Nexus 9000 and ACL

We are replacing all of the switches in the network with two Nexus 93128 switches. We have 4 VLANS and need to add security between the MGNT VLAN, IIS Server VLAN, application VLAN and DB VLAN. This is all internal use, no external users. The problem is that they all need access to the internet for updates and call home to an outside vendor for monitoring.
Should I put ACL's at the switch level or route everything back to the ASA5520 for security and routing.

Anything that has to go to the web should go back to the Firewall.

Similar Messages

Visio Stencil Request- Nexus 9000 Series

Hello there,
I attempted to download the Visio Stencils for the Nexus 9000, but inside was the stencils for the ASR 1000 series. Has anyone else seen this? When can we expect the stencils for the Nexus 9000 series?
Thanks in advance!

Hi,
Sorry for not responding more quickly. Unfortunately, I don't know of any reason why this .vss would not open in OmniGraffle since it was produced using the same techniques in our standard production process. The file is saved in Visio 2002 "or later" format for maximum compatibility with Visio. The Omni Group is responsible for the conversion from Visio to OmniGraffle formats so they would be the ones to question about this. Our mission is to support Visio users and our operations are Windows based so we do not test the stencils on Macs although we do our best to produce files that can be used in OmniGraffle.
Regards,
Brett Newman
Cisco Visio Production
Visimation Inc.
www.shapesource.com

Diff b/w Nexus 5548P and 5548UP

What is the
Diff b/w Nexus 5548P and 5548UP
regards.

Hi,
A UP or Unified ports allow you to configure ports as Ethernet, native Fibre Channel or Fibre Channel over Ethernet (FCoE) ports. By default, the ports are Ethernet ports but you can change the port mode to Fibre Channel on the following unified ports:
Any port on the Cisco Nexus 5548UP switch or the Cisco Nexus 5596UP switch.
The ports on the Cisco N55-M16UP expansion module that is installed in a Cisco Nexus 5548P switch.
More details:
http://www.cisco.com/web/techdoc/dc/reference/cli/nxos/commands/l2/port.html
Comapre 5548 and 5548:
http://www.cisco.com/en/US/products/ps9670/prod_models_comparison.html
./Abhinav

How to download MIB for NXOS or platform Nexus 7010 and Nexus 7004

Hello,
I need to monitor my Nexus 7004 and 7010 by my SNMP Agent, but I can't find the way to donload the required MIBs.
For information I'm running the folling images:
bootflash:///n7000-s2-dk9.6.2.6b.bin
bootflash:///n7000-s1-dk9.6.1.5.bin
By advance thanks for the support
Gildas

The module you are running requires a minimum software version of 5.1.
You are currently running 5.0.3 which is why the module is not
recognized.
Below is a link that explains this:
http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/data_s
heet_c78-605482.html
Product Specification
Table 3 lists the specifications for the Cisco Nexus 7000 32-Port 10 Gigabit Ethernet
Module with XL Option.
Table 3. Product Specifications
Item
Specifications
System
Product compatibility
Supported in all Cisco Nexus 7000 Series chassis
Software compatibility
Cisco NX-OS Software Release 5.1 or later (minimum requirement)
You would need to upgrade you software.
Hope this helps.
Regards
Muhammed M

Errors found when using tar and ACL's

Having difficulties with TAR and ACLs, and wondering if anyone had seen this before.
Here's the scenario: create a few directories and a few files. Tar it up and extract the files. Now assign some ACL's to them (some default for directories), tar it up, and extract the files. Permissions should remain the same. Under most circumstances they are.
Now repeat the procedure, but put a default directory ACL on the parent directory where the TAR is created. What happens is that the group permissions for anything un-tared gets trashed.
Here's a script to test it out.
Create a dummy user (I called mine foobar) -- required for setting ACL's. Run the script with the "-d" option at first. Things appear good. You can compare the permissions on the bottom for each file/directory.
Run the script with the "-s" option setting default ACL's on the parent.
#!/usr/bin/sh
ROOTDIR=/export/home/christian/config
TESTDIR=/export/home/christian
USER_X="oam"
# Run the script once with normal permissions (no ACL's) in the test directory (where tar is located)
# --> ./test.sh -d
# look at the result (ls -l) of .../sub1dir, .../sub1dir_acl, and /sub1dir_orig
# They should be relatively the same:
# --> rwxrwxrwx permissions on directories
# --> rw-rw-rw- on files
# Now run the script but set the parent directory of the script (where the TAR's are located) to have default ACL's
# --> /opt/MMSsyscnf/sub2dir/test/test.sh -s
# Now look at the result (ls -l) of .../sub1dir, .../sub1dir_acl, and /sub1dir_orig
# They are COMPLETELY skewed. Both times we tried to untar the files, ACL's wound up
# all over the place and permissions were not set correctly.
# --> rwxrwxrwx permissions ONLY on original directory (not the product of an UNTAR)
# --> rwxr--rwx permissions on directories created by untar
# --> rw-rw-rw- on files ONLY on original directory (not the product of an UNTAR)
# --> rw-r--rw- on files created by untar
# ****** Why is group affected by this, but "other" is not?! It's gotta be a bug!
# MAIN
ACTION="NOPREP"
while [ -n "$1" ]
do
if [ "ABC$1" = "ABC-d" ]; then
#flag set to try and remove default directory ACL's
setfacl -d u:$USER_X $TESTDIR
setfacl -d d:u:$USER_X $TESTDIR
setfacl -d d:u::,d:g::,d:m:,d:o: $TESTDIR
elif [ "ABC$1" = "ABC-s" ]; then
setfacl -r -m d:u::rw-,d:g::r--,d:o:---,d:m:rwx $TESTDIR
setfacl -r -m d:u:$USER_X:rw- $TESTDIR
setfacl -r -m u:$USER_X:r-x $TESTDIR
fi
shift;
done
# clean up previous run of the test
rm -r $ROOTDIR
# create files/directories
mkdir $ROOTDIR
mkdir $ROOTDIR/sub1dir
mkdir $ROOTDIR/sub1dir/sub2dir
mkdir $ROOTDIR/sub1dir/sub2dir/sub3dir
#set permissions
chmod 777 $ROOTDIR
chmod 777 $ROOTDIR/sub1dir
chmod 777 $ROOTDIR/sub1dir/sub2dir
chmod 777 $ROOTDIR/sub1dir/sub2dir/sub3dir
# create files
echo "" > $ROOTDIR/sub1dir/sub2dir/file1.txt
echo "" > $ROOTDIR/sub1dir/sub2dir/sub3dir/file2.txt
chmod 666 $ROOTDIR/sub1dir/sub2dir/file1.txt
chmod 666 $ROOTDIR/sub1dir/sub2dir/sub3dir/file2.txt
# tar/zip the files:
/usr/bin/tar -cvf $ROOTDIR/tarBeforeACLs.tar $ROOTDIR/sub1dir
/usr/bin/gzip $ROOTDIR/tarBeforeACLs.tar
# move the directory (so we keep the original as a template of what things should look like)
mv $ROOTDIR/sub1dir $ROOTDIR/sub1dir_orig
# untar/zip the files:
/usr/bin/gunzip $ROOTDIR/tarBeforeACLs.tar
/usr/bin/tar -xvf $ROOTDIR/tarBeforeACLs.tar
ls -lR $ROOTDIR
# Ok. These have been tested to be the exact same.
echo "********************************************************************************"
echo "********************************************************************************"
echo "********************************************************************************"
# Let's try using ACL's now
# --> directories (owned by root) must be acessible to OAM user.
# --> files (owned by root) must be read/writable by user OAM when created in the directories
setfacl -r -m u:$USER_X:r-x $ROOTDIR/sub1dir
setfacl -r -m u:$USER_X:r-x $ROOTDIR/sub1dir/sub2dir
setfacl -r -m u:$USER_X:r-x $ROOTDIR/sub1dir/sub2dir/sub3dir
setfacl -r -m u:$USER_X:rw- $ROOTDIR/sub1dir/sub2dir/file1.txt
setfacl -r -m u:$USER_X:rw- $ROOTDIR/sub1dir/sub2dir/sub3dir/file2.txt
setfacl -r -m d:u::rw-,d:g::r--,d:o:---,d:m:rwx $ROOTDIR/sub1dir
setfacl -r -m d:u:$USER_X:rw- $ROOTDIR/sub1dir
setfacl -r -m d:u::rw-,d:g::r--,d:o:---,d:m:rwx $ROOTDIR/sub1dir/sub2dir
setfacl -r -m d:u:$USER_X:rw- $ROOTDIR/sub1dir/sub2dir
setfacl -r -m d:u::rw-,d:g::r--,d:o:---,d:m:rwx $ROOTDIR/sub1dir/sub2dir/sub3dir
setfacl -r -m d:u:$USER_X:rw- $ROOTDIR/sub1dir/sub2dir/sub3dir
# here are things as they stand
ls -lR $ROOTDIR
echo "********************************************************************************"
echo "********************************************************************************"
echo "********************************************************************************"
# tar/zip the files:
/usr/bin/tar -cvfp $ROOTDIR/tarAfterACLs.tar $ROOTDIR/sub1dir
/usr/bin/gzip $ROOTDIR/tarAfterACLs.tar
# move the directory (so we keep the directory that was applied ACL's)
mv $ROOTDIR/sub1dir $ROOTDIR/sub1dir_acl
# untar/zip the files:
/usr/bin/gunzip $ROOTDIR/tarAfterACLs.tar
/usr/bin/tar -xvfp $ROOTDIR/tarAfterACLs.tar
# here are things after we've untared them
ls -lR $ROOTDIR
echo "********************************************************************************"
echo "********************************************************************************"
echo "********************************************************************************"
getfacl $ROOTDIR/sub1dir_orig $ROOTDIR/sub1dir_acl $ROOTDIR/sub1dir
echo "********************************************************************************"
getfacl $ROOTDIR/sub1dir_orig/sub2dir $ROOTDIR/sub1dir_acl/sub2dir $ROOTDIR/sub1dir/sub2dir
echo "********************************************************************************"
getfacl $ROOTDIR/sub1dir_orig/sub2dir/sub3dir $ROOTDIR/sub1dir_acl/sub2dir/sub3dir $ROOTDIR/sub1dir/sub2dir/sub3dir
echo "********************************************************************************"
getfacl $ROOTDIR/sub1dir_orig/sub2dir/file1.txt $ROOTDIR/sub1dir_acl/sub2dir/file1.txt $ROOTDIR/sub1dir/sub2dir/file1.txt
echo "********************************************************************************"
getfacl $ROOTDIR/sub1dir_orig/sub2dir/sub3dir/file2.txt $ROOTDIR/sub1dir_acl/sub2dir/sub3dir/file2.txt $ROOTDIR/sub1dir/sub2dir/sub3dir/file2.txt
echo "********************************************************************************"
Any ideas?

UFSDUMP has some limitations, including being on a file system that is read-only. Yes, I could force it on a read-write FS, but I normally stay away from big sticker labels found in man pages when I encounter them. :-(
What I was originally after was a script that makes a backup of application configuration files before I modify them. Thus, I tar/zip the directory.
These config files/directores have ACL's attached to them to allow various roles to access them (group permissions are not fine-grain enough). However, when I ran through a couple of tests, I came across a scenario that overwrote the original permissions. Tested it on Solaris 10 and Solaris 9, and both fail.
So now (very late into the feature design) I'm VERY concerned about using ACL's on Solaris, and wonder what other side-effects there are that I'm not aware of. Can't seem to find a bug report on it, so I thought I'd ask around to see if it was just the behaviour of the TAR/ACL that I'm not quite getting, or if it really is a bug.
/chris

Role based security and ACLs

Hello,
I have a question regarding Roles and ACLs. I understand that I can use one or more security realms to host users, groups, and ACLs. (In fact I am implementing a custom realm for users and groups like RDBMSRealm, and wanted WLPropertyRealm to handle ACL/permission based duties.)
Reading the "Writing a Web Application" it is apparent that ACLs are not supposed to be used for Servlets/JSP anymore, but rather to map roles to security principals via the deployment descriptor files for the web application.
So:
1. I assume that Weblogic will determine, once I have authenticated the user in my realm, whether or not the user is in a certain role, and therefore, whether or not they have access to a particular resource?
2. What happened to the concept of permissions? Is it assumed that if the user is in the required role that they have permission to execute the servlet/JSP?
3. Does it make sense to talk about ACLs anymore? A checkPermissions() method on an Acl object doesn't make sense now. Instead am I to use isUserInRole() ? (This doesn't seem the same to me - asking if User A has execute permission on this resource is different than asking if User A is in the CSR role.)
Your response is appreciated.

Hello,
I have a question regarding Roles and ACLs. I understand that I can use one or more security realms to host users, groups, and ACLs. (In fact I am implementing a custom realm for users and groups like RDBMSRealm, and wanted WLPropertyRealm to handle ACL/permission based duties.)
Reading the "Writing a Web Application" it is apparent that ACLs are not supposed to be used for Servlets/JSP anymore, but rather to map roles to security principals via the deployment descriptor files for the web application.
So:
1. I assume that Weblogic will determine, once I have authenticated the user in my realm, whether or not the user is in a certain role, and therefore, whether or not they have access to a particular resource?
2. What happened to the concept of permissions? Is it assumed that if the user is in the required role that they have permission to execute the servlet/JSP?
3. Does it make sense to talk about ACLs anymore? A checkPermissions() method on an Acl object doesn't make sense now. Instead am I to use isUserInRole() ? (This doesn't seem the same to me - asking if User A has execute permission on this resource is different than asking if User A is in the CSR role.)
Your response is appreciated.

ESXi 4.1 NIC Teaming's Load-Balancing Algorithm,Nexus 7000 and UCS

Hi, Cisco Gurus:
Please help me in answering the following questions (UCSM 1.4(xx), 2 UCS 6140XP, 2 Nexus 7000, M81KR in B200-M2, No Nexus 1000V, using VMware Distributed Switch:
Q1. For me to configure vPC on a pair of Nexus 7000, do I have to connect Ethernet Uplink from each Cisco Fabric Interconnect to the 2 Nexus 7000 in a bow-tie fashion? If I connect, say 2 10G ports from Fabric Interconnect 1 to 1 Nexus 7000 and similar connection from FInterconnect 2 to the other Nexus 7000, in this case can I still configure vPC or is it a validated design? If it is, what is the pro and con versus having 2 connections from each FInterconnect to 2 separate Nexus 7000?
Q2. If vPC is to be configured in Nexus 7000, is it COMPULSORY to configure Port Channel for the 2 Fabric Interconnects using UCSM? I believe it is not. But what is the pro and con of HAVING NO Port Channel within UCS versus HAVING Port Channel when vPC is concerned?
Q3. if vPC is to be configured in Nexus 7000, I understand there is a limitation on confining to ONLY 1 vSphere NIC Teaming's Load-Balancing Algorithm i.e. Route Based on IP Hash. Is it correct?
Again, what is the pro and con here with regard to application behaviours when Layer 2 or 3 is concerned? Or what is the BEST PRACTICES?
I would really appreciate if someone can help me clear these lingering doubts of mine.
God Bless.
SiM

Sim,
Here are my thoughts without a 1000v in place,
Q1. For me to configure vPC on a pair of Nexus 7000, do I have to connect Ethernet Uplink from each Cisco Fabric Interconnect to the 2 Nexus 7000 in a bow-tie fashion? If I connect, say 2 10G ports from Fabric Interconnect 1 to 1 Nexus 7000 and similar connection from FInterconnect 2 to the other Nexus 7000, in this case can I still configure vPC or is it a validated design? If it is, what is the pro and con versus having 2 connections from each FInterconnect to 2 separate Nexus 7000? //Yes, for vPC to UCS the best practice is to bowtie uplink to (2) 7K or 5Ks.
Q2. If vPC is to be configured in Nexus 7000, is it COMPULSORY to configure Port Channel for the 2 Fabric Interconnects using UCSM? I believe it is not. But what is the pro and con of HAVING NO Port Channel within UCS versus HAVING Port Channel when vPC is concerned? //The port channel will be configured on both the UCSM and the 7K. The pro of a port channel would be both bandwidth and redundancy. vPC would be prefered.
Q3. if vPC is to be configured in Nexus 7000, I understand there is a limitation on confining to ONLY 1 vSphere NIC Teaming's Load-Balancing Algorithm i.e. Route Based on IP Hash. Is it correct? //Without the 1000v, I always tend to leave to dvSwitch load balence behavior at the default of "route by portID".
Again, what is the pro and con here with regard to application behaviours when Layer 2 or 3 is concerned? Or what is the BEST PRACTICES? UCS can perform L2 but Northbound should be performing L3.
Cheers,
David Jarzynka

Document browser and ACL Authorization

Dear friends,
We are working on ECC 6.0 and required to implement SAP DMS. As of with every ERP 2005 default two features are coming, document browser and ACL Authroization. These features are not required by users, so we need to de-activate these. We have a note for these wherein it is mentioned that one of the component is required to upgrade. We dont want to go with this. If any note is there by applying which we can de-activate those features will be well and good, instead of upgrading component.
Regards,

Dear Tushar,
This t-code will be enable only after support pack SAPKGPAD11 or greater version is implemented. Our client is not in the position to upgrade, by implementing support packs. Alternate solution if any, pls suggest. By applying any notes if we can de-activate these features, let us know.
Regards,
Punam

VN-Tag with Nexus 1000v and Blades

Hi folks,
A while ago there was a discussion on this forum regarding the use of Catalyst 3020/3120 blades switches in conjunction with VN-tag. Specifically, you can't do VN-Tag with that Catalyst blade switch sitting inbetween the Nexus 1000V and the Nexus 5000. I know there's a Blade switch for the IBM blade servers, but will there be a similar version for the HP C-class blades? My guess is NO, since Cisco just kicked HP to the curb. But if that's the case, what are my options? Pass-through switches? (ugh!)
Previous thread:
https://supportforums.cisco.com/message/469303#469303

wondering the same...

Interoperability issues between Nexus 5k and HP storageworks (8/20q)

Hello community,
I am trying to get a VM host and a windows server to connect to their storage across a nexus and HP (Qlogic) fabric switch. This is currently having issues with the VM host unable to see the datastores, possibly due to interoperability between Cisco and HP (Qlogic)
I have configured and tested the connectivity using only the cisco nexus and this worked, I then tested it using only the HP fabric switch (HP 8/20q) and this also worked.
However, when using the HP and Cisco Nexus as shown in the attached diagram, things stop working.
The connection is using Native Fibre channel, On the Cisco side I performed the following steps
Configured the Nexus with Domain ID 10 and the HP with Domain ID 20.
Connected the 2 fabric switches on fc1/48 (Cisco) and port 0 (HP) and confirmed that the ISL came up (E_port 8G), I confirmed connectivity using fcping both ways.
I connected the SAN to the Nexus and the servers to the HP
Configured VSAN 10
Added interfaces fc1/41 to 48 in VSAN 10
Created 2 zones ( ESXI and Windows)
Added the PWWN for the ESXI server and the MSA2040 to the ESXI zone
Added the PWWN for the Windows 2k8 server and MS2040 to the Windows zones
Created zoneset (Fabric-A) and added both the above zones in it
Activated the FABRIC-A zoneset
The result is that the zones and zoneset are synchronised to the HP switch .I confirmed that I was able to see the servers and SAN WWN in the correct zones on the HP.
From the 8/20q switch I am able to fcping the SAN, Nexus and servers, however the Nexus is only able to fcping the SAN and the HP, it returns a “no response from destination” when pinging the servers.
I have added the FCID for all the units in the same zones to see if it makes any difference to no avail the result seem to be the same. I have gone through various Nexus/MDS/HP/Qlogic user guides and forums; unfortunately I have not come across any that shows this specific topology.
source for HP user guide is here: http://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c02256394
I’m attaching the nexus config and partial view of the “show interface brief” showing the fibre channel port status
Interface Vsan   Admin Admin   Status          SFP    Oper Oper   Port
                  Mode   Trunk                          Mode Speed Channel
                         Mode                                 (Gbps)
fc1/47     10     auto   on      up               swl    F       8    --
fc1/48     10     auto   on      up               swl    E       8    --
Any help and advice would be greatly appreciated. thanks in advance

Hi all, after much reading, Walter Dey provided the hint to put me on the right track.
By default the Nexus 5k is in interop mode 1. However, one of the requirement for this to be "interoperable" with other vendor the FCDomain ID in the entire fabric needs to be between 97 and 127 as stated in the Cisco website.
http://www.cisco.com/en/US/docs/storage/san_switches/mds9000/interoperability/guide/ICG_test.html
Another issue that had me and my colleague scratching our heads, was that we were seeing high level of CRC errors on the ISL interfaces. This was caused by ARBFF settings mismatch between the Nexus and the HP. This was resolved by ensuring that the ARBFF setting on the HP was set to false and the command "switchport fill-pattern ARBFF speed 8000" is configured on the ISL interface linking the 2 switches. (note that Cisco's default setting for the ports is IDLE, until this is changed the link will not stabilise)
Thanks for all your help guys.

Fabric with two Nexus-5548 and a brocade switch does not get fabric updates

We have a fabric containing two Nexus 5548 and a Brocade 5000 switch in interop mode 2. When i make changes to the zoning, the first nexus (the fabric principal) and the brocade switch see the zone changes. The second Nexus switch does not see it. There are no error messages but the change just can't be seen. What can i do to find out, what goes wrong ?

Ouch, deprecated is not the word i wanted to read
We are using 5.1(3)N1(1a) on nexus-rz1-a
and 6.0(2)N1(2) on nexus-rz2-a.
The fabric can be seen :
nexus-rz2-a# show fcs ie vsan 10
IE List for VSAN: 10
IE-WWN                   IE     Mgmt-Id Mgmt-Addr (Switch-name)
10:00:00:05:1e:90:57:27 S(Rem) 0xfffc01 10.88.133.110 (bc-san1)
20:0a:00:2a:6a:72:ba:01 S(Loc) 0xfffc1c 10.88.133.105 (nexus-rz2-a)
20:0a:54:7f:ee:7f:dc:01 S(Adj) 0xfffc0b 10.88.133.100 (nexus-rz1-a)
[Total 3 IEs in Fabric]
nexus-rz1-a# show fcs ie vsan 10
IE List for VSAN: 10
IE-WWN                   IE     Mgmt-Id Mgmt-Addr (Switch-name)
10:00:00:05:1e:90:57:27 S(Adj) 0xfffc01 10.88.133.110 (bc-san1)
20:0a:00:2a:6a:72:ba:01 S(Adj) 0xfffc1c 10.88.133.105 (nexus-rz2-a)
20:0a:54:7f:ee:7f:dc:01 S(Loc) 0xfffc0b 10.88.133.100 (nexus-rz1-a)
[Total 3 IEs in Fabric]
I try to distribute the zoneset this way:
zoneset distribute vsan 10
Zoneset distribution initiated. check zone status
nexus-rz1-a# show zone status
VSAN: 10 default-zone: deny distribute: full Interop: 2
    mode: basic merge-control: allow
    session: none
    hard-zoning: enabled broadcast: disabled
Default zone:
    qos: none broadcast: disabled ronly: unsupported
Full Zoning Database :
    DB size: 6291 bytes
    Zonesets:1 Zones:62 Aliases: 44
Active Zoning Database :
    DB size: 10243 bytes
    Name: FABRIC1 Zonesets:1 Zones:60
Status: Zoneset distribution completed at 08:06:00 UTC Dec 3 2013
nexus-rz2-a# show zone status
VSAN: 1 default-zone: deny distribute: active only Interop: default
    mode: basic merge-control: allow
    session: none
    hard-zoning: enabled broadcast: disabled
Default zone:
    qos: none broadcast: disabled ronly: unsupported
Full Zoning Database :
    DB size: 4 bytes
    Zonesets:0 Zones:0 Aliases: 0
Active Zoning Database :
    Database Not Available
Status:
VSAN: 10 default-zone: deny distribute: full Interop: 2
    mode: basic merge-control: allow
    session: none
    hard-zoning: enabled broadcast: disabled
Default zone:
    qos: none broadcast: disabled ronly: unsupported
Full Zoning Database :
    DB size: 6291 bytes
    Zonesets:1 Zones:62 Aliases: 44
Active Zoning Database :
    DB size: 10243 bytes
    Name: FABRIC1 Zonesets:1 Zones:60
Status: Activation completed at 13:03:42 UTC Dec 2 2013

SAN Port-Channel between Nexus 5000 and Brocade 5100

I have a Nexus 5000 running in NPV mode connected to a Brocade 5100 FC switch using two FC ports on a native FC module in the Nexus 5000. I would like to configure these two physical links as one logical link using a SAN Port-Channel/ISL-Trunk. An ISL trunking license is already installed on the Brocade 5100. The Nexus 5000 is running NX-OS 4.2(1), the Brocade 5100 Fabric OS 6.20. Does anybody know if this is a supported configuration? If so, how can this be configured on the Nexus 5000 and the Brocade 5100? Thank you in advance for any comments.
Best regards,
Florian

I tried that and I could see the status light on the ports come on but it still showed not connected.
I configured another switch (a 3560) with the same config and the same layout with the fiber and I got the connection up on it. I just cant seem to get it on the 4506, would it be something with the supervisor? Could it be wanting to use the 10gb port instead of the 1gb ports?

Activate Document Browser and ACLs

Hi all,
I want to activate the Document Browser and ACLs tab in the DIR.
I have followed CAC--> Document Management --> Control Data --> Activate Document Browser and ACLs and then I've maintained "X" for each tab, but in the DIR nothing appear.
Have you any suggestions?
Thanks,
Marco.

Hi,
In this activity, you can activate the document browser and ACLs independently of one another.
When you select the indicators, the tab pages Document Browser and Authorizations are available in document editing.
The document browser contains the folder structure of SAP Easy Document Management, which you can use to edit documents. For more information about the document browser, see SAP Library under SAP ERP Central Component -> Cross-Application Components -> Document Management -> Document Browser.
You use ACLs to pass on access rights that you created for a particular folder to other folders in the same structure. For more information about ACLs, see SAP Library under SAP ERP Central Component -> Cross-Application Components -> SAP Easy Document Management -> Work with SAP Easy Document Management -> Authorizations in SAP Easy Document Management
Also check ,
As of SAP ERP 2005, all ACLs are automatically available in SAP Easy Document Management and the back-end system. As of SAP R/3 4.7, it is possible to implement ACLs and you have to implement ACLs up to SAP ERP 2005 (see SAP Note 798504).
http://help.sap.com/saphelp_erp60_sp/helpdata/en/7c/4ca9429888b111e10000000a155106/frameset.htm
https://www.sdn.sap.com/irj/scn/wiki?path=/display/plm/newFunctionalitiesinERP2005
Benakaraja ES
Edited by: benaka rajes on Jun 11, 2009 10:48 AM

Reset Pasword - do I need to reset Directory Permissions and ACLs?

I reset the password as described below on my mom's computer, as she forgot it.
http://support.apple.com/kb/HT1274
I did not reset Directory Permissions and ACLs.
Do i need to do this?
Thanks!

JulieK23 wrote:
I reset the password as described below on my mom's computer, as she forgot it.
http://support.apple.com/kb/HT1274
I did not reset Directory Permissions and ACLs.
Do i need to do this?
only if there was something wrong with them. otherwise this is quite independent of resetting the password and is not necessary if all you need is to reset the password.
Thanks!

NEW OWNER OF BB Bold 9000 and need help

i just purchased BB bold 9000 and I have the following difficulties would like to address.. hope you can help me out. I want to use the application that are on my phone, like word to go, excel and ppt. I registered the softwares, but I click the New Document, a message - Your smartphone comes with Doc to go Standard Edition. The feature you're trying to use is not available in the Standard Edition, but it is in the Premium Edtion.. 1. my question is - I only registered the software, I haven't even started using the product, so how come the one installed on my phone is unsuable? Is the New Doc option not applicable on Standard Edition? The only option I have when I open the word to go is open existing file.. which I don't have yet, because I haven't used it yet. When I click the said option, the message says - Permission to your files was denied, please configure your application permissions appropriately... 2. How do I configure it? Another thing, I don't have the BB Device Software.. where do I get it? I want to download the BB App World so I can get some stuff... Hope you can help me out. Thank you so much.

Hi and Welcome to the Forums!
A few things to cover...so bear with me..
First -- please mark your duplicated thread as Solved so that others don't spend time on duplicated efforts.
Next...to your issues:
Sandy_Mandy wrote:
1. my question is - I only registered the software, I haven't even started using the product, so how come the one installed on my phone is unsuable? Is the New Doc option not applicable on Standard Edition? The only option I have when I open the word to go is open existing file.. which I don't have yet, because I haven't used it yet.
The message is clear -- you cannot create brand new documents with the Standard Edition. The workaround is to place a document onto your device (anything will do) and then open it...then use Save As to create the new document you want.
Sandy_Mandy wrote:
When I click the said option, the message says - Permission to your files was denied, please configure your application permissions appropriately... 2. How do I configure it?
I've no idea what you mean by "the said option"...so I'm not at all sure how to guide you. If you mean that you click the selection to open a file, then you must have something there to open and it must be located in a folder on your BB to which you have full read/write access (some system folders are, naturally, protected).
Sandy_Mandy wrote:
Another thing, I don't have the BB Device Software.. where do I get it? I want to download the BB App World so I can get some stuff... Hope you can help me out. Thank you so much.
I think you have two things confused here.
The Device Software is the device OS...the core Operating System of your BB. You must have it if your BB is operating at all. If you want a package that you can install to your PC and use with the RIM Desktop Manager software, you can obtain it from your carrier download site:
http://na.blackberry.com/eng/support/downloads/download_sites.jsp
For AppWorld, you can obtain that here:
http://na.blackberry.com/eng/services/appworld/download.jsp#tab_tab_download
Hope something up there helps! Good luck and let us know!
Occam's Razor nearly always applies when troubleshooting technology issues!
If anyone has been helpful to you, please show your appreciation by clicking the button inside of their post. Please click here and read, along with the threads to which it links, for helpful information to guide you as you proceed. I always recommend that you treat your BlackBerry like any other computing device, including using a regular backup schedule...click here for an article with instructions.
Join our BBM Channels
BSCF General Channel
PIN: C0001B7B4 Display/Scan Bar Code
Knowledge Base Updates
PIN: C0005A9AA Display/Scan Bar Code

Nexus 9000 and ACL

Similar Messages

Maybe you are looking for