B1 integration with PLC based machines

Dear Experts,
Is it possible to integrate SAP B1 with PLC based machines used in manufacturing.What is the format in which data can be exchanged with B1?
Thanks ,
AsapFan

Dear Gordon,
The functions would be pertaining to production figures captured by the machines.Additionally the machine parameters and shift details would would required to be entered into SAP B1.
Regards,
Sameep

Similar Messages

Integration with PLC, Weigh Bridge, Attendance Machine & Spectrometer

Dear Friends,
Can anyone help me with any knowledge on how to integrate
1) PLC
2) Weigh-Bridge
3) Attendance Machine
4) Spectrometer
with SAP System?
I have never done any integration...and looking for help.
Points assured if helpful.
Regards,
Rohan Das

Dear Rohan,
You need to go through the SAP xApp Manufacturing Integration and Intelligence (SAP xMII) technology, which offers a sophisticated yet easy-to-use application for aggregating, transforming, and distributing plant and production information.
Do go through some OPC (Object for Process Control) documents also.You can visit the link below to get a feel of it.
http://www.opc-to-sap.com/
Bye
Take Care
Sauvik

BC E-commerce integrated with Subscription Based Web Application

I am considering using BC for my company's corporate website as well as the online store. We sell a subscription based web application which will have 3 or more flavors (products) and will need to bill customers on a recurring monthly or annual basis.
For the monthly subscriptions, we want to bill the customer based on the "highwater" mark with regards to user quantity for that given month. This gives the users the flexibility to add/remove users freely without the fuss of having to contact a sales representative to adjust their account/recurring order.
I would imagine this would happen one of two ways:
The user signs up creating their account both in our web application and the ecommerce site and is billed for the first time. In the ensuing months, either: the e-commerce site communicates with our web application to get the high water mark quantity for that billing cycle or
Our web application sends a new order each month to the e-commerce site, including the highwater mark quantity, giving the illusion to the user that it is indeed a recurring order but behind the scenes they are actually individual orders.
Annual subscription customers are a bit more challenging. We still want the users to have the flexibility to add/remove users with minimal effort. However, since they are being billed on an annual basis, prorating additional users will be necessary. So if customer who previously purchased 5 licenses, adds 5 more licenses during month 6 of their annual subscription term, we would need the e-commerce solution to bill them once immediately for the 50% prorated 5 licenses, then bill them 6 month's later for the total 10 license subscription renewal.
At a bit of higher level, we would prefer the customer to manage all their billing/account info within our web application rather than going to an external store to do so.
One other caveat, we would prefer not to store credit card info on our site. Preferably that would be stored in our payment gateway (Auth.net). This may or may not affect the workflows described above.
My Questions:
Can the BC e-commerce solution support the workflows above?If so, is there any documentation/resources available to research this further?
Are there any BC customers that currently do something similar? If so, who and how similar?

Hi Greg,
From what you have described it seems to me that you need some complex server side logic which BC doesn't allow. In any case you'd have to develop an app that communicates between BC and that other application through our API, which will control the orders as per your requirement. In particular, there's no easy way for end user to control their recurring monthly or annual subscription, there's no way to apply immediate discounts according to earlier purchases that will satisfy this requirement "if customer who previously purchased 5 licenses, adds 5 more licenses during month 6 of their annual subscription term, we would need the e-commerce solution to bill them once immediately for the 50% prorated 5 licenses, then bill them 6 month's later for the total 10 license subscription renewal", you can't build in this functionality into BC " the e-commerce site communicates with our web application to get the high water mark quantity for that billing cycle" and there are few more things there which suggest to me that you need something custom.
Cheers,
-mario

ARIBA Integration with SAP (based in iDoc interchange) with deviating "remit-to" addresses for incoming vendor invoices

Hi,
We are currently trying to implement our ARIBA interface for incoming vendor invoices (purchase order based invoice verifiction) and facing currently some major challanges of a business requirements to interface alternative "payment remit to" addresses of vendor invoices. Our current setting consider the data exchange via iDocs into our SAP system, but unfortunately we are unable to process any deviating "remit to" address in the incoming document. As an ARIBA private ID we indicated the combination of "company code" with "vendor number". Can anybody advise how other companies resolved this challange? Thanks for your input, Jakob Kistler

Hi,
I am sending only answers.If wrong pls correct me.
1.A,C
2.C
3.A,B,D,E
4.ACE
5.ABCD
6.B
7.BE
8.ALL
9.ABC
10.ABCDE
11.A
12.ABCD
13.E
14.BC
15.ALL
16.ABC
17.ACD
18.AC
19.B
20.ACDE
21.DE
22.B
23.ABCD
24.CD
25.C
26.BDE
27.BCE
28.C
29.CDE
30.BCDE
31.BDE
32.A
33.B
34.ALL
35.ABC
36.ALL
37.ABC
38.A
39.ACDE
40.AB
41.ABE
42.CD
43.ABCE
44.CD
45.ACDE
46.BD
47.AC
48.CD
I have sent answers for the questions.If any answer is wrong pls correct me.
Assign points if useful
Regards,
S.VINAYA KUMAR

Cisco WCS integration with SNMP based monitoring

I am looking for a solution to integrate Cisco WCS with any SNMP based monitoring solution. My requirement is below,
- Alerts for Access points up/down should be picked up by an alerting system in its console through SNMP.
- I dont want all access points to be monitored, but only a critical group.
Currently all access points are configured on LWAP mode under a wireless controller. Can i configure APs individually for SNMP and get it monitored through the 3rd party monitoring tool.
Can anyone please guide me to find a solution for this.

http://www.cisco.com/en/US/docs/wireless/mse/3350/6.0/CAS/configuration/guide/msecg_ch2_CAS.html

P.O.S system integrating with Sales Based rent

Hello Gurus
Is it possible to integrate sales based rent with a P.O.S ( Point of Sale) system from the client side, ie customer, if so how?
I very much await your response.
Much Regards
David

Hi,
Yes, the solution depends on communication protocol which you want to use.
Option1: SAP receives the data through IDOC from EPOS and pass these values to BAPI BAPI_RE_SALES_REP_REPORT
Option2: In case if you are using any middle-ware, middle-ware receives the data from EPOS and tell your middle-ware consultant to consume BAPI BAPI_RE_SALES_REP_REPORT in middle-ware. You can use .Net connector / Java connector in middle-ware to consume SAP BAPI's directly.
rgds,
Srini

Capacity planning integration with ERP based on activity types

Hello Friends,
Please help me in understanding the integration of capacity planning with activity types.
I have done the configuration but i am getting all the values double and giving the wrong roll up.
Please help me how this integration works and how to configure it so that i can get the actual efforts from the SAP ERP.
Regards,
Lohith

You can split operation and assign operation ticket to more than one Person (i.e. HR person number) even if they are not linked to one work center.
I don't have system in front of me, but I think it's in Operation details. You can also check individual capacity in table or graph. It was available in ECC 6.0
Hope this helps-

Web based reporting engine integrated with APEX

Hello,
I would like to use some completely web-based reporting solution for my application. My idea is that I will create some datasource, prepare database query and publish some data columns to end users (datamodel). They will choose from many of prepared data areas, create their own report using some intuitive web-based report designer and save it. I do not need it for any analytic purposes, no dynamic filters, graphs and other widgets, no BI. It will be all only about building text based reports with few dynamic fields (customer address, actual date etc..).
For example: User will prepare some document (template) with few paragraphs and add some of prepared dynamic fields into it (ie. company name, customer address, repeating table with list of employees, some image). Then he will be able to generate same document for many customers etc..
I am looking for some simple, user friendly web based application. Some external report builder for example for Jasper reports is not what I am looking for.
I will need to integrate it with Oracle 11g XE with APEX 4.2 so some API or URL parameters is must.
Used reporting engine does not be completely free, but I am able to pay max. $5000 for it
Do you have some tips?
Thank you

This could be a solution for APEX reports (interactive reports). But I want to create more complex reports, not only table based reports.
I need to create for example invoice report with some dynamic fields (customer, invoice items...), another report can be for example some contract about cooperation with some dynamic fields (contract number, personal information ...).
These reports will be mostly only text based without any table. See example bellow. How would you generate this kind of letter?
"Hello <CUSTOMER_NAME>, we would like to offer our new product <PRODUCT_NAME> to you..."
Where CUSTOMER_NAME a PRODUCT_NAME are prepared fields (from some database tables). It will be something very similar to Microsoft Word automatic mailings. User can generate many text based reports and save them as PDF.
I need to find some web based product, that will be simple for users and can be integrated with APEX.

Help regarding XML-Based Integration with XAware

If any one have some tutorial related with this topic:
XML-Based Integration with XAware Kirstan Vandersluis

It's a book. Go and buy it. Why would any part of it be available for free on the web?

Seimens HMI Integration with SAP MII

Dear MII Experts,
We are trying to integrate shop floor systems with SAP MII for discrete manufacturing industry.
I came across the client has 70+ machines in the plant .the vendor is "DMG"
Seimens HMI is installed on each machine .
What are the possible ways here to connect to PLC from MII
I am very new to this integration part .
Can MII directly connect to Seimens HMI .
I am very new to this area , client is ready to pay extra cost for any extra interfaces .
Please suggest me the architecture to follow .
Please give me a detailed explanation here , please correct me if I my explanation is wrong here
Please reply me for any other clarification

Hi Eswaraiah,
To access the PLC data in MII, you would need couple of things more.
1. OPC Server where the PLC stores the data.
2. PCo (SAP Plant Connectivity) that can read the data from OPC Server and send the data to MII for manipulation.
From PCo MII can read the data and you can then perform your business logic. Also, PCo has built-in notification settings which can trigger MII's transactions based upon some conditions.
So I believe, your landscape would look like
Siemens HMI --> OPC Server -> PCo --> MII
Check these out...
PLC Integration with SAP MII
Connecting MII to PLC devices
Communicating with PLC
Regards
Tufale Ashai

I want a new and more powerful (non-Apple) wireless router but I still want to use my existing Time Capsule to continue with my Time Machine backups and I still need the Time Capsule's Network Attached Storage (NAS) features and capabilities

THE SHORTER STORY
My goal is to successfully use my existing Time Capsule (TC) with a new and more powerful wireless router. I need a new and more powerful wireless router in order to reach a distant Denon a/v receiver that is physically located in a master bedroom some 50 feet away from my modem. I need to provide this Denon a/v receiver with an Internet connection so that it can obtain its firmware updates and I need to connect this Denon a/v receiver to my network in order to use its AirPlay feature. I believe l still need the TC's Network Attached Storage (NAS) features because I am not sure if the new wireless router will provide me with the NAS like features / capabilities I need to share files between my two Apple laptops with OS X 10.8.2. And I know that I absolutely need my TC's seamless integration with Apple's Time Machine (TM) application in order to continue to make effortless backups of my two Apple laptops. To my knowledge nothing works with TM like Apple's TC. I also need the hard disk storage space built into the TC.
I cannot use a long wired Ethernet cable connection in this apartment and I cannot use power-line adapters. I have read that wireless range extenders and repeaters are difficult to successfully set-up and that they will reduce data speeds, especially so when incorrectly set-up. I cannot relocate my modem and/or primary base station wireless router.
In short, I want to use my TC with my new and more powerful wireless router. I need to stop using the TC to connect to the modem. However, I still need the TC for seamless TM backups. I also need to use the TC's built in hard drive for storage. And I may still need the TC's NAS capabilities to share files wirelessly between laptops because I am assuming the new wireless router will not provide NAS capabilities for OS X 10.8.2 (products like this/non-Apple products rarely seem to work with OS X 10.8.2/Macs to provide NAS features and capabilities). Finally, I want to continue to use my Apple laptop and AirPlay to wirelessly access and play my iTunes music collection stored on the TC's hard drive. I also want to continue to use my Apple laptop, AirPlay and Apple TV to wirelessly watch movies and TV shows stored on the additional external hard drive connected to the TC via USB. Can someone please advise on how to set-up my new Asus wireless router with my existing TC in such a way to accomplish all of this?
What is the best configuration or set-up to accomplish my above goals?
Thank you in advance for your assistance!!!
THE FULL STORY
I live in an apartment building where my existing Time Capsule (TC) is located in my living room and serves many purposes. Specially, my TC is at least all of the following:
(1) Wi-Fi router connected to Comcast Internet service via Motorola SB6121 cable modem - currently the TC is the Wi-Fi base station that connects to the modem and has the gateway address to the Internet. The TC now provides the DHCP service for the Wi-Fi network.
(2) Wireless router providing Internet and Wi-Fi network access to several Wi-Fi clients - two Apple laptop computers, an iPod touch, an iPad and an iPhone all connect wirelessly to the Internet via the TC.
(3) Wired Ethernet router providing Internet and Wi-Fi network access to three different devices - a Panasonic TV, LG Blu-Ray player and an Apple TV each use one of the three LAN ports on the back of the TC to gain access to the Internet.
(4) Primary base station in my attempt to extend my wireless network to a distant (located far away) Denon a/v receiver requiring a wired Ethernet connection - In addition to the TC, which is my primary base station, I am also using a second extended Wi-Fi base station (a Netgear branded product) to wirelessly extend my WiFi network to a Denon receiver located in the master bedroom and requiring a wired Ethernet connection. I cannot use a wired Ethernet connection to continuously travel from the living room to the master bedroom. The distance is too great as I cannot effectively hide the Ethernet cable in this apartment.
(5) Time Machine (TM) backup facilitator - I use my TC to wirelessly back-up two Apple laptops using Apple's Time Machine (TM) application. However, I ran out of storage space on my TC and therefore added external storage to it. Specifically, I added an external hard drive to my TC via the USB port on the back of the TC. I now use this added external hard drive connected to the TC via USB as the destination storage drive for my TM back-ups. I have partitioned the added external hard drive, and each of the several partitions all have enough storage space (e.g., each of the two partitions used by TM are sized at three times the hard drive space of each laptop, etc.). Everything works flawlessly.
(6) Network Attached Storage (NAS) - In addition to using the TC's Network Attached Storage (NAS) capabilities to wirelessly back-up two Apple laptops via TM, I also store other additional files on both (A) the hard drive built into the TC and (B) the additional external hard drive connected to the TC via USB (there are additional separate partitions on this drive for these other additional and non-TM backup files).
I use the TC's NAS feature with my Apple laptop and AirPlay to wirelessly access and play my iTunes music collection stored on the TC's hard drive. I also use my Apple laptop, AirPlay and Apple TV to wirelessly watch movies and TV shows stored on the additional external hard drive connected to the TC via USB. Again, everything works wirelessly and flawlessly. (Note: the Apple TV is connected to the network via Ethernet and a LAN port on the back of the TC).
The issue I am having is when I try to listen to music via Apple's AirPlay in the master bedroom. This master bedroom is located at a distance of two rooms away from the TC's current location in the living room, which is a distance of about 50 feet. This apartment has a long rectangular floor plan where each room is connected to the next in a straight line. In order to use AirPlay in the master bedroom I am using a second extended Wi-Fi base station (a Netgear branded product) to wirelessly extend my WiFi network to a Denon receiver located in the master bedroom and requiring a wired Ethernet connection. This additional base station connects wirelessly to the WiFi network provided by my TC and then gives my Denon receiver the wired Ethernet connection it needs to use AirPlay. I have tried moving my iTunes music directly onto my laptop's hard drive, and then I used AirPlay on this same laptop to connect to the Denon receiver. I always get a successful connection and the song plays, but the problem is that the connection inevitably drops.
I live in an apartment building and all of the many wireless routers in this building create a great deal of WiFi interference on both the 2.4 GHz and 5GHz bands. I have tried connecting the Netgear product to each the 2.4 and 5 GHz bands, but neither band can successfully maintain a wireless connection between the TC and the Netgear product. I also attempted to maintain a wireless connection to an iPod touch using the 2.4 GHz band and AirPlay on this iPod touch to play music on the Denon receiver. Again, I was able to establish a connection and successfully play music, but after a few minutes the connection dropped and the music stopped playing. I therefore have concluded that I have a poor wireless connection in the master bedroom. I can establish a connection, but it is intermittent with frequent drops. I have verified this with both laptops by working in the master bedroom for an entire day on both laptops. The Internet connection in this master bedroom proved to drop out frequently - about once an hour with the laptops. The wireless connection and the frequency of its dropout are far worse with the iPod touch and an iPhone.
I cannot relocate the TC. Also, this is an apartment and I therefore cannot extend the range of my network with Ethernet cable (I cannot drill through walls/ceilings, etc.). It is an old building with antiquated wiring and power-line adapters are not likely to function properly, nor can I spare the direct power outlet required with a power-line adapter. I simply need every outlet I can get and cannot afford to block any direct outlet.
My solution is to use a more powerful wireless router. I found the ASUS RT-AC66U Dual-Band Wireless-AC1750 Gigabit Router which will likely provide a better connection to my wireless Internet in the master bedroom than the TC. The 802.11ac band of this Asus wireless router is totally useless to me, but based on what I have read I believe this router will provide a stronger connection at greater distances then my TC. And I will be ready for 802.11ac when it becomes more widely available.
However, I still need to maintain the TC's ability to work seamlessly with TM to backup my two laptops. Also, I doubt the new Asus router will provide OS X 10.8.2 with NAS like features and capabilities. Therefore, I still would like to use the TC's NAS capabilities to share files on my network wirelessly assuming the Asus wireless router fails to provide this feature. I need a new and more powerful wireless router, but I need to maintain the TC's NAS features and seamless integration with TM. Finally, I want to continue to use my Apple laptop and AirPlay to wirelessly access and play my iTunes music collection stored on the TC's hard drive. I also want to continue to use my Apple laptop, AirPlay and Apple TV to wirelessly watch movies and TV shows stored on the additional external hard drive connected to the TC via USB. Can someone advise on how to set-up my existing TC with this new Asus wireless router in such a way to accomplish all of this?
Modem
Motorola SB6121 SURFboard DOCSIS 3.0 Cable Modem
Existing Wireless Router and Primary Wi-Fi Base Station - Apple Time Capsule
Apple Time Capsule MC343LL/A 1TB Sim DualBand (purchased June 2010, likely the Winter 2009 Model)
Desired New Wireless Router and Primary Wi-Fi Base Station - Non-Apple Asus
ASUS RT-AC66U Dual-Band Wireless-AC1750 Gigabit Router
Extended Wi-Fi Base Station - Provides an Ethernet Connection to a Denon A/V Receiver Two Rooms Away from the Modem
Netgear Universal Dual Band Wireless Internet Adapter for TV & Blu-Ray (WNCE3001)
Addition External Hard Drive Attached to the Existing Apple Time Capsule via USB
WD My Book Studio 4TB Mac External Hard Drive Storage USB 3.0
Existing Laptops on the Wireless Network Requiring Time Machine Backups
MacBook Air (11-inch, Mid 2012) OS X 10.8.2
MacBook Pro (13-inch Mid 2010) OS X 10.8.2
Other Existing Apple Products (Clients) on the Wireless Network
iPod Touch (second generation) is model A1288.
iPad (1st generation)
Apple TV (3rd generation) - Quantity two (2)

Thanks Bob Timmons.
In regards to a Plan B, I hear ya brother. I am already on what feels like Plan Z. Getting WiFi to a far off room in an apartment building crowded with WiFi routers is a major pain.
I am basing my thoughts on the potential of a new and more powerful router reaching the far off master bedroom based on positive reviews on cnet.com, pcmag.com and pcworld.com. All 3 of these web sites have reviewed the Asus RT-AC66U 802.11AC wireless router as well as its virtual twin cousin 802.11n router. What impressed me is that all 3 sites rated this router #1 overall in terms of both range and speed (in both the 802.11n and 802.11AC flavors). They tested the router in real world scenarios where the router needed to compete with a lot of other wireless routers. One of the sites even buried this Asus router in a media room with thick walls and inside a media cabinet. This Asus router should be able to serve my 2.4 GHz band wireless clients (iPod Touch and iPhone 4) with a 2.4GHz Wireless-N band offering some 50 feet of dependable range and a 60 Mbps throughput at that range. I am hoping that works, but it's borderline for my master bedroom. My 5 GHz wireless clients (laptops) will enjoy a 5GHz Wireless-N band offering 150 feet of range and a 200 Mbps throughput at that range. I have no idea what most of that stuff means, but I did also read that Asus could reach 300 feet and I got really excited. My mileage may vary of course and I'm sure I'm making some mistakes in my interpretation of their data. However, my Winter 2009 Time Capsule was rated by cnet.com to deliver real world performance of less than that, and 802.11AC may or may not be useful to me someday. But when this Asus arrives and provides anything other than an excellent and consistent wireless signal without drops in the master bedroom it's going right back!
Your solution sounds great, but I have some questions. I'm using OS X 10.8.2 and Airport Utility (version 6.1 610.31) and on its third tab labeled "Wireless" the top option enables you to set "Network Mode" to either:
Create a wireless network
Extend a wireless network
Off
Given your advice to "Turn off the wireless on the TC," should I set Network Mode to Off? Sorry, I'm clueless in regards to how to turn off the wireless on the TC any other way. Can you provide specific steps on how to turn off the wireless on the TC? If what I wrote is correct then what should the rest of this Wireless tab look like, or perhaps it is irrelevant when wireless is off?
Next, what do you mean by "Configure the TC in Bridge Mode?" Under Airports Utility's fourth tab labeled "Network" the top option "Router Mode" allows for either:
DHCP and Nat
DHCP Only
Off (Bridge Mode)
Is your advice to Configure the TC in Bridge Mode as simple as setting Router Mode to Off (Bridge Mode)? If yes, then what should the rest of this "Network" tab look like? Anything else involved in configuring the TC in Bridge Mode or is it really as simple as setting the Router Mode to "Off (Bridge Mode)"?
How about the other tabs in Airport Utility, can they all stay as is assuming I use the same network name and password for the new Asus wireless router? Or do I need to make any other changes to the TC via Airport Utility?
Finally, in regards to your Plan B suggestion. I agree. But do you have a Plan B for me? I would greatly appreciate any alternative you could provide. Specifically, if you needed a TC's Internet connection to reach a far off corner of your home how would you do it? In the master bedroom I need both a wired Ethernet connection for the Denon a/v receiver and wireless Internet connection for the iPhone and iPod Touch.
Power-Line Adapters - High Cost, Blocks at Least One Wall Outlet and Does Not Solve the Wireless Need
I actually like exactly one power-line adapter, which is the D-Link DHP-540 PowerLine AV 500 4-Port Gigabit Switch. This D-Link power-line adapter plugs into your wall outlet with a normal sized plug (regular standard power cord much like any other electronic device) instead of all of the other recommended power-line adapters that not only use at least one wall outlet but also often block the second outlet. You cannot use a power strip with a power-line adapter which is very impractical for me. And everything about my home is strange and upside down. The wiring here is a disaster and I don't have faith in its ability to carry Internet access from the living room to the master bedroom. And this D-Link power-line adapter costs $90 each and I need at least two to make the connection to the Denon A/V receiver. So, $180 on this solution and I still don't have a dependable drop free wireless connection in the master bedroom. The Denon might get its Ethernet Internet connection from the power-line adapter, but if I want to use an iPhone 4 or iPod Touch to stream AirPlay music to the Denon wirelessly (Pandora/iTunes, etc.) from the master bedroom the wireless connection will not be stable in there and I've already spent $190 on just the two power-line adapters needed.
Extenders / Repeaters / Wirelessly Extending the Wireless Network
I have also read great things about the Amped Wireless High Power Wireless-N 600mW Gigabit Dual Band Range Extender (Repeater) SR20000G and the My Net Wi-Fi Range Extender. The former is very powerful and the latter is easier to install. Both cost about $150 ish so similar to a new Asus router. However, everything I read about Range Extenders points to them not being very effective for a far off corner of your house wherein it's apparently hard to place the range extender in the sweet spot where it both gets a strong enough signal to actually effectively extend the wireless signal and otherwise does not reduce network throughput speeds to unacceptable speeds.
Creating a Roaming Network By Hard Wiring with Ethernet Cable - Wife Would Say, "**** No!"
Even Apple seems to warn against wirelessly extending your network (see: http://support.apple.com/kb/HT4145#) and otherwise strongly recommends a roaming network where Ethernet cable is used to connect two wireless base stations. However, I am in an apartment where stringing together two wireless base stations with Ethernet cable would have an extremely low wife acceptance factor (WAF). I cannot (both contractually and from a skill prospective) hide Ethernet wire in the walls or ceiling. And having visible Ethernet cable running from room-to-room would be unacceptable, especially to the wife.
So what is left? Do you have a Plan B for me? Thanks in advance for your help!

ISE integration with Mobile Device Management ( MDM ) help required

Dear Techies,
     Am here bring to your notice an different issue and no much resources to support even in PEC or Cisco Document.
     We are conduction a Proof Of Concept (PoC) on Secure Bring Your Own Device ( BYOD ) using Cisco ISE and gonna test all the scenarios like Wired, Wireless and VPN user access.
Setup Brief :
=========
      Our Setup has ISE VM acting as Admin, Monitor and Profiling Device, we have NAC 3315 physical Appliance as Inline posture Device, Wireless LAN controller, Access point and the Identity source as Microsof Active Directory
     Having Plans to Integrate Mobile Device Management ( MDM ) and Citrix VDI setup also.
Activity Brief:
=========
     As of now we have tested the Wired Scenario Authentication and authorization for guest users and gonna carry out the profiling and posture.
Clarifications Required
================
Wired Scenario - Require some configuration / steps on how to carryout posture for the guest wired users i.e. LAPTOP.
Wireless Scenario
MDM can be integrated to ISE ?
How the MDM can be integrated to Cisco ISE configuration or Guide to show the same?
What is the demarcation between MDM and ISE ( i.e. What is the role of ISE and MDM on Mobile Devices ) ?
If MDM is available so then when the control of ISE ends, does MDM do management or ISE will do management of the devices ?
Is MDM will do client provisioning or ISE should do ?
Is MDM send or update patches of Mobile Devices ?
As of now these are the scenarios, kindly revert if any good documents to show this or share your expertise on the Integration Part.
Thanks for Reading...
Arun

I would like to avail your valuable inputs to understand on the Client provisioning part for the Mobile Devices/ Laptop. I understand from your reply that MDM integration is not available in the current release ISE 1.1 - That is correct.
Kindly let me know your views or any documents on the following scenarios with the current release in mind
1. User with Mobile devices connecting to Wireless ( both Employee and Guest ) , How the Flow differs for the Employee and Guest. How the client provisioning is done ( i.e. Like Posturing or Compliance Check ).
The posturing and compliance check is done based on the user authentication information (i.e. AD memberOf vs Guest user) combined with the users endpoint (windows, mac osx, or a mobile device), ISE then has a few decisions to make based on the authorization policies. For example, if a Domain User coming from a Windows 7 machine joins the network, then can either use the nac agent, or the web agent. Then you can scan for registry settings, file settings, program requirements, hotfix compliance...and the list goes on. If the user fails a check then you can either assign an acl for the user so they only have guest access, or you can place them into a remediation vlan the options are entirely up to the requirements and however the solution is implemented.
2. User with Laptop connecting to Wireless ( both Employee and Guest ). How the client provisioning is done ( i.e. Like Posturing   or Compliance Check ).
Guests are usually redirected to the guest portal which they authenticate and their user group falls within the Guest container that is on the ISE internal database, that is usually coupled with an authorization profile that grants them internet access. For the client provisioning, that is usually done based on the operating system, via profiling (dhcp, and user agent string., netmap...etc) and can be fine tuned for all laptops or to a specific set of users based on their group membership.
3. What are advantages of having ISE also in place for Mobile devices, since most of the Mobile related tasks ( like Authentication, Authorization, Profiling and Posture ) are carried out by MDM. I am checking for the significant advantage of having ISE for Client network having only Mobile devices. Kindly clarify.
Currently the advantage of Cisco ISE is that it supports profiling within wireless and really fits well within a network that has mostly Cisco products since they are all part of of the Borderless security initiative being driven on the backend. The product teams for wireless, wired, security (vpn..etc) and ISE are pretty close in building their solutions so that you can get connected with any device any where (sorry for the sales pitch). The latests wireless code is improving and is going to have support similar to the ios sensor for wired devices where dhcp, cdp, and other attributes can be sent in the radius packet for better profiling decisions. With integration for an MDM platform coming soon, and also support for TACACS rumored (have to verify with your account rep) you have options that really stand out from a unit that only supports MDM. Cisco ISE also comes with a wireless product ID so that makes the budget work when it comes to deploying ISE if you arent looking for enforcement on your wired devices.
4. Do you recommend 802.1X Authentication to use for the Employee and Contractor? The Guest user authentication as Open ?
For internal users and vendors the best option by far is dot1x, almost all operating systems are capable of performing dot1x and the 1.1.1 MR has a piece now that can provision the supplicant for the users, by using scep to enroll certificates or configure peap settings.
There is a feature within the guest portal that allows you to statically assign guests into endpoint group, that feature is called device registration web authentication. It seems like an open network but uses mac filtering to assign these devices to an endpoint without requiring users to enter any credentials. They are presented with an AUP page, once they accept their mac address is mapped to the endpoint group
5. How can we ensure the Encryption of traffic from the Guest user to the NAD ( Network Access devices ) ?
This may be a wireless question but I am sure the encryption is done using AES and using dot1x as the key management here is a brief background for this - http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807f42e9.shtml#L2
You can also use the anyconnect client which can provide macsec which is layer 2 encryption for wired - http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/qa_c67-622477_ns1049_Networking_Solutions_Q_and_A.html
6. We are also looking for VDI ( Citrix, VMware ) solution for the client ( both Employee and Guest ) , how ISE can play a role in securing the VDI environment.
For most thin clients you can perform dot1x authentication on the device itself, however that is something the manufacturer will have to support. This is a little gray for me.
7. Is that any integration required with Citrix or VMware. How the VDI can be offered based on the User role ( i.e. Employee, Contractor or Guest ), since Guest database is available only with ISE, how the checks are made from the VDI environment.
IN ISE there is an identity sequence which can authenticate users in AD first, if the user is not found then it can look in the internal database.
Our solution demands MDM in the integrated solution, As on today ISE cant be integrated with MDM. so what kind of solution we can propose to have MDM and Cisco ISE .Do the clients now enter the network should have already installed the MDM agent (or) any other way of pushing the same to the Client.
Today there is no integration between the devices, the last release time I heard was December for this feature. However it would be best to confirm with your Cisco Account rep on this issue.
Thanks,
Tarik Admani
*Please rate helpful posts*

MDT integrated with Configuration manager

Hi Team,
Just wondering if it is suggested not to open or use MDT console workbench once its been integrated with configuration manager?
I been using it for a while and never faced any issues. I believe it should be fine to use the MDT and configuration manager both even after they been integrated. I generally use MDT workbench for building image and then use Configuration
manager MDT based TS to deploy it. I don't see any technical risk. Any advice\best practice? Thanks.
Regards,

There should be no problem opening up the MDT console on a machine with ConfigMgr installed, they are separate programs.
Keith Garner - keithga.wordpress.com

Exchange Integration with MSX-A on a Windows 2003 Server

Hi
We try to integrate Microsoft Exchange (Version 2003 SP1) into SAP Enterprise Portal 6.0 SR1. The MSX-A components are installed on the OWA System, a different Windows 2003 System with Outlook XP (SP3) on it.
The error displayed in the Calendar iView on the Portal:
"An internal error occurred while generating the XML from the MSX-A component"
From the "SAP EP Test Exchange Transport Setup" Tool an error occures on the "Data Retrieval" Test:
"An error occurred retrieving the data."
and in detail:
MAPI_E_LOGON_FAILED(80040111)
MS KBase http://support.microsoft.com/kb/181739/en-us didn't help. To resolution 3: Policy "Log on Locally" on a Windows 2003 doesn't exist anymore (?). "Deny Log on Locally" isn't given to relevant groups.
Thanks and best regards
Nicolaj

hi All
i am illustrating the process of integration the central notes to be referred and constraints .hope this definitely helps you please do not forget to give full points for this effort
with regards
subrato kundu
Process
Microsoft outlook Integration With SAP Enterprise Portal 6.0
(Process description)
These documents describe the entire process of integrating Exchange server with enterprise portal server to leverage the usage of lotus notes within the portal framework.
Step1: Create a System
o Choose System AdministrationSystem configurationSystem LandscapePortal ContentContent Provided by SAP. Right click on collaboration and then choose New From ParSystem.
o Select com.sap.netweaver.col.app.gw and choose next.
o Select a server (Microsoft Exchange server) and then choose next.
o Enter the System Name and ID (for ex Exchange) and choose next and then finish.
o Enter System Aliases by choosing system Alias from the display drown list.
o Enter the system Alias in the alias field and choose add and then save.
Step II: Create E-Mail Transport
 The email transport defines the SMTP server and other configuration required for sending e-mails. To configure an e-mail transport choose
 System AdministrationSystem ConfigurationKnowledge ManagementCollaborationGroupWare TransportsMail Transport
 SMTP Sever: The address of the SMTPServer for sending e-mails
 Sent Messages: You specify the folder on the server where the sent e-mail is to be store: -Sent Items on Microsoft Exchange Server.
 System Alias name: Alias that was defined for the groupware server in system configuration.
Step III: Check E-Mailing Service
This is a global service that is required for sending e-mails and which can be located by choosing System AdministrationSystem configurationKnowledge ManagementContent ManagementGlobal servicesMailing Service. This service needs to be active and an email transport must already have been created.
Microsoft Exchange Transports
The overall transport consists of two parts: MSX-J on the portal server and the MSX-A on the Exchange Server or a machine near to the Exchange Server.
MSX-J is the java part that runs on the portal server is deployed automatically on the portal server during installation, and implements the groupware API.It uses the Groupware APIs and repository development kit.
MSX-A is the active server page and sap exchange connector.dll running on a n iis server with Microsoft Collaboration data objects (CDO) and in the same domain as the exchange server or in a trusting domain .The ASP and DLL are Collectively CALLED MSX-A and is installed as part of the Outlook Installation. This needs to be installed on every IIS SERVER dedicated to the MS Exchange Server
 The Process flow is
1.TheMSX_J transport makes an HTTP(s) call to the MSX_A running on the IIS.
2.Microsoft Internet Information Server (IIS) uses Basic Authentication to authenticate user based on NT user/password against the Microsoft Exchange Server.
3.CDO uses the authentication token and fetches the data.
4.MSX-A converts the data into XMl and returns it to MSX-J
Installation of MSXA Components
You have to carry out these steps for every IIS that accesses the exchange server or the Outlook WEB Access 5.5 SP Server in the system landescape:
1.Locate the MSX-A component shipped with Exchange transport.
The components can be found in<irj>\root\WEB-INF\PORTAL\PORTALAPPS\com.sap.netweaver.coll.appgw\WEB INF\external\Exchange.
2 Locate an IIS that is in the same domain as the Exchange Server or in a trusted domain.
3.Create a folder on the IIS for example,c:\SAPExchangeTransport.
4.Copy the MSX-A Components to the folder you just created.
5.Register the DLL by using command regsrvr32 in the command prompt for example c:\winnt\sysytem32\regsvr32.exe c:\SAPExchangeTransport\SapExchangeConnector.dll
6.Create a new Iis Website or if using Outlook Web Access 5.5 sp4 create a virtual directory
Since most of configuration errors arise in the setup and configuration of the MSX-A components a separate test application is shipped with the connectivity, which allows you to check that the setup is correct.
1.locate SAPPXchTest.exe which is shipped with the exchange transports.The components can be found at <irj>\root\portalapps\com.sap.netweaver.coll.appl.gw\external\exchange.
2 copy the executable file to the machine on which the MSX-A component has been deployed.
3.Test the CDO version by launching the executable file on the machine on which msx-a was deployed.Choose Test CDO-Version .You should receive a success message .if you recive an error message follow the instructions given
4Test data retrieval by launching the executable file on the machine on which MSX-A was deployed choose TestData Retrieval Fill in necessary fields you should receive a success message but if you receive an error message follow the instructions given
5.Choose Save Results
6.open the log file indicted by the message
Notes
0000801234 Additional attachment in room created appointments
0000788151 Post Installation Steps for Groupware after an upgrade
0000763062 Problem creating an appointment with attachment
0000738965 E-mail address is mandatory for Groupware Integration
0000736644 Mandatory Steps for MS Exchange Integration
0000736541 Support information for MS Exchange Integration
0000732911 Integrating Outlook Web Access in Enterprise Portal 6.0
0000712902 SSO to Outlook web access using user/password does not work
Constraints
Constraints of Microsoft Exchange Connectivity
 The Microsoft Exchange transport currently only support items with types appointment and meeting request .Other types such as discussion and not currently not supported.
 Deleting an instance of a recurring appointment affects only that particular instance
 Calendar items in personal folder are not supported. Users can only view and modify items located on the exchange server from the iviews
 Public folders on the exchange server are not supported
 Calendar items are delivered as such if sent to recipients within the intranet .If the recipients is in different domain than the sender ,the format in which the items are delivered depends on the server responsible for sending the item in question

I/PM ERP Integration with Oracle Application Server instead of Websphere

I'm just starting an integration between IPM 7.7.1 and JDE EnterpriseOne v8.12.
In the EIS documentation for 7.7.1 has some specific assumptions regarding integrations with JDE EnterpriseOne (8.12), specifically using IBM Websphere. We opted to go with the Oracle Portal and Oracle Application Server. Just curious if the integration approach/instructions would require some adjustments because of the non-Websphere selection my JDE team chose. Or if it just plan won't work.
Jim

Hi Jim,
The reason that the documentation specifically spells out IBM Websphere is most likely because it was the application server that we developed and tested with at the time. The important requirement for this type of integration is that this server be an Intel based server running a Microsoft OS. The reason for this is because there are dlls with the Oracle IPM product that enable communication between the IPM functions and the JDE Business functions. If the Enterprise server for JDE is intel based then a JAS can exist on the same server, the dlls can be on that machine and the extra server is not required. This server is only required if the Enterprise server is not intel based. As far as your choice to use Oracle Application Server goes, I really have no basis to say if this works or not. My thought is that it shouldn't matter as long as the JAS server is an intel based, 32 bit server running a Microsoft OS. There are many other variables and lots of experience implementing this type of integration with JDE within the Oracle IPM consulting team. Give us a call if we can help.
Hope this helps,
Matt

B1 integration with PLC based machines

Similar Messages

Maybe you are looking for