Is it possible that network access permission control in acs 5.1
Hello
We have ACS5.1, WLC 7.0 and using 802.1x to authentication users.
Anybody know how I can configure network access restriction with using internal user group information.
For example, under the same SSID(like that "test") , same VLAN ID.
But two different user group has a different network access permission.
One group has full permission and the other has a limit network access permission.
Is it possible?
The equivalent of a NAR would be ACS 5.1 returning an authorization profile after authentication. Just configure your authorization policy to return one profile for one group of user and the other profile for the others.
Now to restrict access to the network, I think you're best with an ACL ? So link ACLs to your profiles.
Nicolas
Similar Messages
-
Aaa network access limit user session
Hi, I'd like to limit a user to one authenticated session in aaa network access, with ASA and ACS.
Is tacacs+ accounting necessary ?
thank you in advance
RSI have never done it with Cisco ACS so I can not offer much support on this.
However, I've done it many times on Cisco Freeware TACACS+ and it is very easy.
1- in Cisco Freeware tacacs, include "max-session = 1" under either the user
profile or group file definition.
2- in the router itself, you need to enable "ip finger". This will allow the
TACACS+ server to querry the router everytime there is a new attempt to loggin.
If you already have a session to the router, TACACS+ server will see this and
reject a new session for that same user. If the login ID is different than what
is already connected to the router, it will then be accepted:
C7140#who
Line User Host(s) Idle Location
0 con 0 idle 11w2d
* 2 vty 0 cciesec idle 00:00:00 192.168.15.9
Interface User Mode Idle Peer Address
C7140#
Now if user "cciesec" tries to login again through another session, it will
be rejected by the TACACS server:
[root@LinuxES-lab1 root]# finger @192.168.15.1
Line User Host(s) Idle Location
0 con 0 idle 11w2d
2 vty 0 cciesec idle 00:04:00 192.168.15.9
* 3 vty 1 idle 00:00:00 192.168.128.100
Interface User Mode Idle Peer Address
[root@LinuxES-lab1 root]#
Easy right? -
trying to pair my iPhone (iOS 8.1) to the iMac (Yosemite) via bluetooth. The pairing won't work, and I keep getting a message on the iMac that network access needs to be set to allow the pairing---where do I enable the pairing in "network access"?
After more trying, I'm now able to get to the point where the access code for bluetooth pairing pops on the iMac, and also on my phone, but when I confirm the codes match on my iPhone, the iMac tells me that the connection cannot be made. Any suggestions?It doesn't need to be paired.
-
Query: Best practice SAN switch (network) access control rules?
Dear SAN experts,
Are there generic SAN (MDS) switch access control rules that should always be applied within the SAN environment?
I have a specific interest in network-based access control rules/CLI-commands with respect to traffic flowing through the switch rather than switch management traffic (controls for traffic flowing to the switch).
Presumably one would want to provide SAN switch demarcation between initiators and targets using VSAN, Zoning (and LUN Zoning for fine grained access control and defense in depth with storage device LUN masking), IP ACL, Read-Only Zone (or LUN).
In a LAN environment controlled by a (gateway) firewall, there are (best practice) generic firewall access control rules that should be instantiated regardless of enterprise network IP range, TCP services, topology etc.
For example, the blocking of malformed TCP flags or the blocking of inbound and outbound IP ranges outlined in RFC 3330 (and RFC 1918).
These firewall access control rules can be deployed regardless of the IP range or TCP service traffic used within the enterprise. Of course there are firewall access control rules that should also be implemented as best practice that require specific IP addresses and ports that suit the network in which they are deployed. For example, rate limiting as a DoS preventative, may require knowledge of server IP and port number of the hosted service that is being DoS protected.
So my question is, are there generic best practice SAN switch (network) access control rules that should also be instantiated?
regards,
Will.Hi William,
That's a pretty wide net you're casting there, but i'll do my best to give you some insight in the matter.
Speaking pure fibre channel, your only real way of controlling which nodes can access which other nodes is Zones.
for zones there are a few best practices:
* Default Zone: Don't use it. unless you're running Ficon.
* Single Initiator zones: One host, many storage targets. Don't put 2 initiators in one zone or they'll try logging into each other which at best will give you a performance hit, at worst will bring down your systems.
* Don't mix zoning types: You can zone on wwn, on port, and Cisco NX-OS will give you a plethora of other options, like on device alias or LUN Zoning. Don't use different types of these in one zone.
* Device alias zoning is definately recommended with Enhanced Zoning and Enhanced DA enabled, since it will make replacing hba's a heck of a lot less painful in your fabric.
* LUN zoning is being deprecated, so avoid. You can achieve the same effect on any modern array by doing lun masking.
* Read-Only exists, but again any modern array should be able to make a lun read-only.
* QoS on Zoning: Isn't really an ACL method, more of a congestion control.
VSANs are a way to separate your physical fabric into several logical fabrics. There's one huge distinction here with VLANs, that is that as a rule of thumb, you should put things that you want to talk to each other in the same VSANs. There's no such concept as a broadcast domain the way it exists in Ethernet in FC, so VSANs don't serve as isolation for that. Routing on Fibre Channel (IVR or Inter-VSAN Routing) is possible, but quickly becomes a pain if you use it a lot/structurally. Keep IVR for exceptions, use VSANs for logical units of hosts and storage that belong to each other. A good example would be to put each of 2 remote datacenters in their own VSAN, create a third VSAN for the ports on the array that provide replication between DC and use IVR to make management hosts have inband access to all arrays.
When using IVR, maintain a manual and minimal topology. IVR tends to become very complex very fast and auto topology isn't helping this.
Traditional IP acls (permit this proto to that dest on such a port and deny other combinations) are very rare on management interfaces, since they're usually connected to already separated segments. Same goes for Fibre Channel over IP links (that connect to ethernet interfaces in your storage switch).
They are quite logical to use and work just the same on an MDS as on a traditional Ethernetswitch when you want to use IP over FC (not to be confused with FC over IP). But then you'll logically use your switch as an L2/L3 device.
I'm personally not an IP guy, but here's a quite good guide to setting up IP services in a FC fabric:
http://www.cisco.com/en/US/partner/docs/switches/datacenter/mds9000/sw/4_1/configuration/guides/cli_4_1/ipsvc.html
To protect your san from devices that are 'slow-draining' and can cause congestion, I highly recommend enabling slow-drain policy monitors, as described in this document:
http://www.cisco.com/en/US/partner/docs/switches/datacenter/mds9000/sw/5_0/configuration/guides/int/nxos/intf.html#wp1743661
That's a very brief summary of the most important access-control-related Best Practices that come to mind. If any of this isn't clear to you or you require more detail, let me know. HTH! -
ORA-24247: network access denied by access control list (ACL) using FTP
What used to work on our 10g server now doesn't work on 11g. We recently migrated to a new server and this FTP download process is the only thing that is giving me problems.
I have tried using the IP Address and Domain name, opened up the ports 10 to 80 (just in case) and even tried FTPing to a local FTP site and cannot seem to get past the ORA-24247 error. At this point I am not sure what else to try. The FTP process worked great in 10g...
begin
dbms_network_acl_admin.create_acl (
acl => 'cwtoto_acl_file.xml',
description => 'FTP Access',
principal => 'CWT_OPERATOR',
is_grant => TRUE,
privilege => 'connect',
start_date => null,
end_date => null
dbms_network_acl_admin.add_privilege (
acl => 'cwtoto_acl_file.xml',
principal => 'CWT_OPERATOR',
is_grant => TRUE,
privilege => 'resolve',
start_date => null,
end_date => null
dbms_network_acl_admin.assign_acl (
acl => 'cwtoto_acl_file.xml',
host => '69.30.63.173',
lower_port => 10,
upper_port => 80
dbms_network_acl_admin.assign_acl (
acl => 'cwtoto_acl_file.xml',
host => 'ftp.rmpc.org',
lower_port => 10,
upper_port => 80
dbms_network_acl_admin.assign_acl (
acl => 'cwtoto_acl_file.xml',
host => 'ftp.taglab.org',
lower_port => 10,
upper_port => 80
dbms_network_acl_admin.assign_acl (
acl => 'cwtoto_acl_file.xml',
host => '146.63.252.61',
lower_port => 10,
upper_port => 80
commit;
end;
Edited by: tfrawley on Jan 20, 2011 10:23 AMSo, I have contacted support to fix my inability to login to Oracle Support. In the meantime I'll just run through this problem one more time:
I executed the following:
begin
dbms_network_acl_admin.create_acl (
acl => 'cwtoto_acl_file.xml',
description => 'FTP Access',
principal => 'CWT_OPERATOR',
is_grant => TRUE,
privilege => 'connect',
start_date => null,
end_date => null
dbms_network_acl_admin.assign_acl (
acl => 'cwtoto_acl_file.xml',
host => 'ftp.rmpc.org',
lower_port => 1,
upper_port => 1000
commit;
end;
This should give me an ACL xml file and permission for CWT_OPERATOR to connect to ftp.rmpc.org on ports 1 through 1000.
I can look and see if the creation was successful: SELECT host, lower_port, upper_port, acl FROM dba_network_acls t ;
HOST LOWER_PORT UPPER_PORT ACL
1 ftp.rmpc.org 1 1000 /sys/acls/cwtoto_acl_file.xml
Looks good right?
So I test it using the following:
DECLARE
l_conn UTL_TCP.connection;
BEGIN
l_conn := ftp.login('ftp.rmpc.org','21','[email protected]','anonymous');
ftp.logout( l_conn);
END;
And get the following errors:
ORA-24247: network access denied by access control list (ACL)
ORA-06512: at "SYS.UTL_TCP", line 17
ORA-06512: at "SYS.UTL_TCP", line 246
ORA-06512: at "SYSTEM.FTP", line 49
ORA-06512: at line 4
Has anyone else tried to use UTL_TCP and experienced a simliar issue? -
HR User, REST example - network access denied by access control list (ACL)
Hi,
I am new to APEX and am running the 'Oracle Developer Days' vm. I'm logged into APEX as the default HR/oracle account and I've been following the 'Creating and Using a RESTful Web Service in Application Express 4.2' training video, however when I try to retrieve information by entering a dept no. and clicking submit I get:
ORA-29273: HTTP request failed ORA-06512: at "SYS.UTL_HTTP", line 1130 ORA-24247: network access denied by access control list (ACL)
I've seen the following thread:
ORA-24247: network access denied by access control list (ACL)error-UTL_HTTP
and I've tried running the command:
GRANT EXECUTE ON SYS.UTL_HTTP TO HR;
but I'm not getting anywhere, presumably the HR user does not have permissions to access 'http://localhost:8888/apex/hr/employee_test'
Any help much appreciated, also if this is the wrong forum for this question please let me know.
Many ThanksHi,
Thank you for the link; I executed the first block of code to 'grant connect privileges to any host for the APEX_040200 database user' that did not work so I changed the user to HR within the code and re-executed and that seems to have done the trick. I guess the HR user is now in the power_users list/group?
Thanks again! -
APEX and ORA-24247: network access denied by access control list (ACL)
Hi,
I try to send email with APEX.
I have enter the parameters of my mail server and activate the email on my application.
I have follow the APEX installation guide and apply the script given in the "Granting Connect Privileges" section.
When I try to send email or make a subscription, I don't receive any email and can see this error in the table "WWV_FLOW_MAIL_LOG"
+"MAIL_TO","MAIL_FROM","MAIL_REPLYTO","MAIL_SUBJ","MAIL_CC","MAIL_BCC","MAIL_SEND_ERROR","LAST_UPDATED_BY","LAST_UPDATED_ON","SECURITY_GROUP_ID"+
+"[email protected]","[email protected]","[email protected]","Suivi de Besoins","","","ORA-24247: network access denied by access control list (ACL)","SYS",05/03/12,3210210578052219+
+"[email protected]","[email protected]","[email protected]","Suivi de Besoins","","","ORA-24247: network access denied by access control list (ACL)","SYS",05/03/12,3210210578052219+
+"[email protected]","[email protected]","[email protected]","Suivi de Besoins","","","ORA-24247: network access denied by access control list (ACL)","SYS",05/03/12,3210210578052219+
+"[email protected]","[email protected]","[email protected]","Suivi de Besoins","","","ORA-24247: network access denied by access control list (ACL)","SYS",05/03/12,3210210578052219+
+"[email protected]","[email protected]","[email protected]","Suivi de Besoins","","","ORA-24247: network access denied by access control list (ACL)","SYS",24/02/12,3210210578052219+
+"[email protected]","[email protected]","[email protected]","Suivi de Besoins","","","ORA-24247: network access denied by access control list (ACL)","SYS",05/03/12,3210210578052219+
Do you see what is wrong in my configuration ?
I use APEX 4.1, Oracle 11g.
The script that I have apply is :
DECLARE
ACL_PATH VARCHAR2(4000);
ACL_ID RAW(16);
BEGIN
-- Look for the ACL currently assigned to '*' and give APEX_040100
-- the "connect" privilege if APEX_040100 does not have the privilege yet.
SELECT ACL INTO ACL_PATH FROM DBA_NETWORK_ACLS
WHERE HOST = '*' AND LOWER_PORT IS NULL AND UPPER_PORT IS NULL;
-- Before checking the privilege, make sure that the ACL is valid
-- (for example, does not contain stale references to dropped users).
-- If it does, the following exception will be raised:
--+
-- ORA-44416: Invalid ACL: Unresolved principal 'APEX_040100'
-- ORA-06512: at "XDB.DBMS_XDBZ", line ...
--+
SELECT SYS_OP_R2O(extractValue(P.RES, '/Resource/XMLRef')) INTO ACL_ID
FROM XDB.XDB$ACL A, PATH_VIEW P
WHERE extractValue(P.RES, '/Resource/XMLRef') = REF(A) AND
EQUALS_PATH(P.RES, ACL_PATH) = 1;
DBMS_XDBZ.ValidateACL(ACL_ID);
IF DBMS_NETWORK_ACL_ADMIN.CHECK_PRIVILEGE(ACL_PATH, 'APEX_040100',
+'connect') IS NULL THEN+
DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE(ACL_PATH,
+'APEX_040100', TRUE, 'connect');+
END IF;
EXCEPTION
-- When no ACL has been assigned to '*'.
WHEN NO_DATA_FOUND THEN
DBMS_NETWORK_ACL_ADMIN.CREATE_ACL('power_users.xml',
+'ACL that lets power users to connect to everywhere',+
+'APEX_040100', TRUE, 'connect');+
DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL('power_users.xml','*');
END;
+/+
COMMIT;
Thanks for your help,Hi,
You need to grant privilege to the user.
i.e add principal
You can use script :
DECLARE
ACL_ID RAW(16);
CNT NUMBER;
BEGIN
-- Look for the object ID of the ACL currently assigned to ''*
SELECT ACLID INTO ACL_ID FROM DBA_NETWORK_ACLS
WHERE HOST = '' AND LOWER_PORT IS NULL AND UPPER_PORT IS NULL;*
-- If just some users referenced in the ACL are invalid, remove just those
-- users in the ACL. Otherwise, drop the ACL completely.
SELECT COUNT(PRINCIPAL) INTO CNT FROM XDS_ACE
WHERE ACLID = ACL_ID AND
EXISTS (SELECT NULL FROM ALL_USERS WHERE USERNAME = PRINCIPAL);
IF (CNT > 0) THEN
FOR R IN (SELECT PRINCIPAL FROM XDS_ACE
WHERE ACLID = ACL_ID AND
NOT EXISTS (SELECT NULL FROM ALL_USERS
WHERE USERNAME = PRINCIPAL)) LOOP
UPDATE XDB.XDB$ACL
SET OBJECT_VALUE =
DELETEXML(OBJECT_VALUE,
*'/ACL/ACE[PRINCIPAL="'||R.PRINCIPAL||'"]')*
WHERE OBJECT_ID = ACL_ID;
END LOOP;
ELSE
DELETE FROM XDB.XDB$ACL WHERE OBJECT_ID = ACL_ID;
END IF;
END;
REM commit the changes.
COMMIT;
Or you need to add privilege to specific user/schema using following script:
BEGIN
DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE (
acl => 'aclfilename.xml',
principal => 'databaseuser',
is_grant => TRUE,
privilege => 'connect',
position => null);
COMMIT;
END;
Please execute this code after connect as sysdba user.
Thanks & Regards,
Jaydipsinh Raulji
Web: [www.oracleapexconsultant.com|www.oracleapexconsultant.com] -
Controlling network access for user accounts
Can anyone suggest a way to control airport access to a wireless network?
I have an iMac G4 with AirPort running Tiger that I'd like to set up for a young teen to practice doing some video editing. I'd like to have network access disabled under normal circumstances, but be able to enable it easily during times when there is supervision.
Ideally, I'd like to have the airport icon in the menubar and select a network to join causing a prompt for an administrator password. I can't seem to get anywhere close to that. Any help would be appreciated.
Thanks.Thank you for your quick response.
5. Click the checkbox under Require Administrator
password to:
The two choices I have are:
- when changing networks
- when creating a computer-to-computer network
The first almost gets me what I want, there are two problems with this as I see it.
1. when the computer comes up and automatically logs in, the user is greeted by authentication dialogs. (AirPort trying to connect?) I'd like to configure AirPort not to automatically try to connect and therefore not produce these dialogs.
2. once approved, the network stays approved until the next reboot. I'd like to not be forced to reboot just to "lock down" the network again.
Any help on those two points? -
Setting Network access from JInitiator Control Panel 1.1.8.3
We were trying to use the GetClientInfo JavaBean from the Oracle Technology Network to read the clients IP address from the Web server. We were able to do this by setting the Network access to Unrestricted on the JInitiator Control Panel 1.1.8.3.
Is it possible to get this to work without setting the Network access to Unrestricted?
Also, does anybody know of any security concerns with setting the network access to Unrestricted?
Thanks in Advance,
ToddHey Todd - I've been able to get the ip address without setting it to unrestricted.
I can't tell you why you site requires this.
Could you let me know what you learn?
Mick -
Is it possible to restrict access to specific IOS apps based on the WIFI profile that a user has connected to?
you might be able to block it if the app uses Internet access
and depending on your wireless you might be able to block a specific user
accessing the backend host that the app uses
some firewalls offer application filtering but I'm not aware of any that work with ios apps -
ORA-24247: network access denied by access control list (ACL)error-UTL_HTTP
I am getting following ACL error while executing following procedure:
create or replace procedure sat_proc as
http_req utl_http.req;
http_resp utl_http.resp;
BEGIN
http_req := utl_http.begin_request('www.yahoo.com');
http_resp := utl_http.get_response(http_req);
utl_http.end_response(http_resp);
END;
exec sat_proc;
ORA-29273: HTTP request failed
ORA-06512: at "SYS.UTL_HTTP", line 1130
ORA-24247: network access denied by access control list (ACL)
ORA-06512: at "TRANSDBA.SAT_PROC", line 5
ORA-06512: at line 1
I am able to execute successfully while executing above code as PL/SQL block:
DECLARE
http_req utl_http.req;
http_resp utl_http.resp;
BEGIN
http_req := utl_http.begin_request('www.yahoo.com');
http_resp := utl_http.get_response(http_req);
utl_http.end_response(http_resp);
END;
PL/SQL procedure successfully completed.
Could help me find why I am getting error while executing same code in a procedure? Is there any privilege missing?GRANT EXECUTE ON SYS.UTL_HTTP TO <your_user>;
SQL> set time on
17:21:01 SQL> set role none;
Role set.
17:21:23 SQL> @utl_http.sql
17:21:34 SQL> DECLARE
17:21:34 2 http_req utl_http.req;
17:21:34 3 http_resp utl_http.resp;
17:21:34 4 BEGIN
17:21:34 5 http_req := utl_http.begin_request('www.yahoo.com');
17:21:34 6 http_resp := utl_http.get_response(http_req);
17:21:34 7 utl_http.end_response(http_resp);
17:21:34 8 END;
17:21:34 9 /
PL/SQL procedure successfully completed.
17:21:35 SQL> connect / as sysdba
Connected.
17:22:47 SQL> connect dbadmin/admindb
Connected.
17:23:06 SQL> @utl_http.sql
17:23:22 SQL> DECLARE
17:23:22 2 http_req utl_http.req;
17:23:22 3 http_resp utl_http.resp;
17:23:22 4 BEGIN
17:23:22 5 http_req := utl_http.begin_request('www.yahoo.com');
17:23:22 6 http_resp := utl_http.get_response(http_req);
17:23:22 7 utl_http.end_response(http_resp);
17:23:22 8 END;
17:23:22 9 /
PL/SQL procedure successfully completed.
17:23:23 SQL> set role none;
Role set.
17:23:29 SQL> @utl_http.sql
17:23:31 SQL> DECLARE
17:23:31 2 http_req utl_http.req;
17:23:31 3 http_resp utl_http.resp;
17:23:31 4 BEGIN
17:23:31 5 http_req := utl_http.begin_request('www.yahoo.com');
17:23:31 6 http_resp := utl_http.get_response(http_req);
17:23:31 7 utl_http.end_response(http_resp);
17:23:31 8 END;
17:23:31 9 /
DECLARE
ERROR at line 1:
ORA-29273: HTTP request failed
ORA-06512: at "SYS.UTL_HTTP", line 1130
ORA-24247: network access denied by access control list (ACL)
ORA-06512: at line 5
17:23:31 SQL> above is from test user
Below is from SYSDBA account
SQL> set time on
17:20:53 SQL> revoke execute on sys.utl_http to dbadmin;
revoke execute on sys.utl_http to dbadmin
ERROR at line 1:
ORA-00905: missing keyword
17:22:03 SQL> revoke execute on sys.utl_http from dbadmin;
revoke execute on sys.utl_http from dbadmin
ERROR at line 1:
ORA-04020: deadlock detected while trying to lock object
ACLiLZU+w09hR7gQAB/AQAjcw==
17:22:32 SQL> /
Revoke succeeded.
17:22:52 SQL> Edited by: sb92075 on Jun 10, 2010 5:24 PM -
When in Windows 7 (while using bootcamp) I am able to see my personal files in my Mac partition. When I try to access them I am denied access, it tells me that I need permission from the administrator. How do I give myself permission to access files between the two partitions, Mac/Windows7?
When in Windows 7 (while using bootcamp) I am able to see my personal files in my Mac partition. When I try to access them I am denied access, it tells me that I need permission from the administrator. How do I give myself permission to access files between the two partitions, Mac/Windows7?
-
The error, "Check that you have permission to write to the library directory." Displayed after trying to access a iPhoto Library from finder. The file is located on the local hard drive and was accessed not 5 minutes before the error displayed. Upon searching the forums I found a similar problem and the instructions said to check a permission box in the "Get Info" tab. There was no box visible and after clicking the arrow to open the "Open With" tab, the rainbow wheel started to spin and I could no longer access Finder or the desktop. I was deleting files trying to make space on my hard drive and noticed as I was deleting files more data was being added to the iPhoto Library. My question is how can I fix this and how can I prevent this in the future, thank you very much for any help, I would really like to keep these pictures.
I found a similar problem and the instructions said to check a permission box in the "Get Info" tab.
This applies only when the Library is on an external drive. You cannot ignore permissions on the system drive.
I was deleting files trying to make space on my hard drive
What were you deleting?
and noticed as I was deleting files more data was being added to the iPhoto Library.
Hard to see how deleting files can add data to the iPhoto Library. Can you explain why you thought this?
I would really like to keep these pictures.
Make a back up now.
Most Simple Back Up:
Drag the iPhoto Library from your Pictures Folder to another Disk. This will make a copy on that disk.
Slightly more complex: Use an app that will do incremental back ups. This is a very good way to work. The first time you run the back up the app will make a complete copy of the Library. Thereafter it will update the back up with the changes you have made. That makes subsequent back ups much faster. Many of these apps also have scheduling capabilities: So set it up and it will do the back up automatically.
Example of such apps: Chronosync - but there are many others. Search on MacUpdate or the App Store -
ORA-24247: network access denied by access control list (ACL)
Hi All,
I am sending a mail thru OWB 11g ( and using database 11g) after successful or failure of process. My process is completing successfully but am not able to send mail. At the time of sending mail it is giving me error as below
ORA-24247: network access denied by access control list (ACL)
ORA-06512: at "SYS.UTL_TCP", line 17
ORA-06512: at "SYS.UTL_TCP", line 246
ORA-06512: at "SYS.UTL_SMTP", line 115
ORA-06512: at "SYS.UTL_SMTP", line 138
ORA-06512: at line 8
I have created ACL using the following code
BEGIN
dbms_network_acl_admin.create_acl(acl => 'oramail.xml',
description => 'Network permissions for mail.oracle.com',
principal => 'OWF_MGR', is_grant => TRUE, privilege => 'connect');
DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE(acl => 'oramail.xml',
principal => 'OWF_MGR',
is_grant => true,
privilege => 'resolve');
DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL(acl => 'oramail.xml',
host => '141.146.46.30');
END;
commit;
where 141.146.46.30 is my mail server IP. I am still not able to send mail by OWB. Please let me know if I have missed any steps in this.
Thanks.For Oracle Warehouse Builder 11g running in 11g dB you need to set the ACL for the OWBSYS user. For example:
EXECUTE DBMS_NETWORK_ACL_ADMIN.CREATE_ACL('acl_for_owb_cc.xml', 'ACL for Control Center', 'OWBSYS', TRUE, 'connect');
For Oracle Warehouse Builder 10.2.0.4 running in 11g dB you need to set the ACL for the OWB repository owner. For example:
EXECUTE DBMS_NETWORK_ACL_ADMIN.CREATE_ACL('acl_for_owb.xml', 'ACL for OWB', 'MY_OWB_REPO_OWNER', TRUE, 'connect');" -
I set up a new user on my network today and am now in a location without access to that network. I just set her up as a user on her macbook but I can't log in with her credentials. Is that because I am not on the network and it is the initial setup?
You need to set the option to create a mobile account using the Directory Utility app.
Maybe you are looking for
-
I want to generate password-protected pdf files with reports. Based on a note I downloaded SecurePDFDestination from OTN together with Plop 2.1. I followed the instructions to install this on HP-UX, but when I run the report using: http://server:port
-
IS something wrong with my ipod??
-
The battery life on my ipod touch 4g is really poor any ideas?
in stanby mode after a full charge from 10 percent to 100 percent in the night drops to about 20-50 percent in the morning ( 9 hours). bluetooth is off, i close all apps, screen brightness is 50 percent ( not that this affects it in standby mode), th
-
ITunes does not recognize iPod Nano (5th gen)
This just started recently... I am running OS X 10.5.8 on my PPC G5 Dual 2.0 and iTunes 10.4.1. I am experiencing 2 problems: 1. iTunes no longer sees my iPod Nano - the iPod shows on my computer but iTunes does not display the "DEVICES" section in t
-
How to set Image equal to BufferedImage?
Is there a way to set an Image equal to a BufferedImage? For example: Image myImage; BufferedImage myBuffImage; myBuffImage = myImage; I know this way is not correct but is there any way either directly or indirectly to do such a thing? Thanks, Every