Agent logout

Is there possibility to change agent state from "Not ready" to "Logged-out" after his IP Phone being unregistered from Call Manager?
When agent was logged-in and, let's say,  his IP Phone unregister suddenly, agent still shows as "Logged-In:Not Ready" in Real Time Reporting.
Any ideas how to do that in UCCX 7.0 SR05?
Thx!

I don't believe this is possible. If we are talking about CAD then what you are seeing makes perfect sense to me as I think of CAD as the primary agent software and the phone is a peripheral device. If we are talking about IP Phone Agent (IPPA) then I could see how an unregistered phone should be logged off.
HTH.
Regards,
Bill

Similar Messages

  • Agent logout popup - supervisor alert

    Good morning,
    I would like to know if it is possible with UCCX 9.x to have the following:
    - When last agent from a CSQ logout, have a popup on his CAD with message that he is last available agent before he logout.
    - Once Last agent logout, play message if any caller still in the queue.
    - Send an alert via email to a certain email address (supervisor i.e.)
    Please give me any info/links explaining how to implement this. Thanks.
    B.R
    Ahmed

    Hi
    At the first go , it looks like a very difficult thing to achieve.  i am not sure if you can achieve this ,
    but here is some things you can try
    first of all , you have to put a " Get reporting statistics " step in all your scripts , which will check for how many agents are logged in to the Queue.
    then you have to use some " if \else " statement to pass some value to a variable ( you have to use an enterprise variable )
    like " if ( Agentloggedin ==1 )
             set lastagentloggedin ==1 )
    and then using enterprise variables from CDA , you can pass this value to CAD.
    and you can generate email from Script as well , depending upon  no of agent logged in and send that email to supervisors.
    now playing a message to agent , whether there is any caller in the queue , i am not sure how you can do that.
    i hope this helps you to start thing up.

  • Agent Logout Table empty in HDS

    Hi All,
    I've an IPCC Enterprise 6.0 SR12 setup with RGR, PG's and HDS with an AW client connected.
    Recently it was observed that Agent Logout report in Webview was showing no data of previous months (i.e - before December). When I checked in t_Agent_Logout Table in HDS, it was blank and had no data in it. However, it is checked and confirmed to have data in Logger database table.
    Pls suggest some ways to replicate/synchronize the same.
    Regards,
    Soman Nair. 

    Two things.  Check you have agent distribution sites and that you've enabled agent reporting.  http://www.cisco.com/en/US/products/sw/custcosw/ps1001/products_tech_note09186a0080243c84.shtml
    david

  • Handling agent logout event.

    I want to implement a feature in ICM script for our customer.
    Call sequence is as follows..
    1. Call arrives and call is queued to a Skill group.
    2. While call is in Queue all the agents in that skill group log-out.
    3. I want to overflow such calls to different skill group.
    Currently  I am trying to achieve this by checking the "skillgroup.loggedon " count in the Success path of the Queue to Skill group and sending to different Script.
    Whats the best way of handling this event ?. does  " consider if " check the condition even after the call is queued ?.
    Thanks in Advance,
    Raghu

    Hi,
    you can write a loop, like this:
    1. Queue to SG
    2. VRU Script to play announecment/music
    3. Check for the number of logged on agents in SG, if enough, go back to step 1. If not enough, continue to step 4.
    4. Dequeue from SG
    5. Go to an external script.
    G.

  • Login duration (total login) is incorrect in Agent Not Ready Detail

    Hi All,
    We have deployed the PCCE 10, and CUIC 10, and downloaded Cisco reporting template CCE_AF_Historical template.
    When we checked the report login duration show as some 0-2037:0-31:0-48 (not readable value is coming all agents).
    Since we are using cisco default template we didnt change anything on the sql query. i here with attached the sql query 
    what i have understood from this issue is , it is not valditating the Event valuein the following area
    AgentLogOutDetails(ALODSkillTargetID, ALODLoginDateTime, TotalLoginTime, ALODEvent) AS
    (Select aed.SkillTargetID,  
      aed.LoginDateTime, 
      TotalLoginTime = DATEDIFF(ss,LoginDateTime, DateTime),
      aed.Event
    From AgentNotReadyDetails aed 
    WHERE Event = 2),
    SELECT SkillTargetID = ANRDU.SkillTargetID, 
      LoginDateTime = ANRDU.LoginDateTime,
        TotalLoginTime = CASE WHEN ALOD.ALODEvent = 2 THEN ALOD.TotalLoginTime ELSE DATEDIFF(ss,LoginDateTime, (CASE WHEN DATEDIFF(ss, :end_date, (Select NowTime From Controller_Time)) > 0 THEN :end_date ELSE (Select NowTime From Controller_Time) END)) END,
      TotalNotReadyTime = AgentNotReadyTotal.NotReadyTime,
      ReasonCode = ANRDU.ReasonCode, 
      textReasonCode = ISNULL(Reason_Code.ReasonText, ' ')+'['+convert(varchar, ANRDU.ReasonCode)+']', 
      ReasonCodeDuration = ANRDU.ReasonCodeDuration, 
      FullName = Person.LastName+', '+Person.FirstName, 
      perNotReady = CASE WHEN ISNULL(AgentNotReadyTotal.NotReadyTime,0) = 0 THEN 0*1.0 ELSE ISNULL(ANRDU.ReasonCodeDuration,0)*1.0/ISNULL(AgentNotReadyTotal.NotReadyTime,0) END,
      perLogon = ANRDU.ReasonCodeDuration*1.0/(CASE WHEN ALOD.ALODEvent = 2 THEN ALOD.TotalLoginTime ELSE DATEDIFF(ss,LoginDateTime, (Select NowTime From Controller_Time)) END),
      StartDate = CONVERT(DATETIME, :start_date), 
      EndDate = CONVERT(DATETIME, :end_date) 
    FROM AgentNRDuration ANRDU 
    LEFT JOIN Reason_Code ON ANRDU.ReasonCode=Reason_Code.ReasonCode
         LEFT JOIN  AgentLogOutDetails ALOD ON (ANRDU.SkillTargetID = ALOD.ALODSkillTargetID
    AND ANRDU.LoginDateTime = ALOD.ALODLoginDateTime)
    LEFT JOIN AgentNotReadyTotal ON ANRDU.SkillTargetID = AgentNotReadyTotal.SkillTargetID,
    Person (nolock),
    Agent (nolock),
    Media_Routing_Domain
    WHERE Agent.PersonID = Person.PersonID 
      AND Agent.SkillTargetID = ANRDU.SkillTargetID
      AND Media_Routing_Domain.MRDomainID = ANRDU.MRDomainID 
    ORDER BY FullName, 
    Media_Routing_Domain.EnterpriseName, 
    LoginDateTime, 
    textReasonCode
    Does any come across this issue please guide us how to resolve it, since it is affecting the customer performance badly.
    with Regards,
    Manivannan

    It sounds like the query is giving you a negative time value of about -85 days. I see a few ways this could happen:
    The Agent logout events in AED (Event=2) are somehow getting DateTime values that are earlier than the login times
    NowTime in table Controller_Time is earlier than the agent login times. (this seems more likely)
    So, I suggest looking at the Agent_Event_Detail table on the AW/HDS to ensure that the DateTime values on Event=2 lines are later than the login times... and also check the NowTime in table Controller_Time to ensure it is correct.
    Here's the NowTime query:
    SELECT [NowTime]
          ,[TimeZone]
          ,[TimeZoneName]
    FROM [Controller_Time]
    And here's the appropriate query for AED (should return 0 results if DateTime/LoginDateTimes are correct):
    SELECT [DateTime]
          ,[SkillTargetID]
          ,[MRDomainID]
          ,[TimeZone]
          ,[LoginDateTime]
          ,[Event]
          ,[RecoveryKey]
          ,[Duration]
          ,[ReasonCode]
          ,[DbDateTime]
    FROM [Agent_Event_Detail]
    WHERE Event=2 AND DateTime<LoginDateTime
    -Jameson

  • Agent State Summary Report - Total login duration abnormal

    Hi everyone,
    We just upgrade our call center to UCCX 8.0(2). Everything seem to work fine except we found something strange in Historical Report "Agent State Summary". Agents are working in 8 hours shift but in the Total Logged-in Time in Agent State Summary report show up to 20 hours (Time spend in Not Ready state up to more than 10 hours). This is happened to some agents only.
    We have checked with the agents and they confirmed that they have loggout properly after working shift (when they finish, they logout of CAD and then logout of Extension Mobility).
    We have checked "Agent State Detail" report, and found strange behavior (for thoes agents that have abnormal Not Ready state and long duration of Total Logged-in Time) as - after that agent Logout, they have change to Not Ready state with reason code 32759 (The system issues this reason code if the agent's phone crashes and that agent is placed in the unavailable state).
    What caused this to happen? Agent shouldn't have any state after they logout.
    Any idea?
    Thanks.

    Aaron
    Just one more thing. for example SLA on the CSQ  is set to 10 secs
    Call is offered to the agent via Resource commend but the agent does not answer so  RONA (15sec) is invoked and the call is re-queue - Does this impact SLA?
    No agents are available so the call is queued with IVR- Does this impact SLA ?
    Basically I guess the   SLA  is impacted if the call is either ringing on an agents  phone after the 10 Sec SLA but answered or returned to queue if the RONA is say 15 secs - either way  the SLA is impacted is this correct?
    Sorry for the "obvious " question but customer stated that she was informed the SLA is only impacted on "ringing" time on the agents phone and not if the call is queuing, listen  to on hold while queuing 

  • Naming Services cannot work well!!!

    Hi,
    I have configured the AM2005Q4 and Policy agent with apache, apache http.conf file is like
    ProxyRequests Off
    <Proxy *>
    Order deny,allow
    Allow from all
    </Proxy>
    ProxyPass /hzycportal http://exchange.hzliqun.com:8013/hzycportal
    ProxyPassReverse /hzycportal http://exchange.hzliqun.com:8013/hzycportal
    When I type http://exchange.hzliqun.com:8080/hzycportal in IE, and type the user/password, but it cannot reach at the application system. The agent debug log is like
    2005-11-21 10:23:07.578 Debug 460:82f3d8 NamingService: HTTP Status = 200 (OK)
    2005-11-21 10:23:07.578 MaxDebug 460:82f3d8 NamingService: Http::Response::readAndParse(): Reading headers.
    2005-11-21 10:23:07.578 MaxDebug 460:82f3d8 NamingService: Server: Sun-Java-System-Web-Server/6.1
    2005-11-21 10:23:07.578 MaxDebug 460:82f3d8 NamingService: Date: Mon, 21 Nov 2005 02:22:18 GMT
    2005-11-21 10:23:07.578 MaxDebug 460:82f3d8 NamingService: Content-type: text/html
    2005-11-21 10:23:07.578 MaxDebug 460:82f3d8 NamingService: Connection: close
    2005-11-21 10:23:07.578 Debug 460:82f3d8 NamingService: Http::Response::readAndParse(): No content length in response.
    2005-11-21 10:23:07.578 MaxDebug 460:82f3d8 all: Connection::waitForReply(): returns with status success.
    2005-11-21 10:23:07.578 MaxDebug 460:82f3d8 NamingService: Http::Response::readAndParse(): Completed processing the response with status: success
    2005-11-21 10:23:07.578 MaxDebug 460:82f3d8 NamingService: <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
    <ResponseSet vers="1.0" svcid="com.iplanet.am.naming" reqid="2922">
    <Response><![CDATA[<NamingResponse vers="1.0" reqid="2916">
    <GetNamingProfile>
    <Exception>SessionID ---AQIC5wM2LY4SfcwdVekzKyVgAc5xMpqj1O8RFjf768vqC4w%3D%40AAJTSQACMDE%3D%23---is Invalid</Exception>
    </GetNamingProfile>
    </NamingResponse>]]></Response>
    </ResponseSet>
    2005-11-21 10:23:07.578 MaxDebug 460:82f3d8 NamingService: NamingService()::parseNamingResponse(): Buffer to be parsed: <NamingResponse vers="1.0" reqid="2916">
    <GetNamingProfile>
    <Exception>SessionID ---AQIC5wM2LY4SfcwdVekzKyVgAc5xMpqj1O8RFjf768vqC4w%3D%40AAJTSQACMDE%3D%23---is Invalid</Exception>
    </GetNamingProfile>
    </NamingResponse>
    2005-11-21 10:23:07.578 MaxDebug 460:82f3d8 NamingService: NamingService::parseNamingResponse(): Got Exception in XML.
    2005-11-21 10:23:07.578 Debug 460:82f3d8 NamingService: NamingService::parseNamingResponse() returning with status invalid session.
    2005-11-21 10:23:07.578 Debug 460:82f3d8 NamingService: NamingService()::getProfile() returning with error code invalid session.
    2005-11-21 10:23:07.578 Info 460:82f3d8 PolicyEngine: am_policy_evaluate: InternalException in Service::update_policy with error message:Naming query failed. and code:18
    2005-11-21 10:23:07.578 Warning 460:82f3d8 PolicyAgent: am_web_is_access_allowed()(http://exchange.hzliqun.com:8080/hzycportal, GET) denying access: status = invalid session
    2005-11-21 10:23:07.578 Debug 460:82f3d8 PolicyAgent: am_web_is_access_allowed(): Successfully logged to remote server for GET action by user unknown user to resource http://exchange.hzliqun.com:8080/hzycportal.
    2005-11-21 10:23:07.578 Info 460:82f3d8 PolicyAgent: am_web_is_access_allowed()(http://exchange.hzliqun.com:8080/hzycportal, GET) returning status: invalid session.
    2005-11-21 10:23:07.578 Info 460:82f3d8 PolicyAgent: process_request(): Access check for URL http://exchange.hzliqun.com:8080/hzycportal returned invalid session.
    2005-11-21 10:23:07.578 MaxDebug 460:82f3d8 PolicyAgent: am_web_get_url_to_redirect(): goto URL is http://exchange.hzliqun.com:8080/hzycportal
    2005-11-21 10:23:07.578 Debug 460:82f3d8 PolicyAgent: am_web_get_url_to_redirect: Before invoking find_active_login_server()
    2005-11-21 10:23:07.578 Debug 460:82f3d8 PolicyAgent: is_server_alive(): Connection timeout set to 2
    2005-11-21 10:23:07.578 Debug 460:82f3d8 PolicyAgent: am_web_get_url_to_redirect: After invoking find_active_login_server()
    2005-11-21 10:23:07.578 Debug 460:82f3d8 PolicyAgent: process_access_redirect(): get redirect url returned AM_SUCCESS, redirect url [http://sunam1.hzliqun.com:80/amserver/UI/Login?goto=http%3A%2F%2Fexchange.hzliqun.com%3A8080%2Fhzycportal].
    2005-11-21 10:23:07.578 Debug 460:82f3d8 PolicyAgent: process_access_redirect(): returning web result AM_WEB_RESULT_REDIRECT.
    2005-11-21 10:23:07.578 Debug 460:82f3d8 PolicyAgent: process_request(): returning web result AM_WEB_RESULT_REDIRECT, data [http://sunam1.hzliqun.com:80/amserver/UI/Login?goto=http%3A%2F%2Fexchange.hzliqun.com%3A8080%2Fhzycportal]
    2005-11-21 10:23:07.578 Debug 460:82f3d8 PolicyAgent: am_web_process_request(): Rendering web result AM_WEB_RESULT_REDIRECT
    2005-11-21 10:23:07.578 Debug 460:82f3d8 PolicyAgent: am_web_process_request(): render result function returned AM_SUCCESS.
    2005-11-21 10:23:07.593 MaxDebug 460:82f3d8 PolicyAgent: get_request_url(): Host: exchange.hzliqun.com:8080
    2005-11-21 10:23:07.593 MaxDebug 460:82f3d8 PolicyAgent: get_request_url(): Port is 8080.
    2005-11-21 10:23:07.593 Debug 460:82f3d8 PolicyAgent: get_request_url(): Returning request URL http://exchange.hzliqun.com:8080/hzycportal.
    2005-11-21 10:23:07.593 Warning 460:82f3d8 PolicyAgent: get_method_num(): Apache request method number did not match method string. Setting method number to match method string GET.
    2005-11-21 10:23:07.593 MaxDebug 460:82f3d8 PolicyAgent: am_web_is_notification(), http://exchange.hzliqun.com:8080/hzycportal is not notification url http://exchange.hzliqun.com:8080/amagent/UpdateAgentCacheServlet?shortcircuit=false.
    2005-11-21 10:23:07.593 Debug 460:82f3d8 PolicyAgent: find_cookie(): cookie found: header [JSESSIONID=D835480D9BBF3902D562A596CC05E953; iPlanetDirectoryPro=AQIC5wM2LY4SfcwdVekzKyVgAc5xMpqj1O8RFjf768vqC4w%253D%2540AAJTSQACMDE%253D%2523] name [iPlanetDirectoryPro=AQIC5wM2LY4SfcwdVekzKyVgAc5xMpqj1O8RFjf768vqC4w%253D%2540AAJTSQACMDE%253D%2523] val [AQIC5wM2LY4SfcwdVekzKyVgAc5xMpqj1O8RFjf768vqC4w%253D%2540AAJTSQACMDE%253D%2523] val_len [78] next_cookie [NULL]
    2005-11-21 10:23:07.593 MaxDebug 460:82f3d8 PolicyAgent: am_web_is_access_allowed(): processing url http://exchange.hzliqun.com:8080/hzycportal.
    2005-11-21 10:23:07.593 MaxDebug 460:82f3d8 PolicyAgent: FqdnHandler::isValidFqdnResource() Resource => http://exchange.hzliqun.com:8080/hzycportal, is valid => true
    2005-11-21 10:23:07.593 Debug 460:82f3d8 PolicyAgent: am_web_is_access_allowed(): client_ip 10.44.202.218 not found in client ip not enforced list
    2005-11-21 10:23:07.593 MaxDebug 460:82f3d8 AM_POLICY_SERVICE_NAME: am_policy_compare_urls(): compare usePatterns=true returned 3
    2005-11-21 10:23:07.593 Debug 460:82f3d8 PolicyAgent: in_not_enforced_list: enforcing access control for http://exchange.hzliqun.com:8080/hzycportal
    2005-11-21 10:23:07.593 Debug 460:82f3d8 PolicyAgent: set_host_ip_in_env_map: map_insert: client_ip=10.44.202.218
    2005-11-21 10:23:07.593 MaxDebug 460:82f3d8 ServiceEngine: Executing update_policy(AQIC5wM2LY4SfcwdVekzKyVgAc5xMpqj1O8RFjf768vqC4w%3D%40AAJTSQACMDE%3D%23, http://exchange.hzliqun.com:8080/hzycportal, GET, 2)
    2005-11-21 10:23:07.593 Debug 460:82f3d8 all: cookieList is not empty
    2005-11-21 10:23:07.593 Debug 460:82f3d8 all: Exit from buildCookieHeader
    2005-11-21 10:23:07.593 MaxDebug 460:82f3d8 NamingService: <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
    <RequestSet vers="1.0" svcid="com.iplanet.am.naming" reqid="2923">
    <Request><![CDATA[
    <NamingRequest vers="1.0" reqid="2917" sessid="AQIC5wM2LY4SfcwdVekzKyVgAc5xMpqj1O8RFjf768vqC4w%3D%40AAJTSQACMDE%3D%23">
    <GetNamingProfile>
    </GetNamingProfile>
    </NamingRequest>]]>
    </Request>
    </RequestSet>
    2005-11-21 10:23:07.593 MaxDebug 460:82f3d8 NamingService: BaseService::sendRequest Request line: POST /amserver/namingservice HTTP/1.0
    2005-11-21 10:23:07.593 Debug 460:82f3d8 NamingService: BaseService::sendRequest Cookie and Headers =Host: sunam1.hzliqun.com
    2005-11-21 10:23:07.593 Debug 460:82f3d8 NamingService: BaseService::sendRequest Content-Length =Content-Length: 346
    2005-11-21 10:23:07.593 Debug 460:82f3d8 NamingService: BaseService::sendRequest Header Suffix =Accept: text/xml
    Content-Type: text/xml; charset=UTF-8
    2005-11-21 10:23:07.593 MaxDebug 460:82f3d8 NamingService: BaseService::sendRequest(): Total chunks: 7.
    2005-11-21 10:23:07.593 MaxDebug 460:82f3d8 NamingService: BaseService::sendRequest(): Sent 7 chunks.
    And it will recycle these processes. From the logs, it seems that cannot get correct namingservices. But the agent configuration is correct, and likes these
    # $Id: AMAgent.properties,v 1.86.2.6 2005/10/25 18:14:11 dknab Exp $
    # Copyright ?2002 Sun Microsystems, Inc. All rights reserved.
    # U.S. Government Rights - Commercial software. Government users are
    # subject to the Sun Microsystems, Inc. standard license agreement and
    # applicable provisions of the FAR and its supplements. Use is subject to
    # license terms. Sun, Sun Microsystems, the Sun logo and Sun ONE are
    # trademarks or registered trademarks of Sun Microsystems, Inc. in the
    # U.S. and other countries.
    # Copyright ?2002 Sun Microsystems, Inc. Tous droits r�serv�s.
    # Droits du gouvernement am�ricain, utlisateurs gouvernmentaux - logiciel
    # commercial. Les utilisateurs gouvernmentaux sont soumis au contrat de
    # licence standard de Sun Microsystems, Inc., ainsi qu aux dispositions en
    # vigueur de la FAR [ (Federal Acquisition Regulations) et des suppl�ments
    # ?celles-ci.
    # Distribu?par des licences qui en restreignent l'utilisation. Sun, Sun
    # Microsystems, le logo Sun et Sun ONE sont des marques de fabrique ou des
    # marques d�pos�es de Sun Microsystems, Inc. aux Etats-Unis et dans
    # d'autres pays.
    # The syntax of this file is that of a standard Java properties file,
    # see the documentation for the java.util.Properties.load method for a
    # complete description. (CAVEAT: The SDK in the parser does not currently
    # support any backslash escapes except for wrapping long lines.)
    # All property names in this file are case-sensitive.
    # NOTE: The value of a property that is specified multiple times is not
    # defined.
    # WARNING: The contents of this file are classified as an UNSTABLE
    # interface by Sun Microsystems, Inc. As such, they are subject to
    # significant, incompatible changes in any future release of the
    # software.
    # The name of the cookie passed between the Sun [TM] ONE Identity Server
    # and the SDK.
    # WARNING: Changing this property without making the corresponding change
    # to the Sun [TM] ONE Identity Server will disable the SDK.
    com.sun.am.cookieName = iPlanetDirectoryPro
    # The URL for the Sun [TM] ONE Identity Server Naming service.
    com.sun.am.namingURL = http://sunam1.hzliqun.com:80/amserver/namingservice http://sunim1.hzliqun.com:80/amserver/namingservice
    # The URL of the login page on the Sun [TM] ONE Identity Server.
    com.sun.am.policy.am.loginURL = http://sunam1.hzliqun.com:80/amserver/UI/Login http://sunim1.hzliqun.com:80/amserver/UI/Login
    #com.sun.am.policy.am.loginURL = http://sunam1.hzliqun.com:80/amserver/gateway http://sunim1.hzliqun.com:80/amserver/gateway
    # By default the agent checks if the Access Manager AUTH server is
    # active before performing the login.
    # This check can be ignored by setting the following property to true.
    # In this case the first server indicated in the loginURL property will
    # be selected, wether it is active or not.
    com.sun.am.ignore_server_check = false
    # Name of the file to use for logging messages.
    com.sun.am.logFile = D:/Apache/sun/Identity_Server/Agents/2.1/debug/apache_8080/amAgent
    # Name of the Sun [TM] ONE Identity Server log file to use for
    # logging messages to Sun [TM] ONE Identity Server.
    # Just the name of the file is needed. The directory of the file
    # is determined by settings configured on the Sun [TM] ONE Identity Server.
    com.sun.am.serverLogFile = amAuthLog.exchange.hzliqun.com.8080
    # Set the logging level for the specified logging categories.
    # The format of the values is
    #     <ModuleName>[:<Level>][,<ModuleName>[:<Level>]]*
    # The currently used module names are: AuthService, NamingService,
    # PolicyService, SessionService, PolicyEngine, ServiceEngine,
    # Notification, PolicyAgent, RemoteLog and all.
    # The all module can be used to set the logging level for all currently
    # none logging modules. This will also establish the default level for
    # all subsequently created modules.
    # The meaning of the 'Level' value is described below:
    #     0     Disable logging from specified module*
    #     1     Log error messages
    #     2     Log warning and error messages
    #     3     Log info, warning, and error messages
    #     4     Log debug, info, warning, and error messages
    #     5     Like level 4, but with even more debugging messages
    # 128     log url access to log file on IS server.
    # 256     log url access to log file on local machine.
    # If level is omitted, then the logging module will be created with
    # the default logging level, which is the logging level associated with
    # the 'all' module.
    # for level of 128 and 256, you must also specify a logAccessType.
    # *Even if the level is set to zero, some messages may be produced for
    # a module if they are logged with the special level value of 'always'.
    com.sun.am.logLevels = all:5
    # The org, username and password for Agent to login to IS.
    #com.sun.am.policy.am.username = UrlAccessAgent
    com.sun.am.policy.am.username = amAdmin
    com.sun.am.policy.am.password = LYnKyOIgdWt404ivWY6HPQ==
    # Name of the directory containing the certificate databases for SSL.
    com.sun.am.sslCertDir = D:/Apache/sun/Identity_Server/Agents/2.1/apache/cert
    # Set this property if the certificate databases in the directory specified
    # by the previous property have a prefix.
    com.sun.am.certDbPrefix =
    # Should agent trust all server certificates when Sun [TM] ONE Identity Server
    # is running SSL?
    # Possible values are true or false.
    com.sun.am.trustServerCerts = true
    # Should the policy SDK use the Sun [TM] ONE Identity Server notification
    # mechanism to maintain the consistency of its internal cache? If the value
    # is false, then a polling mechanism is used to maintain cache consistency.
    # Possible values are true or false.
    com.sun.am.notificationEnabled = true
    # URL to which notification messages should be sent if notification is
    # enabled, see previous property.
    com.sun.am.notificationURL = http://exchange.hzliqun.com:8080/amagent/UpdateAgentCacheServlet?shortcircuit=false
    # Time in milliseconds the agent will wait to receive the
    # response from Access Manager. After the timeout, the connection
    # will be drop.
    # A value of 0 means that the agent will wait until receiving the response.
    # WARNING: Invalid value for this property can result in
    # the resources becoming inaccessible.
    com.sun.am.receive_timeout = 0
    # This property determines whether URL string case sensitivity is
    # obeyed during policy evaluation
    com.sun.am.policy.am.urlComparison.caseIgnore = true
    # This property determines the amount of time (in minutes) an entry
    # remains valid after it has been added to the cache. The default
    # value for this property is 3 minutes.
    com.sun.am.policy.am.cacheEntryLifeTime=3
    # This property allows the user to configure the User Id parameter passed
    # by the session information from the identity server. The value of User
    # Id will be used by the agent to set the value of REMOTE_USER server
    # variable. By default this parameter is set to "UserToken"
    com.sun.am.policy.am.userIdParam=UserToken
    # HTTP Header attributes mode
    # String attribute mode to specify if additional policy response attributes should
    # be introduced into the request. Possible values are:
    # NONE - no additional policy attributes will be introduced.
    # HEADER - additional policy attributes will be introduced into HTTP header.
    # COOKIE - additional policy attributes will be introduced through cookies.
    # If not within these values, it will be considered as NONE.
    com.sun.am.policy.am.ldapattribute.mode=NONE
    # The policy attributes to be added to the HTTP header. The specification is
    # of the format ldap_attribute_name|http_header_name[,...]. ldap_attribute_name
    # is the attribute in data store to be fetched and http_header_name
    # is the name of the header to which the value needs to be assigned.
    # NOTE: In most cases, in a destination application where a "http_header_name"
    # shows up as a request header, it will be prefixed by HTTP_, and all
    # lower case letters will become upper case, and any - will become _;
    # For example, "common-name" would become "HTTP_COMMON_NAME"
    com.sun.am.policy.am.headerAttributes=cn|common-name,ou|organizational-unit,o|organization,mail|email,employeenumber|employee-number,c|country
    # The cookie name used in iAS for sticky load balancing
    com.sun.am.policy.am.ias_SLB_cookie_name = GX_jst
    # indicate where a load balancer is used for Sun [TM] ONE Identity Server
    # services.
    # true | false
    com.sun.am.loadBalancer_enable = false
    ####Agent Configuration####
    # this is for product versioning, please do not modify it
    com.sun.am.policy.agents.version=2.1
    # Set the url access logging level. the choices are
    # LOG_NONE - do not log user access to url
    # LOG_DENY - log url access that was denied.
    # LOG_ALLOW - log url access that was allowed.
    # LOG_BOTH - log url access that was allowed or denied.
    com.sun.am.policy.agents.logAccessType = LOG_DENY
    # Agent prefix
    com.sun.am.policy.agents.agenturiprefix = http://exchange.hzliqun.com:8080/amagent
    # Locale setting.
    com.sun.am.policy.agents.locale = en_US
    # The unique identifier for this agent instance.
    com.sun.am.policy.agents.instanceName = unused
    # Do SSO only
    # Boolean attribute to indicate whether the agent will just enforce user
    # authentication (SSO) without enforcing policies (authorization)
    com.sun.am.policy.agents.do_sso_only = false
    # The URL of the access denied page. If no value is specified, then
    # the agent will return an HTTP status of 403 (Forbidden).
    com.sun.am.policy.agents.accessDeniedURL =
    # This property allows the user to configure the URL Redirect parameter
    # for different auth modules. By default this parameter is set to "goto"
    com.sun.am.policy.agents.urlRedirectParam=goto
    # Default FQDN is the fully qualified hostname that the users should use
    # in order to access resources on this web server instance. This is a
    # required configuration value without which the Web server may not
    # startup correctly.
    # The primary purpose of specifying this property is to ensure that if
    # the users try to access protected resources on this web server
    # instance without specifying the FQDN in the browser URL, the Agent
    # can take corrective action and redirect the user to the URL that
    # contains the correct FQDN.
    # This property is set during the agent installation and need not be
    # modified unless absolutely necessary to accommodate deployment
    # requirements.
    # WARNING: Invalid value for this property can result in the Web Server
    # becoming unusable or the resources becoming inaccessible.
    # See also: com.sun.am.policy.agents.fqdnMap
    com.sun.am.policy.agents.fqdnDefault = exchange.hzliqun.com
    # The FQDN Map is a simple map that enables the Agent to take corrective
    # action in the case where the users may have typed in an incorrect URL
    # such as by specifying partial hostname or using an IP address to
    # access protected resources. It redirects the browser to the URL
    # with fully qualified domain name so that cookies related to the domain
    # are received by the agents.
    # The format for this property is:
    # com.sun.am.policy.agents.fqdnMap = [invalid_hostname|valid_hostname][,...]
    # This property can also be used so that the agents use the name specified
    # in this map instead of the web server's actual name. This can be
    # accomplished by doing the following.
    # Say you want your server to be addressed as xyz.hostname.com whereas the
    # actual name of the server is abc.hostname.com. The browsers only knows
    # xyz.hostname.com and you have specified polices using xyz.hostname.com at
    # the Identity Server policy console, in this file set the mapping as
    # com.sun.am.policy.agents.fqdnMap = valid|xyz.hostname.com
    # WARNING: Invalid value for this property can result in the Web Server
    # becoming unusable or the resources becoming inaccessible.
    com.sun.am.policy.agents.fqdnMap =
    # Cookie Reset
    # This property must be set to true, if this agent needs to
    # reset cookies in the response before redirecting to
    # Identity Server for Authentication.
    # By default this is set to false.
    # Example : com.sun.am.policy.agents.cookie_reset_enabled=true
    com.sun.am.policy.agents.cookie_reset_enabled=false
    # This property gives the comma separated list of Cookies, that
    # need to be included in the Redirect Response to Identity Server.
    # This property is used only if the Cookie Reset feature is enabled.
    # The Cookie details need to be specified in the following Format
    # name[=value][;Domain=value]
    # If "Domain" is not specified, then the default agent domain is
    # used to set the Cookie.
    # Example : com.sun.am.policy.agents.cookie_reset_list=LtpaToken,
    # token=value;Domain=subdomain.domain.com
    com.sun.am.policy.agents.cookie_reset_list=
    # This property gives the space separated list of domains in
    # which cookies have to be set in a CDSSO scenario. This property
    # is used only if CDSSO is enabled.
    # If this property is left blank then the fully qualified cookie
    # domain for the agent server will be used for setting the cookie
    # domain. In such case it is a host cookie instead of a domain cookie.
    # Example : com.sun.am.policy.agents.cookieDomainList=.sun.com .iplanet.com
    com.sun.am.policy.agents.cookieDomainList=
    # user id returned if accessing global allow page and not authenticated
    com.sun.am.policy.agents.unauthenticatedUser=anonymous
    # Enable/Disable REMOTE_USER processing for anonymous users
    # true | false
    com.sun.am.policy.agents.anonRemoteUserEnabled=false
    # Not enforced list is the list of URLs for which no authentication is
    # required. Wildcards can be used to define a pattern of URLs.
    # The URLs specified may not contain any query parameters.
    # Each service have their own not enforced list. The service name is suffixed
    # after "# com.sun.am.policy.agents.notenforcedList." to specify a list
    # for a particular service. SPACE is the separator between the URL.
    # com.sun.am.policy.agents.notenforcedList = SERVER_PROTO://SERVER_HOST:SERVER_PORTSERVER_DEPLOY_URI/UI/* SERVER_PROTO://SERVER_HOST:SERVER_PORTCONSOLE_DEPLOY_URI/* SERVER_PROTO://SERVER_HOST:SERVER_PORTSERVER_DEPLOY_URI/login_images/* SERVER_PROTO://SERVER_HOST:SERVER_PORT/docs* SERVER_PROTO://SERVER_HOST:SERVER_PORTSERVER_DEPLOY_URI/namingservice SERVER_PROTO://SERVER_HOST:SERVER_PORTSERVER_DEPLOY_URI/sessionservice SERVER_PROTO://SERVER_HOST:SERVER_PORTSERVER_DEPLOY_URI/loggingservice SERVER_PROTO://SERVER_HOST:SERVER_PORTSERVER_DEPLOY_URI/profileservice SERVER_PROTO://SERVER_HOST:SERVER_PORTSERVER_DEPLOY_URI/policyservice SERVER_PROTO://SERVER_HOST:SERVER_PORTSERVER_DEPLOY_URI/config* SERVER_PROTO://SERVER_HOST:SERVER_PORTSERVER_DEPLOY_URI/js/* SERVER_PROTO://SERVER_HOST:SERVER_PORTSERVER_DEPLOY_URI/css/* SERVER_PROTO://SERVER_HOST:SERVER_PORTSERVER_DEPLOY_URI/authservice SERVER_PROTO://SERVER_HOST:SERVER_PORTSERVER_DEPLOY_URI/SAMLAwareServlet SERVER_PROTO://SERVER_HOST:SERVER_PORTSERVER_DEPLOY_URI/SAMLSOAPReceiver SERVER_PROTO://SERVER_HOST:SERVER_PORTSERVER_DEPLOY_URI/SAMLPOSTProfileServlet
    # Boolean attribute to indicate whether the above list is a not enforced list
    # or an enforced list; When the value is true, the list means enforced list,
    # or in other words, the whole web site is open/accessible without
    # authentication except for those URLs in the list.
    com.sun.am.policy.agents.reverse_the_meaning_of_notenforcedList = false
    # Not enforced client IP address list is a list of client IP addresses.
    # No authentication and authorization are required for the requests coming
    # from these client IP addresses. The IP address must be in the form of
    # eg: 192.168.12.2 1.1.1.1
    com.sun.am.policy.agents.notenforced_client_IP_address_list =
    # Enable POST data preservation; By default it is set to false
    com.sun.am.policy.agents.is_postdatapreserve_enabled = false
    # POST data preservation : POST cache entry lifetime in minutes,
    # After the specified interval, the entry will be dropped
    com.sun.am.policy.agents.postcacheentrylifetime = 10
    # Cross-Domain Single Sign On URL
    # Is CDSSO enabled.
    com.sun.am.policy.agents.cdsso-enabled=false
    # This is the URL the user will be redirected to for authentication
    # in a CDSSO Scenario.
    com.sun.am.policy.agents.cdcservletURL = http://sunam1.hzliqun.com:80/amserver/cdcservlet
    # Enable/Disable client IP address validation. This validate
    # will check if the subsequent browser requests come from the
    # same ip address that the SSO token is initially issued against
    com.sun.am.policy.agents.client_ip_validation_enable = false
    # Whether to decode the session cookie before sending it to IS.
    # Set to true if the cookie value is URL encoded, false otherwise.
    # For example, cookie values from browsers are URL encoded, and
    # some containers always returns the cookie URL encoded.
    com.sun.am.cookieEncoded = false
    # Below properties are used to define cookie prefix and cookie max age
    com.sun.am.policy.am.ldapattribute.cookiePrefix = HTTP_
    com.sun.am.policy.am.ldapattribute.cookieMaxAge = 300
    # Logout URL - application's Logout URL.
    # This URL is not enforced by policy.
    # if set, agent will intercept this URL and destroy the user's session,
    # if any. The application's logout URL will be allowed whether or not
    # the session destroy is successful.
    com.sun.am.policy.agents.logout.url=
    # Any cookies to be reset upon logout in the same format as cookie_reset_list
    com.sun.am.policy.agents.logout.cookie_reset_list =
    # Below property is reserved for future use. Please do not change the value.
    # By default, when a policy decision for a resource is needed,
    # agent gets and caches the policy decision of the resource and
    # all resource from the root of the resource down, from the Identity Server.
    # For example, if the resource is http://host/a/b/c, the the root of the
    # resource is http://host/. This is because more resources from the
    # same path are likely to be accessed subsequently.
    # However this may take a long time the first time if there
    # are many many policies defined under the root resource.
    # To have agent get and cache the policy decision for the resource only,
    # set the following property to false.
    com.sun.am.policy.am.fetchFromRootResource = true
    # Whether to get the client's hostname through DNS reverse lookup for use
    # in policy evaluation.
    # It is true by default, if the property does not exist or if it is
    # any value other than false.
    com.sun.am.policy.agents.getClientHostname = true
    # The following property is to enable native encoding of
    # ldap header attributes forwarded by agents. If set to true
    # agent will encode the ldap header value in the default
    # encoding of OS locale. If set to false ldap header values
    # will be encoded in UTF-8
    com.sun.am.policy.agents.convertMbyteEnabled = false
    #When the not enforced list or policy has a wildcard '*' character, agent
    #strips the path info from the request URI and uses the resulting request
    #URI to check against the not enforced list or policy instead of the entire
    #request URI, in order to prevent someone from getting access to any URI by
    #simply appending the matching pattern in the policy or not enforced list.
    #For example, if the not enforced list has the value http://host/*.gif,
    #stripping the path info from the request URI will prevent someone from
    #getting access to http://host/index.html by using the URL http://host/index.html?hack.gif.
    #However when a web server (for exmample apache) is configured to be a reverse
    #proxy server for a J2EE application server, path info is interpreted in a different
    #manner since it maps to a resource on the proxy instead of the app server.
    #This prevents the not enforced list or policy from being applied to part of
    #the URI below the app serverpath if there is a wildcard character. For example,
    #if the not enforced list has value http://host/webapp/servcontext/* and the
    #request URL is http://host/webapp/servcontext/example.jsp the path info
    #is /servcontext/example.jsp and the resulting request URL with path info stripped
    #is http://host/webapp, which will not match the not enforced list. By setting the
    #following property to true, the path info will not be stripped from the request URL
    #even if there is a wild character in the not enforced list or policy.
    #Be aware though that if this is set to true there should be nothing following the
    #wildcard character '*' in the not enforced list or policy, or the
    #security loophole described above may occur.
    com.sun.am.ignore_path_info = false
    # Override the request url given by the web server with
    # the protocol, host or port of the agent's uri specified in
    # the com.sun.am.policy.agents.agenturiprefix property.
    # These may be needed if the agent is sitting behind a ssl off-loader,
    # load balancer, or proxy, and either the protocol (HTTP scheme),
    # hostname, or port of the machine in front of agent which users go through
    # is different from the agent's protocol, host or port.
    com.sun.am.policy.agents.overrideProtocol =
    com.sun.am.policy.agents.overrideHost =
    com.sun.am.policy.agents.overridePort =
    # Override the notification url in the same way as other request urls.
    # Set this to true if any one of the override properties above is t

    if you can add more details in your question, that'll be better.
    in my case, i initially had pix515e with v6.1 on it, and cannot get a dialtone because my sip phone (ata186) is not registered on my proxy. but when i changed my pix to v6.2, it worked just fine. i didn't put any access-list though, as fixup does it for me already.

  • Problem in IPCC Enterprise 7.2.6 HDS data are deleted autometicaly.

    Hi,
    I m facing problem in IPCC HDS data related. In agent logout table has only one day data. This type of incident is occuring for many others table. Even dialer detail table has only one day data. So please guide me how can i overcome this problem. Coz my customer is generating many report by using this data. I m realy worried abt it.

    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Table Normal";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-priority:99;
    mso-style-qformat:yes;
    mso-style-parent:"";
    mso-padding-alt:0in 5.4pt 0in 5.4pt;
    mso-para-margin:0in;
    mso-para-margin-bottom:.0001pt;
    mso-pagination:widow-orphan;
    font-size:11.0pt;
    font-family:"Calibri","sans-serif";
    mso-ascii-font-family:Calibri;
    mso-ascii-theme-font:minor-latin;
    mso-fareast-font-family:"Times New Roman";
    mso-fareast-theme-font:minor-fareast;
    mso-hansi-font-family:Calibri;
    mso-hansi-theme-font:minor-latin;}
    Hi,
    I suspect that the normal purging process on the hds is deleting the data in the agent logout table on the hds. This is how it works :
    1. every day, it will purge the oldest data in every table based on what you configured. You can for each table say how long you want the data to be available (for example 100 days). It will purge every day the data older then the configured value. This can be different for every table.
    2. There is an additional process that will check the size of the complete database. If it's full for 80% or more, it will starts deleting data as follows :
    . go to the first table and delete X amount of data from the table . if size of the db is still more then 80% full, go to next table and do the same again as in previous step
    This process stops when the db is less then 80% full. If at a later stage it hits the 80% again, the process will start all over. It will start again with the first table etc. So, if this happens a couple of times, a lot of data from the first tables in the database will be deleted and nothing from the last tables (alphabetical).
    Now, how can you prevent this? There are of course 2 ways to do this :
    . make sure your hds database is big enough to keep all data you want.
    . make sure that the database is never over 80% full. You can make sure this is the case by purging enough data from all tables every day. So, you need to configure point 1 above so that for every table only X amount of days is kept. I see that you want to keep the agent logout data for 3 years. I don't know how you configured the other tables but if you want to keep all of them for 3 years you need a pretty big database. To confirm the number of days configured in system, pls check below keys in Registry of Logger and HDS.
    From the logger :
    HKEY_LOCAL_MACHINE\SOFTWARE\Cisco
    Systems,Inc.\ICM\Customer_Instance\LoggerX\Recovery\CurrentVersion\Purge\Retain\Agent\Logout
    From the HDS :
    HKEY_LOCAL_MACHINE\SOFTWARE\Cisco
    Systems,Inc.\ICM\Customer_Instanc\Distributor\RealTimeDistributor\CurrentVersion\Recovery\CurrentVersion\Purge\Retain\Agent\Logout You can find more info about how this works and how to configure this on this link :
    http://www.cisco.com/en/US/products/sw/custcosw/ps1001/products_tech_note09186a008014f8b9.shtml
    There is a tool which you can use to estimate how big your database should be if you want to keep X amount of days of data in table Y. You find this in icmdba tool (start > run > icmdba). Right click on your database and choose 'estimate'.
    If needed, you can increase the size of your database. Please follow the procedures on this link to do so :
    http://www.cisco.com/en/US/products/sw/custcosw/ps1001/products_tech_note09186a0080094927.shtml
    Regards,
    Soman Nair.
    ( Pls rate post if found to be helpful.)

  • NAC OOB logoff feature not working

    Hi all,
    I've deployed NAC in L2 OOB VG mode with ADSSO and I'm trying to use the OOB logoff feature but it's not working. The VLAN change detect feature doesn't work either (I think the two problems might be related).
    It will work if each user role is assigned a different auth/access VLAN pair but in my setup, everyone has a common auth vlan and separate role-based access vlans. Because of this, I have to use the IP refresh feature as well (this works fine).
    I'm running Windows Vista and version 4.8.0 of the NAC software with version 4.8.1.5 of the agent
    I checked the release notes and found that caveat CSCth60233 identifies this bug with the VLAN change detect with the workaround being to refresh the IP address automatically after being logged out. Does anyone know of a workaround for this problem to do this automatically? Is a solution for this problem in the works?
    Also would anyone be able to help me with my OOB logoff feature not working? I've configured everything according to the documentation.
    I appreciate your responses
    ~Xavier

    Here are my configs if necessary. Tell me if anything else is needed.
    User Management > User Roles
    List of Roles
    Edit Role
    Traffic Control
    Bandwidth
    Schedule
    Disable this role
    Role Name
    Role Description
    Role Type
    Normal Login Role Quarantine Role
    *Max Sessions per User Account             ( Case-Insensitive Session Identifiers             )
    (1 – 255; 0 for unlimited)  
    Retag Trusted-side Egress Traffic with VLAN (In-Band)
    (0 – 4095, or leave it  blank)(*This option has been deprecated, and it will be removed in  upcoming  releases)
    *Out-of-Band User Role VLAN
    VLAN ID VLAN Name                 (if left blank, it will default to the default access vlan             settings in the Port Profile)
    *Bounce Switch Port After Login (OOB)
    Enable               Disable               (This option is effective only when port profile is set to use it)
    *Refresh IP After Login (OOB)
    Enable               Disable               (This option only applies to L2 OOB Virtual Gateway with Role VLAN             as Access VLAN and switch port is NOT bounced after VLAN change)
    *After Successful Login Redirect to
    previously requested URL
    this URL:
    (e.g. http://www.cisco.com/)
    Redirect Blocked Requests to
    default access blocked page
    this URL or HTML message:
    *Show Logged-on Users
    User info
    Logout button
    Enable Passive Re-assessment                          (To enable Passive Re-assessment for OOB Agent             connections, you must also enable the OOB Logoff option at             Device Management > Clean Access > General Setup > Agent Login.)
    Re-assessment Interval
    (Minimum of 60 minutes and maximum of 1440 minutes [24 hours])
    Grace Timer
    (Minimum of 5 minutes and maximum of 30 minutes)
    Default action on failure
    Continue Allow user to remediate Logoff user immediately
    (*only applies to normal login role)
    Device Management > Clean Access
    Certified Devices
    General Setup
    Network Scanner
    Clean Access Agent
    Updates
                Web Login   ·  Agent Login 
    User Role
    Unauthenticated Role(not common) role_engineer role_developer role_admin role_sales role_guest
    Operating System 
    ALL WINDOWS_ALL WINDOWS_XP WINDOWS_VISTA_ALL WINDOWS_7_ALL MAC_ALL MAC_OSX LINUX FREEBSD SOLARIS_ALL SOLARIS_86 SOLARIS_SPARC UNIX VMS OS2 PALM
    (By default, 'ALL' settings apply to all client operating systems if no OS-specific settings are specified.)
    Enable OOB logoff for Windows NAC Agent and Mac OS X Agent        (This global option applies to all OOB CASs and user roles and  enables Agent logout and heartbeat timers for OOB Agent connections. You  must also enable this option for Passive Re-assessment to function with  OOB Agent connections.)
    Require use of Agent
    (for Windows & Macintosh OSX only)
    Agent Download Page Message (or URL):
               Network  Security Notice: This network is protected by a Cisco NAC  Appliance Agent, a component of the Cisco NAC Appliance Suite. The Agent  ensures that your computer meets the requirements for accessing this  network, and helps you keep your computer secure and up-to-date. 
    Please use the Agent to log in to the network.
    If you  don't have the Agent software yet, download it by clicking the button  below. After downloading the installation file, run it to complete the  installation.
    If you have already downloaded and installed the  Agent, please close this window and right-click the Agent icon in the  system tray and choose Login from the menu. Enter your usual network  user name and password in the login window.
    Require use of Cisco NAC Web Agent (for Windows only)
              Cisco NAC Web Agent Launch Page Message (or URL):
    Network  Security Notice: This network is protected by the Cisco NAC  Web Agent, a component of the Cisco NAC Appliance Suite. The Cisco NAC  Web Agent ensures that your computer meets the requirements for  accessing this network, and helps you keep your computer secure and  up-to-date.
    Please launch Cisco NAC Web Agent by clicking the  button below.
    Allow restricted network access in case user cannot use   NAC Agent or Cisco NAC Web Agent
              Restricted Access User Role: 
    role_engineer role_developer role_admin role_sales role_guest
              Restricted Access Button Text: 
    Restricted Network Access Message:
               Restricted  Network Access: If you cannot use a Cisco NAC Appliance  Agent, you can obtain restricted network access temporarily by clicking  the button below.
    Show Network Policy to NAC Agent and Cisco NAC Web Agent users (for Windows only)
              Network Policy Link:  
    Logoff NAC Agent users from network on their machine logoff or shutdown after   
        secs (for Windows & In-Band setup, for OOB setup when OOB Logoff is enabled)
         (Setting the time to zero secs will logout user immediately. Valid range: 0 - 300 secs.)
    Refresh Windows domain group policy after login
    (for Windows only)
    Automatically close login success screen after    
        secs
         (Setting the time to zero secs will not display the login success screen. Valid range: 0 - 300 secs.)
    Automatically close logout success screen after    
        secs
    (for Windows only)
         (Setting the time to zero secs will not display the logout success screen. Valid range: 0 - 300 secs.)

  • Historical report issue with CCX Custom Reason codes

    Hi Evryone,
    I have CCX version 8.5,
    In Cisco Desktop Administrator ,I have configured custom Reason codes for agent logout & Agent not ready,
    These code are working ok when agent is loging out or Not ready,
    But in Historical reports I am not able to see these custom Reason code base reports
    I can only see the reports for agent not ready/login logout with only global reason codes, but report didnt show the cutom reason code base report
    Please help me to troubleshoot this issue.
    Regards
    Deepak

    hi Deepak, 
    Did you do something else while creating new global reason codes? 
    I have global reason codes, but in the the Historical Reports "detail" tab don't show up any of them. Report only shows system-genereted reason codes.
    BEst regards

  • HR runtime error on agent login/logout

                       Good afternoon.
    Has anyone run in a a runtime error when running agent login/logout reports? I am unable to run this report.
    a runtime error occurred while executing the inquiry. i know there used to be bugs on this but.
    uccx, ha, 8.5.1. i have included the log. Thank you for any assistance.

    I removed my deployments from the remote OC4J server and removed deployment entries from http-web-site.xml and server.xml. I redeployed my simpleJSP bibean application to my local and remote OC4J server. It works locally but fails now with this new error:
    javax.servlet.jsp.JspException: BIB-10310 An unknown exception occurred.
    BIB-10101 Handler failed to handle UserObject.
    oracle.bali.ewt.elaf.windows.WindowsEWTPagingComponentUI
         at oracle.dss.addins.jspTags.PresentationTag.doStartTag(PresentationTag.java:254)
         at simpleJSP.jspService(_simpleJSP.java:72)
         [SRC:/simpleJSP.jsp:6]
         at com.orionserver[Oracle9iAS (9.0.2.0.0) Containers for J2EE].http.OrionHttpJspPage.service(OrionHttpJspPage.java:56)
         at oracle.jsp.runtimev2.JspPageTable.compileAndServe(JspPageTable.java:508)
    Regards,
    Dan

  • Logout Processing Properties in the Policy Agent 2.2

    Hi,
    Did anyone ever used these properties? I have a case in which I need to use them but there are no examples and the documentation is a bit laconic. What is this handler? Any ideas? My app has just a simple /Logout.do url that when requested should logout the user in Access Manager too. I tried setting the property like
    com.sun.identity.agents.config.logout.uri[myApp] = /Logout.do
    But it did't work.
    Thank you.
    This is the only doco I found, in the AMAgent.properties:
    # LOGOUT PROCESSING PROPERTIES
    # - logout.application.handler: An application specific (MAP) property
    # that identifies a handler to be used for logout processing.
    # - logout.uri: An application specific (MAP) property that identifies
    # a request URI which indicates a logout event.
    # - logout.request.param: An application specific (MAP) property that
    # identifies a parameter which when present in the HTTP request
    # indicates a logout event.
    # - logout.introspect.enabled: A flag that when set allows the Agent
    # to search HTTP request body to locate logout parameter.
    # - logout.entry.uri: An application specific (MAP) property that identifies
    # a URI to be used as an entry point after successful logout and
    # subsequent successful authentication if applicable.
    # Hot-Swap Enabled: Yes
    com.sun.identity.agents.config.logout.application.handler[] =
    com.sun.identity.agents.config.logout.uri[] =
    com.sun.identity.agents.config.logout.request.param[] =
    com.sun.identity.agents.config.logout.introspect.enabled = false
    com.sun.identity.agents.config.logout.entry.uri[] =

    Hi,
    in my scenerion i have set up the SSO between SIM SPE and SAM sucessfully.
    I have put the default url of SIM-SPE edit profile page on suceesful login of Access manager. however i am facing the issue in logout of SIM-SPE application. i tried with access manager log out url but on log out and log-in with different user it gives me the profile of previous user however policy agent is fetching the current user (checking from the header). So it seems that some session is not able to destroyed on application (SIM-SPE) side. i came to know from forum even that some logout properties can use for logout.
    Can anybody please tell me how to use the following properties in AMAgent.properties file of policy agent on App server.
    # LOGOUT PROCESSING PROPERTIES
    #   - logout.application.handler: An application specific (MAP) property
    #     that identifies a handler to be used for logout processing.
    #   - logout.uri: An application specific (MAP) property that identifies
    #     a request URI which indicates a logout event.
    #   - logout.request.param: An application specific (MAP) property that
    #     identifies a parameter which when present in the HTTP request
    #     indicates a logout event.
    #   - logout.introspect.enabled: A flag that when set allows the Agent
    #     to search HTTP request body to locate logout parameter.
    #   - logout.entry.uri: An application specific (MAP) property that identifies
    #     a URI to be used as an entry point after successful logout and
    #     subsequent successful authentication if applicable.
    # Hot-Swap Enabled: Yes
    com.sun.identity.agents.config.logout.application.handler[] =
    com.sun.identity.agents.config.logout.uri[] =
    com.sun.identity.agents.config.logout.request.param[] =
    com.sun.identity.agents.config.logout.introspect.enabled = false
    com.sun.identity.agents.config.logout.entry.uri[] =i tried with http://<host name><port>/idm/spe/user/LogoutSubmit.do as setting the value for logout.uri property but no works.
    i would really appreciate your response.

  • Mirror agent & failed logout-- HELP!

    There are a lot of other discussions on this topic, and many people seem to be familiar with the mirror agent failing to quit and freezing up the logout process, but I have been researching these discussions and the only one that had any tips was so specifically for people who understand macs in depth that I couldn't figure out what they were talking about.
    I have been having this mirror agent & failed logout issue for a really long time and I don't know how to fix it.
    And I don't understand when people just say "oh go to the whatever utility and take the tilda out of the library address" blah blah blah... I have no idea. :o)
    I see in the other discussions that this may be related to .Mac (I do have a .Mac account) or iDisk (I do use idisk, and have already changed the syncing preferences off of automatic) or something about mobile accounts... i don't really know what that is.
    logout is not the only time my powerbook is freezing up lately, and it's getting worse. I can no longer use Word without everything freezing up.
    Please please help! Don't be afraid to sound patronizing. I literally know nothing about the inner machinations of computers. I have tried a few other things based on other support discussions, but the problem still persists.
    THANKS!!!

    I've been having serious beach balls and I think it;s related ti iTunes but I noticed this post by TaosMouse and though ]t I 'd give it a try / let us know if it works .
    taosmouse
    Posts: 14
    From: Santa Fe, NM
    Registered: Jun 30, 2007
    Re: Safari freezing. force quit reveals "Mirror agent not responding" What now?
    Posted: Aug 22, 2007 4:09 PM in response to: Bigdog44
    Helpful
    Reply Email
    Mirror Agent can turn into your worst nightmare if your connection is intermittent. It will lock up the entire computer until it finishes what it was trying to do.
    This was annoying before, but it has become astoundingly un Mac like since .mac expanded to 10 gigs. Now you can wait 5 minutes if you have a problem. I know this because my wireless link (fixed wireless) someimes gets flaky, and I basically have to do situps until I can use my mac again.
    So.... Here's what you do: Go to System preferences -> .mac ->iDisk and click STOP under iDisk Synching On. That should do it, but you will no longer have a local copy of your iDisk to work with.
    MacBook Pro 2GB c2Duo Mac OS X (10.4.10) iPhone 8GB

  • Agent Login Logout timestamps in the database

    Dears,
    In our UCCE environment we need a detailed report that generates information about the agents login and logout times.
    Does anyone have any idea in which table in the database we can view these timestamps?
    Best regards,
    Lara Noueir

    Dear Lara,
    you can get these detaills from Agent_Event_detail table
    you will be getting login date and time from Agent_Event_Detail table along with the duration of the event.
    also agent log out table will give you the logon duration and log out date and time.
    you can refer the ICM DB schema further info.
    http://www.cisco.com/en/US/docs/voice_ip_comm/cust_contact/contact_center/icm_enterprise/icm_enterprise_8_5_3/reference/guide/icm853schema.pdf
    Rate the post if it usefull.
    Regards,
    Shalid K.C

  • Agent Login Logout Activity report extensions are all blank

    Hi there,
    We are running UCCX ver  8.5.1.11003-32. When we run the Agent Login Logout Activity report the extensions are all blank as seen below.
    Anyone know why this would be?
    Thanks
    Alexis

    In case anyone comes across this.
    This is a bug, resolved in UCCX 8.5.1SU4
    Cheers
    Alexis

Maybe you are looking for

  • Dropped 5th gen  blank white backlit screen with crack on inner screen

    Please can anyone help. Is it worth just getting the screen repaired or will i still encounter any problems as the ipod no longer connects properly to the computer. And i cannot get anything to work, it just displays a blank white screen until the ba

  • Turn a string that shows hex data in normal format, into a string that shows the same data in hex format

    I have a string of arbitrary length - say, 1AB1C0 - in normal format. I would like to have a function which takes that string in, and outputs the same exact characters, but in hex format. So the input will read 1AB1C0 in normal string format, and the

  • Using pageContext in the TagHandler. See my question

    Hi, THIS IS A CROSS POST.(No offence please). I am using the pageContext class in my TagHandler to get a list of values from a Drop down Box. HttpServletRequest request = (HttpServletRequest)pageContext.getRequest(); The pageContext class is an ABSTR

  • ABAP for file transfer

    Hi all, I'm looking for an function module to extract the data out of an internal table like the active table of an ODS to the BW server. I know the GUI_download, but it passes the data to the client. Any ideas. Cheers Pascal

  • Indian Number Format

    Hi When I tried to format the number in Indian format, it is always giving the US format. Locale locale = new Locale("en","IN");       String str = NumberFormat.getNumberInstance(locale).format(111234.56);       System.out.println("Format>>>>>>"+str)