, can not remove it; Cannot add another... Printer does not print. How can I fix? Hi @AnnisMonadjem, Welcome to the Forums of HP Support! I understand that you are unable to print to your printer HP Officejet Pro 8600. I'd be happy to help you and don't forget to come back to this thread and check "Accept as Solution", if I have successfully helped solve you the problem. If you want to say 'Thank you' to my effort to help, click on the "thumbs up" to give me a Kudos. When you say 'LAN', are you referring to the network or you try to share the printer on the network? How is the printer connected? (Ethernet/WiFi) If you have noticed that the port is causing problems, please download and run the print and Scan doctor, it will be probably diagnose and fix the problem you are experiencing. What were the results when you ran the Print and Scan Doctor? (she print or scan, error messages) HP has several Officejet Pro 8600 series. What is the name and the product number of your printer? How can I find my model number or product number? If the problem persists, you may encounter an IP address conflict. It's a good idea to assign the printer a static IP address outside your DHCP range. For example, some routers default DHCP is located between 192.168.0.100 to 192.168.0.200. So, I would use 192.168.0.232. To assign the static IP address, use the following steps as a guide. If the problem persists, download and run this patch rollup: resolving printing issues in Windows 7 and Windows Server 2008 R2 In addition, if you are still having problems try the steps in this guide, HP printers - "offline" Status Message printer (Windows 7). Continue on, if the problem persists. Important! Delete the temporary files and folders by using the disk cleanup utility TV Guide will not retain the local settings. There is no user.js file. How can I fix it? TV Guide will not retain the local settings. After that the closure of the site reverts to the default settings. There is no user.js file. Delete the prefs.js file did not help. Any suggestions? If Web sites don't remember your personal information, it is likely that Firefox is set to remember any cookies after the release. You must configure your privacy settings to remember - see the parameters of privacy, and-not-track browsing history. Late 2009 iMac Sierra gel & incomplete close Hi all I did a clean install of Sierra on my iMac late 2009, 3.60 GHz Intel Core 2 Duo, the 12 GB of RAM, a 1 TB drive, ATI graphics card. Everything seemed to happen. Now, I have two problems: 1. at least twice daily than the iMac just hangs. The mo Update the driver for graphics card for Satellite M30x I need to update the video card driver in my Satellite M30X (ATI mobility Radeon 9600/9700). Where can I find the latest version? On the toshiba support page, there is only an older version (dic.2004). I already tried to install a feeding at ATI.com What kind of ssd's in a slate of 500 Hello I looked up and down to see which drive will be insert in the slate 500. I bought one used and it came not with the drive and everything I found looks great to get into the box provided. The form factor has something to do with it, or is it a 2 Cannot update apps for ios 9.2.1 update. Since I upgraded my ios to 9.2.1 last Friday, I can't seem to update applications. I thought it was a problem application, then when several applications needed for the update, none of them have been upgraded. Whenever I type update next to the appli Start-up applications to receive messages from windows that have stopped working. One of them is IE3SH application has stopped working. How can I fix it?Similar Questions
Hope it will be useful.
Vijay K - Microsoft Support
Visit our Microsoft answers feedback Forum and let us know what you think.
Octoshape streaming services: could not bind to the local host. Please check your firewall configuration
1) is it nessesary to push the content locally for playback? Will playing content from our dmm over the wan be to much traffic? Presentations could be as simple as a basic welcome page to a presentation playing video and flash images.
2) If pushing the content local would be a wise decision I am having difficulty seeing exactly how this is done. In the dmp settings I see the local storage setting and have it turned on and set to read/write. As far as the thumb drive gose how exactly to I set that up so the dmp can see it? I plug it in the back of the player and it looks like it's active but from the management console of the player I do not see any way to actaully see if it knows about the usb thumb drive.
3) how will I push the content to the local storage and the thumb drive from the DMM? It looks like I can send things to the internal storage though the advanced tasks/deployment package and or file transfer to DMP or server. What exactly is the differnce between these two?
4) finally how will I actually play the content from the local dmp? Can I set this up on a schedual from the dmm just like I would if it was playing from the local dmm?
w32tm /config /manualpeerlist:-IP of server- /syncfromflags:MANUAL /reliable:yes /update
net stop w32time && net start w32time
w32tm /resync /rediscover
[Configuration]
EventLogFlags: 2 (Local)
AnnounceFlags: 5 (Local)
TimeJumpAuditOffset: 28800 (Local)
MinPollInterval: 10 (Local)
MaxPollInterval: 15 (Local)
MaxNegPhaseCorrection: 3600 (Local)
MaxPosPhaseCorrection: 3600 (Local)
MaxAllowedPhaseOffset: 1 (Local)
FrequencyCorrectRate: 4 (Local)
PollAdjustFactor: 5 (Local)
LargePhaseOffset: 50000000 (Local)
SpikeWatchPeriod: 900 (Local)
LocalClockDispersion: 10 (Local)
HoldPeriod: 5 (Local)
PhaseCorrectRate: 1 (Local)
UpdateInterval: 360000 (Local)
[TimeProviders]
NtpClient (Local)
DllName: C:\windows\system32\w32time.dll (Loca
Enabled: 1 (Local)
InputProvider: 1 (Local)
AllowNonstandardModeCombinations: 1 (Local)
ResolvePeerBackoffMinutes: 15 (Local)
ResolvePeerBackoffMaxTimes: 7 (Local)
CompatibilityFlags: 2147483648 (Local)
EventLogFlags: 1 (Local)
LargeSampleSkew: 3 (Local)
SpecialPollInterval: 900 (Local)
Type: NTP (Local)
NtpServer: -IP of server-,0x1 (Local)
NtpServer (Local)
DllName: C:\windows\system32\w32time.dll (Loca
Enabled: 1 (Local)
InputProvider: 0 (Local)
AllowNonstandardModeCombinations: 1 (Local)
0.vmware.pool.ntp.org,1.vmware.pool.ntp.org and 2. VMware.pool.ntp.org
I'm using WLS 10.3 on Windows.
I did the following till now.
(1) installed WebLogic 10.3 on one machine (local computer, on which I created the field and my Server Admin is under execution. 1 managed server is also created on this machine).
(2) installed WebLogic 10.3 on computer B (remote computer, which Managed Server 2 will be created).
(3) on the machine, I used the Setup Wizard and create a domain. When creating the domain, I did the following:
(i) created two managed servers.
(II) create a cluster
(III) the servers assigned to regroup.
(IV) created two machines.
(v) the servers assigned to machines (Admin Server and MS_1 to the machine and MS_2 machine B).
(4) start Admin Server.
(5) on the administration Console, I made some configurations for the node Manager on Machines-> Machine A-> Node Manager. The assigned values:
(i) type (SSL)
(II) Address (ip_address machine A) listen
(III) listening port (5556)
(6) in the same way it did for Machine B.
So far, phsically the managed server (MS_2) directory and configuration is not there on the Machine B (its only configured on A computer because I created the field on computer A).
I went through the documents on the Node Manager and found what to configure. But I have not found what is the sequence of configuration.
Please let me know the sequence of steps I must follow to install and configure the Manager of nodes on the local and remote machine. I want to use Java Node Manager (not the Script node Manager).
Thank you
Sanjay
BEA_HOME:-c:\bea
WL_HOME:-C:\bea\wlserver_10.3
DOMAIN_DIR:-c:\VASDomains
Using 2 Setup Wizard) create the domain under "c:\VASDomains".
(3) to start the Admin Server and connect to the console and create two machines "Machine_A" and "Machine_B". Select the types of machines as 'other '.
(4) once machines are created go to each machine and go to the tab 'NodeManager' and enter the details nodemanager.
(5) create server 'VAS_MS1_A' and 'VAS_MS2_B '. Enter the respective details. To "VAS_MS1_A", enter a machine name of host or ip and machine "Machine_A" and "VAS_MS2_B", enter the hostname of the machine B or ip and machine 'Machine_B '.
(2) then you have to register the machine with the Manager of nodes. So for this first set the environment go to "C:\bea\wlserver_10.3\server\bin" and run "setWLSEnv.cmd". Then type 'java weblogic. Enter the WLST", once you run this command at the next prompt Details ' connect ('
(3) then run this command.
nmEnroll('c:/VASDomains','C:\bea\wlserver_10.3\common\nodemanager')
(4) If this node Manager runs on this computer, kill that one and restart the node Manager again.
(5) now if you go to "Adminconsole--> Machines--> Machine_B--> Monitoring" you can see the status as accessible.
(6) now you can go "Servers--> VAS_MS2_B--> Control" and start the server. Newspapers to see how the server gets up the tail.
local-user-name = 'monitor '.
}
AAA server Ganymede group + XXXXXX
Server xxx.xxx.xxx.xxx
Server xxx.xxx.xxx.xxx
!
enable AAA authentication login default group XXXXXX
the AAA authentication enable default
default AAA authorization exec XXXXXX group no
AAA authorization commands 15 default authenticated if
AAA authorization network default group XXXXXX no
authorization AAA MLPPP-PPP network no
MLPPP AAA authorization network no
AAA accounting exec by default start-stop group XXXXXX
AAA accounting command 15 default start-stop group XXXXXX
AAA accounting network default start-stop group XXXXXX
AAA accounting connection by default start-stop group XXXXXX
AAA accounting system by default start-stop group XXXXXX
!
line vty 0 4
access-class 75
exec-timeout 15 0
privilege level 0
password 7 xxxxxxxxxxxxxxxxxxx
entry ssh transport
I have valid IP address and configuration is good.
If this problem occurs using the WiFi network, then check if you can use the connection to the local network.
Using the WiFi network, you must check if the common WLan parameters are favourable;
Check if the encryption key is right; turn off filtering by mac address, check the TCP/IP protocol settings if it has been set to automatic, disable the firewall settings, rest you WLan router, check if you connected to the right SSID.Maybe you are looking for