Cross-Certification for Non-Windows Clients

Similar Messages

• Any RunningApplications-like function for non-windowed processes?

  Am I missing any RunningApplications-like function for non-windowed processes like Unix executables? To start with I'd settle for processes in user-space but would ultimately like to list processes like Activity Monitor does. Even comparing RunningApplications results to user space Activity Monitor results will show the difference.
  As far as I can tell you need to go all the way down to kauth and kernel space to watch for non-windowed processes being launched. Is there somethig in-between I'm missing? A notification device about launching apps would be perfect if it cover all processes.
  Thanks,
  =Tod

  I think kqueue may be able to do what you want. Look at the EVFILT_PROC filter. You may have to watch a number of processes - perhaps all of them. But that would tell you any time you get a fork and whenever a process is reaped.
  I looked at kqueue at it does what I want but you need to register it on a by process/file basis which is great for a very specific set of things but not for overall system watching. (I also looked at fsevents but it is designed as a post-event notification system.) While NSWorkspace has the usual Cocoa model notifcation willlaunchApp, didlaunchApp, etc it seems that you need to get the kernel to watch the launch lifecycle of non-windowed functions.
  I actually did manage to get a comprehensive list of running apps out of parsing sysctl output with much less trouble than I expected. So far I have managed to get the pid, uid and abbreviated processname and the list seems to match the Activity Monitor list - at least at this testing printf stage. Getting the username from uid should be trivial and the full file name is doable it just requires some struct length and offset math. I'd like the launch path information but I can live without it for monitoring purposes if I can't figure out how to get it.
  This means that the monitoring part of the running system seems relatively straight forward - wrapping the call in an NSTimer and watching for changes in the returned results. But the watching of the actual starting and stopping of all processes remains some deeper work.
  Thanks for all the suggestions,
  =Tod

• Sharing Primary Site and Secondary Site's SUP WSUS for non-SCCM client use

  I was wondering if the WSUS deployed for the SCCM's SUP can also be (re)used for non-SCCM clients.
  Our SCCM infrastructure are mainly used to manage Workstations whereas our back-end servers are not deployed with SCCM agents due to overlapping SLAs and responsibilities. However, we would like to take advantage of WSUS's centralized update repository without
  each back-end servers initiating connection to the Internet to get their updates.
  Is this possible?

  No. WSUS servers that are used for SUPs are controlled by ConfigMgr and cannot be used outside ConfigMgr.
  Torsten Meringer | http://www.mssccmfaq.de

• Windows Domain Controller certificate for non domain clients

  Hi,
  Is it possible that we can export windows domain certificate and use it for non domain computers without joining domain, so that they can communicate each others without joining domain controller?
  Regards

  Hi,
  Is it possible that we can export windows domain certificate and use it for non domain computers without joining domain, so that they can communicate each others without joining domain controller?
  Not sure that what you want to achieve here.
  However, yes, it is possible to export certificates (with private keys) from domain machines then import them to non-domain machines, and some certificates can even function well based on key usages. Please note that Domain Controller certificates are only
  meaningful to Domain Controllers. Possession of domain certificates doesn’t indicate machines are part of domain.
  Without joining a machine to a domain (or without a trust), the machine is always treated as untrusted by the domain members no matter what kind of certificates it holds.
  Best Regards,
  Amy
  Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• SCCM 2012 with SCM - support for non-Windows?

  Hello all,
  As part of compliance configuration, i came across the Microsoft's Security Compliance Manager 3.0 (latest version) mainly for compliance and remediation. But after going through their docs, I feel SCM is used only on Windows OS (clients or servers). 
  a] Does SCM support contact with non-Microsoft vendors to import security baselines?
  b] Does SCM support audit, compliance and remediation on non-windows OS devices? (clients/servers)
  Any help is greatly appreciated.
  thanks 

  This is the wrong forum to ask Security Compliance Manager based questions, it doesn't have any straight relationship with ConfigMgr. Correct forum is here: http://social.technet.microsoft.com/Forums/en-US/home?forum=compliancemanagement

• Risk Management & Process controls for non SAP client

  Hi Forum Gurus,
  I need clarity on the following:  Can Risk managment 3.0 and Process controls be implemented for a non-SAP client?
  i.e. Our client does not run SAP, but they are interested in RM and PC, so is this possible to implement?
  Any advice would be highly appreciated.
  Kind regards,
  PREVO.

  Hi Prevo,
  Process control and Risk management 3.0 are delivered within same installation package files so it is same for both the applications .
  Also real time agents for Oracle or peoplesoft are avaialble if you want to leverage the automated control functionality of PC 3.0 in non SAP environment.
  Remember the automated control functionality is the optional feature of PC3.0.If you wish only to use the manual controls features of PC 3.0 you dont need RTAs(real time agent).
  You can find further information about manual controls at http://service.sap.com
  use the quicklink '/rkt' then the following menu path: SAP Business Objects for GRC Solutions -> SAP BO Process Control 3.0 -> Technology Consultant
  Regards
  Debraj

• DHCP configuration for non-compliant clients

  So your question isn't for a live situation, but because you are studying for a test?

  hello!
  i have a question about network policy server..
  that is , how to configure DHCP server to lease IP address to non-compliant client??
  specifically for access to remediation servers
  thank you..
  This topic first appeared in the Spiceworks Community

• DSCP marking for non WMM-clients

  hello,
  i just made several tries but didn´t find the result which i expected. i have the following scenario:
  non WMM-clients in branches in our WAN
  traffic over the wan line must be shaped
  there is no local breakout, the traffoic should be tunneled to the central datacenter
  so what i want to achieve is that every traffic from this non WMM-clients (which are using a special SSID (i call it here "EXTERNAL")) is getting marked in that way that the CAPWAP-packets are holding dscp-values so that i can refer on these packets beforer they are going over the WAN-connection
  what i did:
  the ssid uses the QOS-Profile "bronze"
  WMM is disabled
  the QOS-Profile itself has 802.1p enabled with a value of 1
  so i expected that every traffic via this ssid "EXTERNAL" gets a dscp marking in the capwap packet of 10 (perhaps also 12 or 14, i´m not sure whcih value really is used). in reality i see 0.
  i´m using Wismv1 with version 7.0.230. i also tried it with 5508 with the same version but it didn´t work. APs are 1142.
  is my expectation wrong that this scenario is working in this way? do i forget something??
  thanks for your help

  The WLAN can only re-mark client traffic that has existing DSCP values in the original packet, typically at the application layer. The platinum profile itself has 46 as VoWLAN, 48 as Mgmt traffic (CAPWAP etc), and 56 as network traffic, classifying them as such based on the original marking. The values are only remarked if the configured SSID is different.
  This link provides a few more details:
  http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807e9717.shtml

• App-V 5 over https for non-domain clients

  Hello, Is this scenario possible?

  Hi,
  here's how I have it set in my lab. Your mileage may vary, but hopefully this should give you all the different components of how I managed to get it to work, and allow you to try something similar.
  Firstly, my publishing server is: HTTPS://CSC-APPV5.CSC.local:8016
  I have an application published through the app-v console, with the package URL configured to be:
  HTTPS://CSC-APPV5.CSC.local/APPVSHARE/Notepadplusplusx86/notepadplusplusx86.appv
  This is published to the AD group CSC.local\notepadplusplus, of which the user CSC.local\appvuser is a member of.
  On my Windows 8 non domain joined computer, Press Start, type "credential manager", and click on this option under settings.
  Click on "Windows Credentials", then click "Add a Windows credential".
  It will ask you for the Internet or network address. Based on the information I stated earlier, I entered the address: CSC-APPV5.CSC.local
  for User name, I entered: CSC.local\appvuser
  and lastly for password I entered the current valid credentials for this user.
  To test this, I then browsed to the publishing server mentioned above, but found that it still prompted me for a password (but remembered the user ID I had specified), and that the app-v client would not sync through powershell.
  I then added http://csc-appv5.csc.local into this devices local intranet zone (im sure you can avoid this step by adjusting a various number of settings, this was just the first quick test I performed).
  Browsing to the publishingserver address now no longer prompted for a username/pw - correctly showing the application published to this user. I then performed a restart (unlikely to be required, but I just wanted to have a clean run from a user perspective),
  and straight away, there was my shortcut to the appv application, and running it resulted in the normal streaming you would expect.
  The one thing I will add is I was very particular around fully quilifying everything, to eliminate this as a potential issue, and would be one of the first places I would start if you are attempting to troubleshoot why you were not able to get this to work.

• 1240AG WPA2 and PSK for non radius clients

  does this device support this options?
  We want to move to WPA2 enterprise and use our radius server (windows IAS), but we want to hand out a key to non domain computers. We have production machines that arent on the domain for various reasons.
  2nd question, does the AP allow for creating a 2nd "Guest" wireless for visitors?
  thanks!

  Hi Shayne,
  The Cisco 1240 supports WPA2/AES.Yes, the can provide different security policys via different SSIDs. For example:
  SSID#1 - Corporate - WPA2/AES 802.1X
  SSID#2 - CorporatePSK - WPA2/AES PSK
  SSID#3 - Guest
  There is a good deal of configuration to make this happen. But yes this is supported..
  Here is a link how to configure SSIDs on a autonomous access points
  http://www.cisco.com/en/US/docs/wireless/access_point/12.3_7_JA/configuration/guide/s37ssid.html
  Please be so kind to rate helpful post!

• A Web application + API for non web clients

  Hi there,
  I am new to the java enterprise world, i have a query regarding the application i am developing currently, I am not sure this is the exact category to ask this question but please help me on this.
  In very simple terms my applications job is to give a listing or view of files distributed across network.
  For this I need to have a webApp which can provide a view to all web clients. (where view is nothing but listing of files independent of there location)
  Because this view tells nothing more than files , and i am as data center administrator cannot tell much about data, so we need to provide APIs so other applications (WebAPP or anything else)
  can present the view in more data specific terms.
  The webapp part is fine with me, but how do i support API being on an application server like glassfish.
  Please help me on this.
  Thanks in advance
  AP

  Dear all,
  Anyone can help me to clear this problem ?

• Deliverables for non-Java clients

  I'm trying to write my first web service. My server code can be in Java but the client system cannot use Java anything. I'm looking at the Java web services tutorial provided by Sun and it seems to assume a Java client. Do I need to go elsewhere for a tutorial that will show me how to construct a web service that does not assume a Java client? I also won't be using the Sun ap server but tomcat, so I wonder if again that's a reason to not use the tutorial. Suggestions? Thanks.

  I'm trying to write my first web service. My server code can be in Java but the client system cannot use Java anything. I'm looking at the Java web services tutorial provided by Sun and it seems to assume a Java client. Do I need to go elsewhere for a tutorial that will show me how to construct a web service that does not assume a Java client? I also won't be using the Sun ap server but tomcat, so I wonder if again that's a reason to not use the tutorial. Suggestions? Thanks.

• Non-ACC client for WSIT enabled services

  Hallo All,
  Can anyone tell me how I could develop a non-ACC java client for SSL enabled web service/Reliable Messaging enabled web services.
  As of now, I am able to access these services with clients deployed in ACC containers of Glassfish V2UR1.
  I read some thing about glassfish connectors, but did not get a clear picture. I don't believe that Glassfish doesn't have support for non-ACC clients.
  Thanks a lot in advance.

  Hallo All,
  Can anyone tell me how I could develop a non-ACC java client for SSL enabled web service/Reliable Messaging enabled web services.
  As of now, I am able to access these services with clients deployed in ACC containers of Glassfish V2UR1.
  I read some thing about glassfish connectors, but did not get a clear picture. I don't believe that Glassfish doesn't have support for non-ACC clients.
  Thanks a lot in advance.

• Windows Client available for AccAD 2.3?

  Hello,
  we've downloaded the new AccAD version 2.3 today to begin trials. We noticed that the installation package for the windows client is corrrupt (only 31 bytes)? Is this a packaging error or is the Windows client missing for 2.3?
  Best regards
  Victor Viqueira Rodriguez

  Hello,
  unfortunately there is no such section
  Comprised Software Component Versions
  under the AccAD 2.3 tree so that I can download the client separately.
  There is only a link to
  Link to SP Stack Application
  in which I end up in an error showing:
  An unexpected error occurred while calculating the list of files for the SP Stack download. Please contact SAP Support for help in resolving this issue. 
  Start SP Stack:  AAD 2.3 FOR SAP NETWEAVER - ISS Initial Shipment Stack  
  Target SP Stack :  AAD 2.3 FOR SAP NETWEAVER - SPS 01 (10/2011) 
  Any suggestions
  Thanks a lot and best regards
  Victor

• QoS application for Lync for Mac 2011 clients

  Hi guys,
  I'm deploying Lync 2013 at a customer site. We'll be applying QoS by enforcing static port ranges within Lync (CsConferencingConfiguration), and applying ACLs on the network equipment and dropping the various Lync modalities into the relevant QoS queue,
  pretty standard.
  Quick question. What's the expected behaviour for the Lync for Mac 2011 client. Will it honour the port ranges as defined on the Lync server conferencing configuration? Can't seem to find the answer anywhere online or in the forums.
  2nd question - does anyone know what the meaning of the following command:
  Set-CsMediaConfiguration -EnableQoS $True
  According to the TechNet
  article titled Enabling QoS for devices that are not based on Windows, it sounds like this command has some role to play in enabling QoS for non-Windows devices... just wondering if that includes Mac OS. Again, information is sketchy
  on this.
  Cheers, James.
  James Frost

  One way you can check is simply by running a WireShark capture on a Windows endpoint.  Either run a capture on the Mediation server to sniff a PSTN call, or as RTP traffic is point to point in a two-party call you can just call a Windows PC from the
  Mac.  Look for the DSCP section in the Internet Protocol area as shown in this non-Lync article:
  http://conceptsfortheroad.com/2012/06/how-to-verify-dscp-value-in-not-being-stripped/
  Or play with this filter "ip.dsfield.dscp == 46" to see if something is being sent at all.
  Hopefully someone has done a deep dive and will chime in, but I'd love to see your results!
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications