Non-root access to JDS

Similar Messages

• Issue: non-root access to Java Desktop System

  Hello,
  Rookie here. i have been using Solaris 10 with no problem and accessing the GUI thru the Java Desktop system with no problem. i created a new non-root user 'user1' on the system with all default parameters assigned to the user when doing 'useradd user1'. these default parameters assume a default home directory is assigned to the user, correct? i am able to access the system with 'user1' via console and remote, but i cannot access the GUI thru the Java Desktop system with this user. It accepts my credentials then it flashes a couple of times and sends me back to the welcome log-in screen.
  Are there additional permission that i need to grant this user to access GUI via JDS? i'm able to do everything else as normal. Any help is appreciated.

  doing 'useradd user1'. these default parameters assume a default home directory is assigned to the user, correct? i am Incorrect. man useradd paying attention to -d and -m. Solaris defaults to /export/home and will usually throw an error if you try to use /home as it's controlled by the automounter.
  If it's just a test user account then userdel followed by useradd again.
  alan

• Allowing non-root access to view disk quotas

  Hi, we have a need to allow a non-root user (as in the Help Desk) to look at users' quotas on various filesystems. I have tried running the quota command as an argument to ppriv, but rather than telling me what privileges are needed, I just get this:
  ppriv -De quota -v youngbp
  quota: youngbp (uid 200): permission denied
  Is there a way in Solaris 10 to allow a non-root user to do this?
  Also, does anyone have any experience using the perl Quota module as a non-root user to examine a user's quota? Thanks...
  Jim McCullars
  University of Alabama in Huntsville

  You may also try RBAC
  http://www.sun.com/blueprints/0603/817-3062.pdf
  http://docs.sun.com/app/docs/doc/819-3321/6n5i4b7ao?l=en&a=view&q=RBAC
  http://docs.sun.com/app/docs/doc/806-4078/6jd6cjs4o?a=view
  Edited by: Noel.del@Rosario on Feb 19, 2008 4:07 AM
  Edited by: Noel.del@Rosario on Feb 19, 2008 4:13 AM
  Edited by: Noel.del@Rosario on Feb 19, 2008 4:40 AM

• [SOLVED] How to set non-root access to serial ports?

  I have this device which is listed as
  /dev/ttyUSB0
  I need to
  sudo chown sms /dev/ttyUSB0
  every time I reboot. Normally I would think to add myself to some group but "tty" group is not doing the trick... proof:
  [sms@sms-linux ~]$ groups sms
  tty wheel sms
  [sms@sms-linux ~]$ MinOZW
  Starting MinOZW with OpenZWave Version 1.0.758
  2014-03-15 06:32:07.921 Cannot find a path to the configuration files at ../../../config/, Using /usr/local/etc/openzwave/ instead...
  2014-03-15 06:32:07.928 mgr, Added driver for controller /dev/ttyUSB0
  2014-03-15 06:32:07.929 Opening controller /dev/ttyUSB0
  2014-03-15 06:32:07.931 Trying to open serial port /dev/ttyUSB0 (attempt 1)
  2014-03-15 06:32:07.933 ERROR: Cannot open serial port /dev/ttyUSB0. Error code 13
  2014-03-15 06:32:07.935 ERROR: Failed to open serial port /dev/ttyUSB0
  2014-03-15 06:32:07.936 WARNING: Failed to init the controller (attempt 0)
  ^C
  [sms@sms-linux ~]$ sudo MinOZW
  [sudo] password for root:
  Starting MinOZW with OpenZWave Version 1.0.758
  2014-03-15 06:32:23.776 Cannot find a path to the configuration files at ../../../config/, Using /usr/local/etc/openzwave/ instead...
  2014-03-15 06:32:23.782 mgr, Added driver for controller /dev/ttyUSB0
  2014-03-15 06:32:23.784 Opening controller /dev/ttyUSB0
  2014-03-15 06:32:23.786 Trying to open serial port /dev/ttyUSB0 (attempt 1)
  2014-03-15 06:32:23.794 Serial port /dev/ttyUSB0 opened (attempt 1)
  Edit: yes, it was after logout and even reboot.
  Last edited by smsware (2014-03-15 15:07:15)

  Hi,
  I also have a similar problem. I added myself to uucp group, but I still cannot access the serial port.
  [manjaro@mycomp work]$ sudo gpasswd -a manjaro uucp
  [sudo] password for manjaro:
  Adding user manjaro to group uucp
  [manjaro@mycomp work]$ groups manjaro
  lp wheel uucp network video audio storage users
  [manjaro@mycomp work]$ ls -l /dev/ttyUSB0
  crw-rw---- 1 root uucp 188, 0 23.06.2014 21:32 /dev/ttyUSB0
  [manjaro@mycomp work]$ lpc21isp firmware.hex /dev/ttyUSB0 19200 11059
  lpc21isp version 1.97
  File firmware.hex:
  loaded...
  Start Address = 0x00004F9C
  converted to binary format...
  image size : 30304
  Image size : 30304
  Can't open COM-Port /dev/ttyUSB0 ! (Error: 13d (0xD))
  But when I try as root, it works:
  [manjaro@mycomp work]$ sudo lpc21isp firmware.hex /dev/ttyUSB0 19200 11059
  [sudo] password for manjaro:
  lpc21isp version 1.97
  File firmware.hex:
  loaded...
  Start Address = 0x00004F9C
  converted to binary format...
  image size : 30304
  Image size : 30304
  Synchronizing (ESC to abort)..... OK
  Read bootcode version: 13
  Download Finished... taking 27 seconds
  Now launching the brand new code
  Do you have any idea what I am doing wrong?
  Last edited by manjaro (2014-06-23 19:57:40)

• Non-root access of ports / services

  Our application needs to grap a "reserved" port (/etc/services port number under 1000) as "nobody" as it is spawned from a web application. Is there some way in Solaris to allow this? Specifically, our application fires up it's own snmp service, but needs to use 161/162 and start it from the application, not from a root session.
  Thanks for any help.
  DaveS @apengines

  Unless you specify the '-m' flag to 'useradd', the new users homedirectory will Not be created.
  You will have to create the directory manually, first determine the setting of the homedirectory with, for example, finger, aka:
  finger user1
  Then create the directory with
  mkdir <directory>
  and then change the ownership of it:
  chown user1 <directory>
  HTH
  .7/M.

• [Solved] Non-root user cannot access mounted ntfs filesystem

  Hi -,
  i have a dualboot system (arch/xfce + win7) and i use a ntfs partition /dev/sda2 to store files i use with both operating systems. I added the partition to fstab and it gets mounted, but i cannot access it with my non-root user. With root it works fine...
  My fstab:
  # cat /etc/fstab
  # /etc/fstab: static file system information
  # <file system> <dir> <type> <options> <dump> <pass>
  tmpfs /tmp tmpfs nodev,nosuid 0 0
  LABEL=home /home ext4 defaults 0 1
  LABEL=root / ext4 defaults 0 1
  LABEL=swap swap swap defaults 0 0
  /dev/sda2 /media/sda2 ntfs defaults 0 2
  Is there any option that allows all users to use the mounted device? Or how is this usually done ...
  Last edited by muzzel (2012-05-30 20:39:58)

  See: NTFS-3G for important setup information.
  My fstab line looks like:
  /dev/sdb1 /media/Win_USB ntfs-3g uid=1000,gid=users,fmask=113,dmask=0022 0 0
  This sets up some important parameters which the NTFS-3G Wiki Page covers.  Basically, "ntfs" is only a basic driver and is built into the kernel.  "ntfs-3g" is a much better, and less disk-eating, driver that you should install and use if you need the drive in Linux any more than occasionally.  My fstab line makes my user (1000) the owner and the masks lets me write and etc to it.  When you install NTFS-3G it is automatically used when you use the mount command to mount NTFS drives.  In fstab, as above, you would specify it explicitly.
  You can find your own user number by entering "id" at a terminal.

• Setting previleges to a non-root user account to access ports

  Hello ,
  I am tring to do an icmp-ping to a machine in the network from an application by connecting to icmp port through a raw socket.
  My question is i am able to connect to icmp port using raw socket only in root user account. But my application should run under a non root user account and do the ping for me.
  1)How do i set previleges to a particular user to access icmp port?
  I am running the application on solaris 9
  2)I read a paper on net saying ports from 0 to 1024 can only be accessed by a root user account?
  Why is this and what can be done for a non-root user account to access these ports.
  3) Is this possible in solaris 9.
  Thanks in Advance,
  cheers,
  pal

  There is only one solution: create a new Standard user account and set it as your auto login account, if you use that feature.
  Using what you describe is mostly a false sense of security. Were someone to hack into the computer they could hack into the standard account, so you would not wish to keep any sensitive data in that account. Other things to consider:
  Turn on your Firewall in Security & Privacy preference panel.
  Use software to mask your online presence such as ProxyCap 2.03, MacProxy, Proxifier, or Hotspot Shield.

• Aironet 1262N - Access Point behind Non-Root Bridge possible?

  Hi,
  I want to connect two buildings. Let's call them Building A (main) and Building B.
  „A“ is the main building and provides a wired LAN to an AAA server (192.168.1.2) and the WAN gateway (192.168.1.1).
  There I placed a 1262N with the IP 192.168.1.3 connected to the wired LAN and configured it as Root-Bridge. Let's call it AP01.
  „B“ is a pretty large building and has a wired LAN from one end to the other end.
  So I placed two 1262N there, each at one end.
  The first 1262N is configured as non-root Bridge (AP02) and connects to the Root Bridge (AP01).
  The IP address of AP02 is 192.168.1.4.
  The second 1262N is configured as Access Point (AP03) and connects to the non-root Bridge (AP02) via the wired LAN.
  The IP adress of AP03 is 192.168.1.5
  My Questions:
  1. Do I need tell AP02 about the AAA Server in Building A or acts AP01 like a AAA Proxy for AP02 because of it Root Bridge functionality?
  2. How Do I tell AP03 that it should use AP02 as a gateway to building A?
  I attached a diagram.

  Hello  Mr. Vogl,
  Thank you for your question.
  However, the Small Business Support Community is limited to Cisco Small Business Products, and the Aironet products are considered as a Enterprise level devices.
  I recommend you to post this question on the on the correct forum, in order to get a better response.
  You can move your post using the Actions panel on the right.
  Best regards,
  Diego Rodriguez
  Cisco Small Business Community Engineer

• 1310 Non-Root Bridge Accessing Different Subnets

  From this non-root 1310 bridge, we are connecting to an old BR500 root bridge via wireless.
  Clients inside the non-root bridge are able to access devices anywhere on the subnet (servers, workstations, etc.) via the bridge (wireless connection) with no problems. But, these clients cannot access the default gateway of the subnet or pass through the router (I can't even ping the default gateway router interface from the 1310 bridge; yet from the bridge, I can ping anything else on the same subnet).
  Of course, clients on the wired LAN are able to browse the Internet, etc. -- it is only clients behind this bridge that cannot seem to "get out" so to speak.
  This is a small LAN -- so everything is VLAN1 with a router at the boundary.
  I have even ran a "sh ip arp" on the 1310 to ensure that a MAC entry is in the table for the default gateway IP, and it is there.
  Any ideas?

  Make sure there is no access list confiugred on the router blocking the access. Save the configurations and restart the bridge .

• Need to run fmsedge process without root access

  1937396
  On Linux, the fmsedge process needed to run without root access.

  I see that in the release notes
  new in this release:
  1937396
  On Linux, the fmsedge process needed to run without root access.
  However I have not found any documentaion on how to do this?
  I would love to run the fmsedge process run as non-root so tht root does not own the 1935 listening port.
  fmsedge   26837  root   19u  IPv4  4007676       TCP localhost:19350 (LISTEN)
  fmsedge   26837  root   24u  IPv4  4007679       TCP *:1935 (LISTEN)
  fmsedge   26837  root   35u  IPv4  4007717       TCP localhost:19350->localhost:59625 (ESTABLISHED)
  fmsedge   26837  root   57u  IPv4 26532589       TCP localhost:19350->localhost:58913 (ESTABLISHED)
  This appear to not be the default setup.
  Thanks in advance if anyone has tackled this!

• In iPS 3.0SP3a, I would like to change the super-admin entry from root to a non-root user. The problem is I was able to install iPS as a pseudo-root however console will not let me in as that.

  There must be a way to do this. Pls help.

  Hi,
  Please Check whether the said unix user is already existing under any roles of the default-domain.
  If so, delete the user from that role in the default_domain and then
  Goto : Manage Domain > view Domain Administrator Roles > Admin Role > users
  Create the non root unix user name .
  Once you create the user profile for this under the role defined for super admin,you can access as super admin.
  Thanks,
  Raj_indts
  Developer Technical Support
  Sun Microsystems
  http://www.sun.com/developers/support"

• Problem in running servlets over the net & in non-root user mode(FC-4)

  I have installed Tomcat 5.0.28 and it is running
  successfully in Fedora core 4,I wrote a servlet,to access a mysql database and it is running correctly,but when i logged
  onto non-root user, when i call the servlet through the
  html page i get "page not found error" .This is happening even when i do it from other system.
  I thank in advance if any could help me in this case

  Did you try using %20 instead of a space?  I know it works for URLs...worth a shot.

• NetworkManager applet doesn't prompt for VPN secret for non-root user

  I'm using NetworkManager in GNOME DE. When logged in as non-root user, I'm unable to connect to a vpnc profile.
  * As non-root, I am able to add/remove/alter/connect to WiFi network profiles with no trouble.
  * As non-root, I am also able to add/remove/alter vpnc profiles.
  * However, the VPN group key and VPN user password do not appear to store properly when adding/editing the profile as non-root. I can enter them, but when I bring the dialog back up, they are always blank. Even so, I can see an entry for vpnc in the Gnome keyring.
  * When I slide the on/off switch to try to connect with the vpn profile, there is no prompt for the VPN group key or password. The switch just slides back to Off immediately and I can see the text 'authentication required' flash briefly where it shows the connection status. After that flashes, the connection status is back to 'Not connected'. No error message displays.
  * If I sign in as root, there are no problems. The VPN 'secrets' will save properly in the dialog, and also if I leave them blank, I'm prompted for them when I activate the connection.
  * Creating the connection as 'root' is not an option, as this doesn't appear in profile list when signing on as non-root.
  Any ideas on where to look or what to check? As mentioned above, non-root can maintain WiFi connections through NetworkManager just fine, so the problem appears localized to VPN 'secrets'. Also other applications (i.e. Evolution) have no trouble in dealing with authentication.
  I do have polkit installed:
  extra/polkit 0.110-2 [installed]
  Application development toolkit for controlling system-wide privileges
  extra/polkit-kde 0.99.0-2
  Daemon providing a polkit authentication UI for KDE
  extra/polkit-qt 0.103.0-2
  A library that allows developers to access PolicyKit API with a nice Qt-style API
  community/polkit-gnome 0.105-1 [installed]
  PolicyKit integration for the GNOME desktop

  Update/more information on this...
  My typical/preferred setup for my VPNs is to save the VPN group key, but to be prompted for my VPN user password on each connect. So, this is how I was trying to setup in the applet. Interestingly, I have found that if I save BOTH of the 'secrets' to the keyring, then I can connect!
  The behavior is still as above in the dialog -- both secrets are blank if I edit the connection, although they are present in the Gnome keyring. As long as they are BOTH there, I can connect fine. But, if I have either of them set to 'Always Ask', then I am not prompted for them and the connection fails.
  Although I can work with this, I would certainly still like to figure out what is going on and fix it, as it does bother me that it works that way:
  * Why can't the dialog redisplay my secrets when I edit a connection as non-root?
  * Why doesn't Always Ask work to prompt me for secrets when running as non-root?
  Any ideas? I've used the Gnome/NetworkManager/vpnc combination on other desktops (this is my first Arch), and I have never seen anything like this.

• Non-root is not associate with root

  I am working to setup the non-root associate with root. I have checked every configuration from the root are the same as non-root. Accept it set to non-root.
  - It is the same VLAN, SSID, authentication is open. I have encryption from both sides are the same.
  It is still not associated. What else should I check from the non-root to get association? Please give me some helps
  I am really appreciated that.
  The root configuration:
  version 12.4
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec localtime show-timezone
  service password-encryption
  hostname Root_Bridge
  no logging console
  aaa new-model
  aaa group server radius rad_eap
  aaa group server radius rad_mac
  aaa group server radius rad_acct
  aaa group server radius rad_admin
  aaa group server tacacs+ tac_admin
  aaa group server radius rad_pmip
  aaa group server radius dummy
  aaa authentication login default local
  aaa authentication login eap_methods group rad_eap
  aaa authentication login mac_methods local
  aaa authorization exec default local
  aaa accounting network acct_methods start-stop group rad_acct
  aaa session-id common
  resource policy
  clock timezone MST -7
  clock save interval 24
  ip subnet-zero
  ip domain name Bridge
  ip ssh time-out 60
  ip ssh version 2
  no dot11 igmp snooping-helper
  dot11 vlan-name Management vlan 51
  dot11 vlan-name User vlan 11
  dot11 ssid LOCALBRIDGE
     vlan 51
     authentication open
     infrastructure-ssid
  dot11 network-map
  crypto pki trustpoint TP-self-signed-4076113752
  enrollment selfsigned
  subject-name cn=IOS-Self-Signed-Certificate-4076113752
  revocation-check none
  rsakeypair TP-self-signed-4076113752
  crypto pki certificate chain TP-self-signed-4076113752
  certificate self-signed 01
    30820261 308201CA A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 34303736 31313337 3532301E 170D3032 30333031 30303030
    33345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 30373631
    31333735 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
    8100B329 87F691CA 1107EC3A 9EF4676D 2F96A7E4 42DBB88F 426D78C1 0E9E09A0
    8F5EA9A1 DF88C33A A0DF128A E13E6E59 E9232487 0F5C953C 274DF314 1F48544F
    E213D232 85B1E45A 4D186A9E FF9581E6 3E471891 16B627B6 CB3D8F01 BCFF89E0
    77E8EA44 0E255F75 BFF1299A B3198E9B 61B3056B 8F365D98 2A8D463E F3122C47
    B80D0203 010001A3 81883081 85300F06 03551D13 0101FF04 05300301 01FF3032
    0603551D 11042B30 29822737 3332385F 42726964 67652E64 61766973 2D6D6F6E
    7468616E 2E616363 2E64732E 61662E6D 696C301F 0603551D 23041830 1680145F
    9DB7F2A6 BD563ACB 429F6938 6AF9D336 69139F30 1D060355 1D0E0416 04145F9D
    B7F2A6BD 563ACB42 9F69386A F9D33669 139F300D 06092A86 4886F70D 01010405
    00038181 00372387 521D029A FAE2F579 73EDCF3B FDF262EE 5DF6154E 5469A5BD
    6630E5FD C8A1311A A24493D4 D1856862 8979692B CDFE65D7 29E97B60 FCC37584
    A27FA332 9CC5F175 2EDC871C D41BA4F5 A50634DE 75210305 47240D4F A30D0046
    532F68ED 569CE374 98C5F53D A417CFBF 3A93C98A D399B06E A73E61AB D4889452
    0B695B54 86
    quit
  bridge irb
  interface Dot11Radio0
  no ip address
  no ip route-cache
  encryption key 1 size 128bit 7 E99521751C16125A7754722A6B72 transmit-key
  encryption key 2 size 128bit 7 1857F02303182327EA1A9242A53B
  encryption key 3 size 128bit 7 FE1CF103855EBB2763224F129556
  encryption key 4 size 128bit 7 19A03A5D596B029A01C208EF1C0F
  encryption mode ciphers wep128
  encryption vlan 11 key 1 size 128bit 7 419258EC0B7E6C7413C571760B67 transmit-key
  encryption vlan 11 key 2 size 128bit 7 AB3C5B091B37223F39306B1F7442
  encryption vlan 11 key 3 size 128bit 7 3E1CF103855EBB2763224F129556
  encryption vlan 11 key 4 size 128bit 7 E858C5382B5D5E372A6C0438604C
  encryption vlan 11 mode wep mandatory
  encryption vlan 51 key 1 size 128bit 7 90792B34ACD2C8D18A0B7AF3AC68 transmit-key
  encryption vlan 51 key 2 size 128bit 7 72063EA2FEF03A39E5468E92A7C5
  encryption vlan 51 key 3 size 128bit 7 8607AEADB49EE0B7E4529770D9AE
  encryption vlan 51 key 4 size 128bit 7 F60210B48CB39887A59255187D6D
  encryption vlan 51 mode wep mandatory
  ssid LOCALBRIDGE
  speed  basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
  packet retries 128
  station-role root
  rts threshold 4000
  rts retries 128
  cca 87
  concatenation
  distance 5
  beacon period 20
  infrastructure-client
  interface Dot11Radio0.11
  encapsulation dot1Q 11
  no ip route-cache
  no snmp trap link-status
  bridge-group 11
  interface Dot11Radio0.51
  encapsulation dot1Q 51 native
  no ip route-cache
  no snmp trap link-status
  bridge-group 1
  interface FastEthernet0
  no ip address
  no ip route-cache
  hold-queue 80 in
  interface FastEthernet0.11
  encapsulation dot1Q 11
  no ip route-cache
  no snmp trap link-status
  bridge-group 11
  interface FastEthernet0.51
  encapsulation dot1Q 51 native
  no ip route-cache
  no snmp trap link-status
  bridge-group 1
  interface BVI1
  ip address 192.168.0.5 255.255.255.0
  no ip route-cache
  no ip http server
  ip http authentication aaa
  no ip http secure-server
  ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
  ip radius source-interface BVI1
  logging history informational
  snmp-server view dot11view ieee802dot11 included
  snmp-server community PUBLICSTRING RW
  snmp-server chassis-id Bridge
  snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
  snmp-server enable traps tty
  snmp-server enable traps entity
  snmp-server enable traps disassociate
  snmp-server enable traps deauthenticate
  snmp-server enable traps authenticate-fail
  snmp-server enable traps dot11-qos
  snmp-server enable traps wlan-wep
  snmp-server enable traps config
  snmp-server enable traps syslog
  snmp-server enable traps cpu threshold
  snmp-server enable traps aaa_server
  snmp-server enable traps envmon
  snmp-server host 192.168.9.10 PUBLICSTRING
  tacacs-server host 192.168.6.100
  tacacs-server host 192.168.4.100
  tacacs-server directed-request
  radius-server attribute 32 include-in-access-req format %h
  radius-server vsa send accounting
  bridge 1 protocol ieee
  bridge 1 route ip
  line con 0
  access-class 111 in
  line vty 0 4
  access-class 111 in
  line vty 5 15
  access-class 111 in
  end
  The non-root configuration:
  version 12.4
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  hostname Bridge
  logging console informational
  logging monitor informational
  aaa new-model
  aaa group server radius rad_eap
  aaa group server radius rad_mac
  aaa group server radius rad_acct
  aaa group server radius rad_admin
  aaa group server radius rad_pmip
  aaa group server radius dummy
  aaa authentication login default local
  aaa authentication login eap_methods group rad_eap
  aaa authentication login mac_methods local
  aaa authorization exec default local
  aaa accounting network acct_methods start-stop group rad_acct
  aaa cache profile admin_cache
  all
  aaa session-id common
  resource policy
  clock timezone MST -7
  clock save interval 24
  ip subnet-zero
  ip domain name Bridge
  no dot11 igmp snooping-helper
  dot11 activity-timeout bridge default 3600
  dot11 vlan-name Management vlan 51
  dot11 vlan-name User vlan 11
  dot11 ssid LOCALBRIDGE
     vlan 51
     authentication open
     infrastructure-ssid
  dot11 network-map
  no crypto provisioning petitioner
  bridge irb
  interface Dot11Radio0
  no ip address
  no ip route-cache
  encryption key 1 size 128bit 7 E99521751C16125A7754722A6B72 transmit-key
  encryption key 2 size 128bit 7 1857F02303182327EA1A9242A53B
  encryption key 3 size 128bit 7 FE1CF103855EBB2763224F129556
  encryption key 4 size 128bit 7 19A03A5D596B029A01C208EF1C0F
  encryption mode ciphers wep128
  encryption vlan 11 key 1 size 128bit 7 419258EC0B7E6C7413C571760B67 transmit-key
  encryption vlan 11 key 2 size 128bit 7 AB3C5B091B37223F39306B1F7442
  encryption vlan 11 key 3 size 128bit 7 3E1CF103855EBB2763224F129556
  encryption vlan 11 key 4 size 128bit 7 E858C5382B5D5E372A6C0438604C
  encryption vlan 11 mode wep mandatory
  encryption vlan 51 key 1 size 128bit 7 90792B34ACD2C8D18A0B7AF3AC68 transmit-key
  encryption vlan 51 key 2 size 128bit 7 72063EA2FEF03A39E5468E92A7C5
  encryption vlan 51 key 3 size 128bit 7 8607AEADB49EE0B7E4529770D9AE
  encryption vlan 51 key 4 size 128bit 7 F60210B48CB39887A59255187D6D
  encryption vlan 51 mode wep mandatory
  ssid LOCALBRIDGE
  speed  basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
  packet retries 128
  station-role non-root bridge
  rts threshold 4000
  rts retries 128
  cca 87
  concatenation
  beacon period 20
  infrastructure-client
  interface Dot11Radio0.11
  encapsulation dot1Q 11
  no ip route-cache
  no snmp trap link-status
  bridge-group 11
  interface Dot11Radio0.51
  encapsulation dot1Q 51 native
  no ip route-cache
  no snmp trap link-status
  bridge-group 1
  interface FastEthernet0
  no ip address
  no ip route-cache
  hold-queue 80 in
  interface FastEthernet0.11
  encapsulation dot1Q 11
  no ip route-cache
  no snmp trap link-status
  bridge-group 11
  interface FastEthernet0.51
  encapsulation dot1Q 51 native
  no ip route-cache
  no snmp trap link-status
  bridge-group 1
  interface BVI1
  ip address 192.168.0.10 255.255.255.0
  no ip route-cache
  ip http server
  no ip http secure-server
  ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
  ip radius source-interface BVI1
  snmp-server community PUBLICSTRING RW
  snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
  snmp-server enable traps tty
  snmp-server enable traps entity
  snmp-server enable traps disassociate
  snmp-server enable traps deauthenticate
  snmp-server enable traps authenticate-fail
  snmp-server enable traps dot11-qos
  snmp-server enable traps wlan-wep
  snmp-server enable traps config
  snmp-server enable traps syslog
  snmp-server enable traps cpu threshold
  snmp-server enable traps aaa_server
  snmp-server enable traps envmon
  snmp-server host 192.168.9.10 PUBLICSTRING
  tacacs-server host 192.168.6.100
  tacacs-server host 192.168.4.100
  tacacs-server directed-request
  radius-server attribute 32 include-in-access-req format %h
  radius-server vsa send accounting
  bridge 1 protocol ieee
  bridge 1 route ip
  bridge 11 protocol ieee
  line con 0
  line vty 0 4
  end

  what happens if you go completely open, no WEP?
  and I wouldn't use WEP, it's very breakable.
  Steve

• Can't map directories as non-root

  Hi,
  I'm running openSuse 10.2 with NCL 1.2 for SLE10. I don't need
  any GUI so I'm using the following command lines:
  nwlogin -t testtree -s main -u s02b.class02b.classes.myschool -p *****
  nwmap myhome:=//main/sys/Home
  Using this commands as root everything works fine, the myhome link is
  created and I've access to all files (read and write).
  But when I try the commands as non-root user, the nwmap command fails
  with
  "Unable to map myhome:=MAIN/sys:/Home (code:8804 )"
  Anybody any hint?
  Thanks,
  Michael

  No idea why you get this error, but I can at least tell you what it means:
  0x 8804 DRIVE BAD PATH
  Explanation: An attempt was made to map a drive with an invalid path
  specification.