Concentrator 3005: Assigning IPs based on username...
Can someone point me to a paper that will describe how (if possible), that a client logging into a Cisco VPN Concentrator can be given a specific static IP, based on information in a RADIUS profile? (RADIUS is running on an RSA SecureID server, so people authenticating via RADIUS are 2X-factor authenticated.
Requirement: I need a specific IP address to go to a specific user each time they log in. This way, I can authorize them to certain resources by passing them thru a Firewall on the Private side of the concentrator. For now, I have 70 users, but may balloon to 2,000.
I can't rely on the "group password" feature, because if users share group passwords, then they can assign themselves an IP from a pool where they don't belong.
Summary: I need two-factor authentication of an IP address - You must provide 2X-factor authentication to get a certain IP address...
Hi Charles,
Thanks for that, an interesting read however I dont believe it is applicable to my situation since I dont use a Cisco RADIUS solution for AAA.
What I have is 3005's at the perimeter acting as the VPN end-pont. These end-points authenticate connections locally and do XAUTH via a RSA RADIUS server. There is a couple of ASA between the 3005s and the RADIUS servers however they dont do any AAA as such.
The document you've provided me with seems to indicate authorisation needs to be done on a Cisco device that can store the ACLs, and provides example for using ASAs. I would prefer to do it on the 3005s, if possible and leave the ASAs untouched (assume the rules on the ASA allow all traffic through, and access will be more tightly defined at the 3005).
If you have any suggestions/further documentation to support my desired setup I'm all ears.
Thanks in advance
Cheers
Scott
Similar Messages
-
My old D-Link router had a table where I could tell the DHCP server to assign specific IPs based on the MAC address of the device. I can't find a place in the WRT54G to do this. Do I have to go to each device and assign a fixed IP at the device? I like to keep the DHCP server active for setting up new devices and visitors. By using DHCP in my devices I don't have to reconfigure when I travel. With the old D-Link this worked find. It appears this could be a problem with the WRT54G. Am I missing something? Thanks, Bob
You are correct. The WRT54G does not support the "DHCP reservation" feature. However, several of the newer Linksys wireless n routers support this feature.
With the WRT54G, you can manually assign your computers a fixed LAN IP address. You can also have a fixed address on some computers, while others take their address from the WRT54G's DHCP server. Generally, unless you have a specific need for a fixed LAN IP address (for example, some online games require this for port forwarding to work properly), you should use a DHCP assigned address.
Linksys has some specific rules about assigning fixed LAN IP addresses. They are different from the D-Link.
Rules for using fixed LAN IP addresses on Linksys routers:
With Linksys routers, a fixed (static) LAN IP addresses must be assigned in the device that is using the address. So you need to enter the fixed address in the computer or printer, not in the router.
When using a Linksys router, any fixed LAN IP address must be outside the DHCP server range (typically 192.168.1.100 thru 192.168.1.149), and it cannot end in 0, 1, or 255.
Therefore any fixed LAN IP address would normally need to be in the range of
192.168.1.2 thru 192.168.1.99 or
192.168.1.150 thru 192.168.1.254
assuming you are still using the default DHCP server range.
Also, in the computer, when you set up a static LAN IP address, you would need to set the "Subnet mask" to 255.255.255.0 and the "Default Gateway" to 192.168.1.1 and "DNS server" to 192.168.1.1
It is also important that no two devices on your network be set to the same static LAN IP address. -
Bizarre WiFi Connectivity Issue; Self-Assigned IPs, Static IP Doesn't work
The short and sweet of the problem: Macs/Apple Devices are pulling self-assigned IP addresses when connecting to a Linksys EA6900/AC1900 router.
Here’s the detail: I am working at an office with 1 Airport Extreme and 1 Linksys EA6900/AC1900, both are configured for Bridge Mode and both use WPA. DHCP is being handled by a Watchguard XTM5 series firewall.
When Macs (and often iPhones) connect to the Linksys (on 2.4 or 5Ghz) they get a self-assigned IP address. If you enter a manual address you still do not have any connectivity. However, if you connect to the Extreme you will instantly get an IP address, and if you switch to the Linksys your DHCP address will carry over and you will retain connectivity. This problem does not happen to the Windows machines in the office- they all connect to all base stations without any issue. Total users on the network range from 5 to 20 WiFi users at any given time plus and AppleTV (also affected).
More info: When there are between 5-10 people in the conference room for a morning meeting the Macs will all revert to self-assigned addresses (even if they were working before). The workaround has been to connect to the Extreme, but there are occasions when this occurs that the Extreme will also not seem to pass the DHCP addresses from the firewall; addresses become self-assigned and you lose all internet. To make matters more odd, this behavior seems to really only affect the network during business hours; after hours the Linksys works pretty much normally and any device can connect without issue.
Things I’ve done: Run Wireshark and located a number of rogue devices that were handing out overlapping DHCP addresses. Identified machines that were ARP storming and removed them. Expanded the DHCP pool so that we aren’t running out of addresses and confirmed that we had enough by checking the logs.
More things I’ve done: Used Netspot to check signal strength and channel overlap and isolation. I have mapped the signal strength by location and we have strong signals to the various locations (the Linksys AP is 7 feet from the conference room). I have checked that the firmware is the most recent version.
I can’t find any logical reason for the Macs (and pretty much only the Macs/Apple devices) to not be picking up DHCP info through the bridge mode devices. I would tell them to get another Extreme but they are going to be deploying a Cisco Meraki system soon and I suspect that this problem will persist since the Linksys was put in place because the last AP displayed the same behavior with the Macs picking up self-assigned IPs. Affected Macs range from 2010 era MBP and Air to 2013 MBP and Air and they are running OSX 10.8 through 10.10.
As for the history of this network, I just walked into this company and know very little about how well it worked before, but apparently it has always been flaky according to the staff.I agree that something isn't right; I am going to cut over DHCP services from the Watchguard to the newly deployed OS X Server tonight and see if that changes anything.
On the other hand, faulty DHCP server/client settings doesn't explain why applying a static IP still leaves you with no connectivity. I think that clue is also fairly important but I can't figure out what would be blocking connectivity on a static IP setup. -
Work flow issue: Assign agent based on role
Hi,
We are facing an issue in SAP workflow.
How to assign agent based on the role of an employee.
Thanks for your input.
Thanks
MuthukumarHi,
Make sure that you have configured properly in transaction OMGS.
If it is done, then we can not do much about it.
I faced the similar issue and i had to convince the user that it is a porblem.
PO release workflow has some problems.
Hope it helps.
Regards,
Shashank -
How do I assign IP based on MAC? For example: I want my desktop (MAC: xx:xx:xx:xx) to have IP 192.168.1.100. I used to have D-Link router, and it was easy to assign IP but I cannot find a way to setup on AirPort Extreme N. Please help. Thank....
Rajesh,
Can you be bit more specific. The current program is "Airport Admin Utility" and after searching, I can't find the section or fields you are referring to.
Thanks,
Jeff -
DHCP - one server, 2 scopes, 2 NICs, one scope is not assigning IPs
Hi all,I just setup a DHCP server and one of the 2 scopes is not assigning IPs. Here’s my setup:DHCP running on Windows Server 2008.I have 2 VLANs – VLAN1 192.168.2.0 for our network and VLAN2 192.168.20.0 for guests. I started the DHCP role on the DC. I put one NIC of the server on VLAN1 and one NIC on VLAN2. Bindings on both NICs. I created two scopes – corporate scope 192.168.2.0 and guest scope 192.168.20.0. When I connect a laptop to a port on VLAN1 I get an IP just fine, when I connect it to a port on VLAN2 I don’t get an address. If I assign a static IP on VLAN2 to my laptop I can ping the DHCP server just fine, but as soon as I switch back to dynamic the laptop doesn’t get an IP address. I move the cable over to VLAN1and it works just fine.The router IP and DNS server information are different on each scope, but I’m not even...
This topic first appeared in the Spiceworks CommunityHi all,I just setup a DHCP server and one of the 2 scopes is not assigning IPs. Here’s my setup:DHCP running on Windows Server 2008.I have 2 VLANs – VLAN1 192.168.2.0 for our network and VLAN2 192.168.20.0 for guests. I started the DHCP role on the DC. I put one NIC of the server on VLAN1 and one NIC on VLAN2. Bindings on both NICs. I created two scopes – corporate scope 192.168.2.0 and guest scope 192.168.20.0. When I connect a laptop to a port on VLAN1 I get an IP just fine, when I connect it to a port on VLAN2 I don’t get an address. If I assign a static IP on VLAN2 to my laptop I can ping the DHCP server just fine, but as soon as I switch back to dynamic the laptop doesn’t get an IP address. I move the cable over to VLAN1and it works just fine.The router IP and DNS server information are different on each scope, but I’m not even...
This topic first appeared in the Spiceworks Community -
Problem with Linksys Router Model WRT110 Not Assigning IPs With DHCP?
Hello,
I recently purchased this router (WRT110) to take the place of my old Belkin that was continually dropping connections (which was a real pain when trying to download stuff off the Internet).
However, I cannot get this router to assign IPs to wired or wireless computers. I spent around 2 hours talking to Linksys support technicians (two total) before they finally told me the router was defective.
So, I went back to the store and got an exchange. But, it's the same story with this router, the connections can't get past the "acquiring network address" stage in the connection process.
I would like to think that this has more to do with my ISP than the router, but if I set up a static IP on the wired computer I can connect to the Internet and the router through its default gateway. Setting up a static IP on the wireless computer doesn't seem to work, however. If the ISP was a problem, wouldn't the router not detect the Internet connection at all?
DHCP is definitely enabled on the router also.
My ISP is a small town owned company. I have a wireless broadband connection, which works similarly to satellite, only the connection is broadcast via a tower and is received with an outside antenna.
I still need to contact them about this, but I figured it could hurt to ask here and see some of your suggestions.
Thank you!
~RJGUPDATE: I contacted my ISP today and the technician I spoke with said he didn't know of any problems any routers would have with their wireless broadband. I tend to agree with him, as I've configured two routers previously using my connection and I've never had any difficulty until now. He suggested changing the ethernet cable and releasing/renewing my IP address, both of which I did but I continued to have the same issues.
But, after doing some more research I found some settings that actually allowed my wireless computer to connect. There was a post in these forums referring to modifying the MTU, changing it from Auto to Manual and changing the value to 1458 actually seemed to work, as well as strengthening the connection by changing the beacon interval. Anyway, I can connect wirelessly now.
Also, I connected my Linux computer (Ubuntu 8.04 Hardy Heron) to the router and was able to connect instantly, no problems whatsoever. So, out of my three computers, two are connecting, but my wired Windows computer is still having issues. However, if I set a static IP for that computer, I can connect fine.
I'm thinking maybe there is something wrong with the NIC card in that computer, but how would one test something like that?
It doesn't make sense to me, I would really appreciate any input. Thank you! -
Cisco PIX 501 to Cisco Concentrator 3005 via Remote Access
Hello folks,
I need your help.
We got a Cisco PIX 501 in one location and this pix is configured for pppoe dial out. The pix connects itself to the internet via pppoe client. ping to an offical ip is running well.
So what I want to do is to establish a von tunnel between this pix and a cisco 3005 concentrator.
But I was not successull to establish it.
Here is the pix config. the acl?s are only for testing and will be replaced if it works.
PIX Version 6.3(4)
interface ethernet0 10baset
interface ethernet1 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password xxx
passwd xxx
hostname PIX-AU
domain-name araukraine.ua
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol ils 389
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
access-list outside permit ip any any
access-list inside_access_in permit ip any any
pager lines 24
logging on
logging monitor warnings
logging buffered warnings
mtu outside 1456
mtu inside 1456
ip address outside pppoe setroute
ip address inside 192.168.x.x 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm location 192.168.x.x 255.255.255.224 inside
pdm logging warnings 500
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
access-group outside in interface outside
access-group inside_access_in in interface inside
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
aaa authentication ssh console LOCAL
http server enable
http 192.168.x.x 255.255.x.x inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
telnet 192.168.x.x 255.255.x.x inside
telnet timeout 5
ssh 194.39.97.0 255.255.255.0 outside
ssh timeout 5
management-access inside
console timeout 0
vpdn group pppoe_group request dialout pppoe
vpdn group pppoe_group localname [email protected]
vpdn group pppoe_group ppp authentication pap
vpdn username [email protected] password *********
encrypted privilege 15
vpnclient server 212.xx.xx.xx
vpnclient mode network-extension-mode
vpnclient vpngroup vpntest password ********
vpnclient username pixtest password ********
terminal width 80
on the concentrator I created a user pixtest, a group vpntest and I?ve created rules for the network e.g. to which server the users behind the pix will be able to access.
And that?s all.
I could not send you the output either of the pix or concentrator because I did not get an error or a message that the tunnel will be established.
What can be wrong ?
Thanks for the repliesThis sample configuration demonstrates how to form an IPsec tunnel from a PC that runs the Cisco VPN Client (4.x and later) to a Cisco VPN 3000 Concentrator to enable the user to securely access the network inside the VPN Concentrator.
http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a008026f96c.shtml -
VPN Concentrator 3005 will not allocate IP Addresses
Greetings,
I have a very strange issue. I have configured a 3005 concentrator with an address pool that is in the same subnet as the private interface. When I try and connect a client...I get an error stating that NO AVAIL ADDR with a further explanation that an IP address could not be obtained for the remote peer because it exhausted all available addresses.
Further study of the log files shows that the concentrator believes there is a network conflict...however I can assure everyone there isn't.
Can anyone tell me why the concentrator would false think that an IP address had already been assigned when it isn't?
It works fine if I use a different pool...however this is on a DMZ and we really don't want to use another subnet for a few VPN clients.
The exact error it give is:
IP Address Conflict on the network: 192.168.123.101
Marking address as unusable
There is no 123.101 anywhere on the subnet.
The worst part is...I have another concentrator setup the exact same way at a different location and this config works just fine.
Any ideas?
Thank you very much!thank you for your reply...but we are running 4.7.2.O
any other ideas why this would happen? -
Group Policy Logon Script to create folder based on username, run as admin
Hello,
I'm at a loss as to how to make this work. I wrote the following PowerShell script that will check to see if the currently logged in user has a folder on a share, and if not it will create the folder and set appropriate permissions. I want to
run it as a Group Policy Logon Script, however I need to run this script as an administrator because users don't have any write/create access at the folder level of the file share. The problem with that then becomes $ENV:Username resolves to the admin
account the script is running under.
Any ideas?
Thanks!
Ryan
# Declare Variables
$strName = $env:USERNAME
$strDomain = $env:USERDOMAIN
If ($strDomain -eq "domain.org") {
# Split Username into 2 variables
$data = $strName.Split("_")
$fname = $data[0]
$lname = $data[1]
#Find first character of last name
$firstcharacter = $lname[0]
# Figure out if last name begins with A-M or N-Z
$A_M=$firstcharacter -match "[a-m]"
$N_Z=$firstcharacter -match "[n-z]"
# Checks to see if folder exists
If ($A_M -eq $true){$FolderExists = Test-Path "\\staff-files\staff\Last Name A-M\$strName"}
elseif ($N_Z -eq $true){$FolderExists = Test-Path "\\staff-files\staff\Last Name N-Z\$strName"}
# Creates folder if it doesn't exist
If (($FolderExists -eq $false) -and ($A_M -eq $true)){
New-Item "\\staff-files.domain.org\Staff\Last Name A-M\$strName" -type directory
$DirPath = "\\staff-files.domain.org\Staff\Last Name A-M\$strName"
elseif (($FolderExists -eq $false) -and ($N_Z -eq $true)){
New-Item "\\staff-files.domain.org\Staff\Last Name N-Z\$strName" -type directory
$DirPath = "\\staff-files.domain.org\Staff\Last Name N-Z\$strName"
ElseIf ($strDomain -eq "students.domain.org") {
# Pull 2 digit year from username and make 4 digit year
$4digityear = "20" + $strName.Substring(0,2)
# Checks to see if folder exists
$FolderExists = Test-Path "\\files.domain.org\students\$4digityear\$strName"
# Creates folder if it doesn't exist
If ($FolderExists -eq $false) {
New-Item "\\files.domain.org\students\$4digityear\$strName" -type directory
$DirPath = "\\files.domain.org\students\$4digityear\$strName"
# Assign Permissions
If ($FolderExists -eq $false){
$target = $DirPath
$acl = Get-Acl $target
$inherit = [system.security.accesscontrol.InheritanceFlags]"ContainerInherit, ObjectInherit"
$propagation = [system.security.accesscontrol.PropagationFlags]"None"
$accessrule = new-object system.security.AccessControl.FileSystemAccessRule ("CREATOR OWNER","Modify",$inherit,$propagation,"Allow")
$acl.AddAccessRule($accessrule)
$accessrule = new-object system.security.AccessControl.FileSystemAccessRule ("NT AUTHORITY\SYSTEM","FullControl",$inherit,$propagation,"Allow")
$acl.AddAccessRule($accessrule)
$accessrule = new-object system.security.AccessControl.FileSystemAccessRule ("administrators","FullControl",$inherit,$propagation,"Allow")
$acl.AddAccessRule($accessrule)
If ($strDomain -eq "students.hempfieldsd.org"){
$accessrule = new-object system.security.AccessControl.FileSystemAccessRule ("DOMAIN\Domain Users","Modify",$inherit,$propagation,"Allow")
$acl.AddAccessRule($accessrule)
$accessrule = new-object system.security.AccessControl.FileSystemAccessRule ("DOMAIN\Staff_Tech","FullControl",$inherit,$propagation,"Allow")
$acl.AddAccessRule($accessrule)
$accessrule = new-object system.security.AccessControl.FileSystemAccessRule ("DOMAIN\Enterprise Admins","FullControl",$inherit,$propagation,"Allow")
$acl.AddAccessRule($accessrule)
$accessrule = new-object system.security.AccessControl.FileSystemAccessRule ($strName,"FullControl",$inherit,$propagation,"Allow")
$acl.AddAccessRule($accessrule)
$acl.SetAccessRuleProtection($true,$false)
$acl.SetOwner([System.Security.Principal.NTAccount]$strName)
Set-Acl -AclObject $acl $target
Ryan Breneman - Systems Administrator - Hempfield School DistrictThanks jrv. That is kind of what I thought but wasn't sure. I think I will attack this a different way and modify the script to run through all the AD accounts and check for folder existence and create if needed. Perhaps I'll play
with System Center Orchestrator and run it inside there.
These folders aren't being used for profile storage, and we already have folder redirection pointing to them, however I don't want a user to login to citrix and not have anywhere to save if they didn't have a folder to redirect to.
Folders are supposed to be created when the staff member/student AD account is created, but it doesn't always happen.
Thanks for your help!
Ryan Breneman - Systems Administrator - Hempfield School District -
Dynamically assigning variables based on condition in pl/sql
I have a script which takes 6 input parameters but based on input 1 parameters 2 to 6 will be assigned to different variables. but the condition is not being checked during variable assignment phase. even if table_update is 'P' para,mater 2 is getting assigned to tariff_group instead of offer_id. Is there any way to solve this problem so that variables get assigned based on condition.
table_update := '&1';
if(table_update = 'T')
THEN
tariff_group := '&2';
gf_version := &3;
tariff_table_name := '&4';
flag := '&5';
if(no_rows_tariff(tariff_table_name, gf_version, tariff_group))
THEN
if(flag = 'I')
THEN
tariff_column_name := column_tariff(tariff_table_name);
ELSIF(flag = 'R')
THEN
max_gf_tariff(tariff_table_name, gf_version, tariff_group);
ELSE
DBMS_OUTPUT.PUT_LINE('Please enter correct option for update I- Insert R-Rollback');
END IF;
END IF;
ELSIF(table_update = 'P')
THEN
offer_id := &2;
gf_version := &3;
promotion_table_name := '&4';
flag := '&5';Although you do not say what your problem is, I suspect that it si something like this:
SQL> !cat t.sql
DECLARE
table_update VARCHAR2(1);
tariff_group VARCHAR2(3);
gf_version NUMBER;
tariff_table_name VARCHAR2(5);
offer_id NUMBER;
promotion_table_name VARCHAR2(5);
flag VARCHAR2(1);
BEGIN
table_update := '&1';
IF table_update = 'T' THEN
tariff_group := '&2';
gf_version := &3;
tariff_table_name := '&4';
flag := '&5';
ELSIF table_update = 'P' THEN
offer_id := &2;
gf_version := &3;
promotion_table_name := '&4';
flag := '&5';
END IF;
DBMS_OUTPUT.Put_Line ('TableUpdate: '||table_update);
DBMS_OUTPUT.Put_Line ('TariffGroup: '||tariff_group);
DBMS_OUTPUT.Put_Line ('GfVersion: '||gf_version);
DBMS_OUTPUT.Put_Line ('Tarifftable: '||tariff_table_name);
DBMS_OUTPUT.Put_Line ('OfferID: '||offer_id);
DBMS_OUTPUT.Put_Line ('PromoTable: '||promotion_table_name);
END;
SQL> @t T TG1 1 TTN1 F
old 10: table_update := '&1';
new 10: table_update := 'T';
old 12: tariff_group := '&2';
new 12: tariff_group := 'TG1';
old 13: gf_version := &3;
new 13: gf_version := 1;
old 14: tariff_table_name := '&4';
new 14: tariff_table_name := 'TTN1';
old 15: flag := '&5';
new 15: flag := 'F';
old 17: offer_id := &2;
new 17: offer_id := TG1;
old 18: gf_version := &3;
new 18: gf_version := 1;
old 19: promotion_table_name := '&4';
new 19: promotion_table_name := 'TTN1';
old 20: flag := '&5';
new 20: flag := 'F';
offer_id := TG1;
ERROR at line 17:
ORA-06550: line 17, column 19:
PLS-00201: identifier 'TG1' must be declared
ORA-06550: line 17, column 7:
PL/SQL: Statement ignoredAs you can see, the initial assignments for compilation purposes are done prior to actually running the code, and the assignment to offer_id is failing.
If I change offer_id to a varchar and quote the &2, then the compilation assignemnt works, and the actual logic of the script works:
SQL> !cat t.sql
DECLARE
table_update VARCHAR2(1);
tariff_group VARCHAR2(3);
gf_version NUMBER;
tariff_table_name VARCHAR2(5);
offer_id VARCHAR2(3);
promotion_table_name VARCHAR2(5);
flag VARCHAR2(1);
BEGIN
table_update := '&1';
IF table_update = 'T' THEN
tariff_group := '&2';
gf_version := &3;
tariff_table_name := '&4';
flag := '&5';
ELSIF table_update = 'P' THEN
offer_id := '&2';
gf_version := &3;
promotion_table_name := '&4';
flag := '&5';
END IF;
DBMS_OUTPUT.Put_Line ('TableUpdate: '||table_update);
DBMS_OUTPUT.Put_Line ('TariffGroup: '||tariff_group);
DBMS_OUTPUT.Put_Line ('GfVersion: '||gf_version);
DBMS_OUTPUT.Put_Line ('Tarifftable: '||tariff_table_name);
DBMS_OUTPUT.Put_Line ('OfferID: '||offer_id);
DBMS_OUTPUT.Put_Line ('PromoTable: '||promotion_table_name);
END;
SQL> @t T TG1 1 TTN1 F
30 /
old 10: table_update := '&1';
new 10: table_update := 'T';
old 12: tariff_group := '&2';
new 12: tariff_group := 'TG1';
old 13: gf_version := &3;
new 13: gf_version := 1;
old 14: tariff_table_name := '&4';
new 14: tariff_table_name := 'TTN1';
old 15: flag := '&5';
new 15: flag := 'F';
old 17: offer_id := '&2';
new 17: offer_id := 'TG1';
old 18: gf_version := &3;
new 18: gf_version := 1;
old 19: promotion_table_name := '&4';
new 19: promotion_table_name := 'TTN1';
old 20: flag := '&5';
new 20: flag := 'F';
TableUpdate: T
TariffGroup: TG1
GfVersion: 1
Tarifftable: TTN1
OfferID:
PromoTable:John -
ORA-01555 error when assigning values based on geometry
Hello,
I have a table with 220,000+ records with street information, and I am trying to assign a municipal area (stored in another table) based on the geometry of the road line and the geometry of the municipal boundary.
CREATE TABLE TEMP AS SELECT A.ID, B.AREA FROM ROADS A, PLACES B WHERE B.TYPE IN (33,35,36,37) AND mdsys.sdo_relate (a.geometry,b.geometry,'
mask=inside querytype = window')='TRUE';
This took a long time to run and it came back with a series of errors, one of which was ORA--01555 'snapshot too old'. I was running other queries on the table (in a separate SQL window) because I'm under a deadline, so i figured that doing multiple things at one time while the spatial query was running was causing the problem. I didn't have time to run it again (it was the end of the day when the error came up, conveniently) so I am trying to work out a solution to this issue.
Would it be better if I: a) ran the statement again on the whole dataset and did nothing else while it is running, even though it will still take a while, or
b) broke it up into groups of 50,000 records and run the statement on one group at a time and hope for the best.
Thanks in advance!Assuming you have less municipal areas than roads, the query should perform better by specifying the join order:
CREATE TABLE TEMP AS (
SELECT /*+ ORDERED */ A.ID, B.AREA
FROM PLACES B, ROADS A
WHERE B.TYPE IN (33,35,36,37)
AND mdsys.sdo_relate (a.geometry, b.geometry,'mask=inside querytype = window') = 'TRUE');Also, are you sure 'inside' is the right mask to use here? What if a road intersects the edge of the municipality? In that case it wouldn't be returned by this query. -
Risk Management 10: Assign users based on Org structure
Hello,
In GRC Risk Management 10, you can assign users to a risk in the roles tab of a risk.
Is it possible to be able to assign any employee in HR org structure to one of these roles such as Risk Owner?
More specifically, would it be possible to create a link such that only the employees in the assigned organization unit in the risk are shown in the list of users to be assigned to one of these roles?
Thankswe have the scenarioas below
need to integrate the third party HR system ORG structure entity to the Role based travle management approval task.
but the process and workflow structure for all the department are same.
only the roles are different for each user.
no need to disple the standard approval role in Process initiation.
Custom role should be populated based on the selection from the first action.
example: if the user need cash and he should select the cash need option from
first action then the finace approver should appear in next action.
if not it should not appear.
please advice which GP callable object is best for this process.
i have the plan to use the webdynpros..
regards
Sukumar -
Web-Based Setup Username ??
I am able to log onto the web-based router setup page (192.168.1.1) and enter the password (I have changed the password from default)
but the username is blank ??
why is this, and is there a way to change it ?
SHOULD i change it ? what about for remote access
wrts54gs v1.1
thanks
Message Edited by Sethboy on 09-29-2007 05:53 PMI could not find a WRTS54GS User Guide. I assume you mean a WRT54GS.
Most Linksys routers, including the WRT54GS, do not use a "user name". You should leave this blank.
If you plan to access your router remotely, i.e. from across the Internet, then you need to use a very secure login password on your router. If you use a simple password, such as a dictionary word, your router will be open to a brute force attack.
For this type of setup, I usually recommend a password of at least 24 random characters, including captial letters, small letters, and digits. Do not use any blanks in the password.
Message Edited by toomanydonuts on 09-30-2007 03:48 AM -
Lead Assignment Rule Based on Industry and Zip Code
Can we set up a lead assingment rule based on multiple conditions?
For example, if Industry = Retail and
State = VA assign to Bob
State = MD assign to Jim
State = CA assign to Karen
Industry = Commercial and
State = NY assign to Lam
State = VA assign to John
State = CA assign to Karen.....Hi Bob,
In continuation to your reply, can we add more complexity to these rules like with industry and state, if i want to assign a lead based on to the tyoe of product and the revenue of the company.
e.g.
Industry - Retail
State - MA
Product - ABC & Revenue of company - $100M - assign it to Sales person 1
OR
Industry - Retail
State - MA
Product - ABC & Revenue of company - $1M - assign it to Sales person 2
Regards
Nisman
Maybe you are looking for
-
Please help!! How many times can you install Lightroom 5? My problem is that I have saved my programs on C. To I have more space, I want to save my programs now on E. Can I now uninstall Lightroom and reinstall from C to E? Can I use the same license
-
How to share my iPad screen with someone else who is not on my network?
I'd like to share my iPad screen with someone else who has an iPad and is connected to the internet, but not on my WiFi. Is this possible? Any apps that do this?
-
I can´t connect iPad to airbook
Hi! I try to connect my iPad to my Macbook Air to sync it and it goes beserk. Says to authorize the device and just blinks nonstop. Then it says that the device is no longer connected. HELP!
-
ColdFusion 6.1 restart every few minutes
Hi, I am running ColdFusion MX 6.1, Win 2003, JVM 1.4.2-b28. The issue is every few minutes the ColdFusion is restarting automatically when checked in the application events. The error description says : The coldfusion mx application server service k
-
Hi i want to dispplay prjid, strengths, area. and in below i want to dispaly the count how many records are mapped to particular area. so i created group on area and cacluate the summary. and i diplay id, strengths, area in detail section. but here d