ACS 4.2 appliance external database configuration with AD

Similar Messages

• Standby Database Configuration with LGWR and ASYNC

  Hi,
  I am running a standby database configuration on a 100MBit LAN
  with the following set-up:
  log_archive_dest_2='service=standby mandatory reopen=300 lgwr
  async=2000'
  The system is handling a lot of very small transactions, not
  involving large amounts of data.
  My questions are:
  - What are the potential problems in using a small ASYNC buffer
  like the one above?
  - Does a larger ASYNC buffer influence the latency in copying
  changes from the production database to the standby database -
  will it buffer more changes before sending them to the standby
  database?

  Murlib,
  I have few more doubt-
  Our requirement is to configure a Standby( Physical-MAXIMUM PERFORMANCE
  mode) in a place, which is 600 KM away from our primary destination.
  Currently our LAN network traffic rate is 100 Mbps. but this traffic is
  virtually reduced to 1Mbps out side our LAN.
  Our Production Database is 24X7 and Its generating 17 GB Archive files every
  day.
  Since the net work traffic is slow i think, it will create some log gaps,and
  also we couldn't do a point in time recovery.
  We are configuring a Standby, here inside our LAN in Managed Recovery Mode
  for recovery purpose and will keep a Standby there in remote place for
  Reports.
  and it will be recover it in every morning.If iam following this procedure,
  my
  log_archive_dest_2 ='service=stby ARCH NOAFFIRM' ( which is the standby here
  inside our LAN and should be in MANAGED RECOVERY mode)
  and i need to configure the parameters for standby in my remote location.So
  my doubt is-
  Shall i need to configure "log_archive_dest_n" in the parameterlist of my
  Primary for that remote Standby ?
  I think for manual recovery we can aviod that.But we need to eonnect it
  thrrough Oracle Net
  Can you please tell me the essential PRIMARY parameter list entries for this
  kind of remote standby , recovering in a manual mode ?
  i think the following parameter should be there -
  FAL_SERVER
  FAL_CLIENT
  DB_FILE_NAME_CONVERT
  LOG_FILE_NAME_CONVERT
  STANDBY_FILE_MANAGEMENT=AUTO
  STANDBY_ARCHIVE_DEST
  Thanks and Regards,
  Raj

• Way of External Database Integration with UCCX

  Hi
  I want to know what are the way of UCCX integration with External Database(Mobile Operator, Banking, Insurance).I only know about DBwrite and DBGet. is there any way out(http, https,SOAP)? They dont want to give me direct access to there Databases.
  Sultan Al Arif

  One way to do this would be to use the Get URL Document step to request an XML file from a web server.
  Upon receiving this request the web server would then retrieve the required data via SQL (fairly easy to do using ASP.NET and  IIS), format it in an XML page and return it to your script.
  The script would then use Get XML Document Data steps to parse the XML file for the required data.
  The organisations that operate the databases with which you want to integrate may have some concerns about the security of this though as the data will not be encrypted in transit.

• Multiple Database configurations with Hibernate and caching

  Hi,
  I am building an webservice app which has 2 different DBs( Oracle and DB2). Please let me know whats the best way of designing the hibernate layer to access both the DBs ; I have some cross reference tables in both of them.
  I am planning to create a logical model of the physical DB model ( combining both Oracle and DB2) and use property files or some configuration to map my logical to the actual physical table. What would be the best design for this? Do you recommend caching these conversion values?
  Please let me know the best practice / way to work on my above situation.
  fyi - I am neither a novice nor an expert in J2EE.

  I have the same experience. I can connect to the database of the inital setup but then I try to create a second DB connection with
  Create the connection
  java -jar apex.war setup --database edwdev1
  Sep 28, 2012 5:08:04 PM oracle.dbtools.common.config.file.ConfigurationFolder logConfigFolder
  INFO: Using configuration folder: /space/sw/oracle/products/apex/2.0.0/config/apex
  Enter the name of the database server [localhost]:ddb001-v.maximusbchealth.local
  Enter the database listen port [1521]:1521
  Enter 1 to specify the database service name, or 2 to specify the database SID [1]:1
  Enter the database service name:apex_edwdev1.maximusbc.ca
  Enter the database user name [APEX_PUBLIC_USER]:APEX_PUBLIC_USER
  Enter the database password for APEX_PUBLIC_USER:
  Confirm password:
  Enter 1 to enter passwords for the RESTful Services database users (APEX_LISTENER,APEX_REST_PUBLIC_USER), 2 to use the same password as used for APEX_PUBLIC_USER or, 3 to skip this step [1]:3
  Sep 28, 2012 5:10:12 PM oracle.dbtools.common.config.file.ConfigurationFiles update
  INFO: Updated configurations: apex_al, apex_rt, apex, edwdev1, edwdev1_al, edwdev1_rt
  Then I create a routing based on theRequest Path Prefix:
  java -jar apex.war map-url --type base-path /edwdev1 edwdev1
  Sep 28, 2012 5:12:32 PM oracle.dbtools.common.config.file.ConfigurationFolder logConfigFolder
  INFO: Using configuration folder: /space/sw/oracle/products/apex/2.0.0/config/apex
  oracle@vs-dapp041:/sw/oracle/products/apex/2.0.0$
  Everything seems fine but when I try to access the second db I get:
  http://vs-dapp041.maximusbchealth.local:7501/apex/edwdev1 => 404 not found
  I am going to be at Open World next week and see if I can talk so someone at the apex stand there.

• HFM database configuration with domain user

  I have ceated a DOMAIN user in MSSQL 2005 as hypadmpr.This user is give db owner and all credentials.When configuring the shared serice, under the data base creation window, i am putting the data base name\and instead of username of native user, i am putting the domain user hypadmpr and password:
  It throws an error:unnable to connect to database Shared.
  In stead if use it blank username and password/ or a SQL native user it works.
  I heard that when using window authentication we need to be leave it blank for user and password.
  wats the concept arround this...this can also be tested by a udl file:
  just create a udl file and instead of SQL authentication try windows authenticationit it wont ask for username and password but the test connection will be succesfull.
  how the domain user i am pulling in shared services get authentication is sql?
  so all those domain user need to be given provisioning in SQL also?
  its clear when not using windows auth. that one user with dbowner rights will be used when configuring HFM.Shared service will handle the restriction of the user.
  But, when windows auth. the user auth.in shared service and to get in to data base he need to be again pulled in sql and give proper rights to it..
  if its more than 100 users how its possible to do it sql?

  I don't know Jack about Windows admin. Can you see someone's C:\ when logged in on their PC as a domain user? Are you using AD (Active Directory) for authenticaion? Grasping at straws....

• Question on external HD configuration with TC

  I am currently using my TC as an external HD only due to the lack of space on my MacBook. I am going to buy a USB external HD and attach it to my TC. I have a couple of questions:
  1. Can I back up to the TC and then use the external drive as, well, an external drive, for extending my internal storage?
  2. Then, is it possible to back up both the files on my internal HD and the files on the external HD connected to the TC to the HD in the TC? (space permitting)

  Gappers wrote:
  1. Can I back up to the TC and then use the external drive as, well, an external drive, for extending my internal storage?
  For Time Machine use, NO, as TM does not span over more than one drive. You can use the second drive as an archive if attached to the USB port of Time Capsule or as network-attached storage device.
  2. Then, is it possible to back up both the files on my internal HD and the files on the external HD connected to the TC to the HD in the TC? (space permitting)
  You can do TM backups using TC as the destination, but the new external HDD needs to be attached directly to your MacBook. TM does not back up a NAS (i.e. the USB HDD attached to your TC).
  Another back up utility (not TM) may work with your desired setup (e.g. SuperDuper!).
  Good luck and welcome to Apple Discussions!

• ACS 4.2 Appliance integration with LDAP

  Hi,
  I would like to ask some question from the expert here.
  1. I'm building 802.1x infra for my customer.
  2. We are using ACS SE version 4.2
  3. We have successfully integrate the ACS with AD using Remote Agent.
  4. Using will authenticate using PEAP MS-CHAP v2.
  5. However, my customer dont want to use Remote Agent (RA) because the want the ACS talk to the external database directly.
  6. Their argument is, if they bought other Radius appliance for this project, the appliance should have the same function in order to authenticate the user.
  7. What are needed to complete this requirement?
  I saw in this table http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/Overvw.html#wp857274 the LDAP does not support PEAP MS-Chap v2.
  Can any expert give opinion on this issue?

  Despite various efforts a few years back, LDAP vendors could not be persuaded to implement an MSCHAP interface - which is technically possible.
  That said ACS also has its Windows External Authenticator that will do MSCHAP just fine to a Windows AD Server (via a different interface).
  The old LEAP protocol was mschap inside EAP. EAP-FAST can also do mschap too.
  The key is not use the LDAP authenticator in ACS. If you really must use it, you'll have to make sure you use EAP-GTC inside your PEAP/FAST tunnel

• ACS Server: External Authentication configuration error

  Hi ALL
  I have installed the ACS server and configure properly and it works fine.
  But whenever i restart the machine, following error message appears on the external database configuration wizard.
  External Authentication Configuration Error
  ACS has encountered a problem while attempting to process your request. This could be due to one of the following:
  An incorrect installation or configuration of the third-party DLLs required to support this External Database
  A corrupt ACS configuration
  So after i found this error, i just restart all the seven services and every things works fine.
  I always encountered the same error message after restarting the machine each time.
  Can any body recomend the solution or can help me to resolve the issue.
  Thanks

  Hi,
  Please try the following workaround.
  1. Go to Start > Programs > Administrative Tools > Services.
  2. Stop the following services in the following order.
  CSAuth
  CSDbSync
  CSLog
  CSMon
  CSRadius
  CSTacacs
  CSAdmin
  3. After stopping the following services, start them all again in the following order.
  CSAdmin
  CSAuth
  CSDbSync
  CSLog
  CSMon
  CSRadius
  CSTacacs
  Please let me know if this was able to help.
  If the above doesn't help, please reinstall the ACS as the dll files that are being used
  by the ACS have been corrupted, before uninstalling and reinstalling, do take a
  backup of ACS server database from System Configuration > ACS backup > Backup Now.
  Also make sure that the ACS is installed on the default drive.
  tnx
  somishra

• ACS appliance External Auth to NT 4.0

  Hi
  I am installing the ACS appliance to do external database authentication to NT 4.0 PDC. It appears with the appliance you have to install a remote agent to make this work. It is my understanding this agent must run on a win2k box. Does the agent have to be installed on the PDC or can it go on any windows server box?
  Is there a work around if you do not have a win2k server. This network is still NT4 with now win2k boxes
  Thanks

  The remote agent was not tested on NT4 and probably wouldn't even install properly. Even if it did work, you would be very limited in the support you'd get if you had strange problems because it is an unsupported configuration.
  It doesn't have to go on a PDC, but things just seem to work better if it is on a DC of some sort. At the very least it needs to be on a member server, but as I said, I'd recommend putting it on a BDC from experience.
  The release notes/install guide for it is here:
  http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacsapp/raig/index.htm

• ACS external database issue

  Hi
  I have the following issue, user exists on both the ACS and token server authenication is set to external database with no unknown user policy as the user is known to the ACS! this fails authenication error message is CS user unknown... Now if the unknown user policy is set to the external database the authenication works fine this is on 3.3. I have checked for bugs to no avail.
  Any assistance would be good...
  Thanks MJ

  Hi JG
  Many thanks for your response, it is configured this way due the documentation below:
  Known Users -Users explicitly added, either manually or automatically, into the CiscoSecureACS database.
  These are users added through User Setup in the HTML interface, by the RDBMS Synchronization feature, by the Database Replication feature, or by the CSUtil.exe utility. For more information about CSUtil.exe, see "CSUtil Database Utility".
  CiscoSecureACS attempts to authenticate a known user with the single database that the user is associated with. If the user database is the CiscoSecure user database and the user does not represent a Voice-over-IP (VoIP) user account, a password is required for the user. If the user database is an external user database or if the user represents a VoIP user account, CiscoSecureACS does not have to store a user password in the CiscoSecure user database.
  This is from the following link....
  http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs32/user/qu.htm
  Many thanks MJ

• How to interact with external database in CQ5

  Hi,
  I need to interact with external database like SQL or Oracle to store some/fetch some data in CQ5. Can someone pls provide some help regarding the same. I guess I need to do it through JDBC. Please guide me step by step how to do this.
  Thanks

  Hi,
  Bellow you find some references to the documentation related to CQ and DB configuration and developments:
  http://dev.day.com/docs/en/cq/current/developing/jdbc.html
  https://helpx.adobe.com/cq/kb/HowToConfigureSlingDatasource.html
  Regards,
  kasq

• ACS : external database config. (AD)

  Hello,
  I installed the last version of Cisco ACS 4.0 and I have a problem with the "Windows database configuration". I want to authenticate users on an active directory, but when I want to configure it I have an error message:
  "An error has occured while processing the Authen DLL
  Default Group Page because of an internal error ..."
  I tried to find why I have this error but until now I have nothing that can help me to solve this issue.
  Who can help me?
  Thanks in advance for any help.
  Rui

  The dll should be logging an error message into the csadmin service log
  CSAdmin/Logs/admn.log
  Sounds like something is broken - this will need TAC + escalated support I suspect.
  Darran

• Windows ACS 4.2.0 backup database on acs 1120 appliance 4.2.1.15

  Hi All ,
              I am running windows based acs 3.3 in my lan environment going to be replaced with acs 1120 appliance running acs 4.2.1.15 , ACS 3.3 database has been built upto  4.2.0.124 ,step by step by upgrade process
  1) acs 3.3.3.14---> 4.1.1.24
  2) acs 4.1.1.24 ----> 4.2.0.124 .
                now my database is with 4.2.0.124 dmp file , I cannot upgrade my database to 4.2.1.15 because 4.2.1.15 patch is not applicable & executable  on 90 days evalution package of 4.2.0.124 of windows platform .
             can i import my windows based 4.2.0.124 datbase directly to my acs appliance running 4.2.1.15.3 ??? , else its requires any step to be done to modify the windows based databse matching to appliance windows verison once .
                      I could see on appliance under restore settings the following options (restore from 4.2.0 backup file to acs 4.2.1),kindly suggest on this

  Hi Anisha\Devashree ..
                     Awsome !!!!!!!!!!!!!!!!!!!!! Thanx for your great support on this , I will try to restore database directly to my appliance running 4.2.1.15.3 and let you know if i find any diffuculties ....
                     My databse is about 15MB, if i found any diificutlies during restoring , i will downgrade my appliance to  base version of  4.2.0.124 then i will restore my 4.2.0.124 database by enabling restore option from 4.2.0.124 to 4.2.1. And i will apply the patch , Thank you .
  Devashree : There should not be any problem right ?? by enabling restoring option from 4.2.0.124 to 4.2.1 during system restore , if your appliance is running acs version 4.2.0.124 as a operating one

• OBIEE 11.1.1.7 external database authentication fails with hashed passwords.

  Hi .
  I use an external database ( Oracle database 11g  release 11.2.0.1.0) to authenticate user with OBIEE 11.1.1.7.
  I configured  SQL Authentication provider as my provider ,It works OK with :enabled  Plaintext Passwords Enabled option and password  is stored as plain text.
  But It fails when I disable this option and want to authenticate with hashed passwords.It gives Authenticate Denied error.
  In Provider Specific tab there are some parameters which might need changes:
  1-Password Algorithm:??
  2-Password Style:??
  3-SQL Get Users Password:SELECT U_PASSWORD FROM USERS WHERE U_NAME = ?
  How can I find correct values for options 1 and 2 form my external database?
  And Is it need to rewrite query in option 3 ?
  Please find attach files.

  Hi,
  I too faced same issue when I was installing OBIEE 11.1.1.7.0 on windows7 64bit.
  Please refer the below links.
  http://satyaobieesolutions.blogspot.in/2013/05/configuration-action-creating-domain.html
  http://satyaobieesolutions.blogspot.in/2013/05/obiee-111170-simplesoftware-installation.html
  http://satyaobieesolutions.blogspot.in/2012/06/obiee-11.html
  Hope this help's
  Thanks,
  Satya

• Is it posible? two ACS 4.2 Appliance with the same remote agent

  Hello,
  I have a ACS 4.2 Appliance integrate with Active Directory, CA and Remote Agent, i want to agregate another ACS 4.2 Appliance with the same configuration, the same Active Directory, CA. my question is: can i configure the another ACS with the same Remote Agent of the first? in other words ...
  i attach the diagram.
  Thank you

  I have a
  ACS 4.2 Appliance integrate with Active Directory, CA and Remote Agent,
  i want to agregate another ACS 4.2 Appliance with the same
  configuration, the same Active Directory, CA. my question is: can i
  configure the another ACS with the same Remote Agent of the first? in
  other words ...i attach the diagram.Thank you
  Hi,
  Maximum number of appliances supported—While a single Cisco Secure ACS Remote Agent can provide services to many Cisco Secure ACS Appliances, support is limited to five concurrent connections by the appliances served. For example, if you have three appliances that are primary Cisco Secure ACSes and three appliances that are secondary Cisco Secure ACSes used for failover purposes only, the remote agent can provide services to all six appliances and stay below the maximum of five concurrent connections.
  http://www.cisco.com/en/US/products/sw/secursw/ps5338/products_installation_and_configuration_guide_chapter09186a0080193aa1.html
  Hope to Help !!
  Ganesh.H
  Remember to rate the helpful post