Need advice for an application that restricts access to other applications using a smart card

Similar Messages

• Why being prompted for login/password when using OVDC, smart card,token/vdi

  Hello,
  I'm using VDI 3.2.1, OVDC, smart card and i assigned a smart card token to a desktop pool.
  Inserting the smart card triggers a new VDI desktop selector which prompts for the login and password.
  Is there any reason why VDI is prompting for the login/password in the VDI selector when using a smart card especially that the smart card token has been assigned to a desktop pool ?
  Thanks
  Thierry.

  You still have to authenticate to get a desktop. If you assigned a token to a pool, the ability to be assigned a desktop is based on the token not the user ID. That means that any user will be assigned a desktop if they use that card.

• Need advice for deploy adf web fusion application created in Jdev11gTp4

  hello,
  need advice for deploy adf web fusion application created in Jdev11gTp4
  and it will be nice if you have helper sites
  thanks
  greenApple

  Is there something specific in TP4 that you want to use TP4 - as John suggests, it might be an idea to use the full production release (11g). As for resources for information you can check out
  [Jdev Home|http://otn.oracle.com/products/jdev] this page contains links to the developers guides and various how tos etc etc. The follownig page is also useful and is focused more to those who are less familiar with Java
  [JDev for Forms|http://otn.oracle.com/formsdesignerj2ee]
  Hope this helps and maybe if you can be more specific we can better guide you.
  Regards
  Grant

• On Windows 7, CS6 all products, but especially need help with ID.  Fonts that are showing in other applications are not showing in ID.

  on Windows 7, CS6 all products, but especially need help with ID.  Fonts that are showing in other applications are not showing in ID.

  The ID Program folder will be relevant to your OS...
  I took a shot and right clicked on my Scripts Samples, choose reveal in Explorer and opened up the ID Program folder.
  As shown, there is a Fonts folder.
  Drag/Copy/Paste fonts to this folder.

• Hi, my free trial license has expired, and I am wondering if it's possible to only pay for one month for after effects without locking for a year with monthly fee. I only need this for a project that is ending next week.

  Hi, my free trial license has expired, and I am wondering if it's possible to only pay for one month for after effects without locking for a year with monthly fee. I only need this for a project that is ending next week.

  Creative Cloud Plans
  https://creative.adobe.com/#plans

• I am using Office for MAC 2008, when I switch to other applications on my MAC and then go back to Office window it never brings me back to the window I was working on.  I have to click on the Window tab, but my window is ticked but not appearing. Why?

  I am using Office for MAC 2008, when I switch to other applications on my MAC, to copy and paste something for instance and then go back to Office window it never brings me back to the window/worksheet I was working on.  I have to click on the Window tab in excell for instance, but my window is ticked but not appearing. I then have to click on one of the other open files and then click back to the sheet I was working on for it to appear.  Can any one tell me why?

  Does that happen only on web pages that are running a Flash presentation? <br />
  When Flash "steals focus" from Firefox, you need to click outside the Flash presentation in the browser window, to regain focus in Firefox. A major problem arises when the Flash presentation is in the entire browser window, though. The Firefox developers are working on fixing that in Firefox, but it doesn't look like a fix is going to make it into Firefox 4.0, though.

• The use only smart cards for several hundred users

  How can I assign soon as possible,
  use only the smart card for
  a few hundred users? I also have
  a group of people who would like to allow the use of
  a login and password, and smart card.
  Using GPO to the computer,
  will be applied to the station, and I would just like
  to the user. I know that
  the card user can select
  to use a smart card, but
  how to do it automatically for a group of people
  (several hunderd)?

  I would use LDAP query via GUI tools (like AD Administrative Console) or console tools (Active Directory PowerShell module) get target users by using some filter and enable smart card checkboxes. GPO cannot be used to make changes in AD.
  My weblog: en-us.sysadmins.lv
  PowerShell PKI Module: pspki.codeplex.com
  PowerShell Cmdlet Help Editor pscmdlethelpeditor.codeplex.com
  Check out new: SSL Certificate Verifier
  Check out new:
  PowerShell FCIV tool.

• Need advice for wireless iTunes access (have router already)

  I'm having a hard time sifting through all the info to find the best solution. I have a MacBook Pro that I'll soon be upgrading to Lion from Snow Leopard, as well as an iPhone, with a second iPhone soon to enter the family. We also plan to get an iPad. We actually have an older iMac that we won't be upgrading, so we're going to move our iTunes library from the iMac over to the MacBook (basically turning the MacBook into our primary computer). We want to be able to play iTunes without having to keep the MacBook plugged into wired speakers. That seems a bit pointless.
  We have a wireless router already (a D-Link), so I don't need AirPort Express to act as a router. (We have a 1 bedroom condo, really no reason to extend the network or anything like that.) We have a printer that works wirelessly with the MacBook already. All I'm really trying to figure out is the best way to set it up so that we can have iTunes on the MacBook, playing over speakers (either the ones we currently have our iMac plugged into, or our stereo speakers that we have our TV setup with). Ideally if we could do the same from the iPhone and (future) iPad, that would be great, too.
  Does it make any sense for us to get an AirPort Express to do this, or would it just be more straightforward to get wireless speakers that can work over Bluetooth (like the Creative D200 ones in the Apple store)? I feel like the AirPort has the potential to be overkill for our usage, especially since I can't seem to figure out if you can use AirTunes with an iPad, and we don't need it for the wireless printing functions.
  Any advice would be appreciated. Thanks in advance!

  Thanks Leo! Yeah, I was confused about the 2500 series too because they push the Flex 7500 so much as the "real" solution.
  Now that I'm looking in the right spot, it looks like NCS Prime Infrastructure is for the serious folks and we could probably get away without it, right? So that would leave the access points, the controller, and the basic network stuff.

• Need advice for installing flex application in touch screen Kiosks

  Hello,
  We have a requirement in one of our project to create touch screen interfaces and I am intending to user Adobe Flex for the development and run them in Adobe Air because, definitely it saves development time and great look and feel.
  However, I need advice on how to connect the application to a touch screen events like we do on  Keyborad and mouse events like, click() or onFocus etc.
  Please advice.
  Best Regards,
  Jai Kishan Shah

  Bar Code Scanners are no different than keyboards in my experience.  It just sends the text to whatever application is open. Integrating it with Flex requires no effort.  You just have to be sure that Flex is the current application and the field you want to put the data in is given focus.
  In a point of sale application with very specific use case and limited interface, it is easy to force the app to give focus to the input field that needs to accept your input.
  Credit card swipers work the same way.
  I don't know about a weighing scale, but I bet it is very similar.  If not, you may want to use Java for scale integration and then use Merapi to integrate with the Java applet.

• How do you restrict access to custom applications?

  When I create portlets, there is usually an associated "admin" functionality that needs to be created for each custom application. An example is a shopping cart that we just created, we needed admins to be able to go in and upload photos.
  The way that I do this is I create a new portlet "Shopping Cart Admin" and restrict access to it that way. However, because I usually add everything in the /remoteserver/shoppingcart/. folder to the gateway space (its too painful to add one by one), this means that I can't put admin.aspx in that folder. So I usually end up creating a NEW folder /remoteserver/shoppingcartadmin/ for the admin portlet.
  Long story short, its a lot of work. I know that I could try to use activity rights, but those seem very global. How do you control edit access to your custom portlets?

  Well, there are a few different ways to go about it. You could add a preferences page with the admin functionality, and then an admin would just have to click the little pencil in the portlet titlebar. No admin/edit access, no little pencil.
  I have often set the visibility of an ASPX control directly from activity rights, in OnPageLoad, if it isn't postback time. The activity rights should be inherited by the user, through the user's group. Best practise is to create empty groups called Roles, add activity rights to the Roles, and then have the actual groups (that contain users) inherit from one or more Roles.
  You already knew that part, I added it for the others. My personal definition of a portlet is 'polymorphous instance of a web service'.
  So:
  Role: Store Manager (has Edit Shopping Cart activity right)
  ^
  Group: Store Managers (has Store Manager parent group)
  User: Vladimir (inherits Edit Shopping Cart activity right)

• Need advice for starting a Managed Cloud Service for Small Businesses

  I hope this is in the right forum.  I have done a lot of research and searching but havent found anything that specifically answers, in total, what I am wanting to accomplish.  I live in a small town and want to start a Managed Cloud Services for
  small to small-medium business in my area (2-30 users for each business).  I want to market this to have businesses replace their in-house server(s) to virtual ones I would host in a local Data Center with my own equipment that I would maintain.  I
  am just starting off so I don't have any clients I do this for currently, but I get asked about this frequently.  I want to run a 2012 R2 Domain Controller and a Hyper-V 2012 R2 server.  The virtual servers I will host are going to be for AD, RDS,
  FTP, and files.  Software examples that people are going to be using these virtual servers for are Quickbooks, Sage Accounting, Remote Desktop or RemoteApp, custom CRM or small database software, Office 2013, etc.  No Exchange currently but will
  probably configure something for that in the future (maybe run 1-3 virtually for now if someone asks, but will only do it if the user base is fairly small ~under 10 users).  I only have 1 static IP to work with over a 100Mbps connection up and down.
  For hardware, I am figuring something along the lines of this:
  (1) 1U, single CPU w/2-4 cores, 8GB, 2x73GB SAS 10k RAID 1, Dual PSU, running Windows Server 2012 R2
  Domain Controller
  (1) 2U, 2x 8-core Xeon ~2.6Ghz, 80GB RAM, 8x600GB SAS 15k in Raid 10 for Storage (VHDX files, etc), RAID 1 small Basic drives (or USB stick) for OS, Dual PSU, Quad GB Nic which I can use for load balancing/teaming, Hyper-V
  2012 R2
  Hyper-V Virtual Server
  (1) GB Unmanaged Network Switch & (1) Cisco 5510 Firewall
  Most of my questions are about the best way to configure this.  I am planning on managing my Hyper-V from the physical Domain Controller server.  Each virtual server will have RDS & (possibly) AD services on a single server.
  1) I want to replicate the physical Domain Controller.  Should I get another server or just virtualize the replica in Hyper-V?  I understand that if the Hyper-V goes down, so does my DC replica.
  2) Should I use my Domain Controller to manage ALL users on each virtual Server, by creating separate Organizational Units for each business?
  3) Should I setup my domain controller with Hyper-V management and then each Virtual Server I setup be a separate domain (Ex. mydomain.local, business1.local, business2.local, etc)?  Each one has no connection to any
  other, completely seperate.  Or should I do subdomains (business1.mydomain.local).
  4) What I have read is that Subdomains are a pain to manage with user rights, etc.  I want to keep each server complete separated from one another over a network connection, I suppose the VLan through Hyper-V options
  do this?  I dont want wondering users to stumble upon another businesses files (I know they would probably be prompted with a login for that business/domain).
  5) For each virtual server, I want to create and have an HTTP subdomain point to that server from my domain name. (Ex: business1.mydomain.com, business2.mydomain.com, etc.)  I want them to be able to have access to
  only their RemoteApps or be able to type that address in their Remote Desktop program as the host name.  This would be for viewing the RemoteApp login page and RemoteApps for that business over HTTP/S through a browser.
  6) If I do not have separate DC's in each virtual and my main DC manages each one, is their a way to connect up each companies RemoteApps using a single site that only shows what they are assigned to based upon their login?
  (Ex. http://login.mydomain.com which then shows that user what they are assigned on their own virtual server)
  7) Since each business will use the same ports for RemoteApp (443) & RDC (3389 unless I change it), how would I setup the subdomains to point to their correct server and not overlap for mess with any of the other servers
  since its all over 1 static WAN IP for all servers.  Thats why I figured setting up IIS subdomains would solve this.
  8) For backups or Hyper-V replication, is it better to have software that backs up the ENTIRE Hyper-V server (Acronis Advanced Backup for Hyper-V) as well as replication or just backups?  Or should I do separate file
  backup on each virtual with a replica?  Can a replica be a slower server since its just a backup? (Ex. 1x 8 core, 80GB, 8x600GB 10k SAS)
  9) For the servers that will be using FTP, can I again rely on the subdomains to determine which server to connect to on port 21 without changing each FTP servers ports?  I just want each business/person to type in
  the subdomain for their business and it connect up to their assigned FTP directory over port 21.
  10) If the physical DC manages DNS for all Virtual servers, can I forward sub domain requests to the proper virtual server so they connect to the correct RemoteApp screen etc.  Again all I have is 1 IP.
  I hope all of these questions make sense.  I just want every business to be independent of each other on the Hyper-V, each on their own virtual server, all without changing default ports on each server, each server running RDS, (possibly) AD, (a few) FTP,
  and all over a common single WAN IP.  Hoping subdomains (possibly managed through IIS on the physical DC) will redirect users to their appropriate virtual server.

  If you really want to run your own multi-tenant service provider cloud, Microsoft has defined the whole setup needed.
  They call it Infrastructure as a Service Product Line Architecture.  You can find the full documentation here -
  http://blogs.technet.com/b/yuridiogenes/archive/2014/04/17/infrastructure-as-a-service-product-line-architecture.aspx
  There are several different ways of configuring and installing it.  Here is a document I authored that provides step-by-step instructions for deploying into a Cisco UCS and EMC VSPEX environment -
  http://www.cisco.com/c/dam/en/us/td/docs/unified_computing/ucs/UCS_CVDs/ucs_mspc_fasttrack40_phase1.pdf
  This document contains the basic infrastructure required to manage a private cloud.  I will soon be publishing a document to add the Windows Azure Pack components onto the above configuration.  That is what would more easily provide a multi-tenant
  experience with a Azure look and feel.  It is not Azure, but the Azure pack is a series of applications, some of which came from Azure, the provides Azure-like capabilities only in a service provider type of environment.
  Whether you use my document or not (which has actually corrected errors found in the Microsoft documentation), you should take a look at it to see what it takes to put something like this up, if you are really serious about it.  It is not a small undertaking. 
  It requires a lot of moving pieces to be coordinated.  Yes, my document is designed to scale to a large environment, but you need the components that are there.  No need re-inventing the wheel.  Microsoft's documentation is based on a lot of
  real hands on experience of their consulting organization that has been doing this for customers for years.  This one is also know as Fast Track 4.  I've done 2 (2008 R2) and 3 (2012), also and it just keeps getting more complicated based on customer
  demands and expectations.
  Good luck!
  . : | : . : | : . tim

• I need API for Narrator in Ease of Access

  Hi,
  I need to see if Narrator accessibility is on/off. (Only on WP 8.1)
  How can it be done? Is there any API for this?
  I was googling for a long time and can't see anything.

  While I recognize the potential for abuse, an API for determining whether or not Narrator is running would be very useful for developing accessible apps that work across devices.
  In my limited experience developing the test application for a Cordova accessibility plugin on Windows Phone 8.1, I can provide a couple good reasons for providing a way to detect if Narrator is running.
  Aria live regions simply don’t appear to work on Windows Phone 8.1. If you test any web pages that use live regions, Narrator on Windows Phone fails to announce changes to the live region. 
  Live regions seem to work on the desktop, but are harder to work with for providing text to speech for complex interactions than the Windows.Media.SpeechSynthesis API. For example:
  It’s difficult to stop speaking a live region update. Once, a screen reader starts speaking a string from a live region, removing the text node or replacing it with an empty string will not stop speaking that string.
  I’ve implemented "speak" and "stop" methods to speak or stop speaking a string of text in my Cordova accessibility plugin for Windows, but without knowing whether or not Narrator is on or off, the methods will work all the
  time, even when Narrator is off, which is not desirable.
  Cordova apps are often developed to use gestures for navigation. The pointer event listeners that respond to these gestures may not be accessible when Narrator is active, in which case is important to provide an alternate mode of navigation. Windows
  Phone already provides an example of this; if you scroll to the bottom of the start screen, there is a button that navigates to the application list, which may be there for accessibility, because the two-finger swipe gesture to access the application
  list may not be easily discoverable to someone using Narrator.
  Here are links to the test application and mobile accessibility plugin for reference:
      Test App: https://github.com/majornista/phonegap-mobile-accessibility-test
      Plugin: https://github.com/majornista/phonegap-mobile-accessibility-test

• Set logon hours for security groups that will access RDS 2012

  Hi All,
  We have the following hardware for our RD Web solution:
  1 Server – RD Gateway, RD Licensing, RD Web Access, RD Connection Broker
  1 Server – RD Session Host 1
  1 Server – RD Session Host 2
  Our environment consists of the following:
  1 Windows Server 2012 R2 domain controller at the main office, 4 additional 2003 R2 domain controllers scattered
  throughout our 4 remote offices. Domain functional level of 2003. This all works under one flat domain called  company.business.com
  We have RDS up and running, and all of our users are able to access it through the internet either from home or  directly from their remote office. Our next step is to focus on restricting
  access.
  In Active Directory, we have accounts for Support Staff, and accounts for Sales People. They will all have access to RDS in
  the following ways:
  Support Staff will use it from 8am to 5pm throughout the day so that they may connect to the Mickey Mouse 2000 software that is located in the main office
  Sales People will use it 24/7 for all intended purposes
  How do we set it so that Support Staff can only access it internally but not externally when they are outside of the
  office while still providing 24/7 access to the Sales People?
  Can this be accomplished using security groups or logon hours? All input is greatly appreciated, thank you!

  Hi,
  Thank you for posting in Windows Server Forum.
  Based on your description seems you want to have user to get access your software by RemoteApp. You can achieve your desired solution with below steps.
  • Support Staff will use it from 8am to 5pm throughout the day so that they may connect to the Mickey Mouse 2000 software that is located in the main office
  • Sales People will use it 24/7 for all intended purposes
  For above one, you can restrict the access to particular user\group from the “ADUC>Users properties>Account>Logon Hours” where need to specify the time limit for user to Logon or denied logon.
  How do we set it so that Support Staff can only access it internally but not externally when they are outside of the office while still providing 24/7 access to the Sales People?
  When you have setup your environment, you have configured RD RAP and RD CAP; right? You can try not to include the user group that you don’t want to have outside environment. Please check following article for information.
  Checklist: Make RemoteApp Programs Available from the Internet
  http://technet.microsoft.com/en-in/library/cc772415.aspx
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  TechNet Community Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Need advice for escalating warranty repair

  hi all,
  around easter I noticed my daughters 2007 C2D macbook(white) developing hairline cracks in the backcase near three stress points, near the tabs on both sides that hold it off the topcase and in the middle from constant opening of the machine. the local genius said applecare would cover it but she needed it for school so I delayed sending it in. My Bad. She comes home with a chip in the topcase and about 12-14 dead pixels in the display. Sent it off for repair and Apple said the screen showed signs of abuse( not completely out of the question) due to one section that seems to have been "bruised" and is leaking. Unless she or a spurned lover took an icepick to the screen I don't see how she caused over a dozen pixels scattered all over the display to fail but I am not an engineer. The problem is they will not perform the case repair unless I agree to the $800 LCD replacement. The reason being they can't perform a partial repair. The way I heard it is until I replace the LCD at my expense apple in unable to do any warranty repairs and i have 14 Months of Applecare left. My local apple store is closed for renovations or I would go there where they recognize me for advice. Powerbook Medic quotes $250 for screen replacement. should I do that and then resubmit the machine to Apple for case repair? Is there a Phone number for customer service other than tech support I could try to escalate this case with? The only one I see is the Apple Store CS for orders and such. Anyone have any thoughts or recommendations?
  Thanks,
  Frank

  Is there a Phone number for customer service other than tech support
  You call the support line and asked to be transferred to customer relations.

• Hello, I am running a Mac book pro soft. 10.5.8 version. Since june the current year I did not get any updates for the software or any kinds of other application, in my opinion that's weird for such a company.

  Hello, I am running a Mac book pro soft. 10.5.8 version. Since June the current year I did not get any updates for the software or any kinds of the other application, in my opinion that's weird for such a company.
  The problem that I have now is with the Iphone 5 which is not supported for the current Itunes and I can not download the Itunes 10.7 version. What I supposed to do in this case because I can not syncronize at all.
  Please give me a hand as soon as possible.
  Many thanks

  Mac OS X 10.5.8 is years old, 3 major versions out-of-date and unsupported at this point. You will never get any further updates for 10.5.8, and more and more applications will stop supporting 10.5.8 as time goes on. As mende1 points out, you can buy Snow Leopard (Mac OS X 10.6), which will let you use your new iPhone with your computer, but you need to make sure your computer's hardware is supported. See the system requirements for Snow Leopard:
  http://support.apple.com/kb/SP575
  If your computer cannot run Snow Leopard, you will need to either buy a new computer or abandon any thoughts of syncing the iPhone with that computer.
  Also, note that you'll get far better integration of your iPhone and your Mac if you're using Lion (Mac OS X 10.7) or Mountain Lion (Mac OS X 10.8), which are required to use iCloud. Of course, the requirements of those systems are even steeper than those of Snow Leopard:
  http://support.apple.com/kb/HT4949
  http://support.apple.com/kb/HT5444