CSA agent and NAC agent together

Similar Messages

• Link scanner agent and loader agent pop ups that won't go away

  Link scanner agent and loader agent pop ups won't go away.  How do I get them to stop?

  the same thing has been happening to me for a while, it doesnt seem to affect anything but i would like to get rid of it, i feel like it might be a bug.

• SQL Agent and SAP Agent

  hello gurus,
       I am in need of technical details of SQL agent and SAP agent of Symantec database backup server for SQL server/ windows.
      Can anybody please help me in this??
  Thanks and Regards,
  Rahul

  Hi Kevin,
       I have some queries and i believe, you can answer it.
  I have the following system
  OS/ Applications details
  1) Windows 2003 enterprise edition 32 bit
  2) MS SQL Server 2005
  3) SAP ECC 6.0
  Sever details
  1)     IBM x3650 dual Xeon server 5120@ 1.86 GHz,
  2)     RAID level I
  3)     RAM 8 GB
  I want to go for Symantec database backup software. What information I have is, to take SAP system’s database backup through Symantec you need to have.
  1) SQL Agent of Symantec
  2) SAP Agent of Symantec
                  Given these information can you please help me out in putting the backup system in place.?
  Thanks and Regards,
  Rahul

• Log Reader Agent and Snapshot Agent wont start

  Hi There,
  I've two SQL 2012 servers with multiple instances installed.
  I've started replicating the databases in these instances using transactional replication and thus far they've worked without a hitch.
  One of my instances, annoyingly, has an issue where the Log Reader Agent and Snapshot Agent refuse to start, and I've followed exactly the same process as with the other instances\databases.
  The Agents are configured to make use of a domain user account with sysadmin permissions to the instances on both servers.
  I get the following two error when I View Log Reader Agent Status:
  The job failed. The Job was invoked by User sa. The last step to run was step 2 (Run agent.).
  I've asked the agent to run as my DOMAIN\sqlservice account, so I've no idea why it's moaning about sa?!!?
  I get the following error when I View Snapshot Agent Status:
  The replication agent has not logged a progress message in 10 minutes. This might indicate an unresponsive agent or high system activity. Verify that records are being replicated to the destination and that connections to the Subscriber, Publisher, and Di
  If I try to start either agent I'm told that the request to run job was refused because the job has been suspended, "Changed database context"??  Error 22022.
  Can anyone help?

  This is because your job owner is sa.  Right click on your job and notice the owner - but is should be sa.
  You likely have another issue. You may need to run the job and configure it for logging to see what the error is.
  http://support.microsoft.com/kb/312292/en-us
  looking for a book on SQL Server 2008 Administration?
  http://www.amazon.com/Microsoft-Server-2008-Management-Administration/dp/067233044X looking for a book on SQL Server 2008 Full-Text Search?
  http://www.amazon.com/Pro-Full-Text-Search-Server-2008/dp/1430215941

• KDE4.1 ssh-agent and gpg-agent

  Suddenly after an update of kdeworkspace my ssh-agent and gpg-agent have stopped working. Does anyone else have also this problem?
  Regards,

  I've also had this problem, although I don't know the exact time it stopped working as I have not had to use my laptop to ssh for a while.
  Everything seems to get created OK - the socket is created:
  [daren@daren_laptop env]$ ll /tmp/gpg-MZi0kX/
  total 0
  srwxr-xr-x 1 daren daren 0 2009-01-18 10:06 S.gpg-agent
  and the env variable points to it:
  [daren@daren_laptop env]$ env | grep GPG
  GPG_AGENT_INFO=/tmp/gpg-MZi0kX/S.gpg-agent:4508:1
  and the agent is running on the correct pid:
  [daren@daren_laptop env]$ ps axf | grep gpg-agent
  4508 ? Ss 0:00 gpg-agent --daemon
  4902 pts/0 R+ 0:00 \_ grep gpg-agent
  If i run ssh-add from the command line, I get this:
  [daren@daren_laptop env]$ ssh-add
  Could not open a connection to your authentication agent.
  [daren@daren_laptop env]$
  I'm not that clued up on using the agent - it's always "just worked" after adding the script to ~/.kde4/env, but I'm kind of stuck now.  There was another post about issues with KDE 4.1 and the agents, but they resolved theirs by doing what I've had setup for a while now.

• Doubt in possible agent and responsible agent.

  Hi All.
  Can any one please help me in solving difference between possbile agents as responsible agents.
  As per my understanding we will maintain the possible agents in the task definition and responsible agents in the work flow definition.
  For example if a invoice posting needs to be handled,if i define three agents in the task definition as possible agents who will become the responsible agents out of three..
  can any one please help me in understanding the difference between possible agent and responsible agent?
  Thanks in advance.

  Hi ,
  It's very small but interesting doubt :P
  If in activity level  any agent is maintain like we maintain &_wf_initiator& generally. that agent is the responsible agent .. or if any rule is maintained then the agents selected by the rule will be responsible agents but the ..
  There is something which you have missed is recipients .. who actually receives the workitems in their inboxs..  these are the user who are the intersection of possible and responsible agents..
  In short
  Possible agents as you have said..
  Responsible are the agents you maintain at activity level or get selected by the rule.
  and Recipents who actually gets the workitem..
  hope this will help you
  Regards
  Dev

• Difference between local agent and standalone agent

  Hi all,
  Can you please tell me the difference between local agent and standalone agent?
  I am getting a bit confused about this.
  Regards,
  Sourav

  Local agent will be running under the context of the main ODI session i.e. it is linked to an open session of the designer, operator etc. Standalone ODI agents run in their own JVM process and could be installed on any server and do not require an open instance of the ODI client GUI to run scenarios

• ISE and NAC Agent

  Hello, we currently run NAC for our wired (OOB), wireless (IB) and VPN (IB) enviroments. We are looking at migrating over to ISE for our wireless enviroment as a first step, with follow-up projects to move the VPN and wired clients over. I have been reading that ISE will still use the NAC agent. Our current NAC enviroment is at 4.7.2 and we are running the 4.7.2.10 agent. We do not want to upgrade this enviroment, we would rather focus on migrating to ISE. So our thought was to upgrade the clients to the latest NAC agent version 4.9.1.5. This agent is supported against the 4.7.2 NAC Manager. The problem is, I do not see this agent version listed as supported in the ISE compatibility matrix. Instead, they list a NAC agent of 4.9.0.37, which ironically, is NOT listed in the NAC compatiblity matrix. So what version of NAC agent should we run in a mixed enviroment? I am hoping 4.9.1.5 is supported against ISE, and the matrix is simply not updated yet. Thank you in advance for your help.

  Not sure I understand. The 4.9.1.5 NAC agent does run against our CAM, as we have tested that and it is listed in the support matrix. So if we upgrade our NAC applainces, we would still run that agent. Does that agent tun against ISE, and if not, what is Cisco's recommendation to bring ISE into the enviroment? We have to have a migration path, and wireless seemed like a logical first step. But we need a NAC agent that will work against Clean Access AND ISE as our laptops will be wireless and wired at different times. Which Agent would be recommended?

• NAC Agent and NSP provisioning with ISE 1.1.1

  I am trying to get all workstations (OSX and Windows) to install both the Native Supplicant Wizard and NAC Agent during the On-boarding process.
  I am currently using the default guest portal in ISE.
  The environment has been setup using a Dual SSID design.
  At the moment, devices can connect to the provisioning SSID and get CWA. Device registration works, the portal runs the NSP setup which correctly sets up the network adapter.
  The problem is the portal never attempts to install the NAC Agent.
  The client provisioning policy has a separate policies for wireless/wired as well as OS. Each policy applies both a NSP and NAC Agent configuration. It appears the guest portal only checks the NSP configuration and not the NAC Agent config.
  Any ideas?

  Just so i understand this correctly you are using both a client provisioning portal and a native supplicant provisoning portal tied into seperate authz policies.
  With that out of the way are you checking to see if the client is compliant in the client provisioning portal policy.
  Let me know if you have the following configured (example windows OS), this is assuming that the endpoint is statically assigned to RegisteredDevices after native suppliant provisioning.
  Rule 0 (endpoint group = RegisteredDevice) AND (AD:Domain user and authentication method:x509 and posturestatus:COMPLIANT) = Permit Access
  Rule 1 (endpoint group = RegisteredDevice) AND (AD:domain user AND authentication method:x509[if you deployed certs in the native supp condition] AND workstation NOT EQUAL:COMPLIANT) RESULT client provisioning portal.
  Rule 2 (endpoint group = Workstation) AND (AD:Domain User AND authentication mehod using mschapv2) RESULT windows provisioning portal
  Hope that helps,
  Tarik Admani
  *Please rate helpful posts*

• After install NAC agent I must remove cable before open windows session normaly

  Hi
  I use ISE 1.1 and NAC agent 4.9
  I have configure my catalyst 2960 port with dot1x and install NAC agent on many computer
  But I observed that I am unable to open windows session on some computer (windows 7)
  When I enter login and password, then I got black screen and nothing else, then if I remove the network cable on my computer, the black screen change and move to the windows desktop normaly
  Why do I need to remove network cable before get to my desktop normaly ?
  Please How can I fixed this issue ?
  Thanks in advance for your help

  Hi
  The given link might be helpful regarding your issue:
  http://www.cisco.com/en/US/netsol/ns466/index.html
  http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps8418/ps6128/product_data_sheet0900aecd802da1b5.html

• NAC agent don't popup on some computer

  Hi
  I use
  ISE version : 1.1.1.2 and NAC agent version : 4.9.0.42
  NAC agent  does not run on some computers and run on other(windows 7).
  What can be these problems?
  Please help
  Regards

  Please look in to this , it might help you
  Agent Login Dialog Not Appearing
  Symptoms or Issue
  The agent login dialog box does not appear to the user following client provisioning.
  Conditions
  This issue can generally take place during the posture assessment phase of any user authentication session.
  Possible Causes
  There are multiple possible causes for this type of issue. See the following Resolution descriptions for details.
  Resolution
  •Ensure that the agent is running on the client machine.
  •Ensure that the Cisco IOS release on the switch is equal to or more recent than Cisco IOS Release 12.2.(53)SE.
  •Ensure  that the discovery host address on the Cisco NAC agent or Mac OS X  agent is pointing to the Cisco ISE FQDN. (Right-click the NAC agent icon, choose Properties, and check the discovery host.)
  •Ensure  that the access switch allows Swiss communication between Cisco ISE and  the end client machine. Limited access ACL applied for the session  should allow Swiss ports:
  remark Allow DHCP
  permit udp any eq bootpc any eq bootps
  remark Allow DNS
  permit udp any any eq domain
  remark ping
  permit icmp any any
  permit tcp any host 80.0.80.2 eq 443 --> This is for URL redirect
  permit tcp any host 80.0.80.2 eq www --> Provides access to internet
  permit tcp any host 80.0.80.2 eq 8443 --> This is for guest portal
  port
  permit tcp any host 80.0.80.2 eq 8905 --> This is for posture
  communication between NAC agent and ISE (Swiss ports)
  permit udp any host 80.0.80.2 eq 8905 --> This is for posture
  communication between NAC agent and ISE (Swiss ports)
  deny ip any any
  •If  the agent login dialog still does not appear, it could be a certificate  issue. Ensure that the certificate that is used for Swiss communication  on the end client is in the Cisco ISE certificate trusted list.
  •Ensure that the default gateway is reachable from the client machine.

• Nac Agent Not Working on Windows 64 Bit

                     Hi All ,
  I have a Cisco ISE 3315 With Version 1.1.4 .
  We have Windows Work Station and we have some issue with Windows 7 64 Bit users !!
  On Some 64 Bit Workstation the nac Agent is getting about 25 Minute to start Checking the Posture Statu !!
  I don't Havec that Proble With 32 Bit Workstation . We are using Nac Agent 4.9.0.37 and Nac agent 4.9.0.42!!
  Here is log that i get From the 64 bit Workstation

  Hi
  Verify that supplicant is configured properly to conduct a full EAP conversation with ISE. Verify that NAS is configured properly to transfer EAP messages to or from supplicant. Verify that supplicant or network access server (NAS) does not have a short timeout for EAP conversations. Check the network that connects the NAS to ISE. If the external ID store is used for the authentication, it may be not responding fast enough for current timeouts.
  Check whether the proper server certificate is installed and configured for EAP by going to the Local Certificates page (Administration > System > Certificates > Local Certificates ). Also ensure that the certificate authority that signed this server certificate is correctly installed in client's supplicant.
  Check the previous steps in the log for this EAP-TLS conversation for a message indicating why the handshake failed. Check OpenSSLErrorMessage and OpenSSLErrorStack for more information

• How to install Nac Agent 4.8.3.594 patch (Patch-CSCty91628.gz)?

  Hello, Guys
  I have installed NAC 4.8 with agent 4.8.3.594 in the Mac OS Mountain Lion 10.8.2 and NAC Agent isn't working.
  We found these Cisco Website information:
  http://www.cisco.com/en/US/docs/security/nac/appliance/release_notes/48/483rn.html#wp1310587
  Support for Mac OS X 10.8
  Mac OS X Agent version 4.8.3.594 supports Mac OS X 10.8 "Mountain Lion". You need to download a server patch to enable the support from the following URL:
  http://software.cisco.com/download/release.html?mdfid=282855549&flowid=34712&softwareid=282562546&release=4.8.3&relind=AVAILABLE&rellifecycle=&reltype=latest
  Someone How to know install the patch (Patch-CSCty91628.gz) and Where I do it?
  Tks,
  Rodrigo Freitas

  Hello, Guys
  I have installed NAC 4.8 with agent 4.8.3.594 in the Mac OS Mountain Lion 10.8.2 and NAC Agent isn't working.
  We found these Cisco Website information:
  http://www.cisco.com/en/US/docs/security/nac/appliance/release_notes/48/483rn.html#wp1310587
  Support for Mac OS X 10.8
  Mac OS X Agent version 4.8.3.594 supports Mac OS X 10.8 "Mountain Lion". You need to download a server patch to enable the support from the following URL:
  http://software.cisco.com/download/release.html?mdfid=282855549&flowid=34712&softwareid=282562546&release=4.8.3&relind=AVAILABLE&rellifecycle=&reltype=latest
  Someone How to know install the patch (Patch-CSCty91628.gz) and Where I do it?
  Tks,
  Rodrigo Freitas

• App-v cubacs and desktop agent

  I have a client who is upgraded their CCM environment to version 10. We will be deploying a CUBACs server and client and contact centre express desktop agent and supervisor agent. They are also looking at deploying the desktop applications in a Microsoft App-V (ver 5.0.12180). I have a quick google search to see if the App-V environment is support for these but not found anything. Has anyone out there come across deploying these packages in an App-V environment, and if so are the any issue?

  See the App-V client to see if it is attempting to delete the shortcuts during a refresh - you may need to set the log to verbose mode first.
  Twitter:
  @stealthpuppy | Blog:
  stealthpuppy.com
  This forum post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.
  Please remember to click "Mark as Answer" or "Vote as Helpful" on the post that answers your question (or click "Unmark as Answer" if a marked post does not
  actually answer your question). This can be beneficial to other community members reading the thread.

• CSA - remote and forcible install

  Hi, all!
  Recently i begin to investigate CSA.
  I installed CSA MC and some agents.
  During this process, there is emerged one question.
  How i can install CSA remotely and forcibly, without the assistance of client.
  For example i have 1500 computer where i must install agents, does it mean that i must go to each and install it by hand?

  How do you install other software? If they all log in to a network you control you can install by login script.
  Tom