3850 command to show wireless user dACL
Hi,
I am using 3850 and 5760 with converged access mode.
There is also ISE to provide dACL for wireless user.
In 3850, I can issue "show access-list" to see the dACL from ISE.
But I can't be sure which ACL apply to which user when there are more than one dACL.
I have tried command like "show wireless client mac-address MAC detail" but didn't see anything related.
I can only achieve that by checking logs on ISE.
Is there any command I can do for this purpose?
3850 and 5760 version : 3.3.0
ISE version : 1.2
Thanks!!!
Hi Mason,
I know that for switch IOS the command "show authentication session interface INTERFACE" shows the dACL that is applied to this port. I think the new command for the IOSXE devices is "show access-session mac H.H.H detail" is the corresponding one which should show the dACL that was applied to that MAC-address.
Please see if that works for you.
Best regards,
Patrick Meyer
Similar Messages
-
Command prompt showing 2 users
well... i have been using OS X for quite a while now. Recently i thought of learning UNIX commands in command prompt... so while learning, I came acroos a commant that shows all the users logged in - " who | wc -l " when i typed this command in the prompt, it said that 2 users wee logged in...
1. yashgaddhyan (thats me)
2. tys000
i dont know who the second user is.... can u guyz help me... i mean is the secong user normail in all the mac????
help would be appreciated....
thanxIt's a file associated with 3G wireless devices, there's a solution here...
http://forums.macrumors.com/showthread.php?t=587469 -
I used a terminal command in Lion to show the LIbrary in the Users folder, and now the Finder is behaving erratically, hanging up and becoming almost paralyzed. Can anyone tell me how to reverse the terminal command for show Library. The command I used was:
chflags nohidden ~/Library/Showing the Library folder will not cause the problem you've described. Nevertheless:
chflags hidden ~/Library
will hide the folder. To reveal the folder:
chflags nohidden ~/Library
Note, there is no "/" after Library. -
I have an AP 1242.
Is there a command to see what users are using this access point?
regards and thanksHi Hernan,
If you are trying to find out how many users are associated to an AP, this example shows how to display all client devices associated with the access point:
AP# show dot11 associations client
http://www.cisco.com/en/US/docs/wireless/access_point/12.3_4_JA/command/reference/cr34main.html#wpxref81339
Hope this helps! Happy Holidays!
Rob -
Old Domain Name showing in User Profiles
Sharepoint User Profile Sync is showing some users with our Old Domain name (from years ago). This domain name is NOT in our Active Directory. I'm guessing that the profiles that show the old domain name must have been in our Sharepoint
2007 and got ported over when we upgraded to Sharepoint 2010.
This is causing conflicts and some workflows not to work (ones where its looking up a user's profile). And when I look in Microsoft Forefront Identity Manager, there are some users listed with this error: Exception while trying to migrate user "abc\johndoe"
to "xyz\johndoe".. Microsoft.SharePoint.SPException: The user does not exist or is not unique.......
("abc" being the old domain name...and "xyz" being our current domain name)
I'm wondering what is the best way to get rid of the old domain name in our Sharepoint 2010 user profiles? Should I update them in the User Profile database in SQL?
Does anyone know how to fix this?
Also, in Central Admin under Health monitoring, we have this message
"People search relevance is not optimized when the Active Directory has errors in the manager reporting structure. In Active Directory, only company leaders should have the 'manager' property set to NULL. As a result of errors, the Active Directory can
incorrectly have the 'manager' property set to NULL for other users that can cause a decrease in people search relevance. By specifying the actual leaders of
the company, these inconsistencies are not taken into account and the relevance problem is corrected.
Remedy
Specify the company leaders explicitly. Use the following PowerShell
commands: $upap = Get-SPServiceApplicationProxy [appid]; Add-SPProfileLeader
$upap [Domain]\[UserName]. Run 'Get-SPProfileLeader $upap' to check whether the
leader was successfully added. As a last step, run a full crawl on the content
source containing the start address (URL) of the user profile application.
Not sure if this is related.
Any help would be much appreciated... thanks!If Mysite Clean Up job is running then this issue should be fixed(removed all old profiles) in couple of User Profile Sync( Full followed by couple of Incremental). Basically, FIMs
responsible to mark the user as deleted within the UPA then CleanUp Job purge these profile.
http://www.harbar.net/archive/2011/02/10/account-deletion-and-sharepoint-2010-user-profile-synchronization.aspx
How many users you are seeing, are they showed in the Profile missing options? if less numbers then you can simply remove the IDs from USer Profile manually.
Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog -
Wireless users are loosing the internet connection....
Dear All, My wireless users are loosing the internet(http and https) connection many times per day. I just check the ports configuration in the switch, but The problem persist. The device is a Cisco Aironet 1130 AG. Someone have some idea???
Sent from Cisco Technical Support iPhone AppDear All, My wireless users are loosing the internet(http and https) connection many times per day. I just check the ports configuration in the switch, but The problem persist. The device is a Cisco Aironet 1130 AG.
You are barking the wrong tree.
Can you please elaborate further?
I need to determine whether the clients are loosing WIRELESS connection or loosing WAN connection. Two different things, two different directions to choose from.
The easiest way to determine is this:
Presume you have 10 clients and half the clients are associated to one WAP and the other to the other WAP. Your description states that all 10 clients would loose internet connectivity. Is this correct? If this is so, then we start with your switch and your WAPs. How are the WAPs powered? PoE or power injector? Can you console into the WAPs? Can you post the output to the commands "sh version" and "sh logs"? How about the switch? Can you console into the switch? Can you post the output to the commands "sh version" and "sh logs"? -
I changed my username and now afp doesn't show any users. I have file sharing on. And also when I select "get more info" on the shared folders they don't have my username in there. it just has "applepc(me)" my old username before changing it showed the correct username? please any help would be great.
Turn Time Machine OFF temporarily in its preference pane. Leave the window open.
Navigate in the Finder to your backup disk, and then to the folder named "Backups.backupdb" at the top level of the volume. If you back up over a network, you'll first have to mount the disk image file containing your backups by double-clicking it. Descend into the folder until you see the snapshots, which are represented by folders with a name that begins with the date of the snapshot. Find the one you want to restore from. There's a link named "Latest" representing the most recent snapshot. Use that one, if possible. Otherwise, you'll have to remember the date of the snapshot you choose.
Inside the snapshot folder is a folder hierarchy like the one on the source disk. Find one of the items you can't restore and select it. Open the Info dialog for the selected item. In the Sharing & Permissions section, you may see an entry in the access list that shows "Fetching…" in the Name column. If so, click the lock icon in the lower right corner of the dialog and authenticate. Then delete the "Fetching…" item from the icon list. Click the gear icon below the list and select Apply to enclosed items from the popup menu.
Now you should be able either to copy the item in the Finder or to restore it in the time-travel view. If you use the time-travel view, be sure to select the snapshot you just modified. If successful, repeat the operation with the other items you were unable to restore. You can select multiple items in the Finder and open a single Info dialog for all of them by pressing the key combination option-command-I.
When you're done, turn TM back ON and close its preference pane. -
Problem authenticating Wireless users with peap
Good afternoon,
I am currently trying to authenticate wireless users using PEAP and an external RADIUS server. The problem is when I try to authenticate I get this error :
AAA/AUTHEN/PPP : Pick method list 'Permanent Local'
DOT11-7-AUTH_FAILED : Station ... Authentication failed
It shouldn't use local authentication, but the aaa server I configured.
I looked on the internet but didn't find a working solution.
Does anyone know why it is not working ?
Here is my running configuration :
Current configuration : 4276 bytes
! Last configuration change at 00:45:40 UTC Mon Mar 1 1993
! NVRAM config last updated at 16:38:23 UTC Thu Jul 24 2014
! NVRAM config last updated at 16:38:23 UTC Thu Jul 24 2014
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname ap
logging rate-limit console 9
enable secret 5 $1$QVC3$dIVAarlXOo52rN3ceZm1k0
aaa new-model
aaa group server radius rad_eap
server 192.168.2.2 auth-port 1812 acct-port 1813
aaa group server radius rad_mac
aaa group server radius rad_acct
aaa group server radius rad_admin
aaa group server tacacs+ tac_admin
aaa group server radius rad_pmip
aaa group server radius dummy
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
no ip routing
no ip cef
dot11 syslog
dot11 ssid test
authentication open eap eap_list
authentication key-management wpa version 2
guest-mode
eap profile peap
method peap
crypto pki token default removal timeout 0
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers aes-ccm
ssid test
antenna gain 0
stbc
beamform ofdm
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
antenna gain 0
no dfs band block
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
dot1x pae authenticator
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
interface BVI1
ip address 192.168.3.10 255.255.255.0
no ip route-cache
ip default-gateway IP
ip forward-protocol nd
ip http server
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
radius-server attribute 32 include-in-access-req format %h
radius-server host 192.168.2.2 auth-port 1812 acct-port 1813 key 7 140441081E501F0B7D
radius-server vsa send accounting
bridge 1 route ip
line con 0
line vty 0 4
transport input all
end
Thank youI haven't setup autonomous APs before but I think I might see the problem. You are defining an authentication list called "eap_methods" but you never call for it in your SSID settings. Instead there you call a list named "eap_list" In addition, I think you might be missing one more command. So perhaps try this:
dot11 ssid test
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa version 2
guest-mode
Hope this helps!
Thank you for rating helpful posts! -
My Left Command key shows the desktop and can't be used for other functions
My Left Command key shows the desktop when pressed in.
So if I try and copy (command + C) I end up staring at the desktop....This only happens with the left key. When checking System Preferences, none of the settings in keyboard preferences seems to be relevant. I have reset the keyboard setting to default, but it makes no difference. Also this only happens with my user, when changing user on same laptop I get the normal behaviour for the Left command key
I am using a Macbook Pro i7 (2011) Yosemite and am upto date with all softwareTry a restart.
Do a backup, using either Time Machine or a cloning program, to ensure files/data can be recovered. Two backups are better than one.
Try setting up another admin user account to see if the same problem continues. If Back-to-My Mac is selected in System Preferences, the Guest account will not work. The intent is to see if it is specific to one account or a system wide problem. This account can be deleted later.
Isolating an issue by using another user account
Try booting into the Safe Mode using your normal account. Disconnect all peripherals except those needed for the test. Shut down the computer and then power it back up after waiting 10 seconds. Immediately after hearing the startup chime, hold down the shift key and continue to hold it until the gray Apple icon and a progress bar appear and again when you log in. The boot up is significantly slower than normal. This will reset some caches, forces a directory check, and disables all startup and login items, among other things. When you reboot normally, the initial reboot may be slower than normal. If the system operates normally, there may be 3rd party applications which are causing a problem. Try deleting/disabling the third party applications after a restart by using the application un-installer. For each disable/delete, you will need to restart if you don’t do them all at once.
Safe Mode - About
Safe Mode - Yosemite -
Satellite not showing wireless networks, adapter seems ok
my satellite is not showing wireless networks and i can't figure out what networks are available. the adapter seems to be working properly according to windows device manager. i had to uninstall configfree, although i'm not sure that caused any problem. i have had to run a bunch of anti-spyware programs, registry cleaners etc., system seems much better but a few glitches.
It's possible, but it might be a lot more work to do so. It all depends on how soon you need to get it fixed. I'm not a network specialist so I can't really offer much in the way of assistance other than what I already did. It's possible someone else might have other ideas, but since you didn't post this in the Networking and WiFi Forum where it belongs it's quite possible that those networking specialists will never even see your post to respond to it. I know that I rarely go into the Networking Forum as it isn't my strong suit.
If you don't post your COMPLETE model number it's very difficult to assist you. Please try to post in complete sentences with punctuation, capitals, and correct spelling. Toshiba does NOT provide any direct support in these forums. All support is User to User in their spare time. -
LMS 3.2 (W2003).
No idea about WLSE, WLC or AP's, sorry :-(
We have done a discovery, ignoring AP. They say that MAC's from wireless clients are seen from switches as a hub or switch no Cisco, and they want to see it as a UT, with their IP and MAc address from AP, is that right???
I don't know if the resolution is possible because of no idea about AP...If you have standalone APs, then you can enable wireless user tracking directly from the APs under Campus Manager > Admin > User Tracking > Acquisition. This is enabled by default. If you have a WLSE, you can disable direct acquisition from APs, then make sure your WLSEs are in DCR with correct HTTP credentials, and Campus will automatically synchronize those users.
If, however, you are using WLC/WCS with LWAPPs, then LMS management will not be possible. Those wireless users will show up, but they will show up as being connected to the wired switch to which the LWAPPs connect (unless trunking is used, then they may not show up at all). -
Is there in PL/SQL a command which shows database objects?
In psql (the postgresql' sqlplus-type application) there is a command \d which acts this way; \dt - show tables \du - show users \df - show functions, trigger etc.
thank you.All will be SQL operations.
SQL> select object_name, object_type from user_objects where object_type = 'TABLE' ;
SQL> select * from all_users ;
SQL> select object_name, object_type from user_objects where object_type = 'FUNCTION' ; -
Prevent a command to show up in the command history
Can I prevent a command to show up in the command history?
ITextModelCmds::TypeTextCmd does what I want but since I'm calling that command to update some text in order to stay synced with a change the user did, I don't want it to show up in the command history as an entry.
A command sequence is not the solution as the command is executed in an observer which is notified on the users change.
I want to circumvent reimplementing TypeTextCmd on my own.
Regards,
MartinI resolved the problem by regenerating the PDF -- by printing to Postscript and then distilling. I'm now in the process of adding the file information in Properties and making bookmarks again. I trust these additional things don't break the store again.
Apparently there was some problem somewhere that my store was aware of but that InDesign, Acrobat, and ACS were unaware of. -
Id like to be able to show the users connected to my IPSec L2TP vpn (openswan and xl2tpd) - Ive been searching and searching but finding nothing.
If possible I'd like to be able to show username - remote ip of user, local vpn ip assigned, time connected and data transferred. Im not interested in monitoring what they are doing, just the basics.
Can anybody point me in the right direction please? Id like to be able to put this into a php web manager I'll build at a later date so I have a visual of whats going on.
Many thanks in advance for your help.
Cheers
AndyCan anyone help please?
Ive found this command " netstat -i | grep "ppp" | wc -l " However all this does is simply show the number or connected users as a simple numerical digit.
Cheers
Andy -
Determining active wireless users with ACS
Is there a way to determine how many active wireless users are on the network by checking ACS? Currently our users need to re-authenticate periodically (about every 15 minutes), however, ACS shows no logged in users. There should at least be one -- ME!
We should be looking for something like this on the AP:
aaa group server radius rad_acct
server auth-port XXXX acct-port XXXX
aaa accounting network acct_methods start-stop group rad_acct
Maybe you are looking for
-
Where can I find a portal server for JAVA development?
Hi, everyone: I am looking a portal server which can be used under Windows envorinment and related development environment (toolkit or SDK). I have done some search through IBM and SUN's web site and I can not find any portal servers that running on
-
How to fit all browser screen?
Hi, I designed a webpage by using iweb. I used HTML snippet to input my HTML code. However, different screen resolution PC or browser will display my webpage size and layout differently. Any idea how to solve this? Besides, I noticed that webpage cre
-
Transaction Locking during multiple Webservice - persistent webs sessions
Hi All,<br> <br> Yesterday evening we had a discussion concerning ESA architecture. We want to create (web)services for accessing the SAP business objects (using XI) and use these (web)services via visual composer, webdynpro or custom java developmen
-
HT204368 No Bluetooth devises appear while IPhone is trying to detect, what's wrong ?
No Bluetooth devises appear while IPhone is trying to detect, what's wrong ? In addition the Bluetooth sign on the upper part of the IPhone appears only when I enter the Bluetooth setting. Is this part of IOS 6.1 changes?
-
Error while installing PIM Sync
Hi, While installing PIM Sync an error is given "Installation found another product installed which uses the same configuration file settings. Installation was cancelled because they cannot function on the same computer. Please uninstall the other so