Manage Access to Named Credentials via EMCLI

Similar Messages

• E4200v2: Local Management Access via Wireless *ALWAYS* Enabled

  I just found a slightly unsettling bug in the E4200v2 (running the latest firmware 2.0.36 build 126507).
  Administration > Local Management Access > Access via Wireless ... set to DISABLED.  
  HOWEVER, when I attempted to access the web interface on a handy iPAD I had absolutely no problem getting through to the web interface (after providing username and passsword).
  Limiting access to wired clients seems like a simple a prudent measure ... which is why this option is there for the paranoid among us.
  This seems like a black-and-white bug.  Comments welcome.  Fix in the next firmware revisio even more welcome.

  It was mentioned in another thread that disabling wireless management does indeed disable http access over port 80. However, if you're using https access--which uses port 443, that access is not blocked. So for anyone who wants to disable wireless management access, you need to enable management access via http only, and then disable the wireless access. That combination will indeed work.
  I have confirmed this on my own router and can now only manage via wired connections over http.
  Strange bug/oversight!

• Configure Sunray terminal to access various sun servers via xdmcp

  I have a Sunray server 4.1 configured and able to login using the Sunray terminal. I want to access other Sun servers via XDMCP. At the login screen I select Options - Remote Login - Enter Host name and enter the server IP address, it asks for the user name and passwd. After entering the valid credentials, it comes back to login screen.
  Also, want to know how I can configure the login screen to list the hosts so that I can select the server from the list. I tried to edit the options using Login screen setup option, that did not work.
  Appreciate if someone can point any to documents which can explain this.
  I am using Java desktop.
  Edited by: srinidev on Apr 21, 2010 1:22 PM
  Edited by: srinidev on Apr 21, 2010 1:55 PM

  Hi Jeff,
  Thank you for your posting in Windows Server Forum.
  You can able to take RDP for client system from server. But keep in mind that; client system can only allow 1 RDP session at a time for administrator purpose. For that you need to have permission for taking rdp session. 
  Also you need to verify that “Remote Desktop Service” service is running and also need to verify the below thread as per snap.
  In addition, if you want to manage all the server and client system, then you can use Remote Desktop Connection Manager to manage all the client and server remotely.
  Hope it helps!
  Thanks.
  Dharmesh Solanki

• Simple file server accessible remotely with managed access. Do I need ML Server for this?

  Hello,
  I have a  Mac Mini that will be dedicated to serving 15 folders of documents to 7 people. It would be great if each person had their own password and I'd like to be able to decide what folders each user will have access to. The people need to be able to access the files from home and on the office network.
  Do I NEED to run OS X server for this Or can i accomplish this in OS X?
  I have to get this running quickly and I may not have time for the ML Server learning curve (even though it has been simplified).
  I tried to get ML server running on my machine a few weeks ago but got stuck. If setting up ML server with JUST the file server is dramatically easier I will try again. Can anyone please suggest a tutorial that takes me through simply setting up a remotely accessible file server with managed access with ML Server?
  V

  OS X client can serve files to remote clients, via both SMB/CIFS and AFS; via the Windows and OS X fiel services.  That's cheap, uses hardware you already have, and works fine.
  Most NAS boxes don't do distributed authentication.  Typically, you have credentials for the box at most.  Some of the mid- and upper-end boxes do offer distributed authentication, but that means having that authentication around.  At the low end, an Apple Time Capsule is a reasonable NAS box, and you can add an external disk.   And can be used for backups via Time Machine, too.  The mid- and upper-end boxes from Synology have a reputation for capabilities and flexibility.  There are (many) other vendors.
  I'm not a huge fan of LogMeIn for various reasons that I won't get into here, but that service does work for accessing hosts.  I don't know if that allows access to NAS directly, but I'd tend to doubt it.  You'd need to check with both LogMeIn and with the specs for whatever NAS box you're using.  
  Given the choice, I'd use a VPN.
  Using a VPN does mean you can control — at the VPN level — who can access your private network, so that can provide a broad-brush form of access control to your NAS device or your OS X client or your OS X Server box, if you go that route.
  I don't prefer to openly serve files to the internet, as the underlying protocols have occasionally had security issues and vulnerabilities, and the internet gremlins will find and will poke at any open ports and any accessible file servers.  I prefer to configure these services via VPN.
  VPNs are also more involved to set up, where LogMeIn can be simple.
  As mentioned previously, I'm also not a huge fan of the host-based VPN servers in OS X, though those do work.  The gateway boxes I've been using in the last year or so are probably not a good choice for a user that isn't familiar with networking  — the boxes provide a user interface that very definitely expect the user to understand IP and routing and related, but is both self-consistent and quite powerful — and they're cheap for what they can do, and they do work nicely.  ZyXEL ZyWALL USG series.  If you are evaluating any of these firewall boxes, then I'd definitely encourage downloading the manuals and making sure you can understand the available information.  The server-grade firewall boxes are almost inherently flexible and thus complex devices.
  One of the easiest ways is to work with somebody that does this sort of thing to sort through the options and requirements and trade-offs available here, and potentially to set up your VPN or NAS or server configuration for you.  (Disclosure: I offer this.)

• Trouble accessing Lotus Notes DB Via ODBC NotesSQL 8 driver.

  Hello,
  I am using Crystal Reports version XI and am trying to access lotus notes database via an ODBC connection. My reports have been running sucessfully but we recently upgraded to Lotus Notes 8.  I was receiving error messages stating that the ODBC driver was not compatible so I upgraded to Lotus Notes 8 SQL driver.  Now I am receiving the following errors.
  Crystal Reports
  Database Connector Error: 'IM005:[Microsoft][ODBC Driver Manager] Driver's SQLAllocHandle on SQL_HANDLE_DBC failed'
  Crystal Reports
  Logon failed.
  Details: 01000:[Microsoft][ODBC Driver Manager] The driver doesn't support the version of ODBC behavior that the application requested (see SQLSetEnvAttr).
  I am now using NotesSQL 8 and Lotus Notes 8, is there something that I need for crystal to recognize them.
  Any help would be appreciated.
  Thanks, Stacy

  Hi Stacy,
  I would appear Lotus changed the way their ODBC driver works from version 6. According to our [platforms |https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/e09198a1-911e-2b10-179f-ce8eed51aed0] for CR XI we only support Lotus Notes 6.
  We can't fix this now but you may want to ask Lotus if they know of any work arounds or updates to make it backward compatable.
  You may want to try donwloading CR XI R2 SP4 and use your XI keycode to see if that works.
  Thank you
  Don

• Can we add users to the 'Manage Access Request' field to process site access request in SharePoint Online?

  Hi,
  I have a requirement in which I have to assign couple of email ids to the "Manage Access Request" field to process site access requests. And, this is possible using server object model but I have to achieve this on SharePoint Online with the help
  of CSOM.
  There are two properties which control the access request configuration, first is "RequestAccessEnabled", a Boolean flag which turns on or off the access request feature for the site. The second property defines one or more email addresses where
  requests will be sent to. It is named "RequestAccessEmail".
  The above both properties are available for server object model but not for CSOM.
  So, is there any other workaround or way to achieve the sane in CSOM?
  Thanks,

  I don't think there is a programmatic workaround for SharePoint Online.  But the email address is just used for Notification.  Anyone with Manage Permissions can approve Access Requests.  If you create an email distribution list for the multiple
  addresses that should be notified you should be able to add the email address for the distribution list into the Access request email field using the user interface.
  Paul Stork SharePoint Server MVP
  Principal Architect: Blue Chip Consulting Group
  Blog: http://dontpapanic.com/blog
  Twitter: Follow @pstork
  Please remember to mark your question as "answered" if this solves your problem.

• What should be started and enabled in SQL express 2008 R2? Shared memory, TCP/IP , named pipes, VIA

  I copied my Visual Studio 2008 projects to a new computer and am having trouble getting the database to attach to my website to continue with it.
  I uninstalled SQL 2005 express and installed SQL 2008 R2 Express.
  When I looked in the SQL Server configuration manager, I wasn't sure what should be running and what should be stopped and what protocols should be enabled, etc so I started everything and enabled everything.
  However, the SQL Server Agent will not start. Maybe I did something wrong by enabling everything. I have everything to start automatically, and all enabled:
  SQL Native Client: I right clicked and opened and under client protocols, have enabled all: Shared memory, TCP/IP , named pipes, VIA
  and under SQL Server Network Configuration, I opened that and under there is listed protocols for SQLEXPRESS AND I enabled same things: Shared memory, TCP/IP , named pipes, VIA
  When I could not start the SQL Server Agent before from the SQL Server configuration mgr. I went into services and started it that way and it did start. But since I have rebooted, it will not start that way either and I now get this message: Windows could
  not start the SQL Server Agent(SQLEXPRESS) Service on local computer. Error 1067
  I'm just trying to get my visual studio project working again. Would appreciate any help. Maybe I should uninstall SQL and reinstall 2005??

  Windows could not start the SQL Server Agent(SQLEXPRESS) Service on local computer.
  As the others already wrote, with SQL Server Express in Version 2008 the "SQL Server Agent" will be installed, but it's not a Feature of the Express Edition and therefore you can't start & use it.
  In SQL Server 2005 Express the Agent was completly missing (not installed), therefore you haven't this "issue" before.
  Olaf Helper
  [ Blog] [ Xing] [ MVP]

• Accessing Windows CIFS Shares via Nautilus

  Hi,
  I've recently installed and configured Solaris 11, am having problems accessing Windows CIFS shares via Nautilus.
  I've installed both samba (needed for CUPS to print to printers connect to a windows pc) and smb/client. The smb/client and samba services are running. The smb/server service is not installed.
  I can print to any printer on the windows PC I'm trying to access via Nautilus, so I know my username/password for accessing the pc are correct.
  I can also manually mount any share on the windows PC via the cli (eg mount -F smfs -o user=elin //elink/users /mnt), and browse the files directly that way, except the file permisssions don't seem to align with any unix user. Again this just shows that the username/password combination is ok.
  For Samba, I'm using the default smb.conf file as /etc/samba/samba.conf. Workgroup is set to WORKGROUP in smb.conf.
  On the Windows pc, in the security event viewer, I can see the auth request, however is failing with bad password (event ID 4776, error code 0x006a). In the default group policy object for networking, I've set to accept "LM & NT, NTLMv2 when neogiatated", as this allows legacy clients to connect. (Legacy meaning NT4, Win95, etc, and also has the benefit of allowing other OSes to connect as well).
  I'm also able to access the WIndows PC CIFS shares from an Arch Linux based setup (running GNOME 3.2 w/ Nautilus 3.2), so I doubt it's the Windows side of things causing the problems. Additionally, when I was running Solaris 10u9 (just before upgrading to Sol11), I was able to access the shares via Nautilus as well.
  So my question is:
  1. Does Nautilus use Samba or the Oracle smb/client service to handle mount windows CIFS shares?
  2. What log files or configuration files do I need to looking at to help with this error?
  As a side question,
  I've found that on a clean installation running the "Print Manager" accesses CUPS fine, but once you install a printer, it'll no longer connect to CUPS, unless run from the cli "sudo system-config-printers". So this is a permissions issue, where's the best place to fix/handle that one.

  Replying to my own thread, as I have a possible but very-hackish solution.
  To add some further details to my original post.
  There are 4 PCs on the LAN.
  1. Hellfire - OS = Solaris 11 11/11
  2. Brimstone - OS = Arch Linux
  3. Elink - OS = Win7 Pro x64 SP1
  4. IsaacPC - OS = WinXP Home SP3
  Attempting to connect to Elink from Hellfire, accessing CIFS shares via Nautulis fails. (Mounting shares via Nautulis fails, but works fine from CLI using 'mount' command which to my understanding uses the smb/client service to work). Elink also hosts all the printers on the LAN, a HP LJ1200 and an Epson Fax/Printer/Scanner.
  Helfire does attempt to authenticate, as listed in the event logs on the Win7 PC (elink), but is returning bad password when using Nautulis. (but printing from hellfire to either printer on elink works fine, as does mounting CIFS shares using 'mount').
  Booting the live CD of Solaris 11, also exhibits the same non-working behaviour when attempting to mount CIFS shares in Nautulis.
  Attempting to access CIFS shares on elink from Brimstone (via Nautulis 3.2 within GNOME 3.2), or from IsaacPC works fine.
  Hellfire configuration.
  Samba is installed, but NOT running (samba is needed for accessing the printers on elink, as CUPS needs smbspool which is part of the samba package), and the native smb/client service is also running.
  smb.conf is a direct copy of the default *.conf file, except the WORKGROUP is set to 'WORKGORUP'. There is a symlink to smb.conf in /etc/sfw/smb.conf -> /etc/samba/smb.conf
  Onto the hackish-fix.
  I've noticed that there are 2 copies of libsmbclient.so installed on the system, one in /usr/sfw/lib (part of the "libsmbclient" package) and another in /usr/lib/samba (part of the "samba" package).
  "libsmbclient" appears to be based on samba 3.5.8 codebase, and is linked to the gvfsd-smb daemon (this is the software that Nautulis uses to talk SMB to access CIFS shares).
  "samba" is based on the samba 3.5.10 codebase, and it's installation has nothing to do with GNOME or Nautulis in any manner.
  Using any of the samba included tools to test SMB/CIFS functions, work with 1 minor exception (which I'll list below). eg, using smbclient I can list all shares on any PC on the LAN, etc.
  So as a hunch, I renamed the libsmbclient.so.0 in /usr/sfw/lib, and symlinked /usr/sfw/lib/libsmbclient.so.0 -> /usr/lib/samba/libsmbclient.so.0 (so that gvfsd-smb is linked against the slightly newer version of the libsmbclient.so as included in the samba package located in /usr/lib/samba).
  I rebooted Hellfire, and now I'm able to access CIFS shares via Nautulis, provided that some form of authentication is needed (that is a username and password is needed - guest access and blanks passwords don't work - but these IMO should be disabled immediately as part of a baseline security package in regards to Windows - so no harm there).
  Now to the minor exception I noted earlier. When using smbclient to actually connect and transfer files, I get:
  ld.so.1: smbclient: fatal: relocation error: file /usr/lib/libreadline.so.5: symbol tgetent: referenced symbol not found
  As far as I know, tgetent is part of libtermcap.so, so I guess when building smbclient or libreadline.so, the link reference to termcap was left out? (or something like that). Anyway, that's another issue...

• Accessing Pooled Virtual Desktops via RDP Client vs RDWeb

  Hello,
  We have a Windows 2012 R2 Pooled Virtual Desktop PoC set up and can be accessed via RDWeb.   We need to be able to access the pooled desktops via the RDP client.  How can you specify the name of your Pooled Desktop Collection in the RDP client
  vs connecting directly to an individual desktop?

  Hi,
  To connect to the virtual desktop collection:
  1. Open Internet Explorer (or other browsers).
  2. In the Internet Explorer address bar, type the address of your RD Web Access server and then press Enter. For example,  https://rdwa1.contoso.com/RDWeb.
  3. Click Continue to this website (not recommended).
  4. In the Domain\user name box, type the user name.
  6. In the Password box, type the password for the use, and then click Sign in.
  7. Click the name of your Collection, and then click Connect.
  Test Lab Guide: Managed Pooled Virtual Desktop Collections
  http://technet.microsoft.com/en-us/library/hh831663.aspx
  Test Lab Guide: Unmanaged Pooled Virtual Desktop Collections
  http://technet.microsoft.com/en-us/library/hh831618.aspx
  Thanks.
  Jeremy Wu
  TechNet Community Support

• VRF , Management access only and default gateway

  Hello
  I am preparing (3) new devices to become my new WAN. The topology looks like,
                   ASR1002x - Has management int and dg for remote access.
                                       Also has DG to WAN ISP via BGP
                   3750x stack - Has management int and dg for remote access.  (ip vrf management 0.0.0.0 0.0.0.0 (Management vlan hsrp ip))
                                         Also has DG to ASR hsrp - which causes the Management access to drop.
                   ASA5545x - Has management int and dg for remote access.
                                        Also has DG to ASR hsrp - which causes the Management access to drop.
  I MUST KEEP THESE NEW DEVICES OFF THE PRODUCTION NETWORK TO AVOID ANY POSSIBLE ROUTING ISSUES.
  I have implemented unique EIGRP instances between the new devices.
  These new devices have a management interface so I can access them remotely. I configured the default gateway pointing to the HSRP of the management Vlan and I have remote access.
  Obviously I cannot have (2) default gateways out different interfaces, without assigning one with higher admin.
  What should my management default gateway look like so I can have remote access to the device and still have the WAN/LAN routing work as needed??

  found another thread with some suggestions, maybe it helps at the moment.
   http://forums.lenovo.com/lnv/board/message?board.i​d=Special_Interest_Utilities&thread.id=6000

• How do I access my picture files via Finder after I upgraded to Yosemite?

  I upgraded to Yosemite and now I have lost the ability to directly access my picture files via the Finder. There is now no longer a Picture icon in the Finder. Help, huge problem for me as I do a lot of picture editing via Photoshop Elements. I know the pics are still there as the Canon photo viewer shows them.

  Pictures are normally in the top level directory under your username. If you want that directory to be in the Finder sidebar, you can open Finder, then click Preferences on the menu named Finder and then click Sidebar in the Preferences window and put a checkmark in front of Pictures in the list of Favorites.

• Accessing an ASM Instance via OEM

  Gaining access to an ASM-managed database instance via Enterprise manager is done in the same way as accessing a "normal" RDBMS database: http://<host>:<port>/em/
  Is it also possible to access the ASM instance itself via the OEM? If so, what's the typical URL/port for access?
  I have not seen this documented, and I wonder if it's possible to access the ASM instance via OEM after all, or can you view/manage ASM instance information only via SQL statements.
  Thank you.
  John

  That makes perfect sense... nufortunately, I'm sitll confused. I just found a series of screen shots that explicitly say "Database Control", and the home page shows the "+asm" link I mentioned in my earlier post. What's more: these screen shots are directly from Oracle! Their "Oracle By Example" series has an entry called "Creating and Managing ASM Disk Groups", and the section called "Viewing Disk Groups" has a series of shots that clearly shows first an ASM-managed instance, and then the ASM instance itself, being directly managed by Database Control.
  I wish someone from Oracle, or someone who has seen this in action, would chime in and let us know how it works!
  Thanks.

• Can not access ASAs inside interface via VPN tunnels

  Hi there,
  I have a funny problem.
  I build up a hub and spoke VPN, with RAS Client VPN access for the central location.
  All tunnels and the RAS VPN access are working fine.
  I use the tunnels for Voip, terminal server access and a few other services.
  The only problem I have is, that I could not access the inside IP address of any of my ASAs, neither via tunnels nor via RAS VPN access. No telnet access and no ping reach the inside interfaces.
  No problem when I connect to the interface via a host inside the network.
  All telnet statments in the config are ending with the INSIDE command.
  On most of the ASAs the 8.2 IOS is running on one or two ASAs the 8.0(4).
  For the RAS client access I use the Cisco 5.1 VPN client.
  Did anybody have any suggestions?
  Regards
  Marcel

  Marcel,
  Simply add on the asas you want to administer through the tunnels
  management-access
  http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/m.html#wp2027985
  for asa5505
  management-access inside
  for all others if you have management interface management0/0 defined then:
  management-access management
  then you may need to allow the source , for example if RA VPN pool network is 10.20.20.0/24 then you tell asa that network cann administer asa and point access to inside, but sounds you have this part already.
  telnet 10.20.20.0 255.255.255.0 inside
  http 10.20.20.0 255.255.255.0 inside
  same principle for l2l vpns
  Regards

• Can my wife use her iPad to get access to my music via iTunes Match and still retain her iTunes store user id?

  my wife has a new iPad and iPad Store user ID.  I have a seperate iTunes store user id and subscribe to iTunes Match.  All my music is now in the "cloud".  Can my wife get access to my music via match and still retain her iTunes store user id? 
  The only way I seem to be able to get Match to work on her iPad is if she uses both my iCloud user ID and my iStore user ID.

  Essentially I have the same problem.  My spouse and I have a shared music collection on 1 computer.  We've used different id's for our various devices for years.  Currently we both use iPad minis iPhones and AppleTV.  I have iTunes Match on my account.  Recently we haven't been able to access songs bought or downloaded by the other id.  iTunes says that the computer is associated with another id.  In fact we have 1 song that didn't finish downloading when an album was bought on my spouses account while the rest of the album is there.  My suspicion is that I will need to go down to a shared id when we buy our new MacBook Pro for Boxing Day.  But, if we do that are we able to have separate calendars and passbooks and other features?  Is there another option?  I'm willing to stop using iTunes Match if necessary.

• I am having trouble accessing the iTunes store via iTunes.  It shows an error message "iTunes could not connect to the iTunes Store.  The network connection timed out..." There is nothing wrong with my connection and I also can't update apps in the app st

  I am cannot access the iTunes store via iTunes on my PC and also can not update to 10.6.3.  It keeps telling me that my connection has times out and/or check my settings.  There is nothing wrong with my setting.  I am also having trouble with the app store on my iPhone 4s and can not update apps.
  I have signed out of itunes and now cannot sign in again.

  I feel you pain i'm haveing the same problems here.
  iTunes could not connect to the iTunes Store. The
  network connection timed out.
  Make sure your network settings are correct and your network
  connection is active, then try again.
  does anyone plz have some insight for us.