Multiple Lobby Admin on one WLC

Is it possible to have multiple lobby admin accounts on a wlc so each account can only create / delete guest users for a specific WLAN?  For example, I have 2 WLAN's.  Admin1 creates users for WLAN1 and Admin2 for WLAN2.  Is there any way of restricting the lobby admin screen so each admin can only create an account for his / her own WLAN?  I don't have WCS and was wondering if there is some command line option.
Thanks.

Hi, You can have multiple lobby admin accounts, but you cannot bind a lobby admin to a wlan.

Similar Messages

  • Lobby Admin Guest Account with Two Controllers

    I have two 5508 WLCs.  Both have APs attached to them.  If I create a guest account with the lobby administrator on one, will that user account be able to log in to the network if the client is attached to the ohter WLC?  So far, I have found that I need to create the same user on both WLC's, in order to have the user login.

    No, if you create the Lobby Admin on the WLC it does not cross over to any other WLC>
    Now if you had WCS/NCS you coudl create the user there, and it would be able to push to both WLC.
    HTH,
    Steve
    Please remember to rate useful posts, and mark questions as answered

  • WLC Lobby Admin with ACS 5.1

    Hello,
    Just wondering if someone knew how to configure a LobbyAdmin account for WLC 7.0 on a 5.1 ACS?  I'm very new to ACS 5.1 and need to advise as to how to configure it.
    I've got the ACS policy working that allows me to login to the WLC using a user account with full rights but the Lobby admin account can login with full rights as well.  I've tried setting the custome attributes in the shell profiles with role0-mandatory-LobbyAmbassador, task0-Mandatory-Configure Guest User and task1-Mandatory-Lobby Ambassador User Preferences but it still doesn't work.

    The debug for the Lobby account shows a space in the role,
    *tplusTransportThread: Jan 24 14:40:10.751: arg[0] = [33][role1=                      LOBBY]
    If I use a working account there is no space,
    *tplusTransportThread: Jan 24 14:39:08.151: arg[0] = [9][role1=ALL]
    I've checked the shell profile and don't see any spaces.

  • Multiple users logged into one server, each users printer has a different name, application needs ONE name to print to.

    Multiple users logged into one server, each users printer has a different name, application needs ONE name to print to. 
    I'm NOT in any way a Terminal Services expert and I need help trying to get an application program working in a multi-user environment.
    The issue is that the printer changes for every user that is logged in. The application needs to print NOT to the default printer, but to a "special" printer which is selected in the application... let's call it a label printer to simplify the explanation.
    You have your default regular printer, easy for the application to find that one, and then you have a special printer that labels get printed onto. The application needs to know what printer is the label printer. So we allow the user to select that in the
    application and the selection is stored in a config file in 
    C:\ProgramData\mfgr\prog\setting files
    I don't have access to the application so I can't change how this works.  
    In the "regular" world, selecting the label printer driver to use should be per machine, NOT per user. When a new user logs into a machine, the physical printer doesn't go "poof" and a new printer suddenly appear. Same printer for all
    users.
    Yet in terminal services, the physical machine is "merged" with the virtual machine on the server. And there can be many users logged in at the same time. So each users real machine (and real printer) is injected into the "fake" terminal
    services machine. The name of the printers is made unique for each user. So the printers DO go "poof" and change names depending on the user logged into terminal services.
    So user "A" logs in and sets up the application to print to "LabelPrinterForUserA" (or whatever the name of the printer happens to be), that setting is stored in the ProgramData subfolder, and all is well. Later, user "B" logs
    in, and when they print, the application tries to print to "LabelPrinterForUserA" which doesn't exist for user B or is only accessible by user A. If user B re-configures, that breaks it for user A. 
    SOLUTION 1: The way that /should/ work (in my mind) is that you define one "generic" printer in Terminal Services... call it "Virtual Label printer" and when the user wants to print to it, the print job gets re-directed back to whatever
    physical printer is actually connected to their local workstation. There is a map of virtual printer to actual printer depending on the current user. The application is told once to print to "Virtual Label Printer" for all users.
    SOLUTION 2: Or... there should be some way to make the ProgramData sub folders separate per user. E.g. when user "A" tries to access:
    C:\ProgramData\mfgr\prog\setting files
    they actually get 
    C:\UserData\UserA\AppData\mfgr\prog\setting files
    and user "B" gets
    C:\UserData\UserB\AppData\mfgr\prog\setting files
    So the question I have is: Does either of those solutions exist hidden somewhere in the setup of terminal server? Or is there another way around this issue that I don't know?

    I don't really have a "for sure" answer to this, but because people here can't seem to deal with a question that hasn't been answered I'll provide the best answer I did receive from ServerFault.com user Nathan:
    I can feel your pain with using old software on terminal servers ...the solution I've come up with definitely won't scale as it requires some manual configuration, but I've gotten this method to work with our label printers (which require to be
    printed to an LPT port...yep, that old).
    Share your USB-connected printers to the network on each machine. Then, have the user log in on aunique session for each of them
    (a TS account cannot be shared among computers for this to work) and install a network printer pointing to the USB one they shared. Try to use a DNS name to account for possible DHCP movements.
    After, it should work. Each user can do this since display names can be identical as long as the ports are different (which they are).
    This was clarified by the following series of comments:
    I think you are on to something here, and I originally advised the admin to do this. The problem he ran into is that it setup the printer names in the TS as "printer on usersworkstation"
    and he could not rename it except to change the "printer" to whatever. E.g. the "on userworkstation" remained. I believe there is another way of installing the printer which avoids this, but I can't find it. Ages ago, one used to do NET
    USE LPT2 \\computer\printer password /USER:domain\user /PERSISTENT:YES and then tell the driver to print to LPT2 –  James
    Newton Mar
    17 at 16:21   
    @JamesNewton That's actually the exact method we used. The way around the "network printer" part is to install it as local printer and map it to a TCP/IP port that way. –  Nathan
    C Mar
    17 at 16:28
    You mean in the case where the printers are TCP/IP connected and not local USB / LPT to the users workstation? That makes sense. Wonder if this will work for USB connected printers... –  James
    NewtonMar
    17 at 16:35   
    @JamesNewton You'd share the local printer on the client's PC then on the server connect via TCP/IP to it. You'd need static addresses or use DNS names if DHCP, though. –  Nathan
    C Mar
    17 at 16:51
    Ah. Yes. I see. Looks like the LPT thing should work even with a USB connected printer:superuser.com/questions/182655/… –  James
    Newton Mar
    17 at 17:09   

  • Multiple IP adress on one mac address?

    Hi!!
    I have a WLC 2504 and AP 1602. Is it possible to give the client multiple ip addresses with one mac address. If yes, how it's made on WLC or AP?

    In certain cases there is a need to have multiple IP addresses responding beyond a single client wireless association. For example, some video cameras will have an internal communication module that tied to wireless interface via ethernet. Some PoS devices may have similar requirement.
    In WLC there is an option WLAN->WirelessID->Advanced->Passive Client.
    Now I am not sure if this will work with multiple IP addresses tied to the same MAC or not.

  • Need to create Customer to multiple sites record in one run.

    Hi all,
    we have one table called (e.g.) Prospect. To this table we can associate three different sites: one the legal
    site, one admin and one for logistic. All the three sites refer to the main Prospect table via the Prospect_id
    and related info are all saved into the same Site_all table (the site type is not stored directly into the site_all
    table but via a use_site_all table, similarly to what happens with some standard OApps tables).
    We need to create the Prospect and associated three sites via an OA Framework page (actually multiple steps).
    So to visually resume:
    _ Site1 ---- use:legal
    Prospect - Site2 -- use:admin
    - Site3 --- use:logistic
    What's the best approach to achieve the creation of the records in the tables ?
    a) to add three EO for the Site table (with related AO) and one big ProspectAllVO view object containing all the fields
    from the three EO ?
    b) to add just one EO for the site and reference it three times while defiing the ProspectAllVO ?
    c) to specify a View Link (but this should be done three times and I'm not sure how to synchronize and manage
    the transaction for the creation ?
    d) AOB ?
    Thanks in advance. Regards.
    Giuseppe Naldi

    is it really just one IDOC?
    I have never seen that SAP just does a part of one IDOC.
    the structure of DEBMAS ist like this:
    E1KNA1M
    --E1KNVVM
    E1KNVPM
    E1KNVDM
    E1KNVIM
    --E1KNB1M
    which means for your example it should be like this
    E1KNA1M
    --E1KNVVM
    E1KNVPM
    E1KNVDM
    E1KNVIM
    --E1KNVVM
    E1KNVPM
    E1KNVDM
    E1KNVIM
    --E1KNB1M
    and in this case I am very certain that it would never just process and create the part for one sales area.
    Maybe your customer already exists from ealier tests with just one sales area.
    Display your IDOC in WE02 or WE05 and make sure you have a value in name1 field

  • Filter the SSID for Lobby Admin

    Hi,
    I've created a sponsor portal on wlc 5508 by using LobbyAdmin account, but I noticed that the person who will have access to this portal is  able to assign any vlan to the visitor because there is a drop down list which displays all SSID which are configured on the wlc. Can we avoid this and limit the drop down list?

    No it's not. The lobby admin will see all the SSID's. nothing you can do here. Others have also asked this in the past and nothing has changed.
    Sent from Cisco Technical Support iPhone App

  • Logging the Lobby Ambassador Activities on WLC

    Dear all,
    we interested in "Logging the Lobby Ambassador Activities on WLC",
    we found resusurces that explain hot to do this using WCS, but we want to konw if it's
    possible without WCS.
    More in general, we give the possibilities to oue employee to create guest account, using
    the Radius to autenticate as Lobby Admin.
    We are intereset to identify who creates the particular guest account, in case of
    incident investigation.
    Thanks, for any suggestion on regard.
    bye

    This is not possible with just the WLC. You would want to look at ISE or NAC Guest Server.

  • Multiple Remote Admins

    Does anyone know how you can establish multiple user admin connections through the Onplus at the same time?
    Presently only one person can access a device without logging the other person off.
    Paul

    Hi Paul,
    This is as implemented for now. We may have a future enhancement to handle this better.
    Thanks,
    The OnPlus Team

  • Maximum Lobby Admin users on WiSM

    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Tabla normal";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-priority:99;
    mso-style-qformat:yes;
    mso-style-parent:"";
    mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
    mso-para-margin:0cm;
    mso-para-margin-bottom:.0001pt;
    mso-pagination:widow-orphan;
    font-size:11.0pt;
    font-family:"Calibri","sans-serif";
    mso-ascii-font-family:Calibri;
    mso-ascii-theme-font:minor-latin;
    mso-fareast-font-family:"Times New Roman";
    mso-fareast-theme-font:minor-fareast;
    mso-hansi-font-family:Calibri;
    mso-hansi-theme-font:minor-latin;
    mso-bidi-font-family:"Times New Roman";
    mso-bidi-theme-font:minor-bidi;}
    Hello,
    One of our customers is asking us about what's the maximum number of Lobby Admin users that could be created on a WiSM? They are a University that could need about 60 Lobby Admin users for their different faculties and administrative areas along the campus.
    Thanks.

    Hi,
    The maximum amount of guest accounts that can be created for the local user
    database is limited to a maximum of 2048 entries, default count is 512. This
    database is shared by local management users (including lobby ambassadors),
    net users (including guest users), MAC filter entries, and disabled clients.
    Together, as long as all of these types of users do not exceed the
    configured database size of 2048 you are ok.
    and
    http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a0080a49cd7.shtml#backinfo
    Thanks
    Serge

  • Lobby admin cannot create the guest User

    Impossible to create a guest user with the same name sa previously "the user already exist". Although the validity of the account has expired.
    Even if the user does not appaer on the list of the user who still access the wlan, but the same user still have access to the network.
    WLC2112, soft version: 7.0.98.
    in advance THX.
    cheers.

    Just to verify.. please do tha testing..
    1>> Create a new user Lobby Admin account..
    2>> Create a new local net user for life time 2 minutes.
    3>> Check on the WLC if the user exists.
    4>> Wait for 2 minutes till the user expires.
    5>> AT the time the user gets deleted, create the same usename from the Lobby admin account that you have created in the First step and see if we see any problem.
    I just recreated the same and its working fine for me..
    Lemme me know how this works out for you!!
    Regards
    Surendra

  • Login with Multiple User Accounts From One Machine

    We have users with multiple accounts (Admin and Standard) in our organization and we want them to be able to launch RemoteApps from RDWeb using both accounts at the same time (from a single workstation).  For example we would want their standard account
    to launch the RemoteApp HEAT and their admin account to launch the RemoteApp Exchange Management Console.  Is this possible?

    Thanks for the suggestion, but I'm not talking about concurrent sessions for a single user - I'm talking about multiple user accounts being used from an individual machine at the same time.  The situation would be as follows:
    I log on to the computer with my normal user account (lets call it NZiehnert)
    I launch an application from the RemoteApp and Desktop Connections shortcut in my start menu, which launches the application as NZiehnert
    I launch the RDWeb access portal and log on using a different account (lets call it NZiehnert.admin)
    I attempt to launch the same application from step 2 (or another application that runs from the same server) and instead of launching as NZiehnert.admin the application runs as NZiehnert
    Basically, we have administrative tools that we wish to put into our remote environment, but we also have tools that are used by the same users normal accounts.  So we need a way for those users to be able to access the applications as a different user
    - at one point I was able to generate this dialog, but I'm not sure how to recreate it:

  • Lobby admin - how to restrict options?

    Is it possible to simplify web-interface for lobby admins? Now by default they have too much choices: "User name" form field, "Generate password" checkbox, "Password" and "Confirm password" fields, "Lifetime" and "WLAN SSID" and "Description" ... Too complicated.
    I would be happy to restrict Lobby admins to "User name" field, and restrict their ability to choose "WLAN SSID" (I have a couple of WLANS, of course, guest users will not get rights for the wrong WLAN, but Lobby admins are able to set WLAN wrong). I would require password generated by my WLC rather then allowing my lobby admins typing "Password1" etc. in this form.
    Any advice?

    You've generate password that generates random password.
    only webauth guest wlans are shown for lobby admin.

  • HT204053 I have multiple family members using one apple id account and all of each others information is going onto each others phones/how do i stop this?

    I have multiple family members using one apple id and all of our data is going onto each others phones/how do i stop this?

    Each person needs to have their own separate Apple ID along with their own separate computer user account and iTunes Library.

  • Multiple iPad sync on one computer fail

    I am confused about how to maintain two iPads on one computer.  Try it and I get dialog boxes threatening to erase all the content on one iPad.  Do I creat multiple libraries? That seems risky in light of the "threat" message in the dialog boxes. Is there a simpler way. Why can't I just plug iPad #1 and iPad #2 into a computer and have iTunes recognize that each one should have a separate library? This seems really silly.

    Hello there, OC Reporter.
    The following Knowledge Base article addresses just how to manage multiple iOS devices with one computer:
    How to use multiple iPhone, iPad, or iPod devices with one computer
    http://support.apple.com/kb/HT1495
    Thanks for reaching out to Apple Support Communities.
    Cheers,
    Pedro.

Maybe you are looking for

  • Configured source directory does not exist

    Hi Guys, I had configured a sender file adapter and when i check the CC monitoring it gives the message : Configured source directory '/usr/sap/NRD/SYS/global' does not exist. But the directory is in the AL11 of R/3 application server. Iam using the

  • I have apple iphone 3GS 32gb what is the procedure to import the contact list from my cellular to my computer system

    hi! i have applr iPhone 3gs 32gb. i want to import my all data, like pictures, videos, songs and my contact details from my cellular to computer system

  • _v and _h

    Should I stop using the _v and _h for the indesign files? Actually I need to go and read the latest docs.... but if anyone wants to answer this I would be grateful anyway Cheers Alistair

  • How to Open MPP programmatically without using IIS Express in WCF Application

    Hi all, i have been succeeded to open Microsoft Project Profession file programmatically for Project that is created in project server please refer this link. but now we have to do this task in WCF Application then if we enable "Use IIS Express" opti

  • FSMO Rule tranfer - VHD RDC

    We have  hyper v host  with  role of Root DC in our setup. we also have DR ADC. Due to storage issue I had transfer all our FSMO role to our DR ADC.  and I tried to compact the root DC VHD. after compact the vhd its not booting I thing its corrupted.