ISE with dot1x and Posture deployment in pararrel with certain users

Hi,
We want to deploy ISE in sequencial order, meaning that I will initially have all users authenticate/authorized with dot1x/MAB etc, then only on certain locations or users to have posture condition validation/verification while others not.
Can someone please advise whether this approach is possible, as far I understand, once you have posture policies in place as authorization rule it will hit all the users. This may be possible where you can match the switch or the location as a seperate condition, but if all users are spread/mixed we just need to find a simple way how to do it or whether it is not possible..?

We have modified the attached policy on rule 04 and 05 (from top) and add a new condition Device locationEqual "Switch1".According to this rule any user connected to Switch1 only do the posture and same user PCconnect any other switch (other than switch1), it should do only the dot1x/MAB (rule 1-3). But in our case user PC connect any other switch than switch1, it hit the ISE default policy(not included in this attachement) and also it pop-ups the NAC agent and do the posturing. Questions-why the PC/user is not hitting rule 1-3 and goes to default rule-why the PC/user is doing posture where there's no posture rule hitting.
Hi,
First of all, I would assume you configured the PC for machine or user authentication.
So, when a user connects to the network using other switch but not switch1, it will get 2 hits:
1. Computer authentication - this PC is part of Domain Computers
2. Default rule - because you configured (domain) user authentication for dot1x requests that are received only from switch1!
You haven't specified a rule for domain users alone (with no location condition) and with no posture.
You have to add something like this:
1. dot1x + Domain PC
2. dot1x + Domain User + location + preposture
3. dot1x + Domain User + location + posture compliant
4. dot1x + Domain User (and no posture condition)
To answer your second question, event though you 've excepted a certain user from posture, if NAC Agent is installed, it will popup and it will say that you're compliant, so practically it isn't doing posture
(http://www.cisco.com/en/US/docs/security/ise/1.1/user_guide/ise_pos_pol.html)
Generating a Posture Requirement The run-time services requests for the posture requirement for the  endpoint by looking up at the role to which the user belongs to and the  operating system on the client. If you do not have a policy associated  with the role, then the run-time services communicate to the NAC Agent  with an empty requirement. If you have a policy associated with the  role, then the run-time services run through the posture policies  through one or more requirements associated with the policies and for  each requirement through one or more conditions.
If you want to rollout for posture, you could use exception rules (check the top section of authorization rules) or you could do only posture audit for your rules so that everyone can get network access event though they're not compliant.

Similar Messages

  • ISE 1.2 and Posture Report Before Login

    Hi everyone,
    Is it possible for the ISE 1.2 NAC/Posture agent to submit a posture report before user login on a Windows desktop system?
    We're trialling ISE 1.2, performing machine based authentication using EAP-TLS/Certificates. On top of this we are also using the posture agent and do not grant access until a 'compliant' posture report is received.
    Currently when a desktop powers up the posture status is 'pending' and this does not change until the user logs in, the NAC agent submits a successful posture report. This can take quite a few minutes leaving the user in a state of limbo where they have logged in to the computer but they must wait for the posture report.
    I see the NacAgent service runs as system, but the NACAgentUI.exe does not and only starts with the user logs in.
    Thanks,
    Mark

    That is correct, the nac agent is unaware of what policies exist in your ISE design. It's sole purpose is to start when the services allow it to do so and then send the information about the services and AV information it can gather so ISE can make a decision on whether the client is compliant or not compliant, it can then take direction on how to remeidate the client when it fails. There is nothing you can configure from ISE that will allow you to run the nac agent before user login.
    In the end when the nac agent makes into the anyconnect secure mobility client you might have hope there since there are some start before login vpn features, but I do not see the nac agent adopting this any time soon. You should however still work with your Cisco Account team on doing some research with the BU on your behalf, this could benefit alot of nac customers.
    thanks,
    Tarik Admani
    *Please rate helpful posts*

  • No pattern in my inability to not chat with certain users

    I have 4 buddy's that I am trying to Video with. 2 work great. They both own new iMacs.
    I have a third buddy that bought a new iMac and I get the communication error message. IM does work with these users.
    My most recent friend has a PC with AIM. The IM works. When we go to connect on Video it goes through all the steps properly then says the user declined even when he actually accepted. It does the same regardless of who is call who.
    I tried the preference change that was recommended but it didn't help.

    Hi,
    Has the AIM (PC user) allowed the app through his XP or Vista Firewall ?
    Most likely it is allowing the applications through any routing device as well
    7:34 PM Saturday; December 8, 2007

  • MacOS X: Cisco Any Connect 3.x client crashes with certain user

    Hello,
    I'm using Cisco AnyConnect Secure Mobility Client 3.1.03103. The OS I'm running is Mac OS X 10.8.4 on a MacBook Pro.
    During connection (about 5 seconds after pressing the connect button) the VPN clients crashes.
    "Cisco AnyConnect Secure Mobility Client qut unexpectedly"
    Here is a part of the panic string
    --- snip ---
    Process:         Cisco AnyConnect Secure Mobility Client [1205]
    Path:            /Applications/Cisco/Cisco AnyConnect Secure Mobility Client.app/Contents/MacOS/Cisco AnyConnect Secure Mobility Client
    Identifier:      com.cisco.Cisco-AnyConnect-Secure-Mobility-Client
    Version:         3.1 (1)
    Code Type:       X86 (Native)
    Parent Process:  launchd [239]
    User ID:         502
    Date/Time:       2013-06-12 17:52:08.425 +0200
    OS Version:      Mac OS X 10.8.4 (12E55)
    Report Version:  10
    Interval Since Last Report:          166 sec
    Crashes Since Last Report:           2
    Per-App Interval Since Last Report:  130 sec
    Per-App Crashes Since Last Report:   1
    Anonymous UUID:                      703DE2BD-C547-C2AE-CC3A-4A411DC4D4CC
    Crashed Thread:  3
    Exception Type:  EXC_BAD_ACCESS (SIGBUS)
    Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000004
    VM Regions Near 0x4:
    --> __PAGEZERO             0000000000000000-0000000000001000 [    4K] ---/--- SM=NUL  /Applications/Cisco/Cisco AnyConnect Secure Mobility Client.app/Contents/MacOS/Cisco AnyConnect Secure Mobility Client
        __TEXT                 0000000000001000-00000000000bc000 [  748K] r-x/rwx SM=COW  /Applications/Cisco/Cisco AnyConnect Secure Mobility Client.app/Contents/MacOS/Cisco AnyConnect Secure Mobility Client
    --- snip ----
    This only happens with one user. With two other users on that same system the issue does not happen.It started after I added Admin rights to that user. I also removed the Admin rights but the error still happens.
    I uninstalled the client, deleted /op/cisco directoy and the .anyconnect file in the home directory. I rebooted the MacBook and installed it again. But no change, the error still happens.
    Is there any other fix besides deleting and re-creating the user? There must be some configuration file (besides /opt/cisco/anyconnect/profile or the .anyconnect file in the user home ) in the home directory but I haven't found anything.
    Help greatly appreciated :-)
    Cheers
    Niels

    We've recently run into an issue related to this. We found that it was related somehow to Firefox. If one looks inside of
    /Applications/Cisco/Cisco AnyConnect Secure Mobility Client.app/Contents/MacOS/ there are symlinks to Firefox libraries:
    $ ls -lntotal 1800-rwxrwxr-x  1 0     80  891232 Aug  3  2012 Cisco AnyConnect Secure Mobility Clientlrwxr-xr-x  1 1001  80      60 Jun 13 15:57 libmozsqlite3.dylib -> /Applications/Firefox.app/Contents/MacOS/libmozsqlite3.dyliblrwxr-xr-x  1 1001  80      55 Jun 13 15:57 libnspr4.dylib -> /Applications/Firefox.app/Contents/MacOS/libnspr4.dyliblrwxr-xr-x  1 1001  80      54 Jun 13 15:57 libnss3.dylib -> /Applications/Firefox.app/Contents/MacOS/libnss3.dyliblrwxr-xr-x  1 1001  80      58 Jun 13 15:57 libnssutil3.dylib -> /Applications/Firefox.app/Contents/MacOS/libnssutil3.dyliblrwxr-xr-x  1 1001  80      54 Jun 13 15:57 libplc4.dylib -> /Applications/Firefox.app/Contents/MacOS/libplc4.dyliblrwxr-xr-x  1 1001  80      55 Jun 13 15:57 libplds4.dylib -> /Applications/Firefox.app/Contents/MacOS/libplds4.dyliblrwxr-xr-x  1 1001  80      58 Jun 13 15:57 libsoftokn3.dylib -> /Applications/Firefox.app/Contents/MacOS/libsoftokn3.dylib
    So as a simple confirmation we were able to remove Firefox and have AnyConnect connect fine. As a more permanent workaround we replaced the above symlinks with 0 byte files and we were able to have our cake (AnyConnect connecting) and eat it too (Firefox installed as well).

  • SahrePoint 2013 Server & Project Server 2013 - Notifications and reminders are not received by certain users

    Dears,
    We have recently implemented MS EPM 2013 where we started to face some strange behavior with the standard alerts and reminders sent from the system.
    Minor number of the users (with different levels of privileges from administrators to team members) are receiving emails and alerts normally (either when they are assigned on project schedule tasks or SharePoint list items alerts) without any issues however
    the. on the other hand the other majority number of resources are not receiving any kind of alerts from the system (neither from Project Server Nor from SharePoint).
    knowing that, all the resources/users have their emails configured properly, and their other attributes are almost the same for all users. all the emails are stored on the same exchange server.
    Anyone can help on this please.
    Appreciate your cooperation.
    Ibrahim Al-Masri Technology Manager at MethodCorp

    Thanks Dinesh, 
    Actually the users have this global permissions configured for them and yet they weren't receiving emails.
    We Just could solve this puzzle, all what we needed to do is to configure the
    RBS for the majority for the users who weren't receiving emails. 
    Welcome to EPM 2013 UN-unannounced changes.
    Ibrahim Al-Masri Technology Manager at MethodCorp

  • Issues with only certain users under AD Auth

    Tim,
         I wanted to find out of new copies of install documents for JAVA AD Auth and SSO for Windows.  I have one from mid 2008.  I have customer that is having a ON again OFF again issues with certain users.  See error below
    While processing an AS request for target service krbtgt/ROMAMOULDING.COM, the account dbowman did not have a suitable key for generating a Kerberos ticket (the missing key has an ID of 3). The requested etypes : 17. The accounts available etypes : 23  -133  -128  3  1  -140. Changing or resetting the password of krbtgt will generate a proper key.
    I am running BOE Edge 3.1 w/ FP 1.2
    Thanks Kindly,
    Ajay Gupta

    Old post but since there was no answer and I have that case recently : here are some clue.
    your environnemnt is  the state describe here: The security principals and the services that use only DES encryption for Kerberos authentication are incompatible with the default settings on a computer that is running Windows 7 or Windows Server 2008 R2.  http://support.microsoft.com/kb/977321
    external similar post( (http://www.networksteve.com/forum/topic.php?TopicId=5574 http://social.technet.microsoft.com/Forums/en/winserversecurity/thread/ecf15eb9-26cf-483b-b1e3-1b1c7e4901e8 )
    You should consider to apply the Microsoft fix on the 2008 Domain controller(s).
    http://support.microsoft.com/kb/978055. FIX: User accounts that use DES encryption for Kerberos authentication types cannot be authenticated in a Windows Server 2003 domain after a Windows Server 2008 R2 domain controller joins the domain
    cheers
    Christophe

  • ISe with NAC agent pop up and Posture waiting

    Hi,
    I have ISE running ver 1.1.1.268. We limited access certain services before authuenticate with ACL-DEFAULT(given below) as per the Trustsec desgin guide.
    Now the issue is that when you have ACL-DEFAULT on the port NAC agent doest not pop-up and doest not start the posture part and saying waiting for Posture validation. When the ACL-DEFAULT removed from the access port NAC agent popup and do the posture validation.
    However we do not want user to get access to network before the authorization and that is the reason we use the ACL-DEFAULT.
    Please can someone advise me how to achieve the above both task. Why the NAC agent does not popup and do the posture when ACL-DEFAULT there in the switch.
    Here is what I have configured on ACL-DEFAULT.
    ip access-list extended ACL-DEFAULT
    remark DHCP
    permit udp any eq bootpc any eq bootps
    remark DNS
    permit udp any any eq domain
    permit tcp any any eq domain
    permit udp any any eq 389
    permit tcp any any eq 135
    permit tcp any any eq 445
    permit udp any any eq 445
    permit tcp any any range 135 139
    permit tcp any any eq 389
    permit tcp any any eq 3268
    permit icmp any any
    remark PXE / TFTP
    permit udp any any eq tftp
    permit tcp any host 172.xx.xx.xx eq 8443 (ISE-Pri)
    permit tcp any host 172.xx.xx.xx eq 8443 (ISE-Sec)
    remark Drop all the rest
    deny   ip any any log
    Appreciate if someone can give a solid resolution and explanation to this.

    Hi Saurav,
    We have already allowed those ports with another acl (ACL-POSTURE-REDIRECT). Our issue is not with the web nac agent.
    The issue is with NAC agent installed on corperate PCs connecting via wired port. With the ACL-DEFAULT it does not pop-up and does not do the posturing, however once we removed the ACL-DEFAULT from the access port, everything works fine.
    Since we do not want any user to access unwanted services before authorization we add this ACL on the access-port and as per the trustsec desgin this has to be there if you want to have ISE with closed mode.
    thanks

  • Cisco ISE Vs Cisco Anyconnect Posture module with Advanced Endpoint Protection

    We are planning to use cisco Anyconnect posture module with Adv Endpoint protection to examine the VPN users- This can check whether they a antivirus/anti spyware software installed on their work station and can force to update def file if its older than specified number of days, it can also check the firewall status on their workstation and enable if its not already.This can detect keylogger and emulation softwares also.
    Do we get any additional advantages in using ISE compared to Anyconnect posture module ......
    Siddhartha       

    These are good questions. We had them last year before we decided to purchase ISE, specifically for our VPN users.
    I will be watching this thread to see what kind of responses you get.
    As of right now, I can verify the ISE can indeed check if specific Anti-Virus is installed (i.e., your corporate AntiVirus), or if ANY (supported by Cisco within ISE) antivirus is installed, and it can force an update process for the AV if it detects that the DAT files are older than a admin specified amount of time.
    Our issue at the moment (if you haven't searched the forums) is ISE detected the proper WSUS updates are indeed installed on the users systems and allowing the users system to talk to our internal WSUS server.
    We are now wondering if the Advanced Endpoint licensing on the ASA would have been a better way to go.
    Wishing you luck in finding your answers for us all.
    Dirk

  • Hi we setup ISE in our lab and planning for prodution with 2000 user endpoints. We have SNS appliance but confused with ISE lice

    Hi we setup ISE in our lab and planning for prodution with 2000 user endpoints. We have SNS appliance but confused with ISE license bt plus and advanced..Please advise.

    Plus:
        Bring Your Own Device (BYOD)
        Profiling
        Endpoint Protection Service (EPS)
        TrustSec SGT
    Advanced :
        Bring Your Own Device (BYOD)
        Profiling
        Endpoint Protection Service (EPS)
        TrustSec SGT
        Mobile Device Manager (MDM)
        Health Compliance and Remediation
        Posture
    Base license is Perpetual

  • Cisco ISE with both internal and External RADIUS Server

    Hi
    I have ISE 1.2 , I configured it as management monitor and PSN and it work fine
    I would like to know if I can integrate an external radius server and work with both internal and External RADIUS Server simultanously
    So some computer (groupe_A in active directory ) will continu to made radius authentication on the ISE internal radius and other computer (groupe_B in active directory) will made radius authentication on an external radius server
    I will like to know if it is possible to configure it and how I can do it ?
    Thanks in advance for your help
    Regards
    Blaise

    Cisco ISE can function both as a RADIUS server and as a RADIUS proxy server. When it acts as a proxy server, Cisco ISE receives authentication and accounting requests from the network access server (NAS) and forwards them to the external RADIUS server. Cisco ISE accepts the results of the requests and returns them to the NAS.
    Cisco ISE can simultaneously act as a proxy server to multiple external RADIUS servers. You can use the external RADIUS servers that you configure here in RADIUS server sequences. The External RADIUS Server page lists all the external RADIUS servers that you have defined in Cisco ISE. You can use the filter option to search for specific RADIUS servers based on the name or description, or both. In both simple and rule-based authentication policies, you can use the RADIUS server sequences to proxy the requests to a RADIUS server.
    The RADIUS server sequence strips the domain name from the RADIUS-Username attribute for RADIUS authentications. This domain stripping is not applicable for EAP authentications, which use the EAP-Identity attribute. The RADIUS proxy server obtains the username from the RADIUS-Username attribute and strips it from the character that you specify when you configure the RADIUS server sequence. For EAP authentications, the RADIUS proxy server obtains the username from the EAP-Identity attribute. EAP authentications that use the RADIUS server sequence will succeed only if the EAP-Identity and RADIUS-Username values are the same.

  • Deploying a program to a user with UAC enabled causes LaunchWith32BitLauncher error and system crash

    We are deploying a program to run as the logged on user on a Win 7 Sp1 client which runs as an EXE silently.  It fails to execute and we believe that it's due to it being blocked by UAC.
    When we examine the logs we see the following error in the Ccm32BitLauncher.log "the LaunchWith32BitLauncher failed with error code 0x800702e4" (The requested operation requires elevation) and in the execmgr.log we see "CreateProcess
    or CreateProcessAsUser failed to execute command line with non-recoverable error 0x800702e4" along with "EnterRsRuningState failed to run script scriptname.exe 0x87d01101" (A fatal error has been encountered while attempting to run the program.
    The program execution will not be retried.) Afterwards the system will either recycle hard or blue screen - sometimes its immediate and sometimes its 1-3 minutes later.
    This program runs against the machine with the user's rights, which may or may not have admin rights, because its modifying something user specific.  For the users that have admin rights it works fine, on other non admin users is when it crashes.
    Anyone else come across this out there?  We are running SCCM 2012 R2 (no CUs).
    Thanks
    - Dave

    Hi,
    If this problem is related to UAC, you could try to set GPO settings(User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode) to
    Elevate without prompting.
    For more information:
    ConfigMgr 2012: Application Deployment and User Account Control (UAC)
    http://mwesterink.wordpress.com/2013/10/04/configmgr-2012-application-deployment-and-user-account-control-uac/
    Note: Microsoft provides third-party contact information to help you find technical support. This contact
    information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.
    Best Regards,
    Joyce
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • Issues with running permission scripts on Hoted desktop via Citrix and when deploying via SCCM

    I am running a permissioning VBScript which runs when I do a standalone insallation manually running the power shell commands to add and publish the application.
    This only runs vis SCCM when a machine installation is acrried out but not a per user installation. Any ideas?
    The same script seems to run sometimes & sometimes does not on a hosted desktop with aps publish via citrix from the appv server. Any ideas?. A coppy of my Deploymentconfig.xml file userscript section that calls the script is below
    <UserScripts>
          <StartProcess RunInVirtualEnvironment="true">
            <ApplicationId>[{AppVPackageRoot}]\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe</ApplicationId>
            <Path>[{AppVPackageRoot}]\..\Scripts\AdobeSerialization.exe</Path>
            <Arguments>adobe_prtk --tool=VolumeSerialize --provfile=[{AppVPackageRoot}]\..\Scripts\prov.xml</Arguments>
            <Wait RollbackOnError="false" />
          </StartProcess>
          <StartVirtualEnvironment>
            <Path>WSCRIPT.EXE</Path>
            <Arguments>[{AppVPackageRoot}]\..\Scripts\VFSCACLS.vbs -guid 6d0756af-b755-493b-8cee-4299e8666978 -error -name "Adobe Photoshop CS6"</Arguments>
            <Wait RollbackOnError="false" />
          </StartVirtualEnvironment>
        </UserScripts>
    The guys in the build team reckon this is an application issues but I can't see how it can be if the applications runs when manually calling the powersehell commands. Also like I said on the Hosted desktop one minutes the script runs and one minute it does
    not.
    Can someone help please?

    Hello,
    If deploying the application to the user, and the configuration file is updated as part of the content and distributed to the DPs, and then downloaded to the client and the client is enabled to run scripts - no I never had that issue.
    If I had something which didn't work I would usually verify what is on the Distribution Point?
    You can download the SCCM 2012 R2 toolkit to verify what is on the DPs;
    http://www.microsoft.com/en-us/download/details.aspx?id=36213
    If it is deployed to the client - it means you can read the client log-file from SCCM. See the AppEnforce.log as a potential candidate;
    http://technet.microsoft.com/en-us/library/hh427342.aspx#BKMK_AppManageLog
    If it gets properly parsed by the App-V Client you can check the App-V event logs, see Tim Mangans blog post about enabling further debug-logs;
    http://www.tmurgent.com/TMBlog/?p=1247
    As I can't see what is happening within your Environment I would redo all the steps and verify what the results were of each step. If one step fails, I would then post what step I had performed up until that point, what the result were of each step and what
    was happening within the final step that I would consider a failure.
    Nicke Källén | The Knack| Twitter:
    @Znackattack

  • ISE 1.3 and Windows Posture Web Agent

    Hello,
    I am running ISE 1.3 and have an issue running the Posture Web Agent. The client authenticates and gets redirected to the client provisioning portal but get the following message
    Detecting if Web Agent is installed and running gets ticked and then it keeps rolling at scanning your device. Open Web Agent to check the current status of the system scan and update your system as instructed.
    See attached screen shot

    is this issue specific to particular groups of clients/OS type... if using Windows 8, Internet Explorer 10 has two modes: Desktop and Metro. In Metro mode, the ActiveX plugins are restricted. You cannot download the Cisco NAC Agent in Metro mode. You must switch to Desktop mode, ensure ActiveX controls are enabled, and then launch Internet Explorer to download the Cisco NAC Agent. (If users are still not able to download Cisco NAC agent, check and enable “compatibility mode.”)

  • Ise patch 1 and 2 for 1.1.4 problem with resetting-application

    Hi guys,
    For your info. ISE patch 1 and 2 got the same problem on 1.1.4. If you got patches installed and tries to reset the application of ISE the monitoring applets are all gone. It's loading an empty page. Solution: rollback any installed patches. Monitoring is back up again. Install the patches again and erverything is fine. Took me one afternoon to figure this out.

    Hi Ravi,
    Do you know, what is going wrong? I'm wondering if everything is working correctly and if patches are applied correctly.

  • Cisco ISE 1.2 Patch 8 with Roaming User Profiles

    ISE 1.2 with patch 8 has been installed and Works fine.
    Using AnyConnect Secure Mobility Client (NAM) 3.1.04072 and Cisco NAC Agent version 4.9.1013
    Scenario is EAP Chaining which does machine authentication + User Authentication
    After NAC Agent Pops up and Posture Assessment is successful, Users cannot see their Home drives and few other Network Drives.
    Sometimes during login we get the Error Message "User Profile cannot be loaded" and "User cannot Logon"
    Also while logging off We get the screen "Your Roaming Profile was not synchronized"
    All the Home Drives and Network Shared drives IP addresses are already added in the Downloadable ACL's.
    Any other Workaround to overcome these errors.
    Regards,
    Ramkumar.B

    This is that i did abviously... but the two PSN stay in status "Node down", the application service won't start correctly with these ADE-OS logs entries :
    2014-05-28T10:26:30.023223+00:00 XXXXXXX  logger: info:[application:operation:appservercontrol.sh] Starting ISE Application Server...
    2014-05-28T10:26:30.311676+00:00 XXXXXXX  logger: Loading PKCS11 ...
    2014-05-28T10:26:30.978432+00:00 XXXXXXX  logger: SLF4J: Class path contains multiple SLF4J bindings.
    2014-05-28T10:26:30.978454+00:00 XXXXXXX  logger: SLF4J: Found binding in [jar:file:/opt/CSCOcpm/appsrv/apache-tomcat-6.0.36/lib/slf4j-log4j12-1.5.8.jar!/org/slf4j/im
    pl/StaticLoggerBinder.class]
    2014-05-28T10:26:30.978502+00:00 XXXXXXX  logger: SLF4J: Found binding in [jar:file:/opt/CSCOcpm/appsrv/apache-tomcat-6.0.36/lib/com.cisco.xmp.osgi.slf4j-log4j12-1.5.
    8.PATCHED.jar!/org/slf4j/impl/StaticLoggerBinder.class]
    2014-05-28T10:26:30.978509+00:00 XXXXXXX  logger: SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.
    2014-05-28T10:26:31.638970+00:00 XXXXXXX  logger: log4j:WARN No appenders could be found for logger (com.cisco.epm.config.cache.impl.ConfigCacheImpl).
    2014-05-28T10:26:31.638992+00:00 XXXXXXX logger: log4j:WARN Please initialize the log4j system properly.

Maybe you are looking for

  • Why is the aspect ratio altered when viewing my sample PDF in Safari?

    I am wondering if everyone else is seeing my pdf with the apsect ration altered. It looks squished horizontally in Safari. Many creatives view my samples in Safari. I want to make sure they are viewing it correctly. It is a reflection on me otherwise

  • Ws Addressing problem

    Any help would be appreciated..... My application as a client which should call a web service, uses WSE 3.0. I have problem with soap header(SoapVersion: 12) which my code generates. My soap should be :      <soap:Envelope xmlns:soap="http://www.w3.o

  • How to create scroll controlled svg animations in Edge animate cc

    Since I am a beginner in Edge animate, I am very confused about svg animations in Edge animate. I want to create an effect like this http://tympanus.net/Development/SVGDrawingAnimation/index.html. In this page the animation is set to autoplay, I will

  • Premiere Pro Cs5.5 suddenly stop recognizing my 24''inch second display on my imac

    Hi there, I have Premiere Pro installed on my imac 27inch with an ATI Radeon HD 4850. 'Til yesterday it had been working properly but all of a sudden stop to playing video on my second display. If I go to the "Playback settings", either source or pro

  • First time conforming - Not going so well.

    Hello All, I'm attempting to bring audio mixed through STP back to FCP, and things are not going so well. A few days ago I used the "send to" function, and sent my FCP production to STP. I've spent the time since adjusting volume, fading, removing po