Enable parser view command on ACS 5.X

Similar Messages

• Assigning PARSER view with ACS 5.1 to a specific user

  Hi,
  I like to know how I can assigning a parser view at logon by using ACS server version 5.1.  I remember I had already doing it with version 4.2 by using custom attribute, but for some reason is't does'nt work actually.....
  We would like to use parser view because all other command are'nt deny but they are invisible to the user......  which provide a better way to us to control security and avoid any question or other request by users.
  thanks a lot !

  I worked around a similar constraint by having our AD admins create the computer object with the name of the ACS system, then give my AD account rights over that object. Then I was able to join ACS to AD using my own AD credentials.

• Parser view interface issue

  Hi All
  i have a problem with parser views.
  i want to make a view where its only possible to change the vlan on a given port.
  i have tryed a number of possibilities and now im ready to give up .
  when i make the view i have to define every gigabit or Fastethernet port, i need a command that can allow access to all gigabitethernet ports without giving them access to execute all comannds in interface config.
  my view looks like this
  parser view int
   secret 5 $1$ZPxG$PZ.izEXhrKjTYPZVhuldu1
   commands interface include switchport
   commands configure include interface
   commands exec include-exclusive configure terminal
   commands exec include configure
  if i want to allow access to an interface port i need to add 
   commands configure include interface gigabitethernet1/0/1
  and i rather not add all 28 ports i that manner, is there  a command that fixes my problem?

  DETAILED STEPS
  Command or Action
  Purpose
  Step 1
  enable view
  Example:Router> enable view  
  Enables root view. Enter your privilege level 15 password (for example, root password) if prompted.  
  Step 2
  configure terminal
  Example:Router# configure terminal  
  Enters global configuration mode.
  Step 3
  parser view view-name
  Example:Router(config)# parser view first  
  Creates a view and enters view configuration mode.
  Step 4
  secret 5 encrypted-password
  Example:Router(config-view)# secret 5 secret  
  Associates a command-line interface (CLI) view or superview with a password.
  Note   
  You must issue this command before you can configure additional attributes for the view.
  Step 5
  commands parser-mode {include | include-exclusive | exclude} [all] [interface interface-name | command]
  Example:Router(config-view)# commands exec include show version  
  Adds commands or interfaces to a view.
  parser-mode --The mode in which the specified command exists.
  include --Adds a command or an interface to the view and allows the same command or interface to be added to an additional view.
  include-exclusive --Adds a command or an interface to the view and excludes the same command or interface from being added to all other views.
  exclude --Excludes a command or an interface from the view; that is, customers cannot access a command or an interface.
  all --A "wildcard" that allows every command in a specified configuration mode that begins with the same keyword or every subinterface for a specified interface to be part of the view.
  interface interface-name -- Interface that is added to the view.
  command --Command that is added to the view.
  Step 6
  exit
  Example:Router(config-view)# exit  
  Exits view configuration mode.
  Step 7
  exit
  Example:Router(config)# exit  
  Exits global configuration mode.
  Step 8
  enable [privilege-level] [view view-name
  Example:Router# enable view first  
  Prompts the user for a password, which allows the user to access a configured CLI view, and is used to switch from one view to another view.
  After the correct password is given, the user can access the view.
  Step 9
  show parser view all
  Example:Router# show parser view  
  (Optional) Displays information about the view that the user is currently in.
  all --Displays information for all views that are configured on the router.
  Note   
  Although this command is available for both root and lawful intercept users, the all keyword is available only to root users. However, the all keyword can be configured by a user in root view to be available for users in lawful intercept view and CLI view.

• Parser view config problem

  Hi,
  Please could I have some expert view of where I might be going wrong with this config.
  I have setup a parserver view as follows:
  parser view testparserview
  secret 5 $1$KBuN$yqdkAM.2w62qoRaOq7UQU0
  commands configure include access-list
  commands exec include configure terminal
  commands exec include configure
  commands exec include show running-config
  commands exec include show
  username fred view testparserview password 0 ciscofred
  The thing I don't understand is that when I login with fred and enter enable it does not automatically choose the testparserview, to use it I have to enter :
  enable view testparserview
  Is there a way to automatically select the configured parserver view within the username command?
  Many thanks

  Hi,
  Please could I have some expert view of where I might be going wrong with this config.
  I have setup a parserver view as follows:
  parser view testparserview
  secret 5 $1$KBuN$yqdkAM.2w62qoRaOq7UQU0
  commands configure include access-list
  commands exec include configure terminal
  commands exec include configure
  commands exec include show running-config
  commands exec include show
  username fred view testparserview password 0 ciscofred
  The thing I don't understand is that when I login with fred and enter enable it does not automatically choose the testparserview, to use it I have to enter :
  enable view testparserview
  Is there a way to automatically select the configured parserver view within the username command?
  Many thanks

• Role-based view commands missing from config

  Hi All,
  I set up a 2960G with IOS 12.2(44)SE6 and created a role-based view to be used by our helpdesk.  One of the things they need to do is add rules to a MAC ACL on the switch.  I've successfully created a view for them and can include and exclude most commands, however, when I try to include the "commands mac-enacle include all permit" command, I get no syntax error, and there is no line in my configuration reflecting the change. As it stands, from the helpdesk view (named smco) I can get into mac acl configuration mode, but I can't issue any of the sub commands.
  Any advice would be greatly appreciated.  I tried upgraded to 12.2(55)SE and had the same result.
  The current configuration for the parser view is as follows:
  parser view smco
  secret 5 hashed_pw
  commands configure include mac access-list extended
  commands configure include all mac access-list
  commands configure include mac
  commands exec include configure terminal
  commands exec include configure

  After I issue the command "commands mac-enacl include all permit" there is no line in my startup or running configuration that says: "commands mac-enacl include all permit" or anything that closely resembles that.
  I've tested with multiple local accounts.  After authenticating, I issue the "enable view smco".

• All pages disappear when I enable parsing for my SSI in Server 6.1

  I have Sun Java System Web Server 6.1 and Windows 2003 web server. I enabled parsing in order to do includes. Whenever I enable the parsing for all html files, all my pages just completely disappear. If I disable it, the includes don't work. Does anyone know what is going wrong? I'm desperate.

  "Disappear" might make sense to you, but it's too imprecise for us to help you. What actually happens when you access a .shtml file with your web browser? What does your browser's View Page Source function display? What is logged to the access log? What is logged to he errors log?

• Problems with parser view

  Hello.
  I configured a parser view to block some commands(configure line, configure username and configure dial-peer cor) for a specific user.
  The parser view is working fine untill I perform a "copy run start" or "write memory" and I reboot my router : the parser view is modified and the "blocked" commands are available for all the users...
  The IOS I used is the following : c3900-universalk9-mz.SPA.152-1.T1.bin
  The parser view I configured is the following :
  parser view BLOCKED
  secret 5 XXXXXXXXXXXXX
  commands configure include-exclusive line
  commands configure include-exclusive dial-peer cor
  commands configure include-exclusive username
  While doing a "sh run | sec parser view", I receive the following :
  parser view BLOCKED
  secret 5 XXXXXXXXXXXXX
  commands configure include-exclusive help line
  commands configure include-exclusive help dial-peer cor
  commands configure include help dial-peer
  commands configure include-exclusive help username
  If I do a copy run start and a reload, after the reboot, the configuration of the parser view is abnormally modified as follow : 
  parser view BLOCKED
  secret 5 XXXXXXXXXXXXX
  commands configure include help help
  commands exec include help
  commands exec include terminal help
  I also tried to configure another parser view for my restricted user, with 'commands configure exclude' for line, username and dial-peer cor...
  The parser view for restricted user is also working fine untill I save the configuration in nvram and I do a reboot... After the reboot, I encounter the same problem...
  I'm not sure if there is a bug in the IOS or if I made a mistake while configuring my parser view... Could somebody help me ?
  For information, I also try to use the IOS 15.1(3)T and I had the same problem...
  Thx,
  H

  Originally posted by: chris_stillwell.yahoo.com
  I believe what you want to do is to create a custom Marker that extends
  ProblemMarker. The Readme example shows how to create your own markers.
  Chris
  "Mark" <[email protected]> wrote in message
  news:[email protected]..
  > Can anyone point me to where I might find information on having my
  > plugin interact with the Problems View? I am working on a parser and
  > would like errors to be directed to this window and then have the
  > ability to click on them to take me to the source code line.
  >
  > Thx,
  >
  > Mark

• How can I control the enable/disable of command buttons in ADF JSF

  I have been having a great deal of trouble trying to work out how to control the command button such that if the rowset is null then the button is disabled. The trick is that the rowset is not defined by the view where the command button is located. The rowset is defined by a view which has a "view" command button which displays the specific row selected, then this view has a command button that will display the detail rowset of the selected master row, but if there are no detail records I want the button to be disabled. How can I do this in ADF JSF? If I use a backing bean to make the determination prior to the page rendering then how does the backing mean method set the parameter necessary to disable the command button? Any advice or tutorial that I can use is most appreciated. My goal with using ADF JSF effort was to demonstrate that a complex app could be generated with minimum coding, I would like to keep to this concept if possible. Thanks,
  Michael

  Hi Michael,
  You can probably set the Enabled property of the command button using an EL that would evaluate and return true or false based on your requirement.
  Check out these links for more information on using the EL.
  http://radio.weblogs.com/0118231/2006/11/10.html
  http://database.in2p3.fr/doc/oracle/Oracle_Application_Server_10_Release_3/web.1013/b25947/web_dcp006.htm
  -Arun

• How to enable cascade view for sites(iStore) in 11i?

  How to enable cascade view for sites in 11i?

  Hi,
  For this issue, I'm trying to involve someone familiar with this topic to further look at it.
  Thanks,
  Wendy
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback
  for TechNet Subscriber Support, contact [email protected]
  Wendy Li
  TechNet Community Support

• RMAN-00558: error encountered while parsing input commands

  Hi,
  on 12C on Win 2008
  as said in documentation :
  @ (at sign)
  Example 2-2 Running a Command File Within RMAN
  This example shows how you can execute a command file from the RMAN prompt and from within a RUN command. User-entered text appears in bold.
  RMAN> @backup_db.rman
  I do as follows to run a script to back up :
  RMAN> @C:\scripts\RMAN\al_backup_full_cdb.rman LOG=C:\scripts\logs\al_backup_full_log
  RMAN-00571: ===========================================================
  RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============
  RMAN-00571: ===========================================================
  RMAN-00558: error encountered while parsing input commands
  RMAN-01009: syntax error: found "log": expecting one of: "double-quoted-string, identifier, integer, single-quoted-string"
  RMAN-01007: at line 1 column 1 file: standard input
  RMAN-00571: ===========================================================
  RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============
  RMAN-00571: ===========================================================
  RMAN-00558: error encountered while parsing input commands
  RMAN-01009: syntax error: found "@": expecting one of: "double-quoted-string, identifier, integer, single-quoted-string"
  RMAN-01007: at line 0 column 1 file: standard input
  Thank you.

  user10274093 wrote:
  yes thank you. Like this :
  @C:\scripts\RMAN\al_backup_full_cdb.rman
  But how to have a log file ?
  You can not use the log= clause *inside* rman, you can only use it on the shell prompt *outside* rman.

• How To Parse The Command Line?

  Hello,dear. When I writing a C/S mode application,which performing download and upload files between the FTP server and the clients, I encountered the problem of parsing the command line.
  I intend to download file from the server side ,using this following format ,which is composed by four arguments:
  ftp>receive server's IPaddress portnumber filename
  The problem is I don't know how to parse the command line and store them to some objects and using it.
  I'm right here waiting for the nice problem-shooter.
  Thanks for reading my poor expression.

  In your console application main class
  public static void main(String[] args)
  // code
  args is a sting array with the command
  line itemsI think you missed the point or forgot the ":-)". This is the "Socket", not the "New to Java" forum.

• How do I "Enable 3D View" in Bridge CC?

  How can I "Enable 3D View" in Bridge CC.  I am using the Output Module to create a single PDF from several files and one of them is a 3D drawing in a PDF format.  When I add this file, there is no thumbnail preview and the the words "Enable 3D View" are the only thing visible.  This is also what is exported when I click create for both PDF and web gallery output.

  This thread might be a little old, but I would like to know this as well.
  Thanks,
  edsager
  Message was edited by: edsager
  Please see this thread:  http://forums.adobe.com/thread/1098737?tstart=0

• Does create materialized view command creates an index?

  Does a Create materialized view command inturn creates indexes?

  Sometimes it does. Consider:
  scott@ora102> create materialized view emp_desc_mv
  2 as select e.empno, e.ename, e.sal, e.comm, d.dname, d.loc
  3 from emp e, dept d
  4 where e.deptno = d.deptno;
  Materialized view created.
  scott@ora102> select count(*) from all_indexes where table_name = 'EMP_DESC_MV';
  COUNT(*)
  0
  scott@ora102> alter materialized view emp_desc_mv add primary key (empno);
  Materialized view altered.
  scott@ora102> select count(*) from all_indexes where table_name = 'EMP_DESC_MV';
  COUNT(*)
  1
  Daniel

• How to swap enable's all command with level 7

  1.how to swap enable's all command with level 7?
  expect user type enable will enter level 15 but all commands are level 7 only
  2. which command user can enter to enter level 7?

  1.how to swap enable's all command with level 7?
  enable password level 7 c1sco
  2. which command user can enter to enter level 7?
  The user doesn't control access level.  The administrator sets the access level when the user is added.
  username name [privilege level]
  Here is a link that discusses setting passwords and privileges.
  http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/command/reference/fsecur_r/srfpass.html
  Hope this helps,
  if so, please rate.

• Month View (command 3) fault, pleaseee help.

  Hi
  When I choose month view (command 3) the whole calendar dissappears, it does not crash and week/day views can be selected. I need to work on the month view, can anyone assist pleaseeeeee. thanks.
  Any clues ?
  1.5GHz PowerBookG4   Mac OS X (10.4.9)   17"

  Hi,
  Welcome to Apple Discussions.
  Quit iCal and find the com.apple.iCal.plist file in your user's Library/Preferences Folder. Delete this file and then open iCal again.
  Best wishes
  John M