Cisco ISE and Fast User Switching

Similar Messages

• Why are deleted user accounts showing up in login window and fast user switching menu?

  There are several old user accounts, just test accounts when I was studying for ACSA that I deleted, which continue to show up in the login window and the fast user switcher menu. I deleted them before upgrading to Lion (I think it was before). The accounts do not exsist in the /Users folder, nor even the /Users/Deleated Users folder. Additionally they do not show up in the list of users in System Preferences. Can anyone give some advice on how to remove these "ghost" accounts from the login window and drop down menu?
  Thanks
  dc

  Hi. Thanks for the link. Sorry it took me a while to get to this, the problem is not a show stopper, so to speak, so tried your advice when I had the time. Unfortunatly it did not work. Any other suggestions? Thanks.

• Network drive and fast user switching OS 10.7

  I have a shared network drive that I want all accounts on my Mac to be able to access. On my Mac I have a single admin account and several non-admin accounts. The problem is that once one account mounts the network drive when another user logs in (using fast user switching) the drive shows as being inaccessible (a folder icon with a "do not enter" icon on it) and must be unmounted and remounted. This is an issue because unmounting requires the admin password which is not known to all users.
  Is there a way that I can make the mount available to all users on the machine without needing to remount for each user? Or is there a way that I can unmount without requiring the admin account?
  Thanks

  System Preferences -> Users & Groups, click Login Options, you'll see it then.  You'll need to unlock that preference pane with the lock in the lower left corner of the window to change that setting.

• Problems with GNOME 2.24 and fast-user-switch-applet

  Since I upgraded my GNOME installation the fast-user-switch-applet keeps crashing on me everytime I run it. I can't figure out what is causing it.
  Regards
  André

  fettouhi wrote:
  Since I upgraded my GNOME installation the fast-user-switch-applet keeps crashing on me everytime I run it. I can't figure out what is causing it.
  Regards
  André
  do you have gdm running ? if not turn it on and try again.

• 10.4.9 and fast user switching - my mouse disappears!

  Actually, the mouse doesn't disappear, but the cursor does. I am able to switch from my primary (administrator) account into a user account, and things run OK. When I log out of that account, though, the mouse cursor disappears. The mouse is still active, as I can move the mouse and click and access menus by trial and error, but the cursor will not become visible until I restart the machine.
  I have repaired permissions, run Cache Out, and trashed the GlobalPref.plist file (which I'm told controls the mouse), all to no avail.
  This never happened before the update.
  Suggestions would be helpful
  iMac 2 GHz G5   Mac OS X (10.4.9)   OS X 10.4.9

  OK, solved my own problem, with the helpful suggestion from an Apple Genius in the Palo Alto store.
  * In the secondary user account (the one that logging off from caused all the problems) pull the user/library/preferences file to the desktop
  * Restart the machine
  * Problem is now gone. I put back a handful of preferences for a few key applications like Mail, but left the rest alone, and will reset within the various applications
  Very annoying to have to deal with, but at least the problem is gone.

• Is it possible to map a Sponsor Group in Cisco ISE to a user group in Active Directory, through a RADIUS server?

  Hi!!
  We are working on a mapping between a Sponsor Group in Cisco ISE and a user group in Active Directory....but the client wants the mapping to be through a RADIUS SERVER, for avoiding ISE querying directly the Active Directory.
  I know it is possible to use a RADIUS SERVER as an external identity source for ISE.....but, is it possible to use this RADIUS SERVER for this sponsor group handling?
  Thanks and regards!!

  Yes It is possible to map Sponser group to user group in AD and if you want to know how to do please open the below link and go to Mapping Active Directory Groups to Sponsor Groups heading.
  http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_guest_pol.html#wp1096365

• Disable fast user switching

  Am using Lion on an older Mac Book Pro and Fast User Switching seems to make the system very unresponsive.
  Is there a way to disable FUS, other than via
  Settings > Users & Groups > Login Options > Show Fast User Switching Menu ... ?
  There doesn't seem to be a control for this anywhere else.
  Thanks.

  I don't believe so..

• Screen has a bluish tint after fast user switching and then warning tone

  Hi all I'm having a bit of a problem that I hope someone can help me with. First the details, I have a MBP bought in late '07 and running Tiger. I was doing full backups using "Backup" and I also had Safari, iTunes, and Word open. I briefly switched to my other account using fast user switching and when I returned to the original account the whole screen had a blue tint to it. Like the color profile was off. This has happened before and a restart usually cures it, I haven't restarted yet but I am fairly certain it will correct the problem this time too. But is there anyway to prevent this? My second question is the one I'm more worried about. It also has happened before but usually when using more CPU intensive applications. When I went to System Preferences and opened up the display preferences in an attempt to correct the previous problem I heard a very loud tone. Like some type of warning tone, it was loud enough that it startled me. I had iTunes playing and after the tone the music got very quiet but relaunching it brought it back to normal. I'm just wondering is this some type of warning tone? Is it something I should be concerned about? Besides the music everything else seemed unaffected, although the previous times that this has happened usually when using handbrake there was noticeable problems after the tone (like applications crashing). All of these problems are gone after the computer is restarted though. Does anyone have any insight on these issues? Thank you.
  -James

  OK I ran TechTool and everything passed except for the volume scan. Then I checked this with Disk Utility and the HD failed for a few minor reasons, like invalid block count. I repaired it using the fsck -fy command in single user mode. The computer seems a little faster now. I don't know if this error is related to the beep in any way, I may try talking to an Apple genius to see if they know. Since it seems like pretty minor errors I'm not too worried about it but it does seem to be happening often. The last time I had this error was when I posted a question here about it which I just checked was on March 1st. So this error happened again after a little more than 2 weeks which seems excessive to me. Any thoughts?

• How to get "fast user switching" and network shares playing nice

  I've been alternating between banging my head against a wall and reading every forum I could find to try and get a reasonable compromise between using "Fast user switching" and sharing a folder from a file server.  It baffles me how the network share/mount model of OSX/AFP is completely killed by fast-user-switching; this is a big problem with Apple requiring users to be actively logged in to share music/video from iTunes which therefore essentially requires fast-user-switching if anyone else wants to use the computer.  (anyone find it odd that you can share files without being logged in, but sharing songs requires an active login for each user who is sharing?  Apple: time to make iTunes sharing a service!)
  For the sake of example, lets just say I want to share my /Groups folder from my desktop and have it be accessible to my laptop.  Here are all the things that I tried:
  Apple Method 1) Share /Groups in the Server.app on the desktop (running Lion Server), use finder on the laptop and drag the share icon to "Login Items", alternative use a startup Apple script using "mount volume"  Both of the options work and will mount the /Groups folder under /Volumes/Groups, of course when the second person logs in via fast-user-switching (and occasionally the first person for no apparent reason), they will get /Volumes/Groups-1 since /Volumes/Groups is already taken.  Tomorrow we log in a different order and now the previously /Volumes/Groups-1 user has their mount at /Volumes/Group and vice versa.  Any links, aliases, finder sidebar references, and application settings which pointed to yesterday's location are now BROKEN.  Not very user friendly to my mother-in-law who is trying to find those pictures of the kids and doesn't know anything about mount points. I also can't reasonably mirror the file location structure on the desktop so that application preferences that are synced between the two (portable home directories) work.   fail.
  Apple Method 2) Use automounter and set up by hand direct maps for /Groups or an indirect maps for the children of /Groups.  Now it will automatically get mounted to /network/servers/SERVER/Groups/ on the laptop and on the desktop it will automatically create a similar symlink structure so that the same path (/network/servers/SERVER/Groups) work both on desktop and laptop.  Cool.  Except when the second person logs in, the /network/servers/SERVER/Groups/ mountpoint is already owned by the first user and they don't have any permissions to access it.  Fail.
  Apple Method 3) Use mount_afs and specify directly the mount-points.  Have each user have their own startup AppleScript which mounts /Groups to a different location (e.g. /Users/Shared/username/Groups) that way they don't conflict with multiple users.  On the desktop, set up symlinks from /Users/Shared/username/Group to /Groups so that it will be the same as the client and applications settings will work when synchronized back/forth by portable-home-directories.  Will it work, yes it does, but what a bear to maintain.  Is this really what I should expect to do just to have multiple users on my desktop and laptop (which again is essentially required now if I want to do any type of iTunes sharing).  This can't be what apple expects.
  What I ended up doing - the "not quite apple" solution.
  Non-Apple Method 4) After a read of "Autofs: Automatically Mounting Network File Shares in Mac OS X" (http://images.apple.com/business/docs/Autofs.pdf) at the very end there is a single paragraph  of "Kerberized NFS": "A Kerberized NFS mount can have multiple connections from multiple users, each using the correct user’s credentials for each transaction. This allows administrators to support multiple users, each authenticated with their own credentials to the same mount point. This is very different from AFP and SMB mounts," (emphasis mine)
  It appears that by using good 'ole NFS (abeint with Kerberos for security!) you can actually have multiple users on the same mount point.  Roughly following the guidance at https://support.apple.com/kb/TA24986?viewlocale=en_US.  What I needed to do was:
  1) create /etc/exports on my desktop and add a single line "/Groups -sec=krb5".  The existence of /etc/exports triggered a start of nfsd which no longer has any GUI options in Lion.
  2) Add a line to /etc/auto_master on my laptop "/-  auto_mymounts" to reference a new direct map.
  3) Create /etc/auto_mymounts and add a single line "/Groups         SERVER:/Groups" to create the direct map.
  THAT'S IT.  Three lines in three files.
  Now when I log into my laptop, there is a /Groups that is a network mount of my desktop's /Groups, same location AND it works for all of my users, even simultaneously. 
  In the end I'm happy with what I've got, but man was this a difficult path just to support fast-user-switching.  In Lion, Apple appears to be getting away from NFS (no longer turned on by default and remove from the GUI controls) but clearly this really useful functionality which doesn't exist in AFP. 
  I'm really curious, after all this work.  Any other ways to accomplish this?

  In my example above, yes I chose to mount the share "Groups" to the top of the root since that is where I put it on my server and I wanted to keep them similar; but that was just my preference, it isn't a requirement.  You can export and mount from other directories.

• Fast user switching and "ipod is in use by another user on this computer"

  Is there any way to suppress the "ipod is in use by another user on this computer" message that appears when you use fast user switching.
  my wife and I share a mac pro and when flipping between sessions, this message gets to be a bit annoying. i.e. if her itouch is plugged in and she is managing it through her library, if I fast user switch to my session, I get the warning dialog (ok to clear) I mention above. This is kind of annoying now, since I understand I won't be able to manage that ipod from my itunes session.
  is there anyway to suppress this behavior?

  Hi again,
  Glad to hear you got all your music files back into your library.
  I've seen this iPod error before, but I don't know why it occurs. In my experience, restarting the computer solves the problem.
  Cheers,
  Sara.

• Sharing one iTunes Library with Fast User Switching

  Last year, I started using one MacBook Pro for Office use and Personal Home use, by creating two user accounts on it, and enabling Fast User Switching. I did this when I gave up using two separate desktops macs.
  Now I have two rather similar music libraries, taking up too much hard drive space. Once I enabled Music Sharing in my Office iTunes Library, I realized that I could gain access to that Office Music Library when I am on my Personal Home User account. Since my Library on my Office account is the most complete, can I eliminate the iTunes Library on my Personal Home User account, to save hard drive space?
  If so, how should I do this?
  MBPro17, Pbk17 G4 1.67, Pbk G4 12 1.5, iMac G4, various G4&G5's   Mac OS X (10.4.8)   Airport Extreme & Express

  Glen
  Since my Library on my Office account is the most
  complete, can I eliminate the iTunes Library on my
  Personal Home User account, to save hard drive
  space?
  Yes.
  If so, how should I do this?
  Move the iTunes folder in Home/Music on the Personal
  Home User Account to the desktop.
  Launch iTunes. Unable to locate a library file, it
  will create a new one, empty one in a new iTunes
  folder at Home/Music.
  Connect to your shared library as usual. If
  everything is working as expected, trash the iTunes
  folder on your desktop.
  Regards
  TD
  My iTunes was created under an admin. user profile that I would like to delete. I created a second profile also with admin privlages but I want to delete the first because I messed up the shortname on the profile. So, if I delete this first profile, will I lose all of my music? Will I lose access to the music?

• Bonjour + Fast User switching = messages going to the wrong (inactive) user

  We use iChat for Bonjour in our office– fast file transfers etc.
  If a user is one of 2 or more logged in on a machine– through the use of fast user switching, we've noticed that incoming messages (initiated by another user on the network) will often go to the switched user (i.e. the inactive user) not the user we're currently logged in as.
  We've been able to repeat the issue.
  1. Log in as user 1, fast user switch to user 2 (leaving user 1 logged in but inactive)
  2. Go to new machine, log in as user 3
  3. Send message from user 3 to user 2
  4. Look at user 2 screen. No messages
  5. Send message from user 2 to user 3. User 3 will receive message, and will be able to send message successfully back to user 2.
  6. Log out use 2
  7. Log in as user 1
  8. Notice all the messages that were going to the 'inactive' user profile.
  Has anyone else seen this type of behavior?

  HI MAtthew,
  Welcome to the Apple Discussion Pages.
  I have not seen this (I only have one Mac).
  However there is an item in IChat Preferences > General section that can set the staus of the Users account to Offline or Away when using Fast User Switching.
  What is yur set to and does it make any difference when changing it ?
  Away in normal circumstance menas someone can still Invite you to chats (or Text you)
  Ralph

• Cannot login to secondary accounts; can't fast user switch

  I am on a Macbook, 2 GB RAM, 120 GB hard drive, 10.4.8. Today, I developed a strange problem with logging in. I have auto login set so I log in automatically to my main account, which (thank God) works. However, if I access Fast User Switching to switch to a secondary account I have set up, called Test, the transition starts (the cube rotates) , switching to a solid blue screen...and never goes any further. I cannot seem to find any way to bring up the login screen on startup, either; I must allow my main account to boot up, and then try to switch accounts. If I turn off auto-login, I get the login screen, but login to the other account still fails.
  If I select, instead, the Login Window from the Fast User Switching menu, I get that screen. But when I select an account other than my main account, and try to log in, I get that blank blue screen. I've waited many minutes to see if something will eventually happen, but no go. The only way to get control of my Macbook back is to hold down the power button until it shuts down.
  I have run Tech Tool diagnostics and have repaired permissions (no errors found). I deleted my Test account, and redefined it; I also defined a second test account, one with admin privs and one without. No problem creating the accounts. However, when I try to log in to those accounts, the computer hangs on the blue screen.
  I'm not sure when this problem began because I have not been using my Test account for a couple of weeks. A lot has changed since then.
  Any suggestions, anyone?

  More info: I turned off auto-login, and was able to log in to my test account. Then, I was able to use fast user switching to switch to my main account. I will try again restarting into my main account and see if I can switch to Test. This failed consistently before I posted here. Perhaps the "sense Mac guru" circuit kicked in and cured the problem. I'm about ready to turn in so won't post a follow-up until tomorrow. Right now, I need to use my two accounts to get the job done (a writing job with screen shots of a new unaltered account). Then, I'll go back to trying to see if the problem still exists when I log in to the main account first.

• Passwordless Fast User Switching?

  Hello all!
  I know it was not possible with earlier Versions of MAC OSX. But may we meanwhile have a way to enable fast user switching without providing a password any time ...
  I am maintaining 2 User accounts on my Server Lion.  Since I am the only user on that Mac, security is not an issue concering fast user switching. Under certain tasks I desire to do, I need to switch between the 2 accounts rather often and it is annoying to always provide the password. I do not have much applications up and running and therefor fast user switching is almost the same effort as LogOut/LogIn
  I would highly appreciate a setup which allows me to switch between the 2 Users just by a mouseclick. But of cause I would like to keep the password protection for a LogIn either remote or local.

  This is a terrible idea from the standpoint of security, but to answer your question:
  10.7: Keyboard Shortcut for Fast User Switching - Mac OS X Hints

• Fast User Switching with Mounted Network Drive?

  I have a headless G4 Cube running 10.5.8 with a 2TB firewire drive plugged in for storage accessable to any of my macs here at home. I can access it fine with my 2 desktops over ethernet and wirelessly. Recently we decided to consolidate our 2 desktops into one using the muliple users feature. Seems to work fine, and both accounts can access the shared drive. They are logging in with the cube's admin credentials, and the shared drive is set to ignore permissions. I have the drive set to mount on login with a startup item in the system login items prefs. As long as I logout before switching users, everything is good.
  The problem arises with Fast User Switching which we'd love to be able to use. I can't figure out how to connect to the drive in one account without the 2nd account then seeing it as a volume without proper permissions, then that account creates a new volume mount for it (which doesn't work with iTunes properly and seems to cause other wierd issues).
  Example: So say 'user1' logs in, mounts the drive 'Jukebox'. everything seems OK so far. 'Jukebox' is on the desktop and iTunes finds the music. Now I fast user switch to 'user2' and there is a 'Jukebox' on the desktop with the red minus icon indicating I don't have permissions to access it. If I then browse the network and mount the drive, I end up with ANOTHER 'Jukebox' on the desktop. BUT iTunes doesn't see it properly. If I look in the /Volumes/ folder with the Terminal, I see a mountpoint for 'Jukebox' (with the owner of 'user1' group 'staff') and now a new mountpoint called 'Jukebox-1' (with the owner of 'user2' group 'staff').
  It seems when you mount a AFP drive, it creates the Volume with the current user and staff group, but switching to another user then can't access that when it sees it in the /Volumes folder. You try to mount again and it creates a NEW mountpoint, names it with a '-1' at the end and you can use that (but iTunes cant).
  So... how does one use a shared drive that you want on BOTH users desktops with Fast User Switching turned on? Is there a way to have the drive mounted BEFORE either user logs in, such that it will be seen as any other local drive (which doesn't have the issue)??
  Or is there some other way I can attach to the network volume in each account on login so both have access to music and videos with full permissions?
  I'm really stumped here after 2 hrs of googling, searching here and trying things.
  TIA

  I've not had any luck with the suggestions in the link either.
  Here's two other approaches I've tried and failed with:
  1. Creating a new share point on the cube itself so that one user can mount it as a different volume. Then the issue is that I still don't have a volume named "Jukebox" available to each user when switching. I DO have access now to the data from both accounts, but under 2 different mount points (volume names) and the xml file for iTunes is hard coded with the path for each mp3 including the "Jukebox" volume name... so no go.
  2. Tried figuring out a way I could script a mounting of the share with the terminal thinking I could then run that shell script at startup. Can't seem to get the sytax right. If I create a directory in /Volumes and mount and afp share to it, it takes on the ownership of root/wheel which I can't access in the finder and can't seem to change.
  BUT I'll keep playing with both these ideas a bit... the first one might be overcome with a bit of logic and the 2nd if I can get the syntax right to mount the share with afp_mount and give it the correct ownership/permissions such that when a user logs in she/he sees the volume on the desktop and has full r/w access to it.
  thanks again. if you offhand know the syntax for that, let me know