CS MARS and CSA

Similar Messages

• SQ01-query - how to join MARA and DRAD

  Hi all,
  my problem is that I have to create a sq01 query in which I combine data from the MARA
  with data from DRAD. But I can't join the OBJKY (DRAD) with the MATRN (MARA).
  Hoping for help,
  Barbara

  Hi Barbara,
  As mentioned in the previous post, you cannot join the OBJKY field with MATNR field of MARA.
  But if you want to just read the contents in OBJKY from DRAD, then have a look at the below code:
  Note: In the initial step of creating your infoset, just select direct read from table & select on MARA here.
  SELECT SINGLE DOKNR INTO T_DOKNR
  FROM DRAD
  WHERE OBJKY EQ MARA-MATNR
       AND DOKOB EQ 'MARA'
       AND DOKAR EQ (Specify the type of document for this).
  Now you can combine the fields MATNR, T_DONR & the Z field into the field which you want using the CONCATENATE statement.
  \[removed by moderator\]
  Regards,
  Vivek
  Edited by: Jan Stallkamp on Sep 3, 2008 3:51 PM

• MARS and MPLS networks

  Hi folks,
  I have an 80+ node network connected via a service provider managed MPLS VPN cloud. Each one of my 'spokes' connects to the provider edge (PE) router via a /30 subnet. All of my customer edge (CE) routers are in MARS, but of course the PE routers are not. When MARS graphs my network it shows 80 'stub' networks with no connectivity between them.
  I've spoken with the TME and I think the feature is planned for a future release, but I had a idea I wanted to bounce off of the folks here:
  What if I created a virtual generic router in MARS, and populated it with 80 interfaces. Each interface would have the corresponding PE router's /30 IP address. I think this would let MARS tie all of the stub networks together.
  Has anyone tried this? Will it only fix the graphing problem, or is there added benefit for MARS when everything is tied together as a cohesive network.
  Any input would be greatly appreciated.

  I think the idea of creating a virtual router and then assigning its interfaces with corresponding IP addresses will work for MARS to tie the networks. It could fix the graphing problem but I dont think anything more it will deliver.

• Mars and accessibility

  I'm working in the field of accessibility for the past years,
  I recently tried the new MARS plugin on Adobe 8 Professional and I
  become very curious about future prospects in Adobe for Mars
  format.
  Will accessibility in PDF be redirected to MARS? Will Adobe
  Reader include the option to read .mars files by default?
  I think that nobody talks about mars and it could be a
  really interesting issue in this field.
  I asked Duff Johnsonn on the subject and he redirected me to
  Adobe, as he thinks Mars and accessibility would be a promising
  issue.
  Thanks in advance for your attention,
  Mireia Ribera
  Universitat de Barcelona. Departament Biblioteconomia i
  Documentació
  http://bd.ub.es/pub/ribera

  Hello Alexander
  Since MARS is going away in a while, you won't find that many device updates,even the latest release does not support NAC 4.8.x (officially).
  http://www.cisco.com/en/US/docs/security/security_management/cs-mars/6.1/compatibility/local_controller/dtlc6x.html
  However you can always add a NAC  4.8.x box as whatever is supported in the GUI and MARS would work in backwards compatible mode ignoring the  log messages introducted in the newer releases.
  Regards
  Farrukh

• MARS and Check Point Firewall Logging

  Hi,
  I have added my Check Point CMA object to MARS, but am not getting seeing any log information.  My CLM is a separate server (child enforcement module), which is discovered OK when the intial CMA discovery takes place in MARS.  I have configured the Log Info settings for the CLM entry in MARS with the SIC details for the Check Point MARS and CLM objects.
  I've created a simple query to gather outbound ftp data (for which there is lots) and I am seeing nothing when running this query in MARS.  The associated CLM log shows plenty of entries.  I am keen to be able to get some historical logging data via MARS, so any help to resolve this issue would be appreciated.
  Many thanks
  Liam

  Liam;
    CS-MARS<>Check Point integration can be very tricky and is very dependent on the versions of software involved.  You may be able to find out some additional insight into the process by raising the CS-MARS logging level for Check Point and monitoring the output.  This is accomplished from the CS-MARS CLI:
  [pnadmin]$ pnlog setlevel cpdebug
  You can then view the messages via the CLI as well:
  [pnadmin]$ pnlog show cpdebug
    If this does not shed any light on the communication between CS-MARS and the Check Point devices, it would be best to open a service request with TAC to further troubleshooting can be performed.
  Scott

• MARS and CiscoWorks

  Is there any way to integrate MARS and CiscoWorks? I would like to have the CiscoWorks Common Syslog Collector to forward all syslog messages to MARS. Is this possible? Thanks for any help in advance.

  I don't believe that Ciscoworks does syslog forwarding, but the latest version of MARS supports being 'fed' syslog messages via a true syslog forwarder (e.g. Kiwi Syslog). I think Kiwi is free or otherwise inexpensive (compared to MARS!). Have the devices forward to the Kiwi server, and then forward to LMS and MARS respectively.
  There's not much integration between Ciscoworks LMS and MARS since it was developed as an independent product and then acquired by Cisco a little over a year ago. Based on conversations I've had with the MARS TME and my Cisco reps I think they've heard the message that we want better integration, but they're probably going to focus on security features first, and integration second (and rightly so.) Still, it certainly would be nice to tie into the DCR instead of the kludgy way you add devices to MARS now.

• MARS and AIP-SSM

  I am working on a MARS appliance and have devices reporting to it. I also have an ASA with the AIP-SSM installed. I have added the ASA and AIP to MARS and from MARS I can SSH to the AIP module. But If I run a report I do not see anything coming from teh AIP module. I can SSH to the SIP from MARS and run the "show events" and I see events. Any ideas on why I will not be seeing those events in MARS? The AIP is running 6.0.3 S315, MARS is running 4.3.2(2627) S315. Thank you, James

  In order to get events in MARS for any Cisco IDS/IPS sensor you will need to create a "Viewer" account on the sensor for MARS to login and grab them. You will also need to configure MARS to be able to SSH to the sensor as well. To test the SSH you can SSH to MARS and then SSH out to the sensor.
  ssh "username"@"ip_address_sensor"

• Mars and NAC 4.8

  Hello, i am deploying CS-MARS and i have i problem, i cant add Cisco Network Access Control in the MARS to the controleld devices
  There is just 4.1 versions.
  Is it support 4.8?
  Thanks in advance
  A.Black

  Hello Alexander
  Since MARS is going away in a while, you won't find that many device updates,even the latest release does not support NAC 4.8.x (officially).
  http://www.cisco.com/en/US/docs/security/security_management/cs-mars/6.1/compatibility/local_controller/dtlc6x.html
  However you can always add a NAC  4.8.x box as whatever is supported in the GUI and MARS would work in backwards compatible mode ignoring the  log messages introducted in the newer releases.
  Regards
  Farrukh

• Sqvi join of Mara and Marc with erroneous output

  hello all
  I have made a join between Mara and Marc in a SQVI query.
  as input i select material according to material type, material group and plants.
  output i want the material, the group and the maintenance view of material for each plant.
  not all the plants have the same maintenance view but the query returns the material for each plant with wrong maintenance view!
  what can it be?

  i am trying to achieve the following:
  material 12345 is in plants A, B, C
  plant A has maintenance status KBVE
  plant B has maintenance status BVE
  plant C has maintenance status KVB
  when I run the view, with the tables MARA and MARC joined by the material number, i requested the material filtering by material group, material type and maintenance view E.
  i want the system to return material 12345 for plant A and B with the respective statuses and exclude C because it does not have the status E.
  instead it returns material 12345 with plants A, B, C and all with maintenance status KBVE
  is it clearer now?
  also, what is the difference between mainenace status in MARA and in MARC?

• ITEM 2.0 and CSA

  HI
  I want to ask about the ITEM 2.0 and CSA can be install in same server?
  On the other hand, May i change the computer name or IP at the same server ?

  Not supported.

• Standard view table available for MARA and MARC

  Hi Guys,
                  Any standard view table available for MARA and MARC ?
  Thanks

  hi,
  what exactly you mean to say by "std . view table"??
  MARA in the main table give has all general information..
  Regards
  Priyanka.P

• Vendor and Material (MARA and LFA1) linking

  Hi ,
  I have created a view on top of mara marc and mard for one of my report requirements. Here I have mara-mfrnr field is mapping to manufacurer field in BW. Now I need to restrict the data in to this field by acct group which is available in 0vendor as an attribute and 0manufacturer field is referenced by 0vendor. So when I'm loading the data I want to load only particular vendor acct group data in to this mfrnr field....Is this possible at all?
  Please advice
  Thanks
  Edited by: sam on Nov 17, 2010 2:25 PM

  >
  sam wrote:
  > Hi ,
  > I have created a view on top of mara marc and mard for one of my report requirements. Here I have mara-mfrnr field is mapping to manufacurer field in BW. Now I need to restrict the data in to this field by acct group which is available in 0vendor as an attribute and 0manufacturer field is referenced by 0vendor. So when I'm loading the data I want to load only particular vendor acct group data in to this mfrnr field....Is this possible at all?
  >
  > Please advice
  >
  > Thanks
  >
  > Edited by: sam on Nov 17, 2010 2:25 PM
  1.Rather than working on view ,why don't you load everything to BW(table to flat DSOs)  and write business logic in BW side.It will infact be easier and will help in future as well when you want some more changes or filter.
  2.Since Your are already loading 0Material_attr .Check if you have that field there.You may enhace it to have the additional info.
  Is it essential to restrict accout group??
  Whatever you are telling can't be achieved by simple views(because they are static) and you have a dynamic logic.
  You have 0Vendor-->referencing 0Manufacturer
                                -->attribute account group
                  0material -->attribute 0Manufacturer
  You want to restrict all the materials --> who has a manufacturer of particular account group.???
  3.Another approach:Load data of 0Vendor to Flat ZVENDSO with keys : Manufacturer & Account Group.(this will be delta enabled fast loading.)
  Now :while loading Mara,Marc & Mard View ,use the look up to delete unnecessary data in start routine.
  DATA: IT_ZVENDSO LIKE TABLE OF /BIC/AZVEDSO,
  WA LIKE LINE OF IT_ZVENDSO.
  LOOP AT IT_ZVENDSO in wa.
  Delete source_package where manufacturer = wa-manufacturer and account_grp = wa-account_grp.
  ENDLOOP.
  This will remove unnecessary records.
  4.Make an infoset on VIEW DSO & ZVENDSO on keys manufacturer & account group.It will have common keys.
  Load data to any infoobject from this infoset.
  Regards,
  RK

• Relationship between mara and mast table

  Hi gurus i have to get the components of one material for example
  if the material is paper i need to know the components of this paper (cellulose)
  any idea?
  i know all materials are in mara table but i find the transaction  cs03 i put a trace and i can see that this transaction uses de mast table but i dont know how to relate the mast table with mara table

  Pass the material and plant to function module CSAP_MAT_BOM_READ, this fm is used in CS03.
  Note: This will will only give you the immediate level, so again pass the material obtained from fm to the same fm to get the next level.
  Is you requirement to only get the child components of a FERT part ?

• Machine authentication with MAR and ACS - revisited

  I'm wondering if anyone else has overcame the issue I'm about to describe.
  The scenario:
  We are happily using ACS 4.1 to authenticate wireless PEAP clients to an external Windows AD database.
  We do have machine authentication via PEAP enabled, but at this time we are not using Machine Access Restrictions as part of the external database authentication configuration.
  The clients (we care about) are using the native XP ZWC supplicant and are configured to "authenticate as machine when available".
  The passed authentications log does successfully show the machines authenticating.
  The challege:
  We only want to permit users on our PEAP protected WLAN if the machine they are using has an account in the domain (and they are a Windows XP box - the currents standard corporate image).
  In a testing lab, we enable Machine Access Restrictions, with the access mapped to "No Access" if there is no machine auth, or if machine auth fails.  If a machine is shut down and boots fresh, or if the logged on user chooses to logoff while on that WLAN - we see the Windows box sends its machine authentication.  As I understand it - a windows XP box will only attempt to authenticate as a machine when a user logs off, or upon initial boot.
  In our environment (and I'm sure many others) - if a user comes into the office and docks their laptop and is attached to the wired LAN and boots or logs on - the machine maybe authenticating - but it is authenticating directly to the AD as our wired LAN is not using 802.1x or ACS radius.
  So the user maybe logged on and working on the network - and then choose to undock which activates the wireless.
  The problem then - the machine does NOT attempt to authenticate as a machine and only processes the user credentials - which get passed onto ACS vial the WLC - and when MAR is enabled with the No Access mapping for no machine auth - the user auth obviously fails.
  Has anyone seen / over come this ?
  Our goal is to enforce that only standard XP imaged machines get on the wireless PEAP network (where the configuration is maintained by GPO).

  Here's the only thing I could find on extending the schema (I'm not a schema expert):
  http://msdn.microsoft.com/en-us/library/ms676900%28VS.85%29.aspx
  If all of your clients are Windows machines, it's easier to stick with PEAP for machine auth, user auth, or both.  However, your RADIUS (ACS) server should have a certificate that the clients trust.  You can configure the clients to ignore the RADIUS server cert, but then your clients will trust any network that looks/works like yours.  Get a cert/certs for your RADIUS server(s).
  You can have PEAP and EAP-TLS configured on your ACS server without causing problems for your PEAP clients (be aware that most of my experience is with 4.1/4.2.  Earlier versions may not work the same way).  Your comment about what you're testing is confusing me.  Let's say you have (only) PEAP configured for machine auth on both the client and the ACS server (no user auth is configured on the client, or in ACS).  Your client will offer it's machine account AD credentials to the ACS server in order to authenticate to the network.  Those credentials will be validated against AD by your ACS server, and then the machine will get an IP address and connect to your network.  Once your machine is on the network, and a user tries to log on, then the user's AD credentials will be validated against AD (without any involvement of ACS).  You should not need PEAP and EAP-TLS together.  Both are used for the same purpose: 802.1X authentication for network access.  PEAP only uses AD to validate machine credentials (or user credentials), because you configured your ACS server to use AD as a user database for validating 802.1X credentials.  You could just have easily used PEAP on the client side, but told ACS to an LDAP connection to a Linux box with a user/machine database. Validating credentials for network access (802.1X) is not the same thing as authenticating to AD for server/printer/email/whatever access.  I wish I could explain this better...

• Material Group Difference MM03  (Table MARA) and Reservation (Table RESB)

  Why material group at T-code MM03 (MARA-MATKL) difference at Table RESB ?
          Table MARA-MATKL = 04
          Table RESB-MATKL = 02
  I checking  MM03 not change about material group. I don't know some T-code can change material group link to table RESB.

  Dear Mr.Jutamas,
  As per to my understanding,initially when the reservation was made for the
  particular material ,material group - 02 in Basic Data 1 view  would have been
  present or maintained in the material master.
  After that a change might have occured,i.e someone must have changed the
  material group from 02 to 04.
  So in MARA table the value is showing as 04 and in RESB its showing as 04.
  Once after creating reservation ,if such changes are made,as far as i know that
  will not get updated or reflected in RESB.
  Better confirm the same,in MM03 - Display mode of the material and after going
  into any one of the view,in the top menu check Environment - Display Changes -
  you may get one or a list of changes that were made,along with the user,date &
  time details.
  <b>If useful reward points</b>
  Regards
  Mangal