Intergrating ACS with user database in windows DC

Similar Messages

• Primavera Expedition 8.5 standalone with Sybase database on windows 32 bits. We need to upgrade existing expedition to Oracle contract manager 13.1.

  Primavera Expedition 8.5 standalone with Sybase database on windows 32 bits. We need to upgrade existing expedition to Oracle contract manager 13.1.
       We are unable to upgrade Sybase database version from 8.5 to 10.0 before migration to oracle database. Please share the path and details of convert.exe we are unable to find in the oracle contract manager 13.1 binaries files.
  How To: Upgrade Expedition 8.5 Sybase databases to 10.x in preparation for upgrade to Contract Management 13 (Doc ID 914273.1)
  Regards,
  Amit

  The convert.exe to which the article refers is in the v13 setup files, and not in 13.1.

• PRIVILEGE LEVELS FOR ACS WITH AD DATABASE

  How do I configure two separate privilige levels for two groups. These groups exist in the AD database i.e. my ACS (Pri & Backup) are looking in AD for authentication.

  Hi ,
  If you are using TACACS ,
  Bring users/groups in at level needed
  1. Go to user or group setup in ACS
  2. Drop down to "TACACS+ Settings"
  3. Place a check in "Shell (Exec)"
  4. Place a check in "Privilege level" and enter " priv "(1 to 15) in the adjacent field
  If you are using RADIUS,
  aaa new-model
  aaa authentication login default group radius local
  aaa authorization exec default group radius local
  radius-server host X.X.X.X key XXXX
  Following is the configuration required in the Radius Server
  The AV pair in the ACS -->group setup--> IETF RADIUS Attributes
  [006] Service-Type = Login
  /* Following is for getting the user straight in privledge mode */ to set priv 15
  The AV pair in Cisco IOS/PIX RADIUS Attributes
  [009\001] cisco-av-pair = shell:priv-lvl=15
  For more information on above commands, please refer to the following link :-
  http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsec
  ur_c/fsaaa/index.htm
  Please try the above and let me know if this helps.
  Thanks

• Help please with User Accounts in Windows on X61 Tablet PC

  I kept getting the "Blue Screen of Death" and so I decided I would reformat the Hard Disk and reinstall everything. During the installation process, the User "Administrator" and my user account are both on the Welcome screen. Under User accounts, under "Administrator User" it says quote "The administrator account is only visible on the Welcome screen when no other user accounts exist (except the quest account), or when you start your computer in Safe Mode". This still is showing regardless that I have my name as a User and as administrator. Any help on getting this to not show would be great. I have a netbook with Windows XP and it just shows my name as a user and under user accounts just my name and guest. Thanks for the help.
  G

  You are right, can only have one open. You have to log out of a user before logging in to another user to use iTunes. Do not use the fast user switching ability of Windows.

• ACS External User Databases - Empty NT Group List

  I have a production ACS system that has multiple external NT domains for authenticating users.
  We are bringing up a new ADS domain that I need to authenticate against. We have created the trust. The domain shows up in the domain list. When I go to map a NT group to a ACS group, the NT group list is empty.
  The other domains show their NT groups.
  What is also noteworthy is that when I log into the ACS server desktop and try to the see the foreign domain groups via user manager, I get a "domain cannot be found". When the server admin logs in (he administers both domains), he get a list of the foreign groups in the user manager.
  What could be preventing ACS from see the groups in the external domain?
  Thanks for any assistance.
  Dan

  Hi,
  Try to set all ACS Services to "Log on As" using a domain admin account.
  Regards,
  Vivek

• Spamassasin and users database with sun java messaging server

  Does anybody has managed to deploy spam scanning using personal databases (bayesian filters databases), i mean using spamassasin with user databases.
  Thanks,
  Andr�s.

  Yea, i do the same thing, but i see that some people want to receive mail that other people don't want.
  Can i ask you another question? How do you deploy sa-learn?
  I use this scripts:
  learn_nospam.sh
  dir_nospam='/mail_store/*/*/*/\=no_spam/*/*.msg'
  for i in $dir_nospam
  do
  echo $i
  sa-learn no-sync ham $dir_nospam
  done
  sa-learn --sync
  learn_spam.sh
  dir_spam='/mail_store/*/*/*/\=spam/*/*.msg'
  for i in $dir_spam
  do
  echo $i
  sa-learn no-sync spam $dir_spam
  done
  sa-learn --sync
  That 's works but it too slow, do you know some other ways.
  Thank you very much,
  Andr�s.

• ACS with MySQL

  Hi, Is it possible to use ACS with mySQL database?
  regards
  Steffen

  Depends on what you mean.
  The ODBC Authenticator (that is authenticate users against an external ODBC datasource) should work fine with mySQL. There is a white paper I wrote still kicking about on CCO somewhere if you search for it.
  If you mean can you use mySQL for ACSs own internal database.. then no you cant.
  Darran

• ACS and Windows 2000 user database communication port

  Could my Windows 2000 SP4 + ACS v3.23 can install any new Windows 2000 service pack ?
  I'm affraid to infect ACS Service.
  So, I want to install firewall on this server to block malicious traffic.
  However, my ACS used external user database Windows 2000 for authentication.
  Who can tell me What protocols or port list they are communication?
  I have to avoid these traffic on my firewall.

  Hi cheng
  I think you can install any servie pack without problem and the SP4 is the latest one for WIN2000 and you server already has this SP
  For your second question you need to specify many protocols according to your active directory config in this link you can find a list of this protocols and the best way is to make debug or logging or use a siniffer to know the exactly protocols flow between your ACS and AD server
  http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/deploy/confeat/adrepfir.mspx
  Best Regards

• ACS user authenticating through Windows Database

  Hello,
  Please, i need a document/ guideline on how to configure ACS 4.2 user authenticating through Windows Database and the ACS server is running on an appliance.
  Please, help.
  Regards,
  Ethelbert

  Hi,
  If you delete the user in AD, then it would not authenticate the user even if the dynamic mapped user exists in the ACS database, as the password would not be verified from the AD for the user.
  The dynamically mapped user entry would still exist in ACS and would not get deleted if the user is deleted from AD.
  tnx
  somishra

• User in a windows group - mapping to acs group appears not be working

  I have a user in a windows group, this windows group is mapped to an ACS group but when the user logs in it appears as default group in ACS.
  Any suggestion?

  Hello, I recently implemented this very thing, actually integrated it with Authentication Proxy. Here are some settings to check:
  1. External User Databases - Database Configuration - Windows Database - Configure
  Make sure your domain is listed on moved to the Domain List section
  2. External User Databases - Database Group Mappings - Windows Database - - Add Manual Mapping
  Make sure you have the right AD group mapped to the internal ACS group, you can even set users* if you want to include all users.
  3. External User Databses - Unknown User Policy
  Check the "Check the following external user databases" radio dial and move Windows Database to Selected Databases
  Check “The database in which the user profile is held” radio dial in the Configure Enable Password Behaviour section
  Hope that helps!

• ACS 4.2.1.15 External User Database 'Authen DLL '

  Having CSACSE-1113-K9 with ACS 4.2.15.
  I want to confiure windows user database under extrenal user database but i get an error  (attached) 'An error has occured while processing the Authen DLL Configure pagebecasue an error occured....'
  External User Database----->database configuration --->Windows Database------>Configure.
  I tried to stop the services and start agian but the same issue.
  Th eappliance is secondary (backup) ACS. On the primary it is working fine.
  Any help would be appreciated.
  Regards,
  BJ

  Hi Abdul,
    Can you check if the remote agent on the windows server box is running the same 4.2.1.15 version as well.
  Like if  ACS -4.2.1.15   then make sure that remote agent is also 4.2.1.15
  or
  if ACS is running 4.2.1.15 patch 2 then remote agent should also be 4.2.1.15 patch 2
  Let me know if the version is same and if not then install the remote agent correctly and try again.

• ACS support Kerberos User Database?

  Hi,
  I've a customer currently having kerberos user database. I proposed to him to implement ACS to enable 802.1x on wireless client. Can ACS support or integrate with Kerberos User Database? If yes, any user guide which list out the steps on doing so?
  I searched through Cisco website but failed to find any info related to the integration of ACS with Kerberos User Database.
  Thank.
  Delon

  For network users who are authenticated by a Windows user database, Cisco Secure ACS supports user-changeable passwords upon password expiration. You can enable this feature in the MS-CHAP Settings and Windows EAP Settings tables on the Windows User Database Configuration page in the External User Databases section.

• Export User-Database between ACS-Server

  Hi everyone ,
  an ACS 2.3 is running under Unix with 3000 based user. The job is, to migrate the user-database to a new ACS-Server under Windows.
  On the unix-version 2.3 there is no way to export the database to external.
  The only way, i hope, is to mirror the old and the new server as redundant server and if the database is mirrored on both server, than the database is ready for export.
  Is this correct?
  Is there an other way?
  Thanks for your input.
  Ralf

  The migration should go to version 3.1 or 3.2 .
  Ralf

• Application server cannot log onto the database with user PS.

  Hello,
  First of all, my setup is:
  Microsoft Windows Server 2003
  Oracle database 10g Rel. 2
  Peopletools 8.49
  HRMS 9.0
  I am trying to boot the application server, but the operation fails with the error message:
  PSAPPSRV.5796 (0) [08/27/09 10:29:41](1) GenMessageBox(0, 0, M): Database Signon: Invalid user ID or password for database signon. (id=PS)
  I am able to sign on to the database with sqlplus and user PS.
  Here is my config settings as shown on the psadmin screen:
  Features Settings
  ========== ==========
  1) Pub/Sub Servers : No 15) DBNAME :[hrdmo]
  2) Quick Server : No 16) DBTYPE :[ORACLE]
  3) Query Servers : No 17) UserId :[PS]
  4) Jolt : Yes 18) UserPswd :[PS]
  5) Jolt Relay : No 19) DomainID :[TESTSERV]
  6) WSL : Yes 20) AddToPATH :[C:\oracle\product\10.2.0\database\bin]
  7) PC Debugger : No 21) ConnectID :[people]
  8) Event Notification: Yes 22) ConnectPswd:[peop1e]
  9) MCF Servers : No 23) ServerName :[appserver]
  10) Perf Collator : No 24) WSL Port :[7000]
  11) Analytic Servers : Yes 25) JSL Port :[9000]
  12) Domains Gateway : No 26) JRAD Port :[9100]
  Here is the appsrv.log:
  PSADMIN.2336 (0) [08/27/09 10:29:29](0) Begin boot attempt on domain hrdmo
  PSWATCHSRV.5480 (0) [08/27/09 10:29:38] Checking process status every 120 seconds
  PSWATCHSRV.5480 (0) [08/27/09 10:29:38] Server started
  PSAPPSRV.5796 (0) [08/27/09 10:29:40](0) PeopleTools Release 8.49 (WinX86) starting
  PSAPPSRV.5796 (0) [08/27/09 10:29:40](0) Cache Directory being used: C:\oracle\product\PT8.49\appserv\hrdmo\CACHE\PSAPPS
  RV_2\
  PSAPPSRV.5796 (0) [08/27/09 10:29:41](1) GenMessageBox(0, 0, M): Database Signon: Invalid user ID or password for databa
  se signon. (id=PS)
  PSAPPSRV.5796 (0) [08/27/09 10:29:41](0) Server failed to start
  PSWATCHSRV.5480 (0) [08/27/09 10:29:42] Shutting down
  PSADMIN.2336 (0) [08/27/09 10:29:48](0) End boot attempt on domain hrdmo
  As I said, despite the error message, I am able to log on to the database with sqlplus with user PS password PS.
  Could someone please help me with this problem? Thanks.

  I installed the database with the setup program and come to think of it, I don't think you can specify whether to create a system or demo database. So I probably didn't install a demo, which is what I wanted. I also ran the SQRs and everything showed the database was correct, so I thought I did it right.
  If I could install a demo with the setup program, I would do that because I think I could run through it pretty quickly having done it once. I've read in this forum and other places that it's much better to install the db manually, so maybe I'll just do that.
  In any case, thanks for all you help Nicolas.

• INS0009: Unable to connect to the database with user SYS

  Hi all,
  I'm trying to create an OWB repository with OWB repository assistant (10.2.0.2.) on a 10.2.0.1. database (windows XP platform). I get the following error every time I fill in the connect info for the SYS user:
  INS0009: Unable to connect to the database with user SYS. java.sql.SQLException: ORA-01017: invalid username/password; logon denied
  I can connect to the database (sqlplus sys/<password>@orcl as sysdba) and the OS user is in the ora_dba group. Also checked the database parameters remote_login_passwordfile (= EXCLUSIVE) and O7_DICTIONARY_ACCESSIBILITY=TRUE.
  Does anyone know what the problem is? Any help is appreciated.
  Regards,
  Quinten

  Ok I found the problem myself, I used the wrong sys password :-(. I thought the password I used to logon in sqlplus was right (sqlplus sys/<password>@orcl as sysdba) but the password doesn't matter when you logon as sysdba! So I altered the password for the user sys and now I can continue the steps of the repository assistant.
  Quinten