Auth user in ORIG_MAIL_ACCESS or ORIG_SEND_ACCESS?

Similar Messages

• Filtering Multiple Auth Users in SawMill

  I am unable to generate a report with more than a single person. The only attributes I am applying is:
  Statistics for 01/Jun/2010 - 30/Jun/2010, 30 days 
  Report is filtered and shows data for
    Action is NOT: TCP_DENIED
    Auth User is: local\lcl4034@ntlm, local\scott@ntlm (<<These are applied as "Wildcard Expression")
  With a single user, I can generate a report without issue but the second I add another user the report is blank. At this point it is all or just 1. I know I have sucessfully done this in the past but now it is not working.

  Easiest way is to add more indivudal items per field type query rather than trying to build a more complex argument within a single element.
  For example:
  Hope this helps

• Cisco WLC 5508 simultaneous Web Auth Users logins?

  Hi there,
  We have 2 WLC5508 (7.2.111.3) with several SSID's.
  One of them is configured as Passthrough with an external splash server. Works fine.
  Now we want to use the "On MAC Filter failure".
  If the client MAC-adresse is configured under MAC Filtering on the WLC, the authentication is done without WebAuth.
  If MAC-adress is not known, the client will be redirect to the external WebAuth server for authentication.
  To keep the Passthrough functionality for the user, we hardcoded an username&password in the splash-page.
  So, every client WebAuth uses the same username&password for authentication against the WLC.
  User Login Policies is set to unlimited.
  So far so good, it seems to work, but I have read, that Cisco 5500 controllers supports only 150 simultaneous Web Auth Users logins.
  The two WLC's have abount 100-170 clients connected.
  Question:
  - Will these be an issue with the 150 simultaneous logins, despited when usin only one user for all Wifi-clients?
  - Can the user WebAuth be done with a Cisco ISE like Passthrough, no username&password should be entered by the user.
    If yes, some guide information wolud be great.
  - When successfully authenticated, a logout screen shows on the Windows client. Can this be hidden some how?
  Thanks for the answers ;-)
  Kind regards,
  Norbert

  Question:
  - Will these be an issue with the 150 simultaneous logins, despited when usin only one user for all Wifi-clients?
  > I believe this means at the same time... I have clients doing the same thing with hundreds or more of guest users
  - Can the user WebAuth be done with a Cisco ISE like Passthrough, no username&password should be entered by the user.
    If yes, some guide information would be great.
  > ISE is really used to login with a username and password and to be able to profile.  You would need to ask that on the Security forum to get their input if this is something then would do or just leave it on the WLC
  - When successfully authenticated, a logout screen shows on the Windows client. Can this be hidden some how?
  > Not really... some machines with popup blocker does block this and you don't see the logout, but you can't remove this.
  Thanks,
  Scott
  *****Help out other by using the rating system and marking answered questions as "Answered"*****

• Fout:e auth user already registered

  ik heb een sony ereader PRS-T1, wil een ebook downloaden van de bibliotheek, maar krijg de melding: fout:e auth user already registered.
  Weet iemand de oplossing hiervoor?

  Please share more information:
  1. You authorized sony reader for PC with an adobe id or you authorized without an id ?
  2. error "E_AUTH_USER_ALREADY_REGISTERED." you are getting on PC or sony reader device.
  You can also create a new adobe id and try to authorize your device.
  Thanks

• Auth User ID?

  how can i get the auth user's id that is logged in?
  something like this doesn't work????
  Response.Write(User.Identity.Name)

  You'll have to disable anonymous access on the web site
  first, otherwise all
  users will log in as the anonymous web user. After you've
  done that, the
  user name is available.
  "rbtwindude" <[email protected]> wrote in
  message
  news:e80b6p$2of$[email protected]..
  > no session vars.....
  >
  > haven't been able to see who's logged in yet.......
  >
  >
  > they don't login to the site.......... would like to use
  there machine
  > acct

• Moving/Linking Claims Windows Auth user to an ADFS Claims

  Hi guys, 
  Here is my situation:
  Initial deployment: SharePoint 2010 with Windows Authentication - Users login using AD
  We successfully migrated the web application to use "Claims"
  We then integrated the web application with ADFS 2.0 - Using the same AD users
  Everything seems good and working fine. 
  The question I have is related to content already created in SharePoint. Is it possible to map the new ADFS account usernames to the existing windows authentication claims usernames?
  This is important for users, because we would like the "My" views of lists and libraries to work. SharePoint at the moment thinks that the logged in users (using ADFS) is different than the user who created/modified the documents. (Although it
  is the same AD account)

  Hi Inderjeet
  Thanks for your reply. The article did help in moving users (Move-SPUser) from AD to ADFS (Which I noticed in the securities in groups), however, the issue I'm looking for is still standing where the items that were created by the user using "Windows
  Auth Claim" were not moved/updated to the "ADFS Claim" user, which in fact they map to the same AD user.
  Is there away to transfer/update the created by and modified by attributes of users from Windows Claims to ADFS Claims user?
  UPDATE: The above statement is not correct. Move-SPUser actually updates the created by and modified by attributes to. 

• Framed-IP-Address in RADIUS Access Request for WLC web-auth users

  We have a web-auth WLAN (with 7.6.130.0 software on a 2504 WLC) configured to authenticate users through RADIUS. The Framed-IP-Address attribute, representing the client device's IP address is sent in the Accounting Request, as expected. However, this information should be available at the WLC before sending the RADIUS Access Request, since the device is already having an IP address. 
  So is there a way to configure the WLC to send the Framed-IP-Address attribute in the RADIUS Access Request as well?

  Hi ,
  Try using:
  aaa accounting delay-start
  Regards,
  ~JG
  Do rate helpful posts

• Show web auth users on WLC

  Hello all!
  I have a Cisco WLC 2500 running software version 7.0.220.0 and one of its WLANs it´s configured to Web Auth with LDAP (Microsoft AD) and it´s working fine.
  Now i need to figure out how to list all the authenticated users, they IP Address, AP Name and some other informations located in the Clients > Detail page.
  Is there any CLI command that will show the information I need? Or even another way to retrieve that information?
  Thanks in advance.
  Valdecir
  São Paulo, Brazil.

  The only way you can see this detail is from the CLI of the WLC:
  show client summary
  Find the mac address of the user
  show client detail <mac address>

• SMTP auth. users to avoid RBL

  Dear All,
  have a Mac OS X Server mail component working all right, few domains, few hundred users. All is fine. Do not yet have content-based spam filtering, will soon. Until then, wanted to turn on RBL. (Mail -> Settings -> Relay (tab) -> "Use these junk mail rejection servers..."). If I turn it on, amount of spam goes half right away. Few of my users are sometimes working remotely from ADSL providers, etc., and their legit mail then gets rejected by one-or-other RBL.
  I was told, that there is eventually way to set the mail server not to check mail from SMTP authenticated clients against RBL, but I didn't find UI for this. Is there such a setting? No Kerberos here (yet). Only classic password auth. SMPT and SSL.
  Any tip much welcome,
  OG.
  Message was edited by: Gergely Olah

  If these (remote) users are affiliated with your organization, I'd probably set up for a way for these (remote) users to connect directly into the mail server. Preferably with encrypted remote access, or with a VPN solution. This trumps the RBL, and it also allows the users to send outward mail from your domain.
  As a potential workaround here, Squirrelmail / Webmail can be used.
  If these users are regularly operating on host within the blacklists, there are bigger issues for them and potentially also for you, too. Either they need to move to non-blacklisted sites, or they get to get the blacklist cleared.
  You're not the only site using the blacklists, after all.
  And -- worst case, but certainly possible -- there could be a legitimate reason these (remote) users became blacklisted. They could be affiliated with compromised host systems or with mail servers that are generating spam or that are vulnerable to relay attacks, or with a problematic ISP, etc. The blacklists could be (and often are) correct. And if the client systems are infested and do connect into your servers (either via VPN or via authorized remote submission), your servers could well end up forwarding spam.

• Which DB schema is used for Windows auth. users?

  I'm experimenting with using Windows auth. with Oracle and I'm curious about which schema is used for creating DB objects of the user, who is connected with Windows auth? Based on my experiments of one sample user connected with Windows auth. the objects that the user creates end up in SYS schema. This is very surprising, since Oracle discorages using SYS schema for user objects. Is this always the case (any user connected with Windows auth. will operate in the SYS schema)? Is there a way to provide a custom name for the schema that will be used by a particular user connected with Windows auth?
  Thanks,
  Vladimir.

  Thank you for clarification. Indeed each user does work in it's own schema that is the same as the OS user name ('DOMAIN\USER'). My mistake was that I had that OS user in ORA_DBA group which automatically maps into SYSDBA, so my objects were created under SYS schema.
  Now, here is a follow-up question: is there a way to make several OS-authenticated Oracle users to use the same schema if they are not a part of ORA_DBA group (I'm manually adding them to Oracle using "create user"). I know there is a way to do that with Oracle Internet Directory as described in the link you mentioned, but that requires us to force our customers to update to Oracle Advanced Security which we don't want to do.
  Thanks,
  Vladimir.

• BI Auth - user still can search & execute for not authorized query

  Hello All,
  need your help here.
  For BI security,
  I've configured menu role (for example ZBEX_FIN) in order for the end users to see only specific queries/workbook inside the menu folder that assigned to him/her.
  And I've made a function role for end user, copy from the template S_RS_RREPU with the modification:
  1. I delete 0BI_ALL
  2. add S_USER_AGR and put my menu role above (ZBEX_FIN) for field ACT_GROUP
  3. add S_RS_FOLD to disable the infoarea button in BEx.
  currently the user can see and execute report assigned in the role menu folder, this is correct.
  But the problem is there's a find button in the BEx, when the user try to search other query (non authorized query,the one that supposed he can't see), he still can display the query, then can execute the query. This is not acceptable.
  Anyone can suggest whether I can disable the find button in the BEx
  or any other restriction in the role that I missed, so the user can only execute and display the query/workbook under the role menu only.
  Thanks in advance.

  So it means that we need to do it twice restrictring the query in the role menu and then inside the S_RS_COMP ?
  so later when the user wants to add more queries in his role, we need to add those in the role menu as well inside the S_RS_COMP. is this correct ?
  When you add queries/workbook to role menu, you are not restricting the access. Its just that user menu would list those queries/workbooks. Users can search for other queries and workbook and run them with proper authorizations in S_RS_COMP. You may consider maintaining query naming convention with wild cards for example YRZ* etc to give access to all queries/workbooks starting with YRZ. This would save your effort to update role too freqeuntly.
  And if I have a workbook, how I put it inside the S_RS_COMP ? because the component of S_RS_COMP is query only.
  S_RS_COMP can restrict queries as well as workbooks with field RSZCOMPTP= REP

• Auth User's score down by old missed payment Will that stay in history for 7 years

  I have a card which is 10 years old and I have 1 late (30-60 days) payment in 2014. I added my younger brother as an authorized user, hoping Avg account age would bump up, since he is just starting out. It had the desired affect, but I realize that the missed payment has really pulled down his "on time payment" percentage. It hasn't been affecting me because I have many cards. I'm at 99.7%. But his report shows 85%, due to that 1 late payment . --->Now if I remove him as an authorized user from my card. will the missed payment stay on his file for 7 years? Even though he is not the primary holder?

  I had a similar issue years ago.  After I was removed as an authorized user, I had to open a dispute with the credit bureaus to have the account removed from my reports; it was not automatic.  Of course things change, so YMMV.

• Prime 2.0: User Auth Failure Count

  Hello
  In Prime 2.0, on the Home page> General, you can view dashlets showing various bits of information.
  One of those available is User Auth Failure Count and I am trying to establish what this table is showing me and if I can get this information out of Prime in a CSV format for example, in order to do some correlation with RADIUS logs.
  I want to establish whether the users being reported as having an auth failure are actually managing to get onto the network eventually, or whether we have an authentication problem we need to tackle.
  The only reference in Cisco documentation I have found to date says the following, which is not helpful to me:
  "User Auth Failure Count
  This dashlet displays a chart which shows user authentication failure count trend over time.  "
  Does anyone know if this information is exportable somehow?
  thanks
  Bryn

  Hi Scott
  I agree with your point that the historical data is available via MSE, but I now come round to my first question, which is how do I get to the data from Prime?
  I cannot find a report to run to get the Failed Auth User Count data, although it must be there for the information to be populating the dashlet
  I think I will have to try our Cisco contact
  thanks
  Bryn

• Error message: User data is not indexed, yet. Index user data first

  Greeting All,
  Each time I try to index a 'Prepared' searchObjectConnector in the cockpit.. I get a message <
  User data is not indexed, yet. Index user data first>. even that I ran the z_ESH_AU_UPLOAD_AUTH_RFC_720 report in R/3 system.. and checked the auth /user data in the admin cockpit.. and it was indexed..
  1.any idea why I keep getting this error
  2.any idea how can I clean the buffer or the message Queu.. my guess this might  be not error but a q message..
  3. any suggestion please
  Thanks

  Hi Areege,
    I noticed that you created an OSS message on this issue. That was a good idea.
  There is an answer for you in OSS from yesterday.
  Kind regards, Klaus

• Cisco ISE 1.2 AD Auth and Internal Auth on Same SSID?

  Hello everyone... I'm fairly new to Cisco ISE 1.2 and am looking to try and setup a certain configuration.  I'm trying to figure out how to create what amounts to a BYOD dmz'd wireless network that is PEAP based (or tls) but authenticates known users (employees from AD groups) but for users not found in those AD groups uses the internal user database and/or Web Auth?  Make sense?
  So, I of course can get the Authentication/Authorization policies configured for PEAPTLS  and make to AD based on group and provide a VLAN number.  No problem... I'm having trouble wrapping my head around how to combine the internal users or web auth users in this mix on the same ssid?  I know by reading the ISE statement that the authentication policy if PEAP/TLS, ect is used, then a user not found is rejected and does not continue...  Can someone provide an example as to how to accomplish this?  
  As a side note in 1.2, is there the ability to limit the number of consective logins as in ACS, outside of guess access only? What about in 1.3, which makes me nervous to upgrade in reading the instructions and the 'newness' of it.
  Thank you for any help, it's greatly appreciated.

  I'd like to confirm if the required changes in the VM server were
  made, as there are a few changes in the ISE OS. The changes required are
  listed in the release notes, under "VMware Operating System to be
  Changed to RHEL 5 (64-bit)". Here's a direct link to the relevant section:
  http://www.cisco.com/en/US/docs/security/ise/1.2/release_notes/ise12_rn.html#wp384531
  Other causes can be :-
  certificate issue on ISE or not enough disk space.