ACS Server and Entlligence Security Provider 7.0

Hi Everybody?
Does ACS 3.3 support " Entrust Entlligence Security Provider 7.0 for Windows " as strong authentication server?
What about 4.0 ?
Thanx in advance.
Jarle

Hi
Is this an external NAC vendor? There is no specific support Im aware of for this product, but there are now many 3rd party NAC addons - too many to uptodate.
Darran

Similar Messages

  • A Flash Video Server and Flash Security

    We are using Flix and Squeeze to create new Flash 8 SWF
    movies from our AVI files. Short 1 - 2 minute tutorials.
    We would like to be able to save them on our server and allow
    different websites to add a custom Flash Player to their site and
    watch these videos from their pages. The player gets an XML
    playlist of up to 50 videos and we would like to be able to play
    one or more of the movies on the webpage of our partner.
    However, this seems to cause (2) security violations in the
    Flash 8 environment. We need to add a crossdomain.xml file on our
    server to allow other sites to access our swf files, and
    apparantly, we also need to use actionscript
    System.security.allowDomain() to allow the parent SWF player to
    control the video in the player (stop, start, pause, etc.).
    Does anyone know more about this situation? How can we add
    the allowDomain() to an SWF created by Flix or Squeeze, or is there
    another way to communicate the allowDomain(). Can we pass anything
    in the XML itself, does it have to be in the SWF.
    In Flash 8, every SWF must communicate the allowDomain(). In
    earlier versions of Flash, only one SWF needed to open the sandbox
    for any other SWFs from that domain.
    Did we misunderstand the requirement? Our Flash developer
    can't figure out a way to make this happen, but I am sure others
    have been able to make it work. Otherwise, how can any of the Flash
    hosting companies allow these movies to be downloaded off of their
    sites.
    Any advice would be appreciated...

    Hello Thanks for reply,
               Its many to many chat and every one can speak and listen. There may be 10-12 users in a room  at a time and also the number room can be several.
    So what type of server I should take. Some delay is acceptable.

  • Oracle Identity Server Authenticator as Security Provider for Weblogic 10.3

    Hi,
    I am getting the following exception on weblogic server 10.1.3 console when accessing users and groups in security realm. This can be reproduced using the following steps.
    1. I have installed Oracle Identity Management 10.1.4 (Oracle SSO). I have installed Oracle SSO using the default port options. I tested accessing the Internet directory using orcladmin user and it is working with out any problems.
    2. Installed Oracle weblogic Server 10.1.3 and then installed ADF runtime. I verified the installation by accessing the admin server console and did not find any issues.
    3. Opened the Admin Console and then accessed the Security Realms and then selected myrealm. Then selected Providers and added Oracle Internet directory Authentication provider.
    4. configured the provider specific parameters like the host name and port number (389).
    Now when I select user and groups tab I am getting the following exception on weblogic adminserver command prompt console.
    Am I missing any steps in configuring Oracle Internet directory authenitcaiton provider for weblogic 10.3.1
    <Oct 13, 2009 8:33:21 PM EDT> <Error> <Console> <BEA-240003> <Console encountere
    d the following error weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090294]could not get connection
    at weblogic.security.providers.authentication.LDAPAtnDelegate.getConnection(LDAPAtnDelegate.java:3224)
    at weblogic.security.providers.authentication.LDAPAtnDelegate.listUsers(LDAPAtnDelegate.java:2248)
    at weblogic.security.providers.authentication.LDAPAuthenticatorImpl.listUsers(LDAPAuthenticatorImpl.java:178)
    at weblogic.security.providers.authentication.OracleInternetDirectoryAuthenticatorMBeanImpl.listUsers(OracleInternetDirectoryAuthenticatorMBeanImpl.java:221)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at weblogic.management.jmx.modelmbean.WLSModelMBean.invoke(WLSModelMBean.java:437)
    at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:836)
    at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:761)
    at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
    at java.security.AccessController.doPrivileged(Native Method)
    at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
    at weblogic.management.mbeanservers.internal.JMXContextInterceptor.invoke(JMXContextInterceptor.java:268)
    at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
    at java.security.AccessController.doPrivileged(Native Method)
    at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
    at weblogic.management.mbeanservers.internal.SecurityInterceptor.invoke(SecurityInterceptor.java:443)
    at weblogic.management.jmx.mbeanserver.WLSMBeanServer.invoke(WLSMBeanServer.java:314)
    at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11$1.run(JMXConnectorSubjectForwarder.java:663)
    at java.security.AccessController.doPrivileged(Native Method)
    at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11.run(JMXConnectorSubjectForwarder.java:661)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
    at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.invoke(JMXConnectorSubjectForwarder.java:654)
    at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1426)
    at javax.management.remote.rmi.RMIConnectionImpl.access$200(RMIConnectionImpl.java:72)
    at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1264)
    at java.security.AccessController.doPrivileged(Native Method)
    at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1366)
    at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:788)
    at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)
    at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:174)
    at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:222)
    at javax.management.remote.rmi.RMIConnectionImpl_1031_WLStub.invoke(Unknown Source)
    at javax.management.remote.rmi.RMIConnector$RemoteMBeanServerConnection.invoke(RMIConnector.java:978)
    at weblogic.management.jmx.MBeanServerInvocationHandler.doInvoke(MBeanServerInvocationHandler.java:544)
    at weblogic.management.jmx.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:380)
    at $Proxy106.listUsers(Unknown Source)
    at com.bea.console.utils.security.UserUtils.getUsers(UserUtils.java:78)
    at com.bea.console.actions.security.users.UserTableAction.getCollection(UserTableAction.java:100)
    at com.bea.console.actions.security.ManagementBaseTableAction.execute(ManagementBaseTableAction.java:83)
    at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
    at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.access$201(PageFlowRequestProcessor.java:97)
    at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor$ActionRunner.execute(PageFlowRequestProcessor.java:2044)
    at org.apache.beehive.netui.pageflow.interceptor.action.internal.ActionInterceptors.wrapAction(ActionInterceptors.java:91)
    at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processActionPerform(PageFlowRequestProcessor.java:2116)
    at com.bea.console.internal.ConsolePageFlowRequestProcessor.processActionPerform(ConsolePageFlowRequestProcessor.java:262)
    at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
    at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processInternal(PageFlowRequestProcessor.java:556)
    at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.process(PageFlowRequestProcessor.java:853)
    at org.apache.beehive.netui.pageflow.AutoRegisterActionServlet.process(AutoRegisterActionServlet.java:631)
    at org.apache.beehive.netui.pageflow.PageFlowActionServlet.process(PageFlowActionServlet.java:158)
    at com.bea.console.internal.ConsoleActionServlet.process(ConsoleActionServlet.java:256)
    at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414)
    at com.bea.console.internal.ConsoleActionServlet.doGet(ConsoleActionServlet.java:133)
    at org.apache.beehive.netui.pageflow.PageFlowUtils.strutsLookup(PageFlowUtils.java:1199)
    at com.bea.portlet.adapter.scopedcontent.ScopedContentCommonSupport.executeAction(ScopedContentCommonSupport.java:686)
    at com.bea.portlet.adapter.scopedcontent.ScopedContentCommonSupport.renderInternal(ScopedContentCommonSupport.java:266)
    at com.bea.portlet.adapter.scopedcontent.StrutsStubImpl.render(StrutsStubImpl.java:107)
    at com.bea.netuix.servlets.controls.content.NetuiContent.preRender(NetuiContent.java:292)
    at com.bea.netuix.nf.ControlLifecycle$6.visit(ControlLifecycle.java:428)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:727)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walk(ControlTreeWalker.java:146)
         at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:395)
    at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:361)
    at com.bea.netuix.nf.Lifecycle.runOutbound(Lifecycle.java:208)
    at com.bea.netuix.nf.Lifecycle.run(Lifecycle.java:162)
    at com.bea.netuix.servlets.manager.UIServlet.runLifecycle(UIServlet.java:388)
    at com.bea.netuix.servlets.manager.UIServlet.doPost(UIServlet.java:258)
    at com.bea.netuix.servlets.manager.UIServlet.doGet(UIServlet.java:211)
    at com.bea.netuix.servlets.manager.UIServlet.service(UIServlet.java:196)
    at com.bea.netuix.servlets.manager.SingleFileServlet.service(SingleFileServlet.java:251)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    at com.bea.console.utils.MBeanUtilsInitSingleFileServlet.service(MBeanUtilsInitSingleFileServlet.java:47)
    at weblogic.servlet.AsyncInitServlet.service(AsyncInitServlet.java:130)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3588)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2200)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2106)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1428)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    Caused by: java.lang.reflect.InvocationTargetException
    at weblogic.security.providers.authentication.LDAPAtnDelegate$LDAPFactory.newInstance(LDAPAtnDelegate.java:3890)
    at weblogic.security.utils.Pool.newInstance(Pool.java:37)
         at weblogic.security.utils.Pool.getInstance(Pool.java:33)
    at weblogic.security.providers.authentication.LDAPAtnDelegate.getConnection(LDAPAtnDelegate.java:3219)
    ... 119 more
    Caused by: netscape.ldap.LDAPException: error result (49)
    at netscape.ldap.LDAPConnection.checkMsg(LDAPConnection.java:4871)
    at netscape.ldap.LDAPConnection.simpleBind(LDAPConnection.java:1766)
    at netscape.ldap.LDAPConnection.authenticate(LDAPConnection.java:1264)
    at netscape.ldap.LDAPConnection.authenticate(LDAPConnection.java:1273)
    at netscape.ldap.LDAPConnection.bind(LDAPConnection.java:1562)
    at weblogic.security.providers.authentication.LDAPAtnDelegate$LDAPFactory.newInstance(LDAPAtnDelegate.java:3860)
    ... 122 more
    Thanks and Regards,
    S R Prasad

    The problem has been resolved after providing OID admin user creadential with cn=orcladmin instead of orcladmin. The Security:090294 is related to OID credentials.
    Regards,
    S R Prasad

  • ACS Server and Downloading Certificate for LDAP External DB

    Hello,
    We have a Cisco ACS appliance version 3.3 (I know, it is older).
    We have a cert7.db file located on an FTP server ready for the ACS appliance to download so it will use secure ldap.
    No matter how we enter the information to download the certificate, it returns the error: The server name or address could not be resolved.
    We are trying to use the IP address (so name resolution should not be an issue), but just cannot get the darned thing to work. We can FTP from any other machine to the server using a dos prompt - credentials should not be an issue and neither should the starting directory - which is /.
    Anyone know what I might be missing?
    Joel

    Did you ever figure this one out ? I may have the same type issue.
    thanks
    [email protected]

  • ANM server and Linux (Security) Updates, which must I deny?

    Hello!
    Tha ANM installs some special RPMs into server. Can I update the OS with RedHat update or yum and accept all updates?
    Kai

    Kai-
      For the OVA based ANM, you have no kernal access.  For the RedHat based install, as long as the update does not mess up the sql database, or restrict any of the calls ANM uses, it wouldn't hurt it.
    Regards,
    Chris Higgins

  • Two ACS Server failover

    hi all,
    we have a asa firewall,and we want to authentication login user by ACS server ,
    in order to eliminate single failure,we build two ACS server and make one as backup,we also use two protocol tacacs+ and RADIUS.
    I just want to know how long will take,if the active ACS server failed and the login is authenticated by standby ACS.
    I have no idea about any "keyword" to search,so please kindly help me,or could you provide a Doc , I will learn it by myself.
    think you very much.

    Generally in failover scenarios we create AAA server group on ASA. The security appliance contacts the first server in the group. If that server is unavailable, the security appliance contacts the next server in the group, if configured. If all servers in the group are unavailable, the security appliance tries the local database if you configured it as a fallback method (management authentication and authorization only). If you do not have a fallback method, the security appliance continues to try the AAA servers.
    To create a server group and add AAA servers to it, follow these steps:
    Step 1 For each AAA server group you need to create, follow these steps:
    a.] Identify the server group name and the protocol. To do so, enter the following command:
    hostname(config)# aaa-server server_group protocol radius
    For example, to use RADIUS to authenticate network access and TACACS+ to authenticate CLI access, you need to create at least two server groups, one for RADIUS servers and one for TACACS+ servers.
    You can have up to 15 single-mode server groups or 4 multi-mode server groups. Each server group can have up to 16 servers in single mode or up to 4 servers in multi-mode.
    When you enter a aaa-server protocol command, you enter group mode.
    b.] If you want to specify the maximum number of requests sent to a AAA server in the group before trying the next server, enter the following command:
    hostname(config-aaa-server-group)# max-failed-attempts number
    The number can be between 1 and 5. The default is 3.
    Also, the default timed out for a server is 5 seconds so if the first server in the group is not responding the ASA will take 5 seconds * 3 attempts = 15 seconds before it tries second server in the group.
    If all the servers in the group fail to respond, then the group is considered to be unresponsive, and the fallback method is tried that could be LOCAL database as well. The server group remains marked as unresponsive for a period of 10 minutes (by default) so that additional AAA requests within that period do not attempt to contact the server group, and the fallback method is used immediately. To change the unresponsive period from the default, see the reactivation-mode command in the following step.
    If you do not have a fallback method, the security appliance continues to retry the servers in the group.
    c.]  If you want to specify the method (reactivation policy) by which failed servers in a group are reactivated, enter the following command:
    hostname(config-aaa-server-group)# # reactivation-mode {depletion [deadtime minutes] | timed}
    Where the depletion keyword reactivates failed servers only after all of the servers in the group are inactive.
    The deadtime minutes argument specifies the amount of time in minutes, between 0 and 1440, that elapses between the disabling of the last server in the group and the subsequent re-enabling of all servers. The default is 10 minutes.
    The timed keyword reactivates failed servers after 30 seconds of down time.
    Hope this helps.
    Regards,
    Jatin
    Do rate helpful posts-

  • Security Provided Config

    Greetings
    I have an oc4j container server 10.1.3. I have an app that uses a custom login module. Whenever I deploy my app the server resets the security provider back to File Based Security, I then have to go in to the server admin, and change to custom login module, and put my auth module in as required. After this my app works and the login works correctly with the custom module. My question is, is there something I can do in jdeveloper or somewhere that will tell the server to use my module for this app? or do I have to go in every time and manually update it?
    thanks
    troy

    Troy,
    Bascially you need to package whatever xml file you are using (your jazn config files) inside the ear file. This way OC4J will not create a new file every time you deploy, since these files will be present in the ear by default.
    Hope this helps.
    Deepak

  • 3rd party LDAP security provider problem

    I'm having an issue that when I've deployed my j2ee application to Oracle AS 10g rel3 app server, the security-constraint I've configured in my web.xml file isn't being obeyed, or at least it doesn't appear to be.
    As part of the deployment process I've configured a 3rd party LDAP server as the security provider. As for mapping groups to roles, I've set it such that all users and groups should be mapped to the role AuthorisedUser - my intention is that for any protected url's defined in the web.xml, the user should be redirected to a login page as defined in the web.xml file as well (I'm using FORM based authentication in the login-config) - but after they are logged in they will be assigned the role of AuthorisedUser.
    The following is being written to the orion-application.xml file
    <security-role-mapping name="AuthorisedUser" impliesAll="true" />
    What I'm observing is that users aren't being challenged when they hit a secured url-pattern. Is this as a result of the impliesAll="true" attribute ?

    I found that the <security-role-mapping> element is not functioning correctly for 10.1.3.4 OC4J LDAP authentication. I saw in the log.xml that I was getting authenticated but it wasn't finding the role-group map.
    I changed the role-name in the web.xml to be the exact same thing as the group in LDAP and that fixed that problem.
    I know the original poster has gone past this problem, but for people in the future, I hope this helps.
    Now my problem is the j_security_check... once I'm authenticated, the browser ends up at http://hostname:port/OrderManagement/j_security_check instead of the application page. Any ideas?
    Thanks,
    David

  • Weblogic.security.provider.PrincipalValidatorImpl deprecated

    http://edocs.bea.com/wls/docs103/javadocs/weblogic/security/provider/PrincipalValidatorImpl.html says the class is deprecated though the documentation(http://edocs.bea.com/wls/docs103/dvspisec/atn.html#wp1089150) suggests its use.
    Anyone have any knowledge of the replacement api usage (com.bea.common.security.provider.PrincipalValidatorImpl) which does not seem to have a default constructor..

    Same Problem here. It seems com.bea.common.security.provider.PrincipalValidatorImpl has no API Reference. and weblogic.security.provider.PrincipalValidatorImpl which is obviously for the WLS 8 release is deprecated.
    Where to find an API Reference or some other documentation to com.bea.common.security.provider.PrincipalValidatorImpl ?

  • Not able to install or generate acs server certificate

    Hi,
    I have one test set-up with one layer 3 switch and one autonomous AP 1131. I have configured one SSID and without any authentication and it was not able to connect successfully.
    But now i want to try enable WPA2 enterprise ( Actually , after checking with the test set up , i am going to implement in live set-up where i have to configure WPA2 enterprise so that i would like to go for testing wpa2 enterprise not wpa2 personal ).
    I have ACS server 3.0 trial version and installed on windows server 2000 and
    on AP 1131 i have configured radius server commands
    ( aaa- new model  and radius server host ... ip address ... key ..... shared secret ... password .. ).
    I am confused with certificate which is required to install on acs server but i am not able to generate the certificate or not able to get the certificate from anywhere in acs server option.
    how to generate acs server certificate in trial version 3.0 and after generating how to install in acs server and what about client ... will it be same certificate which i need to install in cllient PC's and if yes how to add in client pc's and if not , where will i get cllient certificate ,..
    if i buy ACS software which i will be installed windows platform , i will get two certificate ,,,,,,,,, what about acs trial version software .... will i be able to get certificate .......
    i am trying to refer so many documents but it could not help me ..
    Your help will be appreciative.
    Looking for proper information.

    Hi,
    Thanks for your response ....
    obivously , This ACS 3.0 is end of supprt but when i tried to install the acs 4.0 or later , I am not getting an error saying " basic platform should be installed first , that is ACS 3.0 ".
    That is the reason i have gone for this edition .
    Should i go for upgrading the acs 3.0 to 4.1 or later version ?
    if so , will it be possible on trail version ?
    please give me your suggestion.

  • Change network address of acs server

    Put in a new backup ACS server and the senior guy put in temp host address. Now
    need to change the temp host address to its permanent address but need a little clarification. Do you just change it in the Windows srvr 2003 tcp/ip stack or do you need to change it also inside the CSACS app?? Can't find it in the manuals easily.

    Yes you'll need to change ACS config. Just locate the AAA Server entry for the server (in Network Config) and set the ip address to the new value.
    Or you can always just enter the server name instead in case the address changes again.
    tip: in network config you can enter DNS names instead of ip addresses for devices & aaa servers.

  • ACS Server: External Authentication configuration error

    Hi ALL
    I have installed the ACS server and configure properly and it works fine.
    But whenever i restart the machine, following error message appears on the external database configuration wizard.
    External Authentication Configuration Error
    ACS has encountered a problem while attempting to process your request. This could be due to one of the following:
    An incorrect installation or configuration of the third-party DLLs required to support this External Database
    A corrupt ACS configuration
    So after i found this error, i just restart all the seven services and every things works fine.
    I always encountered the same error message after restarting the machine each time.
    Can any body recomend the solution or can help me to resolve the issue.
    Thanks

    Hi,
    Please try the following workaround.
    1. Go to Start > Programs > Administrative Tools > Services.
    2. Stop the following services in the following order.
    CSAuth
    CSDbSync
    CSLog
    CSMon
    CSRadius
    CSTacacs
    CSAdmin
    3. After stopping the following services, start them all again in the following order.
    CSAdmin
    CSAuth
    CSDbSync
    CSLog
    CSMon
    CSRadius
    CSTacacs
    Please let me know if this was able to help.
    If the above doesn't help, please reinstall the ACS as the dll files that are being used
    by the ACS have been corrupted, before uninstalling and reinstalling, do take a
    backup of ACS server database from System Configuration > ACS backup > Backup Now.
    Also make sure that the ACS is installed on the default drive.
    tnx
    somishra

  • Ip not excluded in dhcp server with acs server in the network

    Someone could explain me that problem could have, if I have the following situation:
    A dhcp Server, ACS Server, and various switches 3750 interconnected. But a hosts in the network has assigned statically one of the directions that the dhcp Server can assign to the computers.
    Rank of IP to assign for dhcp Server: 172.23.8.1 – 172.23.8.100
    Ip static of the host of network: 172.23.8.17
    The ip 172.23.8.17 not this excluded in the dhcp Server.

    Hola,
    I am not totally clear on what you are asking: do you want to statically assign IP 172.23.8.17 to your server ? Can you clarify ?
    Saludos,
    GNT

  • Linked Server and Distributed Queries  in Oracle

    In MSSQL, Linked Server and Distributed Queries provide SQL Server with access data from remote data sources. How about in Oracle ?
    I have a table A at Server A and table B at Server B, i wanna join these two table together. How can i do this in Oracle ?

    Use a database link: http://www.stanford.edu/dept/itss/docs/oracle/10g/server.101/b10759/statements_5005.htm
    For instance, if you have created on database A a link to database B with name 'database_b'
    you can use
    select * from table@database_b

  • ACS server is not pingable

    Hi,
     I have configured SNS server 3415 for ACS server and assigned an ip address through the first setup command, after that i have assigned my laptop an ip from the same subnet of ACS, tried to access or ping it with no luck, i have disabled the internal FW and antivirus in my lapop.
    I have also turned on the ICMP echo and tried to browse through https and http as in the following with no luck
    Https:/192.168.1.1/acsadmin.

    ihave added  router ip & hostname as aaa clients,
    aaa configuration has been done on Device ,the router is pingable from Acs server, but its not authenticating ,
    local user is still active, what could be the issue.the following configuration is givenaaa new-model
    aaa group server tacacs+ NACS_Group1
    aaa authentication login default group NACS_Group1 local
    aaa authentication enable default none
    aaa authorization config-commands
    aaa authorization exec default group NACS_Group1 if-authenticated
    aaa authorization exec NACS_Group1 group tacacs+ local
    aaa authorization commands 1 default group tacacs+ if-authenticated
    aaa authorization commands 15 default group tacacs+ if-authenticated
    aaa accounting commands 1 defaultgroup start-stop group tacacs+
    aaa accounting commands 15 defaultgroup start-stop group tacacs+
    aaa session-id common
    ====
    tacacs-server host Primary IP timeout 5
    tacacs-server host SEcondary IP  timeout 5
    tacacs-server directed-request
    tacacs-server key 7 104D000A061843595F
    Hi,
    Are you getting any failed attempt messages on cisco ACS when ever you are trying to telnet or ssh on router and have you configured the following command on line vty also
    line vty 0 4
    login authentication groupname
    Hope to Help !!
    Ganesh.H
    Remember to rate the helpful post

Maybe you are looking for

  • "All-Day" Calendar Rules?

    I am using my iPhone 5s (iOS 7.1.1) with an Outlook Exchange Server.  When I go to the Calendar App and view the list of daily activities, I noticed some weird rules that the calendar uses which I can't figure out.  Here is what I mean: If an appoint

  • Multiple receivers for same message

    Hello Everyone, My requirement is where customer is sending an XML message and this gets converted into IDOC. This XML message has one node which if it has value as X and Y , then it should go to one ERP system. And if this tag is empty or other than

  • [CS3 JS] How to change a Substr of findTextpreferences?

    Hello wise ones, I have a situation where I'd like to reformat the position to Superscript of only a section (substr) from a 'findTextPreferences'! At the moment I have the following code to replace all Registered Trademarks within my document: >app.

  • Copy and Migrate query from BI 3.x to 7.0

    Hello Experts, We are going through the upgrade right now. We have BI 3.x server and we are upgrading it to BI 7.0. Now we have nearly 3200 queries, we want to copy those queries from BI 3.x to BI 7.0, and then we want to save it in BI 7.0. So we wil

  • Imovie - apple tv ?

    I have lots of imovie projects but when i convert them (to Mpeg4 ) so that they can go in itunes and therefore sync onto my apple tv - the resolution is bad. is there a better format ? i,m connecting my apple tv via an HDMI cable to an 37" HD screen