No guest access for Windows clients

Similar Messages

• Guest Access for Windows Services

  Hi,
  I need to access my shared files through a "Guest" access, without a password. I understand it is not a safe way to work, but I do not have a choice : I am using a device named mediagate, which is supposed to be able to read the shared files on my computer, and this device can only connect to my computer using a "Guest" access.
  I understand OS X server could do that (refering to http://docs.info.apple.com/article.html?path=ServerAdmin/10.4/en/c4wn14.html), but I am using OS X tiger 10.4.4 workstation. Is there anyway for me to do that ? Otherwise, the mediagate I bough is totally useless...
  Thanks for your help !
  iMac G5   Mac OS X (10.4.4)  

  Hi Marco,
  This behavior is a limitation that we are looking into providing a solution in a future update.
  Thanks,
  Robert
  Robert Bruckner   http://blogs.msdn.com/robertbruckner
  This posting is provided "AS IS" with no warranties, and confers no rights.

• Guest access for vendors/clients

  Hi,
  I have a single AP setup using PEAP with MS Win2k3 IAS/RADIUS. I would like outside vendors and clients to be able to come in and be able to access the Internet as well as a printer. I believe in order to authenticate with PEAP the laptop must be a member of the domain which we can't do with vendors and clients. I'm new to wireless so I'm lost as how to set this up. If anyone is familiar with how to do this I would really appreciate some direction. Thanks in advance.
  Riley

  AP#sh ver
  Cisco IOS Software, C1200 Software (C1200-K9W7-M), Version 12.3(8)JEA, RELEASE S
  OFTWARE (fc2)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2006 by Cisco Systems, Inc.
  Compiled Wed 23-Aug-06 16:42 by kellythw
  ROM: Bootstrap program is C1200 boot loader
  BOOTLDR: C1200 Boot Loader (C1200-BOOT-M) Version 12.2(8)JA, EARLY DEPLOYMENT RE
  LEASE SOFTWARE (fc1)
  Cairny-AP uptime is 3 weeks, 5 days, 23 hours, 18 minutes
  System returned to ROM by power-on
  System restarted at 09:13:49 est Tue Mar 4 2008
  System image file is "flash:/c1200-k9w7-mx.123-8.JEA/c1200-k9w7-mx.123-8.JEA"
  This product contains cryptographic features and is subject to United
  States and local country laws governing import, export, transfer and
  use. Delivery of Cisco cryptographic products does not imply
  third-party authority to import, export, distribute or use encryption.
  Importers, exporters, distributors and users are responsible for
  compliance with U.S. and local country laws. By using this product you
  agree to comply with applicable laws and regulations. If you are unable
  to comply with U.S. and local laws, return this product immediately.
  A summary of U.S. laws governing Cisco cryptographic products may be found at:
  http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
  If you require further assistance please contact us by sending email to
  [email protected].
  cisco AIR-AP1210 (PowerPC405GP) processor (revision A0) with 15138K/12
  36K bytes of memory.
  Processor board ID FOC074214X8
  PowerPC405GP CPU at 196Mhz, revision number 0x00C4
  Last reset from power-on
  1 FastEthernet interface
  2 802.11 Radio(s)
  32K bytes of flash-simulated non-volatile configuration memory.
  Base ethernet MAC Address: 00:0E:38:23:C8:E7
  Part Number : 73-8704-05
  PCA Assembly Number : 800-23211-06
  PCA Revision Number : A0
  PCB Serial Number : FOC074214X8
  Top Assembly Part Number : 800-23304-03
  Top Assembly Serial Number : FHK0744J2K6
  Top Revision Number : A0
  Product/Model Number : AIR-AP1210
  Configuration register is 0xF
  AP#

• Cisco Jabber for Windows Client SDK

  Is there an SDK for Cisco Jabber for Windows client? I could only find the Web SDK. Are there no other SDKs that would let me control features of the Jabber Windows Client?

  And in order to avoid TAPI limitation, they say they have started using Jabber which controls all phone functionalities through an Application User connected to the Call Manager.
  Assuming they are referring to the normal Jabber for Windows/Mac/iOS/Android applications then this is wrong. Jabber - the client, not the IM&P servers which are part of the CUCM cluster (if you're familiar with Lync consider CUCM+IM&P servers a Front End Pool) - do not use an Application User at all. When a user starts Jabber, assuming SAML SSO is off, they supply an email address. This is used to find the servers via DNS SRV records, or the Mobile and Remote Access Expressway (roughly analogous to a Lync Edge pool) to tunnel through the firewall. After the email address they are prompted for their End User username and password. This is then used to access several APIs on the server, namely the User Data Service to discover what the user has. This would include what the user has configured/available to them. After this is done the Jabber client does one of three things with respect to phone functionality:
  If the user has no phone devices provisioned for them - physical or software - it becomes an IM&P client only.
  If the user has a software phone phone provisioned, it registers as that using SIP. In this way Jabber is the actual phone. This is called a CSF device for Jabber Windows/OS X.
  If the user has a desk phone assigned to their End User account AND administrative policy is to default to desk phone control, it registers to CTI Manager on the CUCM server to control the user's physical phone.
  A user can toggle between option two and three, if appropriately provisioned, but cannot have both simultaneously. In other words, Jabber is either controlling a physical phone over CTI or is a phone itself using SIP. The difference is where the audio/video media is sent from/to.
  All of this happens using that human's End User credentials.
  Now, if you wanted to have a server control the user's phone - either a physical one or Jabber - you would use the TSP as an interface to CTI Manager on the CUCM server and receive real-time events (e.g. the user went off-hook, the phone is ringing with this caller ID, etc.) and issue commands to that phone (e.g. make a call to X). This is done using an Application User account because the server would need to do this for multiple users simultaneously. If you also use the Super Provider concept, the CUCM administrator doesn't have to take the extra step of associating every phone to your Application User manually. Instead, you can simply issue CTI subscriptions to see any/all device activity you want.
  This is all assuming you wanted to do the integration server-side to avoid having to update the Cisco TSP application on every user PC (which also limits your WPF application to machines capable of running the TSP) every time the CUCM administrator patches the servers. If you don't care about that, then you can do this all client-side on the user's PC, and have them supply their End User credentials.
  Of course, you could also reconsider the Jabber SDK and just embed the make/receive call functionality directly into your application instead.

• PIN-based guest access for airport express

  how do I setup PIN-based guest access for airport express?
  I have a 2010 iMac OS X 10.6.8 and an Airport Express of the same era.
  Thanx in advanced...
  Siegfried

  Hello Bob,
  Thank you for your time on this.  I apologize for not giving you a more complete picture of what was going on. 
  I should have included that I had already performed the steps that you shared and had gotten to the place where I would enter the PIN. 
  The problem was that, after entering a PIN that I had come up with, the "continue" button never became active.  I called Apple Care and ended up talking to 3 different people before I found someone that knew the answer.  The answer is that the guest computer (client) MUST be present inorder for me to complete the setup.  So, problem is now solved.  Thanx...
  Siegfried

• Default Profile for Windows clients

  Anyone know how to create default profile for windows clients from the SMB server on mac os x server? Do you just copy an account to default user on a windows client?

  I am having the same issue the clients can save the data to the path therefore cant read it upon logon...Grrrrr

• Ipod access for windows

  Hi everyone
  I recently had a error screen on my ipod 5th generation and it asked me to restore to the factory settings which i did.
  Since my library had been transfered back to my computer using Ipod Access for Windows program (i had to format my computer at one time) well now i am getting nothing but errors messages when i want to transfer back all my songs.
  Here is the Error message: Attempting to copy to the disk "Jewels IPOD" failed. The disk could not be read from or written to.
  Is there any way to by pass the songs that there is an error to them, so that i can stop crabbing about deleting them and restarting the process
  thank you so much JEWELS

  See if this troubleshooting article helps.
  Disk cannot be read from or written to error syncing iPod in iTunes.

• ISE device differentiated access and windows clients

  Hi guys,
  Pretty new to ISE  and looking for some help wrapping my head around a couple of things.
  First, I have a beta wireless network setup, called VIP for for employees to connect their mobile devices too, it's PEAP based.  i'm also tagging into it the ability to create guest accounts through a portal and redirecting to different vlans (and thereby different internet providers).  That's all working pretty well.  However, one of the issues I have with it of course is with PEAP, a windows client doesn't correctly configure for it as it defaults to using the username/password logged into it.  Is it possible to attach a policy to that network to determine if it's a windows client and require them to do web-auth user/password?  Whats the best approach for that?  I didn't want to do web-auth for everyone (smartphones/tablets) as it's not accepted by the user base very well (healthcare) and they have to buy-in.
  Secondly, we have a situation where corporate ipads may be used by the same individuals (employees) who have their own devices and have access to the VIP network via their AD username/password.  What I don't want to do, is use PEAP for the corporate network (ipads) and give the user the ability to connect to the corporate network with their personal device as well.  So I'm trying to figure out how I can limit this.  I would go off of the certificate based on the device, but I'm deploying certificates from my MobileIron MDM Server via it's scep proxy that runs off my MS PKI NDES installation.  As far as I know, I can't make NDES give different type of certificates for authentication to different networks... All sounds very confusing, so if you have ideas or scenarios on how to approach this, I would really appreciate it.
  Thank you,
  Raun

  You can enable ISE profiling and profile endpoints and assign auth policy based on their profile.
  http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/user_guide/ise_user_guide/ise_prof_pol.html
  http://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/design-zone-security/howto_30_ise_profiling.pdf

• Guest access for Cisco WAP's...

  Can someone recommend a solid 3rd party solution to offer granular guest access using Cisco 1241's and a WLAN controller? Something that is similiar to what is used in hotels.
  I have a client considering BlueSocket/Aruba solutions and apparently both offer hotel-style guest access that is very granular. I realize Cisco's NAC management piece does this but it's outside of my client's budget.
  Thanks in advance-

  Yes we have. So I have been really digging on this and when you go to a external webauth it still looks to send the username password back to the WLC. I have an internal doc from Cisco that say
  "Login request is sent back to the action URL of the controller web server."
  By default when setting up the WLC i used the 1.1.1.1 ip for the virtual interface. Currently 1.1.1.1 is not advertised in my network so how the heck would the NAC send the request back to it?? (Sorry thinking outloud). According to my understanding the switch_url is what its looking to send the credentials back too...Sooo should I modify my virtual IP to be something that is routable on my network?
  If your lookin in the below URL which is what id get redirected too and after filling out my self service.
  https://nac.guestwifi.com/sites/Guest/selfservice.html?switch_url=https://1.1.1.1/login.html&ap_mac=00:22:90:93:25:80&wlan=MAS&redirect=www.google.com/
  The switch_url part is what send the post to would need to be reached via the nac. Right now 1.1.1.1 is not..
  Thoughts?

• Jabber for windows client

  Does jabber for windows work on terminal servers? I have client installed on terminal server, and all it does is spin like it is connecting to authenticate.
  Sent from Cisco Technical Support iPad App

  Virtual environments
  http://www.cisco.com/en/US/partner/docs/voice_ip_comm/jabber/Windows/9_0_1/b_jabber_win_icg_chapter_01000.html#reference_B1477134C1A14086B4C9B7BD3A2EAE7D
  HTH
  java
  if this helps, please rate
  www.cisco.com/go/pdihelpdesk

• ISE 1.2 Guest Access for EAP(Dot1x) Authentication

  Hi.
  I want to use encryption for guest access. 
  In order to use the "RADIUS-NAC" in the WLC, you can not use or "Open + MAC" only "WPA + dot1". 
  (Specification of the WLC) 
  When the "Open + MAC", return from the ISE at the time of the "Web Authentication" in the "Session-Timeout Attribute", I was able to forcibly disconnect the radio. 
  (Attribute is the same value as the (ISE TimeProfile) time the guest user can use) 
  If you connect to a wireless terminal to forced disconnect after screen of Web authentication is displayed, you can not login. 
  (Because the account has been revoked) 
  I want to make even dot1x this environment. 
  However, because it becomes the "re-authentication time" If dot1x, as long as the terminal is connected to the radio, it is not cut. 
  In addition, even in the setting of "Attribute Termination-Action = Default", does not return until the Web authentication. 
  (Status of the WLC remains "Auth Yes") 
  (Session of the ISE remains "Started") 
  Use the (EAP) Dot1x, Can I "is allowed to forcibly disconnected," "to match the time of TimeProfile" in the same way as "Open + MAC" thing? 
  Thank you.

  Note：
  Cisco ISE:Version1.2.0.899-8
  Cisco WLC(5508):Version 7.6.120

• FCP 5 export to .AVI for Windows client? Advice needed!

  I have a Windows platform client that wants my Exported FCP 5 Sequence in .AVI format.
  Obviously, I normally always use Export to Quicktime Movie in FCP, and I do know that their is not a direct choice in FCP to export/convert as an .AVI file. (I usually hand off the FCP file to another facility that does DVD Studio Pro authoring work, and haven't had a need to make different file formats).
  This has made me to ponder of few bits of info, that I'm sure I could get great ansers to, here.
  My normal "workaround" for making an .AVI for a Windows user is to Export as Quicktime Movie in FCP, like normal, and then open that exported file in Quicktime Pro, and use Export Movie to AVI in Quicktime Pro. Is this the best method? Secondly, I am a little unsure as to the best settings I should use in QT Pro to achieve this. For example:
  I just did a routine NTSC 48k,16 bit stereo, 30 second ad in FCP, and my normal, Export to Quicktime Movie was about 260 meg in size for the finished, self-contained movie file.
  I opened this in QT-Pro and ran Export to AVI. In the settings dialog, I chose "uncompressed" for video and 48k-16 bit stereo for audio. The resulting export was about 680 meg in size! Because of file size restrictions for the clients product, what settings change or choice should I be making in QT-Pro to get an "equivalent" of the 260 meg file the FCP is exporting? Should I not get an equal file size of the QT-Pro AVI versus the FCP export (both 260 meg?).
  If the answer is compression, what is the best settings in QT-Pro? Cinepak? Intel Indeo?
  Perhaps, I have always misunderstood what FCP Export to Movie is giving me, but I thought that was uncompressed video? If so, why do I get the 260 meg out of FCP, and then 680 meg from QT-Pro Export to AVI (uncompressed) for the same 30 second clip? Is it simply a data rate difference?
  Lastly, I have actually had a Windows user take a FCP Export to Movie file, straight from me, and they say it opened fine in Windows Media Player as is for viewing. However, there is no (dot) file extension name on the end of the filename. They can simply click File/Open in Windows Media Player and choose the "unrecognized" file because of no extension, and play it just fine to at least view the clip.
  So what exactly is the file type that FCP is creating? It's not a .MOV and not an AVI file. What would be the equivalent file type association (just for my curiosity).
  Thanks for any help to the above as I value the more-experienced users here.
  Wade

  Hi Wade,
  Sorry for letting your post unanswered for two days, we were all busy (I know, it is not an excuse).
  Seriously, I think the reason you are not getting answers is you have asked too many questions in one post. Don't know about others, but I get slightly confused.
  Let me tell you what I do with FCP material when I send it to our sound department where they work with Nuendo on PCs. I export sequence using QT Conversion. My settings are: Format - AVI, Compression type - DV-PAL, Compressor quality - Best. I do not bother much about the sound. I sent the resulting file over network to a Maxtor FireWire external drive connected to a colleague's PC and then take the drive down to the sound guys. If the AVI file is smaller than 2 GB I can burn it to a DVD and a PC can open it, if it is larger, PCs cannot open. Also, the sound guys ask me not to use Cinepac, they do not like it. Therefore, I use DV-PAL; I guess you may safely use DV-NTSC but it depends on who will open the AVI file. Ask your client what it wants.
  I think my routine is a bit more streamlined than yours - I export straight from FCP and do not bother with QT. You are wrong in saying that there is no direct way in FCP to export AVI.
  Hope this is a starter for more answers. Also, have you tried searching the forum? I am sure all the answers are already there.

• Best export solution for windows clients

  Hi,
  I need to regularly make files playable & editable on windows machines of all different specs/os versions for various clients.
  I've been going to AVI at DV PAL codec, using MPEG Streamclip (cos I like the batch processing), but I've recently started having problems with large files (20 - 30Gb) lately. i hav a test windows box, and Windows Media Player won't open the large files.
  I experimented with doing these in Quicktime Pro & in Visual Hub as well. QT Pro gave me nil picture. Visual Hub gave me a 4 Gb file and truncated the rest of the movie.
  I've been doing a bit of reading and experts on forums like this keep saying words to the effect "Why are you going to AVI which is obsolete & not supported?"
  I have PC based editor friends on Vegas & Premiere, and they say they need AVI.
  I could go to WMV as I have Flip for Mac Studio (and Visual hub)..
  What I really need is advice on a "lowest common denominator codec/container" combo that plays on Windows media player, so clients can marvel at their home movies, as well as can translate to most lower end PC editing packages, like Windows Movie Maker, Premiere Elements, Ulead, etc., when they decide they want to edit them.
  I thought AVI @ DV would be the go..
  Any ideas gentlemen?
  Pete

  Hi kirk,
  ..thanks for your reply.
  It's not a Fat32 problem - I am well aware of that limit. I bought Paragon to be able to write to NTFS from my Mac. Anyway, these files are failing to play back on the Mac that made them.. from the desktop..
  I have an imac 17" intel that also has Mpeg Streamclip on it and it's working absolutely fine..
  So I was wondering if maybe a software update that has been done on my main machine and maybe hasn't been done of the 17".
  Or maybe a hardware issue - My main Mac might be dying or something..
  I have the Flip for Mac Studio, and also Virtual Hub, so I can make WMVs - the point is would I want to unless a client specifically requested it? (I've had some TV stations ask for WMVs!)
  I thought AVI was the best choice for my clients to be able to future edit their files. Even those who do not choose to edit will burn their own DVDs, so I wouldn't think that H.264 would be a good choice for that, even though I personally really like that codec for other purposes.
  One reason I was considering WMV for all PC clients is that then they could all open the files,no matter what their hardware/OS version.. and at least edit the files in Windows Movie Maker. Maybe if they want to edit in Premeier or such, and it wants AVIs, then they can download the PC version of Mpeg Streamclip and do it themselves..
  Any ideas?..
  pete

• OS X DHCP problem for Windows client

  I have DHCP server running on my mac OS X Mountain Lion and all my user client (they all are using macbook) are able to access the network by IP address given by this DHCP.
  Unfortunatly, any Windows 7 or Windows client can't get DHCP. Appreciate a help.
  Thanks

  Since you are asking about Snow Leopard Server, you might have better luck of getting an answer if you ask it over in the Snow Leopard Server Forum .
  Allan

• 10.4.9 as Domain Controller fails daily for Windows clients

  I have a 10.4.9 Open Directory Master server which also serves as a PDC for Windows XP clients. Windows clients can log in and get roaming profiles with shared homes for Mac and Windows environments. This all works fine.
  But, for the last week, every morning, the Windows clients cannot find the domain. I can replace the /etc/smb.conf file with a saved good file, restart the Windows service and all works fine until the next morning, where it fails again. Simply restarting the Windows service does not help; it needs to be reconfigured with a new smb.conf file.
  Mac clients can authenticate and connect via smb. The Windows XP Pro clients are up to date with latest updates, so there could be a problem from that, but the updates don't match the date the problems started. The start of the problem coincided with removing an Open Directory Replica, which was no longer needed. It is probably unrelated, but it is the only change I can think of.
  There must be some overnight process which resets some setting. Anyone have an idea?
  Thanks for any help!
  Mostly Xserve servers   Mac OS X (10.4.9)   400 + node Open Directory domain Win & Mac All Mac servers
  Macs & PCs (too many!)   Mac OS X (10.4.4)  
  Macs & PCs (too many!)   Mac OS X (10.4.4)  

  Tom,
  We destroyed our domain and rejoined all our XP boxes. This did not fix the problem. There appears to be a bug in Apple samba-100.7 (10.4.9).
  As a quick fix we extracted the smbd binary and smbd.plist from a 10.4.8 combo update (Note: you could also grab the files from a working 10.4.8 install)...
  1. Download the 10.4.8 combo update from http://www.apple.com/support
  2. Mount the 10.4.8 update .dmg
  3. In Terminal navigate to the folder containing Archive.pax.gz, in our case this was...
  cd /Volumes/Mac\ OS\ X\ Server\ 10.4.8\ Combined\ Update/MacOSXSrvrCombo10.4.8PPC.mpkg/Contents/Installers/MacOSXSvrCmbBase10.4.8 PPC.pkg/Contents
  4. Copy Archive.pax.gz to a location on your HDD, like Desktop
  cp Archive.pax.gz ~/Desktop
  5. Unzip Archive.pax.gz
  cd ~/Desktop
  gunzip Archive.pax.gz
  6. Grab a copy of Pacifist and use it to open Archive.pax
  7. Using Pacifist, extract (drag and drop) the following files from the archive to your Desktop...
  /System/Library/LaunchDaemons/smbd.plist
  /usr/sbin/smbd
  Note: We are going to replace smb in the next step, best backup the current copies of the above files before proceeding.
  8. Open Terminal again...
  Stop SMB...
  sudo serveradmin stop smb
  Replace samba with 10.4.8 version...
  sudo cp ~/Desktop/smbd /usr/sbin/smbd
  sudo cp ~/Desktop/smbd.plist /System/Library/LaunchDaemons/smbd.plist
  9. Restart SMB and the process is complete...
  sudo serveradmin start smb
  Cheers,
  Tim