Cisco ISE: How to add a description of an Internal Endpoint
Hello,
In ACS 5, when adding an Internal Hosts, we could add a description of the host, in addition to the MAC address.
In ISE, there is no such description field available. However, it present in the Internal User but not in Internal Hosts.
How can we do to add description of MAC address device ?
Many thanks,
David
is this what you are looking for , if not let me know
Similar Messages
-
How to add new field into dynamic internal table
Hello Expert.
how to add new field into dynamic internal table.
PARAMETERS: P_TABLE(30). "table name
DATA: I_TAB TYPE REF TO DATA.
FIELD-SYMBOLS: <TAB> TYPE standard TABLE.
*Create dynamic FS
create DATA I_TAB TYPE TABLE OF (p_table).
ASSIGN I_TAB->* TO <TAB>.
SELECT * FROM (p_table) INTO TABLE <TAB>.
here i want to add one more field into <TAB> at LAST position and my
Field name = field_stype and
Field type = 'LVC_T_STYL'
could you please helpme out .Hi,
Please find the code below.You can add the field acc to your requirement.
Creating Dynamic internal table
TYPE-POOLS: slis.
FIELD-SYMBOLS: <t_dyntable> TYPE STANDARD TABLE, u201C Dynamic internal table name
<fs_dyntable>, u201C Field symbol to create work area
<fs_fldval> type any. u201C Field symbol to assign values
PARAMETERS: p_cols(5) TYPE c. u201C Input number of columns
DATA: t_newtable TYPE REF TO data,
t_newline TYPE REF TO data,
t_fldcat TYPE slis_t_fldcat_alv,
t_fldcat TYPE lvc_t_fcat,
wa_it_fldcat TYPE lvc_s_fcat,
wa_colno(2) TYPE n,
wa_flname(5) TYPE c.
Create fields .
DO p_cols TIMES.
CLEAR wa_it_fldcat.
move sy-index to wa_colno.
concatenate 'COL'
wa_colno
into wa_flname.
wa_it_fldcat-fieldname = wa_flname.
wa_it_fldcat-datatype = 'CHAR'.
wa_it_fldcat-intlen = 10.
APPEND wa_it_fldcat TO t_fldcat.
ENDDO.
Create dynamic internal table and assign to FS
CALL METHOD cl_alv_table_create=>create_dynamic_table
EXPORTING
it_fieldcatalog = t_fldcat
IMPORTING
ep_table = t_newtable.
ASSIGN t_newtable->* TO <t_dyntable>.
Create dynamic work area and assign to FS
CREATE DATA t_newline LIKE LINE OF <t_dyntable>.
ASSIGN t_newline->* TO <fs_dyntable>.
Populating Dynamic internal table
DATA: fieldname(20) TYPE c.
DATA: fieldvalue(10) TYPE c.
DATA: index(3) TYPE c.
DO p_cols TIMES.
index = sy-index.
MOVE sy-index TO wa_colno.
CONCATENATE 'COL'
wa_colno
INTO wa_flname.
Set up fieldvalue
CONCATENATE 'VALUE' index INTO
fieldvalue.
CONDENSE fieldvalue NO-GAPS.
ASSIGN COMPONENT wa_flname
OF STRUCTURE <fs_dyntable> TO <fs_fldval>.
<fs_fldval> = fieldvalue.
ENDDO.
Append to the dynamic internal table
APPEND <fs_dyntable> TO <t_dyntable>.
Displaying dynamic internal table using Grid.
DATA: wa_cat LIKE LINE OF fs_fldcat.
DO p_cols TIMES.
CLEAR wa_cat.
MOVE sy-index TO wa_colno.
CONCATENATE 'COL'
wa_colno
INTO wa_flname.
wa_cat-fieldname = wa_flname.
wa_cat-seltext_s = wa_flname.
wa_cat-outputlen = '10'.
APPEND wa_cat TO fs_fldcat.
ENDDO.
Call ABAP List Viewer (ALV)
CALL FUNCTION 'REUSE_ALV_GRID_DISPLAY'
EXPORTING
it_fieldcat = fs_fldcat
TABLES
t_outtab = <t_dyntable>. -
How to add a Description Column in the Content Panel (Bridge CS5)
Hi,
Is it possible to add a Description Column in the Content Panel. If so, how?
I'm talking about the Description from the IPTC Core data and I'm using Bridge CS5.
Thanks in advance,
FrankThis is the screenshot of the Metadata Workspace with the Content Panel (not Metadata Panel). As you can see it shows Name, Label, Keywords etc. but it's not possible to show Description in that list as a column.
I still agree that it would be a big bonus if you could alter this workspace with description field (even with more lines etc) but what Curt shows you might be an alternative. I couldn't help noticing that you have not created your own custom workspaces.
Try and play with this. You have the option to divide the window in 3 columns max but you can create different panels as a row in 1 column.
Grabbing a tab and move it to a new location until a single blue line appears (between the borders, a bit tricky). A vertical blue line means as a column and a horizontal line means a row. A surrounding blue line means same panel but adding as a tab. You can rearrange the tabs by dragging to left or right. under the menu window you can select which panels are visible or use right mouse click menu on top of a panel to choose.
Sadly enough only 3 columns and only one panel of it's kind per workspace, but you can resize the panels also to your own workflow needs.
In Bridge preferences you can change the colors for background in the general tab and in the metadata tab you can select what info to view in certain sections. Personally I have set my IPTC to view only description, keywords, date created and a few other subjects.
That is the nice thing about Bridge, creating custom workspaces, save them and being able to recreate them without problems :-)
I attach some screenshot of my daily workflow (with the luxury of having a 30' screen) but there are plenty of other options possible, don't forget to name and save your workspace. -
Cisco ISE: How to identify/inactive old users?
Hello,
I want to get all users / mac-adresses which haven't connected to out network since 180 days.
How can I query that?
The report "Dormant Users" dont seems to be the right way: it displays current associated users which are inactive...
How can I purge Cisco ISE : cleaning it from useless, old, inactive mac-addresses?
Thank you very much for any answerThe only thing I could find was purging data in the MNT node. The default is 90 days. This doesnt apply because the profiles are store on the policy node. I dont think you can in an automated form.
You could change the MNT to purge after 210 days and then run a report to see which macs have not authc in the passed 180 days. That will require excel and some scripting. -
Cisco ISE Active Directory Add Group
Hi,
I came across the Cisco ISE on integrating with Microsoft Active Directory; I would like to check what may be the use case of the add group function (External identity source-->active directory-->group-->add group)? Not too sure if it may be possible to group multiple active directory groups to the created group?
I have attached a print capture of the "add group" for reference.
Any suggestion is appreciated.I apologize for not following Ravi's post. However you can enter the group if searching for groups fails. It is case and format sensitive so using the method has to be precise....one example is looking in the authenticatiin report for a user under the "other attributes" if there is a group you want to apply as a policy you can copy and paste that group syntax under the add group which you posted.
Sent from Cisco Technical Support Android App -
Cisco ISE: How to match an endpoint belong to an identity group ?
Hello,
I am running Cisco ISE 1.1.4.218 in a standalone environment.
I am trying to setup Compound Condition for Authorization.
I would like the condition to match the MAC address of the calling machine to the internal endpoint MAC address list.
I created 1 endpoint identity group and 2 children groups
- GroupParent
- ChildA
- ChildB
I put the MAC address of my machine in the group ChildA.
In my condition, I tried the following:
IdentityGroup:Name, Equals, ChildA
IdentityGroup:Name, Equals, GroupParent:ChildA
IdentityGroup:Name, Match, .*(ChildA).*
I even tried to put the MAC address in the GroupParent level and tried to update the condition to be:
IdentityGroupName, Equals, GroupParent
IdentityGroupName, Match, .*(GroupParent).*
But no one of these options worked.
I am almost sure that in Cisco ISE 1.1.1, it was working fine. But I updated today to 1.1.4 and I cannot make it work.
Can anyone help me ?
Best regards,
DavidYou could try the following to match only the parent group
IdentityGroup:Name EQUALS GroupParent
You could try the following to match only child group A
IdentityGroup:Name EQUALS GroupParent#ChildA
You could try the following to match all child groups of GroupParent
IdentityGroup:Name STARTS_WITH GroupParent
Please rate if this helps -
How to add "Computer Description" locally to 300 Servers in our domain via PowerShell.
I'd like to use Powershell to add "Computer Description" locally to 300 Servers in domain.
I found a solution here which works but it adds "Computer Description" only to a single computer.
http://social.technet.microsoft.com/Forums/windowsserver/en-US/a777f07c-f9be-4eb5-8788-de7e5c068411/changing-computer-descriptions-remotely-using-powershell?forum=winserverpowershell
I do have a CSV file with two column headers "Server" and "Description" containing Computer Description for all 300 Servers.
I'm new to Powershell and would appreciate a step by step method.
Thanks.
stHi Mike Laughlin,
Your Script worked beautifully on most Servers.
There were some Servers on which it did not work. It showed this error in red color:
Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT:
0x800706BA)
At line:2 char:17
+ $OSValues = Get-WmiObject -Class Win32_OperatingSystem -ComputerName
$_.Serv ...
+
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Get-WmiObject], COMExcept
ion
+ FullyQualifiedErrorId : GetWMICOMException,Microsoft.PowerShell.Commands
.GetWmiObjectCommand
Property 'Description' cannot be found on this object; make sure it exists and
is settable.
At line:3 char:5
+ $OSValues.Description = $_.Description
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : PropertyNotFound
You cannot call a method on a null-valued expression.
At line:4 char:5
+ $OSValues.Put()
+ ~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull
Hi tommymaynard,
Should I now try your Script ? -
How to add one more field in Internal table
Hi Experts
i have declared an internal table
DATA: lt_viqmel_iflos TYPE TABLE OF viqmel_iflos.
viqmel_iflos is a Standared SAP Table,
Now i want to add one more Text field in the internal table only, how to add in program. any one plz help.
<REMOVED BY MODERATOR>
Mohana
Edited by: Alvaro Tejada Galindo on Feb 7, 2008 10:09 AMyou can put this:
types: begin of t_table_viqmel_iflos,
include structure of viqmel_iflos,
new_field type xxxx.
types: end of viqmel_iflos.
DATA: lt_viqmel_iflos TYPE TABLE OF t_table_viqmel_iflos.
Luck. -
Cisco ISE - How to map User- Location - Restrict Access to other locations
Hi,
i've got a simple question and I hope someone here can help me out with this mess.
The problem is about WLAN 802.1x Auth with Cisco WLC and a ISE.
The design goal is the following:
There are several branch facilities. A user belongs to only ONE facility. This user should not access the WLAN in other facilities.
The technical design is this:
Local WLC and/or central vWLC. In the datacenter is one ISE which must handle the auth-requests. The identity source of the users, where I add and manage them, should be the ISE itself for the first time, later I want to AD and LDAP sources.
Here is the problem:
I don't understand how I can create a ruleset or something else where I can define that a user of facility A can only login over APs, WLCs,.....in facility A and NOT facility B. Or maybe my design is so bad that I have to start from scratch.
PLEASE HELP.I don't know but may be this is the correct way to validate the user:
NAS-ID in AP-Groups (One AP-Group per facility) must match "12345" AND Identity-Group must match "12345".
Iam confused because there is no way to compare these values.
In this case to compare the value of "NAS-ID" and die users "IDENTITY-GROUP".
If they match against each other than "Permit-Access". -
How to add a description to an iphoto book
I used the description box in iphoto and labeled my picture. i would like to keep the description and show it when I add it to my iBook that I want to publish. Can you tell me how to do this
is this what you are looking for , if not let me know
-
CATS via ESS - how to add WBS description field
Hi folks,
I've configured a new time profile which we will be using to integrate with Project System. We can enter the WBS number via the portal but I would also like to show a field which will automatically default to the description associated with the wbs number.
There seem to be a few user exits available but I'm not sure which one to use.
CATS0009 CATS: Customer-Specific Text Fields in Data Entry Section
Will this allow me to add the WBS description field as an additional input field via CAC2?
Any help would be much appreciated.
thanks,
AnnCATS0009 CATS: Customer-Specific Text Fields in Data Entry Section
this is it
data: output(8) type n,
rproj(8) type n.
IF CATSD_IMP-RPROJ IS INITIAL.
CALL FUNCTION 'CONVERSION_EXIT_ABPSP_INPUT'
EXPORTING
INPUT = CATSD_IMP-posid
IMPORTING
OUTPUT = output
EXCEPTIONS
NOT_FOUND = 1
OTHERS = 2.
rproj = output.
ENDIF.
IF NOT CATSD_IMP-RPROJ IS INITIAL.
rproj = CATSD_IMP-RPROJ.
else.
rproj = output
endif.
*************end insert******************
clear: disptext2_exp.
select single post1
into disptext2_exp
from prps
where pspnr = catsd_imp-rproj. < COMMENT
where pspnr = rproj. < INSERT -
How to ADD rows to a dynamic internal table??
My question is simple.
I have a dynamic internal table and I need to ADD rows to if.
I read this thread How to modify a dynamic internal table from dynamic work area but they are modifying existing data.
My internal table is EMPTY and I need to ADD new rows, so I can't use LOOP ASSIGNING.
How can I do that?
Any help is welcome!
Thanks!
BettinaHi,
try something similar.
FIELD-SYMBOLS: <fs> type any.
FIELD-SYMBOLS: <f1> type any.
ASSIGN INITIAL LINE TO lo_data ASSIGNING <fs>. " or <f_tab> - not sure w/o editor :-)
assigning component 1 of structure <fs> to <f1>.
<f1> = 'aaa'.
I write it from memory so there can be some syntax errors but focus to command APPEND INITIAL LINE ...
Regards,
Karol -
Cisco ISE 1.2 - Problem with Device Onboarding of internal users using AD Credentials
Dear experts,
We have implemented ISE 1.2 with WLC 7.5 in our organization. We are using Device Onboarding by letting the users enter their AD Username and Passowrd on Guest portal which then redirects them to device registration portal where they simply register their device and they get internet access.
The problem is that some users are unable to authenticate using this portal while some can successfully authenticate and register their devices. All users are of the same group in AD. Also, we have enabled this check on two places. One is when users connects to the SSID where the security WPA2-Enterprise uses 802.1x and asks for AD username password. The other is on the portal.
All users are able to connect to the SSID using their AD credentials. However, 30% of the users are not being authenticated when they are redirected to the Guest portal for device registration. Also, it gives no error or event on either ISE or on the mobille device. When the users enters their credentials, the same guest portal page comes back blank with no errors or logs anywhere.
Can someone guide me if there is some configuration mistake that I may have done or have someone faced this same issue and were/weren't able to resolve it.
Thanks in advance.
JayOur problem got solved. It was related to a few user accounts in AD. Usually any authentication on AD User Account is carried out using the User ID. However, during Web Authentication, Login ID/Name is also checked by ISE and should be same as User ID.
The problem you are facing might also related be to AD since we had the similar issue. try to check this on a laptop as the mobile portal gives no error if the user is unknown or invalid. Also, you can enable logs for web authentication which are off by default. It will give you a pretty good idea where the problem lies. And yeah, do not keep the web authentications log on for long, it can hang your ISE.
Anyways, thanks for all the support. -
How to add the records of 2 internal table records into one file
hello experts,
My scenario is...
I am retrieving the data for the for the credit, debit and trailer records of the customer into 3 different internal tables and finally i have to append all those records into one file first debit records then credit records finally the trailer record.... how to do that can anyone give some idea plzzzzzzzzz..
Plz its bit urgent..
Thanks a lot for your anticipation
SRIHello,
Do like this.
" Assume u have three itab.
"Itab1 - debit
"Itab2 - credit
"Itab3 - Credit.
REPORT ZV_TEST_SERVER .
*PARAMETERS: P_FILE TYPE STRING."RLGRAP-FILENAME.
CALL FUNCTION 'GUI_DOWNLOAD'
EXPORTING
* BIN_FILESIZE =
FILENAME = P_FILE
* FILETYPE = 'ASC'
APPEND = 'X' " Check here
* WRITE_FIELD_SEPARATOR = ' '
* HEADER = '00'
* TRUNC_TRAILING_BLANKS = ' '
* WRITE_LF = 'X'
* COL_SELECT = ' '
* COL_SELECT_MASK = ' '
* DAT_MODE = ' '
* IMPORTING
* FILELENGTH =
TABLES
DATA_TAB = ITAB1
* EXCEPTIONS
* FILE_WRITE_ERROR = 1
* NO_BATCH = 2
* GUI_REFUSE_FILETRANSFER = 3
* INVALID_TYPE = 4
* NO_AUTHORITY = 5
* UNKNOWN_ERROR = 6
* HEADER_NOT_ALLOWED = 7
* SEPARATOR_NOT_ALLOWED = 8
* FILESIZE_NOT_ALLOWED = 9
* HEADER_TOO_LONG = 10
* DP_ERROR_CREATE = 11
* DP_ERROR_SEND = 12
* DP_ERROR_WRITE = 13
* UNKNOWN_DP_ERROR = 14
* ACCESS_DENIED = 15
* DP_OUT_OF_MEMORY = 16
* DISK_FULL = 17
* DP_TIMEOUT = 18
* FILE_NOT_FOUND = 19
* DATAPROVIDER_EXCEPTION = 20
* CONTROL_FLUSH_ERROR = 21
* OTHERS = 22
IF SY-SUBRC <> 0.
* MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
* WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
ENDIF.
CALL FUNCTION 'GUI_DOWNLOAD'
EXPORTING
* BIN_FILESIZE =
FILENAME = P_FILE
* FILETYPE = 'ASC'
APPEND = 'X' " Check here
* WRITE_FIELD_SEPARATOR = ' '
* HEADER = '00'
* TRUNC_TRAILING_BLANKS = ' '
* WRITE_LF = 'X'
* COL_SELECT = ' '
* COL_SELECT_MASK = ' '
* DAT_MODE = ' '
* IMPORTING
* FILELENGTH =
TABLES
DATA_TAB = ITAB2 " Check here
* EXCEPTIONS
* FILE_WRITE_ERROR = 1
* NO_BATCH = 2
* GUI_REFUSE_FILETRANSFER = 3
* INVALID_TYPE = 4
* NO_AUTHORITY = 5
* UNKNOWN_ERROR = 6
* HEADER_NOT_ALLOWED = 7
* SEPARATOR_NOT_ALLOWED = 8
* FILESIZE_NOT_ALLOWED = 9
* HEADER_TOO_LONG = 10
* DP_ERROR_CREATE = 11
* DP_ERROR_SEND = 12
* DP_ERROR_WRITE = 13
* UNKNOWN_DP_ERROR = 14
* ACCESS_DENIED = 15
* DP_OUT_OF_MEMORY = 16
* DISK_FULL = 17
* DP_TIMEOUT = 18
* FILE_NOT_FOUND = 19
* DATAPROVIDER_EXCEPTION = 20
* CONTROL_FLUSH_ERROR = 21
* OTHERS = 22
IF SY-SUBRC <> 0.
* MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
* WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
ENDIF.
CALL FUNCTION 'GUI_DOWNLOAD'
EXPORTING
* BIN_FILESIZE =
FILENAME = P_FILE
* FILETYPE = 'ASC'
APPEND = 'X' " Check here
* WRITE_FIELD_SEPARATOR = ' '
* HEADER = '00'
* TRUNC_TRAILING_BLANKS = ' '
* WRITE_LF = 'X'
* COL_SELECT = ' '
* COL_SELECT_MASK = ' '
* DAT_MODE = ' '
* IMPORTING
* FILELENGTH =
TABLES
DATA_TAB = ITAB3 " Check here
* EXCEPTIONS
* FILE_WRITE_ERROR = 1
* NO_BATCH = 2
* GUI_REFUSE_FILETRANSFER = 3
* INVALID_TYPE = 4
* NO_AUTHORITY = 5
* UNKNOWN_ERROR = 6
* HEADER_NOT_ALLOWED = 7
* SEPARATOR_NOT_ALLOWED = 8
* FILESIZE_NOT_ALLOWED = 9
* HEADER_TOO_LONG = 10
* DP_ERROR_CREATE = 11
* DP_ERROR_SEND = 12
* DP_ERROR_WRITE = 13
* UNKNOWN_DP_ERROR = 14
* ACCESS_DENIED = 15
* DP_OUT_OF_MEMORY = 16
* DISK_FULL = 17
* DP_TIMEOUT = 18
* FILE_NOT_FOUND = 19
* DATAPROVIDER_EXCEPTION = 20
* CONTROL_FLUSH_ERROR = 21
* OTHERS = 22
IF SY-SUBRC <> 0.
* MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
* WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
ENDIF.
If useful reward.
Vasanth -
How to specify in the ISE mac-address with its description?
Hello :-)
I want to implement ISE 1.2.
We have a database of mac-addresses and their description (for example the phone with the Mac address, John).
When connecting the phone John to a wifi network, WLC checks its mac-address in the database and allows access.
How to specify in the ISE Mac address with its description?
In the endpoint settings in ISE 1.2 there is no description field. We have ISE1.2.1.198, vWLC 8.0.100, AIR-LAP1131, MS AD (Win2003).
How can I handle this situation? Any ideas?This link http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/user_guide/ise_user_guide/ise_man_network_devices.html about managing network devices(router,switch), not endpoints(phone, notebook).
Maybe you are looking for
-
Wrong covers downloading to iTunes
When copying my discs to iTunes, most artwork downloads automatically and attaches to the albums, but some artwork simply doesn't appear. In such cases, I scan the original covers and drag the images into iTunes. Fine, most of the time, but on a few
-
My iPhone 5 won't stop scrolling through songs and I can't stop it please help !! :(
My iPhone 5 won't stop scrolling through songs and I can't stop it please help !! :(
-
Auto update typedef not working in LabVIEW 2009
I was creating a type def for a customized button control and trying to figure out what action went with each of the 6 different picture images. In the process, I found that the only way I could get my VI to auto-update the control was through using
-
I can not activate my iPhone 2g through iTunes need help
i bought a iphone 2g and itunes will not allow me to activate. I connect to itunes and it connects but when it is done doing what it is supposed to it says were sorry were unable to continue with your activation at this time please try again later
-
Is it possibe to maximise the screen space by INTEGRATION of 'the bars' at the top?
Is it possible to integrate the 3 'bars' at the top of the browser i.e., doing away with the title bar and integrating the menu bar and the tab bar?