Identity Services Engine (ISE) support for the WLC 2500

Is the ISE going to support the 2500 series Wireless LAN Controller WLC? If yes in what release and appriximately when is that due to be released?

Your question is disturbing. ISE is (amongst other things) a radius server. WLC 2500 can use radius servers for authentication. So it's supported.
Any device doing radius is supported with ISE ...
Now you are maybe referring to a particular feature in ISE ?

Similar Messages

Ask the Expert: Integrating Cisco Identity Service Engine (ISE) 1.2 for BYOD

With Eric Yu and Todd Pula
Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about integrating Cisco ISE 1.2 for BYOD with experts Eric Yu and Todd Pula.
Cisco Bring Your Own Device (BYOD) is an end-to-end architecture that orchestrates the integration of Cisco's mobile and security architectures to various third-party components. The session takes a deep dive into the available tools and methodologies for troubleshooting the Cisco BYOD solution to identify root causes for problems that stem from mobile device manager integration, Microsoft Active Directory and certificate authority services, and Cisco Enterprise Mobility integration to the Cisco Identity Services Engine (ISE).
Todd and Eric recently delivered a technical workshop that helps network designers and network engineers understand integration of the various Cisco BYOD components by taking a deep dive to analyze best practice configurations and time-saving troubleshooting methodologies. The content consisted of common troubleshooting scenarios in which TAC engineers help customers address operational challenges as seen in real Cisco BYOD deployments.
Eric Yu is a technical leader at Cisco responsible for supporting our leading-edge borderless network solutions. He has 10 years of experience in the telecommunications industry designing data and voice networks. Previous to his current role, he worked as a network consulting engineer for Cisco Advance Services, responsible for designing and implementing Cisco Unified Communications for Fortune 500 enterprises. Before joining Cisco, he worked at Verizon Business as an integration engineer responsible for developing a managed services solution for Cisco Unified Communications. Eric holds CCIE certification in routing and switching no. 14590 and has two patents pending related to Cisco's medianet.
Todd Pula is a member of the TAC Security and NMS Technical Leadership team supporting the ISE and intrusion prevention system (IPS) product lines. Todd has 15 years of experience in the networking and information security industries, with 6 years of experience working in Cisco's TAC organization. Previous to his current role, Todd was a TAC team lead providing focused technical support on Cisco's wide array of VPN products. Before joining Cisco, he worked at Stanley Black & Decker as a network engineer responsible for the design, configuration, and support of an expansive global network infrastructure. Todd holds his CCIE in routing and switching no. 19383 and an MS degree in IT from Capella University.
Remember to use the rating system to let Eric and Todd know if you have received an adequate response.
Because of the volume expected during this event, Eric and Todd might not be able to answer every question. Remember that you can continue the conversation in the Security community, subcommunity AAA, Identity and NAC, shortly after the event. This event lasts through November 15, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

Hi Antonio,
Many great questions to start this series. For the situation that you are observing with your FlexConnect configuration, is the problem 100% reproducible or is it intermittent? Does the problem happen for one WLAN but not another? As it stands today, the CoA-Ack needs to be initiated by the management interface. This limitation is documented in bug CSCuj42870. I have provided a link for your reference below. If the problem happens 100% of the time, the two configuration areas that I would check first include:
On the WLC, navigate to Security > RADIUS > Authentication. Click on the server index number for the associated ISE node. On the edit screen, verify that the Support for RFC 3576 option is enabled.
On the WLC, navigate to the WLANs tab and click on the WLAN ID for the WLAN in question. On the edit screen, navigate to Security > AAA and make sure the Radius Server Overwrite interface is unchecked. When this option is checked, the WLC will attemp to send client authentication requests and the CoA-Ack/Nak via the dynamic interface assigned to the WLAN vs. the management interface. Because of the below referenced bug, all RADIUS packets except the CoA-Ack/Nak will actually be transmitted via the dynamic interface. As a general rule of thumb, if using the Radius NAC option on a WLAN, you should not configure the Radius Server Overwrite interface feature.
Bug Info: https://tools.cisco.com/bugsearch/bug/CSCuj42870
For your second question, you raise a very valid point which I am going to turn into a documentation enhancement request. We don't currently have a document that lists the possible supplicant provisioning wizard errors that may be encountered. Please feel free to post specific errors that you have questions about in this chat and we will try to get you answers. For most Android devices, the wizard log file can be found at /sdcards/downloads/spw.log.
As for product roadmap questions, we won't be able to discuss this here due to NDA. Both are popular asks from the field so it will be interesting to see what the product marketing team comes up with for the next iterration of ISE.
Related Info:
Wireless BYOD for FlexConnect Deployment Guide

Cisco Identity Services Engine (ISE) Version 1.2: What's New in Features and Troubleshooting Options

With Ali Mohammed
Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about what’s new in Cisco Identity Services Engine (ISE) Version 1.2 and to understand the new features and enhanced troubleshooting options with Cisco expert Ali Mohammed.
Cisco ISE can be deployed as an appliance or virtual machine to enforce security policy on all devices that attempt to gain access to network infrastructure. ISE 1.2 provides feature enrichment in terms of mobile device management, BYOD enhancements, and so on. It also performs noise suppression in log collection so customers have greater ability to store and analyze logs for a longer period.
Ali Mohammed is an escalation engineer with the Security Access and Mobility Product Group (SAMPG), providing support to all Cisco NAC and Cisco ISE installed base. Ali works on complicated recreations of customer issues and helps customers in resolving configuration, deployment, setup, and integration issues involving Cisco NAC and Cisco ISE products. Ali works on enhancing tools available in ISE/NAC that are required to help troubleshoot the product setup in customer environments. Ali has six and a half years of experience at Cisco and is CCIE certified in security (number 24130).
Remember to use the rating system to let Ali know if you have received an adequate response.
Because of the volume expected during this event, Ali might not be able to answer each question. Remember that you can continue the conversation on the Security community, sub-community shortly after the event. This event lasts through September 6, 2013. Visit this forum often to view responses to your questions and the questions of other community members.

Hi Ali,
We currently have a two-node deployment running 1.1.3.124, as depicted in diagram:
http://www.cisco.com/en/US/docs/security/ise/1.2/upgrade_guide/b_ise_upgrade_guide_chapter_010.html#ID89
Question 1:
After step 1 is done, node B becomes the new primary node.
What's the license impact at that stage, when the license is mainly tied to node A, the previous primary PAN?
Step 3 says to obtain a new license that's tied to both node A & node B, as if it's implying an issue would arise, if we leave node B as the primary PAN, instead of reverting back to node A.
=========
Question 2:
When step 1 is completed, node B runs 1.2, while node A runs 1.1.3.124.
Do both nodes still function as PSN nodes, and can service end users at that point? (before we proceed to step 2)
Both nodes are behind our ACE load balancer, and I'm trying to confirm the behavior during the upgrade, to determine when to take each node out of the load balancing serverfarm, to keep the service up and avoid an outage.
===========
Question 3:
According to the upgrade guide, we're supposed to perform a config backup from PAN & MnT nodes.
Is the config backup used only when we need to rollback from 1.2 to 1.1.3, or can it be used to restore config on 1.2?
It also says to record customizations & alert settings because after the upgrade to 1.2, these settings would change, and we would need to re-configure them.
Is this correct? That's a lot of screen shots we'll need to take; is there any way to avoid this?
It says: "
Disable services such as Guest, Profiler, Device Onboarding, and so on before upgrade and enable them after upgrade. Otherwise, you must add the guest users who are lost, and devices must be profiled and onboarded again."
Exactly how do you disable services? Disable all the authorization policies?
http://www.cisco.com/en/US/docs/security/ise/1.2/upgrade_guide/b_ise_upgrade_guide_chapter_01.html#reference_4EFE5E15B9854A648C9EF18D492B9105
==================
Question 4:
The 1.1 user guide says the maximum number of nodes in a node group was 4.
The 1.2 guide now says the maximum is 10.
Is there a hard limit on how many nodes can be in a node group?
We currently don't use node group, due to the lack of multicast support on the ACE-20.
Is it a big deal not to have one?
http://www.cisco.com/en/US/customer/docs/security/ise/1.2/user_guide/ise_dis_deploy.html#wp1230118
thanks,
Kevin

Cisco Identity Service Engine (ISE) (CSCup22534)--bug information

I can see this bug information, can you please help?
Cisco Identity Service Engine (ISE) (CSCup22534)

Backup Data Type
Cisco ISE allows you to back up data from the primary or standalone Administration node and from the Monitoring node. Backup can be done from the CLI or user interface.
Cisco ISE allows you to back up the following type of data:
Configuration data—Contains both application-specific and Cisco ADE operating system configuration data.
Operational Data—Contains monitoring and troubleshooting data.
Restore operation, can be performed with the backup files of previous versions of Cisco ISE and restored on a later version. For example, if you have a backup from an ISE node from Cisco ISE, Release 1.2, you can restore it on Cisco ISE, Release 1.3.
http://www.cisco.com/c/en/us/td/docs/security/ise/1-3/admin_guide/b_ise_admin_guide_13/b_ise_admin_guide_sample_chapter_01100.html#reference_4F69987D3294499E95C1B652C4D1E73D

Identity Service Engine (ISE) Admin Access

Is it possible to authenticate the ISE administrator via an external Radius Server? The option I find is that it will not work,
The manual reads:
In Cisco ISE, you can authenticate administrators via an external identity store such as Active Directory, LDAP, or RSA SecureID. There are two models you can use to provide authentication via an external identity store:
Is this the case ?

Sure you can!
Make sure you have the RADIUS server added to the ISE (Administration > Identity Management > External Identity Sources Select RADIUS Token from the left menu).
Then head over to Administration > System > Admin Access. Change the * Identity Source to your RADIUS Server and click Save
Log out and you will see an new entry on the log in screen. Click the dropdown for Identity Source and choose your RADIUS Server. If this connection gets dropped for any reason, you can always log in using the internal identity source as a fallback.
Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question. Otherwise, feel free to post follow-up questions.
Charles Moreton

Taking Backup of Cisco Identity Service Engine (ISE)

Hello
I would like to know about taking backup of Cisco ISE.
What are the things I can take backup of ?
Thanks

Backup Data Type
Cisco ISE allows you to back up data from the primary or standalone Administration node and from the Monitoring node. Backup can be done from the CLI or user interface.
Cisco ISE allows you to back up the following type of data:
Configuration data—Contains both application-specific and Cisco ADE operating system configuration data.
Operational Data—Contains monitoring and troubleshooting data.
Restore operation, can be performed with the backup files of previous versions of Cisco ISE and restored on a later version. For example, if you have a backup from an ISE node from Cisco ISE, Release 1.2, you can restore it on Cisco ISE, Release 1.3.
http://www.cisco.com/c/en/us/td/docs/security/ise/1-3/admin_guide/b_ise_admin_guide_13/b_ise_admin_guide_sample_chapter_01100.html#reference_4F69987D3294499E95C1B652C4D1E73D

Ask the Expert: Identity Services Engine - 802.1x, Identity Management and BYOD

Welcome to this Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about Cisco Identity Service Engine (ISE) with subject matter expert Nicolas Darchis.
Cisco Identity Service Engine is a security policy management and control platform that automates and simplifies access control and security compliance for wired, wireless, and VPN connectivity. It is primarily used to provide secure access and guest access, support BYOD initiatives, and enforce usage policies in conjunction with Cisco TrustSec.
Nicolas Darchis is a wireless and authentication, authorization, and accounting expert for the Technical Assistance Center at Cisco Europe. He has been troubleshooting wireless networks, wireless management tools, and security products, including Cisco Secure Access Control Server, since 2007. He also focuses on filing technical and documentation bugs. Darchis holds a bachelor's degree in computer networking from the Haute Ecole Rennequin Sualem and a master's degree in computer science from the University of Liege. He also holds CCIE Wireless certification (no. 25344).
Remember to use the rating system to let Nicolas know if you have received an adequate response.
Because of the volume expected during this event, our expert might not be able to answer every question. Remember that you can continue the conversation in the Security community under subcommunity AAA, Identity, and NAC shortly after the event. This event lasts through June 20, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

Hi.
1) It is not "ISE loses the credentials and asks for web portal again". Once a user is authenticated, it is authenticated as long as it stays connected. Possibilities are :
-You are returning a session timeout (attribute radius 27) in the authz profile of the user. Therefore user has to reauthenticate after X seconds. But you would see a pattern, then.
-Over wireless, many clients are not capable of doing fast roaming (smartphones is the biggest example) and will therefore reauthenticate with dot1x everytime they roam. A small coverage hole would be enough for the cached credentials to disappear and web portal to show up again
-Over wired, this cannot really occur but the idea is that it's probably the switch resetting the connection and contacting ISE again. The idea to troubleshoot this is to monitor the access device (WLC/switch) and check if the port goes up/down, if the MAB session gets reset or something and why.
2) The captive bypass issue is that Apple devices will probe apple.com website to check if there is internet connectivity. If they can reach it, then fine, if they sense that they are redirected, they open a small window pop up with the login portal. The problem (and I still cannot understand why) is that this is not Safari, it's some nameless feature-less browser that doesn't work properly.
By enabling the captive bypass feature, the WLC intercepts the requests to the Apple testpage and replies with HTTP OK. The apple device then thinks "ok I have internet connectivity" and it's up to the user to bring up a real browser to login to the portal page.
It therefore does not affect non-Apple device to have the feature enabled.
The problem is that in IOS 7.x, Apple decided to not just use Apple.com anymore but a whole list of testpages on different websites.
3) "whether it would solve the issue if I added certificate authentication as a secondary option, with eap-tls as the primary"
=> This is disturbing because EAP-TLS is a certificate authentication method. But ISE message seems to imply that the user is hitting an authnetication rule that only provides PEAP or EAP-FAST with mschap or something similar ...
If you have the windows default supplicant you have close to no control on what the client will submit. I can imagine that moving from wired to wireless, the laptop would sometimes try to send password instead of certificate and/or vice-versa. Anyconnect with fixed network profiles would solve the problem elegantly.
I cannot comment on your auth policies as I do not know them :-)
Regards,
Nicolas

Ask the Expert: BYOD with Identity Services Engine

with Cisco Expert Bernardo Gaspar
Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about Identity Services Engine (ISE) and its various usage scenarios and integrations such as BYOD, Active Directory, profiling, posture and radius authentication with Cisco subject matter expert Bernardo Gaspar.
Bernardo Gaspar is Customer Support Engineer at the Technical Assistance Center at Cisco Europe especialized in wireless and authentication, authorization, and accounting (AAA). He has been troubleshooting wireless networks, wireless management tools, and security products, including Cisco Secure Access Control Server, NAC and Identity Services Engine as part of the escalation TAC team since 2007. He also focuses on filing technical and documentation bugs. Bernardo Gaspar holds a degree from the University of Porto.
Remember to use the rating system to let Bernardo know if you have received an adequate response.
Bernardo might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Security sub-community, AAA, Identity and NAC discussion forum shortly after the event.
This event last through Friday July 12, 2013. Visit the community often to view responses to youe questions of other community members.

My customer is limited in his VM space. Although he would like to have a active/standby for his administration node, he doesn't need this for his logging. Is it recommended to roll this in production. With a limited HDD space, what would be the recommended space (300 GB?)
administration
monitoring
policy service
Machine VM
primary
Not enabled
enabled
Machine HW
secondary
primary
enabled

Ask the Expert: BYOD with Identity Services Engine with Cisco Expert Bern

Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about Identity Services Engine (ISE) and its various use scenarios and integrations such as BYOD, Active Directory, profiling, posture and radius authentication with Cisco subject matter expert Bernardo Gaspar.
Bernardo Gaspar is Customer Support Engineer at the Technical Assistance Center at Cisco Europe especialized in wireless and authentication, authorization, and accounting (AAA). He has been troubleshooting wireless networks, wireless management tools, and security products, including Cisco Secure Access Control Server, NAC and Identity Services Engine as part of the escalation TAC team since 2007. He also focuses on filing technical and documentation bugs. Bernardo Gaspar holds a degree from the University of Porto.
Remember to use the rating system to let Bernardo know if you have received an adequate response.
Bernardo might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Security sub-community, AAA, Identity and NAC discussion forum shortly after the event.
This event last through Friday July 12, 2013. Visit the community often to view responses to youe questions of other community members.
Posted by WebUser Krishnakant Dixit from Cisco Support Community App

Feedback will be highly appreciated
Posted by WebUser Krishnakant Dixit from Cisco Support Community App

ISE(identity services engine) Compatability with 4400 Controllers

We have mixture of wireless controllers in our environment consisting of Cisco 4400 and 5500 series wireless controllers. We are in the early stages of piloting Cisco's Identity Services Engine. I am trying to get clarification if it is fully compatible with 4400 series controllers running on 7.0.116 code, or do you have to use 5500 series on 7.2? Can someone please clarify this. Thanks.

HI,
Here is the network compatibility guide for ISE - http://www.cisco.com/en/US/docs/security/ise/1.1/compatibility/ise_sdt.html#wp55038
There are some new features (i.e. device registration web authentication) that I find very useful when you want to incorporate device registration without redirecting users to a login page, this is not supported on the 4400s since they can't run Radius NAC in mac filtering mode (i.e. fixed in 7.2). I do feel that there is a bug in this document because I have seen CWA work on the 7.0 code.
I hope this helps,
Tarik Admani

 Cisco Identity Services Engine VM (eDelivery) - Part # L-ISE-VM-K9=

Hello,
I would like to know, if the following will run on Microsoft Hyper V. (Windows 2008 R2)
Cisco Identity Services Engine VM (eDelivery) - Part # L-ISE-VM-K9=
Thank you and best regards

Hello,
I would like to know, if the following will run on Microsoft Hyper V. (Windows 2008 R2)
Cisco Identity Services Engine VM (eDelivery) - Part # L-ISE-VM-K9=
Thank you and best regards

The trial period for this product has expired or Secure Store Shared Service is not supported for this SKU - SharePoint Foundation 2013

After sucessfulling installing the SharePoint Foundation 2013, when i try to access the Secure Stored Service Application i get the below error
11/16/2012 18:13:02.84 w3wp.exe (0x1774)                       0x15E8 Secure Store Service
Secure Store                  g0n6 High    The trial period for this product has expired or this feature is not supported in this SKU. b3b6e19b-7de2-e016-ad32-0fc975829ef0
11/16/2012 18:13:02.84 w3wp.exe (0x1774)                       0x15E8 SharePoint Foundation
General                       8nca Medium Application error when access /_admin/sssvc/ManageSSSvcApplication.aspx, Error=The
trial period for this product has expired or Secure Store Shared Service is not supported for this SKU.   at Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplicationProxy.Execute[T](String operationName, Boolean validateCanary, ExecuteDelegate`1
operation)     at Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplicationProxy.IsMasterSecretKeyPopulated()     at Microsoft.Office.SharePoint.ClientExtensions.SecureStoreAdministration.SSSAdminHelper.EnsurePrerequisite(SecureStoreServiceApplicationProxy
proxy, String& errorMessage)     at Microsoft.Office.SharePoint.ClientExtensions.SecureStoreAdministration.ManageSSSvcApplication.InitializeGridView()     at Microsoft.Office.SharePoi... b3b6e19b-7de2-e016-ad32-0fc975829ef0
11/16/2012 18:13:02.84* w3wp.exe (0x1774)                       0x15E8 SharePoint Foundation
General                       8nca Medium ...nt.ClientExtensions.SecureStoreAdministration.ManageSSSvcApplication.OnLoad(EventArgs
e)     at System.Web.UI.Control.LoadRecursive()     at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) b3b6e19b-7de2-e016-ad32-0fc975829ef0
11/16/2012 18:13:02.84 w3wp.exe (0x1774)                       0x15E8 SharePoint Foundation
Runtime                       tkau Unexpected Microsoft.Office.Server.ProductExpiredException: The trial period for this product
has expired or Secure Store Shared Service is not supported for this SKU.    at Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplicationProxy.Execute[T](String operationName, Boolean validateCanary, ExecuteDelegate`1 operation)
at Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplicationProxy.IsMasterSecretKeyPopulated()     at Microsoft.Office.SharePoint.ClientExtensions.SecureStoreAdministration.SSSAdminHelper.EnsurePrerequisite(SecureStoreServiceApplicationProxy
proxy, String& errorMessage)     at Microsoft.Office.SharePoint.ClientExtensions.SecureStoreAdministration.ManageSSSvcApplication.InitializeGridView()     at Microsoft.Office.SharePoint.ClientExtensions.SecureSto... b3b6e19b-7de2-e016-ad32-0fc975829ef0
11/16/2012 18:13:02.84* w3wp.exe (0x1774)                       0x15E8 SharePoint Foundation
Runtime                       tkau Unexpected ...reAdministration.ManageSSSvcApplication.OnLoad(EventArgs e)
at System.Web.UI.Control.LoadRecursive()     at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) b3b6e19b-7de2-e016-ad32-0fc975829ef0
11/16/2012 18:13:02.84 w3wp.exe (0x1774)                       0x15E8 SharePoint Foundation
General                       ajlz0 High    Getting Error Message for Exception System.Web.HttpUnhandledException
(0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> Microsoft.Office.Server.ProductExpiredException: The trial period for this product has expired or Secure Store Shared Service is not supported for this SKU.
at Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplicationProxy.Execute[T](String operationName, Boolean validateCanary, ExecuteDelegate`1 operation)     at Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplicationProxy.IsMasterSecretKeyPopulated()
at Microsoft.Office.SharePoint.ClientExtensions.SecureStoreAdministration.SSSAdminHelper.EnsurePrerequisite(SecureStoreServiceApplicationProxy proxy, String& errorMessage)     at Microsoft.Office.Sha... b3b6e19b-7de2-e016-ad32-0fc975829ef0
11/16/2012 18:13:02.84* w3wp.exe (0x1774)                       0x15E8 SharePoint Foundation
General                       ajlz0 High    ...rePoint.ClientExtensions.SecureStoreAdministration.ManageSSSvcApplication.InitializeGridView()
at Microsoft.Office.SharePoint.ClientExtensions.SecureStoreAdministration.ManageSSSvcApplication.OnLoad(EventArgs e)     at System.Web.UI.Control.LoadRecursive()     at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint,
Boolean includeStagesAfterAsyncPoint)     at System.Web.UI.Page.HandleError(Exception e)     at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)     at System.Web.UI.Page.ProcessRequest()     at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Htt... b3b6e19b-7de2-e016-ad32-0fc975829ef0
11/16/2012 18:13:02.84* w3wp.exe (0x1774)                       0x15E8 SharePoint Foundation
General                       ajlz0 High    ...pApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) b3b6e19b-7de2-e016-ad32-0fc975829ef0
11/16/2012 18:13:02.86 w3wp.exe (0x1774)                       0x15E8 SharePoint Foundation
General                       aat87 Monitorable b3b6e19b-7de2-e016-ad32-0fc975829ef0
Is it a bug or any issue in configuration?
Raghavendra Shanbhag | Blog: http://moss-solutions.blogspot.com
Please click "Propose As Answer " if a post solves your problem or "Vote As Helpful" if a post has been useful to you.
Disclaimer: This posting is provided "AS IS" with no warranties.

Hello
something should be related wuith this service, take a llok at my visual studio output whne I try to deplay and autohosted sharepoint app: (anyone can help)
1>------ Build started: Project: MySharePointAppWeb, Configuration: Debug Any CPU ------
1> MySharePointAppWeb -> C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\bin\MySharePointAppWeb.dll
2>------ Build started: Project: MySharePointApp, Configuration: Debug Any CPU ------
2>C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\Web.Debug.config(34,4): warning : No element in the source document matches '/configuration/connectionStrings'
2> Transformed Web.config using C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\Web.Debug.config into obj\Debug\TransformWebConfig\transformed\Web.config.
2> Auto ConnectionString Transformed obj\Debug\TransformWebConfig\transformed\Web.config into obj\Debug\CSAutoParameterize\transformed\Web.config.
2> Copying all files to temporary location below for package/publish:
2> obj\Debug\Package\PackageTmp.
2> Packaging into C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointApp\obj\WebDeploy\MySharePointApp.Web.zip.
2> Adding sitemanifest (sitemanifest).
2> Adding IIS Application (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp)
2> Creating application (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp)
2> Adding virtual path (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp)
2> Adding directory (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp).
2> Adding directory (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp\bin).
2> Adding directory (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp\bin\en).
2> Adding file (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp\bin\en\Microsoft.IdentityModel.resources.dll).
2> Adding file (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp\bin\Microsoft.IdentityModel.dll).
2> Adding file (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp\bin\Microsoft.IdentityModel.Extensions.dll).
2> Adding file (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp\bin\Microsoft.SharePoint.Client.dll).
2> Adding file (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp\bin\Microsoft.SharePoint.Client.Runtime.dll).
2> Adding file (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp\bin\MySharePointAppWeb.dll).
2> Adding file (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp\bin\MySharePointAppWeb.pdb).
2> Adding file (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp\packages.config).
2> Adding directory (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp\Pages).
2> Adding file (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp\Pages\Default.aspx).
2> Adding directory (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp\Scripts).
2> Adding file (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp\Scripts\jquery-1.7.1.js).
2> Adding file (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp\Scripts\jquery-1.7.1.min.js).
2> Adding file (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp\Scripts\_references.js).
2> Adding file (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp\Web.config).
2> Adding ACL's for path (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp)
2> Adding ACL's for path (C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointAppWeb\obj\Debug\Package\PackageTmp)
2> Adding declared parameter 'IIS Web Application Name'.
2> Package "MySharePointApp.Web.zip" is successfully created as single file at the following location:
2> file:///C:/_works/visual%20studio%202012/Projects/MySharePointApp/MySharePointApp/obj/WebDeploy
2> To get the instructions on how to deploy the web package please visit the following link:
2> http://go.microsoft.com/fwlink/?LinkId=124618
2> Sample script for deploying this package is generated at the following location:
2> C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointApp\obj\WebDeploy\MySharePointApp.Web.deploy.cmd
2> For this sample script, you can change the deploy parameters by changing the following file:
2> C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointApp\obj\WebDeploy\MySharePointApp.Web.SetParameters.xml
2> Successfully created package at: C:\_works\visual studio 2012\Projects\MySharePointApp\MySharePointApp\bin\Debug\app.publish\1.0.0.0\MySharePointApp.app
3>------ Deploy started: Project: MySharePointApp, Configuration: Debug Any CPU ------
3>Active Deployment Configuration: Deploy App for SharePoint
3>Uninstall app for SharePoint:
3> Skipping the uninstall step because the app for SharePoint is not installed on the server.
3>Install app for SharePoint:
3> Uploading the app for SharePoint...
3> Creating a trusted root authority in SharePoint for IIS Express.
3> Installation is in progress (00:00:00)
3> Installation is in progress (00:00:01)
3> Installation is in progress (00:00:02)
3> Installation is in progress (00:00:03)
3> Installation is in progress (00:00:05)
3> Installation is in progress (00:00:06)
3> App failed to install, cleaning up...
3> App installation cleanup failed due to errors. Please see the app on the SharePoint site’s “Site Contents” page for details.
3> App installation encountered the following errors:
3>
3> @"Error 1
3>        CorrelationId: ceeeafab-3834-40ea-b360-c29d103e2248
3>        ErrorDetail: The remote hosting service is not configured.
3>        ErrorType: Configuration
3>        ErrorTypeName: Configuration
3>        ExceptionMessage: The trial period for this product has expired or Secure Store Shared Service is not supported for this SKU.
3>        Source: RemoteWebSite
3>        SourceName: Remote Web Site Deployment
3>
3> @"Error 2
3>        CorrelationId: ceeeafab-3834-40ea-b360-c29d103e2248
3>        ErrorDetail: The remote hosting service is not configured.
3>        ErrorType: Configuration
3>        ErrorTypeName: Configuration
3>        ExceptionMessage: The trial period for this product has expired or Secure Store Shared Service is not supported for this SKU.
3>        Source: RemoteWebSite
3>        SourceName: Remote Web Site Deployment
3>Error occurred in deployment step 'Install app for SharePoint': Failed to install app for SharePoint. Please see the output window for details.
========== Build: 2 succeeded, 0 failed, 0 up-to-date, 0 skipped ==========
========== Deploy: 0 succeeded, 1 failed, 0 skipped ==========

Not Working-central web-authentication with a switch and Identity Service Engine

on the followup the document "Configuration example : central web-authentication with a switch and Identity Service Engine" by Nicolas Darchis, since the redirection on the switch is not working, i'm asking for your help...
I'm using ISE Version : 1.0.4.573 and WS-C2960-24PC-L w/software 12.2(55)SE1 and image C2960-LANBASEK9-M for the access.
The interface configuration looks like this:
interface FastEthernet0/24
switchport access vlan 6
switchport mode access
switchport voice vlan 20
ip access-group webauth in
authentication event fail action next-method
authentication event server dead action authorize
authentication event server alive action reinitialize
authentication order mab
authentication priority mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication violation restrict
mab
spanning-tree portfast
end
The ACL's
Extended IP access list webauth
    10 permit ip any any
Extended IP access list redirect
    10 deny ip any host 172.22.2.38
    20 permit tcp any any eq www
    30 permit tcp any any eq 443
The ISE side configuration I follow it step by step...
When I conect the XP client, e see the following Autenthication session...
swlx0x0x#show authentication sessions interface fastEthernet 0/24
           Interface: FastEthernet0/24
          MAC Address: 0015.c549.5c99
           IP Address: 172.22.3.184
            User-Name: 00-15-C5-49-5C-99
               Status: Authz Success
               Domain: DATA
       Oper host mode: single-host
     Oper control dir: both
        Authorized By: Authentication Server
           Vlan Group: N/A
     URL Redirect ACL: redirect
         URL Redirect: https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
      Session timeout: N/A
         Idle timeout: N/A
    Common Session ID: AC16011F000000490AC1A9E2
      Acct Session ID: 0x00000077
               Handle: 0xB7000049
Runnable methods list:
       Method   State
       mab      Authc Success
But there is no redirection, and I get the the following message on switch console:
756005: Mar 28 11:40:30: epm-redirect:IP=172.22.3.184: No redirection policy for this host
756006: Mar 28 11:40:30: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_qualify ...
I have to mention I'm using an http proxy on port 8080...
Any Ideas on what is going wrong?
Regards
Nuno

OK, so I upgraded the IOS to version
SW Version: 12.2(55)SE5, SW Image: C2960-LANBASEK9-M
I tweak with ACL's to the following:
Extended IP access list redirect
    10 permit ip any any (13 matches)
and created a DACL that is downloaded along with the authentication
Extended IP access list xACSACLx-IP-redirect-4f743d58 (per-user)
    10 permit ip any any
I can see the epm session
swlx0x0x#show epm session ip 172.22.3.74
     Admission feature: DOT1X
     ACS ACL: xACSACLx-IP-redirect-4f743d58
     URL Redirect ACL: redirect
     URL Redirect: https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
And authentication
swlx0x0x#show authentication sessions interface fastEthernet 0/24
     Interface: FastEthernet0/24
     MAC Address: 0015.c549.5c99
     IP Address: 172.22.3.74
     User-Name: 00-15-C5-49-5C-99
     Status: Authz Success
     Domain: DATA
     Oper host mode: multi-auth
     Oper control dir: both
     Authorized By: Authentication Server
     Vlan Group: N/A
     ACS ACL: xACSACLx-IP-redirect-4f743d58
     URL Redirect ACL: redirect
     URL Redirect: https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
     Session timeout: N/A
     Idle timeout: N/A
     Common Session ID: AC16011F000000160042BD98
     Acct Session ID: 0x0000001B
     Handle: 0x90000016
     Runnable methods list:
     Method   State
     mab      Authc Success
on the logging, I get the following messages...
017857: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_qualify ...
017858: Mar 29 11:27:04: epm-redirect:epm_redirect_cache_gen_hash: IP=172.22.3.74 Hash=271
017859: Mar 29 11:27:04: epm-redirect:IP=172.22.3.74: CacheEntryGet Success
017860: Mar 29 11:27:04: epm-redirect:IP=172.22.3.74: Ingress packet on [idb= FastEthernet0/24] matched with [acl=redirect]
017861: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: Enqueue the packet with if_input=FastEthernet0/24
017862: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_process ...
017863: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: Not an HTTP(s) packet
What I'm I missing?

Identity Services Engine 1.1.4: REPLICATION DISABLED

Hey, guys.
Has anyone accountered the problem, that replication between ISE nodes stops after an unpredictable timeframe ???
This is the result after one day:
I have set up a distributed deployment of ISE nodes, seven in total, split up into two nodes for each service (monitoring, administration, policy and profiling).
Each of the nodes is running in an ESX 5.x environment, ESX itself is running on two hosts (two UCS with lots of ram and CPUs), each node has 8 virtual CPUs and 16GB ram, the virtual harddisks are 750GB and on some nodes even 2000GB .....
This is a testing environment, radius accounting data is sent to the ISEs by a small number of switches only (but production switches, so that I can see profiling of our real clients), no authentication or authorization is done by the ISEs (yet).
Profiling is configured in the following way:
- a single node receives the HTTP probe (via a spanned port of our proxy server) on gig 1 (box does nothing else)
- two nodes listen to the DHCP, DNS, RADIUS and SNMP probes, these two nodes have the policy service enabled also (but do nothing with it)
All nodes run the same version of ISE:
Cisco Application Deployment Engine OS Release: 2.0
ADE-OS Build Version: 2.0.4.120
ADE-OS System Architecture: i386
Copyright (c) 2005-2011 by Cisco Systems, Inc.
All rights reserved.
Hostname: ise-worf
Version information of installed applications
Cisco Identity Services Engine
Version      : 1.1.4.218
Build Date   : Wed Apr 10 22:20:22 2013
Install Date : Fri May 3 19:16:05 2013
Cisco Identity Services Engine Patch
Version      : 1
Install Date : Wed May 29 08:16:58 2013
The database on this deployment contains about 5100 clients at this time:
which is very little compared with the number of the rest of the endpoints that are connected to all the switches that do not send radius-accounting to the ISE deployment yet ....
Anyone has a solution or a clue what to do ???
In this state, ISE seems not capable to handle enterprise environments ....
Btw, backups of the database do not work either, when you have more than 50% diskspace occupied ......
Rgs
Frank

Hey, guys.
Here is a little update, repication is still disabled, but it seems to be getting even worse:
This happens when trying to connect via SSH AND via the vCenter Console window ......
A reboot of the box enabled ssh again, but the application cannot be started again ...
Disk full .... but full with what ???
Replication is disabled, so no new database entries etc. can make the db grow, I guess .. ??
The virtual disk that has been assigned to this vm is the largest size, that vmware can handle:
The only thing I can do now, is to reimage the machine (again).
Sadly, I do not expect things to be any different with the new installed ise, because I have done this three times before already...
At this point I feel the urgent need to throw this whole project onto the dumpster and take another look at ISE when version 3.0 is released, because in this state it is not enterprise scalable software ....
Rgs
Frank

Selective XML Index feature is not supported for the current database version , SQL Server Extended Events , Optimizing Reading from XML column datatype

Team , Thanks for looking into this ..
As a last resort on optimizing my stored procedure ( Below ) i wanted to create a Selective XML index ( Normal XML indexes doesn't seem to be improving performance as needed ) but i keep getting this error within my stored proc . Selective XML
Index feature is not supported for the current database version.. How ever
EXECUTE sys.sp_db_selective_xml_index; return 1 , stating Selective XML Indexes are enabled on my current database .
Is there ANY alternative way i can optimize below stored proc ?
Thanks in advance for your response(s) !
/****** Object: StoredProcedure [dbo].[MN_Process_DDLSchema_Changes] Script Date: 3/11/2015 3:10:42 PM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
-- EXEC [dbo].[MN_Process_DDLSchema_Changes]
ALTER PROCEDURE [dbo].[MN_Process_DDLSchema_Changes]
AS
BEGIN
SET NOCOUNT ON --Does'nt have impact ( May be this wont on SQL Server Extended events session's being created on Server(s) , DB's )
SET TRANSACTION ISOLATION LEVEL READ UNCOMMITTED
select getdate() as getdate_0
DECLARE @XML XML , @Prev_Insertion_time DATETIME
-- Staging Previous Load time for filtering purpose ( Performance optimize while on insert )
SET @Prev_Insertion_time = (SELECT MAX(EE_Time_Stamp) FROM dbo.MN_DDLSchema_Changes_log ) -- Perf Optimize
-- PRINT '1'
CREATE TABLE #Temp
EventName VARCHAR(100),
Time_Stamp_EE DATETIME,
ObjectName VARCHAR(100),
ObjectType VARCHAR(100),
DbName VARCHAR(100),
ddl_Phase VARCHAR(50),
ClientAppName VARCHAR(2000),
ClientHostName VARCHAR(100),
server_instance_name VARCHAR(100),
ServerPrincipalName VARCHAR(100),
nt_username varchar(100),
SqlText NVARCHAR(MAX)
CREATE TABLE #XML_Hold
ID INT NOT NULL IDENTITY(1,1) PRIMARY KEY , -- PK necessity for Indexing on XML Col
BufferXml XML
select getdate() as getdate_01
INSERT INTO #XML_Hold (BufferXml)
SELECT
CAST(target_data AS XML) AS BufferXml -- Buffer Storage from SQL Extended Event(s) , Looks like there is a limitation with xml size ?? Need to re-search .
FROM sys.dm_xe_session_targets xet
INNER JOIN sys.dm_xe_sessions xes
ON xes.address = xet.event_session_address
WHERE xes.name = 'Capture DDL Schema Changes' --Ryelugu : 03/05/2015 Session being created withing SQL Server Extended Events
--RETURN
--SELECT * FROM #XML_Hold
select getdate() as getdate_1
-- 03/10/2015 RYelugu : Error while creating XML Index : Selective XML Index feature is not supported for the current database version
CREATE SELECTIVE XML INDEX SXI_TimeStamp ON #XML_Hold(BufferXml)
FOR
PathTimeStamp ='/RingBufferTarget/event/timestamp' AS XQUERY 'node()'
--RETURN
--CREATE PRIMARY XML INDEX [IX_XML_Hold] ON #XML_Hold(BufferXml) -- Ryelugu 03/09/2015 - Primary Index
--SELECT GETDATE() AS GETDATE_2
-- RYelugu 03/10/2015 -Creating secondary XML index doesnt make significant improvement at Query Optimizer , Instead creation takes more time , Only primary should be good here
--CREATE XML INDEX [IX_XML_Hold_values] ON #XML_Hold(BufferXml) -- Ryelugu 03/09/2015 - Primary Index , --There should exists a Primary for a secondary creation
--USING XML INDEX [IX_XML_Hold]
---- FOR VALUE
-- --FOR PROPERTY
-- FOR PATH
--SELECT GETDATE() AS GETDATE_3
--PRINT '2'
-- RETURN
SELECT GETDATE() GETDATE_3
INSERT INTO #Temp
EventName ,
Time_Stamp_EE ,
ObjectName ,
ObjectType,
DbName ,
ddl_Phase ,
ClientAppName ,
ClientHostName,
server_instance_name,
nt_username,
ServerPrincipalName ,
SqlText
SELECT
p.q.value('@name[1]','varchar(100)') AS eventname,
p.q.value('@timestamp[1]','datetime') AS timestampvalue,
p.q.value('(./data[@name="object_name"]/value)[1]','varchar(100)') AS objectname,
p.q.value('(./data[@name="object_type"]/text)[1]','varchar(100)') AS ObjectType,
p.q.value('(./action[@name="database_name"]/value)[1]','varchar(100)') AS databasename,
p.q.value('(./data[@name="ddl_phase"]/text)[1]','varchar(100)') AS ddl_phase,
p.q.value('(./action[@name="client_app_name"]/value)[1]','varchar(100)') AS clientappname,
p.q.value('(./action[@name="client_hostname"]/value)[1]','varchar(100)') AS clienthostname,
p.q.value('(./action[@name="server_instance_name"]/value)[1]','varchar(100)') AS server_instance_name,
p.q.value('(./action[@name="nt_username"]/value)[1]','varchar(100)') AS nt_username,
p.q.value('(./action[@name="server_principal_name"]/value)[1]','varchar(100)') AS serverprincipalname,
p.q.value('(./action[@name="sql_text"]/value)[1]','Nvarchar(max)') AS sqltext
FROM #XML_Hold
CROSS APPLY BufferXml.nodes('/RingBufferTarget/event')p(q)
WHERE -- Ryelugu 03/05/2015 - Perf Optimize - Filtering the Buffered XML so as not to lookup at previoulsy loaded records into stage table
p.q.value('@timestamp[1]','datetime') >= ISNULL(@Prev_Insertion_time ,p.q.value('@timestamp[1]','datetime'))
AND p.q.value('(./data[@name="ddl_phase"]/text)[1]','varchar(100)') ='Commit' --Ryelugu 03/06/2015 - Every Event records a begin version and a commit version into Buffer ( XML ) we need the committed version
AND p.q.value('(./data[@name="object_type"]/text)[1]','varchar(100)') <> 'STATISTICS' --Ryelugu 03/06/2015 - May be SQL Server Internally Creates Statistics for #Temp tables , we do not want Creation of STATISTICS Statement to be logged
AND p.q.value('(./data[@name="object_name"]/value)[1]','varchar(100)') NOT LIKE '%#%' -- Any stored proc which creates a temp table within it Extended Event does capture this creation statement SQL as well , we dont need it though
AND p.q.value('(./action[@name="client_app_name"]/value)[1]','varchar(100)') <> 'Replication Monitor' --Ryelugu : 03/09/2015 We do not want any records being caprutred by Replication Monitor ??
SELECT GETDATE() GETDATE_4
-- SELECT * FROM #TEMP
-- SELECT COUNT(*) FROM #TEMP
-- SELECT GETDATE()
-- RETURN
-- PRINT '3'
--RETURN
INSERT INTO [dbo].[MN_DDLSchema_Changes_log]
[UserName]
,[DbName]
,[ObjectName]
,[client_app_name]
,[ClientHostName]
,[ServerName]
,[SQL_TEXT]
,[EE_Time_Stamp]
,[Event_Name]
SELECT
CASE WHEN T.nt_username IS NULL OR LEN(T.nt_username) = 0 THEN t.ServerPrincipalName
ELSE T.nt_username
END
,T.DbName
,T.objectname
,T.clientappname
,t.ClientHostName
,T.server_instance_name
,T.sqltext
,T.Time_Stamp_EE
,T.eventname
FROM
#TEMP T
/** -- RYelugu 03/06/2015 - Filters are now being applied directly while retrieving records from BUFFER or on XML
-- Ryelugu 03/15/2015 - More filters are likely to be added on further testing
WHERE ddl_Phase ='Commit'
AND ObjectType <> 'STATISTICS' --Ryelugu 03/06/2015 - May be SQL Server Internally Creates Statistics for #Temp tables , we do not want Creation of STATISTICS Statement to be logged
AND ObjectName NOT LIKE '%#%' -- Any stored proc which creates a temp table within it Extended Event does capture this creation statement SQL as well , we dont need it though
AND T.Time_Stamp_EE >= @Prev_Insertion_time --Ryelugu 03/05/2015 - Performance Optimize
AND NOT EXISTS ( SELECT 1 FROM [dbo].[MN_DDLSchema_Changes_log] MN
WHERE MN.[ServerName] = T.server_instance_name -- Ryelugu Server Name needes to be added on to to xml ( Events in session )
AND MN.[DbName] = T.DbName
AND MN.[Event_Name] = T.EventName
AND MN.[ObjectName]= T.ObjectName
AND MN.[EE_Time_Stamp] = T.Time_Stamp_EE
AND MN.[SQL_TEXT] =T.SqlText -- Ryelugu 03/05/2015 This is a comparision Metric as well , But needs to decide on
-- Peformance Factor here , Will take advise from Lance if comparision on varchar(max) is a vital idea
--SELECT GETDATE()
--PRINT '4'
--RETURN
SELECT
top 100
[EE_Time_Stamp]
,[ServerName]
,[DbName]
,[Event_Name]
,[ObjectName]
,[UserName]
,[SQL_TEXT]
,[client_app_name]
,[Created_Date]
,[ClientHostName]
FROM
[dbo].[MN_DDLSchema_Changes_log]
ORDER BY [EE_Time_Stamp] desc
-- select getdate()
-- ** DELETE EVENTS after logging into Physical table
-- NEED TO Identify if this @XML can be updated into physical system table such that previously loaded events are left untoched
-- SET @XML.modify('delete /event/class/.[@timestamp="2015-03-06T13:01:19.020Z"]')
-- SELECT @XML
SELECT GETDATE() GETDATE_5
END
GO
Rajkumar Yelugu

@@Version : ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Microsoft SQL Server 2012 - 11.0.5058.0 (X64)
   May 14 2014 18:34:29
   Copyright (c) Microsoft Corporation
   Developer Edition (64-bit) on Windows NT 6.2 <X64> (Build 9200: ) (Hypervisor)
(1 row(s) affected)
Compatibility level is set to 110 .
One of the limitation states - XML columns with a depth of more than 128 nested nodes
How do i verify this ? Thanks .
Rajkumar Yelugu

Identity Services Engine (ISE) support for the WLC 2500

Similar Messages

Maybe you are looking for