New SCCM clients don't communicate with SCCM servers
Hi,
I've got an infrastructure of 4 SCCM 2012 R2 servers, 1 Primary in US, 3 secondary in Europe, Asia and US again.
As I discovered, European clients visible in SCCM console as "active" in Client Activity are discussing with the SCCM. All inactives or new clients are detected but don't receive any policies or can't be remoted by SCCM (RDP is working).
I checked the log files, the boundaries, the certificates, the sites, MPs, client settings, DNS and I don't see any problems.
We don't have firewall between sites and there is a GPO disabling the firewall on clients, so I don't believe it could be that issue.
I tried to Telnet the SCCM server from a "blank" client on port 10123 and it's reachable.
as far as I can see, other sites are fine, but still waiting feedback from local IT colleagues.
what else could I try?
thanks for helping.
This typically means the client's are NOT falling within the boundaries of you site. AKA, the IP range not added to CM12, DHCP scopes changed, AD subnet changed, etc.
I disagree. Boundaries do not come into play in that scenario. The client (once assigned to a site! And that can also be done manually without any boundaries) will happily retrieve policies even without any boundaries defined.
I agree that once they are assigned to a site they don't need any boundaries but are the clients assigned? Are they using auto assigned them? If you are using auto assigned and the boundaries are wrong then they will only see the two items.
So the question is are they assigned to the site? (Just because they show up within the console do not mean that they are assigned)
IMO the problem sound like they are using auto assignment, hence the question about boundaries.
Garth Jones | My blogs: Enhansoft and
Old Blog site | Twitter:
@GarthMJ
Similar Messages
-
Tarantella native client don`t printing with printer usb
tarantella native client don`t printing with printer usb
agreed with Wai on upgrading. The first test should be outside of SGD . . . does UNIX print to that USB printer? If not then chances are Tarantella 3.30 will not. If you upgrade to 4.31 you will need to first upgrade to 3.42 then to 4.20 before upgrading to 4.31. Under 4.31 we support PDF printing from UNIX servers. With PDF printing you should have no problem printing to a USB printer.
-
Cannot Communicate with Datasocket Servers on Private Networks
I have not had the opportunity to confirm nor deny the reports I'm getting about an application that I've built and distributed, but let me give you the details and I'd like to know if anyone has heard of this and might be able to give me some words of wisdom.
I have a rather simple program that uses a datasocket server to publish data that multiple client computers read (the clients are ONLY readers, and the host is the only writer). The computers are all connected to a 4-port router, and the computers within the network can ping each other, FTP files back and forth to each other, and can also share Windows shares (they're all WinXP computers). These computers have their firewalls completely turned off, and the router has no built-in firewall; my contacts have tested 4 different models of routers and get the same behavior on all 4 of them.
Anyway, on a closed network where the router is NOT plugged into the internet, the client machines cannot communicate with the Datasocket server via dstp (or any mechanism thereof). To communicate with the datasocket server, I use the raw IP address of the computer, like: dstp://192.168.1.100/namespace/variable. When the software attempts to make the connection, errors saying the datasocket server/variable does not exist spew out. Remember that machines on this network can ping each other, communicate with each other via windows shares, and can even FTP files back and forth.
Once a live internet connection is plugged into the router, everything seems to spring to life. All communication with the datasocket server immediately begins working (when it is attempted to connect again).
I initially thought the problem might be related to a stale DNS server entry in the network configuration, but even after resetting the router (so that the router has default values and points to itself for DNS lookups) the problem still exists. They've rebooted the computers connected to the router NOT on the internet to make sure all the new network values are taken, and still no luck.
Has anyone run into this and found a workaround? Unfortunately where we need to set up this network is not near a live internet connection, and we're beginning to be SOL if we cannot find an adequate workaround.
Thanks!
-DannyDanny,
This definitely seems like an issue with your router/configuration -- unfortunately after searching around I don't have much to offer, but here are a few thoughts --
Is it possible that the router is somehow dependent on its uplink port being connected? Have you searched the router's configuration utility/KnowledgeBase for anything that sounds like this issue? Could it be possible to disable this? Is it possible that some application, whether on the router itself or an application on your client PCs is constantly trying to ping something on the internet and hogging bandwidth because a connection cannot be established?
I was a little confused by these two statements which seem conflicting:
"When the software attempts to make the connection, errors saying the datasocket server/variable does not exist spew out."
"I am usually able to connect to the datasocket
server, but my data coming from the datasocket server is VERY slow and
very spotty. My data becomes stale and is not refreshed any more."
Are you still getting errors as mentioned in the first statement? If not, what changed?
One thing that may be of use is to use a low level traffic monitoring utility like Ethereal and compare packet types and volumes when the Internet is connected and when it is not.
Message Edited by Doug M on 12-15-2006 04:28 PM
Doug M
Applications Engineer
National Instruments
For those unfamiliar with NBC's The Office, my icon is NOT a picture of me -
Brand new MacBook -- how can it communicate with my old iMac
I just got a new 2.2 GHz MacBook (black) with the current version of Leopard installed (10.5 I guess, I'm posting this from my PC at work, so I can't check). No real problems so far. I've been able to access the Internet through my cable modem at home (had to unplug my desktop, more on that below) and through Wi-Fi.
I still have and plan to keep my G3 iMac desktop machine, running OS 10.2.8, and my basic question is how I can get my two Macs to talk with each other. I don't currently have any sort of network at home -- I'm the only computer user. Setting up an AirPort station would make sense, since it would allow me to use the MacBook anywhere in the house. I'd need to install an AirPort card in the iMac, and the card that's currently available in the online Mac store is AirPort Extreme, which I don't think would work with the old iMac. (The specs say "AirPort Extreme Cards cannot be used in AirPort-ready computers with an AirPort Card slot.") Does any one know if there's a way to use the same AirPort station with both computers.
Since the primary reason for the computers to communication with each other would be to share files, connecting them with some sort of cable would be another option. When I asked the Apple store salesman what I would need, he sold me an Ethernet cable, but that doesn't seem to do the job. If I connect it to the Ethernet ports on both machines, they don't seem to see each other. Do I need some kind of router to connect both machines? Actually if there was a router that connected both computers to the cable modem, one cable could go to the iMac and the other to an AirPort station that would communicate with the MacBook, solving my issue above. Can I do anything via USB ports?
If all else fails, I could e-mail files to myself, but seems a rather roundabout way of doing things.Usually you use a router as the hub for the computers to talk to each other over Ethernet wires or WiFi. When you hook the two computers up directly, you need a cross-over Ethernet cable, which is different from a standard Ethernet cable. (Although some of the newer computers can sense and use either, but I'm not sure about the older G3.)
A wired/wireless router would definitely be the way to go, why not take advantage of your MacBook wireless capability? This will let you share the internet connection, share files, and a printer between the two computers. Just about any router would work from Netgear, Linksys, Newer Technology, or the Apple Airport. Using an Airport Extreme Base Station would allow you to use an Ethernet cable for the G3 iMac and the WiFi for the Macbook. I currently use one this way with my older G3 Desktop and a MacBook. (I think the first time you start up the Airport you configure it over the Ethernet cable, I don't remember if you can do it wirelessly or not the first time.) You plug the cable modem into the router, then each computer into the router, (or connect over WiFi).
Once you have the Airport set up you can turn on file sharing and access each other's hard drive and printer over the network. Should you ever get a PC or have a visitor with one, they can connect also. Set up the password protected encryption and don't broadcast the network name so passersby can't see and connect to your network. -
New hp drivers don't work with 10.8.2 a fix??
Downloaded new hp driver supposed to work with 10.8.2, but doesn't
Any suggestions?Would you tell us which exact model of HP Printer you have, and which version number of driver you downloaded?
Hope this helps -
Client can not communicate with MP over https. Certification Problem
Hi All,
I have been fighting with this problem for the last 3 days and couldn't solve yet. So, I hope we can solve it here.
I am trying to install client manually from a usb drive by using the below command.
Ccmsetup.exe /usepkicert smsmp=”srvsccm2012.domain.local” ccmhostname=”sccm.domain.tr” smssitecode=”AUTO”
Client Installs on workstations but only info that I can see under Configuration Manager Properties are:
Client Certificate: None
Connection Type: Currently Intranet
Version:5.00.x.x
So, there is a problem with connection to MP, It can not get policies and certificate info (PKI) etc...
If I try to browse these urls, result is 403 - Forbidden: Acces is denied.
http://siteservername/SMS_MP/.sms_aut?MPCert<o:p></o:p>
http://siteservername/SMS_MP/.sms_aut?MPlist<o:p></o:p>
This makes me think certificates are messed up but if I try to browse my MP with the url below, Result is IIS 8 page.
https://sccmserver.domain.local
I can see these errors in my log files:
CcmMessaging Log errors:
Post to http://”myservername.mydomain”/ccm_system/request failed with 0x87d00231.
Failed in WinHttpSendRequest API, ErrorCode = 0x2ee7.
ClientIDManagerStartup Log errors:
RegTask: Failed to refresh site code. Error: 0x8000ffff
LocationServices Log errors:
Failed to retrieve DNS service record using _mssms_mp_”auto”._tcp.mydomain lookup. DNS returned error 9003
Policy prevents failover to WINS for lookup
LocationServices 8/26/2014 4:18:29 PM
3900 (0x0F3C)
LSGetSiteVersionFromAD : Failed to retrieve version for the site '”AUTO”' (0x80004005)
The ip address of workstation on DNS is correct.
I can ping and resolve the name of MP from workstation.
I want to check if my certificates are OK but I dont know how to make sure certificates are good. Please advise.
By the way, This problem is happening on the newly reformatted workstation, existing workstations can be re-installed with client without problems.
Yavuz Selim AtmacaHi Peter,
I checked IIS Logs and I didn't see any error messages.
I checked the certificate requirements and I think there is no problem with them.
certutil -verify -urlfetch command outputs some results that I couldnt understand. Here it is:
ssuer:
CN=mydomain-SRVDC01-CA
DC=mydomain
DC=edu
DC=local
Subject:
EMPTY (DNS Name=selimtestPC.mydomain.edu.local)
Cert Serial Number: 29e6fe37000000005edb
dwFlags = CA_VERIFY_FLAGS_ALLOW_UNTRUSTED_ROOT (0x1)
dwFlags = CA_VERIFY_FLAGS_IGNORE_OFFLINE (0x2)
dwFlags = CA_VERIFY_FLAGS_FULL_CHAIN_REVOCATION (0x8)
dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000)
dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000)
ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN (0x20000000)
HCCE_LOCAL_MACHINE
CERT_CHAIN_POLICY_BASE
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
ChainContext.dwRevocationFreshnessTime: 7 Hours, 33 Minutes, 49 Seconds
SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
SimpleChain.dwRevocationFreshnessTime: 7 Hours, 33 Minutes, 49 Seconds
CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=0
Issuer: CN=mydomain-SRVDC01-CA, DC=mydomain, DC=edu, DC=local
NotBefore: 26.08.2014 14:19
NotAfter: 26.08.2016 14:29
Subject:
Serial: 29e6fe37000000005edb
SubjectAltName: DNS Name=selimtestPC.mydomain.edu.local
Template: ConfigMgr Client Certificate
74 cf 94 a4 5d 72 0f e9 19 d1 36 b4 5c 06 4e 55 12 04 89 26
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
---------------- Certificate AIA ----------------
Verified "Certificate (0)" Time: 0
[0.0] ldap:///CN=mydomain-SRVDC01-CA,CN=AIA,CN=Public%20Key%20Services,CN=Servi
ces,CN=Configuration,DC=mydomain,DC=edu,DC=local?cACertificate?base?objectClass=cer
tificationAuthority
---------------- Certificate CDP ----------------
Verified "Base CRL (057a)" Time: 0
[0.0] ldap:///CN=mydomain-SRVDC01-CA,CN=SRVDC01,CN=CDP,CN=Public%20Key%20Servic
es,CN=Services,CN=Configuration,DC=mydomain,DC=edu,DC=local?certificateRevocationLi
st?base?objectClass=cRLDistributionPoint
Verified "Delta CRL (057a)" Time: 0
[0.0.0] ldap:///CN=mydomain-SRVDC01-CA,CN=SRVDC01,CN=CDP,CN=Public%20Key%20Serv
ices,CN=Services,CN=Configuration,DC=mydomain,DC=edu,DC=local?deltaRevocationList?b
ase?objectClass=cRLDistributionPoint
Verified "Delta CRL (057a)" Time: 5
[0.0.1] http://srvdc01.mydomain.edu.local/CertEnroll/mydomain-SRVDC01-CA+.crl
Verified "Base CRL (057a)" Time: 4
[1.0] http://srvdc01.mydomain.edu.local/CertEnroll/mydomain-SRVDC01-CA.crl
Verified "Delta CRL (057a)" Time: 0
[1.0.0] ldap:///CN=mydomain-SRVDC01-CA,CN=SRVDC01,CN=CDP,CN=Public%20Key%20Serv
ices,CN=Services,CN=Configuration,DC=mydomain,DC=edu,DC=local?deltaRevocationList?b
ase?objectClass=cRLDistributionPoint
Verified "Delta CRL (057a)" Time: 4
[1.0.1] http://srvdc01.mydomain.edu.local/CertEnroll/mydomain-SRVDC01-CA+.crl
---------------- Base CRL CDP ----------------
OK "Delta CRL (057e)" Time: 0
[0.0] ldap:///CN=mydomain-SRVDC01-CA,CN=SRVDC01,CN=CDP,CN=Public%20Key%20Servic
es,CN=Services,CN=Configuration,DC=mydomain,DC=edu,DC=local?deltaRevocationList?bas
e?objectClass=cRLDistributionPoint
OK "Delta CRL (057e)" Time: 4
[1.0] http://srvdc01.mydomain.edu.local/CertEnroll/mydomain-SRVDC01-CA+.crl
---------------- Certificate OCSP ----------------
No URLs "None" Time: 0
CRL 057a:
Issuer: CN=mydomain-SRVDC01-CA, DC=mydomain, DC=edu, DC=local
a4 81 a4 bb 01 7e e1 be e2 33 4b 06 5d 00 3c 30 97 93 27 f6
Delta CRL 057e:
Issuer: CN=mydomain-SRVDC01-CA, DC=mydomain, DC=edu, DC=local
52 c5 95 b3 9d c2 9d 22 ee fa 3b c4 b9 04 08 3e 95 98 1d 5c
Application[0] = 1.3.6.1.5.5.7.3.2 Client Authentication
CertContext[0][1]: dwInfoStatus=10c dwErrorStatus=0
Issuer: CN=mydomain-SRVDC01-CA, DC=mydomain, DC=edu, DC=local
NotBefore: 22.10.2010 16:50
NotAfter: 22.10.2025 17:00
Subject: CN=mydomain-SRVDC01-CA, DC=mydomain, DC=edu, DC=local
Serial: 49c50a78f367cdb8466cd34160977233
Template: CA
01 a8 da 41 35 f7 52 be 7a 9b 4d 26 3d ee 33 af c4 e0 9c e0
Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4)
Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
---------------- Certificate AIA ----------------
No URLs "None" Time: 0
---------------- Certificate CDP ----------------
No URLs "None" Time: 0
---------------- Base CRL CDP ----------------
OK "Delta CRL (057e)" Time: 0
[0.0] ldap:///CN=mydomain-SRVDC01-CA,CN=SRVDC01,CN=CDP,CN=Public%20Key%20Servic
es,CN=Services,CN=Configuration,DC=mydomain,DC=edu,DC=local?deltaRevocationList?bas
e?objectClass=cRLDistributionPoint
OK "Delta CRL (057e)" Time: 4
[1.0] http://srvdc01.mydomain.edu.local/CertEnroll/mydomain-SRVDC01-CA+.crl
---------------- Certificate OCSP ----------------
No URLs "None" Time: 0
CRL 057a:
Issuer: CN=mydomain-SRVDC01-CA, DC=mydomain, DC=edu, DC=local
a4 81 a4 bb 01 7e e1 be e2 33 4b 06 5d 00 3c 30 97 93 27 f6
Delta CRL 057e:
Issuer: CN=mydomain-SRVDC01-CA, DC=mydomain, DC=edu, DC=local
52 c5 95 b3 9d c2 9d 22 ee fa 3b c4 b9 04 08 3e 95 98 1d 5c
Exclude leaf cert:
58 db 23 c9 81 00 ff 3e de e0 13 da 87 29 66 96 56 45 51 cd
Full chain:
ba 55 5a 92 f0 b4 69 47 01 d7 02 23 1c db 7e 88 66 f2 42 dc
Verified Issuance Policies: None
Verified Application Policies:
1.3.6.1.5.5.7.3.2 Client Authentication
Leaf certificate revocation check passed
CertUtil: -verify command completed successfully.
I just checked SCCM SystemStatus/ Component Status from the SCCM Console and found errors under SMS_MP_CONTROL_MANAGER
component:
"MP has rejected a message from GUID:A90AA88F-FB10-407C-B2ED-DCE41479FBDC because the signature could not be validated. If this is a valid client, it will attempt to re-register automatically so its signature can be correctly validated."
Should I delete all config manager related certificates and re-create them?
Yavuz Selim Atmaca -
Old version of iTunes on laptop won't transfer music to my new iPhone.
Your profile shows you are running Lion (10.7.5). If this is the case, you certainly can sync with a new iPhone. If you are not running Lion, you will need to upgrade to at least Snow Leopard (10.6.8). See below to purchase.
http://store.apple.com/us/product/MC573/mac-os-x-106-snow-leopard -
New Creative players don't work with Dell Laptops
i found out the source of my problem (pretty sure anyway)
Dell underpowers their USB ports on the laptops, so then i can't use my Vision:M because it is not recognized, even though all the files between my desktop and the laptop are nearly identical (all the MTP support stuff is for sure)
just thought i would share, and i hope creative comes up with a fix, there is going to be a hell of a lot of pissed of people**bleep**!? I have this problem too (perhaps). I have now gotten 2 Zen Nano Pluses and they both APPEAR to work out of the box. As soon as I hook it up to my Dell C series (hey, my company makes us keep them 4 years...) and sync the music, the thing plays for 3 seconds and shuts off. The only odd thing I see is that I get this message about hooking to a /2 powered USB hub, but the message seems to indicate everything SHOULD work fine, but it seems to fry the inards of the Zen. Oh and to the guy who implied that Creative should not have to create a fix for this, well, who do you think makes a **bleep**load of computers in the world? Dell. Seems to me I'd want to know how my little mp3 players acted with computers from one of the world's largest makers.
And if any of you guys from Creative are bothering to look in on these forums, people in the real world don't replace their computers every year. They keep them for several years. So, please keep some old models around so you won't have a bunch of pissed off customers.
But more to the point. Are internals of the mp3 player fried or can they be fixed with software. And applying the firmware RETROGRADE doesn't work. I say retrograde because my Nano plus had .04 firmware out of the box and the little file the techie sent me DOWNGRADED the firmware to .03. Marvelous!? Such technical support. It leaves one speechless. -
New dualshock3 controller don't pair with z2 tablet
Today I received my new dualshock3 controller but when I connect it to my z2 tablet and try to pair them after some seconds I receive this message :
Unfortunately, dualshock3 wireless controller stopped
Anyone have the same problem?
What do I do?Is the controller charged? is it a Sony DualShock 3 or a third party? Are you using the proper cable?
"I'd rather be hated for who I am, than loved for who I am not." Kurt Cobain (1967-1994) -
How does Oracle client communicate with a database server
Looking to idenify how Oracle Database Client for OpenVMS communicates with database server and whether the protocol used is secure. Realize that it is using whatever the configured network protocol is (ie. tcpip) but is languauge it uses ( ie. SQL, etc..) secured/encrypted and if not what steps can be taken to encypt
Arizuddin wrote:
I have installed oracle client 10g on client pc for getting connection to Oracle databse 10g (runng on windows server) usng ODBC through SAGE ACC PAC (ERP). Working fine earlier. Now all of a suddent user starts complaining about database connection. When checked his pc registry values. Two values of ODBC keys are reset to null. Those are DSN and DRIVER values. How come this values reset to null? What is causing this to reset?Nothing in this has anything to do with the sever. You need to check what the client did on his machine that caused registry to get modified?
How does oracle ODBC works with Oracle database? Need to know all the steps involved?The connectoin from any client is initiated by a client process. This client process is supposed to get a server process to do his work. So if this is done, the client can work now with oracle . Please see the concepts guide for the gory details of the entire process.
HTH
Aman.... -
Can BEA JMS C APIs be used to communicate with other JMS servers?
Hello,
Can BEA JMS C APIs be used to communicate with other JMS servers?
If yes, is it enough to download, compile the JMS C APIs, and link the C applications to the libraries (shared or static) produced?
If not, can you point me to an open source framework that can be used to enable C applications to communicate with JMS servers?
I have HP-UX server that has both C and Java compilers (Java 1.5).The JMS C client is a pre-compiled library - we don't supply the source - so C applications link to it. If I recall correctly, there is an HP version. The C client library is actually thin layer that uses JNI to directly invoke a Java JMS client running in an embedded JVM.
The library might work with other vendor's Java JMS clients, but BEA does not officially support this usage.
Tom -
I wrote application, in it I gather all files in direction tomcat server( c:\xampp\tomcat\webapps ) in direction 'ram'. So all file are in ram direction. Server work, but client don't. In client file I have code:
import java.rmi.*;
import java.rmi.server.*;
public class ProduktKlient {
public static void main(String args[]) {
System.setProperty("java.security.policy","nowy.txt");
System.setSecurityManager(new RMISecurityManager());
String url="rmi://localhost:8080/ram/";
try{
Produkt p1=(Produkt)Naming.lookup(url+"delf");
Produkt p2=(Produkt)Naming.lookup(url+"kar");
System.out.println(p1.getOpis());
System.out.println(p2.getOpis());
}catch(Exception e) {}
}In my file nowy.txt I wrote:
grant {
permission java.net.SocketPermission "localhost:1024-65000","connect";
permission java.net.SocketPermission "localhost:8080","connect";
};I think that client don't connect with server. When I run client programm, nothing answer.
What is wrong in this application? If You want I send all aplication, but server work and objects are registry, because I try it.
Please help me.Thanks sim085 but it don't work still.
I don't have file registry.bat. I have classpath for java 1.5 in my system Windows.
I sent you two files: ProduktClient.java and nowy.txt so I send you now another files in my direction 'ram'. I have all files in path: c:\xampp\tomcat\webapps\ram.
ProduktServer:
import java.rmi.*;
import java.rmi.server.*;
public class ProduktServer {
public static void main(String arg[]) {
try{
ProduktKlas p1=new ProduktKlas("Delfinek");
ProduktKlas p2=new ProduktKlas("Karp");
Naming.rebind("delf",p1);
Naming.rebind("kar",p2);
}catch (Exception e) {}
} interface Produkt.java:
import java.rmi.*;
public interface Produkt extends Remote {
String getOpis()throws RemoteException;
ProduktKlas.java:
import java.rmi.*;
import java.rmi.server.*;
public class ProduktKlas extends UnicastRemoteObject implements Produkt {
private String nazwaProduktu;
public ProduktKlas(String nazwa)throws RemoteException {
nazwaProduktu=nazwa;
public String getOpis()throws RemoteException {
return "It is name: "+nazwaProduktu;
}Of course I have file ProduktKlas_Stub.class, which I do through rmic tool.
Server work good, because when I run it, the dash char appear so it means that listen to.
Only client don't work. I run client from direction
c:\xampp\tomcat\webapps\ram>java ProduktKlient.
in my console.
Maybe is something wrong in my policy file(nowy.txt). May it file have extension .txt instead of .policy? -
ACS 4.2.1: adding new AAA clients through odbc import
Hello,
we have added the user defined vendor RADIUS_HUAWEI to our Cisco ACS 4.2.1 Windows Server.
Unfortunately there is a problem with importing network devices through odbc connection using the accountactions table with the action code 220.
The documentation tells us :
220
ADD_NAS
VN, V1, V2, V3
Adds a new AAA client (named in VN) with an IP address (V1), shared secret key (V2), and vendor (V3). Valid vendors are:
•VENDOR_ID_IETF_RADIUS—For IETF RADIUS.
•VENDOR_ID_CISCO_RADIUS—For Cisco IOS/PIX RADIUS.
•VENDOR_ID_CISCO_TACACS—For Cisco TACACS+.
•VENDOR_ID_AIRESPACE_RADIUS—For Cisco Airespace RADIUS.
•VENDOR_ID_ASCEND_RADIUS—For Ascend RADIUS.
•VENDOR_ID_ALTIGA_RADIUS—For Cisco 3000/ASA/PIX 7.x+ RADIUS.
•VENDOR_ID_AIRONET_RADIUS—For Cisco Aironet RADIUS.
•VENDOR_ID_NORTEL_RADIUS—For Nortel RADIUS.
•VENDOR_ID_JUNIPER_RADIUS—For Juniper RADIUS.
•VENDOR_ID_CBBMS_RADIUS—For Cisco BBMS RADIUS.
•VENDOR_ID_3COM_RADIUS—For Cisco 3COMUSR RADIUS.
The new user defined vendor is:
C:\Program Files\CiscoSecure ACS v4.2\bin>CSUtil.exe -listUDV
CSUtil v4.2(1.15), Copyright 1997-2009, Cisco Systems Inc
UDV 0 - RADIUS (RADIUS_HUAWEI)
Our action code and variables look like:
A=220
VN="xxx"
V1="10.10.10.10"
V2="blabla"
V3="VENDOR_ID_RADIUS_HUAWEI"
Error Code is as following:
06/22/2010,10:21:12,W03P-3413,ERROR,Parse Error: Reason - Host vendor is unknown [A=220 UN="" GN="" AI="" VN="xxx" V1="10.10.10.10" V2="blabla" V3="VENDOR_ID_RADIUS_HUAWEI"]
Does anybody knows the correct name for the V3-variable to import the network device in a correct way?
Best regards
Torsten WaibelHello,we
have a new acs appliance (1113) with version 4.2.1.15 and we want to
authenticate user through ssh from routers with ios xr software.
unfortunately this doesn't work.Here ist our configuration of the router:##################################################line template VTY
access-class ingress abcd!tacacs-server host x.x.x.x port 49 single-connectiontacacc-server key 7 test!tacacs source-interface Loopback13!ssh server v2
ssh timeout 60! AAA config
aaa accounting exec default start-stop group tacacs+
aaa accounting network default start-stop group tacacs+
aaa accounting commands default start-stop group tacacs+
aaa authorization exec default group tacacs+ none
aaa authorization commands default group tacacs+ none
aaa authentication login default group tacacs+ local##################################################does anybody has a solution for this problem?thnx and best regardsTorsten Waibel
Hi Torsten Waibel,
For ssh to support you should have a cryptography ios image in router and check the following command in line vty that transpot input ssh under line vty cofiguration.
If helpful do rate the post
Ganesh.H -
Communicate with EX-92016 pci card
Hi all,
I'm new in this topic, to communicate with "EX-92016
16 channel Isolated Analog input card" with LabVIEW.
How can i do it?
Which VI should I use for it? Pls reply
Its data sheet is available on the net. Link:http://www.topsccc.ru/product/iocard/ex92016.htm
regards,
ShrekSeems that they provide a software toolkit for LabVIEW.
Try to search for a download or contact them to get it.
Christian -
Hi,
I've successfully (as far as I can tell) deployed SCCM 2012 SP1 CU3 and all my existing clients are showing a client version of 5.00.7804.1400. But when I setup a new client system recently I noticed that the client version was showing 5.00.7804.1000,
and not 5.00.7804.1400.
For new client systems, do I need to redeploy the packages that were created for SCCM 2012 SP1 CU3 so that the new systems get the new SCCM 2012 SP1 CU3 client?
Thanks,
NickHi,
Here's some good information to look over:
http://sccmfaq.wordpress.com/2013/09/24/sccm-2012-include-cu-in-osd/
I haven't followed these instructions myself, since I haven't really had any good reason to include CUs during the initial installation process. I use this method instead and I've never run into any problems:
http://www.ronnipedersen.com/2013/06/installing-sccm-2012-sp1-cu2-quick-start-guide/
Don't retire TechNet! -
(Don't give up yet - 12,575+ strong and growing)
Maybe you are looking for
-
I tried the old fix posted by jscher2000 about "To try to block sites from interfering with the copy action, you can switch a setting under the covers." and followed his directions re the "about:config" and switched the dom.event.clipboardevents.enab
-
How do i delete all personal info on my macbook air before i sell it?
I`m about to sell my macbook air and want to delete all personal info on the computer (pictures, files, music and so on) how do I do this? Want the computer to start as it did when it was new... Regards Kris
-
Swapping not possible in Portal
Dear Friends, I have a report which has weekly and monthly version with keyfigures in rows. I have calendar week in columns. The output is fine in BEx. I am able to swap calendar week with other chars which are in free chars. But on portal I am not a
-
Browser back button does not work (IE) - Error On Page message
Just take over website from our designer; I'm new, probably doing more fiddling on the live remote website than I should be... http://www.cmcwny.org Error On Page message, internal links work, but the browser Back button does not (at least in IE). I
-
I'm bouncing and no audio is making it on the region or regions being bounced. Help?