DHCP configuration for non-compliant clients

So your question isn't for a live situation, but because you are studying for a test?

hello!
i have a question about network policy server..
that is , how to configure DHCP server to lease IP address to non-compliant client??
specifically for access to remediation servers
thank you..
This topic first appeared in the Spiceworks Community

Similar Messages

  • How can I get report of only non compliant clients via Fileshare or to admin mailbox each day?

    I need to figure out how to get a daily report of non compliant clients in SCCM2012 to admin email or fileshare.
    Is there any built-in report that returns only non compliant clients I could use to accomplish this,
    and create alert subscription or exchange server connector to receive the message / file once a day ?
    Do I need to use SQL Server Reporting Services for this ? New to SCCM and getting confused with all those reports,
    sorry ;-)

    Yes you need SSRS for this.
    This will help.
    http://be.enhansoft.com/post/2013/08/27/How-to-Set-up-a-Windows-File-Share-Subscription.aspx
    http://be.enhansoft.com/post/2013/08/14/How-to-Set-up-an-Email-Subscription-in-SSRS.aspx
    Non compliant for what?
    http://www.enhansoft.com/

  • ISE 1.2 - Posture Detail Assessment - enforcement audit mode report not show status for non-compliant

    ISE 1.2 - Posture Detail Assessment - enforcement audit mode report not show status for non-compliant.
    - For old version 1.1.4 it can be reported for non-compliant, How can I generate report for this? 
    Thanks
    Kosin Usuwanthim

    It used to be in there (id 226635 is the last one with it); should I clean it up a bit and put it back with a bit more of a disclaimer?

  • Sharing Primary Site and Secondary Site's SUP WSUS for non-SCCM client use

    I was wondering if the WSUS deployed for the SCCM's SUP can also be (re)used for non-SCCM clients.
    Our SCCM infrastructure are mainly used to manage Workstations whereas our back-end servers are not deployed with SCCM agents due to overlapping SLAs and responsibilities. However, we would like to take advantage of WSUS's centralized update repository without
    each back-end servers initiating connection to the Internet to get their updates.
    Is this possible?

    No. WSUS servers that are used for SUPs are controlled by ConfigMgr and cannot be used outside ConfigMgr.
    Torsten Meringer | http://www.mssccmfaq.de

  • JCA / JDBC Configured for non-XA Attempting XA Transaction Commit

    I am attempting to create simple BPEL SOA composites in SOA 11.1.1.5 that use a DbAdapter to execute a stored procedure in an 11g database. The database task being performed only involves a single database and does not require transaction support. I have carefully stepped through the creation of the DataSource and JCA pointing through the DbAdapter to the JDBC DataSource so XA transaction support is disabled, the JCA pool sets the transaction mode to "No transaction" and the JCA pool uses the dataSource value to point to the JNDI name of the JDBC pool rather than the xADataSource value.
    Visually,
    DataSource definition:
    name = jdbc/myserviceDataSource
    driver = oracle.jdbc.xa.client.OracleXADataSource
    url = jdbc:oracle:thin:@mydbhost.myfirm.com:1521:GENERIC
    use XA DataSource = unchecked
    set XA timeout = unchecked
    Keep XA connection until transaction complete = checked
    keep connection after local transaction = checked
    JCA definition:
    name = eis/DB/myserviceDataSource
    dataSourceName = jdbc/myserviceDataSource
    xADataSourceName = (blank)
    platform class name = org.eclipse.persistence.platform.database.Oracle10Platform
    Transaction | Transaction Support: no transaction
    This configuration works on one sandbox server and I got it working in a second sandbox server. However, after deleting the JDBC and JCA pools to go through the process one more time to document the procedure on the second server, I am unable to get the configuration working again. The WebLogic domain appears to be resurrecting portions of an old configuration that still references the JNDI name of the JDBC pool in the xADataSourceName parameter. I have unpacked the DbAdapter.rar archive for the DbAdapter and verified the contents of the ./META-INF/weblogic-ra.xml file don't use the xADataSouceName parameter. The Deployment Plan for the DbAdapter (named DbAdapterPlan.xml in $SOA_HOME/soa/connectors ) also explicitly configures the JCA pool using the dataSourceName value leaving the xADataSourceName value blank.
    However, executing the SOA service using this JCA connection results in this error:
    java.sql.SQLException: Cannot call Connection.commit in distributed transaction.
    Again, I know the theoretical answer to this question is to disable transactions in the JCA and JDBC configurations and don't use the xADataSourceName element of the JCA configuration to point to the JDBC pool. However, after validating those elements and restarting the pools or performing an Update on the DbAdapter deployment, WebLogic seems to still create connections through the JDBC pool with transactions enabled.
    Any suggestions?
    Should I just completely undeploy the DbAdapter and redeploy it from the SOA binary installation directory? These are just lab machines right now so that's obviously not a good long term answer for production use but may help start over with refining a better procedure for doing this.

    You should use a non-xa driver for your data source...
    From the weblogic docs...
    Configure Transaction Options
    When you configure a JDBC data source using the Administration Console, WebLogic Server automatically selects specific transaction options based on the type of JDBC driver:
    For XA drivers, the system automatically selects the Two-Phase Commit protocol for global transaction processing.
    For non-XA drivers, local transactions are supported by definition, and WebLogic Server offers the following options ...
    http://docs.oracle.com/cd/E23943_01/web.1111/e13737/jdbc_datasources.htm#autoId8
    Cheers,
    Vlad

  • DSCP marking for non WMM-clients

    hello,
    i just made several tries but didn´t find the result which i expected. i have the following scenario:
    non WMM-clients in branches in our WAN
    traffic over the wan line must be shaped
    there is no local breakout, the traffoic should be tunneled to the central datacenter
    so what i want to achieve is that every traffic from this non WMM-clients (which are using a special SSID (i call it here "EXTERNAL")) is getting marked in that way that the CAPWAP-packets are holding dscp-values so that i can refer on these packets beforer they are going over the WAN-connection
    what i did:
    the ssid uses the QOS-Profile "bronze"
    WMM is disabled
    the QOS-Profile itself has 802.1p enabled with a value of 1
    so i expected that every traffic via this ssid "EXTERNAL" gets a dscp marking in the capwap packet of 10 (perhaps also 12 or 14, i´m not sure whcih value really is used). in reality i see 0.
    i´m using Wismv1 with version 7.0.230. i also tried it with 5508 with the same version but it didn´t work. APs are 1142.
    is my expectation wrong that this scenario is working in this way? do i forget something??
    thanks for your help

    The WLAN can only re-mark client traffic that has existing DSCP values in the original packet, typically at the application layer. The platinum profile itself has 46 as VoWLAN, 48 as Mgmt traffic (CAPWAP etc), and 56 as network traffic, classifying them as such based on the original marking. The values are only remarked if the configured SSID is different.
    This link provides a few more details:
    http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807e9717.shtml

  • How to configure for remote JMS client?

    I have my own Java JMS test program for performance measurements.
              I am using the JNDI and JMS provider functionality of the WebLogic 9.1 app-server but my test program is just pure JMS 1.02 sender/receiver clients - ie it is NOT part of, or deployed as a J2EE application.
              SINGLE MACHINE TEST
              ===================
              In a single machine environment I was able to
              - configure a JMSServer
              - configure a JMSSystemModule
              - configure resources for ConnectionFactories and Queue and Topics
              I then made what I believe to be a 'standalone' application module copied from some mysystemmodule-jms.xml and with that I somehow worked out how to deploy it using the weblogic.Deployer tool.
              The deployment apparently set up the JNDI and my JMS client could gain access to the administered objects and do what it does.
              Everything works.
              TWO MACHINE TEST
              ================
              I now have a second machine.
              I want to put my JMS sender client on this new machine and I want the JMS server and JMS receiver client to be unchanged from the SINGLE MACHINE TEST.
              But I really don't know quite how to proceed from here...
              Do I need to install the WebLogic app-server on the sender machine or is the weblogic.jar all I need?
              What is necessary configuration for JNDI access on the sender machine?
              Can I in fact use my original SINGLE MACHINE server unchanged as I am hoping?
              I don't think I want a "thin" client because I read that performance is impacted (and these are performance tests)
              Remember this is NOT a J2EE application. There is no MDB; no client-container; no descriptors etc. Maybe that makes it more complicated - I don't know.
              Sorry for such basic questions but if somebody can just point me to an appropriate example or tutorial it could save me days...
              Thankyou.

    Hi,
              My problem is on similar lines. I have an applet based UI working on RMI/t3 protocol.
              I am using weblogic 9.2 as my app server.
              When my applet is executed on JRE 1.5x it works fine.
              But when I use JRE1.4x it gives the following exception
              java.lang.NoClassDefFoundError: javax/management/InvalidAttributeValueException
              at weblogic.rmi.internal.Stub.<clinit>(Stub.java:21)
              at java.lang.Class.forName0(Native Method)
              at java.lang.Class.forName(Class.java:141)
              at weblogic.rmi.internal.StubInfo.class$(StubInfo.java:34)
              at weblogic.rmi.internal.StubInfo.<clinit>(StubInfo.java:34)
              at java.lang.Class.forName0(Native Method)
              I have analyzed the reason for this.
              the class javax/management/InvalidAttributeValueException was included in java 1.5 and above. So JRE 1.4 does not have it.
              In previous versions of weblogic this class was a part of their 'weblogic.jar' file and in weblogic 9.2 it is not a part of weblogic.jar file so when I am using JRE1.4 and weblogic 9.2 then it obviously does not find this class hence the above exception.
              I tried to put this all together and made custom made client jar file incliding the necessary classes. I was able to get throght this exception only land up in following exception.
              java.lang.VerifyError: class weblogic.utils.classloaders.GenericClassLoader overrides final method .
                   at java.lang.ClassLoader.defineClass0(Native Method)
                   at java.lang.ClassLoader.defineClass(Unknown Source)
                   at java.security.SecureClassLoader.defineClass(Unknown Source)
                   at sun.applet.AppletClassLoader.findClass(Unknown Source)
                   at java.lang.ClassLoader.loadClass(Unknown Source)
                   at sun.applet.AppletClassLoader.loadClass(Unknown Source)
                   at java.lang.ClassLoader.loadClass(Unknown Source)
                   at java.lang.ClassLoader.loadClassInternal(Unknown Source)
                   at weblogic.jndi.WLInitialContextFactoryDelegate.<clinit>(WLInitialContextFactoryDelegate.java:204)
                   at weblogic.jndi.spi.EnvironmentManager$DefaultFactoryMaker.<clinit>(EnvironmentManager.java:26)
                   at weblogic.jndi.spi.EnvironmentManager.getInstance(EnvironmentManager.java:48)
                   at weblogic.jndi.Environment.getContext(Environment.java:307)
                   at weblogic.jndi.Environment.getContext(Environment.java:277)
                   at weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFactory.java:117)
                   at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
                   at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
                   at javax.naming.InitialContext.init(Unknown Source)
                   at javax.naming.InitialContext.<init>(Unknown Source)
              I really need to support clients using Jre 1.4 and Jre 1.5
              I will really appreciate any help on this one.
              Please advise.
              Thank you all.

  • Risk Management & Process controls for non SAP client

    Hi Forum Gurus,
    I need clarity on the following:  Can Risk managment 3.0 and Process controls be implemented for a non-SAP client?
    i.e. Our client does not run SAP, but they are interested in RM and PC, so is this possible to implement?
    Any advice would be highly appreciated.
    Kind regards,
    PREVO.

    Hi Prevo,
    Process control and Risk management 3.0 are delivered within same installation package files so it is same for both the applications .
    Also real time agents for Oracle or peoplesoft are avaialble if you want to leverage the automated control functionality of PC 3.0 in non SAP environment.
    Remember the automated control functionality is the optional feature of PC3.0.If you wish only to use the manual controls features of PC 3.0 you dont need RTAs(real time agent).
    You can find further information about manual controls at http://service.sap.com
    use the quicklink '/rkt' then the following menu path: SAP Business Objects for GRC Solutions -> SAP BO Process Control 3.0 -> Technology Consultant
    Regards
    Debraj

  • Windows Domain Controller certificate for non domain clients

    Hi,
    Is it possible that we can export windows domain certificate and use it for non domain computers without joining domain, so that they can communicate each others without joining domain controller?
    Regards

    Hi,
    Is it possible that we can export windows domain certificate and use it for non domain computers without joining domain, so that they can communicate each others without joining domain controller?
    Not sure that what you want to achieve here.
    However, yes, it is possible to export certificates (with private keys) from domain machines then import them to non-domain machines, and some certificates can even function well based on key usages. Please note that Domain Controller certificates are only
    meaningful to Domain Controllers. Possession of domain certificates doesn’t indicate machines are part of domain.
    Without joining a machine to a domain (or without a trust), the machine is always treated as untrusted by the domain members no matter what kind of certificates it holds.
    Best Regards,
    Amy
    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

  • App-V 5 over https for non-domain clients

    Hello, Is this scenario possible?

    Hi,
    here's how I have it set in my lab. Your mileage may vary, but hopefully this should give you all the different components of how I managed to get it to work, and allow you to try something similar.
    Firstly, my publishing server is: HTTPS://CSC-APPV5.CSC.local:8016
    I have an application published through the app-v console, with the package URL configured to be:
    HTTPS://CSC-APPV5.CSC.local/APPVSHARE/Notepadplusplusx86/notepadplusplusx86.appv
    This is published to the AD group CSC.local\notepadplusplus, of which the user CSC.local\appvuser is a member of.
    On my Windows 8 non domain joined computer, Press Start, type "credential manager", and click on this option under settings.
    Click on "Windows Credentials", then click "Add a Windows credential".
    It will ask you for the Internet or network address. Based on the information I stated earlier, I entered the address: CSC-APPV5.CSC.local
    for User name, I entered: CSC.local\appvuser
    and lastly for password I entered the current valid credentials for this user.
    To test this, I then browsed to the publishing server mentioned above, but found that it still prompted me for a password (but remembered the user ID I had specified), and that the app-v client would not sync through powershell.
    I then added http://csc-appv5.csc.local into this devices local intranet zone (im sure you can avoid this step by adjusting a various number of settings, this was just the first quick test I performed).
    Browsing to the publishingserver address now no longer prompted for a username/pw - correctly showing the application published to this user. I then performed a restart (unlikely to be required, but I just wanted to have a clean run from a user perspective),
    and straight away, there was my shortcut to the appv application, and running it resulted in the normal streaming you would expect.
    The one thing I will add is I was very particular around fully quilifying everything, to eliminate this as a potential issue, and would be one of the first places I would start if you are attempting to troubleshoot why you were not able to get this to work.

  • Cross-Certification for Non-Windows Clients

    Still trying to get more information on getting my SHA256 root CA certificate signed by my SHA1 root CA (temporarily), and having non-Windows entities recognize that:
    Creating Cross-Certification between two root CA's within the same organization (one hierarchy is all SHA1 and the other is all SHA256) and distributing the CrossCA certificate is painless enough for Forest members because it gets published to
    AD and from their comes down to the Forest member certificates store (Trusted Intermediary).  But what is the best way to get non-Windows end entities to also recognize the CrossCA certificate?  The RFC (http://tools.ietf.org/html/rfc5280#section-4.2.2.1)
    states you can configure the AIA extension to point to a collection of certificates, but then that means (unless I am missing something) I need to modify the AIA extensions configuration on my SHA256 root CA to point to the PKCS7 container on my http location,
    then issue my SHA256 SubCA certificates to my subordinate CA's.  So this way when my SHA256 subordinate CA's issue end entity certificates to non-Windows entities the chain of trust will go back to my SHA1 root CA.
    Both hierarchies are 2-tier.
    End Entity cert from SHA256 Subordinate CA --> http location specifying the location of the SHA256 SubCA .crt --> http location specifying the location of the exported Cross-Certification certificate in PKCS7 format (which contains the
    SHA256 root CA certificate and the SHA1 root CA certificate).
    Does this seem like the correct configuration?  If so, how easy will it be to remove this configuration when the cutover is complete?  If this is all correct then I assume the only way to remove this configuration is to modify the AIA extension
    of the SHA256 root CA and then issue new SubCA certificates to my SHA256 subordinates.

    Elke,
    Thank you for the information.  I defintely have some other options to consider now.
    One odd thing I noticed in my lab is my setup appears to work differently than you described.  In my lab I have a crossCA certificate which was published automatically into AD when it was issued.  Since that has happened even when issuing
    new certificates to end entities that are aware of the new SHA256 CA's (and Trust them), all certificates still chain back to my SHA1 root CA.  They don't take the short route anymore.
    And because of the above behavior I ran a quick test:
    - I installed a Windows 7 machine and never joined it to AD (kept it in a workgroup)
    - I manually imported the SHA1 root CA certificate into its certificates store
    - Then I accessed a web site running on a Windows web server which had an SSL certificate from one of the new SHA256 Subordinate CA's (and was part of the domain so it trusted the new SHA256 CA's).
    The result was the Windows 7 machine trusted the certificate just fine.
    When I looked at the certificate through IE on that Windows 7 machine, it showed the SSL certificate chaining back to my SHA1 root CA which I manually imported earlier, so it was trusted.
    Perhaps this is where setting constraints in the policy.inf file come into play...not 100% sure.
    Anyway, for the reasons you pointed out to me and the fact that anchoring my SHA256 environment with a SHA1 CA isn't really recommended, I am going to explore some other ways to get this done.
    Thank you.

  • 1240AG WPA2 and PSK for non radius clients

    does this device support this options?
    We want to move to WPA2 enterprise and use our radius server (windows IAS), but we want to hand out a key to non domain computers. We have production machines that arent on the domain for various reasons.
    2nd question, does the AP allow for creating a 2nd "Guest" wireless for visitors?
    thanks!

    Hi Shayne,
    The Cisco 1240 supports WPA2/AES.Yes, the can provide different security policys via different SSIDs. For example:
    SSID#1 - Corporate - WPA2/AES 802.1X
    SSID#2 - CorporatePSK - WPA2/AES PSK
    SSID#3 - Guest
    There is a good deal of configuration to make this happen. But yes this is supported..
    Here is a link how to configure SSIDs on a autonomous access points
    http://www.cisco.com/en/US/docs/wireless/access_point/12.3_7_JA/configuration/guide/s37ssid.html
    Please be so kind to rate helpful post!

  • A Web application + API for non web clients

    Hi there,
    I am new to the java enterprise world, i have a query regarding the application i am developing currently, I am not sure this is the exact category to ask this question but please help me on this.
    In very simple terms my applications job is to give a listing or view of files distributed across network.
    For this I need to have a webApp which can provide a view to all web clients. (where view is nothing but listing of files independent of there location)
    Because this view tells nothing more than files , and i am as data center administrator cannot tell much about data, so we need to provide APIs so other applications (WebAPP or anything else)
    can present the view in more data specific terms.
    The webapp part is fine with me, but how do i support API being on an application server like glassfish.
    Please help me on this.
    Thanks in advance
    AP

    Dear all,
    Anyone can help me to clear this problem ?

  • E-mail notification for Non-compliant Sales order items in creation of SO

    Hi All,
    I have a requirement to write the code in user exits of VA01/VA02 when save ,to check each item whether it is legally compliant or not by looking at its system status. If the item is noncompliant then system status (EXLS) for that item will be active. The program then sends a consolidated email  to report all the noncompliant items in the sales order. Any code to resolve this will be appreciated.
    Regards,
    Sanjit

    Problem Solved.

  • Deliverables for non-Java clients

    I'm trying to write my first web service. My server code can be in Java but the client system cannot use Java anything. I'm looking at the Java web services tutorial provided by Sun and it seems to assume a Java client. Do I need to go elsewhere for a tutorial that will show me how to construct a web service that does not assume a Java client? I also won't be using the Sun ap server but tomcat, so I wonder if again that's a reason to not use the tutorial. Suggestions? Thanks.

    I'm trying to write my first web service. My server code can be in Java but the client system cannot use Java anything. I'm looking at the Java web services tutorial provided by Sun and it seems to assume a Java client. Do I need to go elsewhere for a tutorial that will show me how to construct a web service that does not assume a Java client? I also won't be using the Sun ap server but tomcat, so I wonder if again that's a reason to not use the tutorial. Suggestions? Thanks.

Maybe you are looking for

  • Error when connecting to jvm

    I've created a database in 9ias and i also selected the option of jvm. but whenever i go into the enterprise manager and try to connect to the jvm it gives me an error the error is VDJSERVER-1516 failed to get a new jserver session. and during the da

  • Log data in TDMS format

    Hi I would like to log the acquired digital and analog data ( 2 seperate channels) into one 1 TDMS file. I acquire both signals in the same loop. Could you please help me on this and let me know how can I wrire and read it back using TDMS format Than

  • Upgarde From ECC 5.0 to ECC 6.0

    HI , My customer is running the E-Recuriting application on ECC5.0. They want to Upgrade this server to ECC6.0 If any one done it ealrier please tell me wht percaution we need to take before upgarding it. Details of Server SAP ECC5.0  Basis Release 6

  • Workcenter wise Authorization Checking in CO11N T.Code

    Hi All, In our business we have 12 operation stages in routing and total process passes through 4 depts.We have 4 SAP Logon id for these dept.We are using 4 Milestone Confirmation stages (Control Key PP03) and separate dept. confirm their stages by u

  • My Apple ID disabled, unable to install apps

    Apple ID disabled. Unable to install apps