Authentication for Shared iPad

I have a retail cusotmer that is interested in using shared iPads for thier store employees and securing the environment with ISE.  Is there a way to authenticate both the device (certificate) and the user (AD username / pw)?
My understanding is that this is the concept behind EAP-Chaining available in AnyConnect 3.1.  Will this feature be implemented in AnyConnect 2.x for mobile devices?
Any alternative suggestions on solving the business use-case would be appreciated too!

Cisco ISE  integrated with wireless LAN controllers (WLCs) can provide profiling  mechanisms of mobile devices such as Apple iDevices (iPhone, iPad, and  iPod), Android-based smartphones, and others. For 802.1X users, Cisco  ISE can provide the same level of services such as profiling and posture  scanning. Guest services on Cisco ISE can also be integrated with the  Cisco WLC by redirecting web authentication requests to Cisco ISE for  authentication.
Please check the below link for  configuration:
http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080bba10d.shtml

Similar Messages

  • Please help if you can: I accidentally deleted the IPOD app for my IPAD 3. I need it to enable HOME SHARING. How can I restore or reinstall it? It is not an app I bought, it came on the IPAD from Apple.

    Please help if you can: I accidentally deleted the IPOD app for my IPAD 3. I need it to enable HOME SHARING. How can I restore or reinstall it? It is not an app I bought, it came on the IPAD from Apple

    See These Support Articles for Home Sharing
    Understanding  >  http://support.apple.com/kb/HT3819
    How to  >  http://support.apple.com/kb/HT2688
    Troubleshooting  >  http://support.apple.com/kb/TS2972

  • My ipohne and ipad use the same account.  My wife wants to setup her own account for the ipad and utilize family sharing.  How can I change the account in my ipad?

    My ipohne and ipad use the same account.  My wife wants to setup her own account for the ipad and utilize family sharing.  How can I change the account in my ipad?

    Hi,
    Are you talking about changing the Apple ID used for purchases in iTunes? If so go to 'Settings->iTunes & App Store-> then 'tap' on the Apple ID that appears and click Sign Out on menu that appears. You can now login with a different Apple ID.
    Regards,
    Steve

  • What is the best way for sharing an iPad with 2 iPhones using different Apple acount ?

    What is the best way for sharing an iPad with 2 iPhones using different Apple acount ?

    You can't share with other devices if you are using different Apple ID's and iTunes account on them. You can only share if you use the same ID.

  • HT4436 My daughter & I shared same iCloud acct for my ipad & her iPhone. She now has her iCloud acct for new ipad but my iCloud acct still shows on her iPhone. How do we move to her iCloud acct?

    My daughter & I share same iCloud acct for my ipad & her iPhone. She set up a new iCloud acct for her new ipad but my iCloud acct still shows on her iPhone. If we delete, will it remove all her pictures etc(they are backed up to my iCloud)

    Welcome to the Apple Community.
    If she deletes your account, any photos in your photostream album will be removed from her device, her own photos in camera roll or other albums will not. If there are any photos in your photostream album she wants, there are 2 options available to her:
    Copy those photos to her camera roll before deleting your account.
    Create a shared photostream album yourself and share it with her.

  • ITune home sharing stops working if I enalbe WIFI sync for my iPad

    I am using iTune 11.2.0.115 (64bit) on win 7 fully updated to May 28, 2014 win-updates.  After upgrading to latest itune 11.2.0.115,  I have noticed when I enable "Sync over WIFI" in my iTune for my iPad or iPhone,  the iTune home sharing icon just disappers from left side panel and will not share no matter what steps I take.  I have read and followed all the steps for trouble shooting home-sharing for itune.  Such as re-install, disable ip6 etc...
    I share my media out of a win 7 and I have another win 7, Mac, apple TV, ipad and iphone which they do not see my main libirary until I un-check the sync over wifi.  However Mac and the Other win 7 can see each other's shared library.
    I can re-produce this problem each and every time.
    thx

    Hi Rick9814911,
    If you are having issues with intermittant disconnects when using Home Sharing, you may find the following article helpful:
    Apple Support: Troubleshooting Home Sharing
    http://support.apple.com/kb/TS2972
    Regards,
    - Brenden

  • "Team Foundation Server" is preventing authentication for whole team !!

    I am getting 2 errors through the event viewer that prevents TFS 2013 authentication for local domain users, also this error started appearing after having TFS upgraded to [ 12.0.30723.0 (Tfs2013.Update3) ].
    1st
    Error (from administrative events):
    The Execute method of job definition Microsoft.SharePoint.Administration.SPUsageImportJobDefinition (ID a51a0244-765d-433b-8502-0bb0540ad1fd) threw an exception.
    More information is included below.
    Access to the path 'C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\LOGS' is denied.
    Tried so far:-
    - changed the path to another folder from "Diagnostic Logging" in another drive, but still getting the same error.
    2nd
    Error (from application server):
    DistributedCOM error
    The application-specific permission settings do not grant
    Local Activation permission for the COM Server application with CLSID 
    {000C101C-0000-0000-C000-000000000046}
     and APPID 
    {000C101C-0000-0000-C000-000000000046}
     to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20)
    from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    Which I already got fixed using the following steps on a thread I opened before (but still getting the same error).
    https://social.technet.microsoft.com/Forums/windows/en-US/3896e35c-b99a-4d30-b662-f92d337c8d6f/windows-servers-components-services-and-regedit-permissions-are-grayed-out-for-my-admin-account?forum=winservergen
    Other
    Fixes I tried
    - Found on another topic that it is not sharepoint that is causing the problem, but it is the generated ASP.NET web pages used for testing is causing the memory to fill up due to cashing on RAM, the fix suggested to change IIS cashing from RAM to HD to prevent
    loading up using w3wp.exe from processes. 
    Concern
    - by checking other topics for people having the same problem, it was mentioned that this error appeared after the lastest TFS update, is there is a fix for it ?

    Hi Amr,
    For your first error, you can change the "Diagnostic Logging" path, aslo change the path of the usage and health data connection the same with your ULS log location. Check this
    blog for more detils and make sure you follow the instructions. Restart SharePoint tracing service after the operations. You can also check this
    thread for more references. If you still have any other concerns about SharePoint, you can open a new thread in SharePoint forum for a better response.
    About the second error, seems it's not related to TFS. You can also run TFS best practice analyzer to check if there any configuation issues on your application tier server. However, you can also refer to this
    blog
    to get this issue resolved. If the problem persists, you can elaborate more details about your scenario and the reproduce steps or open a new thread related forum.
    Best regards,

  • "Sharepoint 2013" is giving error that prevents local domain users authentication for "Team Foundation Server"

    I am getting 2 errors through the event viewer that prevents TFS 2013 authentication for local domain users, also this error started appearing after having TFS upgraded to [ 12.0.30723.0 (Tfs2013.Update3) ].
    1st Error (from administrative events):
    The Execute method of job definition Microsoft.SharePoint.Administration.SPUsageImportJobDefinition (ID a51a0244-765d-433b-8502-0bb0540ad1fd) threw an exception. More information is included below.
    Access to the path 'C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\LOGS' is denied.
    Tried so far:-
    - changed the path to another folder from "Diagnostic Logging" in another drive, but still getting the same error.
    2nd Error (from application server):
    DistributedCOM error
    The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
    {000C101C-0000-0000-C000-000000000046}
     and APPID 
    {000C101C-0000-0000-C000-000000000046}
     to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    Which I already got fixed using the following steps on a thread I opened before (but still getting the same error).
    https://social.technet.microsoft.com/Forums/windows/en-US/3896e35c-b99a-4d30-b662-f92d337c8d6f/windows-servers-components-services-and-regedit-permissions-are-grayed-out-for-my-admin-account?forum=winservergen
    Other Fixes I tried
    - Found on another topic that it is not sharepoint that is causing the problem, but it is the generated ASP.NET web pages used for testing is causing the memory to fill up due to cashing on RAM, the fix suggested to change IIS cashing from RAM to HD to prevent
    loading up using w3wp.exe from processes. 
    Concern
    - by checking other topics for people having the same problem, it was mentioned that this error appeared after the lastest TFS update, is there is a fix for it ?

    Hi Kpdn, 
    Thanks for your post.
    All your participation and support are very important to build such harmonious/ pleasant / learning environment for MSDN community.
    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click
    HERE to participate the survey.

  • Open Authentication for Wireless Access

    Hello,
    The standalone implementation of an existing wireless network is configured as Open Authentication with a TKIP Cipher. The client key management is set to WPA PSK.
    What exacly is the authentication for? I see that MAC and EAP are available options. Would these options be used to block or authorize the actual wireless devices that connect to the AP?
    The next thing I see is Client Authenticated Key management and I am using WPA PSK. What exactly happens once I enter thsi PSK from the client? Is it only used to encrypt the data?
    Thanks,
    Kevin

    Hi Kevin,
    Using WPA we can configure  either Enterprise or pre shared key.. Enterprise comprises of EAP and pre shared key is just the PSK..
    if we are using EAP then auth will be done by the RADIUS and the encryotion will still be TKIP.. now coming back to PSK, this is shared key which will authenticate the users locally...
    EAP is more secured auth compared to PSK..
    Now regarding the "auth open" line.. see there are 2 kinds of auth in 802.11.. here while using wireless we need to auth twice, dot11 authentication and followed by the psk or EAP auth.. the auth open statement will force us to get the dot11 auth successful and then we move towards needed auth like PSK or EAP.. and another is Shared auth is very similar to WEP using open auth!!
    in the nut shel we have 3 kinds of auth..
    1> open - Dot11 auth
    2> Shared - Nothing but WEP
    3> 802.1X suite - EAP
    again, the below link may give you some insights as well!!
    http://www.cisco.com/en/US/docs/wireless/access_point/12.2_13_JA/configuration/guide/s13auth.html#wp1035025
    Lemme know if this answered ur question and please dont forget to rate the usefull posts!!
    Regards
    Surendra

  • Is there an app to allow users to enter their name on a shared iPad to track who used it?

    We have a pool of iPad 2 devices running iOS 7.0.4 used in a business environment. This pool of shared iPads is distributed and shared between multiple users. I would like better accountability of each iPad as they are being taken/used by employees. Is there an app that will store locally, email, or iMessage who used the iPad? It should prompt for a name or other ID each time they turn on the iPad or after X minutes of inactivity.

    We use the AirWatch MDM.  It has a multi-user device check in and check out capability which is what you want.  One solution for you would be to implement an MDM. 

  • Can I backup two devices (with different documents) to one iCloud account?  For example: iPad and iPhone, not everything is synced between the two, but I would like to backup each (seperately in the cloud), is this possible?

    Hello Apple Community,
    Can I backup two devices (with different documents) to one iCloud account? 
    For example: iPad Air and iPhone 5, not everything is synced between the two, but I would like to backup each (seperately in the cloud).  Is this possible?
    This way when I change from an old ipad to a new, I can restore with the ipad backup, and when I change from an old iphone to a new, I can restore from the
    iphone backup.
    Thank you in advance!

    Terminology check here. Do you really mean a "CD"?  There's a difference in Cloud behavior between content from a physical CD you ripped (which only has Cloud content if you have iTunes Match) and an "album" you bought from the iTunes Store.
    Read references for Home Sharing.
    iTunes: How to share music and video - http://support.apple.com/kb/HT2688 - about Music Sharing and Home Sharing
    Home Sharing Support page - http://www.apple.com/support/homesharing/
    iOS: Setting up Home Sharing on your device - http://support.apple.com/kb/ht4557 - "With Home Sharing in iOS 4.3 or later, you can stream your entire iTunes library over your home Wi-Fi network from your Mac or PC right to your iPhone, iPad, or iPod touch."
    The above can get pretty complicated.  You are probably best off by syncing both devices to a single library and/or updating the libraries on both computers to have the same content.

  • I want to stop using my Apple ID for my iPad, which I will give my daughter.

    Dear friends,
    A month ago, I bought an iPad 4 for my 4-year-old daughter. I have used my Apple ID and bank account to buy Apps to install on the iPad. Now I do not want to use my Apple ID and bank account for this iPad (but I will use them for my iPhone 5). I live far away from my daughter and I have bought enough educational Apps for her. If my Apple ID and bank account are being used for this iPad, my daughter may click commercial Apps and that will be trouble for me.
    Now I want to use my wife's email address as a new Apple ID (she does not have a bank account, but she has her own laptop).
    Can I still keep the purchased Apps on the iPad for my daughter? How can I change the Apple ID  and stop my bank account for this iPad?
    I am not a technician and English is not my mother tongue, so please use simple language when you give me instructions.
    Thank you very much for your help.
    Happy New Year!
    Best regards,
    Le (Mr)

    Try getting a credit card from the same people who issued the debit card. If I read the home sharing paper properly after your set it up with the credit card you can change the payment method back to debit.

  • I need to set up an apple ID for my IPAD but my daughter was already using my email address for her itunes

    I need to set up an apple id for my IPad but my daughter is using my email address to purchase music for her IPOD and IPhone.  How can she delete her apple ID so that I can use my own email account?

    Try getting a credit card from the same people who issued the debit card. If I read the home sharing paper properly after your set it up with the credit card you can change the payment method back to debit.

  • Authentication for multiple AD domains

    Hello,
    Currently we have MS AD datasource as UME for all our internal portal users. We also have spnego setup for authentication  for our EP 7.0 The user path and group path is of the form   dc=dom1 dc=company dc=domain dc=com.
    Now we are planning to add additional domains to authenticate users .
    Will the configuration differ if they are maintained on a different ldap server altogether or when only the user and group paths are different for the new domains as shown below?  The user path and group path is of the form dc=dom2,dc=company,dc=domain,dc=com and
    dc=dom3,dc=company,dc=domain,dc=com.
    It seems that we have to change the datasource file for the additional ldap scenario.But are both of these the same,Would appreciate if someone could clarify this.
    Rgds

    Vineeth,
    Within the 1 file, you can setup n-number of datasources.  Below is an example.
    As for having SPNego work for only 1 of those datasources (AD domains), I can't say if that will work.  We have SPNego working for all our domains.  There is probably something you can do within AD or your domain controller to limit Kerberos authentication.
    <?xml version="1.0" encoding="UTF-8"?>
    <!-- $Id: //shared_tc/com.sapall.security/630_SP_COR/src/_deploy/dist/configuration/shared/dataSourceConfiguration_ads_readonly_db.xml#6 $ from $DateTime: 2004/08/20 09:55:24 $ ($Change: 17140 $) -->
    <!DOCTYPE dataSources SYSTEM "dataSourceConfiguration.dtd">
    <dataSources>
         <dataSource id="PRIVATE_DATASOURCE1" className="com.sap.security.core.persistence.datasource.imp.DataBasePersistence" isReadonly="false" isPrimary="true">
              <homeFor>
                   <principals>
                        <principal type="group"/>
                        <principal type="user"/>
                        <principal type="account"/>
                        <principal type="team"/>
                        <principal type="ROOT"/>
                        <principal type="OOOO"/>
                   </principals>
              </homeFor>
              <notHomeFor/>
              <responsibleFor>
                   <principals>
                        <principal type="group"/>
                        <principal type="user"/>
                        <principal type="account"/>
                        <principal type="team"/>
                        <principal type="ROOT"/>
                        <principal type="OOOO"/>
                   </principals>
              </responsibleFor>
              <privateSection/>
         </dataSource>
        <dataSource id="PRIVATE_DATASOURCE2" className="com.sap.security.core.persistence.datasource.imp.DataBasePersistence" isReadonly="false" isPrimary="true">
                <homeFor>
                    <principals>
                        <principal type="group"/>
                        <principal type="user"/>
                        <principal type="account"/>
                        <principal type="team"/>
                        <principal type="ROOT"/>
                        <principal type="OOOO"/>
                    </principals>
                </homeFor>
                <notHomeFor/>
                <responsibleFor>
                    <principals>
                        <principal type="group"/>
                        <principal type="user"/>
                        <principal type="account"/>
                        <principal type="team"/>
                        <principal type="ROOT"/>
                        <principal type="OOOO"/>
                    </principals>
                </responsibleFor>
                <privateSection/>
        </dataSource>
        <dataSource id="PRIVATE_DATASOURCE3" className="com.sap.security.core.persistence.datasource.imp.DataBasePersistence" isReadonly="false" isPrimary="true">
                <homeFor>
                    <principals>
                        <principal type="group"/>
                        <principal type="user"/>
                        <principal type="account"/>
                        <principal type="team"/>
                        <principal type="ROOT"/>
                        <principal type="OOOO"/>
                    </principals>
                </homeFor>
                <notHomeFor/>
                <responsibleFor>
                    <principals>
                        <principal type="group"/>
                        <principal type="user"/>
                        <principal type="account"/>
                        <principal type="team"/>
                        <principal type="ROOT"/>
                        <principal type="OOOO"/>
                    </principals>
                </responsibleFor>
                <privateSection/>
        </dataSource>
    </dataSources>

  • I recently purchased icloud storage for my iPad Air.  I want to store photos in the cloud and learn how to retrieve them.  I need help.

    I recently  purchased iCloud storage for my iPad Air so that I can store my photos in the cloud.  I don't know how to do this.  I want to be able to retrieve them as well. 

    Hello Janet
    With that iCloud storage that you purchased, is used for mainly for iCloud Backup for your iPad Air, app data as in games and documents for like iWork and other apps that save data locally within the app. Dealing with photos in your Photo Stream they actually do not count towards that storage plan. If you don’t think that the storage is going to work for you, then cancel the upgrade you just made.  
    iCloud: iCloud storage plan overview
    http://support.apple.com/kb/PH12796
    iCloud: Shared Photo Streams FAQ
    http://support.apple.com/kb/HT5903
    iCloud: Cancel your storage upgrade
    http://support.apple.com/kb/PH12798
    Regards,
    -Norm G.

Maybe you are looking for

  • Inconsistency in BW reportdue to Sales orders archiving

    1.) Sometimes Sales Contracts/Sales Orders get archived when saved.  Sales documents u201Cnot in the database or have been archivedu201D as per ECC design are coming up in the BW reports, one of the reports being the open contracts reports. All the d

  • Can't open files in Doc Library with IE

    hello all: I have a document library which has recently shown an issue.  There are many users that access this library with no problem.  Recently, a few users (3-4) have complained that they are no longer able to view files.  They are definitely able

  • Role Dimensions in OWB

    hi, I have a fact table linked with the same dimension table more than once. The fact got validated properly, but when trying to execute the mapping ,values are not getting populated in the fact table. I came to know that such dimensions are known ar

  • MyAT&T app says Q10 OS 10.2 browser is not modern, and I have no way to update it

    OS 10.2 browser does not work with myATT app from BlackBerry World. Error says it needs to be upgraded. There are no other browsers in BlackBerry World... and no OS 10.3 available either. What are the options?

  • Can't compile winlist-ng and itask for Enlightenment desktop

    Hi, I'd like to compile winlist-ng and itask for Enlightenment. I've checked out the code from here svn checkout http://svn.enlightenment.org/svn/e/trunk/E-MODULES-EXTRA Then I run cd E-MODULES-EXTRA/winlist-ng/ ./autogen.sh --prefix=/usr make But I