ISE - Authorization Profile issue
I'm running a trial of ISE and I'm attempting to create the authorization profile with the following settings:
Name: Posture_Remediation
Access Type: Access_Accept
Common Tools:
Posture Discovery, Enabled
Posture Discovery, ACL ACL-POSTURE-REDIRECT
The documentation says Common Tools, but in the screen shot it shows Common Tasks which is accurate to my install. Doc: http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080bba10d.shtml#topic19
The issue is that I do not see a Posture Discovery option in the Common Tasks area. Can I add these the attributes using the Advanced Attributes settings or is there something I need to enable to display the Posture Discovery option within Common Tasks?
Any help would be appriceated.
Andrew
Hello Andrew,
As per your query i can suggest you-
Creating a New Authorization Policy
Use this procedure to create a new authorization policy.
To create a new authorization policy, complete the following steps:
Step 1 Choose Policy > Authorization > Standard.
Step 2 Click to select either Insert New Rule Above or Insert New Rule Below.
A new policy entry appears in the position you designated in the Standard panel of the Authorization Policy window.
Step 3 Enter values for the following authorization policy fields:
•Rule Name—You need to define a rule name for the new policy.
•Identity Groups—Choose a name for the identity group that you want associated with the policy.
–Click + ("plus" sign) next to the word "Any" to display a drop-down list of group choices, or choose Any for the policy for this identity group to include all users.
•Condition(s)—Choose the types of conditions or attributes for the identity group associated with the policy. Click + next to Condition(s) to display the following list of condition and attribute choices that you can configure:
–Select a Condition Name option from the drop-down list (Simple Conditions, Compound Conditions, or Time and Date Conditions) as needed.
–Select one of the Attribute options as needed. This displays a list of dictionaries that contain specific attributes related to the dictionary type.
When you select an attribute, you can define it as Equals, Not Equals, or Matches using a pull-down list of operator options, and select an AND or OR directive using a pull-down directive option.
For more information please refer to the link -
http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_authz_polprfls.html
Similar Messages
-
MSE-provided location used with ISE Authorization Profile
Hello Everyone,
Can MSE-provided location be used in an ISE Authorization Profile?
Thanks much,
David D.Yes, ISE 1.2 can used this feature if it is used with Merridian or Ironmobile integration. and This is still in Road Map.
-
I am trying to create an authorization profile in ISE. My vlan for that profile is 50. When I try to add the Tag ID as 50 it is not allowing me to do so.
The message I am getting is : “Tag ID should contain only numerical value and in the range 0-31. How can the vlan be 0”. How to deal with this issue when my vlan ids are higher then 31.
I was wondering if anyone else had similar issue? Or am I missing anything.
Ds -
ISE Authorization Profile Question
Hi,
We are implementing ISE at a university and using dynamic VLAN allocation to segment the traffic into vlans of a manageable size - we do not want to use geographically based vlans for a number of reasons. However there is one scenario which I am struggling with.
A number of students will be living in university owned houses which are not directly connected to the university network. In these houses an ISP will provide an ADSL circuit. These ADSL circuits will be aggregated back at the university data centre and will connect down one piece of wire to the university network. I haven't completed my testing yet but the general theory is that we can use multi-auth to allow them on to the network and apply appropriate access restrictions (these restrictions will differ from those applied to those applied when they connect "on campus") . However, in order to do this, I will need to create an authorization policy based on where they are coming from (ie what switch and what port). I can see how I can use Identity Groups to identify which switch the traffic is coming from but for the life of me I have no idea how I would identify the port.
Anyone have any ideas how I might achieve my goal?
Thanks
AlanHi
Cisco ISE allows for a wide range of variables within authorization policies to ensure that only authorized users can access the appropriate resources when they access the network. The initial release of Cisco ISE supports only RADIUS-governed access to the internal network and its resources. The authorization policy result is Cisco ISE assigning an authorization profile that might also involve a downloadable ACL specifying traffic management on the network policy enforcement device. The downloadable ACL specifies the RADIUS attributes that are returned during authentication and that define the user access privileges granted once authenticated by Cisco ISE.
An authorization profile acts as a container where a number of specific permissions allow access to a set of network services. The authorization profile is where you define a set of permissions to be granted for a network access request and can include:
• A profile name
• A profile description
• An associated DACL
• An associated VLAN
• An associated SGACL
• Any number of other dictionary-based attributes -
ISE Authorization Policy Issues
Hello Team,
I´m getting troubles during my implementation: The User PC never gets IP Address from Access VLAN after AuthZ Policy succeded.
I have two vlans in my implementation:
Vlan ID 802 for Authentication (Subnet 10.2.39.0)
Vlan ID 50 for Access Users (Subnet Y.Y.Y.Y)
When I start my User PC, I get IP for VLAN 802 (10.2.39.3) and After Posture process, ISE inform the switch to put the User PC port in VLAN 50.
Here I have my Switch Port Configuration:
interface GigabitEthernet0/38
switchport access vlan 802
switchport mode access
switchport nonegotiate
switchport voice vlan 120
ip access-group ACL-DEFAULT in
authentication event fail action next-method
authentication event server dead action reinitialize vlan 50
authentication event server dead action authorize voice
authentication host-mode multi-auth
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast
end
And Here, I have outputs AuthZ Policy in Action:
Oct 7 09:22:01.574 ANG: %DOT1X-5-SUCCESS: Authentication successful for client (0022.1910.4130) on Interface Gi0/38 AuditSessionID 0A022047000000F6126E9B17
Oct 7 09:22:01.582 ANG: %AUTHMGR-5-VLANASSIGN: VLAN 50 assigned to Interface Gi0/38 AuditSessionID 0A022047000000F6126E9B17
Oct 7 09:22:01.591 ANG: %EPM-6-POLICY_REQ: IP 0.0.0.0| MAC 0022.1910.4130| AuditSessionID 0A022047000000F6126E9B17| AUTHTYPE DOT1X| EVENT APPLY
Oct 7 09:22:01.591 ANG: %EPM-6-AAA: POLICY xACSACLx-IP-PERMIT_ALL_TRAFFIC-537cb1d6| EVENT DOWNLOAD-REQUEST
Oct 7 09:22:01.633 ANG: %EPM-6-AAA: POLICY xACSACLx-IP-PERMIT_ALL_TRAFFIC-537cb1d6| EVENT DOWNLOAD-SUCCESS
Oct 7 09:22:01.633 ANG: %EPM-6-IPEVENT: IP 0.0.0.0| MAC 0022.1910.4130| AuditSessionID 0A022047000000F6126E9B17| AUTHTYPE DOT1X| EVENT IP-WAIT
SWISNGAC8FL02#
Oct 7 09:22:02.069 ANG: %AUTHMGR-5-SUCCESS: Authorization succeeded for client (0022.1910.4130) on Interface Gi0/38 AuditSessionID 0A022047000000F6126E9B17
SWISNGAC8FL02#
Oct 7 09:22:02.731 ANG: %EPM-6-IPEVENT: IP 10.2.39.3| MAC 0022.1910.4130| AuditSessionID 0A022047000000F6126E9B17| AUTHTYPE DOT1X| EVENT IP-ASSIGNMENT
Oct 7 09:22:02.731 ANG: %EPM-6-POLICY_APP_SUCCESS: IP 10.2.39.3| MAC 0022.1910.4130| AuditSessionID 0A022047000000F6126E9B17| AUTHTYPE DOT1X| POLICY_TYPE Named ACL| POLICY_NAME xACSACLx-IP-PERMIT_ALL_TRAFFIC-537cb1d6| RESULT SUCCESS
After that, I have:
SWISNGAC8FL02#sh auth sess int g0/38
Interface: GigabitEthernet0/38
MAC Address: 0022.1910.4130
IP Address: 10.2.39.3
User-Name: SNL\enzo.belo
Status: Authz Success
Domain: VOICE
Security Policy: Should Secure
Security Status: Unsecure
Oper host mode: multi-auth
Oper control dir: both
Authorized By: Authentication Server
Vlan Policy: 50
ACS ACL: xACSACLx-IP-PERMIT_ALL_TRAFFIC-537cb1d6
Session timeout: N/A
Idle timeout: N/A
Common Session ID: 0A022047000000F6126E9B17
Acct Session ID: 0x000001A7
Handle: 0x710000F7
Runnable methods list:
Method State
dot1x Authc Success
mab Not run
Apparently, everything is OK, but NOT. The User PC never gets IP Address from Access VLAN 50.
If I do SWISNGAC8FL02#sh mac address-table | inc 0022.1910.4130
50 0022.1910.4130 STATIC Gi0/38
802 0022.1910.4130 STATIC Gi0/38
And
SWISNGAC8FL02#sh epm session summary
EPM Session Information
Total sessions seen so far : 17
Total active sessions : 1
Interface IP Address MAC Address VLAN Audit Session Id:
GigabitEthernet0/38 10.2.39.3 0022.1910.4130 802 0A022047000000F6126E9B17
My Switch is a Cisco IOS Software, C3560E Software (C3560E-IPBASEK9-M), Version 15.0(2)SE6, RELEASE SOFTWARE (fc2)
I am using ISE Version 1.2.1.198 Patch Info 2
Could you help me in this Case ?
Best Regards,
Daniel StefaniIt seems like the PC is operating in the VOICE-domain according to the cmd auth sess int you showed. Do you think that has something to do with your problem? I've experienced some PC's having problem with that.
If you could, try getting the PC to operate in the DATA-domain by not sending the voice-attribute from ISE after the authorization. -
ISE Authorization profile Disable
ISE I have one and I have an account 1.1.3.124 release, but this account is disabled every day, to re-enable the account I have to do it manually.
How I can solve this problem?Modifying an Existing Cisco ISE Administrator
Use this procedure to modify an existing Cisco ISE administrator configuration.
To modify an existing Cisco ISE administrator, complete the following steps:
Step 1 Choose Administration > System > Admin Access > Administrators > Local Administrators.
The Administrators window appears.
Step 2 Check the check box that corresponds to the administrator that you want to modify, and click Edit.
The corresponding Admin User page appears.
Step 3 Modify the values in the following Admin User fields that you want to change.
• Admin User and Status
• Password (if you click the External option, the Password and Re-Enter Password fields are not used)
• User Information
• Account Options
• Admin Groups
Step 4 Click Save to save the modified administrator in the Cisco ISE database.
Please Check the below link which may helpful for you in configuration:
Link-1
http://www.cisco.com/en/US/docs/security/ise/1.1/user_guide/ise_man_identities.html#wp1054711 -
ISE Selecting wrong authorization profile
Hi,
We are testing ISE in a wired environment.
We have set up two authorization profiles called AD_Machine and AD_User as recommned in Trustsec 2.0 doc. The AD_Machine policy has a condition set on it to look at the AD External Group AD Machines, likewise the AD_User has a condition to look at AD External Group AD Users. At the end of the authorization policy list we have the default policy, this is set to WEBAUTH authorization profile.
What we see is machine auth is granted by the WEBAUTH policy as this is catch all. If I disable WEBAUTH it picks AD_Machine, also if I enable WEBAUTH and remove the AD External Group AD Machines condition it also selects the correct policy.
There seems to be some kind of timing issue when authorizing against an external DB.
Any ideas?
Thanks.
Gary -
VPN device profiling issue ISE In Line with ASA
Hi all,
We have an inline posture ISE which is acting as a radius server for authenticating VPN client through our ASA.
However because VPN client do not send thier MAC like they do when wireless and wired clients, the ISE cannot profile based on MAC as it dOes by default.
Has anyone come accross this issue and have another way of profiling VPN devices?
Thanks
MarioPlease review the below links which might be helpful :
http://www.cisco.com/en/US/products/ps11640/products_configuration_example09186a0080bea904.shtml
http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_ipep_deploy.html -
BW Issues while generating authorization profiles RSSB_GENERATE_AUTH progm.
Hello,
We loaded ZTCADS02 hierarchy datastore authorization template with the following data fields mapping and along with the other authorization templates (ZTCADS01, DS03)
when I try to generate the authorization profiles using RSSB_GENERATE_AUTHORIZATIONS program, I am getting the following error
Hierarchy YES_BRANDS (version, key date 12/31/9999) does not exist Message no. RSSBR050
Here are the fields and field contents on ZTCADS02 datastore. Am I loading wrong data to any of the fields?? I tried couple of combinations for Hierarchy name (0TCTHIENM) but none of this helps me in successful generation of the profiles.
0TCTHIENM = YES_BRANDS/99991231//0BP_GRP
0TCTHIENM = YES_BRANDS
0TCTUSERNM User CARLMGRN1
0TCTSYSID BW System SBC100
0TCTAUTH Authorization (Tech) ZBP_GRP
0TCTADTO Validity, to 99991231
0TCTIOBJNM InfoObject 0TCTAUTHH
0TCTHIENM Hierarchy Name YES_BRANDS
0TCTHIEVERS Hierarchy Version A
0TCTHIEDATE Hierarch, Valid to 99991231
0TCTNIOBJNM Node (InfoObject) 0BP_GRP
0TCTATYPE Type of Authorizatn 2
0TCTOBJVERS Object Version A
0TCTADFROM Validity, from 20061113
0TCTNODE Nodes 454BA58E856300F6000000000A173125
0TCTACOMPM Validity Period 1
0TCTTLEVEL Hierarchy Level 9
0TCTNDEF Default Value Y
Infoobject to be checked is 0BP_GRP which is hierarchy check
ZBP_GRP is custom authorization object created by me with fields actvt, 0BP_GRP and 0TCTAUTHH fields via RSSM
All suggestions are really appreciated and promise to reward very good points,
for all good answers.
Regards
SreeniIssue is resolved. There was a problem with the data load.
Thanks
Sreeni -
ISE / Active Directory: issue to get users group
Hello,
We have a strange issue:
- ISE 1.2 patch 8
- no WLC, autonomous AP
In authentication, we check Wireless IEEE 802.11 (radius) and cisco-av-pair (ssid), then we use AD.
We have 3 SSIDs, so 3 rules, one DATA, one GUEST, one for TOIP.
In one more rules to grant authentication from APs to register in WDS: user in local database.
In authorization, we check cisco-av-pair (ssid) and AD user group, then we permit access.
(so 3 rules), and one more to authorise the internal base for WDS.
We have something strange:
- sometimes users can connect but later they can't: in the logs, the authorization rejects the user because the AD Group is not seen.
Exemple:
1- OK:
Authentication Details
Source Timestamp
2014-05-15 11:43:19.064
Received Timestamp
2014-05-15 11:43:19.065
Policy Server
radius
Event
5200 Authentication succeeded
All the GROUPS of user are seen:
false
AD ExternalGroups
xx/users/admexch
AD ExternalGroups
xx/users/glkdp
AD ExternalGroups
x/users/gl revue écriture
AD ExternalGroups
xx/users/pcanywhere
AD ExternalGroups
xx/users/wifidata
AD ExternalGroups
xx/informatique/campus/destinataires/aa informatique
AD ExternalGroups
xx/informatique/campus/destinataires/aa entreprises et cités
AD ExternalGroups
xx/informatique/campus/destinataires/aa campus
AD ExternalGroups
xx/users/aiga_creches
AD ExternalGroups
xx/users/admins du domaine
AD ExternalGroups
xx/users/utilisa. du domaine
AD ExternalGroups
xx/users/groupe de réplication dont le mot de passe rodc est refusé
AD ExternalGroups
xx/microsoft exchange security groups/exchange view-only administrators
AD ExternalGroups
xx/microsoft exchange security groups/exchange public folder administrators
AD ExternalGroups
xx/users/certsvc_dcom_access
AD ExternalGroups
xx/builtin/administrateurs
AD ExternalGroups
xx/builtin/utilisateurs
AD ExternalGroups
xx/builtin/opérateurs de compte
AD ExternalGroups
xx/builtin/opérateurs de serveur
AD ExternalGroups
xx/builtin/utilisateurs du bureau à distance
AD ExternalGroups
xx/builtin/accès dcom service de certificats
RADIUS Username
xx\cennelin
Device IP Address
172.25.2.87
Called-Station-ID
00:3A:98:A5:3E:20
CiscoAVPair
ssid=CAMPUS
ssid
campus
2- NO OK later:
Authentication Details
Source Timestamp
2014-05-15 16:17:35.69
Received Timestamp
2014-05-15 16:17:35.69
Policy Server
radius
Event
5434 Endpoint conducted several failed authentications of the same scenario
Failure Reason
15039 Rejected per authorization profile
Resolution
Authorization Profile with ACCESS_REJECT attribute was selected as a result of the matching authorization rule. Check the appropriate Authorization policy rule-results.
Root cause
Selected Authorization Profile contains ACCESS_REJECT attribute
Only 3 Groups of the user are seen:
Other Attributes
ConfigVersionId
5
Device Port
1645
DestinationPort
1812
RadiusPacketType
AccessRequest
UserName
host/xxxxxxxxxxxx
Protocol
Radius
NAS-IP-Address
172.25.2.80
NAS-Port
51517
Framed-MTU
1400
State
37CPMSessionID=b0140a6f0000C2E15374CC7F;32SessionID=radius/189518899/49890;
cisco-nas-port
51517
IsEndpointInRejectMode
false
AcsSessionID
radius/189518899/49890
DetailedInfo
Authentication succeed
SelectedAuthenticationIdentityStores
AD1
ADDomain
xxxxxxxxxxx
AuthorizationPolicyMatchedRule
Default
CPMSessionID
b0140a6f0000C2E15374CC7F
EndPointMACAddress
00-xxxxxxxxxxxx
ISEPolicySetName
Default
AllowedProtocolMatchedRule
MDP-PC-PEAP
IdentitySelectionMatchedRule
Default
HostIdentityGroup
Endpoint Identity Groups:Profiled:Workstation
Model Name
Cisco
Location
Location#All Locations#Site-MDP
Device Type
Device Type#All Device Types#Cisco-Bornes
IdentityAccessRestricted
false
AD ExternalGroups
xx/users/ordinateurs du domaine
AD ExternalGroups
xx/users/certsvc_dcom_access
AD ExternalGroups
xx/builtin/accès dcom service de certificats
Called-Station-ID
54:75:D0:DC:5B:7C
CiscoAVPair
ssid=CAMPUS
If you have an idea, thanks so much,
Regards,To configure debug logs via the Cisco ISE user interface, complete the following steps
:Step 1 Choose Administration > System > Logging > Debug Log Configuration. The Node List page appears, which contains a list of nodes and their personas.
You can use the Filter button to search for a specific node, particularly if the node list is large.
www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_logging.html#wp1059750 -
ISE Authorization PermitAccess - EPM-HOLE-ACL
Hello,
I have a 6509 switch that is running 12.2(33) SXI9 code that has a unique issue. When the client connects they are authenticated and match an authorization profile that gives the default PermitAccess. Unfortunately at this point the client can only access what it is allowed in the ACL-DEFAULT.
When I look at the logs I see:
Mar 27 18:14:02 EDT: %EPM-6-POLICY_APP_SUCCESS: IP aa.cc.dd.ee | MAC 001a.1111.2222 | AuditSessionID AC10FB8A0000007101BDF21B| AUTHTYPE DOT1X| POLICY_TYPE Named ACL| POLICY_NAME EPM-HOLE-ACL| RESULT SUCCESS
What is this Named ACL EPM-HOLE-ACL? This ACL is not defined in ISE or the switch.Kyle,
I do not know what the EPM-HOLE-ACL but found it a little comical. However, this is true that you have to apply another dacl to override the acl default which is applied on the port. Keep in mind you will also run into this issue if you decide to (i am basing this off the 2k 3k behavior) set a guest vlan if the radius server is dead, because of this default ACL the users will not be able to get anywhere outside of that acl.
There is a feature enhancment in the works to provide an acl if radius server is dead or when authentication fails...etc. However I think this ties all back into to your question, that if there isnt a dacl assigned to override the port acl then this seems to be the behavior.
Tarik Admani
*Please rate helpful posts* -
Hey guys,
I have a question regarding ISE Authorization Policy. In my test lab, I don't have any wired station, and what I have is a wireless lapotp. I have configured to allow only EAP-TLS authentication. Now, my problem is I keep getting "15039 Rejected per authorization profile."
Under the Policy > Authorization, I created a rule where I just want to allow on EAP-TLS either via machine or user identity, and the bottom is the default DenyAccess. When I tried to join the wireless network, I kept getting denied. I checked the ACL counters on the WLC side and it was not increasing.
I changed the default DenyAccess to PermitAccess, and I was able to join the wireless network no problem, and the ACL counters on the WLC side increased.
It seems like I am hitting the default Authorization Policy first which is on the bottom of the authorization policy.
I attached the failed and authenticated logs that I got from ISE.
Has anyone have encoutered this issue?
The version that I have is 1.1.1
Thanks
P.S.
I went back to check my autorization condition, and it is blank (See the 1st screenshot)Hi,
it is obvious that you are not matching any condition.
rather than keeping the condition blank, fill it with a condition that is always match and try if that helps.
Regards,
Amjad
Rating useful replies is more useful than saying "Thank you" -
Cisco ISE Authorization with Device OS
Hi,
We want to permit access only to devices with Windows OS. I tried to make a authorization rule with the condition "Session:Device-OS EQUALS Windows" but it doesn't work. If I try to connect with a Windows 7 client, the access is denied and the log shows "15039 Rejected per authorization profile". What could be the problem?
We are using ISE with Version 1.1.3
thank you,
MarcThere is no issue with the ISE version 1.1.3, you are is the latest. May be the probes are not properly configured.
Please review the below link for assistance
http://www.cisco.com/en/US/solutions/collateral/ns340/ns414/ns742/ns744/docs/howto_30_ise_profiling.pdf -
Authorization (401) issue in SXMB_MONI (File to Inbound Proxy)
Hi All,
Here I am facing the authorization (401) issue in SXMB_MONI.
The scenario is File to Inbound Proxy, The outbound proxy is working fine. but the issue with the inbound proxy.
The below information we are getting in SXMB_MONI.
SAP:Error SOAP:mustUnderstand="" xmlns:SAP="http://sap.com/xi/XI/Message/30" xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
<SAP:Category>XIServer</SAP:Category>
<SAP:Code area="INTERNAL">UNAUTHORIZED</SAP:Code>
<SAP:P1>401</SAP:P1>
<SAP:P2>Unauthorized</SAP:P2>
<SAP:P3>(See attachment HTMLError for details)</SAP:P3>
<SAP:P4 />
<SAP:AdditionalText />
<SAP:Stack />
<SAP:Retry>M</SAP:Retry>
</SAP:Error>
Could you please help me on this issue?
Thanks in advance.
Regards,
YadavHi,
Ensure you have maintained the correct password, which MUST be the same, for all the service users
on XI. You may check all the places it should be maintained, such as Exchange Profile, SU01, SLDAPICUST, etc..
You may check the note below (according to your release version):
PI 7.1:
#999962 - PI 7.10: Change passwords of PI service users
XI 7.0
#936093 - XI 7.0: Changing the passwords of XI service users
XI 3.0
#721548 - XI 3.0: Changing the passwords of the XI service users
Also ensure that the user has the correct role as per link below:
http://help.sap.com/saphelp_nwpi71/helpdata/en/9f/d12940cbf2195de10000000a1550b0/frameset.htm
Regards,
Caio Cagnani -
Dears,
I configured wifi user authenticate from ISE server. We have 2 SSID: 1) Guest 2) Corporate
When the wifi users connect corporate ssid it is normal wokring. But at this time when the users want to connect guest ssid it is not forward to registration page , the user access network and internet without registration( guest portal). When i disable corporate authorization profile in ISE server, the user can access the guest ssid normal it means that the the user register on guest portal and only access internet but at this time the we can not access corporate ssid ( the user can not access the corporate ssid).
I attached the configuration file.
Please help me.So, if i am understanding this correctly, when you have the Policy Set "WLAN" enabled the guest SSID is not working but when you disable it the guest SSID starts to work. Is that correct?
If so, i would recommend that you create a new Policy Set for the guest SSID. You can match the condition based on the "WLAN-ID" That way you have a dedicated Policy Set for each SSID. This will keep things very clean and make troubleshooting much easier.
Thank you for rating helpful posts!
Maybe you are looking for
-
(solved) How can I get an older version of WINE?
I switched from Ubuntu to Arch, and met a problem with WINE. I have a SIGMA DP1 camera and have to use SIGMA PHOTO PRO with WINE to process the RAW files. In Arch WINE doesn't work with the application. In Ubuntu there is no problem with it. wine SIG
-
How can I reference a Value in a Field?
Here is my problem. I have a two fields, say F_2 & F_3, defined in the layout editor. One field has a defined source of Page Number and the other field has a defined source of Total Pages. Each of these fields page numbering properties have been set
-
Luminosity and saturation blending modes in FW CS4 differ from their equivalents in PSE 7
Example: Upper bitmap is filled with RGB(232,168,89) color and the lower with RGB(61,114,158) . Blending results are as follow: Luminosity in FW CS4: RGB(67,121,175) Luminosity in PSE 7: RGB(137,190,234) Saturation in FW CS4: RGB(60,109,158) Saturati
-
How to I see a HTM page on my local drive?
I have pages of static HTML on my local hard drive that contain my stories which I periodically update and upload to a story hosting site via FTP. I have a page of links like this on my desktop so I can see my pages locally before I FTP them up to th
-
Install package as dependency of another package
Suppose you want to install Package X, which depends on Package Y. You also want to install Package Z, which augments Package X, but is not a dependency of Package X. You run: pacman -S X Z Now suppose that you no longer want Package X on your system