Can users directly access aeronets configured as Bridges?
Here is our scenario, We have two Aironet 1400's facing each other to extend our LAN btw two buildings
One is configured as root bridge the other is non root bridge. I see an option in the GUI to
configure as an Access Point. My question is- Does the fact that I have the aironets configured
as bridges prevent unauthorized clients from accessing the bridges and thus our network?
Are these bridges considered Access Points that a laptop can attach too?
Hi Richard,
If you do not want 802.11 clients on the bridge, leave the default Role in the Radio network value to bridge only mode. This allows only other bridges to communicate with the device.
From this excellent Q&A doc;
http://www.cisco.com/en/US/products/hw/wireless/ps441/products_qanda_item09186a0080094d01.shtml#ethernet
Hope this helps!
Rob
Similar Messages
-
Can I directly access BEX query from web version
Hi expert,
Can I directly access BEX query from web version ? I know we can access bex query from webi rich client.
Many Thanks,Hi,
Yes, you can access BEx query via BICS connection (OLAP Connection).
In SAP BusinessObjects BI 4.0 you have multiple options to connect your SAP BusinessObjects BI client to your SAP NetWeaver BW system.
Direct BI Consumer Services (BICS)
SAP BusinessObjects BI 4.x Relational Universe (UNX)
SAP BusinessObjects XI 3.1 OLAP Universe (UNV) used in a SAP BusinessObjects BI 4 environment
Web Intelligence
Yes
Yes
Yes
SAP BusinessObjects Dashboards
Yes
Yes
No
Analysis, edition for Microsoft Office
Yes
No
No
Analysis, edition for OLAP
Yes
No
No
SAP BusinessObjects Explorer
No
Yes
No
SAP BusinessObjects Design Studio
Yes
No
No
Visual Intelligence
No
Yes (1)
No
Predictive Analysis
No
Yes (1)
No
Design Studio
Yes
No
No -
Can midlet directly access a database?
I'm creating a midlet that connects to a database. Do i need to go through a server and then access the database or can i directly access the database through the midlet?
Does anyone have a sample code that have a midlet interacts directly with a database? Or is it impposible to do so without going through a web server.
Blaise,Your message arrived at the rigth address :)
I am experienced in J2ME programming and made several projects with it including my graduation thesis . (you can check http://2m.turkmenweb.com for my J2ME projects).
You can directly acces from MIDlet DB, but it is not so reccomended, since mobile devices have certain limitations. When we had to use DB in our J2ME projects(with MIDP1.0 and MIDP2.0) we achieved it by collaboration of JSP with our MIDlet.. That is MIDlet was only sending a URL to Tomcat Server (JSP server) i.e. http://someurl.com/show?task=topusers, and this URL was parsed by a Servlet which was making all needed conenctions to DB.
I also know that there are K editions (very small) of DBMS built especially for mobile devices. You can use them also .. I guess Oracle has such a thing..
Good luck!
Muhammed Mamedov
[email protected] -
Can we directly access database by using BI Accelerator ?
Hi Experts,
I have several question about BIA NetWeaver2004:
1. Can we directly accessing database by using BIA?
2. What is advantage and disadvantage of BIA? Why'd some people rather use BIA than Aggregates?
3. Could anyone show me the example or demonstration about BIA
I am a newbie in BI, so please give me information about BIA.
Thanks a bunch.Hi,
Welcome to SDN. Remember the rule --- before posting, you should search the forum first.
1. Can we directly accessing database by using BIA?
---> No.
2. What is advantage and disadvantage of BIA? Why'd some people rather use BIA than Aggregates?
--> search SDN
3. Could anyone show me the example or demonstration about BIA
--> search SDN
Thanks...
Shambhu
Edited by: Shambhu Kumar Gupta on Mar 17, 2009 11:22 AM -
Can a single Access Point support both bridge mode and Access Point mode at the same time
Hi Guys
Does anyone know which access point can work in both bridge mode and AP mode ?
CheersWell what are you trying to cover. If its really a large outdoor area, then look at the mesh AP. Those require a WLC. Autonomous or stand alone ap can perform bridging on one radio and client access on another. You can also look at AP that support indoor mesh that also controlled by a wlc. If your putting APs outdoors, then look at the outdoor mesh.
Thanks,
Scott Fella
Sent from my iPhone -
How can java directly access DLL
I have some DLLs that are either written in C or C++ ( no access to source code), I now need to access some objects from it. is there a quick way to do this? are there any libraries already developed to allow my java code to access the objects inside those DLLs directly?
This is to convert some powerbuild code to java and the powerbuilder code is like this":
OLEObject loo_test ;
loo_test.connectToNewObject("AMS5.Almi);
then it just uses loo_test to call the methods and get results
AMS5 is the application name (there is actually an ams5.exe in the directly), and then a whole bunch of DLLs. I do not know which DLL is the code actually using..
any help will be greatly appreciated!Clearly, at minimum, you need to know which DLLs contain the methods you're interested in. If you look at the JNA example below, it loads a Windows system DLL then contains 'beep', describes how to call it, then calls it. You will need to do something similar:
* JNATest.java
* Created on 24 August 2007, 12:12
package com.sdl;
import com.sun.jna.Library;
import com.sun.jna.Native;
import com.sun.jna.Structure;
import com.sun.jna.ptr.LongByReference;
import com.sun.jna.win32.StdCallLibrary;
/** @author amalcolm */
public class JNATest
// Windows XP kernel library
interface Kernel32 extends StdCallLibrary
void Beep(int frequency, int duration);
public static void main(String[] args)
Kernel32 kernel32=(Kernel32)Native.loadLibrary("kernel32",Kernel32.class);
for(int freq=10;freq<10000;freq*=2)
kernel32.Beep(freq, 5);
} -
Can users who accessed the system via the ITS be identified?
Dear experts,
I wondered if there is any SAP system table which provides the information that a certain logged-in user has connected to the SAP-system via the ITS. I couldn't find anything and I've also been searching the SDN forums for that information in vain.
Thanks in advance for your help
cheers
Andreas
P.S.: In case this should be of any interest in order to answer the question:
R/3 4.7 Enterprise / SAP_BASIS Release 620 Patchlevel 0063Hi Andreas,
Cristiano is right here. The Access.log will show you the required information in an ITS 6.20 environment
See the help.sap.com section: [Access Logs |http://help.sap.com/saphelp_webas630/helpdata/eN/32/1166d6f97811d1801d00c04fadbf76/frameset.htm]
Regards,
Oisin -
Adding direct server access to CSM in bridge mode
I have a CSM that I have set up in bridge mode and want to allow direct management access to the real servers.
It looks like this. MSFC 10.1.100.1
CSM 10.1.100.3
Reals 10.1.100.10
10.1.100.20
10.1.100.25
Virtual 10.1.100.130
10.1.100.140
I tried to use the same method that I found for routed mode on CCO.
Serverfarm SERVER-SUBNET
No nat server
Predictor forward
Vserver DIRECT-ACCESS
Virtual 10.1.100.0 255.255.255.0 tcp any
Serverfarm SERVER-SUBNET
Inservice
The next step in the documentation says to add a static route to the CSM
Ip route 10.1.100.0 255.255.255.0 10.1.100.3
But this does not make since since the MSFC 10.1.100.1 address is already the default gateway.
So is there another way to configure bridge mode and enable direct management access?After I thought about bridge mode again and took out the direct-access and server-subnet commands. I tested again and I can now directly access the servers.
-
JSP, Struts preventing direct access
In a web application using Struts framework
how can the direct access via the .do link can be avoided. I want users to use the button to move to the next page and i dont want to allow the direct access via do link.
and
when one page is visited and some work is done there. Then the user
goes to some other page and visits the previous page. However, in
that case my form is not initialized. How can this problem be solved?You can't avoid the .do link altogether. I am assuming that you have two page. First with 1.do and second with 2.do and you don't want the user to go directly to 2.do.
To overcome this problem, you can write the logic on the second page to redirect it back to the first page. If they have directly gone to 2.do. The difference between button and the direct access is that first one can be post or get and the second one will be get call. Pls let me know if you need more clarifications on this.
Try creating the form bean of session scope. In this case what will happen that the formbean will have the data captured earlier .. I mean aprtial of the data and that you can retrieve and set it th enext time. -
Application Security - Protecting the files from direct access
I am working on my application. I have a Flex app that
everyone will access but to do the work, I have it calling on
several PHP files. The Flex app has a login system and only allows
advanced functionality after login. This protects the Flex portion,
but does not really account for the PHP side of things.... The PHP
files do a variety of things, mostly SQL calls, but also run a few
system commands.
How do you set up the PHP files or use an htaccess file to
only allow the Flex app to call the PHP files? I'd like to set it
up so that the users can't directly access the PHP files. However,
I'm sure the client workstation is still making the request when
called by the Flex app, right?
Has anyone done this? Does anyone have any thoughts or
suggestions on this?
Thanks,
ChrisHi csawall,
These are just some off the top ideas, you can extrapolate
and create a solution that might work:
Since the client has access to the data stream to/from the
server, there is no way to guarantee that someone won't use some
kind of sniffer program to find what file the flex app is talking
to, but that doesn't mean that you can't obfuscate it as much as
possible to make it not worth trying.
One idea was to use a single index and use _GET to control
what content is being served, using includes on the php side to
serve the proper file/content.
Since the content you are delivering I would assume requires
authentication, you'll have a unique session ID to work in. While
the actual php file could be accessed in real time if you watched
the data stream, if the user is already authenticated, what diff
does it make? Set up specific rules inside your php file, so that
it must receive data using a specific protocol, one that you can
obfuscate using crypt and base it on variables that are unique,
such as SSID + date + time, etc. When you first authenticate with
the server from the flex app, have the php login script return the
required protocol rules back to the flex app that would be unique
to the session. The _SESSION variables on the server would contain
the unique protocol rules as well. This gives you server side
control over talking to the flex app... then all you would need to
do, if you wanted to keep a tighter lid on the access to your
script, is just rotate the protocol from time to time.
Add on top of this, script name obfuscation that you store
server side and transfer only withing the validated session, such
as e.g. fstrs4adadst4_somefile.php etc etc, where your randomized
key is the prefix (or suffix whichever you prefer) of your index.
Your code of course would use the current protocol keys to match
the current index, and all you need do is control the .htaccess
file so that it relays any $_somefile.php to the proper
file/directory etc which would be a name that would never be
revealed to the public, and only used inside your .htaccess file or
on the server side itself.
Taking it a step further, if you create some kind of pulsing
authentication system using the above methods, you can rotate the
keys fast enough, so that someone would have to work really hard to
figure out the protocol to talk to your server
Just my 2 cents...
RFX -
Direct Access client DNS Registration q.
Hi All,
We have Direct Access installed, configured and mostly working on Windows 2012 R2 server supporting WIN 8.1 clients (only).
All internal resources are accessible and have good name resolution, etc.
However, I now have to enable "manage out" functionality. SCCM based Remote Assistance etc.
There are various guides and I think manage out is working correctly. There is a major sticking point in that the clients are attempted to register DNS names on the local DHCP server (home/office) router and registration never reaches corporate DNS servers.
I have enable "secure only" DNS registration by Group Policy.
We use split tunneling for clients.
The Direct Access server is behind a NAT firewall. (CISCO) So the only effective transition tech is IP-HTTPS.
Many thanks for any assistance in pointing me in the right direction.Hi,
>>There is a major sticking point in that the clients are attempted to register DNS names on the local DHCP server (home/office) router and registration never reaches corporate DNS servers.
Did you deploy the IPv6 in your corpnet? If no, it's normal.
If we use the IPv4 in the corpnet, the NAT64 and DNS64 will be enabled on the DirectAccess server. When the DirectAccess client sends the DNS update packet, according to the NRPT, the packet will be sent to the DirectAccess server. DirectAccess
server will on behalf of the client to register the AAAA record.
Best Regards.
Steven Lee Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Cannot view history of direct access users connecting to Forefront UAG
Hi, I'm trying to get a list of the users that have been connecting through UAG Direct Access for the past month. I've tried using the methods shown in the technet articles about monitoring of UAG Direct Access either using Powershell or the TMG event loggin
console, using this links:
http://technet.microsoft.com/en-us/library/gg313776.aspx
http://technet.microsoft.com/en-us/library/gg313783.aspx
Using the TMG event logging I see a lot of data from a few days back, even if the filter is set to 30 days, and the log is supposed to be up to 8GB in size before overwriting. The info that it shows is only about sessions to the portal trunk and not direct
access. I know this because on the UAGModuleID column there is no there are no "connected" or "managed" sessions, all are SessionMgr, UserMgr, Filter and RDG mainly.
Through powershell I tried running the following commands after importing the module according to the article:
Get-Directaccessusers -showhistory $true and no results are shown.
Get-Directaccessusers -showhistory $true -starttime "1/6/2015 8:00AM" and no results shown
Get-Directaccessusers -showhistory $true -starttime "1/6/2015" no results
Get-Directaccessusers -showhistory $true -starttime "1/2/2015 8:00AM" -Endtime "1/11/2015 8:00PM" no results
Get-Directaccessusers -showhistory $true -username user = no results.
Get-Directaccessusers -username user = no results
the only command that shows any data is just Get-Directaccessusers but that shows the current Direct Access users, no history.
I checked the Registry HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\e-Gap\von\MonitorMgr\sql-builtin-log registry key and it is on 1.
Any ideas on how can I get more history data on the direct access users connecting through UAG?
Please let me know.
Appreciated it.
Thank you!
Eduardo RojasRussel,
the problem has been solved now! The final thing missing was just a check in a checkbox.
Below a comprehensive explanation that may help others.
We basically did what you proposed:
We sent a ping from one of the DA-Clients to the TS-Farm members. Since we got replies, we knew that IPv6 communication generally is okay. The answer received was an IPv6. In this scenario we had not yet given any IPv6 to the farm-members! Thus we knew it must
be comming from the DA DNS-Proxy. There are a number of DA-GPOs and one of them is dictating the net portion of the IPv6 to be used in DA-communication, appended by a hex-translation of the target computers IPv4. Therefore the DA DNS-Proxy is taking the GPO-set
IPv6-value, adds the IPv4 in hex and sends it back as an ICMP echo.
With this in place and working correctly one can ping any domain host from any DA-Client. This is configured when initially setting up DA and is handled by the wizzard. Once DA is installed this should all be in place without extra user interaction.
We then took those IPv6 answeres and turned them into fixed IPv6es of the farm-members (each member its own IPv6). So far so good, but this is where it still did not work. Evaluation of the Connection Broker log showed that the redirect reply still included
only the IPv4 of the target farm-member. With that (after a short while) we realized that one has to set a
check in the Connection Brokers Settings, so that the IPv6 LAN-Connection will be used for redirects as well and not only the IPv4 LAN-connection..... How stupid is that? :-)
But as we all know - in dealing with server configuration - you should always "know before you go". But even though you may think you do, when finally arriving you know you didn't.... And that's what we call experinece.
Thanks to Russel for your interest and help.
Brgds Ralf -
HOW TO CONFIGURE MANAGER or APPROVER USER IN ACCESS REQUEST MANAGEMENT TO APPROVE OR REJECT REQUEST
hi sap gurus,
i configured grc 10 system successfully. I created one user: GR_AR_APP001 and assign following roles:
SAP_GRAC_ACCESS_APPROVER
SAP_GRAC_ACCESS_REQUEST_ADMIN
SAP_GRC_FN_BASE
SAP_GRC_FN_NUSINESS_USER
and I maintained GR_AR_APP001 in access control owners as "POINT OF CONTACT", "SECURITY LEAD" and "WORKFLOW ADMINISTRATOR"
but when i am creating access request for new user and defining MANAGER under user details tab as GR_AR_APP001.
the user GR_AR_APP001 is not receiving any request for APPROVE or REJECT in his WORK INBOX.
can u please guide me how to configure APPROVER or MANAGER to approve or reject request.
I will be very much thankful if you guide me successfully.Hi Colleen,
thanks a lot for your time.
PIC1: I created one user: GR_AR_APP001
and assigned all the GRC ROLES.
PIC2: I assigned owner type to GR_AR_APP001 user : POINT OF CONTACT, SECURITY LEAD and WORKFLOW ADMINISTRATOR in NWBC ACCESS CONTROL OWNERS
PIC3: I created one EUP 980 (copied from default EUP)
PIC4: I maintained default manager as GR_AR_APP001 user in 980 EUP
PIC5: I selected SAP_GRAC_ACCESS_REQUEST process id
PIC6: I created one agent id as ZGRAC_MANAGER11 in which I added approver user id: GR_AR_APP001
PIC7: I saved agent id
PIC8: I added agent id as ZGRAC_MANAGER11 in stage5 in manager stage.
PIC9: I saved
PIC10: I maintained EUP 980 (in which I configured manager as GR_AR_APP001 user) in stage 5 task settings
PIC11: Maintain Route Mapping, I clicked on next
PIC12 and PIC13: I saved and activated.
After this process I created one request for new account and selected the manager as GR_AR_APP001 and one request is created with request no 9000000030.
now I logged into system by user GR_AR_APP001 and checked, there is no request under his work inbox.
please guide me at least one procedure, how to receive request in approver work inbox so that I can learn other procedures to configure approver as per our organization requirement.
thanks for your support Colleen. -
I am in the final stages of a cross-forest migration. Users have Windows 7 workstations with redirected folders on a Windows Server 2012 box running in the old forest. User accounts were not migrated. The accounts in use have always
been in the "new" forest. One of our challenges was the large volume of data in redirected folders. I made sure users in the target forest had continued to have access to their redirected folders in the old forest and robocopied
the entire users share, copying the permissions with the files. By doing incremental robocopies, we can get a final copy done now in about six hours. The plan was simple: copy the files, do an incremental copy every night, on the night of the cutover
change the folder redirection policy Documents path from
\\oldserver\users\%USERNAME% to
\\newserver\users\%USERNAME%. The policy is configured to NOT copy user files from the existing folder to the new redirected folder. Everything was going well until I tested the policy change. After the folder redirection policy is updated
and applied, the user cannot access the private Documents folder. For example, user Chester Tester logs on as ctester. I open Windows Explorer and click the Documents shortcut. I see one subfolder, which is subfolder of Public Documents.
So I can look at Public Documents but when I click on the Documents folder (Under the Documents library link) I get an access denied error. Now for the kicker, if I open another Windows Explorer window and edit the address bar to
\\newserver\users\ctester, I can navigate the Documents folder tree and see my thousands of documents. What the ....?
I'm hoping this is something really simple to fix!
TIAHI Vivian,
Thank you for your reply. Yes, the path in Group Policy Folder Redirection Root Path was updated to
\\NEWSERVER\users. I had planned to point this to the distributed file system, so the first used was actually
\\domain\dfs\users. To simplify things I have backed off to copying to just a normal share
\\newserver\users.
We are using BASIC folder redirection and we create a folder for each user under the root path.
We did not want the policy to move content, as we were seeing users requiring 15-20 minute logon times (or higher) after the policy is changed.
Grant the User exclusive right to Documents - Disabled
Move the contents of Documents to the new location - Disabled
Related folder settings
Video - Follow Documents
Music - Follow Documents
Pictures - Follow Documents
Now when I change the folder redirection from old server to new server I now have TWO My Documents folders in the user's redirection folder on the server. The redirected Documents points to an empty folder set. The copied folders with all user
data are there, but folder redirection refuses to recognize the original folder.
I am looking at the full view of the folder, nothing hidden, so I'm wondering how a folder can have two subfolders with the exact same name. For now, I just want the redirection to move from the old server to the new server properly. I deleted
the new My Documents folder, rebooted the user's workstation and tried again. The behavior repeats itself, i.e., a new My Documents folder is always created when the redirection policy is changed from the old server to the new server. The environment
has about 1500 users with approximately 1.3TB of data in the redirected Documents folders. OUCH! -
Hi everybody I am trying to Login with my lync Client out of my organization. So I am using lync as a remote user. I am in another organization, and I am using their coporate lan wired and wireless, but I cannot Login to lync in my organization.
I see that I cannot Access my edge Server on port 443 to authenticate directly, I know that Client in this organization use Internet Proxy to browse the Internet. they have a .pac in their ie Settings.
my question is; can lync Client use Internet Proxy Settings to reach the Destination? I mean the Access edge on port 443?
or it can use only Client direct Access to reach the edge Servers?
I Think that the answer is that I use tcp protocol and not http, and maybe that is the reason why I cannot use the Internet Explorer Proxy Settings to reach the Access edge Servers, different maybe is the case I Need to reach the reverse Proxy for live Meetings.
Hope my question is clear.
ThanksProxy settings are used to tell Internet Explorer the network address of an intermediary server (known as a proxy server) that is used between the browser and the Internet on some networks.
Lync client doesn’t use Internet Proxy Setting. You need to access the Edge service directly.
Lisa Zheng
TechNet Community Support
Maybe you are looking for
-
I have a mid 2007 macbook which I want to connect to an HD TV. The macbook has a mini DVI output. The TV has both DVI and HDMI inputs. I have previously tried connecting to the HDMI input, and I got a good quality picture, but obviously no sound, sin
-
Which Nokia Device should I buy ?
Dear Friends, My interest is watching movies and so I want to use the device as a DVD player. This means I download the movie direct to my device or to my pc and then to my device and then connect the device to the TV and watch the movie. In fact I h
-
Cancel GR & deselect GR Based IV
Dear Friends, The user has created PO,GR and Fi Document. Now, The GR has to be cancelled because of an error. How to cancel an GR? In this case No IR was created. In the PO,In Item details,In Invoice GR Based IV was ticked. This has to be deselected
-
How can i install the Apache-WLS Plug-in on W2K?
Hello, I want to install the apache-Wls plug-in on W2K, but following the installing guide, i cant't find the mod_wl.so file. Even if i found it, how can i install it on win2000? My Wls is v5.10 and the service pack 6. The apache httpd server is v1.3
-
Reg:working with multiple windows in webdynpro-abap
Hi , How can we create multiple windows and how can we link them... suppose we have 3 fields on first screen .how to move the data from the first screen to second screen.. Thanks & Regards Suman Puthadi