New WLC Deployment, which Authentication to use

Similar Messages

• Help adding new WLC to existing ACS

  Hi All,
  I need help with this.
  This network has a working WLC that authenticates wireless users against an ACS by MAC address. It works fine.
  I need to add a new WLC.
  I added the WLC, the APs connect to the WLC fine, but the users get limited connectivity and we've found out that is because the new WLC is getting authentication errors against the ACS.
  The configuration of the new WLC is exactly the same as the current working WLC and both controllers show as AAA clients on the ACS.
  I want to know if somebody can point me out in the right direction to solve this.
  There's connectivity fine between all devices (as far as PING goes), and there's no Firewall or filters in between.
  The difference I see on both WLCs is that on the working one (WLC1), under Security - AP Policies, we see the AP Authorization List with the MAC addresses/cert type/hash.  We don't get this information on the non-working WLC (attached document shows both)
  Also in the attached document, I'm sending the errors I get no the WLC2 controller.
  Any help is greatly appreciated.
  Federico.

  Federico,
  I didn't get you when you say that you see only One WLC under groupsetup/Mac address. Could you please elaborate this?
  Also, if you don't know see any NAR configured under shared profile component then check inside the group/user setup there must be either ip based or CLI/DNIS based NAR configured for WLC's and looking at failed attempts it seem that action is denied.
  HTH
  Regds,
  JK
  Do rate helpful posts-

• WLC, mapping new dynamic interface to an already used port

  This is my question
  We have a multiple wlc deployment and a wlan which is running dhcp issues (scopes exhausted)
  The main Wlan is mapped to a dynamic interface group (2 vlans), both vlans are mapped to a single physical port
  adding a new dynamic interface (vlan) to the interface group is needed,
  - a new dynamic interface will be created and mapped to the same physical port of the other two (3 vlans)
  - the new interface will be addad to the interface group
  the question is:
  does this operation will require some network downtime (controller reboot,ap reboot... etc.) or will it be a seamless operation?
  thank you

  Does this mean, when utilizing an 802.1x WLAN in an AP Group, you can  not dynamically assign an interface via radius because itw ill be  ignored due to the AP Group settings?  If so, that seems short sited to  me?
  AAA override get priority when AAA override and AP group is used. the debug client output should show site specific over-ride for AP group initially and once it goes into .1x auth it will return the overrided vlan.

• I have bought a new macbook pro 13 retina. I had an apple id with my iPhone 4 which I stopped using a month ago. Now I am trying to download the apps, notes and contacts onto my mac but it is not happening? Any help will be gratefully accepted

  I have bought a new macbook pro retina 13. I am not too familiar with Mac yet. I had an apple account with my iphone 4 which I stopped using a month ago. Now when I was trying to download the apps from that account  but I dont know how to do this and I am unable to do so. I would be grateful if anyone can advise me with regards to this?

  You cannot download the same Apps that you have on your iPhone. They are two seperate stores.
  The store you have on your iPhone is the same for any iDevice (iPad, iPhone and iPod)
  The store on your MacBook is only for Macs.

• I had an Apple account on my old Lap Top to which my iPad  and iPhone were syncd. I now have a new Lap Top and when I tried to access my apple ID on it I was asked to sign up for a new account. I can't use any of them.

  I need help. I had an apple account on my old Lap Top to which my iPad and iPhone were synced ?  I recently changed my lap top. My problem is the new lap top won't accept my apple I D it asked me to sing up for a new one which I did. After doing this I  tried to sync my iPad and phone to the new lap top which I was unable to do as they didn't recognise my new ID. HELP!!!!!! 

  cathorio wrote:
  I recently changed my lap top. My problem is the new lap top won't accept my apple I D it asked me to sing up for a new one which I did.
  I am puzzled by this. The laptop doesn't need the Apple ID - but iTunes does. I could be missing something but ....
  Why would you not be able to use your existing Apple ID and iTunes account on a new laptop? If you authorized the computer - you should be able to use your existing account - unless you already had 5 computers authorized with the existing ID - and that was why iTunes would not accept the ID. However, I'm sure that you would have received a popup message from iTunes telling you that you had reached the limit.
  I just received a new MBP and my daughter did as well. My entire family shares an Apple ID and we had no issues at all with my Apple ID and iTunes on our new computers and I did not have to sign up for a new account. Did you even try the old ID?

• I have a mixer which i was using with my pc and now i bought a new macbook and it have only one jack for headphones and to use mixers i need jack for microphone too so what should i do

  i have a mixer which i was using with my pc and now i bought a new macbook and it have only one jack for headphones and to use mixers i need jack for microphone too so what should i do

  You need to get headset splitter adapter.
  http://www.startech.com/Cables/Audio-Video/Audio-Cables/35mm-4-Position-to-2x-3- Position-35mm-Headset-Splitter-Adapter-Male-to-Female~MUYHSMFF

• Hello,  My old email address which I have used as my apple id for 10 years is being made redundant. I have changed the email address to a new gmail one and this is my new apple id. But my iMac has not recognised this. It keeps saying it wants the pa

  Hello,
  My old emails address which I have used as my apple id for 10 years is being made redundant. I have changed the email address to a new gmail one and this is my new apple id. But my iMac has not recognised this. It keeps saying it wants the password for my old email address. I have seen some advice on these forums which suggest signing out of iCloud and then back in again. But when I start doing this it asks me if i want all the photos deleted that have not been downloaded onto the mac.
  I have had an iCloud account for quite sometime and I'm afraid of losing everything in my cloud if i sign out and sign in with a new id.
  Is this fear realistic?
  I know I can change back to my old email, sign out and then sign in wight he new one...
  Please help!

  This did not work for me.  My old email account for iCloud still pops up on my screen every time I open my macbook.  I've deleted it, reset it, every thing I can think of and it still shows up.  I think six months of this is more than enough time to wait.
  RDG

• I have a very old (by computer standards) MacBook Pro, and a newer one.  I've been using the old one mostly for iTunes, into which I have only CD entries.  For a long time, years, the old MacBook pro ceased entering the song titles.  This is very time con

  I have a very old (by computer standards) MacBook Pro, and a newer one.  I've been using the old one mostly for iTunes, into which I have only CD entries.  For a long time, years, the old MacBook pro ceased entering the song titles.  This is very time consuming for me, so I finally investigated a bit further.
  I discovered how to enter the track titles onto my newer MacBook Pro, and was so pleased!  But when I tried to do the same with the other laptop, it failed. 
  What I did, basically, was what the Apple Help suggested--choose iTunes General Preferences, etc.etc.  And yes, I did upgrade the old laptop to the newest iTunes version.
  Am I just wasting my time here? Is there some reason why an older Mac Pro will not do what the newer one will, with regard to iTunes?
  My older laptop is a 2.6 GHz Core Duo; it has 36 GB of "memory available."  The newer one  a 2.3 GHz Intel Core i7. It has 284 GB of memory available.
  Both are using the same version of Snow Leopard--10.6.8.

  I have a very old (by computer standards) MacBook Pro, and a newer one.  I've been using the old one mostly for iTunes, into which I have only CD entries.  For a long time, years, the old MacBook pro ceased entering the song titles.  This is very time consuming for me, so I finally investigated a bit further.
  I discovered how to enter the track titles onto my newer MacBook Pro, and was so pleased!  But when I tried to do the same with the other laptop, it failed. 
  What I did, basically, was what the Apple Help suggested--choose iTunes General Preferences, etc.etc.  And yes, I did upgrade the old laptop to the newest iTunes version.
  Am I just wasting my time here? Is there some reason why an older Mac Pro will not do what the newer one will, with regard to iTunes?
  My older laptop is a 2.6 GHz Core Duo; it has 36 GB of "memory available."  The newer one  a 2.3 GHz Intel Core i7. It has 284 GB of memory available.
  Both are using the same version of Snow Leopard--10.6.8.

• HT5622 My apps are not updating as I have no longer access to my eariler apple Id and now I am using a new apple Id which is allowing to download  apps but while updating those apps my iPod wants eariler apple Id password to update what should I do ?

  My apps are not updating as I have no longer access to my eariler apple Id and now I am using a new apple Id which is allowing to download  apps but while updating those apps my iPod wants eariler apple Id password to update what should I do ?

  Hi Kanishk,
  Those apps are forever tied to the Apple ID they were purchased under. You can either delete them and re-purchase them, or you can go to Manage your Apple ID and reset the password on the old Apple ID so you can use it to update your apps: Apple - My Apple ID
  If you decide to continue to use them under the old ID password, I would suggest that when you reset that password, you change it to be the same password as the one you are currently using. That way when apps need to be updated you will only need to know one password and you won't have to be concerned with which Apple ID is displaying.
  Cheers,
  GB

• BPM 10g - issue wile deploying the exp file which is generated using ANT

  Hello,
  I'm trying to deploy exp file in process administrator which is generated using the Ant Zip task( pointed the basedir as CVS project root folder) and this deployment failed with exception : Unable to import project
  Do we have any ant task to generate .exp from CVS ???
  Ant Build file :_*
  <target name="BPMProject" description="BPMProject.zip file from the Cvs Source folder ">
       <zip destfile="..BPMProject.exp" basedir="../BPMProject" update="true" encoding = "UTF-8" />
  </target>
  Complete Stack Trace :_
  <W> 0705 13:31:25.746] Main (<7> http-8686-Processor16): Error BPM-1341541082741
  [     (cont)     ] Main: java.lang.NullPointerException
  [     (cont)     ] Main: java.lang.NullPointerException
  [     (cont)     ] Main:      at fuego.project.io.fs.export.ProjectZipper.unzipProject(ProjectZipper.java:256)
  [     (cont)     ] Main:      at fuego.project.io.fs.export.ProjectZipper.unzipAllProjects(ProjectZipper.java:154)
  [     (cont)     ] Main:      at fuego.webconsole.model.JSFPublicationInfo.unzipProject(JSFPublicationInfo.java:1779)
  [     (cont)     ] Main:      at fuego.webconsole.model.JSFPublicationInfo.fileUploadAction(JSFPublicationInfo.java:265)
  [     (cont)     ] Main:      at fuego.webconsole.model.JSFPublicationInfo.nextPageAction(JSFPublicationInfo.java:1169)
  [     (cont)     ] Main:      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  [     (cont)     ] Main:      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  [     (cont)     ] Main:      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  [     (cont)     ] Main:      at java.lang.reflect.Method.invoke(Method.java:585)
  [     (cont)     ] Main:      at com.sun.faces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:126)
  [     (cont)     ] Main:      at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:72)
  [     (cont)     ] Main:      at javax.faces.component.UICommand.broadcast(UICommand.java:312)
  [     (cont)     ] Main:      at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:267)
  [     (cont)     ] Main:      at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:381)
  [     (cont)     ] Main:      at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:75)
  [     (cont)     ] Main:      at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:200)
  [     (cont)     ] Main:      at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:90)
  [     (cont)     ] Main:      at javax.faces.webapp.FacesServlet.service(FacesServlet.java:197)
  [     (cont)     ] Main:      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
  [     (cont)     ] Main:      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  [     (cont)     ] Main:      at fuego.web.filter.CharsetFilter.doFilter(CharsetFilter.java:48)
  [     (cont)     ] Main:      at fuego.web.filter.BaseFilter.doFilter(BaseFilter.java:63)
  [     (cont)     ] Main:      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
  [     (cont)     ] Main:      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  [     (cont)     ] Main:      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
  [     (cont)     ] Main:      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
  [     (cont)     ] Main:      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
  [     (cont)     ] Main:      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
  [     (cont)     ] Main:      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
  [     (cont)     ] Main:      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
  [     (cont)     ] Main:      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
  [     (cont)     ] Main:      at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:667)
  [     (cont)     ] Main:      at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
  [     (cont)     ] Main:      at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
  [     (cont)     ] Main:      at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
  [     (cont)     ] Main:      at java.lang.Thread.run(Thread.java:595)
  [     (cont)     ] Main:
  [<D> 0705 13:31:25.752] Main (<7> http-8686-Processor16): Context->contextcom.sun.faces.context.FacesContextImpl@117064c
  [<D> 0705 13:31:25.753] Main (<7> http-8686-Processor16): clientId = PublishForm:uploadedFile

  Hi
  PFB the details from the log file...If i migrate the same via jdeveloper, i don't get any errors..
  SEVERE: Upgrade failed. Check the logs for any exceptions. Ensure that the WSDL URLs specified in the project are reachable and a valid 10.1.3.x project is used for upgrade. Before re-attempting upgrade, restore the original project code source from the backup directory.
  java.lang.NullPointerException
  *     at oracle.viewgen.plugin.bpel.BPELPlugin.getReferenceProperties(BPELPlugin.java:403)*
  *     at oracle.viewgen.composite.CompositeUtil.setupCompositeRefs(CompositeUtil.java:586)*
  *     at oracle.viewgen.composite.CompositeUtil.createComposite(CompositeUtil.java:320)*
  *     at oracle.viewgen.ViewGenerator.main(ViewGenerator.java:316)*
  Caused by: java.lang.NullPointerException
  *     at oracle.viewgen.plugin.bpel.BPELPlugin.getReferenceProperties(BPELPlugin.java:352)*
  *     ... 3 more*

• I've got a Mac Book Pro 17" 2008 with FCS 2. Compressor 3 only gives me MOV-1 which are no use so I've bought Compressor 4 from the App store: it says the graphic card is not compatible. Can I install a new card on my mbp? If so which is best? Thanks John

  I've got a 17" Mac Book Pro with Snow Leopard and Final Cut Studio 2 . Compressor 3 is only giving MOV-1 which are no use to me. So I've bought Compressor 4 from the App store which it says isn't compatible with the graphics card on my 2008 mbp. Can I
  Install a new graphics card on my computer if so which one? If not can I solve the MOV-1 problem ?
  Thanks in anticipation
  John Lawrence

  Ask here:
  https://discussions.apple.com/community/professional_applications/final_cut_stud io

• Why can't I make a purchase from my new IPod using a new credit card which is different from the one registered with my apple account ?

  Why can't I make a purchase from my new IPod using a new credit card which is different from the one I have registered with iTunes before ?

  You can only use one credit card to one Apple ID.

• Which clients are using my Sun One server for authentication?

  We use Sun One ver. 5.2 .
  Our LDAP clients use it for authentication.
  How can I list which clients recently used the Sun One server to authenticate?
  The reason I need that is because I want to upgrade the Sun One server and I want to notify the clients that I'm about to do it.
  Thanks.

  https://www.redhat.com/archives/fedora-directory-users/2005-September/msg00010.html
  Useful script to extract LDAP based user posixGroup memberships information
  ===
  Assuming you are using posixGroup objectclass and memberUid attribute to
  store your membership information, you may find my shell script useful
  and handy.
  It works on Solaris LDAP Client with "ldapaddent" and "ldaplist"
  commands, and works against FDS, SUN DS or OpenLDAP.
  ===
  Gary

• Which scenerio we use at new and on change....

  i which scenerio we use at new then on change....
  basically what is the difference b/w them...

  Hi,
  if u use 'at-new' statement , basically it dont pick first record of the itab where as 'on chage of' can pick from first record.
  all these control brake statements can work with header line except 'on change of' event.
  At New.
  Effect
  Beginning or end of a group of lines with the same content in the component comp1 comp2 ... and in the components to the left of comp1 comp2 .... The components comp1 comp2 ... can be specified, as described in the section Specification of Components, with the limitation that access to object attributes is not possible here.
  Example:
  codeLOOP AT itab result ...
  [AT NEW comp1.
  ENDAT.
  endloop.[/code]
  On Change of:
  Effect:
  The statements ON CHANGE OF and ENDON, which are forbidden in classes, define a control structure that can contain a statement block statement_block. After ON CHANGE OF, any number of data objects dobj1, dobj2... of any data type can be added..
  Example:
  In a SELECT loop, a statement block should only be executed if the content of the column CARRID has changed.
  codeDATA spfli_wa TYPE spfli.
  SELECT *
  FROM spfli
  INTO spfli_wa
  ORDER BY carrid.
  ON CHANGE OF spfli_wa-carrid.
  ENDON.
  ENDSELECT.[/code]
  difference btwn at new and on change of

• How to find which authentication used to site collection and site using powershell

  Hi,
  How to find  how-many web app, sitecollection, site used Windows authentication,claim authentication and classic, secure store authention , adfs authentication using powershell code in sharepoint 2013.
  If sites are used adfs authentication how to find which email id used for that.
  Thanks,

  Authentication is only defined at the Web Application level, and the only valid auth methods are Classic (Windows (Basic/NTLM/Kerberos)), Claims (Windows (Basic/NTLM/Kerberos)), FBA Claims, , SAML Claims (ADFS), and Anonymous.
  You can find out what authentication scheme(s) are enabled via:
  $wa = Get-SPWebApplication http://webApp1$wa.IisSettings["Default"] #replace with the zone name you're interested in
  The output will look similar to this:
  PS C:\Users\trevor> $wa.IisSettings["Default"]
  AuthenticationMode : Forms
  MembershipProvider : i
  RoleManager : c
  AllowAnonymous : False
  EnableClientIntegration : True
  ServerBindings : {Microsoft.SharePoint.Admini
  stration.SPServerBinding}
  SecureBindings : {}
  UseWindowsIntegratedAuthentication : True
  UseBasicAuthentication : False
  DisableKerberos : True
  ServerComment : SharePoint
  Path : C:\inetpub\wwwroot\wss\Virtu
  alDirectories\spwebapp180
  PreferredInstanceId : 42768054
  UseClaimsAuthentication : True
  ClaimsAuthenticationRedirectionUrl :
  UseFormsClaimsAuthenticationProvider : False
  FormsClaimsAuthenticationProvider :
  UseTrustedClaimsAuthenticationProvider : False
  UseWindowsClaimsAuthenticationProvider : True
  OnlyUseWindowsClaimsAuthenticationProvider : True
  WindowsClaimsAuthenticationProvider : Microsoft.SharePoint.Adminis
  tration.SPWindowsAuthenticat
  ionProvider
  ClaimsAuthenticationProviders : {Windows Authentication}
  ClaimsProviders : {}
  ClientObjectModelRequiresUseRemoteAPIsPermission : True
  UpgradedPersistedProperties : {}
  So on this Web Application in the Default Zone you can tell I have Windows Claims enabled, not using Kerberos (so using NTLM), and Trusted (SAML/ADFS) is not enabled, neither is Forms or Anonymous.
  Trevor Seward
  Follow or contact me at...
  This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.