How to stop ACS intergated AD users to login in AAA clients(network device)
I have ACS 4.2 Appliance which is integrated with Active directory.
AD users are able to login in network devices. Is there any so that I can stop AD user and other local users to login in AAA clinets (network devices).
These types of configurations are a two-way street. ACS must be configured to actually perform the authentication/authorization, and the AAA clients must also be configured for authentication/authorization. I would look at the AAA client configurations, first.
What kind of AAA clients are we talking about? Cisco switches, Cisco WLC's? Swicthing gear from other companies?
For Cisco switches, lines like the following will tell them to use your ACS server for administrative user auth (RADIUS ro TACACS+, respectively):
aaa group server radius rad_admin
server xxx.xxx.xxx.xxx
aaa group server tacacs+ tac_admin
server xxx.xxx.xxx.xxx
If your AAA client is a WLC, then you need to uncheck the "Management" box where the RADIUS server is defined for authentication (Security -> AAA -> RADIUS -> Auth).
Similar Messages
-
My new nano keeps going into sleep mode every copy of minutes while music is playing. I can't figure out how to stop this. The user guide isn't too helpful. Any ideas?
This is usually a sign that your iPod's headphones are not plugged in all the way. Make sure that you cannot see any of the silver still showing from the headphone's plug. You should hear a sort of popping/clicking noise when inserting the headphones letting you know that they have been fully seated.
B-rock -
How do I prevent other Mac users from changing my Airport Extreme Network Name and Password within the Airport Utility? My company is using an Airport Extreme in our office now and I want to prevent other employees from messing with the network/settings. Is there a way to place a password on the settings to allow only the admin to access the network name and password?
Hi - you have will have to change the device passwords on all the base stations and then don't give them to anyone except the administrators and tell them not to save them on their computers that use the older versions of the Airport Utility - for the newer versions like the mobile apps, as soon as you enter the pasword it is saved and is visible in the advanced pane along with the network password - so if anyone gets a hold of your iPad or iPhone, they can edit the whole network - I have this same issue with my networks in the office and it is inconvenient but doable - I hope this helps
-
I have a headless OS X Server, on which I've created a new Network User: "iTunes". When I screenshare into the server machine, all my devices are able to see the Home Shared itunes account an play movies, TV and music. As soon as I stop screensharing in to the server machine (even though I keep the user "iTunes" logged in), none of my devices can access the home-shared account. Very strange... ideas??
I solved issue by completely uninstall Mc Cafee ==" (so persistent)
Phew, i can go to iTunes as usual -
My NASA Multimedia News App is exhibiting behavior that I would very much like to change. The app is in the store at
http://apps.microsoft.com/windows/en-us/app/nasa-multimedia-news/7e74f3fb-b550-4ac6-b437-388f034ee6df
If you look at one of the three video galleries, here is the scenario:
1. Start one of the videos, for example the most recent one.
2. without MANUALLY pausing the first video and before it finishes, scroll to the next item in the same gallery and PLAY it.
3. two streams are now playing, audio overlapping.
4. move on to the next item in the gallery OR GO TO A DIFFERENT PAGE/SCREEN, cover your ears....
in fact the stream needs to stop if you navigate away from it by either starting a different video in the same gallery or when you navigate to a different screen/page in the app. and it doesn't.
5. in fact, if you close the app by dragging it down and don't final close it by drag/hold flip or using taskmgr, if you re-open it the multiple audio streams will still be playing from where they left off.
I don't honestly know if it is the video control or something I didn't do in the syntax (or even if something CAN be done), but with the overlapping cacophony that results, it is less than optimal. My expectations/hopes, were that if one stream was already
playing, that moving to a new item and starting THAT stream would automatically terminate the original one that was playing so that only a single audio stream can be heard.
I hope the issue is clear.
Is this a bug? If it is by design, ugh. And is there a work around?
-- Barb BowmanOn Sat, 5 Apr 2014 01:20:04 +0000, thorwm wrote:
>All kidding aside, I did some searching in the forum and I found this post that may help?
>
>http://social.technet.microsoft.com/Forums/en-US/6037342d-2575-411b-a496-90d306f82b00/unable-to-stop-a-video-playing-using-updatecontextvideopause-true?forum=projectsiena
>
>Btw, what you're talking about sounds very similar to how Adobe Flash works - it figures that you (the end user) must know what you're doing when you start another audio file / video so it keeps adding to the stream. The way I helped
the end user was to add the code to stop the media file playing when another one was selected.
>
>Hopefully the thread above gives you some ideas how you might do this in your situation.
>
>
>I look forward to hearing what you find - sounds like a neat app (no pun intended!)
Thor, it is my NASA Multimedia App - I resubmitted it last night and I guess a
different tester got it and the update went through. But the issue still exists.
The difference between what I have in my app and that other thread is that I
have a video GALLERY as opposed to individual players. I did try messing around
with that syntax
UpdateContext({videoPause: false}); UpdateContext({videoPause: true});
Navigate(scrHome, ScreenTransition!Fade)
But it didn't work between screens in my App and anyway, half of the issue is
that it wouldn't work on a single screen that contains a video gallery that has
say 10 videos, there is no OnSelect function used. I tried experimenting to see
if I could get syntax working at least for when the navigation is to a different
screen, but it doesn't work for me. Probably because it is a gallery.
Hoping that Robin has a solution...
-- Barb Bowman -
How to stop mails from unknown user
Hi All
This is my messaging server version.
./imsimta version
iPlanet Messaging Server 5.2 HotFix 1.21 (built Sep 8 2003)
libimta.so 5.2 HotFix 1.21 (built 18:35:22, Sep 8 2003)
SunOS mum1pp1-a-fixed 5.8 Generic_117350-26 sun4u sparc SUNW,Sun-Fire-880
One of our USER is frequently getting some mails which is not
addressed to him
To say clearly
Our user mail id is ([email protected]) but in the below output
The mail is sent to [email protected] and
The mail is sent from [email protected]
but i don't know how our user is getting that copy of mail and the user
camaad1 (invalid user) is not avaliable in our domain.
My ques.....
1. How to rectify this problem ??
2. Spamassassin is configured on our servers and i think we have to
tune spamassassin to solve this problem ?? can any body tell me
how to tune ???
Check the below output
Date:
Mon, 27 Nov 2006 14:28:17 +0220
From:
Katharine Charles <[email protected]>
Subject:
Katharine wrote
To:
[email protected]
Message-ID:
<01c71230$47857fd0$6c822ecf@deborapms>
MIME-version:
1.0
X-MIMEOLE:
Produced By Microsoft MimeOLE V5.50.4133.2400
X-Mailer:
Microsoft Office Outlook, Build 11.0.5510
Content-type:
text/plain; charset=iso-8859-2
Content-transfer-encoding:
7bit
X-Priority:
3 (Normal)
X-MSMail-priority:
Normal
Thread-index:
Aca6Q0-'>UFR08/)'7T./Q5?V4@14+==
Original-recipient:
rfc822;[email protected]
X-Mozilla-Status:
8001
X-Mozilla-Status2:
00000000
X-UIDL:
10096-1043648961
Thanks in AdvanceHi,
1. The version of Messaging you're using, is very,
very old. If you do not have a support contract, you
should at least download and apply 5.2p2.
What difference does it makes ?? can you explain
me..So Jay doesn't have to re-explain this for the thousandth time.
5.2p2 contains hundreds of fixes and can pro-actively fix problems that you may have not hit yet. We always recommend that customers all use up-to-date software if possible. In the same way that you should be patching your Operating System and other applications.
my ques ...
What will happen if i'm using "dnsverify" keyword in
TCP local channel ??
can you explain me ??Do you mean the dns_verify keyword in the mapping table or the mailfromdnsverify channel keyword?
Either way I recommend you look at the iMS5.2 Admin Guide which explains both of these keywords and how to use them.
Regards,
Shane. -
How to stop the removing a user account and saving the home directory to a disk image?
I tried to delete one of two administers on my iMac (10.10.1). After more than 12 hours it will not let me quit System Preferences for it "is removing a user account and saving the home directory to a disk image". How do I finish deleting the administer and quit System Preferences?
I would recommend asking them in C# forums: https://social.msdn.microsoft.com/Forums/vstudio/en-US/home?forum=csharpgeneral&filter=alltypes&sort=lastpostdesc
This posting is provided AS IS with no warranties or guarantees , and confers no rights.
Ahmed MALEK
My Website Link
My Linkedin Profile
My MVP Profile -
How to stop bounces to unknown users?
I've had a domain name for 12 years now and it's become quite a spam magnet. I get thousands of spam emails daily and they totally glut up the message queue (and can really slow down the mail service).
I have been scouring the web looking for a way to turn of any response to an arriving email for an unknown user.
I'm fine accepting spam for a user that I know (and dealing with it at the client) but I'm tired of wasting bandwidth & cycles on a polite "I'm sorry, but there's no one here by that name) to spammers.
I think manually editing the main.cf file is the key. I tried enabling this directive - bit it didn't seem to change the behavior:
localrecipientmaps = unix:passwd.byname $alias_maps
#alias_maps = hash:/etc/postfix/aliases
I added some test emails addresses to the aliases file - but that also had no effect.
What am I doing wrong? Is there a better way to achieve this?
Thanks
GregSee "Frontline spam defense for Mac OS X Server"
It's available here: http://osx.topicdesk.com/downloads/ -
How to allow Window Azure AD users to login to my On Prem SharePoint 2013
Hi guys,
A bit new to this technology, would like to check for my above (Subjcet) scenario. How can i achieve by doing that?
Assuming i have a local AD and SP Farm built (NOT in Azure Platform) and now all my users accounts are with Azure AD cloud.
Any "Correct" articles demonstrating how to configure that?
Also, is there connectivity required for my Local AD to talk to the Azure AD?
ChengGreeetings.
Pls check it below.Hope it helps you
http://blogs.technet.com/b/speschka/archive/2013/05/10/integrating-sharepoint-2013-with-azure-active-directory-part-1-configuration.aspx
Please remember to click 'Mark as Answer' on the answer if it helps you -
Help - How to stop Bluetooth on BB10 from repeatedly trying to connect to unknown device
Hi,
So about a week ago I was trying to connect my Q10 to a Bluetooth speaker. In the process of this (and rather stupidly) I tried to connect to some unknow device that is not mine (nor was it the bluetooth speaker). I quickly deleted this connection. However my Q10 now constantly asks me to enter a "numeric passkey" to connect to this unknown device. I've tried changing the Q10 Bluetooth name, my "discoverable" option is set to off and I've deleted ALL saved Bluetooth connections, but my Q10 keeps beeping at me asking for a passkey. Short of a factory reset how do I stop this happening? It appears (to me at least) that something in the Q10 still thinks this is a valid device and wants to complete the connection.
I have unchecked "Connect to the last device when turned on" and also turned off rSAP Mode (whatever that is).
I work in a congested area with mutiple companies very close so have no option to go find the device (it only bugs me as I drive into the carpark and I am at my desk).
Software version is 10.2.1.2122.
thanks in advance for any help to stop this as Bluetooth is basically useless right now for me at work.
Paulfreakinvibe wrote:
If you put in 0000 as passcode, does it pair?
So a follow up to this (and using the question you asked). Taking the question about can I connect I did connect to the device again and then turned "Handsfree Calling" off in the Device Details. This seems to leave the device present, but unconnected. It is no longer bugging me, which is something. I'd rather not have it present at all of course, but that seems to be hard!
I'd appreciate your thoughts on this as a long term solution?
Many Thanks, -
ACS 5 Limit User Simultaneous Logins
Is it possible in ACS 5 to limit the amount of devices a person can log into simultaneously? We would not want this to be global as there are other user ID's that need unlimited. Thanks in advance
In the Max Sessions table, under Sessions available to group, select one of the following options:
⢠Unlimited-Allows this group an unlimited number of simultaneous sessions. (This action effectively disables Max Sessions.)
⢠n-Type the maximum number of simultaneous sessions to allow this group.
In the lower portion of the Max Sessions table, under Sessions available to users of this group, select one of the following two options:
⢠Unlimited-Allows each individual in this group an unlimited number of simultaneous sessions. (This action effectively disables Max Sessions.)
⢠n-Type the maximum number of simultaneous sessions to allow each user in this group -
It plays the tone more than once and it's not playing the tone fully. It plays like it is "stuck". Like CDs play when they are scratched. How can I stop that?
Pause and off are the same thing. This is how you stop the music.
iPhone User Guide (For iOS 5.0 Software) -
ACS support Kerberos User Database?
Hi,
I've a customer currently having kerberos user database. I proposed to him to implement ACS to enable 802.1x on wireless client. Can ACS support or integrate with Kerberos User Database? If yes, any user guide which list out the steps on doing so?
I searched through Cisco website but failed to find any info related to the integration of ACS with Kerberos User Database.
Thank.
DelonFor network users who are authenticated by a Windows user database, Cisco Secure ACS supports user-changeable passwords upon password expiration. You can enable this feature in the MS-CHAP Settings and Windows EAP Settings tables on the Windows User Database Configuration page in the External User Databases section.
-
How to stop iphone deleting contacts
How to stop iphone deleting contacts ?
Are you syncing contacts from different devices? Are you using iCloud to do so?
Did you already try to reset the phone by holding the sleep and home button for about 10sec, until the Apple logo comes back again? You will not lose any data by resetting, but it can cure some glitches.
If this does not help, and to rule out a software issue, setting it up as new device would be the next step:
How to erase your iOS device and then set it up as a new device or restore it from backups -
How to count the number of AAA clients
Hi,
As we know, ACS5.2 is required with a base license-- supporting 500 network devices.
Sometimes there are lots of AAA clients or network devices that are authenticating simultanious. So my question is, how to count the network devices allowed to auth on ACS5.2? Does that only include network devices, or including both any network devices or AAA clients?
Rgds,
Laowu5017Hi,
ACS 5.x counts the number of AAA clients that are configured on the ACS.
Please note that AAA clients and networks devices is the same and they comply switches, routers, WLCs, or whatever other device configured under
Network Resources >
... >
Network Devices and AAA Clients
AAA Clients are NOT the AAA suplicants.
The end user clients PCs are the AAA suplicants, and for this there is no limit number.
HTH,
Tiago
If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it.
Maybe you are looking for
-
Combining multiple libraries with out duplicates
Greetings I have 3 libraries - one on my laptop one on my 1tb external one on my wife's machine - I just put a 500GB drive in my laptop and would like to combine all three of these WITHOUT duplicating the files that exist in more than one location -
-
How do you make the font of a link different to the link font in Page Properties?
In my case, I've designated links as Century Gothic, 16, black in Page Properties. I want most of the links on my page to be like that. However, there is one link that I'd like to look different (I want it to be size 12). How would I change that with
-
Is it possible to change the URL of displaytag's sortable function?
Basically, I've got a jsp page with the displaytag code on it such as: <display:table name="result"> <display:column sortable="true" property="title" /> <display:column sortable="true" property="author" /> <display:column sortable="true" property="st
-
How to know if a file has been updated in iCloud after modification?
How to know if a file has been updated in iCloud after modification? I work on various app including Keynote on my Mac Pro. And after modification, i close file and I wait. When I see no more Internet traffic. I assume that keynote has uploaded all t
-
How can i fix my ipod touch 4th generation, how can i fix my ipod touch 4th generation
how can i fix my ipod touch 4th generation and when stuck on the apple logo