ACS configuration for NAC authentication

Hello,
I've been trying to configure my ACS server to allow user authentication via the cisco NAM, but it does not seem to work anytime i try to log in with my configured username/password on the ACS server.
I need someone to guide me through how to get this resolved.
Regards,

I am assuming you are having the NAM authenticate NAC Agent login requests against ACS.
This can be done via RADIUS or LDAP.
Check out the Cisco NAC Chalk Talks, particularly 'Configuring Authentication, Roles, and SSO'
Chalk Talk Series
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps8418/ps6128/prod_presentation0900aecd80549168.html

Similar Messages

  • The driver is not configured for integrated authentication

    my code is :
    String connectionUrl = "jdbc:sqlserver://169.254.35.45:1486;" +
    "databaseName=ipec;"+"integratedSecurity=true";
    Connection con = null;
    Statement stmt = null;
    try
    // Establish the connection to the principal server.
    Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
    System.out.println("driver loaded");
    con = DriverManager.getConnection(conne ctionUrl);
    System.out.println("Connected to the principal server.");
    but this throws an SQL exception that : Driver is not configured for integrated authentication.
    I've placed the sqljdbc_auth.dll in
    catalina_root/common/lib where the driver jar file is placed....
    but its still givin the same error............
    replies are welcomed.............
    thank you,
    shibhs

    shibhs wrote:
    but this throws an SQL exception that : Driver is not configured for integrated authentication.
    I've placed the sqljdbc_auth.dll in
    catalina_root/common/lib where the driver jar file is placed....
    but its still givin the same error...........I know this is an old message but I have just had the same problem and it seemed to mean that the driver couldn't find the auth dll. When I put in the windows\system32 directory, the integrated authentication worked fine.
    Rgrds
    Peter
    Edited by: P_Tootill on Jul 3, 2008 3:26 AM

  • Getting SPWeb.CurrentUser as null with Windows Authentication (AD), when configured for Claims Authentication

    Hi All,
    We recently migrated to SP 2013 from SP 2010. We are using most of the OOB features, with a few custom code. We have implemented a custom ASP.NET Membership Provider that authenticates against a web service. This was working fine on SP 2010.
    The entire code base was migrated to SP 2013 (with .net fw 4.5, etc) and any issues Compile / Runtime were fixed. However, we are stuck at one bug, which seems to be occuring only while trying to login with Windows Authentication. When a user tries to login
    with Forms Authentication, the error is never noticed.
    Scenrio: Login as Windows Authentiction.
    Result: The user is signed into the system and is authenticated against the AD. For random page loads - it throws access denied (even though he is a site collection admin). While attaching a debugger, we found that, at times the SPWeb.CurrentUser is null (weird).
    At the same time, the HttpContext.Current.Request.IsAuthenticated returns true. Which means the User is Authenticated, but not available in the SPWeb.CurrentUser object. 
    Attached are couple of ULS Logs that we found. The line which says IsAuthenticated=True, UserIdentityName=, ClaimsCount=0 is a little disturbing. Can you please let me know what is happening here? I am not able to access the root site (http://win2012d2:1234/)
    however, i am able to access (http://win2012d2:1234/SitePages/Home.aspx) just fine, without any issues.
    Please note, this error is only when the user is logged into sharepoint as a windows user. The forms user faces no such issues.
    ULS Logs:
    Name=Request (GET:http://win2012d2:1234/)
    Non-OAuth request. IsAuthenticated=True, UserIdentityName=, ClaimsCount=0
    Application error when access /, Error=Exception of type 'System.ArgumentException' was thrown.  Parameter name: encodedValue  
     at Microsoft.SharePoint.Administration.Claims.SPClaimEncodingManager.DecodeClaimFromFormsSuffix(String encodedValue)    
     at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(IClaimsIdentity claimsIdentity, String encodedIdentityClaimSuffix)    
     at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(String encodedIdentityClaimSuffix)    
     at Microsoft.SharePoint.Utilities.SPUtility.GetFullUserKeyFromLoginName(String loginName)    
     at Microsoft.SharePoint.ApplicationRuntime.SPHeaderManager.AddIsapiHeaders(HttpContext context, String encodedUrl, NameValueCollection headers)    
     at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.PreRequestExecuteAppHandler(Object oSender, EventArgs ea)    
     at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()    
     at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
    Getting Error Message for Exception System.ArgumentException: Exception of type 'System.ArgumentException' was thrown.  Parameter name: encodedValue    
     at Microsoft.SharePoint.Administration.Claims.SPClaimEncodingManager.DecodeClaimFromFormsSuffix(String encodedValue)    
     at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(IClaimsIdentity claimsIdentity, String encodedIdentityClaimSuffix)    
     at Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(String encodedIdentityClaimSuffix)    
     at Microsoft.SharePoint.Utilities.SPUtility.GetFullUserKeyFromLoginName(String loginName)    
     at Microsoft.SharePoint.ApplicationRuntime.SPHeaderManager.AddIsapiHeaders(HttpContext context, String encodedUrl, NameValueCollection headers)    
     at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.PreRequestExecuteAppHandler(Object oSender, EventArgs ea)    
     at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()    
     at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
    [Forced due to logging gap, Original Level: Verbose] Looking up {0} site {1} in the farm {2} 
    Unknown SPRequest error occurred. More information: 0x80070005
    SPRequest.GetPageListId: UserPrincipalName=, AppPrincipalName= ,bstrUrl=http://win2012d2:1234/
    System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)), StackTrace:   
     at Microsoft.SharePoint.SPContext.get_ListId()    
     at Microsoft.SharePoint.SPContext.get_List()    
     at Microsoft.SharePoint.WebControls.ScriptLink.InitJs_Register(Page page)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterForControl(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, Boolean injectNoDefer, Boolean controlRegistration, Boolean loadInlineLast,
    Boolean ignoreFileNotFound)    
     at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, String uiVersion, String ctag)    
     at Microsoft.SharePoint.WebControls.ScriptLink.Register(String uiVersion, Control ctrl, Page page, String name, Boolean localizable, Boolean defer)    
     at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer)    
     at Microsoft.SharePoint.WebControls.ScriptLink.GetOnDemandScriptKey(String strKey, String strFile, Boolean registerDependencies, Control ctrl, Page page)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Control ctrl, Page page, String strKey, String strFile, Boolean localizable)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Page page, String strFile, Boolean localizable)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterForControl(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, Boolean injectNoDefer, Boolean controlRegistration, Boolean loadInlineLast,
    Boolean ignoreFileNotFound)    
     at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, String uiVersion, String ctag)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Control ctrl, Page page, String strKey, String strFile, Boolean localizable)    
     at Microsoft.SharePoint.WebControls.ScriptLink.OnLoad(EventArgs e)    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)    
     at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)    
     at System.Web.UI.Page.ProcessRequest()    
     at System.Web.UI.Page.ProcessRequest(HttpContext context)    
     at System.Web.HttpServerUtility.ExecuteInternal(IHttpHandler handler, TextWriter writer, Boolean preserveForm, Boolean setPreviousPage, VirtualPath path, VirtualPath filePath, String physPath, Exception error, String queryStringOverride)    
     at System.Web.HttpServerUtility.Execute(String path, TextWriter writer, Boolean preserveForm)    
     at System.Web.HttpServerUtility.Transfer(String path)    
     at Microsoft.SharePoint.Utilities.SPUtility.TransferToErrorPage(String message, String linkText, String linkUrl)    
     at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.ErrorHandler(HttpApplication app, Boolean errorIsOnErrorPage)    
     at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.ErrorAppHandler(Object oSender, EventArgs ea)    
     at System.EventHandler.Invoke(Object sender, EventArgs e)    
     at System.Web.HttpApplication.RaiseOnError()    
     at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error)    
     at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb)    
     at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)    
     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)    
     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)    
     at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)    
     at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)    
     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)    
     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
    SPRequest.OpenWeb: UserPrincipalName=, AppPrincipalName= ,bstrUrl=http://win2012d2:1234/
    System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)), StackTrace:   
     at Microsoft.SharePoint.SPWeb.InitWeb()    
     at Microsoft.SharePoint.SPWeb.get_WebTemplateConfiguration()    
     at Microsoft.SharePoint.WebControls.ScriptLink.InitJs_Register(Page page)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterForControl(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, Boolean injectNoDefer, Boolean controlRegistration, Boolean loadInlineLast,
    Boolean ignoreFileNotFound)    
     at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, String uiVersion, String ctag)    
     at Microsoft.SharePoint.WebControls.ScriptLink.Register(String uiVersion, Control ctrl, Page page, String name, Boolean localizable, Boolean defer)    
     at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer)    
     at Microsoft.SharePoint.WebControls.ScriptLink.GetOnDemandScriptKey(String strKey, String strFile, Boolean registerDependencies, Control ctrl, Page page)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Control ctrl, Page page, String strKey, String strFile, Boolean localizable)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Page page, String strFile, Boolean localizable)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterForControl(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, Boolean injectNoDefer, Boolean controlRegistration, Boolean loadInlineLast,
    Boolean ignoreFileNotFound)    
     at Microsoft.SharePoint.WebControls.ScriptLink.Register(Control ctrl, Page page, String name, Boolean localizable, Boolean defer, Boolean loadAfterUI, String language, String uiVersion, String ctag)    
     at Microsoft.SharePoint.WebControls.ScriptLink.RegisterOnDemand(Control ctrl, Page page, String strKey, String strFile, Boolean localizable)    
     at Microsoft.SharePoint.WebControls.ScriptLink.OnLoad(EventArgs e)    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Control.LoadRecursive()    
     at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)    
     at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)    
     at System.Web.UI.Page.ProcessRequest()    
     at System.Web.UI.Page.ProcessRequest(HttpContext context)    
     at System.Web.HttpServerUtility.ExecuteInternal(IHttpHandler handler, TextWriter writer, Boolean preserveForm, Boolean setPreviousPage, VirtualPath path, VirtualPath filePath, String physPath, Exception error, String queryStringOverride)    
     at System.Web.HttpServerUtility.Execute(String path, TextWriter writer, Boolean preserveForm)    
     at System.Web.HttpServerUtility.Transfer(String path)    
     at Microsoft.SharePoint.Utilities.SPUtility.TransferToErrorPage(String message, String linkText, String linkUrl)    
     at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.ErrorHandler(HttpApplication app, Boolean errorIsOnErrorPage)    
     at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.ErrorAppHandler(Object oSender, EventArgs ea)    
     at System.EventHandler.Invoke(Object sender, EventArgs e)    
     at System.Web.HttpApplication.RaiseOnError()    
     at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error)    
     at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb)    
     at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)    
     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)    
     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)    
     at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)    
     at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)    
     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)    
     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)

    Hi Mohamed,
    According to your description, my understanding is that the error occurred when users login with Windows Authentication.
    From the error message, I recommend to check if the anonymous access is enabled for the web application.
    And please also make sure that the users all are available and have permission to access the site.
    Here is a similar thread for you to take a look:
    http://social.technet.microsoft.com/Forums/en-US/28623bdc-a2f0-4876-9be4-9a764f106366/getting-spwebcurrentuser-as-null-with-windows-authentication-ad-when-configured-for-claims?forum=sharepointdevelopment
    Best regards.
    Thanks
    Victoria Xia
    TechNet Community Support

  • Purchase order driver program and configuration for nace

    i have copied the medruck in script and i need to write the driver program for that and need to configure to nace can any one tell me how to do this.

    Hi Rocky,
    Below are steps to configure:
    1. Go to transaction NACE
    2. Select EF application, click on output types
    3. Select Output type NEU and double click on processing routines
    4. Here you can give ur driver program name and script name
    Hope it will solve the problem.
    Regards
    Krishnendu

  • ACS SE setup for windows authentication

    Dear All,
    I'm trying to install an ACS Solution Engine in My network for access control (AAA). I succeed in setting up authentication using the internal database and that works fine. Now My boss want users to be authenticated through an external database (windows AD). I tried achieving this but kept getting different errors.(like EAP-TLS or PEAP authentication failed during SSL handshake) or (Authen session timed out: Challenge not provided by client).
    Please I need someone who has done this setup successfully before to give Me a step by step procedure on how I can setup ACS SE for windows authentication using My domain windows authentication.
    Thanks

    Dear All,I'm
    trying to install an ACS Solution Engine in My network for access
    control (AAA). I succeed in setting up authentication using the
    internal database and that works fine. Now My boss want users to be
    authenticated through an external database (windows AD). I tried
    achieving this but kept getting different errors.(like EAP-TLS or PEAP
    authentication failed during SSL handshake) or (Authen session timed
    out: Challenge not provided by client).Please
    I need someone who has done this setup successfully before to give Me a
    step by step procedure on how I can setup ACS SE for windows
    authentication using My domain windows authentication.Thanks
    Hi,
    Check out the belwo link on your query,Hope that help !!
    https://supportforums.cisco.com/docs/DOC-5542
    If helpful do rate
    Ganesh.H

  • ACS Configuration

    Dear All,
    I'm trying to install an ACS Solution Engine in My network for access control (AAA). I succeed in setting up authentication using the internal database and that works. now My boss want users to be authenticated through an external database (windows AD). I tried achieving this but kept getting different errors.(like EAP-TLS or PEAP authentication failed during SSL handshake) or (Authen session timed out: Challenge not provided by client).
    please I need someone who has done this before to give Me a step by step procedure on how I can setup ACS SE for windows authentication.
    Thanks

    Hello mate,
    first you have to configure an external identity store pointing to your active directory
    then you need an access policy for your wireless service with
         an Identity Policy where you define the identity result as your Active Directory store
         an Network access Authorization Policy  where you define a rule with a compound condition, where you set the dictionary  ( AD-AD1) to match any      active directoy users.
    regards
    Alex

  • MAC Exception for Web Authentication

    Hello folks.  I currently have a guest network setup using guest tunneling and an anchor controller.  I have it configured for web authentication.   So basically, a client associates to the SSID, obtains an DHCP IP from the guest anchor controller, and then when the browser is launched the client is redirected to 1.1.1.1 and receives the splash page where they are required to click "OK" to proceed and begin surfing the internet.
    I am being told from a vendor that it's possible to use a mac-address exception method so specific clients (based on mac address) will not have to web authenticate.  So basically they bypass the splash screen and can immediately begin surfing the internet. 
    From what I can tell it's all or nothing per SSID.
    Has anyone ever heard of this and if so do you know how it is accomplished.
    Thanks
    Chuck

    I've seen people ask for something like this for like an XBOX in a dorm (appearently XBOX doesn't have a browser?).....
    Bottom line though is that on the WLC, all wireless clients on a WebAuth/WebPassthrough SSID must pass layer3 authentication. There is no way around this on this SSID.  You'd have to create a different SSID as Scott suggested, which I'd probably suggest doing some kind of PSK on it, so only a few priveledged devices can associate.... you could even through in mac-filtering if you really wanted to complicate it....
    Now, I understand that switches may have such a feature called mac-bypass, but it isn't on the WLC.

  • Problems Oracle 9iDB and ASO Configuration  for Cybersafe

    Oracle 9iDB installation on Solaris with ASO option
    Objective
    My objective is to configure Oracle 9iDB, Release 9.0.1 ASO on Solaris for external authentication using Cybersafe ActiveTRUST, which is a Kerberos, based authentication product.
    Question
    Getting ORA-12641: Authentication Service failed to initialize when trying to connect to Oracle 9iDB using sqlplus from a Oracle 9i Client machine, when ASO is configured for Cybersafe authentication on both Oracle 9iDB and Oracle 9i client
    Can anyone help me setup Oracle 9iDB and Oracle 9i client for ASO using Cybersafe Authentication?
    Environment
    1. I have a Solaris box as my Oracle 9iDB server
    2. I have an NT Server as my Authentication server and Oracle 9i Client.
    Installation Procedure
    I installed as per the steps given in the doc, Oracle Advanced Security Administrators Guide, Release 9.0.1
    Authentication Server / Oracle Client setup (NT Server)
    I installed on the NT Server the following
    1. CyberSafe ActiveTRUST 4.0 Security Server on the NT Server, which acts as an Authentication server.
    2. CyberSafe ActiveTRUST 4.0 Security Client
    3. Cybersafe Application Security Toolkit (GSS runtime libraries) as needed by Oracle ASO setup procedures.
    4. Oracle 9i Client, custom installations with ASO option.
    Oracle 9iDB Server Setup (Solaris Server)
    I installed on the Solaris Server the following
    1. CyberSafe ActiveTRUST 4.0 Security Client
    2. Cybersafe Application Security Toolkit (GSS runtime libraries)
    3. Oracle 9iDB server, custom installation, with ASO option selected.
    Installation of all the above components is successful.
    Note: Installation of Oracle 9iDB server with ASO option never prompted me to choose a Authentication mechanism like Cybersafe, or Kerberos or Radius etc..,
    Note: Oracle 8.1.7 DB installation on NT actually prompted for Authentication mechanism selection.
    ASO Configuration:
    I configured ASO on the Oracle server and client side as mentioned in chapter 5 of Oracle Advanced Security Administrators Guide, Release 9.0.1
    I created an external user in Oracle, [email protected] as mentioned in http://download-uk.oracle.com/otndoc/oracle9i/901_doc/network.901/a90150/1004747
    I configured the NT server, Oracle 9i client for ASO using Net8 Assistant and I have the sqlnet.ora file.
    ASO Problems:
    Once I have configured both Oracle 9i client and 9iDB server for ASO, I am not able to log in to the database using sqlplus /@cybr.
    It returns with an error ORA-12641, saying Authentication Services Failed to Initialize.
    I could not get much help from questions posted on metalink on ORA-12641.
    It looks like Solaris 9iDB could not recognize cybersafe even though, Cybersafe is listed as one of the installed adapters, when I ran # $ORACLE_HOME/bin/adapters. From this, it looks like Cybersafe adapter is linked to ASO.
    Oracle Server is not able to initialize authentication services and call the authentication server at all.
    Can anyone help me setup Oracle 9iDB and Oracle 9i client for ASO using Cybersafe Authentication?

    The problem has been resolved after providing cn=orcladmin instead of orcladmin for the OID user admin user. Now the overall sso solution is working fine with ADF applications.
    Regards,
    S R Prasad

  • Initial configuration of ACS 5.1 for EAP authentication for Wireless clients

    Hi,
    I have set-up with below devices :
    Wireless LAN controller 5508
    LAP 3302i
    and ACS 5.1
    since i am new in ACS 5.1 configuration , I need so information to go ahead to configure ACS 5.1.
    which EAP method to use for wireless client authentication ? what is the best practice ?
    I have gone through some cisco documents and it shows that best practice is to configure PEAP but for the same , I need to install certificate in ACS server as well in client PC. is that so ?
    I have no clear picture for this certificate ?
    from where i can get this certificate or do i need to purchase this certificate separately from cisco. how to install it in ACS server ?
    I will be obliged to get atleast initial configuration for ACS 5.1 to enable the EAP method,
    I need GUI based initial configuration for ACS 5.1
    This mentioned ACS 5.1 is installed on ACS 1121 hardware appliance.

    Hi,
    which EAP method to use for wireless client authentication ? what is the best practice ?
    -> I would advise the most widely spread EAP method, which has the best ratio security/easy to deploy: PEAP with MSCHAPv2, which is available by default by all windows machines.
    I  have gone through some cisco documents and it shows that best practice  is to configure PEAP but for the same , I need to install certificate in  ACS server as well in client PC. is that so ?
    -> You will always need to install a server certificate, however, there is no need for client certificate because the authentication is based on the MSCHAP credentials exchange, not certificate based. The only requirement on the client regarding certificates is the following.
    If you want to validate the server certificate, you have to install the server certificate under the trusted CAs of the clients.
    If you do not require to trust the server certificate, you can simply disable the option of server certificate validation.
    I have no clear picture for this certificate ?
    from  where i can get this certificate or do i need to purchase this  certificate separately from cisco. how to install it in ACS server ?
    -> The server certificate can be a simple self signed certificate that you generate and install on the ACS GUI.
    Please feel free to follow this step-by-step guide on
    PEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server:
    http://www.cisco.com/en/US/partner/products/ps10315/products_configuration_example09186a0080b4cdb9.shtml or in pdf
    http://www.cisco.com/image/gif/paws/112175/acs51-peap-deployment-00.pdf.
    HTH,
    Tiago
    If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

  • What are steps configure Certificate based authentication for Wireless clients with ACS 5.3?

    I need to autheticate my clients connecting via wireless.
    clients have user certificate installed on them, i need help configuring the ACS to do the authentication.
    can some one please help me with the steps.
    Thanks

    Two primary steps
    - define the trust certificates needed to verify the clients user certificates
    Users and Identity Stores > Certificate Authorities
    - change result of identity policy to select a certificate authorization profile. If have the defautl config
    Access Policies > Access Services > Default Network Access > Identity
    by default can select the "CN Username" as a result

  • Cisco ACS for Unix authentication

    My company is looking for a single sign on for all the windows and unix servers mainly for admins. I was wondering if Cisco ACS will work for this.
    Basically the authentication will be all for the servers and routers ofcourse. I am thinking if I specifies windows AD in ACS config,  Can I get the unix boxes to get authenticated against Radius?
    Any help will be appreciated.
    Manny

    Hi,
    Authentication of unix servers  via ACS over radius protocol can be achiveable,check out the below link client end configuration needs to be done for radius authentication
    Hope that helps out your query !!
    http://www.ibm.com/developerworks/library/l-radius/
    Regards
    Ganesh.H

  • ACS for Device authentication

    Hello
    I am looking to deploy a NAC device in our office and currently have an ACS server that handles wireless authentication.
    I would like to know if the ACS is capable of authenticating users on a LAN with both 802.1x and device detection (such as MAC address and ID)?
    If I can do the latter how do you set that up on an ACS?
    Thanks in advance
    Paul

    So my answer is correct ...
    ACS is an authentication server. It can authenticate devices.
    NAC Profiler, that is now replaced with ISE Profiling Engine, analyzes real-time the behavior of devices to identify them. ACS will use that as a device database.
    If using ISE, you only need ISE, it profiles and authenticates as well (it combines ACS+Profiler+other services).
    What you seem to be uncomfortable with is the way the Profiling works, I would suggest you to read Profiler or ISE documentation to know more about it.
    It identifies a device through his behavior. Then it authorizes the mac address. You are forced to trust on a mac address basis because the system is made for non-802.1x devices so you can't "talk" to the device or assign it any ID or whatever.
    However, it's not a static list of mac address. The mac address is allowed only if it's online and it corresponds to an allowed type of device.
    It can for example differentiate a phone, from an XBOX, from a laptop by looking at the fields of the DHCP request of the device, etc ... it can also do polling on the switch to check for CDP information etc ...

  • Sharepoint 2013 : Server was unable to process request. --- Site is not configured for Claims Forms Authentication.

    In our java web application trying  establish the connection for sharePoint 2013
    using  Windows claims authentication (NTLM ), I am getting error message "Server was unable to process request. ---> Site is not configured for Claims Forms Authentication". But In the Sharepoint 2013 our Site is is configured for Windows
    claims only.
    In the Sharepoint 2013 server in the IIS manager settings for authentication it is  enabled for both Windows claims and Forms authentication,
    but if I disable Forms authentication that I will be able to connect it through my application but with the direct access i.e., by running the URL in the browser I am not able to connect getting error message "sorry this site has not been shared with
    you" in the browser  Kindly help me on this.

    Hi,
    This issue is always caused that you had missed FBA configuration in web config of your web application.
    You can configure the FBA authentication then check whether it works.
    http://technet.microsoft.com/en-us/library/ee806890(v=office.15).aspx
    http://chrisbarba.com/2013/07/16/sharepoint-2013-forms-based-authentication-fba/
    more reference:
    http://stackoverflow.com/questions/5686378/sharepoint-2010-claim-base-authentication-error
    http://social.msdn.microsoft.com/Forums/sharepoint/en-US/2d82dcd4-0e57-4de5-81bc-60ffc3cb9a9f/sharepoint-2010-claim-authentication-and-authenticationasmx?forum=sharepointgeneralprevious
    Thanks & Regards,
    Jason
    Jason Guo
    TechNet Community Support

  • NACE Configuration for Purchase order output "Title Text"

    Hello Gurus,
    I have a small question, Is it possible to make dynamic Document title when sending purchase order email to vendor.
    I have checked configuration in NACE where for each output type where you can maintain "Mail title and Texts". For example if your output type is Email then you can maintain document title text as "Purchase order Email".
    Our requirement is to put purchase order name in document title i.e. when vendor receive email in their inbox it says purchase order number.
    Please advise.
    Thank you
    Ritesh

    Thanks Jurgen. This note helped us.
    Best Regards
    Ritesh

  • Site is not configured for Claims Forms Authentication

    Hi All
    I have one custom login page for my Sharepoint 2013 site where i am trying to use
    SPClaimsUtility.AuthenticateFormsUser(uri, strUserName, strPwd);
    But i am getting this exception ---> Site is not configured for Claims Forms Authentication
    I checked ULS long and there it is --> Not in claims forms auth for url 'https://domain/sitecollection/'.
    Web.config enteries are 
    <authentication mode="Forms">
          <forms loginUrl="/_layouts/TarsForwardLogin.aspx" />
        </authentication>
    <membership defaultProvider="i">
          <providers>
            <add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider, Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
            <add name="membership" type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" connectionUsername="cn=sharepointadmin,ou=GSP,ou=Applications,o=TOYOTA"
    connectionPassword="spad1n2" server="10.100.5.119" port="389" useSSL="false" userDNAttribute="entryDN" userNameAttribute="cn" userContainer="o=toyota" userObjectClass="Inetorgperson"
    userFilter="(ObjectClass=Inetorgperson)" scope="Subtree" otherRequiredUserAttributes="sn,givenname,cn,fullname,language,mail" enablePasswordReset="false" enablePasswordRetrieval="false" passwordFormat="Clear"
    requiresQuestionAndAnswer="false" requiresUniqueEmail="false" />
          </providers>
        </membership>
        <roleManager defaultProvider="c" enabled="true" cacheRolesInCookie="false">
          <providers>
            <add name="c" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthRoleProvider, Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
     <add name="rolemanager" connectionUsername="cn=sharepointadmin,ou=GSP,ou=Applications,o=TOYOTA" connectionPassword="spad1n2" type="Microsoft.Office.Server.Security.LDAPRoleProvider, Microsoft.Office.Server, Version=15.0.0.0,
    Culture=neutral, PublicKeyToken=71E9BCE111E9429C" server="10.100.5.119" port="389" useSSL="false" groupContainer="ou=groups,ou=GSP,ou=Applications,o=toyota" groupNameAttribute="cn" groupMemberAttribute="member"
    userContainer="o=toyota" userNameAttribute="cn" userDNAttribute="entryDN" dnAttribute="entryDN" groupFilter="(ObjectClass=groupOfNames)" userFilter="(ObjectClass=Inetorgperson)" scope="Subtree"
    />     
    </providers>
        </roleManager>
    Can
    someone please help/Guide
    Manoj Gangwar | Sharepoint MCPD | Sharepoint MCTS |

    Hi All
    I tried like this and it worked...
    SPIisSettings iisSettings = SPContext.Current.Site.WebApplication.IisSettings[SPUrlZone.Internet];
    SPFormsAuthenticationProvider formsClaimsAuthenticationProvider = iisSettings.FormsClaimsAuthenticationProvider;
    SecurityToken token = SPSecurityContext.SecurityTokenForFormsAuthentication(new Uri(SPContext.Current.Web.Url),
    formsClaimsAuthenticationProvider.MembershipProvider, formsClaimsAuthenticationProvider.RoleProvider, strUserName, "", SPFormsAuthenticationOption.PersistentSignInRequest);
    if (null != token)
    base.EstablishSessionWithToken(token, SPSessionTokenWriteType.WriteSessionCookie);
    base.RedirectToSuccessUrl();
    Manoj Gangwar | Sharepoint MCPD | Sharepoint MCTS |

Maybe you are looking for