Responsibility not appearing for user after added from System Administrator

Similar Messages

• Variable not appearing for User

  Hi everyone!
  I have a query which the user have been using for quite some time and it was working fine. When the query is run the user has option of 3 input variables.
  Today, all of a sudden, the 3rd variable does not show up for that user. The query runs fine for every other user. I mean all 3 input variables show up.
  Some how only for this particular user, the 3rd variable does not appear.
  Has any one encountered this situation. Can any one provide me some possible areas to look into as to what might have changed or what could be causing this problem.
  All your help is appreciated.
  Thankx!
  Kumar.

  Hi Raj,
  I did try to remove the personalization on the user's system. But the variable still did not appear. I noticed few more things. The variable is "Site ID" (custom one).
  1) The  Site variable does not appear even on other queries only for this user.
  2) I tried to make the user use another system and run the query, it still does not appear.
  3) I created another query for user just to display the Site ID without any variable. It runs fine. When I created a selection variable for Site ID on the same query now the variable again does not appear.
  So I think it must be either a change in authorization or change in definition.
  Can you think of any other issue it might be encountering?
  Thankx!
  Edited by: kumar saurabh on Aug 25, 2008 4:50 PM

• New class created not appearing for users

  Hi Friends
  I have created a Course and then the offering for that course. I created a class as well for that offering. While creating the course I selected the organization in the learner access. The course is future dated in February.
  However when an employee from that organization is searching for that course it does not appear. The class is in Planned state. My EBS is 12.1.3. Any idea why this class is not appearing when the learner is searching for that class.
  Also another question when I select the organization in the learner access and include all the orgs in the hierarchy, does it mean that all the orgs under that org will be included in the learner access.
  Thanks in advance

  Hi,
  The process you have described sounds right. You should contact Oracle Support, they will be able to help you find out what is missing.
  The answer to your second question is "Yes".
  Regards Anders Northeved

• Custom Auto Attendant Prompts through TUI not working for users who migrated from 2010 to 2013

  In Exchange 2010, we started using unified messaging and set up Auto Attendants. We setup a admin role/RBAC for people of a security group to be able to update the message on the auto attendants. They have the UMPrompts assigned role. All of this is working
  great in 2010. We have now migrated to 2013, and the users who were migrated from 2010 to 2013 can no longer update the messages through TUI. Newly created 2013 users can and are assigned the EXASCT same permission as the users who have been doing this for
  well over a year on 2010.  When they call the AA and press #,* they are asked to provide their extension, after doing so the system tells them that extension is not correct. and asks for the extension again.  Newly created users with the same permissions
  get prompted for their PIN and can log in and change the message just fine. 
  Confirmed Bug?  anybody else having this issue?
  What would be different for this process between a user who was migrated from a previous version like 2010 compared to a newer user who has only ever existed on 2013?

  What if the migrated 2010 users are in the same DB as the system mailbox? I had a similar issue during a migration; http://www.skypeadmin.com/2014/11/10/known-issue-um-automated-attendant-tui-editing-broken-migration/
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications
  This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Why does one tag out of four not appear for users accessing a single Thunderbird account via multiple computers?

  Four users share a single Thunderbird email account (version 24.5.0) on their four respective computers. Each user is represented by a tag color to designate which emails they are responsible for. One user is having trouble seeing when their tag is used by the other three users, the email appears untagged. However, the other three users see it as tagged. Likewise, when that one person uses the tag, the other three cannot see the email as being tagged. This is not an issue when the other three tags are used between the four people.
  We have checked that we are all using the exact same color to represent the tag, and that we are all using the same IMAP settings. Does anyone know why this might be happening?

  Are you sure the odd one out is IMAP? sounds like it is pop to me.

• Birthdays did not appear in iCal after update from Contacts

  I thought iCal is supposed to automatically import birthdays from "contacts"? I went to contacts and selected "birthdays" to be displayed. Then typed in the bday info, saved the cards, and went to look at my ical. nothing happend. did i miss some vital yet simple step?
  -thanks

  Hi,
  You need to check the preference in iCal that says "Show Birthdays Calendar".
  Best wishes
  John M

• Mac user, OSX 10.9.4. CS6, in the new Blur gallery the pin with adjusters does not appear for any of the three blur filters. This may have occurred since taking adobe watermark add-on and updating Bridge. any ideas?

  Mac user, OSX 10.9.4. CS6, in the new Blur gallery the pin with adjusters does not appear for any of the three blur filters. This may have occurred since taking adobe watermark add-on and updating Bridge. any ideas?

  I am using Mac OSX 10.10.1 (memory 8 GB 1600 MHz DDR3, graphics Nvidia GeForce GT 650M 1024 MB)
  and my version of Photoshop is CC.
  I ran into  the same problem: I am able to place and view Blur Gallery pins but the adjustment wheel or outer control arounf the pin that allows you to tweak the blur value disappeared after being initially available. Additionally, the placed pin or pins appear to flicker on screen (while in blur gallery mode) until committing the change with the OK button. I have tried restarting both the computer and Photoshop, as well as what some other users have suggested such as View>Show>Edit pins turned on. Nothing has helped so far. I am still able to adjust the blur amount  from the Blur Tools slider. thank you.

• Responsibilities not visible to user after cloning instance from Production

  Hi,
  In my environment, one of the user is disabled in Production, but he has access in DEV instance. When i clone production onto DEV instance and enable this user, he is not able to see the responisbilities which he is suppose to see.
  I ran the "Synchronize WF LOCAL tables', but still the user is not able to see the responsibility.
  Am i missing anything?
  Thanks,

  Hi,
  Did you try to bounce Apache and see if it helps?
  Please see the suggested solutions in the following threads/docs.
  Responsibility not appearing
  Re: Responsibility not appearing
  Assigned Responsibility Not Visible on Login through AppsLocalLogin.jsp
  Re: Assigned Responsibility Not Visible on Login through AppsLocalLogin.jsp
  Note: 388018.1 - Unable to See a Responsibility in the Navigator After End Date Has Been Removed
  Note: 727638.1 - Unable to See Responsibilities after End Date Is Removed on ATG RUP6
  Note: 406892.1 - Missing/Corrupted User-Role Responsibilities
  Note: 429852.1 - Reactivated User Does Not See Responsibilities
  Regards,
  Hussein

• Ever since my last update I have been unable to add songs from my i tunes library onto my i phone.  The "add to" button does not appear for me when I connect my i phone.  Can anyone shed some light on this for me?

  Ever since my last update I have been unable to add songs from my i tunes library onto my i phone.  The "add to" button does not appear for me when I connect my i phone.  Can anyone shed some light on this for me?

  Thanks for that 'sberman' - because my iPhone is backed-up to my work computer (only at this stage) I have had to call our IT Department in Adleaide. (4 times this morning). The last guy managed to get the phone into 'DFU Mode' - no more recovery mode screen - (kind of 'asleep' perhaps) from my understanding of same. I am awaiting a call again from IT so they can get my computer to actually recognise my iPhone on the C Drive. This also happened to  one of my colleagues in Newman (WA). She got so frustrated with the whole process that she bought another phone the next time she was in 'civilisation.' She hasn't had any problems since. (Cross fingers).
  Thanks again, Sandra2474.

• The option to extract pages from a PDF document as described does not appear for me.

  Im currently running Acrobat Pro XL and the option to extract pages from a PDF document as described in the below tutorial does not appear for me.  Please help!
  Extracting pages from a PDF
  https://acrobatusers.com/tutorials/extracting-pages

  Typically if the extract feature is not present then the application is not Acrobat Pro.
  Be well...

• How do I delete a User that does not appear in Users & Groups?

  A leftover user (former employee account) that won't go away. Phantom User account becomes the default login account regardless of the new employee's login attempts. The phantom account Home folder appears in the Users folder at the root level, but not in the Users & Groups panel in System Preferences. I have logged in as tech admin and deleted the phantom User folder (while it is not the Home folder), but it comes right back again as soon as the new employee logs in as himself. ***???
  I'd just updated this iMac to Yosemite, but this issue predates any specific OS update. Has persisted from 10.5 - 10.10. but is becoming an issue with permissions.
  Any thoughts other than having to reinstall the OS from scratch? I was about to, but thought I'd see if anyone else has ever heard of this.....

  Back up all data.
  Triple-click anywhere in the line of text below on this page to select it:
  /System/Library/CoreServices/Directory Utility.app
  Right-click or control-click the selected text and select
            Services ▹ Open
  from the contextual menu.* The Directory Utility application will launch.
  In the application window, click the lock icon and authenticate. Select the Directory Editor tool in the toolbar. Select Users from the Viewing menu in the toolbar, if not already selected. Locate the user you want to delete in the list and click the minus-sign icon at the bottom. Select Groups from the Viewing menu, and look for a group in the list with the same name as the user you just deleted. If found, delete. Quit Directory Utility.
  Be very careful when editing the directory. Many hidden users and groups are present by default, and are needed for the normal operation of OS X. Never delete or modify a directory entry unless you’re sure you know what you’re doing. If in doubt, leave it alone.
  *If you don't see the contextual menu item, copy the selected text to the Clipboard by pressing the key combination  command-C. In the Finder, select
             Go ▹ Go to Folder...
  from the menu bar and paste into the box that opens (command-V). You won't see what you pasted because a line break is included. Press return.

• ORA-13754: "SQL Tuning Set" "" does not exist for user "SYS"

  While calling dbms_stats.seed_col_usage I got the following error. Can someone help me on how to resolve it
  sqlplus
  SQL*Plus: Release 11.2.0.1.0 Production on Thu Apr 14 14:37:38 2011
  Copyright (c) 1982, 2009, Oracle. All rights reserved.
  Enter user-name: / as sysdba
  Connected to:
  Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - 64bit Production
  With the Partitioning, OLAP, Data Mining and Real Application Testing options
  SQL> select * from v$version;
  BANNER
  Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - 64bit Production
  PL/SQL Release 11.2.0.1.0 - Production
  CORE 11.2.0.1.0 Production
  TNS for IBM/AIX RISC System/6000: Version 11.2.0.1.0 - Production
  NLSRTL Version 11.2.0.1.0 - Production
  SQL> show user
  USER is "SYS"
  SQL> begin
  2 dbms_stats.seed_col_usage(null,null,400);
  3 end;
  4 /
  begin
  ERROR at line 1:
  ORA-13754: "SQL Tuning Set" "" does not exist for user "SYS".
  ORA-06512: at "SYS.DBMS_SQLTUNE_INTERNAL", line 17379
  ORA-06512: at "SYS.DBMS_STATS", line 28451
  ORA-06512: at line 2
  Thank You
  Sarayu

  According to the documentation:
  SEED_COL_USAGE ProcedureThis procedure iterates over the SQL statements in the specified SQL tuning set, compiles them and seeds column usage information for the columns that appear in these statements.
  Syntax
  DBMS_STATS.SEED_COL_USAGE (
  sqlset_name IN VARCHAR2,
  owner_name IN VARCHAR2,
  time_limit IN POSITIVE DEFAULT NULL);>
  It looks like you need to provide a SQLSET_NAME and OWNER_NAME to use this procedure correctly, to which you've provided NULLs. I don't see any exceptions in the documentation that indicate special processing when NULLs are provided.

• Issuing certificates for user and clients from different forest/domain

  Hello,
  at first I would like to say that I have made some researches on this forum and in the Internet overall.
  I have AD Forest with ~10 sites all over the Europe, DFL and FFL is 2008 R2, right now we are migrating site by site from old domain (samba) to AD.
  Last time I have deployed PKI based on offline root CA and 2 Enterprise acting as 2-node Failover Cluster.
  Everything in my AD Forest is OK, I mean, autoenrollment works perfect for users and computers from my forest, 
  now I need to deploy a certificate (for test) to one web-based pbx server in samba domain, there are no trusts etc. Samba domain as well as AD Forest are working on the same network, with routeable subnets in each site, so there is no problem with connectivity,
  What are possible way to achieve this goal? I mean to issue cert to client from different forest, so that this client is able to validate it, validate certificate chain and renew it when needed?
  I have Installed and Configured CE Web Service and CE Policy Web Service. Now I have configured Enrollment Policies on my virtual machine (being part of different domain), I selected username/password authentication, I am able to request certificate, I can
  see all templates which I should see, but when I try to enroll I got an error:
  (translated from my language)A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider
  My root CA cert is added to trusted publishers for computer and user node as well.
  What could be wrong? If you have any ideas or questions, please share or ask. 
  Thank you in advance.

  Everything is clear, I have Certificate Enrollment Web Services installed and configured,
  problem is what i get from certutil - TCAInfo
  ================================================================
  CA Name: COMPANY-HATADCS002-ISSUING-CA
  Machine Name: COMPANYClustGenSvc
  DS Location: CN=COMPANY-HATADCS002-ISSUING-CA,CN=Enrollment Services,CN=Public Key Services,CN=Services,CN=Configuration,DC=COMPANY,DC=COM
  Cert DN: CN=COMPANY-HATADCS002-ISSUING-CA, DC=COMPANY, DC=COM
  CA Registry Validity Period: 2 Years -- 2016-03-04 12:20
   NotAfter: 2019-02-14 12:44
  Connecting to COMPANYClustGenSvc\COMPANY-HATADCS002-ISSUING-CA ...
  Server "COMPANY-HATADCS002-ISSUING-CA" ICertRequest2 interface is alive (1078ms)
    Enterprise Subordinate CA
  dwFlags = CA_VERIFY_FLAGS_NT_AUTH (0x10)
  dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000)
  dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000)
  ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT (0x40000000)
  HCCE_LOCAL_MACHINE
  CERT_CHAIN_POLICY_NT_AUTH
  -------- CERT_CHAIN_CONTEXT --------
  ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
  ChainContext.dwRevocationFreshnessTime: 18 Days, 4 Minutes, 1 Seconds
  SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
  SimpleChain.dwRevocationFreshnessTime: 18 Days, 4 Minutes, 1 Seconds
  CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=0
    Issuer: CN=HATADCS001-COMPANY-ROOT-CA
    NotBefore: 2014-02-14 12:34
    NotAfter: 2019-02-14 12:44
    Subject: CN=COMPANY-HATADCS002-ISSUING-CA, DC=COMPANY, DC=COM
    Serial: 618f3506000000000002
    Template: SubCA
    9e1bea4ffa648e5fe3e9f8c4be3c604c49af04e9
    Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
    Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
      CRL 02:
      Issuer: CN=HATADCS001-COMPANY-ROOT-CA
      ThisUpdate: 2014-02-14 12:16
      NextUpdate: 2024-02-15 00:36
      d7bafb666702565cae940a389eaffef9c919f07a
    Issuance[0] = 1.2.3.4.1455.67.89.5 
  CertContext[0][1]: dwInfoStatus=10c dwErrorStatus=0
    Issuer: CN=HATADCS001-COMPANY-ROOT-CA
    NotBefore: 2014-02-14 11:55
    NotAfter: 2024-02-14 12:05
    Subject: CN=HATADCS001-COMPANY-ROOT-CA
    Serial: 18517ac8a4695aa74ec0c61b475426a8
    b19b85e0e145da17fc673dfe251b0e2a3aeb05e9
    Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4)
    Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8)
    Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
    Issuance[0] = 1.2.3.4.1455.67.89.5 
  Exclude leaf cert:
    5b309c67a8b47c50966088a4d701c8526072c9ac
  Full chain:
    413b91896ba541d252fc9801437dcfbb21d37d91
    Issuer: CN=HATADCS001-COMPANY-ROOT-CA
    NotBefore: 2014-02-14 12:34
    NotAfter: 2019-02-14 12:44
    Subject: CN=COMPANY-HATADCS002-ISSUING-CA, DC=COMPANY, DC=COM
    Serial: 618f3506000000000002
    Template: SubCA
    9e1bea4ffa648e5fe3e9f8c4be3c604c49af04e9
  A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478 CERT_E_UNTRUSTEDCA)
  Supported Certificate Templates:
  Cert Type[0]: COMPANYOnlineResponder (COMPANY Online Responder) -- No Access!
  Cert Type[1]: COMPANYWebServer(SSL) (COMPANY WebServer (SSL))
  Cert Type[2]: COMPANYUser(Autoenrollment) (COMPANY User (Autoenrollment))
  Cert Type[3]: COMPANYKeyRecoveryAgents (COMPANY Key Recovery Agents)
  Cert Type[4]: COMPANYEnrollmentAgent(Computer) (COMPANY Enrollment Agent (Computer))
  Cert Type[5]: COMPANYEnrollmentAgent (COMPANY Enrollment Agent)
  Cert Type[6]: COMPANYComputer(Autoenrollment) (COMPANY Computer (Autoenrollment)) -- No Access!
  Validated Cert Types: 7
  ================================================================
  COMPANYClustGenSvc\COMPANY-HATADCS002-ISSUING-CA:
    Enterprise Subordinate CA
    A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478 CERT_E_UNTRUSTEDCA)
    Online
  CertUtil: -TCAInfo command completed successfully.
  please put some light on it because it's driving me crazy :/
  Thanks in advance
  one remark: certutil -tcainfo performed on CA directly is 100% OK, no errors regarding 
  "A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478 CERT_E_UNTRUSTEDCA)"

• AnyConnect error " User not authorized for AnyConnect Client access, contact your administrator"

  Hi everyone,
  it's probably just me but I have tried real hard to get a simple AnyConnect setup working in a lab environment on my ASA 5505 at home, without luck. When I connect with the AnyConnect client I get the error message "User not authorized for AnyConnect Client access, contact your administrator". I have searched for this error and tried some of the few solutions out there, but to no avail. I also updated the ASA from 8.4.4(1) to 9.1(1) and ASDM from 6.4(9) to 7.1(1) but still the same problem. The setup of the ASA is straight forward, directly connected to the Internet with a 10.0.1.0 / 24 subnet on the inside and an address pool of 10.0.2.0 / 24 to assign to the VPN clients. Please note that due to ISP restrictions, I'm using port 44455 instead of 443. I had AnyConnect working with the SSL portal, but IKEv2 IPsec is giving me a headache. I have stripped down certificate authentication which I had running before just to eliminate this as a potential cause of the issue. When running debugging, I do not get any error messages - the handshake completes successfully and the local authentication works fine as well.
  Please find the current config and debugging output below. I appreciate any pointers as to what might be wrong here.
  : Saved
  ASA Version 9.1(1)
  hostname ASA
  domain-name ingo.local
  enable password ... encrypted
  xlate per-session deny tcp any4 any4
  xlate per-session deny tcp any4 any6
  xlate per-session deny tcp any6 any4
  xlate per-session deny tcp any6 any6
  xlate per-session deny udp any4 any4 eq domain
  xlate per-session deny udp any4 any6 eq domain
  xlate per-session deny udp any6 any4 eq domain
  xlate per-session deny udp any6 any6 eq domain
  passwd ... encrypted
  names
  name 10.0.1.0 LAN-10-0-1-x
  dns-guard
  ip local pool VPNPool 10.0.2.1-10.0.2.10 mask 255.255.255.0
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  interface Ethernet0/2
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  interface Vlan1
  nameif Internal
  security-level 100
  ip address 10.0.1.254 255.255.255.0
  interface Vlan2
  nameif External
  security-level 0
  ip address dhcp setroute
  regex BlockFacebook "facebook.com"
  banner login This is a monitored system. Unauthorized access is prohibited.
  boot system disk0:/asa911-k8.bin
  ftp mode passive
  clock timezone PST -8
  clock summer-time PDT recurring
  dns domain-lookup Internal
  dns domain-lookup External
  dns server-group DefaultDNS
  name-server 10.0.1.11
  name-server 75.153.176.1
  name-server 75.153.176.9
  domain-name ingo.local
  object network obj_any
  subnet 0.0.0.0 0.0.0.0
  object network LAN-10-0-1-x
  subnet 10.0.1.0 255.255.255.0
  object network Company-IP1
  host xxx.xxx.xxx.xxx
  object network Company-IP2
  host xxx.xxx.xxx.xxx
  object network HYPER-V-DUAL-IP
  range 10.0.1.1 10.0.1.2
  object network LAN-10-0-1-X
  access-list 100 extended permit tcp any4 object HYPER-V-DUAL-IP eq 3389 inactive
  access-list 100 extended permit tcp object Company-IP1 object HYPER-V-DUAL-IP eq 3389
  access-list 100 extended permit tcp object Company-IP2 object HYPER-V-DUAL-IP eq 3389 
  tcp-map Normalizer
    check-retransmission
    checksum-verification
  no pager
  logging enable
  logging timestamp
  logging list Threats message 106023
  logging list Threats message 106100
  logging list Threats message 106015
  logging list Threats message 106021
  logging list Threats message 401004
  logging buffered errors
  logging trap Threats
  logging asdm debugging
  logging device-id hostname
  logging host Internal 10.0.1.11 format emblem
  logging ftp-bufferwrap
  logging ftp-server 10.0.1.11 / asa *****
  logging permit-hostdown
  mtu Internal 1500
  mtu External 1500
  ip verify reverse-path interface Internal
  ip verify reverse-path interface External
  icmp unreachable rate-limit 1 burst-size 1
  icmp deny any echo External
  asdm image disk0:/asdm-711.bin
  no asdm history enable
  arp timeout 14400
  no arp permit-nonconnected
  object network obj_any
  nat (Internal,External) dynamic interface
  object network LAN-10-0-1-x
  nat (Internal,External) dynamic interface
  object network HYPER-V-DUAL-IP
  nat (Internal,External) static interface service tcp 3389 3389
  access-group 100 in interface External
  timeout xlate 3:00:00
  timeout pat-xlate 0:00:30
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  aaa-server radius protocol radius
  aaa-server radius (Internal) host 10.0.1.11
  key *****
  radius-common-pw *****
  user-identity default-domain LOCAL
  aaa authentication ssh console radius LOCAL
  http server enable
  http LAN-10-0-1-x 255.255.255.0 Internal
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec ikev2 ipsec-proposal DES
  protocol esp encryption des
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal 3DES
  protocol esp encryption 3des
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES
  protocol esp encryption aes
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES192
  protocol esp encryption aes-192
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES256
  protocol esp encryption aes-256
  protocol esp integrity sha-1 md5
  crypto ipsec security-association pmtu-aging infinite
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
  crypto map External_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map External_map interface External
  crypto ca trustpoint srv01_trustpoint
  enrollment terminal
  crl configure
  crypto ca trustpoint asa_cert_trustpoint
  keypair asa_cert_trustpoint
  crl configure
  crypto ca trustpoint LOCAL-CA-SERVER
  keypair LOCAL-CA-SERVER
  crl configure
  crypto ca trustpool policy
  crypto ca server
  cdp-url http://.../+CSCOCA+/asa_ca.crl:44435
  issuer-name CN=...
  database path disk0:/LOCAL_CA_SERVER/
  smtp from-address ...
  publish-crl External 44436
  crypto ca certificate chain srv01_trustpoint
  certificate <output omitted>
    quit
  crypto ca certificate chain asa_cert_trustpoint
  certificate <output omitted>
    quit
  crypto ca certificate chain LOCAL-CA-SERVER
  certificate <output omitted>
    quit
  crypto ikev2 policy 1
  encryption aes-256
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 10
  encryption aes-192
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 20
  encryption aes
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 30
  encryption 3des
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 40
  encryption des
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 enable External client-services port 44455
  crypto ikev2 remote-access trustpoint asa_cert_trustpoint
  telnet timeout 5
  ssh LAN-10-0-1-x 255.255.255.0 Internal
  ssh xxx.xxx.xxx.xxx 255.255.255.255 External
  ssh xxx.xxx.xxx.xxx 255.255.255.255 External
  ssh timeout 5
  ssh version 2
  console timeout 0
  no vpn-addr-assign aaa
  no ipv6-vpn-addr-assign aaa
  no ipv6-vpn-addr-assign local
  dhcpd dns 75.153.176.9 75.153.176.1
  dhcpd domain ingo.local
  dhcpd option 3 ip 10.0.1.254
  dhcpd address 10.0.1.50-10.0.1.81 Internal
  dhcpd enable Internal
  threat-detection basic-threat
  threat-detection scanning-threat shun except ip-address LAN-10-0-1-x 255.255.255.0
  threat-detection statistics access-list
  threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
  dynamic-filter use-database
  dynamic-filter enable interface Internal
  dynamic-filter enable interface External
  dynamic-filter drop blacklist interface Internal
  dynamic-filter drop blacklist interface External
  ntp server 128.233.3.101 source External
  ntp server 128.233.3.100 source External prefer
  ntp server 204.152.184.72 source External
  ntp server 192.6.38.127 source External
  ssl encryption aes256-sha1 aes128-sha1 3des-sha1
  ssl trust-point asa_cert_trustpoint External
  webvpn
  port 44433
  enable External
  dtls port 44433
  anyconnect image disk0:/anyconnect-win-3.1.02026-k9.pkg 1
  anyconnect profiles profile1 disk0:/profile1.xml
  anyconnect enable
  smart-tunnel list SmartTunnelList1 mstsc mstsc.exe platform windows
  smart-tunnel list SmartTunnelList1 putty putty.exe platform windows
  group-policy DfltGrpPolicy attributes
  vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless
  webvpn
    anyconnect profiles value profile1 type user
  username write.ingo password ... encrypted
  username ingo password ... encrypted privilege 15
  username tom.tucker password ... encrypted
  class-map TCP
  match port tcp range 1 65535
  class-map type regex match-any BlockFacebook
  match regex BlockFacebook
  class-map type inspect http match-all BlockDomains
  match request header host regex class BlockFacebook
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 1500
    id-randomization
  policy-map TCP
  class TCP
    set connection conn-max 1000 embryonic-conn-max 1000 per-client-max 250 per-client-embryonic-max 250
    set connection timeout dcd
    set connection advanced-options Normalizer
    set connection decrement-ttl
  policy-map type inspect http HTTP
  parameters
    protocol-violation action drop-connection log
  class BlockDomains
  policy-map global_policy
  class inspection_default
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny 
    inspect sunrpc
    inspect xdmcp
    inspect sip 
    inspect netbios
    inspect tftp
    inspect ip-options
    inspect dns preset_dns_map dynamic-filter-snoop
    inspect http HTTP
  service-policy global_policy global
  service-policy TCP interface External
  smtp-server 199.185.220.249
  privilege cmd level 3 mode exec command perfmon
  privilege cmd level 3 mode exec command ping
  privilege cmd level 3 mode exec command who
  privilege cmd level 3 mode exec command logging
  privilege cmd level 3 mode exec command failover
  privilege cmd level 3 mode exec command vpn-sessiondb
  privilege cmd level 3 mode exec command packet-tracer
  privilege show level 5 mode exec command import
  privilege show level 5 mode exec command running-config
  privilege show level 3 mode exec command reload
  privilege show level 3 mode exec command mode
  privilege show level 3 mode exec command firewall
  privilege show level 3 mode exec command asp
  privilege show level 3 mode exec command cpu
  privilege show level 3 mode exec command interface
  privilege show level 3 mode exec command clock
  privilege show level 3 mode exec command dns-hosts
  privilege show level 3 mode exec command access-list
  privilege show level 3 mode exec command logging
  privilege show level 3 mode exec command vlan
  privilege show level 3 mode exec command ip
  privilege show level 3 mode exec command failover
  privilege show level 3 mode exec command asdm
  privilege show level 3 mode exec command arp
  privilege show level 3 mode exec command ipv6
  privilege show level 3 mode exec command route
  privilege show level 3 mode exec command ospf
  privilege show level 3 mode exec command aaa-server
  privilege show level 3 mode exec command aaa
  privilege show level 3 mode exec command eigrp
  privilege show level 3 mode exec command crypto
  privilege show level 3 mode exec command ssh
  privilege show level 3 mode exec command vpn-sessiondb
  privilege show level 3 mode exec command vpnclient
  privilege show level 3 mode exec command vpn
  privilege show level 3 mode exec command dhcpd
  privilege show level 3 mode exec command blocks
  privilege show level 3 mode exec command wccp
  privilege show level 3 mode exec command dynamic-filter
  privilege show level 3 mode exec command webvpn
  privilege show level 3 mode exec command service-policy
  privilege show level 3 mode exec command module
  privilege show level 3 mode exec command uauth
  privilege show level 3 mode exec command compression
  privilege show level 3 mode configure command interface
  privilege show level 3 mode configure command clock
  privilege show level 3 mode configure command access-list
  privilege show level 3 mode configure command logging
  privilege show level 3 mode configure command ip
  privilege show level 3 mode configure command failover
  privilege show level 5 mode configure command asdm
  privilege show level 3 mode configure command arp
  privilege show level 3 mode configure command route
  privilege show level 3 mode configure command aaa-server
  privilege show level 3 mode configure command aaa
  privilege show level 3 mode configure command crypto
  privilege show level 3 mode configure command ssh
  privilege show level 3 mode configure command dhcpd
  privilege show level 5 mode configure command privilege
  privilege clear level 3 mode exec command dns-hosts
  privilege clear level 3 mode exec command logging
  privilege clear level 3 mode exec command arp
  privilege clear level 3 mode exec command aaa-server
  privilege clear level 3 mode exec command crypto
  privilege clear level 3 mode exec command dynamic-filter
  privilege cmd level 3 mode configure command failover
  privilege clear level 3 mode configure command logging
  privilege clear level 3 mode configure command arp
  privilege clear level 3 mode configure command crypto
  privilege clear level 3 mode configure command aaa-server
  prompt hostname context
  no call-home reporting anonymous
  call-home
  profile CiscoTAC-1
    no active
    destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly
    subscribe-to-alert-group configuration periodic monthly
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:41a021a28f73c647a2f550ba932bed1a
  : end
  Many thanks,
  Ingo

  Hi Jose,
  here is what I got now:
  ASA(config)# sh run | begin tunnel-group
  tunnel-group DefaultWEBVPNGroup general-attributes
  address-pool VPNPool
  authorization-required
  and DAP debugging still the same:
  ASA(config)# DAP_TRACE: DAP_open: CDC45080
  DAP_TRACE: Username: tom.tucker, aaa.cisco.grouppolicy = DfltGrpPolicy
  DAP_TRACE: Username: tom.tucker, aaa.cisco.username = tom.tucker
  DAP_TRACE: Username: tom.tucker, aaa.cisco.username1 = tom.tucker
  DAP_TRACE: Username: tom.tucker, aaa.cisco.username2 =
  DAP_TRACE: Username: tom.tucker, aaa.cisco.tunnelgroup = DefaultWEBVPNGroup
  DAP_TRACE: Username: tom.tucker, DAP_add_SCEP: scep required = [FALSE]
  DAP_TRACE: Username: tom.tucker, DAP_add_AC:
  endpoint.anyconnect.clientversion="3.1.02026";
  endpoint.anyconnect.platform="win";
  DAP_TRACE: Username: tom.tucker, dap_aggregate_attr: rec_count = 1
  DAP_TRACE: Username: tom.tucker, Selected DAPs: DfltAccessPolicy
  DAP_TRACE: Username: tom.tucker, DAP_close: CDC45080
  Unfortunately, it still doesn't work. Hmmm.. maybe a wipe of the config and starting from scratch can help?
  Thanks,
  Ingo

• AED not appearing for utilization

  Hi all
  I am reposting the question having hopes of getting replies..
  A similar question asked in this forum has also been included.
  This particular case is for import trading scenario
  Purchase Order is made in MM and during MIGO excise invoice is captured.Addnl CVD value 4% will be taken as AED.The same can be displayed in transaction J1IG.
  Client has the requirement of displaying AED in J1IJ while capturing the excise invoice created during MIGO itself i.e, during goods inward as the same will be considered for RG23D reporting purposes.
  But AED (Addl CVD 4%) is not being displayed in J1IJ for depo sales.
  Also there is no field called as AED for capturing the same in J1IJ,but there are additional fields TAX1 and TAX2 in J1IJ.
  BED,ECS,SEcess is transferred from J1IG to J1IJ but not AED
  Awaiting all your useful feedbacks to display AED in J1IJ
  similar question posted in the forum on Jul 8..
  AED not appearing for utilization-Urgent  
  Posted: Jul 8, 2008 4:01 PM           
  Click to report abuse...      E-mail this message      E-mail this message             Click to reply to this thread      Reply
  Hi All,
  I am having input credit available for AED whereas the payable amount is not there for AED. So I want to utilise this AED amount against other payable amounts but this AED credit balance is not showing for utilization. When I have checked for other plant where AED payable is available then the AED input credit is also showing for utilization.
  I have checked the CIN settings: In excise registration details for the plant, the Liable to AED option is ticked and under Account determination settings--- RG23 AED account has been assigned to UTLZ ETT.
  Can anybody please suggest that what other settings needs to be done or is there any specific settings for cross utilization which I might have missed out on.
  Thanks & Regards,
  Antima
  any inputs guys...........
  Rgds
  Shashidhar

  Hi,
  If i am correct you are referring to ADC (Additional Customs duty) in case of imports. This duty value is similar to AED (In screens it will be in AED column only) but in customization you will be using subtransaction type "IP" to differentiate AED from ADC, you need to maintain G/L accounts for Excise transaction types and subtransaction type IP, so that the duty values are passed on to those G/L accounts.
  Cheers,
  Santosh