NAC not doing posture assessment

Hello All,
I am having diffculty with NAC where its not doing posture assessment. I ran through the configuration guide and followed it to the T but still no luck. I am running NAC 4.5(1) for In Band wireless. Any ideas as to what i should be looking at next?
Thanks,
G

What devices etc you using to implement NAC? Are you using ACS Server? or NAC Appliance?
What mode of NAC are you using? L2 dot1x; L2 IP or L3 IP?
What authentication are you using? (Take a look at your settings under System Config -> Global Authentication, if using Cisco ACS)
A lot of issues I have seen with NAC is down to certificates/ca chains on the NAC posture server and the end clients.
Stu

Similar Messages

  • Does Cisco NAC Support Continuous Posture Assessment ?

    Hi all,
    Cisco does not seem to support continuous posture assessment when running out of band or in band ? What I mean is after authentication during authorization phase I ve been assigned to a role and according to that role I receive a posture result, if that posture result is pass then Ive been evaluated as a healthy end point and receive a Certificate. Then the switchport that I am connected to gets assigned to the corporate VLAN. Afterwards till my certificate expires system will always think that I am healthy.
    Ive gone through 4.8 release notes, it still does not seem to be supported ?
    Any comments are appreciated.
    Dumlu

    I think this is mentioned in the release notes; did you check the following section?
    http://www.cisco.com/en/US/docs/security/nac/appliance/release_notes/48/48rn.html#wp1105597
    Regards
    Farrukh

  • NAC Clean Access Authentication not doing anything

    Hi!
    I have instaled an NAC solution, using oob with acl's.
    When i get to the Clean Access Authentication page, using the right user and password, or an worng one, the page keeps showing up, requesting to authenticate and without any errors.
    Did this happened to anyone?
    TKX
    Miguel

    Hi Miguel,
    The configuration so far looks OK.
    The only test I would suggest would be to keep the clients on a vlan/subnet different from the CAS untrusted IP's subnet.
    I am telling this because usually we have the following:
    1. Clients are being assigned to a trusted vlan/subnet, for which we have an IP address configured in the CAS as a managed subnet and assigned to that vlan.
    2. In this case, clients are getting an IP on the same subnet as the untrusted interface of the CAS, which is not doing any kind of vlan tagging.
    As a further test, you could for example keep the clients on a subnet that is not the same as the one for the CAS untrusted interface and add the corresponding managed subnet for that client vlan.
    Alternatively, you could configure the CAS untrusted interface to tag traffic on the same vlan where clients are getting an IP, but this is usually more tricky.
    This suggestion comes from the fact that what you are experiencing (clients continuously re-prompted for authentication) is often seen when the CAS is not configured for the proper managed subnets.
    One more thing to verify is that the user being authenticated is not falling under the Unauthenticated Role.
    This could happen for example when configuring an Authentication Provider with the default role as Unauthenticated and mapping rules: if mapping rules are not triggered correctly, the default Unauthenticated Role will be assigned and the client will keep getting the authentication prompt.
    If these further points didn't show any improvements, I would recommend to keep following this through a TAC Service Request:
    http://tools.cisco.com/ServiceRequestTool/create/launch.do
    Regards,
    Fede
    If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

  • Cisco ISE inline posture node Posture assessment query

    Hi all,
    i read the user guide for the ISE 1.1 and in the Inline posture section, I picked up the following text which concerned me if I understand it right...
    "In a deployment, such as outlined in the example, when more endpoints connect to the wireless network
    they are likely to fall into one of the identity groups that already have authenticated and authorized users
    connected to the network.
    For instance, there may be an employee, executive, and guest that have been granted access through the
    outlined steps. This situation means that the respective restrictive or full-access profiles for those ID
    groups have already been installed on the Inline Posture node. The subsequent endpoint authentication
    and authorization uses the existing installed profiles on the Inline Posture node, unless the original
    profiles have been modified at the Cisco ISE policy configuration. In the latter case, the modified profile
    with ACL is downloaded and installed on the Inline Posture node, replacing the previous version."
    Does this mean that if a corporate user VPNs in and successfully passes posture and gets a dACL applied to the session allowing full access, will the next user completely skip posture assessment and granted full access to the network if they are a member of the same AD group?
    I am planning on using the iPEP for posturing VPN clients and using AD groups to determine the correct dACL to apply to a particular VPN session.
    Thanks!
    Mario

    I'm not too familiar with the actual operations of the Inline Posture node, but it seems to me that the only things that are more or less "cached" are the authentication and authorization profiles that have been previously matched. So, even if they're "cached" and a endpoint matches and authorizes based on those policies, it would match on the policy that provides a pre-posture state. So, a PRE-POSTURE ACL would be pushed and an URL redirect would also occur to the NAC agent download portal (if the endpoint doesn't have it already).
    After posture is assessed, a change of authorization would occur and reauthorize that endpoint's session.
    So, in short, even if the profiles are cached, they only deliver pre-posture profiles. After posture assessment, the endpoint is goes through reauth via CoA.
    If you have access to the partner education connection, I suggest checking out the VoE deep dive series for ISE. There's a posture presentation that would probably help you out.
    https://communities.cisco.com/docs/DOC-30977
    HTH,
    Ryan

  • Pre-login posture assessment - possible with ISE?

    Does anyone know if it is possible (or not) to have a windows machine posture assessed on boot? ie. before anyone logs in on it. Currently, I have to log in on my machine before the assessment starts. It would be good to have assessment begin as soon as the machine boots so that (assuming the machine passes assessment) it is completed by the time I log in. We are using the NAC Agent with ISE1.2.
    Thanks in advance for your thoughts.

    As far as i know, the posture agent does not do anything before user has logged in, i have never seen a posture report in ise, that indicates anything else, because you would get many failed posture compliance checks, if it did (checking user keys, user files, av status and so on in machine land).

  • ISE Posture Assessment

    Hi,
    While reading about ISE posture, I got to know that ISE searches” User Agent” attribute for string “NAC Agent” to confirm that NAC agent is present on particular machine.This information is passed to ISE when user opens Web Browser i.e. user gets redirected
    If NAC agent is not present on machine then NAC agent will get downloaded and then Posture assessment starts.
    While testing this on ISE, I noticed that
    If NAC agent is already present on machine then directly posture assessment starts even without opening web browser.
    Now my question is, how ISE does come to know that NAC agent is already present on machine without opening web browser.
    Regards,
    Aditya

    I second Richard on the fact that it can't be done. However, I was going through this and wanted to share in case it helps.
    Default Posture Status
    http://www.cisco.com/en/US/docs/security/ise/1.1/user_guide/ise_pos_pol.html#wp1919363
    Jatin Katyal
    - Do rate helpful posts -

  • ISE 1.2 Posture Assessment with AnyConnect Client

    Hi Experts,
    I need clarity for posture assessment with AnyConnect client. I understood that we had traditional NAC agent with ISE 1.1.
    Since new Anyconnect version 4 has come which is used for ISE 1.3 posture assessment however I am not sure if I can use Anyconnect 4 with ISE 1.2 ?  Can you please put light on this ?
    if not , do I need to upgrade to ISE 1.3 ? what is the process to upgrade to ISE 1.3 ?
    Thanks in advance

    ISE can provision clients with agent and configure agent profiles.You have Client-provisioning policies that enable users to download and install resources on client devices.(Windows and Mac OS X NAC Agents, Cisco NAC Web Agent.

  • ISE post compliant posture assessment URL redirection

    G'day All,
    Is anyone aware if it is possible for ISE to push a URL redirection to user devices once they have passed the posture assessment?
    I am deploying a wireless BYOD ise deployment with AD auth and posture assessment, and we are hoping to find an easy way to push the compliant users to a new URL once they have passed posture.
    Thanks gang.
    Cheers,
    James.               

    It is not possible to redirect user after authentication and posturing to a specific URL. because ISE does not support this feature till now.
    I think  URL redirection can be done in web authentication if used in case of employee.
    Navigate to Policy > Policy Elements > Results > Authorization and then select Authorization Profiles
    Step 18 Select Add to create a new Authorization Profile for Central Web Authentication:
    Name
    Central_Web_Auth
    Description
    (optional)
    Access-Type
    ACCESS_ACCEPT
    DACL   Name
    CENTRAL_WEB_AUTH
    Centralized   Web Authentication
    ACL:
    ACL-WEBAUTH-REDIRECT
                                                              Redirect : Default
    “ACL-WEBAUTH-REDIRECT” is  configured on  switch  which determines to which destination it will redirect 

  • NAC 4.1 Posture Validation

    Hi,
    Whether Cisco NAC 4.1 does system check continuously after being logged in?

    Hi Rishi,
    The "Silent" Posture assessment sounds like a great feature request. Unfortunately, here is what the documentation states:
    "In most OOB deployments (except L2 OOB Virtual Gateway where the Default Access VLAN is the Access VLAN in Port profile), the client, after posture assessment, needs to acquire a different IP address from the Access VLAN."
    I don't see anyway around having end users go through the authentication/posture assessment again.
    You are correct that in OOB mode end users have the ability to do something "nasty" after they have been allowed on the network.
    I suppose another layer of security is what is needed in these cases, like a Cisco Security Agent to prevent Day Zero attacks.
    Hope this helps.
    Paul

  • Posture Assessment Failed:Hostscan Initialize error in Window 8 x64

    I’m using Windows8 Enterprise x64,while using Cisco AnyConnect mobility client(installed filename is anyconnect-win-3.0.2052-web-deploy-k9.exe), it show error:
    Posture Assessment Failed:Hostscan Initialize error
    this is not being resolved,then I go back to Windows 7. Today I’ve changed the value of the registry as the guide( HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vpnva; changed the value to "Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64"), but it does NOT work yet. I re-installed the client software via the lastest anyconnect-win-3.1.00495-web-deploy-k9.exe, it still show the same error:
    Posture Assessment Failed:Hostscan Initialize error
    So boring it is! I would go back to Windows 7 one more time. Any advise???
    [周四 11月 08 23:06:03.075 20][libcsd][all][csd_init] hello
    [周四 11月 08 23:06:03.075 20][libcsd][all][csd_init] libcsd.dll version 3.0.08062
    [周四 11月 08 23:06:03.075 20][libcsd][debug][hs_transport_init] initialization
    [周四 11月 08 23:06:03.075 20][libcsd][debug][hs_file_verify_with_killdate] verifying file signature: file = [C:\Windows\system32\winhttp.dll], signer = [Microsoft Corporation], type = [1]
    [周四 11月 08 23:06:03.075 20][libcsd][debug][check_signature_by_file] checking signature by file (C:\Windows\system32\winhttp.dll)
    [周四 11月 08 23:06:03.075 20][libcsd][debug][check_signature_by_file] unable to verify trust for [C:\Windows\system32\winhttp.dll]: 2148204800
    [周四 11月 08 23:06:03.075 20][libcsd][debug][check_signature_by_catalog] checking signature by catalog (C:\Windows\system32\winhttp.dll)
    [周四 11月 08 23:06:03.107 20][libcsd][debug][check_signature_by_catalog] unable to verify trust for [C:\Windows\system32\winhttp.dll]: 2148098064
    [周四 11月 08 23:06:03.107 20][libcsd][error][hs_file_verify_with_killdate] unable to verify file signature: (C:\Windows\system32\winhttp.dll)
    [周四 11月 08 23:06:03.107 20][libcsd][error][hs_dl_load] file signature invalid, not loading library (C:\Windows\system32\winhttp.dll).
    [周四 11月 08 23:06:03.107 20][libcsd][debug][hs_transport_winhttp_init] failed to initialize winhttp with absolute path
    [周四 11月 08 23:06:03.107 20][libcsd][debug][hs_file_verify_with_killdate] verifying file signature: file = [C:\Windows\system32\kernel32.dll], signer = [Microsoft Corporation], type = [1]
    [周四 11月 08 23:06:03.107 20][libcsd][debug][check_signature_by_file] checking signature by file (C:\Windows\system32\kernel32.dll)
    [周四 11月 08 23:06:03.107 20][libcsd][debug][check_signature_by_file] unable to verify trust for [C:\Windows\system32\kernel32.dll]: 2148204800
    [周四 11月 08 23:06:03.107 20][libcsd][debug][check_signature_by_catalog] checking signature by catalog (C:\Windows\system32\kernel32.dll)
    [周四 11月 08 23:06:03.138 20][libcsd][debug][check_signature_by_catalog] unable to verify trust for [C:\Windows\system32\kernel32.dll]: 2148098064
    [周四 11月 08 23:06:03.138 20][libcsd][error][hs_file_verify_with_killdate] unable to verify file signature: (C:\Windows\system32\kernel32.dll)
    [周四 11月 08 23:06:03.138 20][libcsd][error][hs_dl_load] file signature invalid, not loading library (C:\Windows\system32\kernel32.dll).
    [周四 11月 08 23:06:03.138 20][libcsd][error][load_system_lib] Failed to initialize kernel32.dll
    [周四 11月 08 23:06:03.138 20][libcsd][debug][hs_dl_load_no_signature] winhttp.dll has been loaded successfully with no signature verification
    [周四 11月 08 23:06:03.138 20][libcsd][debug][hs_file_verify_with_killdate] verifying file signature: file = [C:\Windows\system32\crypt32.dll], signer = [Microsoft Corporation], type = [1]
    [周四 11月 08 23:06:03.138 20][libcsd][debug][check_signature_by_file] checking signature by file (C:\Windows\system32\crypt32.dll)
    [周四 11月 08 23:06:03.138 20][libcsd][debug][check_signature_by_file] unable to verify trust for [C:\Windows\system32\crypt32.dll]: 2148204800
    [周四 11月 08 23:06:03.138 20][libcsd][debug][check_signature_by_catalog] checking signature by catalog (C:\Windows\system32\crypt32.dll)
    [周四 11月 08 23:06:03.169 20][libcsd][debug][check_signature_by_catalog] unable to verify trust for [C:\Windows\system32\crypt32.dll]: 2148098064
    [周四 11月 08 23:06:03.169 20][libcsd][error][hs_file_verify_with_killdate] unable to verify file signature: (C:\Windows\system32\crypt32.dll)
    [周四 11月 08 23:06:03.169 20][libcsd][error][hs_dl_load] file signature invalid, not loading library (C:\Windows\system32\crypt32.dll).
    [周四 11月 08 23:06:03.169 20][libcsd][debug][hs_transport_winhttp_init] failed to initialize crypt32
    [周四 11月 08 23:06:03.169 20][libcsd][debug][hs_file_verify_with_killdate] verifying file signature: file = [C:\Windows\system32\wininet.dll], signer = [Microsoft Corporation], type = [1]
    [周四 11月 08 23:06:03.169 20][libcsd][debug][check_signature_by_file] checking signature by file (C:\Windows\system32\wininet.dll)
    [周四 11月 08 23:06:03.169 20][libcsd][debug][check_signature_by_file] unable to verify trust for [C:\Windows\system32\wininet.dll]: 2148204800
    [周四 11月 08 23:06:03.169 20][libcsd][debug][check_signature_by_catalog] checking signature by catalog (C:\Windows\system32\wininet.dll)
    [周四 11月 08 23:06:03.185 20][libcsd][debug][check_signature_by_catalog] unable to verify trust for [C:\Windows\system32\wininet.dll]: 2148098064
    [周四 11月 08 23:06:03.185 20][libcsd][error][hs_file_verify_with_killdate] unable to verify file signature: (C:\Windows\system32\wininet.dll)
    [周四 11月 08 23:06:03.185 20][libcsd][error][hs_dl_load] file signature invalid, not loading library (C:\Windows\system32\wininet.dll).
    [周四 11月 08 23:06:03.185 20][libcsd][error][hs_transport_init] initialization failed
    [周四 11月 08 23:06:03.185 20][libcsd][debug][hs_transport_free] de-initialization
    [周四 11月 08 23:06:03.185 20][libcsd][debug][hs_transport_free] de-initialization done
    [周四 11月 08 23:06:03.185 20][libcsd][debug][hs_transport_free] de-initialization [周四 11月 08 23:06:03.075 20][libcsd][all][csd_init] hello
    [周四 11月 08 23:06:03.075 20][libcsd][all][csd_init] libcsd.dll version 3.0.08062
    [周四 11月 08 23:06:03.075 20][libcsd][debug][hs_transport_init] initialization
    [周四 11月 08 23:06:03.075 20][libcsd][debug][hs_file_verify_with_killdate] verifying file signature: file = [C:\Windows\system32\winhttp.dll], signer = [Microsoft Corporation], type = [1]
    [周四 11月 08 23:06:03.075 20][libcsd][debug][check_signature_by_file] checking signature by file (C:\Windows\system32\winhttp.dll)
    [周四 11月 08 23:06:03.075 20][libcsd][debug][check_signature_by_file] unable to verify trust for [C:\Windows\system32\winhttp.dll]: 2148204800
    [周四 11月 08 23:06:03.075 20][libcsd][debug][check_signature_by_catalog] checking signature by catalog (C:\Windows\system32\winhttp.dll)
    [周四 11月 08 23:06:03.107 20][libcsd][debug][check_signature_by_catalog] unable to verify trust for [C:\Windows\system32\winhttp.dll]: 2148098064
    [周四 11月 08 23:06:03.107 20][libcsd][error][hs_file_verify_with_killdate] unable to verify file signature: (C:\Windows\system32\winhttp.dll)
    [周四 11月 08 23:06:03.107 20][libcsd][error][hs_dl_load] file signature invalid, not loading library (C:\Windows\system32\winhttp.dll).
    [周四 11月 08 23:06:03.107 20][libcsd][debug][hs_transport_winhttp_init] failed to initialize winhttp with absolute path
    [周四 11月 08 23:06:03.107 20][libcsd][debug][hs_file_verify_with_killdate] verifying file signature: file = [C:\Windows\system32\kernel32.dll], signer = [Microsoft Corporation], type = [1]
    [周四 11月 08 23:06:03.107 20][libcsd][debug][check_signature_by_file] checking signature by file (C:\Windows\system32\kernel32.dll)
    [周四 11月 08 23:06:03.107 20][libcsd][debug][check_signature_by_file] unable to verify trust for [C:\Windows\system32\kernel32.dll]: 2148204800
    [周四 11月 08 23:06:03.107 20][libcsd][debug][check_signature_by_catalog] checking signature by catalog (C:\Windows\system32\kernel32.dll)
    [周四 11月 08 23:06:03.138 20][libcsd][debug][check_signature_by_catalog] unable to verify trust for [C:\Windows\system32\kernel32.dll]: 2148098064
    [周四 11月 08 23:06:03.138 20][libcsd][error][hs_file_verify_with_killdate] unable to verify file signature: (C:\Windows\system32\kernel32.dll)
    [周四 11月 08 23:06:03.138 20][libcsd][error][hs_dl_load] file signature invalid, not loading library (C:\Windows\system32\kernel32.dll).
    [周四 11月 08 23:06:03.138 20][libcsd][error][load_system_lib] Failed to initialize kernel32.dll
    [周四 11月 08 23:06:03.138 20][libcsd][debug][hs_dl_load_no_signature] winhttp.dll has been loaded successfully with no signature verification
    [周四 11月 08 23:06:03.138 20][libcsd][debug][hs_file_verify_with_killdate] verifying file signature: file = [C:\Windows\system32\crypt32.dll], signer = [Microsoft Corporation], type = [1]
    [周四 11月 08 23:06:03.138 20][libcsd][debug][check_signature_by_file] checking signature by file (C:\Windows\system32\crypt32.dll)
    [周四 11月 08 23:06:03.138 20][libcsd][debug][check_signature_by_file] unable to verify trust for [C:\Windows\system32\crypt32.dll]: 2148204800
    [周四 11月 08 23:06:03.138 20][libcsd][debug][check_signature_by_catalog] checking signature by catalog (C:\Windows\system32\crypt32.dll)
    [周四 11月 08 23:06:03.169 20][libcsd][debug][check_signature_by_catalog] unable to verify trust for [C:\Windows\system32\crypt32.dll]: 2148098064
    [周四 11月 08 23:06:03.169 20][libcsd][error][hs_file_verify_with_killdate] unable to verify file signature: (C:\Windows\system32\crypt32.dll)
    [周四 11月 08 23:06:03.169 20][libcsd][error][hs_dl_load] file signature invalid, not loading library (C:\Windows\system32\crypt32.dll).
    [周四 11月 08 23:06:03.169 20][libcsd][debug][hs_transport_winhttp_init] failed to initialize crypt32
    [周四 11月 08 23:06:03.169 20][libcsd][debug][hs_file_verify_with_killdate] verifying file signature: file = [C:\Windows\system32\wininet.dll], signer = [Microsoft Corporation], type = [1]
    [周四 11月 08 23:06:03.169 20][libcsd][debug][check_signature_by_file] checking signature by file (C:\Windows\system32\wininet.dll)
    [周四 11月 08 23:06:03.169 20][libcsd][debug][check_signature_by_file] unable to verify trust for [C:\Windows\system32\wininet.dll]: 2148204800
    [周四 11月 08 23:06:03.169 20][libcsd][debug][check_signature_by_catalog] checking signature by catalog (C:\Windows\system32\wininet.dll)
    [周四 11月 08 23:06:03.185 20][libcsd][debug][check_signature_by_catalog] unable to verify trust for [C:\Windows\system32\wininet.dll]: 2148098064
    [周四 11月 08 23:06:03.185 20][libcsd][error][hs_file_verify_with_killdate] unable to verify file signature: (C:\Windows\system32\wininet.dll)
    [周四 11月 08 23:06:03.185 20][libcsd][error][hs_dl_load] file signature invalid, not loading library (C:\Windows\system32\wininet.dll).
    [周四 11月 08 23:06:03.185 20][libcsd][error][hs_transport_init] initialization failed
    [周四 11月 08 23:06:03.185 20][libcsd][debug][hs_transport_free] de-initialization
    [周四 11月 08 23:06:03.185 20][libcsd][debug][hs_transport_free] de-initialization done
    [周四 11月 08 23:06:03.185 20][libcsd][debug][hs_transport_free] de-initialization

    I've successfully solved this problem by using both web-based SSL-VPN login and latest AnyConnect Secure Mobility Client. After I installed anyconnect-win-3.1.00495-k9, I open the URL of my company's ssl vpn, followed the steps then logged in, thus it calls the client to establish a vpn connection. It successed!
    VPN CONNECTED LIKE THIS:

  • Simple Web Auth policy and simple posture assessment policy in ISE

    G'day All,
    I've just finished reading through the Cisco BYOD with ISE document and it's left me a little more confused than when I started.
    I completely understand the onboarding process and the different policy elements that make up the self registration/onboarding configuration.
    What I'd like to do is put together an ISE configuration that is a lot simpler for the BYOD user.
    Is anyone able to advise if it is possible to have a single dot1x SSID with ISE that has a policy for Window Laptops using AD authentication for the user and Posture assessment and a policy for all smart devices (iOS and Android) that is just AD authentication of the user, without the need for device registration?
    The target user demographic for my deployment are really not technical so having to go through the onboarding process, especially for the Android devices, with the pre-installation of the cisco app, etc, really isn't what they are looking for.
    Huge thanks for any assistance.
    Cheers,
    JS

    Yes, that's possible. But without "device registration" then you need to configure Wireless 802.1x manually in every Android device.
    Please rate if that helps.

  • Prerequisite to enable Profiling for posture assessment to check the AV, Patches, OS update

    Hi Experts,
    I have wireless set-up with two SSID , one is used for corporate users with dot1x auth and other one for guest using CWA .
    I understood that , i do not need to buy any license or pay to cisco for Wireless license however i want to understand for enabling profiling for posture assessment .
    I understood that I need have advance license for posture assessment however I am looking out for information about costing to buy advance license and is there any prereuisite to configure posture assessment other than additional license?

    There were a few changes in ISE v1.3:
    - Base License = The same
    - Plus License = The same (with some more features)
    - Advanced License = Apex
    - Wireless = Mobility (Now it includes VPN based authentications as well)
    So your plan is to run the new version of ISE (1.3) and AnyConnect 4 then you will need to have:
     - ISE Mobility License (Includes Base, Plus and Apex for wireless and VPN)
     - AnyConnect APEX license - This one is on the honer system and it is not installed on ISE
    If you plan to use posture on wired as well then instead of the "mobility" license you will need to get:
     - ISE Base
     - ISE Plus
     - ISE Apex
     - AnyConnect Apex
    Thank you for rating helpful posts!

  • Guest Posture Assessment for MAC OSX

    Hi
    I need to perform posture assessment for guest users who own MAC OSX machines , but i couldn't find Webagent available for Mac Osx just regular NAC_AGENT for MAC, so i need to know if it's supported ?
    thanx

    Mac OS X Agent need to be used for posture assessment and remediation
    http://www.cisco.com/c/en/us/td/docs/security/nac/appliance/configuration_guide/47/cam/47cam-book/m_webagt.html#wp1556106

  • While updating a programme,it shows installing but it is not doing.

    While updating a programme,it shows installing but it is not doing.

    Try rebooting the ipad by pressing and holding the home and sleep/wake buttons at the same time until the apple logo appears on the screen, then let go.
    May work for you

  • An XSD Exception occurred. The kind 'Note' does not exist in the CMS. (FWM

    Hi,
    I am trying to get the Know Rights for a report object without any success. Everytime my code hits this method it throws an exception
    An XSD Exception occurred. The kind 'Note' does not exist in the CMS. (FWM 04030) (WBP 42029)
    I am stuck with this problem for past two days and am not able to figure out any solution
    Can anyone please help me in this issue?
    Public Function GetObjectRights(ByVal CUID As String) As RightInfo()
            Try
                Dim m_BiPlatform As BusinessObjects.DSWS.BIPlatform.BIPlatform
                Dim urls() As String = _Session.GetAssociatedServicesURL("BIPlatform")
                m_BiPlatform = BusinessObjects.DSWS.BIPlatform.BIPlatform.GetInstance(_Session, urls(0))
                Dim _RightInfo() As RightInfo = m_BiPlatform.GetKnownRights(CUID)
                Return _RightInfo
            Catch ex As DSWSException
            End Try
        End Function
    Thanks,

    Hmm... I can't think of anything else that could be causing the problem.
    I don't know of any way to exclude the 'note' right since GetKnownRights() returns all known rights (RightInfo) for the type of object passed into the method.
    A suggestion might be to try getting the knownRights using the BOE .NET SDK (not web services) to see if the same error occurs.  There is some simple sample code that you can use as a test in the [BOE .NET SDK developers guide|http://help.sap.com/businessobject/product_guides/boexir31/en/boesdk_net_dg_12_en.chm].
    If this fails as well, then I can only assume that there is some problem with your install of Enterprise as I have tried many ways to reproduce the error you are getting, but cannot.

Maybe you are looking for

  • NotPrmUser showing up more often than it is supposed to

    Hello, I'm the admin for our P6 v7 system and we have recently expanded our user group to about 30 folks. 25 of the 30 access the software through the Web Access interface. According to Oracle technical solution ID 906128.1 the "NotPrmUser" should on

  • Number with more than 10 decimal places display as 0 in report

    We have a number stored on a table as this long with several decimal values. 2440.159999999999854480847716331481933593 On one PC it display in a Crystal report as 0 and to another user it displays at the 2440.   The report formats the display field w

  • PHP Form

    oh no! What do I do now? Please please help!! (thanks!) Now look what I got after I hit submit... Warning: mail() expects at least 3 parameters, 2 given in /home/content/s/t/e/stevensit/html/Corporate_Info/private/sendmail.php on line 22 Warning: Can

  • HT201210 what is the error 0xE8000024 when restoring ipad with itunes in recovery mode

    Ipad locked up and I had to restore via recovery mode.  error 0xE8000024 popped up several times during the process as well as the autoplay dialog box.  Is this normal?

  • Error in Auto Provisioning ( Access Enforcer )

    Hi, When I go to Access Enforcer -> configuration -> workflow -> auto provisioning , I get this error: Application error occurred during request processing.   Details:   java.lang.NullPointerException: null Exception id: [7ECF26E5A402006000000926000B