Control/Limit web access

Similar Messages

• Transfer client custom control to web access.

  Hello,
  in my team we work with TFS 2012 and we have created some custom controls for Visual Studio 2012/2013. Because we have users that they don't want to install Team Explorer to access TFS, we decided to make these custom controls for web access. Is it possible
  to convert the already implemented custom control into a new web custom control?
  Thanks in advance!
  Spiros Merkouris

  Hi Spiros, 
  Thanks for your post.
  As far as I know there’s no default way convert VS custom control to Web Access custom control directly.
  For how to create TFS 2012 Web Access work item custom control, please refer to the information in this article:
  http://blogs.msdn.com/b/serkani/archive/2012/06/22/work-item-custom-control-development-in-tf-web-access-2012-development.aspx.
  For how to deploy TFS 2012 Web Access work item custom control, please refer to:
  http://blogs.msdn.com/b/serkani/archive/2012/06/22/work-item-custom-control-development-in-tf-web-access-2012-deployment.aspx.
  For more custom controls, please refer to:
  http://witcustomcontrols.codeplex.com/.
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• JRockit Mission Control (jrmc) - Web access

  Hi experts,
  I have JRockit installed on Linux x86-64 (Suse Linux SLES10) box. The requirement is to be able to provide a url to outside non Linux users who can access jrmc via Internet Explorer on their PCs/laptops. My questions are:
  1. Is this possible?
  2. If yes, is there some special configuration that I need to do? If yes, can someone please provide highleve steps
  Thanks,

  Other users can use the JRMC application to connect to and monitor your running JRockit JVM instance on the Suse machine,
  could that be what you're after? (There's no involvement of any webbrowsers in this)
  If this is what you'd like to do, you should add the following to your java commandline:
  "-Xmanagement:ssl=false,authenticate=false" (and possibly also add ",port=<port number of your choice>", default is 7091)
  The non-linux users, given that they have network access to the suse machine, can start up JRMC and create a connection to <hostname>:<port>.Thanks Klara! Can you explain a little more please -
  1. Would those external users be using something like a url (machinename:7091) from their PC/laptops? How will they start jrmc? Or would they need it installed on their PCs/laptops?
  2. Do you have an metalink/Oracle MOS note number that tells how to do this or some link that explains this in more details please?
  Thank you again,

• OWA (outlook web access) server character limit

  Hi,
  When I try to add the server for my OWA account on the BIS account, it truncates the last portion, as it seems the server name is too long. Does anyone know what the character limit is set to (seems to only allow about 72 characters), or if BB has any plans on increasing this limit any time soon?
  Thank you,
  Ken

  Hi and Welcome to the Forums!
  While I don't know the specific answer to your question, I can offer a potential workaround...
  If you have been trying to configure using the device interface to BIS (Setup > Email Settings), then you might try (from a PC/browser) your carriers web interface to BIS. You can find it here:
  http://www.blackberryfaq.com/index.php/Where_can_I_log_into_my_BIS_account%3F
  And FWIW here is the OWA configuration KB:
  KB03133 How to integrate a Microsoft Outlook Web Access email address with a BlackBerry Internet Service account
  Best!
  Occam's Razor nearly always applies when troubleshooting technology issues!
  If anyone has been helpful to you, please show your appreciation by clicking the button inside of their post. Please click here and read, along with the threads to which it links, for helpful information to guide you as you proceed. I always recommend that you treat your BlackBerry like any other computing device, including using a regular backup schedule...click here for an article with instructions.
  Join our BBM Channels
  BSCF General Channel
  PIN: C0001B7B4   Display/Scan Bar Code
  Knowledge Base Updates
  PIN: C0005A9AA   Display/Scan Bar Code

• Outlook Web Access S/MIME control on my system

  I am running Windows 7 home premium and I once had outlook web access S/MIME control on my system and when i logged in a few days ago .....I no longer have the ability to read encrypt messages.  Help???? Please????

  Hello msouthousehog,
  Please take a look at the following article.
  https://technet.microsoft.com/en-us/library/bb124432%28EXCHG.65%29.aspx?f=255&MSPPError=-2147217396
  Users who do not have administrator privileges receive an error when they attempt to install Outlook Web Access with the S/MIME control.
  To receive better support, it is recommended to ask in the TechNet OWA forum.
  The professionals there will be glad to help you.
  https://social.technet.microsoft.com/Forums/office/en-US/home?forum=exchangesvrclients
  Thanks for your understanding.
  Best regards,
  Fangzhou CHEN
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Problem - acs command authorization and web access control

  Hi, I'm trying to add the control of some aironet 1310 bridges with a ACS 3.2 (tacacs+). I wanted to be able to do telnet command authorization restrictions trough shell command authorization sets and be able to give similar restrictive web access at the same time. I have it working if I permit some commands that are sent by the browser as "write memory quiet" and few other ones, but for it to work, I must give them limited users the privilege level 15 and by having the tacacs server authorizing the commands, it work for both, http and telnet. Where my problem begin is when I loose the connection with the ACS server, the user being already authenticated as level 15 user, the device become open to all commands; there is no more restriction applied by the ACS. Do anybody now a workaround.

  It is already at local, that is just that the user already have a level 15 access and I used to control the commands through level settings before. So when I try it, my user that is localy level 5 is already recognized as a level 15 user from when it was authenticated through the ACS. If I could find a way to give web access to the 1310 at priv level 5 and still controlling the command set, it would be ok but as soon as I try to access a page that is not permitted other way than by the view level (i think it's level 1... or 0), I get a username password prompt with that line on the top of it:"level_15_or_view_access" and the only way I can access it is by entering a level 15 un/pass. I attached my 1310 aaa config
  and here are the command set that work at level 15 to do a "shut" or "no shut" of the radio interface by the web interface:
  configure
  permit terminal
  exit
  permit Unmatched Args
  interface
  permit Dot11Radio0
  no
  permit shutdown
  permit cca
  ping
  permit Unmatched Args
  show
  permit Unmatched Args
  shutdown
  permit Unmatched Args
  telnet
  permit Unmatched Args
  write
  permit memory quiet
  Thanks for the help !

• Power Shell Web Access - How to limit the cmdlets and give regular users, access to perform tasks

  It is possible to give to regular/standard users, powershell web access to give only, for example, "get-" cmdlets?
  The ideia is to provide help desk tech users, a minimum level of access on some servers, and it will be usefull to give then, basic and restrcted access to a few cmdlets, performe harmless activities and mybe some level of access, not alloweing to to using
  RDP, but PS, insted

  While PowerShell Web Access (PSWA) does require authorization rules to function, these rules do not specify what cmdlets can be used in a PSRemoting session. The PSWA authorization rules define what user, or group of users, can remotely connect to what computer,
  or group of computers, through the PSWA gateway (the PSWA server).
  What you need to research are session configurations and/or endpoints. These are separate from PSWA, but can be used in conjunction with PSWA (PSWA website > Optional connection settings > Configuration >
  NameOfConfiguration), just as they can in a standard console-based PSRemoting session (Enter-PSSession -ComputerName
  server01 -Configuration NameOfConfiguration -or- Invoke-Command -ComputerName
  server01 -Configuration NameOfConfiguration).
  Start your research with New-PSSessionConfigurationFile and then Register- and Unregister-PSSessionConfiguration. These have been great for our environment, allowing non-admin users access to run very specific cmdlets as an admin, without being an admin
  on the computer.

• SSL VPN message "This (client) machine does not have the web access privilege."

  Hello!
  I am trying to configure the SSL VPN (WebVPN) and I am almost done but when clicking on the URL's I configured in the bookmarks, I get the message "This (client) machine does not have the web access privilege. Please contact your SSLVPN provider for assistance." I looked through the many tutorials and guides in existence and none talks about such error and the fix for it. In fact, if I search the net for this error message I get only one match, in the Cisco website, where is say that "The client computer does not meet the security criteria of having web access functionality through the SSL VPN gateway." and as fix it gave this tip "Check the URL to the gateway or contact the administrator if it persists." So, nothing on the website about what this issue is and how to fix it. I will provide my IOS configuration and hopefully someone will spot the issue. Here it goes:
  version 12.4
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname R1
  boot-start-marker
  boot-end-marker
  logging message-counter syslog
  no logging buffered
  enable secret 5 $1$1LLX$u7aTc8XfNqPZhPVGwEF/J0
  enable password xxxxxxxx
  aaa new-model
  aaa authentication login userAuthen local
  aaa authentication login sdm_vpn_xauth_ml_1 local
  aaa authorization network groupauthor local
  aaa session-id common
  crypto pki trustpoint TP-self-signed-1279712955
  enrollment selfsigned
  subject-name cn=IOS-Self-Signed-Certificate-1279712955
  revocation-check none
  rsakeypair TP-self-signed-1279712955
  crypto pki certificate chain TP-self-signed-1279712955
  certificate self-signed 01
    3082023A 308201A3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 31323739 37313239 3535301E 170D3130 30333233 31313030
    33375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 32373937
    31323935 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
    8100A8EF 34E3E792 36660498 9801F934 E8A41865 3599EA35 B073AC91 D7A53AF4
    A4390D2F CB3DB2DE 936B28F0 A25F3CE1 6F40FD9E E79096F2 F89620E0 B31A7B34
    649BBA22 AE44CB55 9F38BF0C 2F2770CF 8380C167 C17D760C 380E28E4 FF7D6874
    9EFC310A 2AA60835 F1AA384F CD1A0173 19C98192 EBFBD531 24CB9203 EA9E7D54
    B2C30203 010001A3 62306030 0F060355 1D130101 FF040530 030101FF 300D0603
    551D1104 06300482 02523130 1F060355 1D230418 30168014 0D9D62EC DA77EAF3
    11ABF64D 933633F9 2BA362DC 301D0603 551D0E04 1604140D 9D62ECDA 77EAF311
    ABF64D93 3633F92B A362DC30 0D06092A 864886F7 0D010104 05000381 81006853
    48ED4E3E 5721C653 D9A2547C 36E4F0CB A6764B29 9AFFD30A 1B382C8C C6FDAA55
    265BCF6C 51023F5D 4AF6E177 C76C4560 57DE5259 40DE4254 E79B3E13 ABD0A78D
    7E0B623A 0F2D9C01 E72EF37D 5BAB72FF 65A176A1 E3709758 0229A66B 510F9AA2
    495CBB4B 2CD721A7 D6F6EB43 65538BE6 B45550D7 A80A4504 E529D092 73CD
     quit
  dot11 syslog
  ip source-route
  ip dhcp excluded-address 192.168.0.1 192.168.0.10
  ip dhcp pool myPOOL
     network 192.168.0.0 255.255.255.0
     default-router 192.168.0.1
     dns-server 87.216.1.65 87.216.1.66
  ip cef
  ip name-server 87.216.1.65
  ip name-server 87.216.1.66
  ip ddns update method mydyndnsupdate
  HTTP
    add http://username:[email protected]/nic/update?system=dyndns&hostname=<h>&myip=<a>
  interval maximum 1 0 0 0
  no ipv6 cef
  multilink bundle-name authenticated
  vpdn enable
  vpdn-group pppoe
  request-dialin
    protocol pppoe
  username cisco privilege 15 password 0 xxxxxxxx
  crypto isakmp policy 3
  encr 3des
  authentication pre-share
  group 2
  crypto isakmp fragmentation
  crypto isakmp client configuration group vpnclient
  key cisco123
  domain selfip.net
  pool ippool
  acl 110
  crypto ipsec transform-set myset esp-3des esp-md5-hmac
  crypto dynamic-map dynmap 10
  set transform-set myset
  reverse-route
  crypto map clientmap client authentication list userAuthen
  crypto map clientmap isakmp authorization list groupauthor
  crypto map clientmap client configuration address respond
  crypto map clientmap 10 ipsec-isakmp dynamic dynmap
  archive
  log config
    hidekeys
  interface Loopback0
  ip address 10.11.0.1 255.255.255.0
  ip nat inside
  ip virtual-reassembly
  interface Loopback2
  description SSL VPN Website IP address
  ip address 10.10.10.1 255.255.255.0
  interface Loopback1
  description SSL DHCP Pool Gateway Address
  ip address 192.168.250.1 255.255.255.0
  interface FastEthernet0
  description $ES_LAN$
  ip address 192.168.0.1 255.255.255.0
  ip nat inside
  ip virtual-reassembly
  duplex auto
  speed auto
  interface BRI0
  no ip address
  encapsulation hdlc
  shutdown
  interface FastEthernet1
  interface FastEthernet2
  switchport access vlan 2
  interface FastEthernet3
  interface FastEthernet4
  interface FastEthernet5
  interface FastEthernet6
  interface FastEthernet7
  interface FastEthernet8
  interface ATM0
  no ip address
  no atm ilmi-keepalive
  pvc 8/35
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
  bundle-enable
  dsl operating-mode auto
  interface Vlan1
  no ip address
  interface Dialer1
  ip ddns update hostname myserver.selfip.net
  ip ddns update mydyndnsupdate host members.dyndns.org
  ip address negotiated
  ip nat outside
  ip virtual-reassembly
  encapsulation ppp
  ip policy route-map VPN-Client
  dialer pool 1
  ppp chap hostname xxx
  ppp chap password 0 xxxx
  ppp pap sent-username xxx password 0 xxxx
  crypto map clientmap
  ip local pool ippool 192.168.50.100 192.168.50.200
  ip local pool sslvpnpool 192.168.250.2 192.168.250.100
  ip forward-protocol nd
  ip route 0.0.0.0 0.0.0.0 Dialer1
  ip http server
  ip http authentication local
  ip http secure-server
  ip nat inside source static tcp 192.168.0.2 21 interface Dialer1 790
  ip nat inside source static tcp 192.168.0.15 21 interface Dialer1 789
  ip nat inside source list 102 interface Dialer1 overload
  ip nat inside source static tcp 10.10.10.1 443 interface Dialer1 443
  ip nat inside source static tcp 10.10.10.1 80 interface Dialer1 80
  access-list 102 deny   ip 192.168.0.0 0.0.0.255 192.168.50.0 0.0.0.255
  access-list 102 permit ip 192.168.0.0 0.0.0.255 any
  access-list 110 permit ip 192.168.0.0 0.0.0.255 192.168.50.0 0.0.0.255
  access-list 144 permit ip 192.168.50.0 0.0.0.255 any
  route-map VPN-Client permit 10
  match ip address 144
  set ip next-hop 10.11.0.2
  control-plane
  banner motd ^C
  ================================================================
                  UNAUTHORISED ACCESS IS PROHIBITED!!!
  =================================================================
  ^C
  line con 0
  line aux 0
  line vty 0 4
  password mypassword
  transport input telnet ssh
  webvpn gateway MyGateway
  ip address 10.10.10.1 port 443 
  http-redirect port 80
  ssl trustpoint TP-self-signed-1279712955
  inservice
  webvpn install svc flash:/webvpn/svc_1.pkg sequence 1
  webvpn install csd flash:/webvpn/sdesktop.pkg
  webvpn context SecureMeContext
  title "My SSL VPN Service"
  secondary-color #C0C0C0
  title-color #808080
  ssl authenticate verify all
  url-list "MyServers"
     heading "My Intranet"
     url-text "Cisco" url-value "http://192.168.0.2"
     url-text "NetGear" url-value "http://192.168.0.3"
  login-message "Welcome to My VPN"
  policy group MyDefaultPolicy
     url-list "MyServers"
     functions svc-enabled
     svc address-pool "sslvpnpool"
     svc keep-client-installed
  default-group-policy MyDefaultPolicy
  aaa authentication list userAuthen
  gateway MyGateway domain testvpn
  max-users 100
  csd enable
  inservice
  end
  Thank you!

  Hi,
  Please check SAP note:
  2004579 - You cannot create a FR company from a Package
  Thanks & Regards,
  Nagarajan

• Cisco ASA 5505 - Basic Web Access

  Hello all,
  Not posted here in a while but thought you guys might be able to help me out with a little problem. Okay, I have a Cisco ASA5505 running the latest asdm and ios...
  [I]Cisco Adaptive Security Appliance Software Version 8.4(2)
  Device Manager Version 6.4(5)206[/I]
  I am trying to get basic web resolution and access but not having any luck. I just wanted to know if there is anything special that I needed to do with the ASA before I can do this. I've made a quick visio diagram of the network, see below:
  [URL=http://imageshack.us/photo/my-images/4/diag.png/][IMG]http://img4.imageshack.us/img4/94/diag.th.png[/IMG][/URL]
  The Vigor has a local subnet of 192.168.0.x/24 however there is also a "For routing use only" option. See below:
  [URL=http://imageshack.us/photo/my-images/717/diag2.png/][IMG]http://img717.imageshack.us/img717/9131/diag2.th.png[/IMG][/URL]
  I'm hopeful that by configuring the "For routing use ip address" as one of my allocation of public ip's, that it should work okay. I can actually ping by IP and name from the interface of the ASA but can't do that or browse to websites from clients which have their default gateway set to 192.168.0.252.
  I was under the assumption web browsing should work out of the box almost as it's treated as an outgoing connection. Here is my config for you to look at:
  (note, I've tried to set the route outside to the local ip of the draytek and also the "For routing usage only" IP address)
  ASA Version 8.4(2)
  hostname gilwoodasa
  domain-name gilwood.local
  enable password 9PvFytIZ2Vpy8Gon encrypted
  passwd 2KFQnbNIdI.2KYOU encrypted
  names
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  interface Ethernet0/2
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.0.252 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address 82.70.231.xx 255.255.255.248
  interface Vlan5
  no nameif
  security-level 50
  ip address dhcp
  boot system disk0:/asa842-k8.bin
  ftp mode passive
  dns domain-lookup inside
  dns domain-lookup outside
  dns server-group DefaultDNS
  name-server 208.67.222.222
  name-server 192.168.0.3
  domain-name xxxxxxxxx
  object-group network obj_any
  pager lines 24
  logging enable
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  icmp unreachable rate-limit 1 burst-size 1
  icmp permit any inside
  icmp permit any outside
  asdm image disk0:/asdm-645-206.bin
  no asdm history enable
  arp timeout 14400
  nat (inside,outside) after-auto source dynamic any interface
  route outside 0.0.0.0 0.0.0.0 82.70.231.49 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  user-identity default-domain LOCAL
  http server enable
  http 192.168.1.0 255.255.255.0 inside
  http 192.168.0.0 255.255.255.0 inside
  no snmp-server location
  no snmp-server contact
  telnet timeout 5
  ssh 192.168.0.0 255.255.255.0 inside
  ssh timeout 5
  console timeout 0
  dhcpd auto_config outside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  ssl encryption 3des-sha1 des-sha1 rc4-md5 aes128-sha1 aes256-sha1
  webvpn
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect ip-options
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  call-home
  profile CiscoTAC-1
    no active
    destination address http [url]https://tools.cisco.com/its/service/oddce/services/DDCEService[/url]
    destination address email [email][email protected][/email]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly
    subscribe-to-alert-group configuration periodic monthly
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:4c06870d7d65d349cb63bd8044d61b35
  : end
  So, if you're still reading this - all I am after is a way to get basic web browsing working. Here are the logs which show the attempted web access...
  [URL=http://imageshack.us/photo/my-images/338/logsi.png/][IMG]http://img338.imageshack.us/img338/671/logsi.th.png[/IMG][/URL]
  Big thank you in advance!

  Hey, thanks for the reply. I have tried the suggestion but to no avail. I can ping google from the outside interface but can't ping it from anything on the inside. This does tend to point towards a NAT issue. Hopefully someone has another suggestion?
  Here are the results from the ASA console when trying to ping from both the inside and outside interface. The successful ones re from the outside.
  http://imageshack.us/photo/my-images/209/pingbf.png/
  Thanks again! Complete config now is as follows:
  ASA Version 8.4(2)
  hostname xxxxx
  domain-name xxxx
  enable password 9PvFytIZ2Vpy8Gon encrypted
  passwd 2KFQnbNIdI.2KYOU encrypted
  names
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  interface Ethernet0/2
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.0.252 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address 82.70.231.xx 255.255.255.248
  interface Vlan5
  no nameif
  security-level 50
  ip address dhcp
  boot system disk0:/asa842-k8.bin
  ftp mode passive
  dns domain-lookup inside
  dns domain-lookup outside
  dns server-group DefaultDNS
  name-server 208.67.222.222
  name-server 192.168.0.3
  domain-name gilwood.local
  object network obj_any
  subnet 0.0.0.0 0.0.0.0
  pager lines 24
  logging enable
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  icmp unreachable rate-limit 1 burst-size 1
  icmp permit any inside
  icmp permit any outside
  asdm image disk0:/asdm-645-206.bin
  no asdm history enable
  arp timeout 14400
  object network obj_any
  nat (inside,outside) dynamic interface
  nat (inside,outside) after-auto source dynamic any interface
  route outside 0.0.0.0 0.0.0.0 82.70.231.49 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  user-identity default-domain LOCAL
  http server enable
  http 192.168.1.0 255.255.255.0 inside
  http 192.168.0.0 255.255.255.0 inside
  no snmp-server location
  no snmp-server contact
  telnet timeout 5
  ssh 192.168.0.0 255.255.255.0 inside
  ssh timeout 5
  console timeout 0
  dhcpd auto_config outside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  ssl encryption 3des-sha1 des-sha1 rc4-md5 aes128-sha1 aes256-sha1
  webvpn
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect ip-options
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  call-home
  profile CiscoTAC-1
    no active
    destination address http https://tools.cisco.com/its/service/oddce/services/DD                                                                                                  CEService
    destination address email [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly
    subscribe-to-alert-group configuration periodic monthly
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:5caa6e14d9c76e0858b055316071710f
  : end

• How do I change the URL to the Remote Web Access server in Windows Server 2012?

  Hallo!
  I have set up a Remote Dexktop Service using the "Quick" deployment method in Server Manager and everything is working greate internally, but I cannot start an app published in Remote Web Access from outside our network.
  The problem is that it wants to start the using the internal URL, for example, server.domain.local, instead of the external one, for example remote.server.com.
  I therefore want to know how I can change the default URL for the Remote Web Access server and all the Remote Web Apps in Windows Server 2012?
  I have allready looked in Server Manager and I can change some of the deployment settings in server manager, but there is no way to alter the URL of the Remote Web Access server. See below images:
  Pressing the internal URL only results in opening the internal URL.
  This was very simple to do in Windows Server 2008 R2 using the tsconfig tool, but it does not seam to be any way of solving this in server manager.
  A possible sollution would be to alter the registry someware in HKLM->Software->Microsoft->Windows NT->Terminal Services. But this can easaly lead to problems due to wrong format, etc. and is probably not supported.
  Is there a simpler and supported way?

  That option can be used to connect to any machine that you want.  The error message indicates that the client machine cannot resolve the name "server.domain.local" to an IP address that it can connect to.
  You have several options for configuring that tab on the RDweb site.  You can even remove it entirely. 
  Customization of RD Web Site
  RD Web provides a number of customization options for the RD Web interface, including the ability to control default Gateway server settings and redirection settings. These settings
  are controlled by editing the web.config file located in %SYSTEMROOT%\Web\RDWeb\Pages.
  Displaying Local Help
  To display local help for users instead of the web-based help, edit the LocalHelp value and change the value from false to true.
  <!-- LocalHelp: Displays local help for users, instead of the web-based help. Value must be "true" or "false" -->
  <add key="LocalHelp" value="false" />
  When this value is changed, a user that clicks on Help in the upper right corner of the RD Web login page will open the local help file instead of web-based help.
  Hiding the Connect to a Remote PC Tab
  The RDWeb page
  Connect to a Remote PC tab can be hidden from users to prevent connections to any servers through RD Web other than the servers configured in a collection. By default, this setting is set to true and the
  Remote Desktops tab is displayed. To hide the tab, set the value to false.
  <!-- ShowDesktops: Displays or hides the Remote Desktops tab. Value must be "true" or "false" -->
  <add key="ShowDesktops" value="true" />
  When the value is set to false, a user will not see the Connect to a Remote PC tab when logged on to the RD Web page
  RD Gateway Settings
  If the Connect to a Remote PC tab is enabled, an administrator can configure RD Web to use a Gateway server when connecting to remote computers. To specify a gateway, edit the below
  value with the name of the RD Gateway server:
  <!-- DefaultTSGateway: Admin can preset this to a given Gateway name, or set to "" for no gateway. -->
  <add key="DefaultTSGateway" value="" />
  The default authentication method for the RD Gateway server can also be configured by editing the following section of the web.config:
  <!-- GatewayCredentialsSource: TS Gateway Authentication Type.
  Admins can preset this.
  0 = User Password
  1 = Smartcard
  4 = "Ask me later"
  -->
  <add key="GatewayCredentialsSource" value="0" />
  Devices and Resources
  By default, only Printers and Clipboard are redirected on connections made using the Connect to a Remote PC tab. If the user clicks the
  Options << button, the redirection settings for a specific connection can be modified
  To configure each specified redirection option to be enabled or disabled by default, edit the following section in the web.config file:
  <!-- Devices and resources: Preset the Checkbox values to either true or false -->
  <add key="xPrinterRedirection" value="true" />
  <add key="xClipboard" value="true" />
  <add key="xDriveRedirection" value="false" />
  <add key="xPnPRedirection" value="false" />
  <add key="xPortRedirection" value="false" />
  LAN Experience Defaults
  Windows Server 2012 RD Web Access can display a new user selectable option for optimizing the connection for a LAN experience. This option is displayed at the bottom of the RD Web
  page and can be controlled by the administrator using the following section of the web.config file:
  <!--  Checkbox to opt for optimized LAN experience -->
  <add key="ShowOptimizeExperience" value="false" />
  <add key="OptimizeExperienceState" value="false" />
  This value is set to false by default, but when changed to true, the following checkbox will display at the bottom of the webpage. The LAN experience
  checkbox can also be set as enabled by default.
  Each setting can also be modified using the IIS Manager user interface:
  Don Geddes - SR Support Escalation Engineer - Remote Desktop Services - Printing and Imaging

• Company Webmail Outlook Web Access

  When I'm on a biz trip I have to use Web Access for my webmail. I noticed that when I use Safari vs. when I use my PC lap top, the whole look is very different. PC allows me to have a preview page and on my ibook it constantly asks for my password. And I can't use several features that are offerend through my PC laptop. I tried using Mac version of Explorer, but it doesn't even open up the webmail. What can I do? Do I need to start carrying my PC laptop on biz trips?

  MS uses ActiveX controls in the Windows version of OWA that simply do not exist in the Mac version. We have both flavors of client at the school where I'm the Tech coordinator, and Exchange 2003's Mac OWA client is substantially better than before, but nowhere near as good as the Windows version. Such is life with MS - Windows will always get preferential treatment.
  However, the bigger issue is that Exchange 2003 OWA seems to be having serious loading issues in Safari 2.0. Ever since I upgraded my school's machines to 10.4.2, OWA has been all but inaccessible using Safari. The left pane loads, but the right pane, where the messages appear, takes ages to load if it ever loads at all. No problems under IE or Firefox. Is there an Apple rep out there to address this to? My faculty and staff are very irritated, and I'd rather not switch away from Safari and confuse them even more if I don't have to.

• How do I use airport extreme to control individual device access?

  I don't understand how I can control individual device access to the web using my AirPort Extreme.
  I set up the network on a PC (for technical reasons) but hoping to control access of individual devices (including a Mac but also iPods and iPads) to the web using an iPad (although can use the PC if necessary).  I have downloaded AirPort Utility on the PC and an iPad but can't work out what to do next.
  Can anyone please provide some instructions or point me in the right direction?

  The AE has no controls except timed access to wireless.. is that what you are after??

• Fix many web access problems with IFS 9.0.1 on Solaris (and other OS's)...

  When the installation is done according to the documentation,
  web access does not work because the scripts that add entries to
  the jserv.properties file add duplicate references to
  wrapper.env and wrapper.classpath. Look at the jserv.properties
  file below and look at the remarked-out (#) lines of the
  duplicate references. For example, look at the references to the
  wrapper.env=LD_LIBRARY_PATH
  Oracle, please note this bug so the web access problems are
  minimized when the product is intstalled.
  Thank you,
  William T.
  # Apache JServ Configuration
  File #
  ################################ W A R N I N G
  # Unlike normal Java properties, JServ configurations have some
  important
  # extensions:
  # 1) commas are used as token separators
  # 2) multiple definitions of the same key are concatenated in
  a
  # comma separated list.
  # Execution parameters
  # The Java Virtual Machine interpreter.
  # Syntax: wrapper.bin=[filename] (String)
  # Note: specify a full path if the interpreter is not visible in
  your path.
  wrapper.bin=/d3/Apache/jdk/bin/java
  # Arguments passed to Java interpreter (optional)
  # Syntax: wrapper.bin.parameters=[parameters] (String)
  # Default: NONE
  wrapper.bin.parameters=-Xms64m
  wrapper.bin.parameters=-Xmx128m
  # Apache JServ entry point class (should not be changed)
  # Syntax: wrapper.class=[classname] (String)
  # Default: "org.apache.jserv.JServ"
  # Arguments passed to main class after the properties filename
  (not used)
  # Syntax: wrapper.class.parameters=[parameters] (String)
  # Default: NONE
  # Note: currently not used
  # PATH environment value passed to the JVM
  # Syntax: wrapper.path=[path] (String)
  # Default: "/bin:/usr/bin:/usr/local/bin" for Unix systems
  # "c:\(windows-dir);c:\(windows-system-dir)" for Win32
  systems
  # Notes: if more than one line is supplied these will be
  concatenated using
  # ":" or ";" (depending wether Unix or Win32) characters
  # Under Win32 (windows-dir) and (windows-system-dir) will
  be
  # automatically evaluated to match your system
  requirements
  # CLASSPATH environment value passed to the JVM
  # Syntax: wrapper.classpath=[path] (String)
  # Default: NONE (Sun's JDK/JRE already have a default classpath)
  # Note: if more than one line is supplied these will be
  concatenated using
  # ":" or ";" (depending wether Unix or Win32) characters.
  JVM must be
  # able to find JSDK and JServ classes and any utility
  classes used by
  # your servlets.
  # Note: the classes you want to be automatically reloaded upon
  modification
  # MUST NOT be in this classpath or the classpath of the
  shell
  # you start the Apache from.
  wrapper.classpath=/d3/Apache/jdk/lib/tools.jar
  wrapper.classpath=/d3/Apache/Jserv/libexec/ApacheJServ.jar
  wrapper.classpath=/d3/Apache/Jsdk/lib/jsdk.jar
  # An environment name with value passed to the JVM
  # Syntax: wrapper.env=[name]=[value] (String)
  # Default: NONE on Unix Systems
  # SystemDrive and SystemRoot with appropriate values on
  Win32 systems
  wrapper.env=PATH=/d3/bin
  # An environment name with value copied from caller to Java
  Virtual Machine
  # Syntax: wrapper.env.copy=[name] (String)
  # Default: NONE
  # Uncomment the following lines to set the default locale and
  NLS_LANG
  # setting based on the environment variables.
  # wrapper.env.copy=LANG
  # wrapper.env.copy=NLS_LANG
  # Copies all environment from caller to Java Virtual Machine
  # Syntax: wrapper.env.copyall=true (boolean)
  # Default: false
  # Protocol used for signal handling
  # Syntax: wrapper.protocol=[name] (String)
  # Default: ajpv12
  # General parameters
  # Set the default IP address or hostname Apache JServ binds (or
  listens) to.
  # If you have a machine with multiple IP addresses, this address
  # will be the one used. If you set the value to localhost, it
  # will be resolved to the IP address configured for the locahost
  # on your system (generally this is 127.0.0.1). This feature is
  so
  # that one can have multiple instances of Apache JServ listening
  on
  # the same port number, but different IP addresses on the same
  machine.
  # Use bindaddress=* only if you know exactly what you are doing
  here,
  # as it could let JServ wide open to the internet.
  # You must understand that JServ has to answer only to Apache,
  and should not
  # be reachable by nobody but mod_jserv. So localhost is usually a
  # good option. The second best choice would be an internal
  network address
  # (protected by a firewall) if JServ is running on another
  machine than Apache.
  # Ask your network admin.
  # "*" may be used on boxes where some of the clients get
  connected using
  # "localhost"and others using another IP addr.
  # Syntax: bindaddress=[ipaddress] or [localhost] or [*]
  # Default: localhost
  bindaddress=localhost
  # Set the port Apache JServ listens to.
  # Syntax: port=[1024,65535] (int)
  # Default: 8007
  port=8007
  # Servlet Zones parameters
  # List of servlet zones Apache JServ manages
  # Syntax: zones=[servlet zone],[servlet zone]... (Comma
  separated list of String)
  # Default: NONE
  zones=root
  # Configuration file for each servlet zone (one per servlet zone)
  # Syntax: [servlet zone name as on the zones list].properties=
  [full path to configFile]
  (String)
  # Default: NONE
  # Note: if the file could not be opened, try using absolute
  paths.
  root.properties=/d3/Apache/Jserv/etc/zone.properties
  # Thread Pool parameters
  # Enables or disables the use of the thread pool.
  # Syntax: pool=true (boolean)
  # Default: false
  # WARNING: the pool has not been extensively tested and may
  generate
  deadlocks.
  # For this reason, we advise against using this code in
  production environments.
  pool=false
  # Indicates the number of idle threads that the pool may contain.
  # Syntax: pool.capacity=(int)>0
  # Default: 10
  # NOTE: depending on your system load, this number should be low
  for contantly
  # loaded servers and should be increased depending on load
  bursts.
  pool.capacity=10
  # Indicates the pool controller that should be used to control
  the
  # level of the recycled threads.
  # Syntax: pool.controller=[full class of controller] (String)
  # Default: org.apache.java.recycle.DefaultController
  # NOTE: it is safe to leave this unchanged unless special
  recycle behavior
  # is needed. Look at the "org.apache.java.recycle" package
  javadocs for more
  # info on other pool controllers and their behavior.
  pool.controller=org.apache.java.recycle.DefaultController
  # Security parameters
  # Enable/disable the execution of org.apache.jserv.JServ as a
  servlet.
  # This is disabled by default because it may give informations
  that should
  # be restricted.
  # Note that the execution of Apache JServ as a servlet is
  filtered by the web
  # server modules by default so that both sides should be enabled
  to let this
  # service work.
  # This service is useful for installation and configuration
  since it gives
  # feedback about the exact configurations Apache JServ is using,
  but it should
  # be disabled when both installation and configuration processes
  are done.
  # Syntax: security.selfservlet=true (boolean)
  # Default: false
  # WARNING: disable this in a production environment since may
  give reserved
  # information to untrusted users.
  security.selfservlet=true
  # Set the maximum number of socket connections Apache JServ may
  handle
  # simultaneously. Make sure your operating environment has
  enough file
  # descriptors to allow this number.
  # Syntax: security.maxConnections=(int)>1
  # Default: 50
  security.maxConnections=50
  # Backlog setting for very fine performance tunning of JServ.
  # Unless you are familiar to sockets leave this value commented
  out.
  # security.backlog=5
  # List of IP addresses allowed to connect to Apache JServ. This
  is a first
  # security filtering to reject possibly unsecure connections and
  avoid the
  # overhead of connection authentication.
  # <warning>
  # (please don't use the following one unless you know what you
  are doing :
  # security.allowedAddresses=DISABLED
  # allows connections on JServ'port from entire internet.)
  # You do need only to allow YOUR Apache to talk to JServ.
  # </warning>
  # Default: 127.0.0.1
  # Syntax: security.allowedAddresses=[IP address],[IP Address]...
  (Comma
  separated list of IP addresses)
  #security.allowedAddresses=127.0.0.1
  # Enable/disable connection authentication.
  # NOTE: unauthenticated connections are a little faster since
  authentication
  # handshake is not performed at connection creation.
  # WARNING: authentication is disabled by default because we
  believe that
  # connection restriction from all IP addresses but localhost
  reduces your
  # time to get Apache JServ to run. If you allow other addresses
  to connect and
  # you don't trust it, you should enable authentication to
  prevent untrusted
  # execution of your servlets. Beware: if authentication is
  disabled and the
  # IP address is allowed, everyone on that machine can execute
  your servlets!
  # Syntax: security.authentication=[true,false] (boolean)
  # Default: true
  security.authentication=false
  # Authentication secret key.
  # The secret key is passed as a file that must be kept secure
  and must
  # be exactly the same of those used by clients to authenticate
  themselves.
  # Syntax: security.secretKey=[secret key path and filename]
  (String)
  # Default: NONE
  # Note: if the file could not be opened, try using absolute
  paths.
  #security.secretKey=./etc/jserv.secret.key
  # Length of the randomly generated challenge string (in bytes)
  used to
  # authenticate connections. 5 is the lowest possible choice to
  force a safe
  # level of security and reduce connection creation overhead.
  # Syntax: security.challengeSize=(int)>5
  # Default: 5
  #security.challengeSize=5
  # Logging parameters
  # Enable/disable Apache JServ logging.
  # WARNING: logging is a very expensive operation in terms of
  performance. You
  # should reduced the generated log to a minumum or even disable
  it if fast
  # execution is an issue. Note that if all log channels (see
  below) are
  # enabled, the log may become really big since each servlet
  request may
  # generate many Kb of log. Some log channels are mainly for
  debugging
  # purposes and should be disabled in a production environment.
  # Syntax: log=[true,false] (boolean)
  # Default: true
  log=true
  # Set the name of the trace/log file. To avoid possible
  confusion about
  # the location of this file, an absolute pathname is recommended.
  # This log file is different than the log file that is in the
  # jserv.conf file. This is the log file for the Java portion of
  Apache
  # JServ.
  # On Unix, this file must have write permissions by the owner of
  the JVM
  # process. In other words, if you are running Apache JServ in
  manual mode
  # and Apache is running as user nobody, then the file must have
  its
  # permissions set so that that user can write to it.
  # Syntax: log.file=[log path and filename] (String)
  # Default: NONE
  # Note: if the file could not be opened, try using absolute
  paths.
  log.file=/d3/Apache/Jserv/logs/jserv.log
  # Enable the timestamp before the log message
  # Syntax: log.timestamp=[true,false] (boolean)
  # Default: true
  log.timestamp=true
  # Use the given string as a data format
  # (see java.text.SimpleDateFormat for the list of options)
  # Syntax: log.dateFormat=(String)
  # Default: [dd/MM/yyyy HH:mm:ss:SSS zz]
  log.dateFormat=[dd/MM/yyyy HH:mm:ss:SSS zz]
  # Since all the messages logged are processed by a thread
  running with
  # minimum priority, it's of vital importance that this thread
  gets a chance
  # to run once in a while. If it doesn't, the log queue overflow
  occurs,
  # usually resulting in the OutOfMemoryError.
  # To prevent this from happening, two parameters are used:
  log.queue.maxage
  # and log.queue.maxsize. The former defines the maximum time for
  the logged
  # message to stay in the queue, the latter defines maximum
  number of
  # messages in the queue.
  # If one of those conditions becomes true (age > maxage || size
  maxsize),# the log message stating that fact is generated and the log
  queue is
  # flushed in the separate thread.
  # If you ever see such a message, either your system doesn't
  live up to its
  # expectations or you have a runaway loop (probably, but not
  necessarily,
  # generating a lot of log messages).
  # WARNING: Default values are lousy, you probably want to tweak
  them and
  # report the results back to the development team.
  # Syntax: log.queue.maxage = [milliseconds]
  # Default: 5000
  log.queue.maxage = 5000
  # Syntax: log.queue.maxsize = [integer]
  # Default: 1000
  log.queue.maxsize = 1000
  # Enable/disable logging the channel name
  # Default: false
  # log.channel=false
  # Enable/disable channels, each logging different actions.
  # Syntax: log.channel.[channel name]=[true,false] (boolean)
  # Default: false
  # Info channel - quite a lot of informational messages
  # hopefully you don't need them under normal circumstances
  # log.channel.info=true
  # Servlets exception, i.e. exception caught during
  # servlet.service() processing are monitored here
  # you probably want to have this one switched on
  log.channel.servletException=true
  # JServ exception, caught internally in jserv
  # we suggest to leave it on
  log.channel.jservException=true
  # Warning channel, it catches all the important
  # messages that don't cause JServ to stop, leave it on
  log.channel.warning=true
  # Servlet log
  # All messages logged by servlets. Probably you want
  # this one to be switched on.
  log.channel.servletLog=true
  # Critical errors
  # Messages produced by critical events causing jserv to stop
  log.channel.critical=true
  # Debug channel
  # Only for internal debugging purposes
  # log.channel.debug=true
  #wrapper.classpath=/d3/ord/jlib/ordim.zip
  #wrapper.classpath=/d3/ord/jlib/ordhttp.zip
  # Oracle XSQL Servlet
  wrapper.classpath=/d3/lib/oraclexsql.jar
  # Oracle JDBC
  wrapper.classpath=/d3/jdbc/lib/classes12.zip
  # Oracle XML Parser V2 (with XSLT Engine)
  wrapper.classpath=/d3/lib/xmlparserv2.jar
  # Oracle XML SQL Components for Java
  wrapper.classpath=/d3/rdbms/jlib/xsu12.jar
  # XSQLConfig.xml File location
  wrapper.classpath=/d3/xdk/admin
  # Oracle BC4J
  wrapper.classpath=/d3/ord/jlib/ordim.zip
  wrapper.classpath=/d3/ord/jlib/ordvir.zip
  wrapper.classpath=/d3/ord/jlib/ordhttp.zip
  wrapper.classpath=/d3/BC4J/lib/jndi.jar
  wrapper.classpath=/d3/BC4J/lib/jbomt.zip
  wrapper.classpath=/d3/BC4J/lib/javax_ejb.zip
  wrapper.classpath=/d3/BC4J/lib/jdev-rt.jar
  wrapper.classpath=/d3/BC4J/lib/jbohtml.zip
  wrapper.classpath=/d3/BC4J/lib/jboremote.zip
  wrapper.classpath=/d3/BC4J/lib/jdev-cm.jar
  wrapper.classpath=/d3/BC4J/lib/jbodomorcl.zip
  wrapper.classpath=/d3/BC4J/lib/jboimdomains.zip
  wrapper.classpath=/d3/BC4J/lib/collections.jar
  wrapper.classpath=/d3/Apache/Apache/htdocs/onlineorders_html
  #wrapper.classpath=/d3/Apache/Apache/htdocs/OnlineOrders_html/Onl
  ineOrders.jar
  # The following classpath entries are necessary for EJBs to run
  in IAS or DB when
  present
  wrapper.classpath=/d3/lib/aurora_client.jar
  wrapper.classpath=/d3/lib/vbjorb.jar
  wrapper.classpath=/d3/lib/vbjapp.jar
  # Oracle Servlet
  wrapper.classpath=/d3/lib/servlet.jar
  # Oracle Java Server Pages
  wrapper.classpath=/d3/jsp/lib/ojsp.jar
  # Oracle Util
  wrapper.classpath=/d3/jsp/lib/ojsputil.jar
  # Oracle Java SQL
  wrapper.classpath=/d3/sqlj/lib/translator.zip
  # Oracle JDBC
  #wrapper.classpath=/d3/jdbc/lib/classes12.zip
  # SQLJ runtime
  wrapper.classpath=/d3/sqlj/lib/runtime12.zip
  # Oracle Messaging
  wrapper.classpath=/d3/rdbms/jlib/aqapi.jar
  wrapper.classpath=/d3/rdbms/jlib/jmscommon.jar
  # OJSP environment settings
  #wrapper.env=ORACLE_HOME=/d3
  # The next line should be modified to reflect the value of the
  SID for your
  webserver.
  #wrapper.env=ORACLE_SID=cmpdb
  #wrapper.env=LD_LIBRARY_PATH=/d3/lib
  ## Enable the flag below if you are using jdk 1.2.2_05a or above
  #wrapper.env=JAVA_COMPILER=NONE
  # Advanced Queuing - AQXML
  wrapper.classpath=/d3/rdbms/jlib/aqxml.jar
  #wrapper.classpath=/d3/rdbms/jlib/xsu12.jar
  #wrapper.classpath=/d3/lib/xmlparserv2.jar
  wrapper.classpath=/d3/lib/xschema.jar
  #wrapper.classpath=/d3/jlib/jndi.jar
  wrapper.classpath=/d3/jlib/jta.jar
  oemreporting.properties=/d3/Apache/Jserv/oemreporting/oemreportin
  g.properties
  zones = root, oemreporting
  wrapper.classpath=/d3/jlib/share-opt-1_1_9.zip
  wrapper.classpath=/d3/jlib/caboshare-opt-1_0_3.zip
  wrapper.classpath=/d3/jlib/marlin-opt-1_0_7.zip
  wrapper.classpath=/d3/jlib/tecate-opt-1_0_4.zip
  wrapper.classpath=/d3/jlib/ocelot-opt-1_0_2.zip
  wrapper.classpath=/d3/jlib/regexp.jar
  wrapper.classpath=/d3/jlib/sax2.jar
  #wrapper.classpath=/d3/jlib/servlet.jar
  wrapper.bin.parameters= -DORACLE_HOME=/d3
  #wrapper.env=LD_LIBRARY_PATH=/d3/lib32
  wrapper.env.copy=DISPLAY
  wrapper.bin.parameters=-DORACLE_HOME=/d3
  #wrapper.classpath=/d3/lib/vbjorb.jar
  #wrapper.classpath=/d3/lib/vbjapp.jar
  wrapper.classpath=/d3/classes/classesFromIDLVisi
  wrapper.classpath=/d3/jlib/swingall-1_1_1.jar
  wrapper.classpath=/d3/jlib/ewtcompat3_3_15.jar
  wrapper.classpath=/d3/jlib/ewt-3_3_18.jar
  wrapper.classpath=/d3/jlib/share-1_1_9.jar
  wrapper.classpath=/d3/jlib/help-3_2_9.jar
  wrapper.classpath=/d3/jlib/ice-5_06_3.jar
  wrapper.classpath=/d3/jdbc/lib/classes111.zip
  wrapper.classpath=/d3/classes
  wrapper.classpath=/d3/jlib/oembase-9_0_1.jar
  wrapper.classpath=/d3/jlib/oemtools-9_0_1.jar
  wrapper.classpath=/d3/jlib
  wrapper.classpath=/d3/jlib/javax-ssl-1_1.jar
  wrapper.classpath=/d3/jlib/jssl-1_1.jar
  wrapper.classpath=/d3/jlib/netcfg.jar
  wrapper.classpath=/d3/jlib/dbui-2_1_2.jar
  #wrapper.classpath=/d3/lib/aurora_client.jar
  #wrapper.classpath=/d3/lib/xmlparserv2.jar
  wrapper.classpath=/d3/network/jlib/netmgrm.jar
  wrapper.classpath=/d3/network/jlib/netmgr.jar
  wrapper.classpath=/d3/network/tools
  wrapper.classpath=/d3/jlib/kodiak-1_2_1.jar
  wrapper.classpath=/d3/sysman/jlib/netchart360.jar
  wrapper.classpath=/d3/jlib/pfjbean.jar
  wrapper.env=SHLIB_PATH=/d3/lib32
  wrapper.env=LIBPATH=/d3/lib32
  wrapper.classpath=/d3/ultrasearch/lib/isearch_midtier.jar
  wrapper.classpath=/d3/ultrasearch/lib/isearch_query.jar
  wrapper.classpath=/d3/ultrasearch/lib/jgl3.1.0.jar
  wrapper.classpath=/d3/lib/mail.jar
  wrapper.classpath=/d3/lib/activation.jar
  wrapper.classpath=/d3/ultrasearch/jsp/admin/config
  # Additions for iFS
  ## DO NOT REMOVE OR ALTER THE FOLLOWING LINE ....
  # iFS true
  # Uncomment if you want to use the same Jserv as other
  applications
  wrapper.classpath=/d3/9ifs/custom_classes
  wrapper.classpath=/d3/9ifs/settings
  wrapper.classpath=/d3/9ifs/lib/adk.jar
  wrapper.classpath=/d3/9ifs/lib/email.jar
  wrapper.classpath=/d3/9ifs/lib/http.jar
  wrapper.classpath=/d3/9ifs/lib/release.jar
  wrapper.classpath=/d3/9ifs/lib/repos.jar
  wrapper.classpath=/d3/9ifs/lib/utils.jar
  wrapper.classpath=/d3/9ifs/lib/webui.jar
  wrapper.classpath=/d3/9ifs/lib/provider.jar
  wrapper.classpath=/d3/jlib/javax-ssl-1_2.jar
  wrapper.classpath=/d3/jlib/jssl-1_2.jar
  wrapper.env=ORACLE_HOME=/d3
  wrapper.env=ORACLE_SID=cmpdb
  wrapper.env=LD_LIBRARY_PATH=/d3/lib:/d3/ctx/lib:/d3/lib32
  wrapper.env=NLS_LANG=.US7ASCII
  ## Additions for the iFS zone
  # Uncomment if you want to use the same Jserv as other
  applications
  zones=ifs
  ifs.properties=/d3/Apache/Jserv/etc/ifs.properties
  # End iFS section

  About your home page; Manually set up Firefox with the window(s) and tab(s)
  the way you want them to be. Then;
  '''''Firefox Options > General > Homepage'''''.
  Press the button labeled ''''Use Current'''.'
  =====================================
  Open a new window or tab. In the address bar, type '''''about:config'''''.
  If a warning screen comes up, press the '''''Be Careful''''' button.
  This is where Firefox finds information it needs to run.
  At the top of the screen is a search bar. Enter '''''browser.newtab.url'''''
  and press enter. '''''browser.newtab.url'''''
  tells Firefox what to show when a new tab is opened.
  If you want, right click and select '''''Modify'''''. You can change the
  setting to;<BR><BR>about:home (Firefox default home page),<BR>
  about:newtab (shows the sites most visited),<BR>
  about:blank (a blank page),<BR>
  or you can enter any web page you want.<BR><BR>
  The same instructions are used for the new window setting, listed as
  '''''browser.startup.homepage'''''.

• Small Business Server 2011 Essentials Remote Web Access fails to connect to Windows 8.1 PC

  I am using Remote Web Access (RWA) gateway with Small Business Server 2011 Essentials.
  There are several workstations all running Windows 7, and have been using RWA without an issue for well over a year.
  There is now a Windows 8.1 Pro PC added to this domain, but the Remote Desktop does not connect.
  The Windows 8.1 PC appears in the RWA pages, It requests the credentials to connect, and then fails with the following error:
  Remote Desktop can't find the remote computer "COMPUTERNAME". This might mean that the "COMPUTERNAME" does not belong to the specified network. Verify the computer name and domain that you are typing to connect to.
  I can connect to all other PC fine (running Windows 7). I have tried from different locations and PC's and the results are the same.
  I thought I had fixed this problem a few weeks back.  After running all updates on the server and Windows 8.1 PC, and rebooting both, the RDP worked, but I think it only worked once and then failed the next time someone tried to use it. I have not had
  a successful connection to the Windows 8.1 PC since.
  I am at a loss on how to troubleshoot this as there are no errors on the system which can't be accessed.
  Any suggestions will be appreciated.

  Hi Mr Cheese,
  à
  I turned off the Firewall on the Windows 8.1 PC and the RDP is now working.
  Thanks for sharing in the forum. Your time and efforts are highly appreciated.
  Based on your description, this issue is related to Firewall. Would you please let me know current situation
  of this issue?
  Just addition. Please open Control Panel, select Windows Firewall and click Allow an app or feature through
  Windows Firewall. Then please check if Remote Desktop is allowed. Meanwhile, please click Advanced settings in Windows Firewall panel and click Inbound Rules, then check if rules which be related to Remote Desktop were enabled.
  If any update, please feel free to let me know.
  Hope this helps.
  Best regards,
  Justin Gu

• Problems setting up Remote Web Access in Windows Storage Server 2008 R2

  We just bought a WD Sentinel DX4000 Storage Server and went through the Remote Web Access wizard.  It setup the router just fine but when we got to the setup your domain name we have been having
  headaches ever since.  We chose the option to use our own domain name, which we have registered through GoDaddy.  It then showed that yes, our provider was GoDaddy but then it told us we needed to update our service with GoDaddy so we clicked the
  "Go to GoDaddy.com" button and it sent us to a page to purchase an SSL certificate.  So, we did that but then had issues with it not being able to be managed in our GoDaddy account.  So, I went into the domain name with GoDaddy and purchased
  a certificate there and got it setup on the domain name with GoDaddy.
  The problem is that when I try to go through the wizard again to set up the domain name I still have to click the goDaddy button to move to the next page where I type my domain name, username, and password
  with GoDaddy.  I setup the remote extension in the A records with GoDaddy as remote.mydomain.com, and put in my username and password with GoDaddy.  After I click next it tries to connect to the domain name service provider but then gives me the
  following error message over and over:
  The domain name was not set up for your server.  Wait a few minutes and run the wizard again.
  An unexpected or unknown problem occurred.  Please wait a few minutes, and then try again.
  Well, I have tried this several times and am about to start pulling my hair out.  Can anyone please tell me what I may be doing wrong?
  Thanks for any help you may be able to provide.

  Hi,
  Please verify the installed certificate status, you could refer to the article below to install GoDaddy SLL Certificates.
  Installing a GoDaddy Standard SSL Certificate on SBS 2008
  http://sbs.seandaniel.com/2009/02/installing-godaddy-standard-ssl.html
  Please Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there.
  There is a similar thread, please go through it to help troubleshoot this issue:
  SBS Essentials 2011 Domain Name Wizard Fails
  https://social.technet.microsoft.com/Forums/en-US/6644ec25-3071-4526-b878-9d6977589f88/sbs-essentials-2011-domain-name-wizard-fails?forum=smallbusinessserver2011essentials
  Best Regards,
  Mandy
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]