ISE device differentiated access and windows clients

Similar Messages

• IPod Nano: Error Message "The USB device has malfunctioned and Windows does not recognise it"

  Hi everyone, I just received 2 brand new iPod Nanos for my kids for Christmas, thought I'd be smart and sync them both now before wrapping them so I don't have to be messing around with them on the day. One synced without a problem, then using the same cable, same computer, same USB port, the 2nd one came up with "The USB device has malfunctioned and Windows does not recognise it" I've tried restarting my computer, unplugging and reinserting the USB. Is there anthing else I can try before returning it? Thanking you for any help.

  I have solved my problem, I ended up ringing Apple and got an awesome lady who told me to reset it by pressing the sleep button and menu button together for about 10 seconds and once it actually turned on for the first time the computer then recognised it, so it's all good, :-) Thank you lovely lady!

• I have "hidden" my devices/USB access and now cannot figure out how to get them back on so I can re-access the USB files.  How do I do this?  (Is it just me, or should this be a reasonably simple task that shoul NOT require a post to the Apple community?)

  Under "Devices," I have "hidden" my USB access and now cannot figure out how to re-access or "show" USB access again.  Very frustrated right now--this is a high-use feature for me and it should NOT be so buried somewhere that I cannot find it.  So much for Mac's "intuitive" interface.

  Well, you have also "hidden" what version of OS X you are using from anyone who might want to help you.
  You are probably using a newer version than I am, but I don't know that these things have changed.
  In the Finder, from the Finder menu > Preferences …, there should be a Sidebar pane to choose what is visible.
  Also in the Finder, Go menu > Computer (or type Shift Command C) will open a Finder window with any attached volumes showing.

• Clean Access and Windows 2003 Server

  I am trying to install the Clean Access Client on a VM running Windows 2003 Server. When I connect to our customer's network the VPN client appears to connect properly and I see the Clean Access window. Then it all seems to fall over. My customer tells me I should see a blue window with a red OK button on it but I never see it. As a result I never get completely into the network. Is this because I am running this on Windows 2003 Server or should I be looking at something else? Can this run in a Virtual Environment and on 2003 Server?

  I work it out partially by myself:
  1)
  (excuse me, I meant "kinit and Krb5LoginModule" not "kinit and kinit.exe").
  Krb5LoginModule seems to work now (with TCP). The output is:
  KRBError:sTime is Tue Jun 01 17:13:51 CEST 2004 1086102831000
  suSec is 945761
  error code is 52
  error Message is Response too big for UDP, retry with TCP
  realm is SSOTEST.RTC.CH
  sname is krbtgt/SSOTEST.RTC.CH
  KrbKdcReq send: kdc=rtcnt978.ssotest.rtc.ch TCP:88, timeout=30000, number of retries =3, #bytes=232
  DEBUG: TCPClient reading 1496 bytes
  KrbKdcReq send: #bytes read=1496
  KrbKdcReq send: #bytes read=1496
  EType: sun.security.krb5.internal.crypto.DesCbcMd5EType
  KrbAsRep cons in KrbAsReq.getReply sso_testuserCommit Succeeded
  Which is what I want (it tries first with UDP, then the KDC says the TGT is too big for UDP and the client tries again with TCP)
  2)
  I still have the error :-(

• No guest access for Windows clients

  Since installing the 10.4.11 OS X Server update, Windows clients can no longer browse the list of shares. Guest access is allowed in the Windows service, and one of the shares does have Guest access enabled. I went so far as to allow R+W for the unknown and unprivileged groups.
  The logs show the windows user account failing authentication, which shouldn't even be necessary since Guest access should give them explicit access anyway. The Windows client gets prompted for a user name and password, which does authenticate properly if an actual account is entered. For some reason, this client's IT department is adamant about allowing guest access. Any clues?

  Hi,
  I know it is a common issue, but the answer you link to is very old and for Windows NT4 and Windows 2000.
  I should be possible to enable NAT on the VPN server as described here:
  http://technet.microsoft.com/en-us/library/dd458971.aspx
  But I cannot get it to Work.
  Thomas Forsmark Soerensen

• One of the USB devices have malfunctioned and windows does not recognize it---MESSAGE

  Upon plugin, One of the USB devices attached  has malfunctioned and window does not recognize it message is displayed.  I have tried different settings with the USB driver.  Have reset the ipod. Have reinstalled itunes on computer and ipod.
  HELP PLEASE!!!

  Here:
  iOS: Device not recognized in iTunes for Windows
  I would start with
  Removing and reinstalling iTunes, QuickTime, and other software components for Windows Vista or Windows 7
  or
  Removing and Reinstalling iTunes, QuickTime, and other software components for Windows XP

• SMB Slow connection with upgrade to SnoW Leopard and Windows Clients.

  <pre>
  Dear,
  I have now upgraded my MAC OS X LEOPARD 10,5,8 to new SNOW LEOPARD 10,6,2 and if some problems disappear I have a newer big one !
  Now every time a Windows CLient try to connect to a SMB Share of SL server that take a long time about 10-15 seconds to open after that depending on client OS that could be nice for a moment (windows 7 and XP) or browsing stay very slow like for 2003 server connecting to Share on S.Leopard.
  Could you please help me.
  My SL are the main SMB share computer with all data it is connect like other clients to AD (SBS2003).
  I have a SBS2003 server that are Master of Domain
  and a Server 2008 acting like Terminal Server also member server of domain.
  Here are kind of log I receive from SMBD.LOG: I suppose the Credentials problem when connecting are my explanation but how to avoid that !
  2009/11/14 13:37:06, 2, pid=64803 /SourceCache/samba/samba-235/samba/source/smbd/reply.c:reply_special(332)
  netbios connect: name1=MACSRV name2=NOMAD
  2009/11/14 13:37:06, 2, pid=64803 /SourceCache/samba/samba-235/samba/source/smbd/reply.c:reply_special(339)
  netbios connect: local=macsrv remote=nomad, name type = 0
  2009/11/14 13:37:08, 2, pid=64794 /SourceCache/samba/samba-235/samba/source/lib/module.c:dosmb_loadmodule(64)
  Module '/usr/lib/samba/auth/odsam.dylib' loaded
  2009/11/14 13:37:10, 2, pid=64803 /SourceCache/samba/samba-235/samba/source/smbd/sesssetup.c:setupnew_vcsession(1273)
  setupnew_vcsession: New VC == 0, if NT4.x compatible we would close all old resources.
  2009/11/14 13:37:10, 2, pid=64803 /SourceCache/samba/samba-235/samba/source/lib/module.c:dosmb_loadmodule(64)
  Module '/usr/lib/samba/auth/odsam.dylib' loaded
  2009/11/14 13:37:18, 2, pid=64803 /SourceCache/samba/samba-235/samba/source/smbd/sesssetup.c:setupnew_vcsession(1273)
  setupnew_vcsession: New VC == 0, if NT4.x compatible we would close all old resources.
  2009/11/14 13:37:28, 0, pid=64803 /SourceCache/samba/samba-235/samba/source/lib/opendirectory.c:getopendirectoryauthenticator(247)
  failed to read DomainAdmin credentials, err=67 fd=15 errno=2
  2009/11/14 13:37:28, 0, pid=64803 /SourceCache/samba/samba-235/samba/source/lib/opendirectory.c:opendirectoryuser_auth_and_sessionkey(580)
  dsDoDirNodeAuthOnRecordType gave -14091 eDSAuthMethodNotSupported
  2009/11/14 13:37:28, 0, pid=64803 /SourceCache/samba/samba-235/samba/source/auth/authodsam.c:opendirectory_smb_pwd_checkntlmv1(387)
  opendirectoryuser_auth_and_sessionkey gave -14091 eDSAuthMethodNotSupported
  2009/11/14 13:37:28, 0, pid=64803 /SourceCache/samba/samba-235/samba/source/lib/opendirectory.c:getopendirectoryauthenticator(247)
  failed to read DomainAdmin credentials, err=67 fd=28 errno=2
  2009/11/14 13:37:28, 2, pid=64803 /SourceCache/samba/samba-235/samba/source/auth/auth.c:checkntlmpassword(309)
  checkntlmpassword: authentication for user fabrice -> fabrice -> fabrice succeeded
  2009/11/14 13:37:28, 2, pid=64803 /SourceCache/samba/samba-235/samba/source/lib/module.c:dosmb_loadmodule(64)
  Module '/usr/lib/samba/vfs/darwin_streams.dylib' loaded
  2009/11/14 13:37:28, 2, pid=64803 /SourceCache/samba/samba-235/samba/source/lib/module.c:dosmb_loadmodule(64)
  Module '/usr/lib/samba/vfs/darwinacl.dylib' loaded
  2009/11/14 13:37:28, 2, pid=64803 /SourceCache/samba/samba-235/samba/source/lib/module.c:dosmb_loadmodule(64)
  Module '/usr/lib/samba/vfs/notify_kqueue.dylib' loaded
  2009/11/14 13:37:28, 1, pid=64803 /SourceCache/samba/samba-235/samba/source/smbd/service.c:makeconnectionsnum(1092)
  nomad (192.168.2.20) connect to service NetDown initially as user fabrice (uid=501, gid=20) (pid 64803)
  I also have some kind of following message:
  2009/11/14 13:35:18, 0, pid=64579 /SourceCache/samba/samba-235/samba/source/lib/utilsock.c:readdata(534)
  read_data: read failure for 4 bytes to client 192.168.2.20. Error = Connection reset by peer
  NOte that initialy I don't have problem with MAC OS Client but to be sure they use SMB I have desactived AFP server on SNOW LEOPARD SERVER and now they can't browse the share in finder but when connection via COMMAND+K and SMB://server/share that give now the same error but a little bit faster than windows clients.
  Could you help me to troubleshout that problem ?
  Thanks for your help.
  Felee
  </pre>

  Dear CarlosGBA,
  So when you put 2 computers of your network in WORKGROUP in place of DOMAIN the 38 others works fine ? Strange ?
  I have about 15 computers, some are already in workgroup other are linux smb other MAC, the data server are MAC OS X SL, the problem appear for all windows machines, I have try to dissable NTLMV2 and Kerberos since it is probably the faulty element with opendirectory,but always without success !
  I don't know what I can do to trouble shout, I hope next release 10.6.3 come soon and correct about all SMB problem ! Probably a dream only ! Since I ask my self if Apple want to correct something andwhy is this problem let without solutionso long ! For a company it is a big problem.I suppose that Apple never read this forum and never answer our problem ! May be I should contact the support phone to be helped !
  Thanks for you help.

• Durable subscriptions and windows clients

  Hi,
  I think I have found a potential problem.
  Scenario
  MQ: 3.x or 4.x
  Clients: windows OS with Durable Subscriptions
  Destinations: Topic
  Problem:
  Disconnect a windows client with a durable subscription (for example, pulling the network cable)
  Try to reconnect, and you will get "Client ID already in use". Under unix, this happens only for a few secs and that's fine. Under Windows, you won't be able to reconnect for almost 10 minutes. That means that a windows client can't easily reconnect if it uses a durable subscription, and has to wait the server killing its socket.
  The problem seems that the server socket stays ESTABLISHED (just do a netstat -an | grep -i ESTABLISHED on the server) for a longer time when the client is windows. So that is a windows socket problem (I just tried with a Simpel TCP Server and that's the same), but I think a JMS server should circumvent it
  Possible solutions:
  - MQ client overriding the connection if a client id is already in use AND the connection comes from the same IP. I think that should be the default!
  - a configurable heartbeat between client and server
  - Something like "imqcmd deactivate dur" could do the job. I haven't found a way to manually DISACTIVATE the connect, but only to destroy it (imqcmd destroy dur), which obviously isn't a viable option (possible msg loss)
  - Java API to do the same thing
  ciao,
  uL

  I think that the problem may be with the TTL on the sockets. Basically as far as I know unless there is a traffic on the connection there is no way to detect that the other end of a socket connection is gone. You may try enabling ping on the connection this may speed things up.
  Tom

• Directory Server and windows clients

  Is it possible for a MS windows client to join a Domain on a Directory Server ver 5.2?

  Hello,
  with GPO you can't, there is no special setting for this. Adding the scheduled task is the way to do it. But the scheduled task can be added with startup scripts.
  Create shutdown.cmd for example with the following content:
  ;Create the scheduled task on remote workstation's
  if not exist %systemroot%\tasks\at1.job at 17:30 /every:m,t,w,th,f,s,su shutdown.exe /r /t 120 /c "This computer will shutdown and restart automatically, please close your open applications. Your Administrator." /f
  :Copy the shutdown.exe to remote workstation
  if not exist %systemroot%\system32\shutdown.exe copy "\\domainname\netlogon\shutdown.exe" "%systemroot%\system32\shutdown.exe"
  Keep in mind to replace domainname with your ones and to copy the shutdown.exe to the
  \\yourdomainname\netlogon folder.
  Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

• Strange problem with AIX server and windows clients

  I am having a real bizzare problem with WLS 7.0.1 running on AIX 5.1 and
  clients on windows. We have J2SE Swing application as a client.
  If the client is w2k or XP, the first client gets good response. If I start
  another client the second client is horribly slow (2 sec vs 16 sec). Even if
  I kill the first client the second client continues to be slow. If I have 2
  clients open together, the first one continues giving 2 sec response while
  the second one continues with 16 sec. For that matter if I start another
  client after shutting down first one I get slow (16 sec) response.
  If the client is NT client I always get good and consistent response from
  the server. Irrespective of how many client I have on the NT machine, I keep
  getting good response. NT and W2K laptops are seating right next to each
  other on the same n/w and infact the NT is a much slower and lessor memory
  machine than W2K.
  We did similar tests keeping server on Solaris or NT server or W2K server,
  and the clients "behave" normally i.e I get consistent repsponse time (it
  may be slow or fast, but it is consistent and is consistent b/w NT and W2K).
  We even tried putting my laptop on the same network as the AIX server, but
  it did not help. Unfortunately some of our clients will be using AIX and
  W2K.
  HELP!!!!

  "Cameron Purdy" <[email protected]> wrote in message
  news:[email protected]..
  Sounds like a reverse DNS lookup or similar network timeout.Thanks for the suggestion, but then why would the first client on w2k or XP
  get a better performance and the subsequent clients get worse performance?
  >
  Peace,
  Cameron Purdy
  Tangosol, Inc.
  http://www.tangosol.com/coherence.jsp
  Tangosol Coherence: Clustered Replicated Cache for Weblogic
  "vinay moharil" <[email protected]> wrote in message
  news:[email protected]..
  I am having a real bizzare problem with WLS 7.0.1 running on AIX 5.1 and
  clients on windows. We have J2SE Swing application as a client.
  If the client is w2k or XP, the first client gets good response. If Istart
  another client the second client is horribly slow (2 sec vs 16 sec).
  Even
  if
  I kill the first client the second client continues to be slow. If I
  have
  2
  clients open together, the first one continues giving 2 sec response
  while
  the second one continues with 16 sec. For that matter if I start another
  client after shutting down first one I get slow (16 sec) response.
  If the client is NT client I always get good and consistent responsefrom
  the server. Irrespective of how many client I have on the NT machine, Ikeep
  getting good response. NT and W2K laptops are seating right next to each
  other on the same n/w and infact the NT is a much slower and lessor
  memory
  machine than W2K.
  We did similar tests keeping server on Solaris or NT server or W2Kserver,
  and the clients "behave" normally i.e I get consistent repsponse time(it
  may be slow or fast, but it is consistent and is consistent b/w NT andW2K).
  We even tried putting my laptop on the same network as the AIX server,
  but
  it did not help. Unfortunately some of our clients will be using AIX and
  W2K.
  HELP!!!!

• Cisco ISE protocols for ldap and Windows wireless client

  Only the protocols below are supported by ise in combination with ldap identity sources.
  EAP-GTC, PAP, EAP-TLS, PEAP-TLS.
  Mac OS devices seem to be able to use these but Windows users seem to be having problems. How should windows users connect with ise that only uses ldap?

  Mathieu,
  Take a look at the user guide for NAM -
  http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect30/administration/guide/ac04namconfig.html
  You will see the protocols support like GTC that should allow you not to have to deploy certs.
  Thanks.
  Tarik Admani
  *Please rate helpful posts*

• How to access a printer on a networkwit​h a Linux server and Windows client.

  Windows can't find a driver on the network. To locate one manually. click OK. Otherwise click Cancel...
  This question was solved.
  View Solution.

  I posted additional information  online using the newly created Launchpad login Service account.
  I hope that explains my situation, if not I will add more detail here.
  There is no problem, when ither of the two OS are used to enable printing with the HP Deskjet 2050 J510 series printer.
  The problem begins when I try to print from the other OS , when connected to one of the Operating System.
  I have tried without success to print from Windows 7 Ultimate 64-bit OS from an HP Deskjet 2050 J510 series connected to a Ubuntu 12.04 LTS server with Amahi (HDA), installed.
  The same thing occurred when I tried to print from the Ubuntu server and the printer was connected to the Windows 7 Ultimate 64-bit running P.C.

• Mac and windows clients losing connection to Server 2012 Namespace

  I am running Windows 2012 Standard edition on two HP Servers. Both are fully patched O/S's and all HP system updates are installed. Each is running a 10 Gbit NIC to a Cisco 2960 Switch fully updated. Both Network shares are on HP external Drive bays connected
  through a Smart Array P822 card
  All users connect to the primary server (secondary server configured not to take referrals at this time)
  My Mac clients running OS X 10.9.1 connect using smb and the namespace. When the designers come in they usually have to reboot in order to connect to their server shares. We discovered today that if they change the IP address the reboot is not needed. We
  have an archive server running on a Synology NAS. Their connection to the Synology is not impacted.
  The windows machines will lose connection at random and not everyone at once. Usually no more than twice in a week. The fix is either a reboot or an IP change, sometimes both. None of the machines go to sleep or hibernate. All machines are fully patched
  with windows updates, and HP system updates.
  We run Avast on both the Mac's and PC's if this makes a difference.
  Any thoughts?
  thanks

  thanks Shaon,,
  1) IP address before is within our DHCP scope of 192..168.0.51/200. When we set to static we set it to 192.168.0.16/20. We then reset back to DHCP.
  2) The error message is that it can not find the server if I try to map it.
  3) Clients can still access by IP address and FQDN
  We have disabled Avast on a few machines to see if it will make a difference. We then ran into the issue on a machine without Avast installed.
  We did notice that our DNS server was not deleting old entries and we found many duplicate entries. We set it to scavenge and then I went through and deleted old records. Not sure if this would cause a problem or not.
  thanks again for your help!

• Direct Access and WIndows Phone 8.1?

  Hi all –
  I am reaching out to the community here because I haven’t been able to find anything concrete. 
  The scenario is that we wish to have links which are sent through an on-prem SharePoint farm resolve on a user’s Windows Phone whilst roaming. 
  The root of the issue is that the client does not have split DNS in place. 
  Therefore when they send a link from the SharePoint site it’s URL is mysite.acme.int, for example, which is not resolvable from outside of the corporate network;
  Acme.com is however.
  We have Direct Access (2012 R2) in place and use Windows Phone 8.1. 
  What I am trying to determine is whether or not we can leverage a DA connection with the Windows Phones in order to attain URL resolution.
  Barring that does anyone have any bright ideas on how to conquer the problem?
  Kind regards and thanks in advance!
  Wren

  Hi Wren,
  Agree with Rmknight. Windows Phone doesn't support DirectAccess at present.
  For detailed information, please refer to the link below:
  https://businessmobilitycenter.microsoft.com/en/webinars/Pages/Webinar-Managing-Enterprise-Content-and-Information-on-Lumia-Windows-Phone-8-1.aspx
  Best Regards.
  Steven Lee Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Direct Access and WIndows Phone 8.1 for MySIte Resolution?

  Hi all –
  I am reaching out to the community here because I haven’t been able to find anything concrete. 
  The scenario is that we wish to have links which are sent through an on-prem SharePoint farm resolve on a user’s Windows Phone whilst roaming. 
  The root of the issue is that the client does not have split DNS in place. 
  Therefore when they send a link from the SharePoint site it’s URL is mysite.acme.int, for example, which is not resolvable from outside of the corporate network;
  Acme.com is however.
  We have Direct Access (2012 R2) in place and use Windows Phone 8.1. 
  What I am trying to determine is whether or not we can leverage a DA connection with the Windows Phones in order to attain URL resolution.
  Barring that does anyone have any bright ideas on how to conquer the problem?
  Kind regards and thanks in advance!
  Wren

  Hi Wren,
  For your issue, you can try to configure alternate access mappings with IP address for your MySite Web Application and then you can access your site with IP address.
  As I am not familiar with Windows Phone, you can connect with the Windows Phone support or post threads in Widnwos Phone forums to ask for more information:
  http://answers.microsoft.com/en-us/winphone/forum/wp8?tab=Threads
  Best Regards,
  Eric
  TechNet Community Support
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]