Dynamic Maping to ACS groups using OU instead of NT group
Is there a way to us the Microsoft AD OU groups instead of using the old NT groups to dynamically mapping users to the ACS groups? We are using ACS server at vers 3.2 as well as some test server on 3.3.
Cisco Secure ACS for Windows Servers 3.2 only supports two versions of the Windows 2000 operating system
1)Windows 2000 Server, with Service Pack 3 or Service Pack 4 installed
2)Windows 2000 Advanced Server, with the following conditions:
with Service Pack 3 or Service Pack 4 installed
without Microsoft clustering service installed
without other features specific to Windows 2000 Advanced Server enabled
Similar Messages
-
ACS Group mapping and restrictions
hi,
I would appreciate to receive some configuration steps on ACS to fulfill the following requirement and hope you can help me.
ACS Groups
Netadmin - need telnet/ssh/vpn/wireless
wireless - only wireless authentication
vpn - only vpn authenticaiton
I need to map the above ACS groups to one/or many AD groups and restric access as stated above.
Also please note that one user can be belongs to all three groups in ACS/AD.
thanks in advance.In ACS user can only belong to one group. But in AD we can have one user a part of multiple group.
In this scenario, it is very important to understand how ACS group mapping works.
Lets say that you have three different groups on AD for NetworkAdmin, RouterAdmin, Wireless. Go to external user database ==Database Group Mappings==Windows NT/2000==select the domain to which you are authenticating==Add mapping.
Select the AD group NetworkAdmin and map it to ciscosecure group 1
select the AD group RouterAdmin and map it to ciscosecure group 2
select the AD group Wireless and map it to ciscosecure group 3
Group mappings work in the order in which they are defined, first configured mapping is looked upon first then second, third and so on. If a user is in AD group NetworkAdmin and that is mapped to ACS group 1 and it is first configured mapping it will be looked for FIRST (If a user exists in NetworkAdmin group it will always be mapped to ciscosecure group 1 and NO further Mappings for this user is checked and user is authenticated or rejected)
Scenario: if you have a user called cisco, in NetworkAdmin group, cisco1 in RouterAdmin group, and cisco2 in Wireless. They will always be dynamically mapped to ACS group 1, 2 and 3 respectively as per above mappings.
You can check the mappings on the passed authentications for users as to what group are they getting mapped to.
SCENARIO:
Now if you want a NetworkAdmin user to authenticate to NetworkAdmin devices and not wireless or RouterAdmin devices you would need to apply NARs to group 1 because NetworkAdmin users are connecting to that group. Which you will permit Access on group basis to a particular NetworkAdmin NDG or individual NetworkAdmin NAS device.
NOTE:
If you are applying NARs for Wireless or VPN devices.. you would need to configure both IP based AND CLI/DNIS based together because NARs were originally designed for cisco IOS for
routers and switches.
IMPORTANT: If a user successfully authenticates to AD database once, its username is cached on the ACS database (NOT password) the only way to remove the previously cached
username is to go to usersetup find that user and delete it manually.
ACS will not support the following configuration:
*An active directory user that is a member of 3 AD groups (group A, B and C) *Those 3 groups are mapped within ACS as follows Group1->A,Group2->B and Group3->C.
*The user is in all 3 groups however he will always be authenticated by group 1 because that is the first group he appears in, even if there is a NAR configured assigning specific AAA clients to the group.
However there if your mappings are in below order...
NT Groups ACS groups
A,B,C =============> Group 1
A =============> Group 2
B =============> Group 3
C =============> Group 4.
You can create a DIFFERENT rule for the users in A,B,C by configuring the NARs in group1.
This rule WILL apply for the use ONLY if he is present in ALL three groups (A,B and C).
You can create a rule for users in group A (Group 2)
You can create a rule for users in group B (Group 3)
You can create a rule for users in group C (Group 4)
Regards,
~JG
Do rate helpful posts -
ACS with Dynamic VLAN which protocol to use ??
Hello,
Which Protocol do I need to use, for providing dynamic VLAN to my desktop machines?
As in ACS 4.0 if I use local database of ACS then users successfully get the dynamic VLAN & as soon I use AD database while integration it with ACS ,the authentication fails!!
Please help.Hi,
Thanks for the reply. I am using EAP-MD5.
However, the problem is if I am using ACS solution Engine local database, users are getting dynamic VLAN after authentication.
But when I use AD as user database, the authentication fails. Even strange thing is that if I use AD database to log in to any Cisco Router then the authentication is working fine.
Even I am struggling with TAC also from last week in two different cases! However, they are unable to help! I found TAC has limited resource for ACS.
So please suggest what to do as on Cisco site, I found lots of stuff for Wireless but I have only the desktops (no wireless).
So will the mention below URL be of any help?
http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00805e7a18.shtml
Thanks in advance
Vijay -
I have created a group on ACS and used:
Ext User Database > Ext Grp Mappings to create mapping b/w ACS Group and AD Group. This works fine on Primary. However this information is not replicated to secondary. Would I have to recreate group mappings on each ACS Server (Primary and Backup and possibly another Backup). Is there a workaround or a more elegant method?Hi,
The following items cannot be replicated:
IP pool definitions (for more information, see About IP Pools Server).
ACS certificate and private key files.
Unknown user group mapping configuration.
Dynamically-mapped users.
Settings on the ACS Service Management page in the System Configuration section.
RDBMS Synchronization settings.
Third-party software, such as Novell Requestor or RSA ACE client software.
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs40/user/sad.htm#wp756078
Hope that helps !
Jagdeep -
How to modify a lookup field-type to use checkbox instead of radiobutton?
How to modify a lookup field-type to use checkbox instead of radiobutton?
I would like to modify the behavior for the lookup field.
Normally you get a screen where it is possible to search through a lookup. The items resulted from the search are listed as radiobutton items. Therefore you can select only one at the time to be added.
Is it possible to have the items to be listed as checkbox instead? So that you can check multiple items and therefore be able to add multiple items at the time?
For example:
To add the user to 10 different groups on MS-AD.
It is desired to have the ability to check multiple groups to be added instead only one at the time.
My client would like to use this feature in many other situations.Displaying will not be a big deal but with that you have to customize the action class and its working as well.
-
ISE 1.2, Patch 7: "NAK requesting to use PEAP instead"
We're experiencing seemingly random occurrences of users failing authentication because they're trying PEAP vs EAP. Does anyone know if it is possible to force the Windows supplicant to use EAP only?
For what it's worth, the user can fail authentication for hours and I can either allow open authentication on the port for a bit, or the user can leave for the day and come back tomorrow and authentication will succeed. I'm not sure if it's an ISE problem or a supplicant problem, but I'm leaning towards supplicant.
Personas:
Administration
Role:
PRIMARY(A)
System Time:
Apr 24 2014 08:26:58 AM America/New_York
FIPS Mode:
Disabled
Version:
1.2.0.899
Patch Information:
7,1,3
11001
Received RADIUS Access-Request
11017
RADIUS created a new session
15049
Evaluating Policy Group
15008
Evaluating Service Selection Policy
15048
Queried PIP
15048
Queried PIP
15004
Matched rule
11507
Extracted EAP-Response/Identity
12500
Prepared EAP-Request proposing EAP-TLS with challenge
12625
Valid EAP-Key-Name attribute received
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12301
Extracted EAP-Response/NAK requesting to use PEAP instead
12300
Prepared EAP-Request proposing PEAP with challenge
12625
Valid EAP-Key-Name attribute received
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12302
Extracted EAP-Response containing PEAP challenge-response and accepting PEAP as negotiated
12318
Successfully negotiated PEAP version 0
12800
Extracted first TLS record; TLS handshake started
12805
Extracted TLS ClientHello message
12806
Prepared TLS ServerHello message
12807
Prepared TLS Certificate message
12810
Prepared TLS ServerDone message
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
12318
Successfully negotiated PEAP version 0
12812
Extracted TLS ClientKeyExchange message
12804
Extracted TLS Finished message
12801
Prepared TLS ChangeCipherSpec message
12802
Prepared TLS Finished message
12816
TLS handshake succeeded
12310
PEAP full handshake finished successfully
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
12313
PEAP inner method started
11521
Prepared EAP-Request/Identity for inner EAP method
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
11522
Extracted EAP-Response/Identity for inner EAP method
11806
Prepared EAP-Request for inner method proposing EAP-MSCHAP with challenge
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
11808
Extracted EAP-Response containing EAP-MSCHAP challenge-response for inner method and accepting EAP-MSCHAP as negotiated
15041
Evaluating Identity Policy
15006
Matched Default Rule
15013
Selected Identity Source - *****
24431
Authenticating machine against Active Directory
24470
Machine authentication against Active Directory is successful
22037
Authentication Passed
11824
EAP-MSCHAP authentication attempt passed
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
11810
Extracted EAP-Response for inner method containing MSCHAP challenge-response
11814
Inner EAP-MSCHAP authentication succeeded
11519
Prepared EAP-Success for inner EAP method
12314
PEAP inner method finished successfully
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
15036
Evaluating Authorization Policy
24433
Looking up machine in Active Directory - host/*****
24435
Machine Groups retrieval from Active Directory succeeded
15048
Queried PIP
15048
Queried PIP
15048
Queried PIP
15048
Queried PIP
15048
Queried PIP
15004
Matched rule - Default
15016
Selected Authorization Profile - DenyAccess
15039
Rejected per authorization profile
12306
PEAP authentication succeeded
11503
Prepared EAP-Success
11003
Returned RADIUS Access-Rejectsalodh,
Thank you for your response. Below is the authorization policy it should hit. The trouble is the workstation wants to use PEAP for some reason but we don't want PEAP because we're certificate-based. I understand what you're saying, and it's because I didn't word my question correctly.
12500
Prepared EAP-Request proposing EAP-TLS with challenge
12625
Valid EAP-Key-Name attribute received
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12301
Extracted EAP-Response/NAK requesting to use PEAP instead
If the NAK would not request PEAP, it would continue on to the following Authorization Policy (and succeed):
Name
Wired-******-PC
Conditions
Radius:Service-Type EQUALS Framed
AND
Radius:NAS-Port-Type EQUALS Ethernet
AND
*******:ExternalGroups EQUALS **********/Users/Domain Computers
AND
Network Access:EapAuthentication EQUALS EAP-TLS
Again, this PEAP request only happens occasionally. This same workstation will work at other days/times. If I could figure out why some workstations randomly request PEAP (or find a way to force EAP only) I think that would take care of it.
Thanks again, sir.
Andrew -
hello
we are using ACS4.2 to authenticate network admins to access switches and routers. ACS is integrated with Windows Active Directory.
so we map AD groups to ACS groups and we specify access restriction in ACS groups.
now we want to use this ACS to authenticate wireless users. wireless users will use their AD accounts.
so i think we should create a new internal group in ACS and map AD mobile users to this group. using Radius attributes we can put these users in one particular vlan.
however what if one network administrator will access the wireless network? he will use the AD account that belongs to both groups : network-admin group and wireless group.
so what will ACS do in this case? will it be mapped to the first group or the second or may be both?!!!i can't see how NAP can resolve my issue.
suppse ohasairi is one account in AD that belongs to AD groups: network-admin and wireless-users
AD netwrk-admin is mapped to ACS network-admin group. this group is configured with NAR to limit access to some network devices
AD wireless-users is mapped to ACS wireless-users that is configured with adequate airespace attributes and ietf attibutes to let it in vlan 80 (wireless vlan)
now if i put network-admin map the first one, then if ohasairi tries to access wireless network it will not succeed because it will be mapped to network-admin group. and this group is not configured with ietf attributes that let the user in vlan 80!
if i put wireless-users map the first one, then if ohasairi tries to access one network device, i am afraid it will be assigned to vlan 80! -
Native Supplicant "NAK requesting to use PEAP instead"
Hello,
We have a Cisco ISE infrastructure in place and we're experiencing seemingly random occurrences of users failing authentication because they're trying PEAP vs EAP. Does anyone know if it is possible to force the native Windows supplicant to use EAP only?
"Microsoft: Smart Card or other certificate" is selected under network authentication method, by group policy, and I thought that wouldn't allow PEAP, but our ISE logs show "NAK requesting to use PEAP instead", after which authorization
fails because we're not using PEAP.
For what it's worth, the user can fail authentication for hours and I can either allow open authentication on the port for a bit, or the user can leave for the day and come back tomorrow and authentication will succeed. I'm not sure if it's an ISE problem or
a supplicant problem, but I'm leaning towards supplicant.
Thanks,
AndrewHi,
About this issue, please contact Cisco Tech Support for help.
Karen Hu
TechNet Community Support
I've already been in contact with them and they've verified our configuration. All that can be done on the Cisco side is to "propose" the client to go through EAP-TLS as the first option, which we are doing. This will not block any clients trying to connect
using other protocols, and, though this will propose EAP-TLS, there is now way to enforce it at the supplicant level. This will be a client decision always. From Cisco:
Please monitor this after the change we applied, but if the issue persists, since we are dealing with windows supplicant, it would be a good idea to involve the native supplicant support. -
Why do we use jsp instead of servlet
why do we use jsp instead of servlet
Hi,
I am and web/Java developer and have used a mixture of JSPs and servlets. I use JSPs for my actual web pages. Whether they are displaying dynamic database driven content or simple pages doing nothing but password protecting.
I tend to separate other reusable code into servlets, like database connections and business logic.
For example: I have worked on a mortgage site and there quite a lot that goes into calculating a monthly payment and ARP. These calculations will not change (only values I send to them will) therefore I do this type of coding in a servlet.
Cheers
Mark
:o) -
Dynamic radio button and group
Hi, we have create dynamic radio button and group on “application creation complete” event , but which I am try to get number of radio button its show zero, see below code
import flash.utils.setTimeout;
import mx.controls.Alert;
import mx.events.FlexEvent;
import spark.components.RadioButton;
import spark.components.RadioButtonGroup;
private var rbg:RadioButtonGroup;
private var rb1:RadioButton;
private var rb2:RadioButton;
private var dcount:int = 0;
protected function application1_creationCompleteHandler(event:FlexEvent):void
// TODO Auto-generated method stub
// TODO Auto-generated method stub
rb1 = new RadioButton();
rb2 = new RadioButton();
rbg = new RadioButtonGroup();
rb1.label = "Radio1";
rb2.label = "Radio2";
rb1.group = rbg;
rb2.group = rbg;
vbox1.addChild(rb1);
vbox1.addChild(rb2);
checkRadioButton ();
protected function checkRadioButton ():void
Alert.show("In checkRadioButton function : " + rb1.group.numRadioButtons.toString());
If I put some Time interval to call checkRadioButton function its working fine,
//checkRadioButton ();
setTimeout(checkRadioButton,1000);
but this is not best practice.
why this happen ….can anybody clear this or any other way to do this.
Thanks in advance@manjeet.patel,
Just write the below line of code
vbox1.validateNow();
You need not use setTimeout() function
vbox1.addChild(rb1);
vbox1.addChild(rb2);
vbox1.validateNow();
Thanks,
Bhasker -
Exception access violation using jlong instead of jint
Hi,
I hope you can help me.
I'm using Java5 under Windows XP and I'm developing under Eclipse.
I try to use an "old" c-Application accesed via JNI.
Status Quo is that, I have access to the c-side, over my JNI-conform DLL. My current task is to translate the c-side structs to java-objects. This also works, but only with limitation.
Calling methods bidirectional is working, manipulation a java-object is like a walk on an warm and sunny Saturday afternoon.
But I'm not able to use all possible parameters (for now I have tried to use jobject, jstring, jint, jboolean, jlong).
The first problem I had, were using Strings as parameters, but this now I deal with the loopway over java/lang/object (using java/lang/String results in an access_violation).
The next problem, and the harder one, is, that I cannot use the type long or jlong.
int (jint) is no problem, with int all works fine, but if I change the environment, creating and using long, I allways get an the access_violation shown below.
Is there anything, I need to know?
working c-side-code:
jobject someObject;
jint anIntegerValue;
anIntegerValue =5;
jmethodID mid3 = (*env)->GetMethodID(env, cl, "initReturnSomeObject", "(ILjava/lang/Object;)Ljava/lang/Object;");
if(mid3 == (jmethodID)0) printf("\ndooofes MethodName4!\n");
else {
const char* myParams;
myParams = "ooooohwow!!!";
someObject = (*env)->CallObjectMethod(env, jobj, mid3,
anIntegerValue, (*env)->NewStringUTF(env, myParams));
}wokring java-side-code
public Object initReturnSomeObject(int i, Object obj) {
String s = (String)obj;
System.out.println("String: "+s+"\nInteger: "+i);
some = new SomeObject(s,i);
if(some==null) System.out.println("Some is not yet initialized, FEAR!!!!\n");
else System.out.println("Yoh, I'm soooo many good!! \nSome:\nString: "+some.getS1()+"\nInt: "+some.getI1()+"\n");
return (Object)some;
so, und this code, doesn't work. you can see, the changes are dramatically!! ;)
sorry for my sarcasm. I do not know, why it doesn't work.
jlong aLongValue;
aLongValue = 2;
jmethodID mid3 = (*env)->GetMethodID(env, cl, "initReturnSomeObject", "(JLjava/lang/Object;)Ljava/lang/Object;");
if(mid3 == (jmethodID)0) printf("\ndooofes MethodName4!\n");
else {
const char* myParams;
myParams = "ooooohwow!!!";
someObject = (*env)->CallObjectMethod(env, jobj, mid3,
aLongValue, (*env)->NewStringUTF(env, myParams));
public Object initReturnSomeObject(long i, Object obj) {
String s = (String)obj;
System.out.println("String: "+s+"\nInteger: "+i+"\nLong: ");
some = new SomeObject(s,(int)i);
if(some==null) System.out.println("Some is not yet initialized, FEAR!!!!\n");
else System.out.println("Yoh, I'm soooo many good!! \nSome:\nString: "+some.getS1()+"\nInt: "+some.getI1()+"\n");
return (Object)some;
# An unexpected error has been detected by Java Runtime Environment:
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x6d942975, pid=1784, tid=1648
# Java VM: Java HotSpot(TM) Client VM (1.6.0_03-b05 mixed mode, sharing)
# Problematic frame:
# V [jvm.dll+0x182975]
# An error report file with more information is saved as hs_err_pid1784.log
# If you would like to submit a bug report, please visit:
# http://java.sun.com/webapps/bugreport/crash.jsp
#do you need some other informations or details? something out of the log-file? ok, i have to take the bus, so sorry for uncomplete informations or sentences ;)
till later.Hi,
I'm quite sure, the signature is correct. For failure check, yesterday I ran javap to check the signature, but I do also mean, that I changed the signature afterwards for several time. And, it works ;) at least the way, using Integer.
Trying to use java/lang/String everytime I got the Error, that the method could not be found - this is the part, I was wrong in my description. So the error-Message is a different one.
Belonging to the question for assumptions I made... it's difficult. I'm quite new to JNI, so, I don't know, what I can assume to do. The Method call seems to be a kind of reflection-mechanism. So I assume that the behaviour is similar. But reflection I'm not very firm, either ^^.
What I do assume is, that the parameter-value J fits to the java-type jlong. But a work around on this, I will try today. getting the jlong into an char* or using long instead of jlong or using Ljava/lang/Long; or a casted Long as Ljava/lang/Object; ...
I'm anxious to the ideas, I will have, bypassing this point. if there is no way, I will write a file, send a email or something like this ;)
Thx for thinking about my problem jschel!! It's great not to be alone.
John -
I just found my old ipod touch (i think 1st generation) and would like to let my toddler use it instead of my phone. I am trying to download apps but it say I need to update to 4.3 but it won't let me update. I have the most recent itunes. any idea why? I saw a thread saying to purchase the newest software (that was posted a few years ago) I paid 4.95 for the software and it's still saying it can't be updated. Am I just SOL??
The 1G iPod can only go as high as 3.1.3. The 1G does not have an internal speaker or volume buttons on the upper left edge.
Identifying iPod models
To more easily find compatible apps:
iOSSearch - search the iTunes store for compatible apps.
Apple Club - filter apps by iOS version. -
For the past few days, I keep getting an invalid security certificate in Safari whenever I select Edit My Site from my website homepage (http://annaporterartist.com), or whenever I select anything requiring a secure log in from my website host main page (FASO.com). I have contacted technical support at my website host (fineartstudioonline.com) and they say that this has been an intermittently recurring problem in Safari for years and they recommend that I use Firefox instead. As proof of this they emailed a link to an Apple Support discussion, but it was for Mac OS X Lion v 10.7.4 and Safari 5.1, even though I told them I am using Mac OS X Mountain Lion v 10.8.2 and Safari 6.0.2. I do not get this error message anywhere else on the web using Safari. I did try Firefox and it seems to work fine, but I prefer Safari and I want to know why Safari is not working as it should be. I am concerned that there is a real security problem with my website host and I need someone to explain why I am getting this error message, what it means, and if it is, in fact, a known problem with Safari or is my website host corrupted? Really tired of technical support playing pass the buck or pretending the problem does not exist.
The specific error message is:
Their response to my inquiry and my reply is shown below:Back up all data.
Launch the Keychain Access application in any of the following ways:
☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
☞ Open LaunchPad. Click Utilities, then Keychain Access in the icon grid.
From the menu bar, select
Keychain Access ▹ Preferences ▹ Certificates
There are three menus in the window. What is selected in each of them? -
The program doest enterpret my figures from the text file in the correct way since the numbers contain dots instead of commas. Is there a way to fix this in labVIEW, or do I have to change the files before reading them in the program? Thanks beforehend!
You must go in the labview option menu, you can select 'use the local
separator' in the front side submenu (LV6i).
If you use the "From Exponential/Fract/Eng" vi, you are able to select this
opton (with a boolean) without changing the labview parameters.
(sorry for my english)
Lange Jerome
FRANCE
"Nina" a ecrit dans le message news:
[email protected]..
> I would like to read a text file in which the decimal numbers are
> using dots instead of commas. Is there a way of converting this in
> labVIEW, or how can I get the program to enterpret the figures in the
> correct way?
>
> The program doest enterpret my figures from the text file in the
> correct way since the numbers contain dots instea
d of commas. Is there
> a way to fix this in labVIEW, or do I have to change the files before
> reading them in the program? Thanks beforehend! -
Dynamically populate a record group on the fly uisng LOV
Hi,
I want to create dynamically populate a record group on the fly uisng LOV.
1. This is how the RG_BANKNAME Record Group object look like
Object : Record Group
Name : RG_BANKNAME
Record Group Query : SELECT NAME, SHORT_NAME FROM C_BANKS
2. I create the Push Button and when user click it will popup the LOV.
DECLARE
rg_id RecordGroup;
errcode NUMBER;
status BOOLEAN;
BEGIN
rg_id := Find_Group('RG_BANKNAME');
IF Id_Null(rg_id) THEN
Message('No such group: ',ACKNOWLEDGE);
RAISE Form_Trigger_Failure;
ELSE
errcode :=POPULATE_GROUP(rg_id);
SET_LOV_PROPERTY('LV_NAME', TITLE, 'My Own LOV');
SET_LOV_PROPERTY('LV_NAME', GROUP_NAME, rg_id);
SET_LOV_COLUMN_PROPERTY('LV_NAME', 1 ,Title, 'NAME');
SET_LOV_COLUMN_PROPERTY('LV_NAME', 1 ,Width, 150);
SET_LOV_COLUMN_PROPERTY('LV_NAME', 2 ,Title, 'SHORT NAME');
SET_LOV_COLUMN_PROPERTY('LV_NAME', 2 ,Width, 100);
status := Show_LOV('LV_NAME',10,20);
IF NOT status THEN
Message('You have not selected a value.');
Bell;
END IF;
END IF;
END;
My question is do I need to create the LOV Object name call 'LV_NAME'? since I don't have this
create on my design times, because I thought it can be done dynamically on the fly.
The problem is compliant that the Lov Id is not valid.
Thanks
David
Edited by: user445990 on May 24, 2011 9:19 PMHello,
You request is not clear. Do you need to display the LOV or not ? In other words, what is the goal of your record group ?
Francois
Maybe you are looking for
-
SAP NetWeaver 2004s SR 1 SP9 INSTALL
I spent last week trying to install SAP Netweaver 2004s SR 1 SP9 in XP SP2 with no success. The JDK version is 1.4.2_09 and the install process fail in step "Import Java Dump", the <i>sapinst.log</i> indicates the error: 14-dic-2007 11:55:30 com.sap.
-
E: Invalid record in the preferences file, no Pack...
Ok guys.. Got a problem.. I was using 5 desktops, custom transitions, Portrait status-bar, Mag Hildon-desktop, swappiness(30) , Page cluster (5) , Mydocs executable , update notifications using Maemodder. And today ive changed custom transitions and
-
I am using Framemaker 8 - unstructured. I have a requirement that the work packages/documents within a book contain an identifying number that begins with leading zeros and is four-digits long. This number also increments from one document to the nex
-
Date of film roll is weird when using the camera connector
I use my 60GB iPod Video also as backup disk for photos when shooting abroad. Everything works fine except one thing: althoug the date/time of camera, iPod and Mac Mini is set properly, the imported film roll shows in iPhoto always the same date/time
-
One music library, 1 G4 Powerbook, 1 MacbookPro
Hi there, I use my MacbookPro on my office desk that I download music, rate and put into specific playlists as I need it to Dj. I have one external hard disk that has all my music. I want to use my old powerbook G4 that is plugged into my Vinyl Scrat