ISE Live Authentications Not Visible
Hi,
I have a single node ISE deployed and have been adding and deleting policies for the past two weeks without issue. It's using our production AD and CA server and connected to NCS. My problem is that today when I was working on a new MAB policy, the policy would let the laptop on the network, but nothing appeared in live authentications screen or the reports. I tried this with both a MAB and 802.1x policy set and both times I logged on with the correct policy, but nothing was showing in the logging. These were both wireless and I had both the authentication and the accounting pointing at ISE. As well as SNMP too.
I forgot to see if the clock was off, but if the authentications are working, I'm not sure why the reporting is not.
Any help would be appreciated.
Thanks,
Mike
Is your log target set up?
Admin/System/Logging/Remote Logging Targets/LogCollector
Also if this is a guest wifi setup between a Cisco foreign & anchor WLC, make sure Auth & Accounting are set up on the foreign WLC.
Similar Messages
-
IP address in ISE live authentication after vlan change
Hi all,
on ISE live authentication dashboard we can see IP address of the client (known from FRAMED-IP-ADDRESS).
But what about vlan change and the situation when client gets new IP address after relocation to different vlan.
Live logs shows only the first IP address - client mapping (from the guest vlan), after authorization new vlan and dACL is assigned but logs don't include new IP address.
session ID is the same all the time.
so maybe ip helper or other trick?
regardsthx for reply.
I added "aaa accounting update newinfo" and I'll see tommorow how it works with anyconnect and 802.1x.
Meanwhile I think I must clarify what I meant
Not all logs have IP address present in live authentication (this is MAB for test only)
the situation with 802.1x and anyconnect is a bit better cause there are IP addresses but only from the first dhcp address assignment (authentication open with default ACL). Then if the policy changes vlan and the client gets new IP address from different scope we have wrong information in this log.
but getting back to our MAB...
details of this entry looks like:
so this is probably the reason that no IP address is visible it was too soon for MAB to get this info and send it as framed IP address (according to this config command "radius-server attribute 8 include-in-access-req")
nevertheless clicking the accounting details (from the 2nd screenshot)
we see that this information is present
so my first question is on which stage this column is fulfilled? only when "FRAMED-IP-ADDRESS" is send in radius-request? or from accounting?
maybe ISE should dynamically modify this record after each accounting newinfo message?
regards -
"Allow Insecure Authentication" not visible on SMTP preferences
Good morning,
The "Allow Insecure Authentication" checkbox is not visible on SMTP preferences on my sister's MacBook Pro running the latest version of Yosemite. I've found similar problem on a couple of Mac minis I have at the office. However, my MacBook Pro and my wife's MacBook Air both have the option available.
All of the aforementioned Macs are running the latest version of Yosemite.
Any ideas on how to enable this?
Thanks a lot for any help.
Cheers,
JPI found a workaround on this thread Mail SMTP (outgoing) does not work after Yosemite upgrade, but still can't find a way to display the checkbox option on SMTP settings.
Any ideas?
Cheers,
JP -
I have ISE with latest version 1.2.1.198
I never see any entries in the live authentications page even though I have clients successfully authenticating and being authorised.
Different browsers seem to make no difference.
Has anyone also seen this and has anyone found a bug relating to this?
Regards
Rogermake sure your NAD is configured correctly . and try
ms-ise-mgm01/admin# app config ise
Selection ISE configuration option
[1]Reset Active Directory settings to defaults
[2]Display Active Directory settings
[3]Configure Active Directory settings
[4]Restart/Apply Active Directory settings
[5]Clear Active Directory Trusts Cache and restart/apply Active Directory settings
[6]Enable/Disable ERS API
[7]Reset M&T Session Database
[8]Rebuild M&T Unusable Indexes
[9]Purge M&T Operational Data
[10]Reset M&T Database
[11]Refresh M&T Database Statistics
[12]Display Profiler Statistics
[13]Exit
try
7 to reset the session db
10 to reset the M&T database
Once you have run these commands the DashBoard should begin to display information. -
Export ISE Live Authentications and Sponsor activities
Dear all,
We need to know if it is possible to export to a syslog or any other service the live authentications logged on ISE.
In addition, I need to know if is possible to export the sponsor activities.
Thanks in advance!
Davidmake sure your NAD is configured correctly . and try
ms-ise-mgm01/admin# app config ise
Selection ISE configuration option
[1]Reset Active Directory settings to defaults
[2]Display Active Directory settings
[3]Configure Active Directory settings
[4]Restart/Apply Active Directory settings
[5]Clear Active Directory Trusts Cache and restart/apply Active Directory settings
[6]Enable/Disable ERS API
[7]Reset M&T Session Database
[8]Rebuild M&T Unusable Indexes
[9]Purge M&T Operational Data
[10]Reset M&T Database
[11]Refresh M&T Database Statistics
[12]Display Profiler Statistics
[13]Exit
try
7 to reset the session db
10 to reset the M&T database
Once you have run these commands the DashBoard should begin to display information. -
Dashbord and Live authentication ISE 1.1.3.124 p1
Hello all,
not long time ago, i lost all data in the HOME pannel, all sub windows says: no data avalable no nothing
the only number i have there is the number of endpoints
And now, in the live authentication, i dont any results, no pass, failed etc... running heath report gives me nothing.
Am running ISE 1.1.3.124 patch 1 and the Admin and PSN are not separeted by any FW.
i know i should go to 1.1.4 patch 2 but maintenance windows are hard to managed.
Anyone seen that behavior?
ps: replication are ok...
ThxThe issue could be due to incorrect or corrupted indexing and it need to rebuild via root patch. You may check the mnt-collector.out logs from the support bundle. I'd also suggest you to go directly to ISE 1.2 that is scheduled for July 3rd week. In order to resolve current issue, you may need to open a TAC case.
Jatin Katyal
- Do rate helpful posts - -
ISE 1.2.1.198 patch 5 - Operations Authentications not loading or displaying
Is anyone else having an issue with getting Authentications to display under operations? We were running 1.2.0.899 and started to run into a couple bugs so we upgraded to 1.2.1.198. Ever since then the Operations - Authentications have not been working right. I may occasionally see and actual authentication but not as many as I should. Most of the messages I saw yesterday pertained to radius processes already in progress from endpoint which was my wireless controller. Today I just get a loading data message at the bottom of the screen. It does not seem to be affecting system operation as users are still properly authenticating but I am unable to monitor the process or troubleshoot a users if they were to have an issue. We are on the edge of moving this into full production but really cannot until I get this resolved.
I have a case open with tac and their comment was that the issue of authentications not displaying was fixed in 1.2.1 and not sure what may be happening. We went ahead and applied patch 5 just in case there was something else going on. That did not fix things and it now seens to be getting worse.
I just wanted to see if anyone else had seen this and could possible shed some light on a resolution.
I am running a cluster containing the following. Primary admin on a VM - two policy Services servers both on VMs - secondary admin on retired ACS 2111 appliance. All three VMs are on the same physical server. Memory utilization on the admin server is just under 50% with the Policy servers both in the 30% range. I do have one policy server that is showing authentications in the 10-12ms latency but do not think that should affect anything. The ISE cluster is also tied into our 5508 wireless controller for support of the wireless networks. I have two SSIDs in production here at corporate and trying to figure out FlexConnect for the remote locations so we can centralize everything.
BrentTAC recommendation was to install patch 5 which should include patch 4 plus other things. They took logs from my servers and asked to give them a day or so to look at the issue. Today is day three with no update.
I am going to reboot all the servers in the cluster tonight. I do not have console access to the VMs so am hoping that I can reload from the CLI and accomplish the same thing rather than just reload the services.
I tried a wired connection this morning and it popped into the authentications report but will have to test to make sure it repeats.
What is mostly in the log is simply the reports of the supplicant stopped responding to ISE. I know thought that I have at least 5 people that are connected via wireless. Here is a sample of what is in the log. -
Calendar.live settings icon not visible in Firefox 28.0
The live.com settings icon in all pages except mail is not visible when using Firefox. It works fine in IE.
Please report this to the Web Compatibility Team [https://dev.webcompat.com]
If it was working before, please try [[Troubleshoot Firefox issues using Safe Mode]] and clearing the cache to see if the issue continues. -
Data in CSV uploads successfully, but it is not visible after upload.
Hi,
I am using Apex 3.2 on Oracle 11g.
This is an imported application for which I am making changes as per my requirements. As I am new to Apex and even SQL, I request forum members to help me with this.
Please find below the old code for uploading data from CSV. It displays only 6 columns - Database Name, Server Name, Application Name, Application Provider, Critical, Remarks. This was successfully uploading all the data from CSV and that data was visible after upload.
OLD CODE:_
--PLSQL code for uploading application details
DECLARE
v_blob_data BLOB;
v_blob_len NUMBER;
v_position NUMBER;
v_raw_chunk RAW(10000);
v_char CHAR(1);
c_chunk_len NUMBER:= 1;
v_line VARCHAR2 (32767):= NULL;
v_data_array wwv_flow_global.vc_arr2;
v_rows NUMBER;
v_count NUMBER;
v_dbid NUMBER;
v_serverid NUMBER;
v_sr_no NUMBER:=1;
v_last_char varchar2(2);
BEGIN
-- Read data from wwv_flow_files
SELECT blob_content INTO v_blob_data FROM wwv_flow_files
WHERE last_updated = (SELECT MAX(last_updated) FROM wwv_flow_files WHERE UPDATED_BY = :APP_USER)
AND id = (SELECT MAX(id) FROM wwv_flow_files WHERE updated_by = :APP_USER);
v_blob_len := dbms_lob.getlength(v_blob_data);
v_position := 1;
-- For removing the first line
WHILE ( v_position <= v_blob_len )
LOOP
v_raw_chunk := dbms_lob.substr(v_blob_data,c_chunk_len,v_position);
v_char := chr(hex_to_decimal(rawtohex(v_raw_chunk)));
v_position := v_position + c_chunk_len;
-- When a whole line is retrieved
IF v_char = CHR(10) THEN
EXIT;
END IF;
END LOOP;
-- Read and convert binary to char
WHILE ( v_position <= v_blob_len )
LOOP
v_raw_chunk := dbms_lob.substr(v_blob_data,c_chunk_len,v_position);
v_char := chr(hex_to_decimal(rawtohex(v_raw_chunk)));
v_line := v_line || v_char;
v_position := v_position + c_chunk_len;
-- When a whole line is retrieved
IF v_char = CHR(10) THEN
--removing the new line character added in the end
v_line := substr(v_line, 1, length(v_line)-2);
--removing the double quotes
v_line := REPLACE (v_line, '"', '');
--checking the absense of data in the end
v_last_char:= substr(v_line,length(v_line),1);
IF v_last_char = CHR(44) THEN
v_line :=v_line||'-';
END IF;
-- Convert each column separated by , into array of data
v_data_array := wwv_flow_utilities.string_to_table (v_line, ',');
-- Insert data into target tables
SELECT SERVERID into v_serverid FROM REPOS_SERVERS WHERE SERVERNAME=v_data_array(2);
SELECT DBID into v_dbid FROM REPOS_DATABASES WHERE DBNAME=v_data_array(1) AND SERVERID=v_serverid;
--Checking whether the data already exist
SELECT COUNT(APPID) INTO v_count FROM REPOS_APPLICATIONS WHERE DBID=v_dbid AND APPNAME=v_data_array(1);
IF v_count = 0 THEN
EXECUTE IMMEDIATE 'INSERT INTO
REPOS_APPLICATIONS (APPID,APPNAME,APP_PROVIDER,DBID,SERVERID,CRITICAL,LAST_UPDATE_BY,LAST_UPDATE_DATE,REMARKS) VALUES(:1,:2,:3,:4,:5,:6,:7,:8,:9)'
USING
APP_ID_SEQ.NEXTVAL,
v_data_array(3),
v_data_array(4),
v_dbid,
v_serverid,
v_data_array(5),
v_data_array(6),
v_data_array(7),
v_data_array(8);
END IF;
-- Clearing out the previous line
v_line := NULL;
END IF;
END LOOP;
END;
==============================================================================================================================
Please find below the new code (which I modified as per my requirements) for uploading data from CSV. It displays 17 columns - Hostname, IP Address, Env Type, Env Num, Env Name, Application, Application Component, Notes, Cluster , Load Balanced, Business User Access Mechanism for Application, Env Owner, Controlled Environment, SSO Enabled, ADSI / LDAP / External Directory Authentication, Disaster Recovery Solution in Place, Interfaces with other application.
This is successfully uploading all the data from CSV, But this uploaded data is not visible in its respective tab.
_*NEW CODE:*_
--PLSQL code for uploading application details
DECLARE
v_blob_data BLOB;
v_blob_len NUMBER;
v_position NUMBER;
v_raw_chunk RAW(10000);
v_char CHAR(1);
c_chunk_len NUMBER:= 1;
v_line VARCHAR2 (32767):= NULL;
v_data_array wwv_flow_global.vc_arr2;
v_rows NUMBER;
v_count NUMBER;
v_dbid NUMBER;
v_serverid NUMBER;
v_sr_no NUMBER:=1;
v_last_char varchar2(2);
BEGIN
-- Read data from wwv_flow_files
SELECT blob_content INTO v_blob_data FROM wwv_flow_files
WHERE last_updated = (SELECT MAX(last_updated) FROM wwv_flow_files WHERE UPDATED_BY = :APP_USER)
AND id = (SELECT MAX(id) FROM wwv_flow_files WHERE updated_by = :APP_USER);
v_blob_len := dbms_lob.getlength(v_blob_data);
v_position := 1;
-- For removing the first line
WHILE ( v_position <= v_blob_len )
LOOP
v_raw_chunk := dbms_lob.substr(v_blob_data,c_chunk_len,v_position);
v_char := chr(hex_to_decimal(rawtohex(v_raw_chunk)));
v_position := v_position + c_chunk_len;
-- When a whole line is retrieved
IF v_char = CHR(10) THEN
EXIT;
END IF;
END LOOP;
-- Read and convert binary to char
WHILE ( v_position <= v_blob_len )
LOOP
v_raw_chunk := dbms_lob.substr(v_blob_data,c_chunk_len,v_position);
v_char := chr(hex_to_decimal(rawtohex(v_raw_chunk)));
v_line := v_line || v_char;
v_position := v_position + c_chunk_len;
-- When a whole line is retrieved
IF v_char = CHR(10) THEN
--removing the new line character added in the end
v_line := substr(v_line, 1, length(v_line)-2);
--removing the double quotes
v_line := REPLACE (v_line, '"', '');
--checking the absense of data in the end
v_last_char:= substr(v_line,length(v_line),1);
IF v_last_char = CHR(44) THEN
v_line :=v_line||'-';
END IF;
-- Convert each column separated by , into array of data
v_data_array := wwv_flow_utilities.string_to_table (v_line, ',');
-- Insert data into target tables
--SELECT SERVERID into v_serverid FROM REPOS_SERVERS WHERE SERVERNAME=v_data_array(2);
--SELECT DBID into v_dbid FROM REPOS_DATABASES WHERE DBNAME=v_data_array(1) AND SERVERID=v_serverid;
--Checking whether the data already exist
--SELECT COUNT(APPID) INTO v_count FROM REPOS_APPLICATIONS WHERE DBID=v_dbid AND APPNAME=v_data_array(1);
IF v_count = 0 THEN
EXECUTE IMMEDIATE 'INSERT INTO
REPOS_APPLICATIONS (APPID,HOSTNAME,IPADDRESS,ENV_TYPE,ENV_NUM,ENV_NAME,APPLICATION,APPLICATION_COMPONENT,NOTES,CLSTR,LOAD_BALANCED,BUSINESS,ENV_OWNER,CONTROLLED,SSO_ENABLED,ADSI,DISASTER,INTERFACES) VALUES(:1,:2,:3,:4,:5,:6,:7,:8,:9,:10,:11,:12,:13,:14,:15,:16,:17,:18)'
USING
APP_ID_SEQ.NEXTVAL,
v_data_array(1),
v_data_array(2),
v_data_array(3),
v_data_array(4),
v_data_array(5),
v_data_array(6),
v_data_array(7),
v_data_array(8),
v_data_array(9),
v_data_array(10),
v_data_array(11),
v_data_array(12),
v_data_array(13),
v_data_array(14),
v_data_array(15),
v_data_array(16),
v_data_array(17);
END IF;
-- Clearing out the previous line
v_line := NULL;
END IF;
END LOOP;
END;
============================================================================================================================
FYI, CREATE TABLE_ is as below:
CREATE TABLE "REPOS_APPLICATIONS"
( "APPID" NUMBER,
"APPNAME" VARCHAR2(50),
"APP_PROVIDER" VARCHAR2(50),
"DBID" NUMBER,
"CRITICAL" VARCHAR2(3),
"REMARKS" VARCHAR2(255),
"LAST_UPDATE_DATE" TIMESTAMP (6) DEFAULT SYSDATE NOT NULL ENABLE,
"LAST_UPDATE_BY" VARCHAR2(10),
"SERVERID" NUMBER,
"HOSTNAME" VARCHAR2(20),
"IPADDRESS" VARCHAR2(16),
"ENV_TYPE" VARCHAR2(20),
"ENV_NUM" VARCHAR2(20),
"ENV_NAME" VARCHAR2(50),
"APPLICATION" VARCHAR2(50),
"APPLICATION_COMPONENT" VARCHAR2(50),
"NOTES" VARCHAR2(255),
"CLSTR" VARCHAR2(20),
"LOAD_BALANCED" VARCHAR2(20),
"BUSINESS" VARCHAR2(255),
"ENV_OWNER" VARCHAR2(20),
"CONTROLLED" VARCHAR2(20),
"SSO_ENABLED" VARCHAR2(20),
"ADSI" VARCHAR2(20),
"DISASTER" VARCHAR2(50),
"INTERFACES" VARCHAR2(50),
CONSTRAINT "REPOS_APPLICATIONS_PK" PRIMARY KEY ("APPID") ENABLE
ALTER TABLE "REPOS_APPLICATIONS" ADD CONSTRAINT "REPOS_APPLICATIONS_R01" FOREIGN KEY ("DBID")
REFERENCES "REPOS_DATABASES" ("DBID") ENABLE
ALTER TABLE "REPOS_APPLICATIONS" ADD CONSTRAINT "REPOS_APPLICATIONS_R02" FOREIGN KEY ("SERVERID")
REFERENCES "REPOS_SERVERS" ("SERVERID") ENABLE
==============================================================================================================================
It would be of great help if someone can help me to resolve this issue with uploading data from CSV.
Thanks & Regards
SharathHi,
You can see the installed dictionaries and change between them by right-clicking and choosing '''Languages''' inside a live text box eg. the box you are in when replying or right-clicking on the '''Search''' box on the top right corner of this page and choosing '''Check Spelling'''. -
No records in Live Authentications
We have not updated to 1.2.1 yet and are running 1.2.0.899. the only changes made to the system was alarm settings, which was just adding emails to alarm notification in settings.
Four hours after the alarm notif. change we started gettings alerts that ISE had not had any authent requests, 2 days later it shows no records in LIve authent or live sessions 4 hours after the change. All subfeilds at the top(i.e., Misconfigured Network Devices, Repeat Counters) are all zero as well. Authentication still SEEMS to be working, i am still able to log into network devices and users are still getting domain access so we are really puzzled as to why nothing is being reported in the logs. On the home page of ISE, it also shows the system summary as "no data available" and we get "no heartbeat" alarms continuously and Critical : health status alerts.ISE 1.2 Dashboard Statics do not update
CSCul94611
Description
Symptom:
Issue with the Live dashboard in ISE 1.1.4 not displaying information and only showing "No Data Available".
The Dash Board will run and work for awhile, but it will randomly stop updating any statistics on the dashboard.
Data will show and is seen in the database, but never updates per incoming/outgoing endpoints.
Live authentications will work fine as well as all users are able to be authenticated. Customer reports do not produce data.
Seen on multiple customer's deployments with fresh installs, a fresh install with a backup from a previous 1.1.x version, as well as upgrading to 1.1.4 from any earlier 1.1.x version.
Conditions:
Cisco ISE 1.2 or 1.1.4
Any browser
Distributed or single node deployment.
Workaround:
The workaround that fixes this M&T corruption is to enter the following commands below:
ms-ise-mgm01/admin# app config ise
Selection ISE configuration option
[1]Reset Active Directory settings to defaults
[2]Display Active Directory settings
[3]Configure Active Directory settings
[4]Restart/Apply Active Directory settings
[5]Clear Active Directory Trusts Cache and restart/apply Active Directory settings
[6]Enable/Disable ERS API
[7]Reset M&T Session Database
[8]Rebuild M&T Unusable Indexes
[9]Purge M&T Operational Data
[10]Reset M&T Database
[11]Refresh M&T Database Statistics
[12]Display Profiler Statistics
[13]Exit
We need to select the following options:
7 to reset the session db
10 to reset the M&T database
11 to refresh the statistics (Possibly do not need. Was only needed in 1 case.)
Once you have run these commands the DashBoard should begin to display information.
This process can take up to 12 hours to complete all three steps. Roughly 1 to 3 hours per option selected.
Known Affected Releases:
(1)
1.2(0.899) -
WLC, ISE certificate authentication issue
Hi Folks,
This is the setup:
Redundant pair of WLC 5508 (version 7.5.102.0)
Redundant Pair of ISE (Version 1.2.0.899)
The ISE servers are connected to the corporate Active Directory (the AD servers are configured as external identity sources)
There is a rule based authentication profile which queries the AD identity source when it receives wireless 802.1x authentication requests.
A corporate WLAN is configured on the WLC:
L2 security WPA+WPA2 (AES Encryption), ISE server 1 and 2 configured as the AAA Authentication servers.
This is all working correctly - I associate to the Corp WLAN (Authentication WPA2 enterprise, encryption AES CCMP, 802.1x auth MS-CHAPv2 using AD credentials) ... I can see the authentication request being processed correctly by the ISE, and I get access to the network.
The client I am working for wants to restrict access to the WLAN to users who have been allocated a certificate from the corporate CA, and this is where I am having issues.
I took a test laptop, and requested a new certificate (mmc, add snapin, certificates, current user, personal, request new cert).
The cert that was issued was signed only by a Corporate AD server with CA services (there is nothing in the certification path above the cert I was issued, apart from the issuing server itself). I changed the security settings of my connection to the corp wlan (using TLS instead of mschapv2, and pointing to the certificate I requested)
Initally authentication failed because the ISE did not trust the CA that provided my certificate (the ISE radius authentication troubleshooting tool had this entry: '12514 EAP-TLS failed SSL/TLS handshake because of an unknown CA in the client certificates chain').
I exported the issuing CA's root certificate (followed this process http://support.microsoft.com/kb/555252), and imported the cert into ISE (administration, system, certificates, certificate store, import) - status of the cert is enabled, and it is trusted for client auth.
After I did this, I could no longer associate to the Corp WLAN.
My laptop's wireless management software logs were filled with messages saying that the authentication server did not respond.
The ISE troubleshooting tool reported no new failed or successful authentication attempts.
Strangely though, the WLC log had a lot of entries like this: 'AAA Authentication Failure for UserName:host/laptop_asset_tag.corp.com User Type: WLAN USER'.
It looks like the WLC is trying to locally authenticate my session when I use TLS, rather than hand off the authentication request to the ISE. Other users who authenticate using their AD credentials only (as I described above) can still authenticate ok.
Anyone able to shed some light on where I have gone wrong or what additional troubleshooting I can do?
Thanks in advance,
DarraghHi,
I had the same issue with microsoft CA and running ISE 1.1.4. The CA file was "corrupted", but you didn't see it at first glance. You can verify if the client CA matches the root CA via openssl.
Try to export the root CA and the issuing CA in a different format (Base64), import both root and issuing into ise and check if that works. Also check if "Trust for client authentication or Secure Syslog services" in the Certificate Store -> CA -> Edit, is set.
If this does not work, try to import the CA into another system and export it, then import into ISE.
Regards, -
Captivate 5.5 published files are not visible in Fire Fox or open in new window.
When I publish and post Captivate 5.5, the HTML or the swf files do not display in Fire Fox (latest version) without forcing the file to open in a new window (if it displays at all). If it does work, the Flash security blocks the swf on an ugly view until the user clicks.
I thought it was because I have to assign a direct URL to each component, but all of the other Captivate sites I have reviewed have the same issue when viewing in Fire Fox.
IE will display after the active x is authorized (I can live with that).
You Tube and other Flash display properly in Fire Fox, just not Captivate products.
I have disabled off all plugins, modified the protected settings, and everything I could find listed in the Fire Fox help. I have installed a previous version of Flash and Shockwave Player. Short of reinstalling windows, it is not working and that will not help because the published content is not visible on any other machine in the office or at home.
The files are in a Portal, so I cannot share them unless you are in the DoD and have an AKO or DKO account.
However, here is another example of the Captivate not working.
https://clc.dau.mil/games (this displays on some computers, but not all)
http://www.hartisd.net/pages/uploaded_files/Assignment_Search.mht (After allowing the mht, this displays in IE)
I am not sure if it has something to do with the other 2 published xml files that are not directly referenced in the html, but I just need either the swf or html to display in the iframe without forcing another window to display and without a lot of dependecy issues with other add-ons in Fire Fox.
- Thanks!Any of the DAU games, if they display. It is a government site, so they have the standard gov garbage (stuff not working like certificates), but nothing is harmful nor can they do anything to track other than the current session.
It is kind of weird how the content is displayed... It is not an intranet, it goes to a limited access portal. When I store content, it uses an absolute path instead of relative path. Very aggrevating when using many of the tools for non-programmers (like me), and probably more aggrevating for programmers.
Whether I point directly to the .swf or to the generated HTML, the content displays in IE, but not in FF.
It may be a combination of FF and Captivate. FF seems rather flaky in dealing with swf files. There is the consideration for add-ons, but I tried on a newly imaged computer and it still was not working. Even after going through all of the FF steps to get it to work.
Basically we had to create a new HTML file to display the content because the Captivate published files don't work. However, the new HTML does not reference the XML files.
When I publish, I get 5 different files, .swf, .htm, .js, and 2 .xml. When I dig through the code (once again, not a programmer, soo I may be missing something), even round tripping to Flash, I do not see how the .xml files are referenced at all.
These may be different topics, not sure, it came up because I am trying to get a simple solution from the product that can be easily transferred to our production servers and available for Solders to access.
- Thanks
Michael -
ISE Certificate Chain Not Trusted By WLAN Clients
We are running ISE 1.1.3 using Entrust cert signed by Entrust sub CA L1C, which is signed by Entrust.net 2048, which is in all major OS stores as trusted (Windows, Android, iOS).
We have installed a concatenated PEM file with all of the certificates from the chain, as described in the ISE User Guides. The ISE GUI shows all of the certs in the chain individually after the import (i.e. the chain works and is good). However, we are not sure if the ISE is sending the entire chain to the WLAN clients during EAP authentication or just the ISE cert because of the error message we get on ALL client types which state that the certifiicate is not trusted.
So the question is if the ISE is really sending the whole chain or just its own cert with out the rest of the certs in the chain (which would explain why the WLAN clients complain about the certificate trust.)
Anyone out there know if the ISE code is not up to sending the cert chain in version 1.1.3 yet or if there is some other explanation? Screenshot attached of iPhone prompting for cert verification.Thanks hardiklodhia, your post confirms what we are seeing - the Windows clients have no issue as long as they are set to either NOT validate the EAP server cert or they are set to trust the signing CA cert from the local store by specifically selecting the signing CA (i.e. tick next to "Validate Serverr Certificate" and then another tick next to the signing CA cert in the box below.)
The iOS clients ALWAYS prompt for verification (thanks Apple.)
Note: we are using 1.1.3 and the cert chain import using a concatenated PEM file with ALL of the certs in the chain works fine. We are seeing the whole chain on the clients and the ISE extracts each PEM file into its local store.
The PEM file format is not adequately described in the user guides rather a vague description of cert order is provided.
The file should look like this:
-------------------------Top of page-----------------------------
Root CA PEM FILE
Intermediate CA 1 PEM FILE
Intermediate CA 2 PEM FILE
ETC
ISE CERT PEM FILE
------------------------Bottom of page-------------------------
By "PEM FILE" I mean the actual base64 encoded PEM output from openssl when you convert a .crt or .der file to PEM, including the words "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" for each PEM FILE above,
e.g.
-----BEGIN CERTIFICATE-----
MIIE2DCCBEGgAwIBAgIEN0rSQzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05OTA1
MjUxNjA5NDBaFw0xOTA1MjUxNjM5NDBaMIHDMQswCQYDVQQGEwJVUzEUMBIGA1UE
ChMLRW50cnVzdC5uZXQxOzA5BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5j
MAwGA1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EABAwwChsEVjQuMAMCBJAwDQYJKoZI
hvcNAQEFBQADgYEAkNwwAvpkdMKnCqV8IY00F6j7Rw7/JXyNEwr75Ji174z4xRAN
95K+8cPV1ZVqBLssziY2ZcgxxufuP+NXdYR6Ee9GTxj005i7qIcyunL2POI9n9cd
2cNgQ4xYDiKWL2KjLB+6rQXvqzJ4h6BUcxm1XAX5Uj5tLUUL9wqT6u0G+bI=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEnzCCBAigAwIBAgIERp6RGjANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
VeSB0RGAvtiJuQijMfmhJAkWuXAwHwYDVR0jBBgwFoAU8BdiE1U9s/8KAGv7UISX
8+1i0BowGQYJKoZIhvZ9B0EABAwwChsEVjcuMQMCAIEwDQYJKoZIhvcNAQEFBQAD
gYEAj2WiMI4mq4rsNRaY6QPwjRdfvExsAvZ0UuDCxh/O8qYRDKixDk2Ei3E277M1
RfPB+JbFi1WkzGuDFiAy2r77r5u3n+F+hJ+ePFCnP1zCvouGuAiS7vhCKw0T43aF
SApKv9ClOwqwVLht4wj5NI0LjosSzBcaM4eVyJ4K3FBTF3s=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIETA6MOTANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5
IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp
EN551lZqpHgUSdl87TBeaeptJEZaiDQ9JifPaUGEHATaGTgu24lBOX5lH51aOszh
DEw3oc5gk6i1jMo/uitdTBuBiXrKNjCc/4Tj/jrx93lxybXTMwPKd86wuinSNF1z
/6T98iW4NUV5eh+Xrsm+CmiEmXQ5qE56JvXN3iXiN4VlB6fKxQW3EzgNLfBtGc7e
mWEn7kVuxzn/9sWL4Mt8ih7VegcxKlJcOlAZOKlE+jyoz+95nWrZ5S6hjyko1+yq
wfsm5p9GJKaxB825DOgNghYAHZaS/KYIoA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIETB9GEzANBgkqhkiG9w0BAQUFADCBsTELMAkGA1UEBhMC
VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
Lm5ldC9ycGEgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW
KGMpIDIwMDkgRW50cnVzdCwgSW5jLjEuMCwGA1UEAxMlRW50cnVzdCBDZXJ0aWZp
yhHR/hYfdVM88hBXXypACgrxBv/JFlKzSEDwKydJeT1tcP//nG4jv1WWgLk6O2Mi
0oE0fnGmuf9fTX4+CdapG2gTDFJ29Chv3kavJDNtB85A7CK8oWI8Qav78Rvaz7nA
LiRMLBQ1RkqUrQFL2WHx4mJkCddPXzOeOVJlUTGJ
-----END CERTIFICATE-----
The last PEM output (the one directly above) is the ISE cert in PEM format. The first PEM output (the one at the top) is the Root CA cert in PEM format. The ones in the middle are intermediate signing CAs in order (from root to leaf). -
OWB11gR2: Mapping execution in a process flow not visible in OWB Browser
When a mapping is executed inside a process flow, execution details are not visible in OWB Repository Browser (Control Center reports) - rows processed, errors etc. Mapping row is missing in a log, like it never happened (but it did).
This auditing information is very important for monitoring reasons (to our customers also) and I just don't get it how this functionality is lost with this version. Another serious bug?Hi David,
I was rather tired and frustrated last evening, so today I noticed some things I didn't yesterday. Your reply gave me a new motivation.
The conclusion is - a mapping execution in a process flow is logged, but the way activities are displayed in OWB Browser are now different than in previous versions. If I click on 'Execution Job Report' on a process flow, I see all the activities listed except mappings (transformations, assign, file exists, subprocess etc.). If I want to see mapping execution row, I must click on a plus (expand) sign.
This kind of behavior will make processes with a complex hierarchy (usually we have more than 5 levels of subprocesses) rather vast to monitor. In 10gR2, a drilling down was accomplished by opening a new browser tab (Execution Job Report link) for each subprocess/mapping activity. Now it shall remain on one huge screen (list) that keeps expanding.
But, if that is the new feature, we shall live with that. If our customers won't like it, they will have to get used to it.
Thank you for your reply! -
Process is not visible in BPM Workspace in Application panel 2
Hi dear developers,
I had a problem about BPM process. I was trying to implement this tutorial -> http://st-curriculum.oracle.com/obe/fmw/obpm/11g/r1/firstProcess/firstprocess_obpm11g.htm#t3
And all the steps had been done. But the deployment step, i couldn't see my process on the BPM Workspace. I searched the other opinions in the forum. It's completely same with this thread -> Process is not visible in BPM Workspace in Application panel
Nevertheless, couldn't find anything helpful. Could you help me please?
Thanks in advance.
ErdoHi Erdo
I hope you already ran the demo community seed app to create all the test users and groups etc in the default authenticator. If not, please see this below post:
Re: New to BPM: How to get the tasks in the Workspace
1. First login into bpm/workspace with domain adminstrator username/password. Then on right side, click on Adminstration link and see if you could see all the roles related to hello world app and also the users that you added to those roles.
One other very basic thing is, you should and must deploy the TaskForms project that has all the taskdetails UI pages. I hope you did this while deploying the workflow and checking the check boxes to deploy other ui projects also.
If seeding and getting demo uses is confusing, you can always use your own users. From weblogic console, create some extra users like weblogic1, weblogic2, weblogic3 etc with some password. Then use these users to assign to the roles from hello world app. Then login with these users. This will also work.
Thanks
Ravi Jegga
Maybe you are looking for
-
My ipod will charge but does not show in itunes or windows
I tried to use my ipod as a disk to transfer my itunes library from my desktop to my notebook (both Dell), now my ipod charges, but does not show up in itunes or on either of my computers. I have used the advice of going to control panel and unchecki
-
ITunes does not recognize 5th gen. iPod 60gb
It mounts on my desktop, but *does not show up under the devices tab in iTunes* (v9.2). I'm running Snow Leopard 10.6.4 on an iMac (2.4 Ghz Intel Core 2 Duo with 4GB of RAM). Any help is appreciated. THANKS! Dennis
-
How do I know if the app purchases are being taken from the app gift card vs. my credit card? And how can I see the balance remaining on the gift card?
-
Help Will Not Install ITunes 7.3
This is a problem I can install ITunes at all cause it can not unistall the older version, this is frustrating, I tried to uninstal the old one and it can not be found. Help...What do I do? Thanks..
-
Campaign creation : selecting a busines partner then hierarchy node
Hello In MSA 4 SP8, while creating a Campaign, if I first select the Client Type as "Business Partner" then change to "Hierarchy Node", when I save it tells me that the Business Partner field is not correct, though I told it to choose the other optio