Non-administrator access to WMI over CIMSession

I am attempting to setup remote system monitoring using CimSessions and CimInstances in Powershell. I am using a Windows Server 2012 R2 server as my remote target.
I added my monitoring user account to the local group SERVER\WinRMRemoteWMIUsers__ and also went into WMI Control and granted 'Remote Enable' rights to this group on Root\cimv2 (used this blog post as a reference: http://www.sevecek.com/Lists/Posts/Post.aspx?ID=280).
I can create a New-CimSession but when I attempt to perform a trivial get (e.g. Get-CimInstance -CimSession $cimSession -ClassName Win32_Service) I get an 'access denied' error (Get-CimInstance : The WS-Management service cannot process the request.
The WMI service returned an 'access denied' error.) 
If I run the same cmdlets as an administrator on the remote server, they succeed.
What is the proper process for granting Remote WMI rights to a non-admin account? I do not require admin rights for my monitoring user.
Thanks.

So I made some progress. Here is what I have done to enable SOME remote WMI capability via WinRM:
Added user account to local group WinRMRemoteWMIUsers__ on remote server.
Via WMI Control mmc snapin, granted group local group WinRMRemoteWMIUsers__ Remote Enable rights to Root namespace and all child namespaces.
This allows me to connect and successfully run a majority of Get-CimInstance commands, e.g.
Get-CimInstance -ComputerName RemoteServer -ClassName Win32_ComputerSystem
Get-CimInstance -ComputerName RemoteServer -ClassName Win32_LocalTime
However, some classes will give me an 'Access Denied' error (yet work as an Admin), like:
Get-CimInstance -ComputerName RemoteServer -ClassName Win32_Service
Get-CimInstance -ComputerName RemoteServer -ClassName CIM_Service
It may even just be the 'Service' classes, but I am not sure.

Similar Messages

  • Flash removed by non-administrator accounts

    Here is a perennial problem that I have as a network administrator:
    All users in my domain have no greater rights to the local computers (mostly Windows XP) than Power Users, and in many cases, only Users. This is to keep them from installing all their favorite games and wasting my time trying to remove all the junk. I keep Flash relatively current by updating it across the network periodically (perhaps twice per year or as I get notification of new versions).
    However, Flash insists on notifying these non-administrators when an update is available. When the user accepts the update, it uninstalls the current version but cannot install the new version because he does not have administrative rights. Now he has no Flash. When he then attempts to access Flash content, he gets a message indicating that he needs to update his Flash, which prompts him to send me an e-mail telling me he is unable to access the site until he updates his Flash.
    These are not users that are going to the Adobe website to manually update; they are just accepting the stock in-your-face update notifications. I have tested this under a non-administrative account. Sure enough, when I accept an update, it removes the current version (i.e. it is no longer listed in Add/Remove Programs) but cannot install the new one, leaving me with none until I log on administratively and install it.
    This is beginning to consume more time for me because it takes extra time dealing with all the users who think they should just accept every update that comes along. I do instruct users to cancel any offered updates, but they regularly ignore my instruction because they always think it won't hurt to try.
    It is as though Flash was written without any consideration for mixed-security environments. The program insists on advertising updates, allows anyone to remove the old version, but requires administrative rights to install the new one. One would think that it should require administrative rights for removal. I am guessing that there is probably a way to turn off advertisement of new versions to users; however, I suspect that is a lot of administrative overhead for one little program on many computers, and I would also guess that I would have to reset the "do not offer updates to users" after every update.
    Any ideas (other than making everyone local administrators and spending all my time cleaning off all their games & other junk)?

    Let me be more exact. Although the config file option is a sound management
    strategy in a single-network scenario, it is not very workable with 150
    individual computers across eight disparate networks owned by different
    clients. I am just spending an inordinate amount of time on managing one
    little application.
    It would likely cost my clients more to have me proactively manage this one
    application than to clean up after a few users in the cases where it is a
    problem. I will report this as a bug; I just find it a little surprising
    that the issue has persisted over the last several releases of Flash. I
    guess I have just been expecting that someone would have reported it and
    have been waiting for the behavior to change while I have been entirely
    buried in larger projects.

  • How do I make Firefox the default browser in a non-administrative Windows XP account, where clicking to do so has no effect?

    I have two accounts for myself on my PC running Windows XP. In the administrative account, Firefox is already the default browser that opens when I double-click an HTML file, etc. Firefox knows it's the default browser there.
    In my other account, every time I start Firefox, it tells me it's not the default browser. Clicking there to make it the default, or in the options, does nothing.
    When I go to Set Program Access and Defaults in the administrative account, "Use my current Web browser" is selected. Mozilla Firefox is not listed as an option. In my non-administrative account, the Add or Remove Programs control panel can't be used. It says I don't have permission.

    To check that in the other account you would have to give it temporarily administrator permissions.
    See:
    *https://support.mozilla.org/kb/How+to+make+Firefox+the+default+browser
    *https://support.mozilla.org/kb/Setting+Firefox+as+the+default+browser+does+not+work
    *http://kb.mozillazine.org/Default_browser

  • Unable to Access Remote LAN over IPSec VPN

    I have a Cisco ASA 5540 setup with Remote Access VPN for users. Suddenly no one can access the remote LAN over VPN. Below is my config:
    ASA Version 7.0(8)
    hostname DC2ASA
    domain-name yorktel.com
    enable password d2XdVlFOzleWlH1j encrypted
    passwd 2KFQnbNIdI.2KYOU encrypted
    names
    dns-guard
    interface GigabitEthernet0/0
     description outside/savvis
     nameif outside
     security-level 0
     ip address 216.33.198.4 255.255.255.0 standby 216.33.198.5
    interface GigabitEthernet0/1
     description inside
     nameif inside
     security-level 100
     ip address 10.203.204.1 255.255.254.0 standby 10.203.204.2
    interface GigabitEthernet0/2
     nameif insidesan
     security-level 100
     ip address 10.203.206.1 255.255.254.0 standby 10.203.206.2
    interface GigabitEthernet0/3
     description LAN/STATE Failover Interface
    interface Management0/0
     nameif management
     security-level 100
     ip address 192.168.1.1 255.255.255.0
     management-only
    ftp mode passive
    object-group service FileMaker tcp-udp
     port-object range 16000 16001
    access-list outside-in extended permit ip 65.123.204.0 255.255.254.0 216.33.198.0 255.255.255.0 log
    access-list outside-in extended permit ip 216.33.198.0 255.255.255.0 216.33.198.0 255.255.255.0 log
    access-list outside-in extended permit icmp 216.33.198.0 255.255.255.0 216.33.198.0 255.255.255.0 log
    access-list outside-in extended permit icmp any any
    access-list outside-in extended permit icmp any any echo
    access-list outside-in extended permit ip any host 216.33.198.22 inactive
    access-list outside-in extended permit tcp any host 216.33.198.19
    access-list outside-in extended permit udp any host 216.33.198.19
    access-list outside-in extended permit ip any host 216.33.198.19
    access-list outside-in extended permit tcp any host 216.33.198.10 eq 3389
    access-list outside-in extended permit tcp any host 216.33.198.10 eq ftp inactive
    access-list outside-in extended permit tcp any host 216.33.198.10 eq ftp-data inactive
    access-list outside-in extended permit tcp any host 216.33.198.10 eq ssh inactive
    access-list outside-in extended permit tcp any host 216.33.198.19 eq www
    access-list outside-in extended permit tcp any host 216.33.198.19 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.19 eq https
    access-list outside-in extended permit tcp any host 216.33.198.19 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.19 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.19 eq smtp
    access-list outside-in extended permit tcp any host 216.33.198.19 eq pop3
    access-list outside-in extended permit tcp any host 216.33.198.19 eq 587
    access-list outside-in extended permit tcp any host 216.33.198.16 eq www
    access-list outside-in extended permit tcp any host 216.33.198.16 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.16 eq https
    access-list outside-in extended permit tcp any host 216.33.198.16 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.16 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.16 eq 8094
    access-list outside-in extended permit tcp any host 216.33.198.16 eq 8096
    access-list outside-in extended permit tcp any host 216.33.198.16 eq 8097
    access-list outside-in extended permit tcp any host 216.33.198.16 eq 8090
    access-list outside-in extended permit tcp any host 216.33.198.38 eq www
    access-list outside-in extended permit tcp any host 216.33.198.38 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.38 eq https
    access-list outside-in extended permit tcp any host 216.33.198.38 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.38 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.38 eq 8094
    access-list outside-in extended permit tcp any host 216.33.198.38 eq 8096
    access-list outside-in extended permit tcp any host 216.33.198.38 eq 8097
    access-list outside-in extended permit tcp any host 216.33.198.38 eq 8090
    access-list outside-in extended permit tcp any host 216.33.198.25 eq www
    access-list outside-in extended permit tcp any host 216.33.198.25 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.25 eq https
    access-list outside-in extended permit tcp any host 216.33.198.25 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.25 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.25 eq 8094
    access-list outside-in extended permit tcp any host 216.33.198.25 eq 8096
    access-list outside-in extended permit tcp any host 216.33.198.25 eq 8097
    access-list outside-in extended permit tcp any host 216.33.198.25 eq 8090
    access-list outside-in extended permit tcp any host 216.33.198.22 eq www
    access-list outside-in extended permit tcp any host 216.33.198.22 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.22 eq https
    access-list outside-in extended permit tcp any host 216.33.198.22 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.22 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.22 eq 8094
    access-list outside-in extended permit tcp any host 216.33.198.22 eq 8096
    access-list outside-in extended permit tcp any host 216.33.198.22 eq 8097
    access-list outside-in extended permit tcp any host 216.33.198.22 eq 8090
    access-list outside-in extended permit tcp any host 216.33.198.17 eq www
    access-list outside-in extended permit tcp any host 216.33.198.17 eq rtsp
    access-list outside-in extended permit udp any host 216.33.198.17 eq 5005
    access-list outside-in extended permit tcp any host 216.33.198.17 eq 1755
    access-list outside-in extended permit udp any host 216.33.198.17 eq 1755
    access-list outside-in extended permit tcp any host 216.33.198.17 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.17 eq https
    access-list outside-in extended permit tcp any host 216.33.198.17 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.17 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.17 eq 989
    access-list outside-in extended permit tcp any host 216.33.198.17 eq 990
    access-list outside-in extended permit tcp any host 216.33.198.24 eq www
    access-list outside-in extended permit tcp any host 216.33.198.24 eq rtsp
    access-list outside-in extended permit udp any host 216.33.198.24 eq 5005
    access-list outside-in extended permit tcp any host 216.33.198.24 eq 1755
    access-list outside-in extended permit udp any host 216.33.198.24 eq 1755
    access-list outside-in extended permit udp any host 216.33.198.24
    access-list outside-in extended permit tcp any host 216.33.198.24 eq 8090
    access-list outside-in extended permit tcp any host 216.33.198.24 eq https
    access-list outside-in extended permit tcp 209.67.5.96 255.255.255.224 any inactive
    access-list outside-in extended permit udp 209.67.5.96 255.255.255.224 any inactive
    access-list outside-in extended permit udp any host 216.33.198.17 inactive
    access-list outside-in extended permit tcp any host 216.33.198.18 eq 1433
    access-list outside-in extended permit tcp any host 216.33.198.18 eq 1434
    access-list outside-in extended permit tcp any host 216.33.198.100 eq www
    access-list outside-in extended permit tcp any host 216.33.198.101 eq www
    access-list outside-in extended permit tcp any host 216.33.198.102 eq www
    access-list outside-in extended permit tcp any host 216.33.198.103 eq www
    access-list outside-in extended permit tcp any host 216.33.198.104 eq www
    access-list outside-in extended permit tcp any host 216.33.198.105 eq www
    access-list outside-in extended permit tcp any host 216.33.198.106 eq www
    access-list outside-in extended permit tcp any host 216.33.198.107 eq www
    access-list outside-in extended permit tcp any host 216.33.198.108 eq www
    access-list outside-in extended permit tcp any host 216.33.198.109 eq www
    access-list outside-in extended permit tcp any host 216.33.198.110 eq www
    access-list outside-in extended permit tcp any host 216.33.198.100 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.101 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.102 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.103 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.104 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.105 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.106 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.107 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.108 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.109 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.110 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.100 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.101 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.102 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.103 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.104 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.105 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.106 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.107 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.108 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.109 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.110 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.100 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.101 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.102 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.103 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.104 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.105 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.106 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.107 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.108 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.109 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.110 eq ftp-data
    access-list outside-in extended permit tcp host 12.71.134.4 any
    access-list outside-in extended permit udp host 12.71.134.4 any
    access-list outside-in remark Allow Mark to access remote desktop from home office.
    access-list outside-in extended permit tcp host 96.255.220.240 any
    access-list outside-in remark Allow Mark to access remote desktop from home office.
    access-list outside-in extended permit udp host 96.255.220.240 any
    access-list outside-in extended permit tcp host 67.81.54.83 any
    access-list outside-in remark Allow Chris to access remote desktop from home office.
    access-list outside-in extended permit tcp host 100.1.41.196 any
    access-list outside-in remark Allow Chris to access remote desktop from home office.
    access-list outside-in extended permit udp host 100.1.41.196 any
    access-list outside-in extended permit udp host 67.81.54.83 any
    access-list outside-in remark Allow Jim Johnstone to remote in from home office.
    access-list outside-in extended permit tcp host 96.225.44.46 any
    access-list outside-in remark Allow Jim Johnstone to remote in from home office.
    access-list outside-in extended permit udp host 96.225.44.46 any
    access-list outside-in extended permit tcp host 64.19.183.67 any
    access-list outside-in extended permit udp host 64.19.183.67 any
    access-list outside-in remark Allow Steve Fisher to remote in from home office.
    access-list outside-in extended permit tcp host 173.67.0.16 any
    access-list outside-in remark Allow Steve Fisher to remote in from home office.
    access-list outside-in extended permit udp host 173.67.0.16 any
    access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
    access-list outside-in extended permit tcp any host 216.33.198.20 eq 3389
    access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
    access-list outside-in extended permit tcp any host 216.33.198.20 eq ftp-data
    access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
    access-list outside-in extended permit tcp any host 216.33.198.20 eq ftp
    access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
    access-list outside-in extended permit tcp any host 216.33.198.20 eq www
    access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
    access-list outside-in extended permit tcp any host 216.33.198.20 eq https
    access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
    access-list outside-in extended permit tcp any host 216.33.198.20 inactive
    access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
    access-list outside-in extended permit udp any host 216.33.198.20 inactive
    access-list outside-in remark Allow remote desktop connections to remote.yorkcast.com
    access-list outside-in extended permit ip any host 216.33.198.20 inactive
    access-list outside-in remark Allow remote desktop connections to ftp.yorkcast.com
    access-list outside-in extended permit tcp any host 216.33.198.19 eq 3389 inactive
    access-list outside-in remark Allow remote desktop connections to BMS-TV
    access-list outside-in extended permit tcp any host 216.33.198.21 eq 3389
    access-list outside-in remark Allow remote desktop connections to BMS-TV
    access-list outside-in extended permit tcp any host 216.33.198.21 eq www
    access-list outside-in remark Allow remote desktop connections to BMS-TV
    access-list outside-in extended permit tcp any host 216.33.198.21 eq https
    access-list outside-in extended permit tcp any host 216.33.198.21 eq 8080
    access-list outside-in remark Allow remote desktop connections to BMS-TV
    access-list outside-in extended permit tcp any host 216.33.198.21 eq ftp
    access-list outside-in remark Allow remote desktop connections to BMS-TV
    access-list outside-in extended permit tcp any host 216.33.198.21 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.19 eq 3306
    access-list outside-in extended permit udp any host 216.33.198.19 eq 3306
    access-list outside-in remark Allow remote desktop connections to ftp.yorkcast.com
    access-list outside-in extended permit tcp any host 216.33.198.23 eq 3389
    access-list outside-in remark Allow remote desktop connections to ftp.yorkcast.com
    access-list outside-in extended permit tcp any host 216.33.198.23 eq ftp
    access-list outside-in remark Allow remote desktop connections to ftp.yorkcast.com
    access-list outside-in extended permit tcp any host 216.33.198.23 eq www
    access-list outside-in remark Allow remote desktop connections to ftp.yorkcast.com
    access-list outside-in extended permit tcp any host 216.33.198.23 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.18 eq 3389 inactive
    access-list outside-in extended permit tcp any host 216.33.198.17 inactive
    access-list outside-in extended permit ip any host 216.33.198.17 inactive
    access-list outside-in extended permit tcp any host 216.33.198.18 inactive
    access-list outside-in extended permit udp any host 216.33.198.17 eq 554
    access-list outside-in extended permit udp any host 216.33.198.24 eq 554
    access-list outside-in remark Allow any access from Treasury
    access-list outside-in extended permit tcp host 64.241.196.50 any
    access-list outside-in remark Allow any access from Treasury
    access-list outside-in extended permit udp host 64.241.196.50 any
    access-list outside-in remark Allow any access from Treasury
    access-list outside-in extended permit ip host 64.241.196.50 any
    access-list outside-in extended permit tcp any host 216.33.198.26 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.26 eq www
    access-list outside-in extended permit tcp any host 216.33.198.26 eq https
    access-list outside-in extended permit tcp any host 216.33.198.27 eq https
    access-list outside-in extended permit tcp any host 216.33.198.27 eq www
    access-list outside-in extended permit tcp any host 216.33.198.27 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.27 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.27 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.27 eq 8094
    access-list outside-in extended permit tcp any host 216.33.198.27 eq 8096
    access-list outside-in extended permit tcp any host 216.33.198.27 eq 8097
    access-list outside-in extended permit tcp any host 216.33.198.27 eq 8090
    access-list outside-in extended permit tcp any host 216.33.198.26 eq ftp inactive
    access-list outside-in extended permit tcp any host 216.33.198.26 eq ssh inactive
    access-list outside-in extended permit tcp any host 216.33.198.28 eq 81
    access-list outside-in extended permit tcp any host 216.33.198.28 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.28 eq www
    access-list outside-in extended permit tcp any host 216.33.198.28 eq ssh
    access-list outside-in extended permit tcp any host 216.33.198.29 eq www
    access-list outside-in extended permit tcp any host 216.33.198.28 eq 3389
    access-list outside-in extended permit tcp any host 216.33.198.29 eq ssh
    access-list outside-in extended permit tcp any host 216.33.198.30 eq ssh
    access-list outside-in extended permit tcp any host 216.33.198.31 eq ssh
    access-list outside-in extended permit tcp any host 216.33.198.20 object-group FileMaker
    access-list outside-in extended permit tcp any host 216.33.198.20 eq 5003
    access-list outside-in extended permit udp any host 216.33.198.20 eq 5003
    access-list outside-in extended permit tcp any host 216.33.198.33 eq www
    access-list outside-in extended permit tcp any host 216.33.198.33 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.33 eq https
    access-list outside-in extended permit tcp any host 216.33.198.33 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.33 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.33 eq 8094
    access-list outside-in extended permit tcp any host 216.33.198.33 eq 8096
    access-list outside-in extended permit tcp any host 216.33.198.33 eq 8097
    access-list outside-in extended permit tcp any host 216.33.198.33 eq 8090
    access-list outside-in extended permit tcp any host 216.33.198.34 eq www
    access-list outside-in extended permit tcp any host 216.33.198.34 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.34 eq https
    access-list outside-in extended permit tcp any host 216.33.198.34 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.34 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.34 eq 8094
    access-list outside-in extended permit tcp any host 216.33.198.34 eq 8096
    access-list outside-in extended permit tcp any host 216.33.198.34 eq 8097
    access-list outside-in extended permit tcp any host 216.33.198.34 eq 8090
    access-list outside-in extended permit tcp any host 216.33.198.36 eq www
    access-list outside-in extended permit tcp any host 216.33.198.36 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.36 eq https
    access-list outside-in extended permit tcp any host 216.33.198.36 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.36 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.36 eq 8094
    access-list outside-in extended permit tcp any host 216.33.198.36 eq 8096
    access-list outside-in extended permit tcp any host 216.33.198.36 eq 8097
    access-list outside-in extended permit tcp any host 216.33.198.36 eq 8090
    access-list outside-in extended permit tcp any host 216.33.198.37 eq www
    access-list outside-in extended permit tcp any host 216.33.198.37 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.37 eq https
    access-list outside-in extended permit tcp any host 216.33.198.37 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.37 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.37 eq 8094
    access-list outside-in extended permit tcp any host 216.33.198.37 eq 8096
    access-list outside-in extended permit tcp any host 216.33.198.37 eq 8097
    access-list outside-in extended permit tcp any host 216.33.198.37 eq 8090
    access-list outside-in extended permit tcp any host 216.33.198.39 eq www
    access-list outside-in extended permit tcp any host 216.33.198.39 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.39 eq https
    access-list outside-in extended permit tcp any host 216.33.198.39 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.39 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.39 eq 8094
    access-list outside-in extended permit tcp any host 216.33.198.39 eq 8096
    access-list outside-in extended permit tcp any host 216.33.198.39 eq 8097
    access-list outside-in extended permit tcp any host 216.33.198.39 eq 8090
    access-list outside-in extended permit tcp any host 216.33.198.41 eq 3389
    access-list outside-in extended permit tcp any host 216.33.198.41 eq www
    access-list outside-in extended permit tcp any host 216.33.198.41 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.41 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.41 eq https
    access-list outside-in extended permit tcp any host 216.33.198.41 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.42 eq 3389
    access-list outside-in extended permit tcp any host 216.33.198.42 eq www
    access-list outside-in extended permit tcp any host 216.33.198.42 eq https
    access-list outside-in extended permit tcp any host 216.33.198.42 eq ftp
    access-list outside-in extended permit tcp any host 216.33.198.42 eq ftp-data
    access-list outside-in extended permit tcp any host 216.33.198.42 eq 8080
    access-list outside-in extended permit tcp any host 216.33.198.28
    access-list inside-out extended permit tcp any host 216.33.198.17 eq rtsp
    access-list inside-out extended permit udp any host 216.33.198.17 eq 5004
    access-list inside-out extended permit udp any host 216.33.198.17 eq 5005
    access-list inside-out extended permit tcp any host 216.33.198.17 eq 1755
    access-list inside-out extended permit udp any host 216.33.198.17 eq 1755
    access-list rtsp-acl extended deny tcp any host 216.33.198.17 eq rtsp
    access-list rtsp-acl extended permit tcp any any eq rtsp
    access-list inside_nat0_outbound extended permit ip 10.203.204.0 255.255.255.0 10.203.204.0 255.255.255.192
    access-list inside_nat0_outbound extended permit ip any 10.203.204.48 255.255.255.240
    access-list inside_nat0_outbound extended permit ip any 10.203.204.0 255.255.255.192
    access-list inside_nat0_outbound extended permit ip host 10.203.204.19 10.203.204.32 255.255.255.224
    access-list inside_nat0_outbound extended permit ip 10.203.204.0 255.255.255.0 192.168.250.0 255.255.255.0
    access-list inside_nat0_outbound extended permit ip 10.203.204.0 255.255.255.0 192.168.252.0 255.255.255.0
    access-list inside_nat0_outbound extended permit ip any 10.203.204.144 255.255.255.240
    access-list inside_nat0_outbound extended permit ip host 216.33.198.33 165.89.0.0 255.255.0.0
    access-list inside_nat0_outbound extended permit ip host 216.33.198.19 165.89.0.0 255.255.0.0
    access-list inside_nat0_outbound extended permit ip host 216.33.198.17 165.89.0.0 255.255.0.0
    access-list inside_nat0_outbound extended permit ip host 216.33.198.24 165.89.0.0 255.255.0.0
    access-list inside_nat0_outbound extended permit ip host 216.33.198.20 any inactive
    access-list inside_nat0_outbound extended permit ip 216.33.198.0 255.255.255.0 165.89.0.0 255.255.0.0
    access-list inside_nat0_outbound extended permit ip any 10.203.204.48 255.255.255.248
    access-list inside_nat0_outbound extended permit ip any 216.33.198.56 255.255.255.248
    access-list dc2vpn_splitTunnelAcl standard permit 10.203.204.0 255.255.255.0
    access-list dc2vpn_splitTunnelAcl standard permit 192.168.250.0 255.255.255.0
    access-list dc2vpn_splitTunnelAcl standard permit 192.168.252.0 255.255.255.0
    access-list dc2vpn_splitTunnelAcl standard permit any
    access-list outside_map standard permit any
    access-list Split_Tunnel_List standard permit 10.203.204.0 255.255.255.0
    access-list test_splitTunnelAcl standard permit any
    access-list outside_access_out extended permit tcp any host 12.71.134.75 inactive
    access-list outside_in extended permit tcp host 12.71.134.75 any eq smtp
    access-list outside_nat0_inbound extended permit ip host 216.33.198.21 host 165.89.130.31
    access-list outside_nat0_inbound extended permit ip host 216.33.198.21 host 165.89.18.102
    access-list outside_nat0_inbound extended permit ip host 216.33.198.21 host 165.89.18.103
    access-list outside_nat0_inbound extended permit ip host 216.33.198.21 host 165.89.18.104
    access-list outside_nat0_inbound extended permit ip 216.33.198.0 255.255.255.0 165.89.0.0 255.255.0.0
    access-list outside_cryptomap_80 extended permit ip 10.203.204.0 255.255.255.0 192.168.250.0 255.255.255.0
    access-list outside_cryptomap_60 extended deny ip host 216.33.198.33 165.89.0.0 255.255.0.0
    access-list outside_cryptomap_60 extended deny ip host 216.33.198.19 165.89.0.0 255.255.0.0
    access-list outside_cryptomap_60 extended deny ip host 216.33.198.17 165.89.0.0 255.255.0.0
    access-list outside_cryptomap_60 extended deny ip host 216.33.198.24 165.89.0.0 255.255.0.0
    access-list outside_cryptomap_60 extended permit ip 216.33.198.0 255.255.255.0 165.89.0.0 255.255.0.0
    access-list outside_cryptomap_100 extended permit ip 10.203.204.0 255.255.255.0 192.168.252.0 255.255.255.0
    access-list dc2vpntest_splitTunnelAcl standard permit 10.203.204.0 255.255.255.0
    pager lines 24
    logging enable
    logging asdm informational
    logging ftp-bufferwrap
    logging ftp-server 10.203.204.10 logs asa ****
    mtu outside 1500
    mtu inside 1500
    mtu insidesan 1500
    mtu management 1500
    ip local pool vpnpool 10.203.204.60-10.203.204.65 mask 255.255.255.0
    failover
    failover lan unit secondary
    failover lan interface failover GigabitEthernet0/3
    failover polltime unit msec 999 holdtime 3
    failover polltime interface 5
    failover link failover GigabitEthernet0/3
    failover interface ip failover 172.16.100.1 255.255.255.252 standby 172.16.100.2
    monitor-interface outside
    monitor-interface inside
    monitor-interface insidesan
    no monitor-interface management
    icmp permit 65.123.204.0 255.255.254.0 outside
    asdm image disk0:/asdm-508.bin
    no asdm history enable
    arp timeout 14400
    nat-control
    nat (outside) 0 access-list outside_nat0_inbound outside
    nat (inside) 0 access-list inside_nat0_outbound
    static (inside,outside) 216.33.198.10 10.203.204.10 netmask 255.255.255.255
    static (inside,outside) 216.33.198.11 10.203.204.11 netmask 255.255.255.255
    static (inside,outside) 216.33.198.12 10.203.204.12 netmask 255.255.255.255
    static (inside,outside) 216.33.198.13 10.203.204.13 netmask 255.255.255.255
    static (inside,outside) 216.33.198.14 10.203.204.14 netmask 255.255.255.255
    static (inside,outside) 216.33.198.15 10.203.204.15 netmask 255.255.255.255
    static (inside,outside) 216.33.198.16 10.203.204.16 netmask 255.255.255.255
    static (inside,outside) 216.33.198.17 10.203.204.17 netmask 255.255.255.255
    static (inside,outside) 216.33.198.18 10.203.204.18 netmask 255.255.255.255
    static (inside,outside) 216.33.198.19 10.203.204.19 netmask 255.255.255.255
    static (inside,outside) 216.33.198.20 10.203.204.20 netmask 255.255.255.255
    static (inside,outside) 216.33.198.21 10.203.204.21 netmask 255.255.255.255
    static (inside,outside) 216.33.198.22 10.203.204.22 netmask 255.255.255.255
    static (inside,outside) 216.33.198.23 10.203.204.23 netmask 255.255.255.255
    static (inside,outside) 216.33.198.24 10.203.204.24 netmask 255.255.255.255
    static (inside,outside) 216.33.198.25 10.203.204.25 netmask 255.255.255.255
    static (inside,outside) 216.33.198.26 10.203.204.26 netmask 255.255.255.255
    static (inside,outside) 216.33.198.27 10.203.204.27 netmask 255.255.255.255
    static (inside,outside) 216.33.198.28 10.203.204.28 netmask 255.255.255.255
    static (inside,outside) 216.33.198.29 10.203.204.29 netmask 255.255.255.255
    static (inside,outside) 216.33.198.30 10.203.204.30 netmask 255.255.255.255
    static (inside,outside) 216.33.198.31 10.203.204.31 netmask 255.255.255.255
    static (inside,outside) 216.33.198.32 10.203.204.32 netmask 255.255.255.255
    static (inside,outside) 216.33.198.33 10.203.204.33 netmask 255.255.255.255
    static (inside,outside) 216.33.198.34 10.203.204.34 netmask 255.255.255.255
    static (inside,outside) 216.33.198.35 10.203.204.35 netmask 255.255.255.255
    static (inside,outside) 216.33.198.36 10.203.204.36 netmask 255.255.255.255
    static (inside,outside) 216.33.198.37 10.203.204.37 netmask 255.255.255.255
    static (inside,outside) 216.33.198.38 10.203.204.38 netmask 255.255.255.255
    static (inside,outside) 216.33.198.39 10.203.204.39 netmask 255.255.255.255
    static (inside,outside) 216.33.198.40 10.203.204.40 netmask 255.255.255.255
    static (inside,outside) 216.33.198.41 10.203.204.41 netmask 255.255.255.255
    static (inside,outside) 216.33.198.42 10.203.204.42 netmask 255.255.255.255
    static (inside,outside) 216.33.198.43 10.203.204.43 netmask 255.255.255.255
    static (inside,outside) 216.33.198.44 10.203.204.44 netmask 255.255.255.255
    static (inside,outside) 216.33.198.45 10.203.204.45 netmask 255.255.255.255
    static (inside,outside) 216.33.198.46 10.203.204.46 netmask 255.255.255.255
    static (inside,outside) 216.33.198.47 10.203.204.47 netmask 255.255.255.255
    static (inside,outside) 216.33.198.48 10.203.204.48 netmask 255.255.255.255
    static (inside,outside) 216.33.198.49 10.203.204.49 netmask 255.255.255.255
    static (inside,outside) 216.33.198.50 10.203.204.50 netmask 255.255.255.255
    static (inside,outside) 216.33.198.51 10.203.204.51 netmask 255.255.255.255
    static (inside,outside) 216.33.198.52 10.203.204.52 netmask 255.255.255.255
    static (inside,outside) 216.33.198.53 10.203.204.53 netmask 255.255.255.255
    static (inside,outside) 216.33.198.54 10.203.204.54 netmask 255.255.255.255
    static (inside,outside) 216.33.198.55 10.203.204.55 netmask 255.255.255.255
    static (inside,outside) 216.33.198.56 10.203.204.56 netmask 255.255.255.255
    static (inside,outside) 216.33.198.57 10.203.204.57 netmask 255.255.255.255
    static (inside,outside) 216.33.198.58 10.203.204.58 netmask 255.255.255.255
    static (inside,outside) 216.33.198.59 10.203.204.59 netmask 255.255.255.255
    static (inside,outside) 216.33.198.60 10.203.204.60 netmask 255.255.255.255
    static (inside,outside) 216.33.198.61 10.203.204.61 netmask 255.255.255.255
    static (inside,outside) 216.33.198.62 10.203.204.62 netmask 255.255.255.255
    static (inside,outside) 216.33.198.63 10.203.204.63 netmask 255.255.255.255
    static (inside,outside) 216.33.198.64 10.203.204.64 netmask 255.255.255.255
    static (inside,outside) 216.33.198.65 10.203.204.65 netmask 255.255.255.255
    static (inside,outside) 216.33.198.66 10.203.204.66 netmask 255.255.255.255
    static (inside,outside) 216.33.198.67 10.203.204.67 netmask 255.255.255.255
    static (inside,outside) 216.33.198.68 10.203.204.68 netmask 255.255.255.255
    static (inside,outside) 216.33.198.69 10.203.204.69 netmask 255.255.255.255
    static (inside,outside) 216.33.198.70 10.203.204.70 netmask 255.255.255.255
    static (inside,outside) 216.33.198.71 10.203.204.71 netmask 255.255.255.255
    static (inside,outside) 216.33.198.100 10.203.204.100 netmask 255.255.255.255
    static (inside,outside) 216.33.198.101 10.203.204.101 netmask 255.255.255.255
    static (inside,outside) 216.33.198.102 10.203.204.102 netmask 255.255.255.255
    static (inside,outside) 216.33.198.103 10.203.204.103 netmask 255.255.255.255
    static (inside,outside) 216.33.198.104 10.203.204.104 netmask 255.255.255.255
    static (inside,outside) 216.33.198.105 10.203.204.105 netmask 255.255.255.255
    static (inside,outside) 216.33.198.106 10.203.204.106 netmask 255.255.255.255
    static (inside,outside) 216.33.198.107 10.203.204.107 netmask 255.255.255.255
    static (inside,outside) 216.33.198.108 10.203.204.108 netmask 255.255.255.255
    static (inside,outside) 216.33.198.109 10.203.204.109 netmask 255.255.255.255
    static (inside,outside) 216.33.198.110 10.203.204.110 netmask 255.255.255.255
    static (inside,outside) 216.33.198.111 10.203.204.111 netmask 255.255.255.255
    static (inside,outside) 216.33.198.112 10.203.204.112 netmask 255.255.255.255
    static (inside,outside) 216.33.198.113 10.203.204.113 netmask 255.255.255.255
    static (inside,outside) 216.33.198.114 10.203.204.114 netmask 255.255.255.255
    static (inside,outside) 216.33.198.115 10.203.204.115 netmask 255.255.255.255
    static (inside,outside) 216.33.198.116 10.203.204.116 netmask 255.255.255.255
    static (inside,outside) 216.33.198.117 10.203.204.117 netmask 255.255.255.255
    static (inside,outside) 216.33.198.118 10.203.204.118 netmask 255.255.255.255
    static (inside,outside) 216.33.198.119 10.203.204.119 netmask 255.255.255.255
    static (inside,outside) 216.33.198.120 10.203.204.120 netmask 255.255.255.255
    static (inside,outside) 216.33.198.121 10.203.204.121 netmask 255.255.255.255
    static (inside,outside) 216.33.198.122 10.203.204.122 netmask 255.255.255.255
    static (inside,outside) 216.33.198.123 10.203.204.123 netmask 255.255.255.255
    static (inside,outside) 216.33.198.124 10.203.204.124 netmask 255.255.255.255
    static (inside,outside) 216.33.198.125 10.203.204.125 netmask 255.255.255.255
    static (inside,outside) 216.33.198.126 10.203.204.126 netmask 255.255.255.255
    static (inside,outside) 216.33.198.127 10.203.204.127 netmask 255.255.255.255
    static (inside,outside) 216.33.198.128 10.203.204.128 netmask 255.255.255.255
    static (inside,outside) 216.33.198.129 10.203.204.129 netmask 255.255.255.255
    static (inside,outside) 216.33.198.130 10.203.204.130 netmask 255.255.255.255
    static (inside,outside) 216.33.198.131 10.203.204.131 netmask 255.255.255.255
    static (inside,outside) 216.33.198.132 10.203.204.132 netmask 255.255.255.255
    static (inside,outside) 216.33.198.133 10.203.204.133 netmask 255.255.255.255
    static (inside,outside) 216.33.198.134 10.203.204.134 netmask 255.255.255.255
    static (inside,outside) 216.33.198.135 10.203.204.135 netmask 255.255.255.255
    static (inside,outside) 216.33.198.136 10.203.204.136 netmask 255.255.255.255
    static (inside,outside) 216.33.198.137 10.203.204.137 netmask 255.255.255.255
    static (inside,outside) 216.33.198.138 10.203.204.138 netmask 255.255.255.255
    static (inside,outside) 216.33.198.139 10.203.204.139 netmask 255.255.255.255
    static (inside,outside) 216.33.198.140 10.203.204.140 netmask 255.255.255.255
    static (inside,outside) 216.33.198.141 10.203.204.141 netmask 255.255.255.255
    static (inside,outside) 216.33.198.142 10.203.204.142 netmask 255.255.255.255
    static (inside,outside) 216.33.198.143 10.203.204.143 netmask 255.255.255.255
    static (inside,outside) 216.33.198.144 10.203.204.144 netmask 255.255.255.255
    static (inside,outside) 216.33.198.145 10.203.204.145 netmask 255.255.255.255
    static (inside,outside) 216.33.198.146 10.203.204.146 netmask 255.255.255.255
    static (inside,outside) 216.33.198.147 10.203.204.147 netmask 255.255.255.255
    static (inside,outside) 216.33.198.148 10.203.204.148 netmask 255.255.255.255
    static (inside,outside) 216.33.198.149 10.203.204.149 netmask 255.255.255.255
    static (inside,outside) 216.33.198.150 10.203.204.150 netmask 255.255.255.255
    static (inside,outside) 216.33.198.151 10.203.204.151 netmask 255.255.255.255
    static (inside,outside) 216.33.198.152 10.203.204.152 netmask 255.255.255.255
    static (inside,outside) 216.33.198.153 10.203.204.153 netmask 255.255.255.255
    static (inside,outside) 216.33.198.154 10.203.204.154 netmask 255.255.255.255
    static (inside,outside) 216.33.198.155 10.203.204.155 netmask 255.255.255.255
    static (inside,outside) 216.33.198.156 10.203.204.156 netmask 255.255.255.255
    static (inside,outside) 216.33.198.157 10.203.204.157 netmask 255.255.255.255
    static (inside,outside) 216.33.198.158 10.203.204.158 netmask 255.255.255.255
    static (inside,outside) 216.33.198.159 10.203.204.159 netmask 255.255.255.255
    static (inside,outside) 216.33.198.160 10.203.204.160 netmask 255.255.255.255
    static (inside,outside) 216.33.198.161 10.203.204.161 netmask 255.255.255.255
    static (inside,outside) 216.33.198.162 10.203.204.162 netmask 255.255.255.255
    static (inside,outside) 216.33.198.163 10.203.204.163 netmask 255.255.255.255
    static (inside,outside) 216.33.198.164 10.203.204.164 netmask 255.255.255.255
    static (inside,outside) 216.33.198.165 10.203.204.165 netmask 255.255.255.255
    static (inside,outside) 216.33.198.166 10.203.204.166 netmask 255.255.255.255
    static (inside,outside) 216.33.198.167 10.203.204.167 netmask 255.255.255.255
    static (inside,outside) 216.33.198.168 10.203.204.168 netmask 255.255.255.255
    static (inside,outside) 216.33.198.169 10.203.204.169 netmask 255.255.255.255
    static (inside,outside) 216.33.198.170 10.203.204.170 netmask 255.255.255.255
    static (inside,outside) 216.33.198.171 10.203.204.171 netmask 255.255.255.255
    static (inside,outside) 216.33.198.172 10.203.204.172 netmask 255.255.255.255
    static (inside,outside) 216.33.198.173 10.203.204.173 netmask 255.255.255.255
    static (inside,outside) 216.33.198.174 10.203.204.174 netmask 255.255.255.255
    static (inside,outside) 216.33.198.175 10.203.204.175 netmask 255.255.255.255
    static (inside,outside) 216.33.198.176 10.203.204.176 netmask 255.255.255.255
    static (inside,outside) 216.33.198.177 10.203.204.177 netmask 255.255.255.255
    static (inside,outside) 216.33.198.178 10.203.204.178 netmask 255.255.255.255
    static (inside,outside) 216.33.198.179 10.203.204.179 netmask 255.255.255.255
    static (inside,outside) 216.33.198.180 10.203.204.180 netmask 255.255.255.255
    static (inside,outside) 216.33.198.181 10.203.204.181 netmask 255.255.255.255
    static (inside,outside) 216.33.198.182 10.203.204.182 netmask 255.255.255.255
    static (inside,outside) 216.33.198.183 10.203.204.183 netmask 255.255.255.255
    static (inside,outside) 216.33.198.184 10.203.204.184 netmask 255.255.255.255
    static (inside,outside) 216.33.198.185 10.203.204.185 netmask 255.255.255.255
    static (inside,outside) 216.33.198.186 10.203.204.186 netmask 255.255.255.255
    static (inside,outside) 216.33.198.187 10.203.204.187 netmask 255.255.255.255
    static (inside,outside) 216.33.198.188 10.203.204.188 netmask 255.255.255.255
    static (inside,outside) 216.33.198.189 10.203.204.189 netmask 255.255.255.255
    static (inside,outside) 216.33.198.190 10.203.204.190 netmask 255.255.255.255
    static (inside,outside) 216.33.198.191 10.203.204.191 netmask 255.255.255.255
    static (inside,outside) 216.33.198.192 10.203.204.192 netmask 255.255.255.255
    static (inside,outside) 216.33.198.193 10.203.204.193 netmask 255.255.255.255
    static (inside,outside) 216.33.198.194 10.203.204.194 netmask 255.255.255.255
    static (inside,outside) 216.33.198.195 10.203.204.195 netmask 255.255.255.255
    static (inside,outside) 216.33.198.196 10.203.204.196 netmask 255.255.255.255
    static (inside,outside) 216.33.198.197 10.203.204.197 netmask 255.255.255.255
    static (inside,outside) 216.33.198.198 10.203.204.198 netmask 255.255.255.255
    static (inside,outside) 216.33.198.199 10.203.204.199 netmask 255.255.255.255
    static (inside,outside) 216.33.198.200 10.203.204.200 netmask 255.255.255.255
    access-group outside-in in interface outside
    route outside 0.0.0.0 0.0.0.0 216.33.198.1 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
    timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
    timeout uauth 0:05:00 absolute
    group-policy test internal
    group-policy test attributes
     dns-server value 10.203.204.14 10.203.204.15
     split-tunnel-policy tunnelspecified
     split-tunnel-network-list value test_splitTunnelAcl
     default-domain value yorkmedia.local
     webvpn
    group-policy tunneltest internal
    group-policy tunneltest attributes
     dns-server value 10.203.204.14 4.2.2.2
     default-domain value yorkmedia.local
     webvpn
    group-policy testpol internal
    group-policy testpol attributes
     vpn-tunnel-protocol IPSec
     split-tunnel-policy tunnelall
     split-tunnel-network-list value dc2vpn_splitTunnelAcl
     webvpn
    group-policy aes internal
    group-policy aes attributes
     dns-server value 10.203.204.14 10.203.204.15
     vpn-tunnel-protocol IPSec
     group-lock value aestest
     webvpn
    group-policy grouptest internal
    group-policy grouptest attributes
     dns-server value 10.203.204.14 4.2.2.2
     default-domain value yorkmedia.local
     webvpn
    group-policy dc2vpntest internal
    group-policy dc2vpntest attributes
     split-tunnel-policy tunnelspecified
     split-tunnel-network-list value dc2vpntest_splitTunnelAcl
     webvpn
    group-policy dc2vpn internal
    group-policy dc2vpn attributes
     dns-server value 10.203.204.14 10.203.204.15
     vpn-tunnel-protocol IPSec
     split-tunnel-policy tunnelspecified
     split-tunnel-network-list value dc2vpn_splitTunnelAcl
     webvpn
    group-policy BMSTV internal
    group-policy BMSTV attributes
     wins-server none
     dns-server none
     dhcp-network-scope none
     vpn-access-hours none
     vpn-simultaneous-logins 3
     vpn-idle-timeout none
     vpn-session-timeout none
     vpn-filter none
     vpn-tunnel-protocol IPSec
     password-storage disable
     ip-comp disable
     re-xauth disable
     group-lock none
     pfs disable
     ipsec-udp disable
     ipsec-udp-port 10000
     split-tunnel-policy tunnelall
     split-tunnel-network-list none
     default-domain none
     split-dns none
     secure-unit-authentication disable
     user-authentication disable
     user-authentication-idle-timeout none
     ip-phone-bypass disable
     leap-bypass disable
     nem disable
     backup-servers keep-client-config
     client-firewall none
     client-access-rule none
     webvpn
    username mmaxey password zSSKHLc.gx8szpy2 encrypted privilege 15
    username mmaxey attributes
     vpn-group-policy dc2vpn
     webvpn
    username jjohnstone password qElIg/rYW4OoTIEP encrypted privilege 15
    username jjohnstone attributes
     vpn-group-policy dc2vpntest
     webvpn
    username sragona password ZgCBom/StrITlFdU encrypted
    username sragona attributes
     vpn-group-policy dc2vpn
     webvpn
    username admin password 5zvQXQPrcnyHyGKm encrypted
    username seng password PP8UcINDKi7BSsj2 encrypted
    username seng attributes
     vpn-group-policy dc2vpn
     webvpn
    username chauser password I3OIxCe8FBONQlhK encrypted
    username chauser attributes
     vpn-group-policy dc2vpn
     webvpn
    aaa authentication ssh console LOCAL
    aaa authentication telnet console LOCAL
    http server enable
    http 65.123.204.0 255.255.254.0 outside
    http 0.0.0.0 0.0.0.0 outside
    http 10.203.204.0 255.255.254.0 inside
    http 192.168.1.0 255.255.255.0 management
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
    crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
    crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000
    crypto dynamic-map outside_dyn_map 20 set pfs group7
    crypto dynamic-map outside_dyn_map 20 set transform-set ESP-AES-256-SHA
    crypto dynamic-map outside_dyn_map 20 set security-association lifetime seconds 28800
    crypto dynamic-map outside_dyn_map 20 set security-association lifetime kilobytes 4608000
    crypto map outside_map 60 match address outside_cryptomap_60
    crypto map outside_map 60 set peer 165.89.240.1
    crypto map outside_map 60 set transform-set ESP-3DES-SHA
    crypto map outside_map 60 set security-association lifetime seconds 28800
    crypto map outside_map 60 set security-association lifetime kilobytes 4608000
    crypto map outside_map 80 match address outside_cryptomap_80
    crypto map outside_map 80 set pfs
    crypto map outside_map 80 set peer 64.19.183.67
    crypto map outside_map 80 set transform-set ESP-3DES-SHA
    crypto map outside_map 80 set security-association lifetime seconds 28800
    crypto map outside_map 80 set security-association lifetime kilobytes 4608000
    crypto map outside_map 100 match address outside_cryptomap_100
    crypto map outside_map 100 set pfs
    crypto map outside_map 100 set peer 64.241.196.50
    crypto map outside_map 100 set transform-set ESP-3DES-SHA
    crypto map outside_map 100 set security-association lifetime seconds 28800
    crypto map outside_map 100 set security-association lifetime kilobytes 4608000
    crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
    crypto map outside_map interface outside
    isakmp enable outside
    isakmp policy 10 authentication pre-share
    isakmp policy 10 encryption 3des
    isakmp policy 10 hash sha
    isakmp policy 10 group 2
    isakmp policy 10 lifetime 86400
    isakmp policy 30 authentication pre-share
    isakmp policy 30 encryption aes-256
    isakmp policy 30 hash sha
    isakmp policy 30 group 5
    isakmp policy 30 lifetime 86400
    isakmp policy 50 authentication pre-share
    isakmp policy 50 encryption aes-256
    isakmp policy 50 hash sha
    isakmp policy 50 group 7
    isakmp policy 50 lifetime 86400
    isakmp nat-traversal  20
    isakmp ipsec-over-tcp port 10000
    tunnel-group DefaultRAGroup ipsec-attributes
     pre-shared-key *
    tunnel-group dc2vpn type ipsec-ra
    tunnel-group dc2vpn general-attributes
     address-pool vpnpool
     default-group-policy dc2vpn
    tunnel-group dc2vpn ipsec-attributes
     pre-shared-key *
    tunnel-group test type ipsec-ra
    tunnel-group test general-attributes
     default-group-policy test
    tunnel-group test ipsec-attributes
     pre-shared-key *
    tunnel-group 165.89.240.1 type ipsec-l2l
    tunnel-group 165.89.240.1 general-attributes
     default-group-policy BMSTV
    tunnel-group 165.89.240.1 ipsec-attributes
     pre-shared-key *
     isakmp keepalive threshold 3600 retry 2
    tunnel-group 64.19.183.67 type ipsec-l2l
    tunnel-group 64.19.183.67 ipsec-attributes
     pre-shared-key *
    tunnel-group 64.241.196.50 type ipsec-l2l
    tunnel-group 64.241.196.50 ipsec-attributes
     pre-shared-key *
     isakmp keepalive disable
    tunnel-group dc2vpntest type ipsec-ra
    tunnel-group dc2vpntest general-attributes
     default-group-policy dc2vpntest
    tunnel-group dc2vpntest ipsec-attributes
     pre-shared-key *
    tunnel-group aestest type ipsec-ra
    tunnel-group aestest general-attributes
     address-pool vpnpool
     default-group-policy aes
    tunnel-group aestest ipsec-attributes
     pre-shared-key *
    tunnel-group TunnelGroup1 type ipsec-ra
    tunnel-group TunnelGroup1 general-attributes
     address-pool vpnpool
    telnet 10.203.204.10 255.255.255.255 inside
    telnet timeout 5
    ssh 65.123.204.0 255.255.254.0 outside
    ssh 10.203.204.0 255.255.254.0 inside
    ssh timeout 5
    console timeout 0
    dhcpd address 192.168.1.2-192.168.1.254 management
    dhcpd lease 3600
    dhcpd ping_timeout 50
    class-map rtsp-traffic
     match access-list rtsp-acl
    class-map inspection_default
     match default-inspection-traffic
    policy-map global_policy
     class inspection_default
      inspect dns maximum-length 512
      inspect ftp
      inspect h323 h225
      inspect h323 ras
      inspect rsh
      inspect esmtp
      inspect sqlnet
      inspect skinny
      inspect sunrpc
      inspect xdmcp
      inspect sip
      inspect netbios
      inspect tftp
      inspect icmp
     class rtsp-traffic
      inspect rtsp
    service-policy global_policy global
    tftp-server inside 10.203.204.10 dc2asa01/config
    Cryptochecksum:6d74d3994ea6764893c420f477568aac
    : end

    You have three site-site VPNs and a remote access VPN setup. so the statement "Suddenly no one can access the remote LAN over VPN. " is a bit ambiguous in that context.
    From which source to what destination is not working for you?

  • Is there a problem with itunes (11.1 latest version) on a windows 7 non-administrator (standard) account?

    When I tried to update my dad's iphone 5 to iOS 7 on a windows 7 standard account an unknown error was encountered and he lost everything! It also doesn't recognise my mum's iphone 4s (already updated to iOS 7), it gets an error, but her phone works fine on my administrator account. Do non-administrator restrictions cause problems? Any support would be really valued. Thanks.

    I think there is a problem. I dont get the noises on each song even though that happened to me on a previous update but rather than being a sporadic click it was a very loud hiss over every single track...
    The latest problem with my copy is that the songs are only playing out of one speaker and its not even the centre speakers, its the left speaker.
    The last time itunes didnt work properly it took apple around a week or so to correct so im not worried at the moment but i have to use windows media player in the mean time which I dont like to use.
    HP   Windows XP  

  • Write errors when using non-administrator shared accounts

    Dear all,
    we're experiencing an apparently weird issue with our Xserve machines. The entire setup comprises of 4 Xserve, all of them running Lion Server, connected together and to the network of our institution through an Ethernet switch.
    I've set up an OpenDirectory master on one of these servers and created several shared user accounts for the various people working here (the /Users folder is hosted on that machine and shared across the other three). Users can access any of these machines via VNC.
    A few days ago a guy reported to me that he was getting random write errors when attempting to perform basic operations on his shared user folder (e.g., unzipping a file or running a software which write data on the disk). I had a look into it and found that the guy was right. When attempting to extract a zip archive (which, I'm absolutely confident, is a non-corrupted .zip file) from the Terminal - using his account - a few errors came out, like:
    error:  cannot create pybrain-pybrain-87c7ac3/pybrain/auxiliary/importancemixing.py
    error:  cannot create pybrain-pybrain-87c7ac3/pybrain/rl/learners/meta/meta.py
    Every single time I run the unzip command the errors are related to different files.
    Weirdly enough, the problem arises only when the user works on one of the three machines that don't host the shared /Users directory. Furthermore, it only applies to non-administrator accounts (if I try to perform the same operation using my admin account everything works smoothly, no matter on which machine I'm working). Promoting that guy to administrator (Server->Users->right click on the username->Edit User->Allow user to administer this server) made the problem disappear. Even more weird, after I removed the flag on "Allow user to administer this server" for that user, he is not experiencing the issue anymore.
    What the heck is going on?
    Cheers,
    Fabio

    1.  You can delete the Test1 and Test2 accounts if you log into your Administrator Account. Once in your Admin Account, open System  Preferences > Users & Groups and you will see and be able to delete the Test1 & Test2 accounts.
    2.  Leave your Guest account for, well, guest users.  Do not use it in the normal course of events.  When you log out of the Guest account, all the settings, caches, etc. are wiped, as are all files and folders that you may have saved in the Guest account home folder.  The Guest account is truly designed only for temporary, guest use.
    3.  Leave your Administrator account for use only for installing programs, doing system administration, managing accounts, etc.
    4.  User your named account as your regular account.  It appears to already be a User account.  The primary limitation is you cannot install programs in a regular User account.  This actually helps protect your Mac from viruses and other malware that would need to install software in order to corrupt your system.
    5.  You can turn off the need to enter a password when your computer sleeps in System Preferences > Security & Privacy > General.  UNcheck the option called "Require password for sleep and screen saver."

  • Using non-administrator user to start/stop services

    We have Crystal Report Server (BOE XI) running on Windows platform.
    Our customer's policy dictates that operator ID are to be use to manage starting/stopping of Crytal Report Server. The operator ID has no administrator rights and it has no access to the Microsoft Management Console.
    Would it be possible to use non-administrator ID to start/stop Crystal Report Server services? Appreciate if anyone could share on the configuration.
    Thank you.

    salafrance wrote:A simple way would be to write a small C program to run systemctl setuid root.
    So perhaps like this?
    #include <stdlib.h>
    #include <unistd.h>
    int main(void)
    execl("/usr/bin/systemctl", "systemctl", "start", "calibre", NULL);
    return(EXIT_SUCCESS);
    compiled it, then "chown root:root test", "chmod u+s test" and it worked.
    But is this safe? I have absolutely no knowledge about potential security issues...
    I also have thought about periodically restarting calibre, but on the Raspberry Pi, with it's slow ARM, the start takes ages and the processor is completely busy with that task for some minutes.
    And that's the reason why I also want to avoid starting an entire second systemd session... Or is this not that resource intensive?

  • Can't install add-in for non-administrator

    Hello all,
    I'm having trouble getting the Adobe Connect add-in installed under a non-administrator user's account. I found a successful method of installing it in this thread, but that method is no longer working for me. As the forum in question is currently down, I'll paste the post below:
    I know this is an old thread, but we recently had this issue. Our users do not have the ability to install software, and using admin credentials at the UAC prompt installed it in the admin's profile, instead of the user's.
    Here's how we solved it and made it per computer on Vista SP2. All without turning UAC off.
    1) Log in as an admin and install the Connect Add-In.
    2) Browse to the plug-in directory; directory should contain 1 .exe and 1 .s. **Note, there is a space in ...\Flash Player\...**
    C:\users\%your_admin_account%\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\connectaddin6x5\
    3) Run the connectaddin6x5.exe file, which will create 2 .dll files. It will also launch a window, which is okay to close after the 2 .dll files have been created.
    4) Copy "\www.macromedia.com\bin\connectaddin6x5\*.*&quot; to a central location for easier access.
    5) Copy "\www.macromedia.com\bin\connectaddin6x5\*.*&quot; to c:\users\default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\connectaddin6x5\*.*
    **When any new user to the system logs in and their profile is generated, this will include the Connect Add-In plugin
    6) For users who already have a profile, we created a simple .bat script to xcopy the directory structure and files created in Step 4 to "C:\Users\%UserProfile%\AppData\Roaming\Macromedia\Flash Player\"
    7) Have the user run the script once and the plug in will be installed for the user.
    8) Log in to/Refresh the meeting.
    I hope this helps. If there's a better way to do this without disabling UAC, I'm interested. Or maybe an MSI to push with GPO. Or even a Setup.exe that can be run with User privileges. But with 10-15 users per computer and 100+ computers, this was our best solution.
    Evan Franklin
    Field Service Engineer, SAIC
    The computer that I used this method on had the add-in working fine until a few days ago, when the add-in stopped being recognized. Repeating the process yielded no results. When installed as an administrator it works fine, and launching the browser under administrator credentials allows the add-in to run, but this is not an acceptable solution for the long-term.
    Any help would be much appreciated.

    Having the same problem has anyone come up with a fix yet?
    Since the connect 9 update to our hosted account we can no longer use in the connect add-in for meetings. we lose all the screen sharing option that we once had working fine.

  • Limit Administrator Access to only OS Level functions on a Windows 2003 (and up) Domain Controller Server

    <p>I have read several articles such as:</p><p>1.&nbsp; <a href="http://social.technet.microsoft.com/Forums/windowsserver/en-US/9c723f4a-51a7-4844-9dc6-0017355d694c/limited-administrative-on-domain-controller?forum=winserverDS">http://social.technet.microsoft.com/Forums/windowsserver/en-US/9c723f4a-51a7-4844-9dc6-0017355d694c/limited-administrative-on-domain-controller?forum=winserverDS</a></p><p>2.&nbsp;
    Active_Directory_Delegation.doc</p><p>Consider that a domain controller, doing no other functions than domain based functions (ie no file server, printer or app server) - is managed in two parts:&nbsp; The OS-only level, to read log files,
    server health monitoring, install OS-level Micrsoft security patching and the second part being Domain management level - Users and Computers, Domains and Trusts, etc).</p><p>For a given domain controller server, an outsourced support&nbsp;group&nbsp;needs
    to be responsible for the OS-only level access - they need no access to the Domain management level functions so they can fufill contractual obligations (SLAs) for server uptime, patching etc.&nbsp; </p><p>For the same given domain controller
    server above, there is an internal (non-outsourced) support group that will perform all Domain management level functions only.&nbsp; They want to manage the Domain on the Domain Controller servers, want the Outsourcer to manage the VM and OS-related tasks,
    but DO NOT want them to be able to access and change information in Users and Computers, Domains and Trusts etc.&nbsp; </p><p>With that explaination, would putting the Outsourcer's AD-based account IDs in the Server Operators group alone be
    sufficient to allow OS-level management, like patching, reboots, etc but disallow access to Domain Management functionality (Users and Computers etc) - or does it need to be a combination of built in groups and delgated rights?</p><p>Please consider
    that I am seeking a technical solution here&nbsp;- do not respond with "either trust your Domain Administrators or keep your junior admins from the server" as that is not a viable solution.&nbsp; </p>
    Jason B. Allen

    Hi Jason,
    According to your description, you want to assign the OS-level management and Domain management rights to two groups separately, right?
    Based on my research, members of Server Operators group don’t have sufficient rights to install updates for Domain Controllers, you can refer to this article below:
    Default groups
    http://technet.microsoft.com/en-us/library/cc756898(v=WS.10).aspx
    You can configure Allow non-administrators to receive update notifications group policy so that non-administrative users will be able to install all optional, recommended, and important updates content for which
    they received a notification, except some updates which contain User Interface, End User License Agreement and so on, which still require domain admin credentials.
    To enable non-administrator users the ability of logging onto and shutting down DCs,
    Allow logon locally and Shut down the System rights should be granted.
    In addition, reading logs and monitoring server performance rights are included on Performance Log Users and Performance Monitor Users groups.
    More information for you:
    Step 5: Configure Group Policy Settings for Automatic Updates
    http://technet.microsoft.com/en-us/library/dn595129.aspx
    User Rights Assignment
    http://technet.microsoft.com/en-us/library/cc780182(v=WS.10).aspx
    I hope this helps.
    Amy Wang

  • Administrator access required to use a new printer?

    Hello.
    Does connecting a new printer connection require administrator access in Mac OS X (e.g., 10.5.8)? I gave a client an non-administrator account so he cannot change settings and stuff for security reasons.
    Thank you in advance.

    Kappy wrote:
    They can use a printer, but they cannot make changes to Print & Scan preferences nor install a new printer. That would require the admin user. Unless, of course, you've banned them from even using a printer.
    Yeah, but I don't want to ban the user from everything. Hmm, I wonder if it is possible to allow printers only.

  • Photoshop CS as a non-Administrator

    I recently installed Photoshop CS for a user. After installing, I ran the program without issue. When the user logged in and tried to run it the following error was displayed:
         "Current user account does not have privileges to perform product activiation. Run this application from a user account with administrative priveleges or contact your system administrator."
    We do not allow any users to run as administrators at the company I work for. We are willing to elevate permissions for users if a program references files that standard users do not typically have access to. We attempted giving full control to the Photoshop folder but that did not work. Has anyone run into this error and found where the permissions need to be changed?

    I am sorry I did not specify. The user is running Windows XP SP3.
    I disagree on this being a Windows issue because non-administrative software should not require being an administrator to work correctly. The program runs fine when I use my administrator account. There must be some files that Photoshop CS wants to access that non-administrators cannot. We have come across this in the past with other software and a solution (work around) has been to elevate user permissions to "Full Control" on the folders the software wants to access.
    I appreciate the reply though, thanks.

  • Can I run as a non-administrator?

    I run on a Windows XP user account that does not have administrator priveledges. The administrator installed ADE and I can run it. However, if I attempt to get a book from Adobe's web site, it wants me to install ADE. Of course, if I try to install it, that fails with a message indicating I need "administrator access". Is there any way I can run as a non-administrator user (so not being able to install a program), but still download books?

    Hi,
    All that one need to run application in NWDS is the SDM password to deploy the applications .
    who ever know the SDM password can simply install NWDS on thier PC , deploy and run applications.
    Regards,
    Satya.
    Edited by: Satya on Jul 17, 2009 12:24 PM

  • Allow a windows non-administrator user to run cmd.exe as administrator without sharing administrator password with the user

    I have standalone Windows 2003 and 2008 Oracle database servers (they are not in a Windows domain environment ). The Oracle DBAs can perform all their routine activities from command line with administrator privileges. For this i've to either share administrator
    user password with the Oracle DBAs or add their windows login user to Administrators group. If i can give the DBA user permission to run windows command prompt without sharing administrator password, i can give them non-administrator login access to Windows
    2003/2008 server. Normally when a non administrator user would try to run a program as administrator on Windows 2008, the user is prompted to input administrator username/password. Is it possible to give non-admin user access to run a program/application (cmd.exe
    in this case) on Windows 2003/2008 without sharing administrator credentials with them?

    With the OTORISER application I developed, normal users can run applications with admin privilege …  
    Otoriser is totally free ! Applications, mmc consoles, control panel cpl files can be run under admin and system context with Otoriser. Let’s say you donot want your users to be admin in their machines, but want them to run some applications with admin rights.
    If this is the case then you are on the right blog.
    There are two components for Otoriser. Management and client components. There are no complex implementation and no frustrating steps to be performed. Within 10 minutes you can start testing the results
    After you download the setup files, install client components in the client by running it directly (or any deployment method you have), it will take about 5 seconds to install it. Then, let’s say you want your user to change system properties of the machine.
    With the tool provided in Admin package produce the hash of system.cpl file and enter that hash into the group policy (details are provided in documentation). When policies are applied for that user then he or she can run that control panel applet under admin
    context but donot forget that the user is still an ordinary user.
    download link :
    http://burakuysaler.wordpress.com/2013/02/21/with-the-otoriser-application-that-i-developed-normal-users-can-run-applications-with-admin-priviledges

  • We have two users that have been using Creative Cloud for almost a year. Recently, sometime in the last 4ish weeks, the users can no longer run Creative Cloud apps. (Yes, our subscription is paid.) Error simply says administrator access is required

    We have two users that have been using Creative Cloud for almost a year. Recently, sometime in the last 4ish weeks, the users can no longer run Creative Cloud apps. (Yes, our subscription is paid.) Error simply says administrator access is required to install. The apps have already been installed. The users cannot run them unless they are in the local admin group.Using "Run as admin" does not work. It gives the same error.
    I have opened a case with adobe support and was basically told to suck it up and put the users in the admin group. Actually, what was said was that it is "mandated that the users have administrative rights". 
    There are a couple of things wrong with this. It was working for both users until recently - a recent required creative cloud update. The users have never been local admins yet the apps were working (poorly, but working).
    We are in an enterprise environment and users simply do not have administrative rights on the computers.
    I have changed permissions on all adobe folders, granting users or authenticated users modify or full control rights, did the same in whatever Adobe registry HKLM keys I could find. Nothing has allowed the users to run the apps - unless they are put in the local admin group.
    Someone has to have a fix for this. Adobe apps have proved to have far too many vunerabilities to even entertain the idea of elevating user rights. I can't imagine that enterprise environments are allowing this.
    Any help or suggestions are greatly appreciated.

    Jeff,
    Thank you for your response. The users in question are "standard" domain users. We do not reduce users permissions below the standard level.
    The apps do not load with their current standard user permissions.
    The thing that makes this odd, is that up until recently they did this issue with cloud apps. The only way I can make it work for them now is to put them in the local administrator group on their pc's - which is not going to happen.
    This is what they now see. As I said before, this was not a problem up until recently they would see all their available apps. If I put them in the local admin group the apps are listed without having to install. Everything is there, just not accessible to the user.

  • Access Time Capsule over the internet

    Hey guys! I have a problem. I cannot access my Time Capsule over the internet.
    I have a Time Capsule 2013 which connects to the internet using a PPPoE connection and which provides wireless connection to other peripherals in my house.
    The TC is running the latest firmware and I've added my iCloud account in AirPort Utility settings, in order to access the TC over the internet, via Back to My Mac.
    Whenever I'm away from home, I cannot access the TC.
    I see it in Finder's sidebar, but whenever I press the "Connect As.." button I get the following error:
    "There was a problem connecting to the server “Time Capsule”.
    The server may not exist or it is unavailable at this time. Check the server name or IP address, check your network connection, and then try again."
    I must add that I have a dynamic IP. Whenever the Time Capsule restarts, it gets a different IP.
    Am I missing something?
    Please help me. It's really important for me to be able to reach it when I'm away from home.

    So the modem is bridged and the TC is doing the PPPoE authentication.. and it gets a public IP on the WAN interface.
    The dynamic nature of the IP is not a problem with the BTMM and iCloud type system which should keep the intermediate connection in the cloud up to date.
    What about the connection at the other side.. are you getting a public IP.. are you behind a firewall or restricted access? Remember both sides of this have to work.
    See this thread.. you are not alone.. all is not sweetness and light unless you get a proper business account with static IP.
    https://discussions.apple.com/thread/3699096?start=0&tstart=0
    Apple info has a bit about issues that people experience.. and Tesserax has some setup info.
    Remote Access
    I would use the public IP and see if it works.. that means you need to check the IP before you leave home or use your phone tether and do the test at home so you can type in the public ip and use direct access .. at least to test it.

Maybe you are looking for

  • Adobe Photoshop CS6 Extended 64-Bit GPU Acceleration Stopped Working

    I've been using Photoshop CS6 Extended 64-bit when one day the GPU acceleration features stopped working. I closed the application and restarted it and the GPU acceleration still didn't work. I couldn't rotate the canvas or use scrubby zoom. I reboot

  • Call form and execute query there

    hi i have already one form and i created another form with one text-item named Code(non-base item) and i want when i enter number and click on button and it execute all records in main form with the same code which one i enter in sub form.is it possi

  • ERROR: Unable to locate system class: java/lang/String

    I have swtiched from running my application using sun jvm to using microsoft jvm. When i run it i get the following error: ERROR: Unable to locate system class: java/lang/String java -classpath out;etc..etc myclass has become jview -cp:a out;C:\build

  • How to reserve stock for particular customer?

    HI all, How to reserve stock for particular customer when they has approved a particular batch? Please tell me all the possibles. Thank you. Richard

  • MacBook Pro won't sleep when closed

    So yesterday I closed the computer at the office and came home with it like normal and this morning the battery was dead which was unusual. I plugged in and started up, no big deal. Then I finished just now and shut the computer and noticed that the