NX-OS and enable authentication

Similar Messages

• Can we provide UN and pwd Authentication 4r SMTP Mail Configuration

  Dear All,
  Previously we are able to send the mails from SAP to Outside World. After chaning the Mail Server to MS Exchange 2003
  We enabled the Port the 25.
  We are facing a problem While configuring a mail via SMTP for Exchange Server 2003.
  Throws an Error Message:
  Internal error: CL_SMTP_RESPONSE ESMTP error code is not known. 554 554 > : Recipient add
  As per network Team :
  Unless we provide a Username and password, the Send/Receive process does not happen.
  Is there any option in SAP - SMTP Mail Configuration to Provide user and password Authentication.
  I searched in SDN as well as in market place. but i could not succeed. Please guide me the process.
  Regards
  SNB.

  Hi we are configuring Google SMTP getting below error..
  No delivery to xxx.com, authentication required
  Message no. XS856
  Diagnosis
  The message was processed successfully in the SAP system. The mail server that is to receive the message for further processing requires authentication. Probably there is no logon data specified in the SAPconnect configuration.
  Information from external system (if available)
  smtp.gmail.com:587
  530 5.7.0 Must issue a STARTTLS command first. i91sm11178241qgd.25 - gsmtp
  Procedure
  Enter the logon data in the SAPconnect node.
  Using Gmail SMTP server using "smtp.gmail.com" with port 587
  Please advise.
  Regards,
  Sudarshan

• XI 3.1 Client Tools and LDAP Authentication

  I have Business Objects XI 3.1 SP2 installed.  For the web clients (InfoView) single sign on and LDAP authentication are working correctly.  However when a user tries to log in using LDAP authentication to one of the client tools (Universe Designer, Webi Rich Client, etc) the error "Cannot access the repository (USR0013)" occurs with the following details:
  [repo_proxy 13] SessionFacade::openSessionLogon with user info has failed(Security plugin error: Failed to set parameters on plugin.(hr=#0x80042a01)
  Are there troubleshooting or setup guides dealing specifically with LDAP authentication with the various client tools?

  Make sure that the File and Printer Sharing for Microsoft Networks component is installed and enabled on your clients.
  Take a look at note 1272536 (http://service.sap.com/notes)
  Regards,
  Stratos

• Cisco ISE (1.3) Posture and re-authentication

  Hello,
  With posture and re-authentication, during the re-authentication the posture status swithes to pending. This results in a redirect to client provisioning and a temperorly but unwanted state with no access to network resources.
  Is there a way to work around this?
  Regards,
  Dennis

   24423  ISE has not been able to confirm previous successful machine authentication  
  Judging by that line and what your policy says, it appears that your authentication was rejected as your machine was not authenticated prior to this connection.
  first thing to check is whether MAR has been enabled on the identity source. second thing to check is whether your machine is set to send a certificate for authentication. there are other things you can look at but I'd do those two first.
  log off and on  or reboot and then see if you at least get a failed machine auth on the operations>authentication page and we can go from there. 

• SAPGUI and Portal Authentication using AD Credentials with usr/passw prompt

  Hi Experts,
  We have the following requirements:
  1. Portal/EP has UME set to ABAP (in other words using ECC6 system's user/password).
  2. ECC6 user-id's differ from Active Directory user.
  3. User logs in to Active Directory.
  4. User wants to log on to SAPGUI (ECC6 system), with a user-name password prompt, using the Active directory Credentials.
  5. User wants to log on to Portal/EP, with a user-name password promt, using the Active Directory Credentials.
  The following suggested solution was the closest to the requirement (without to much technical detail):
  1. For SAPGUI, implement SSO on the workstation GUI's and maintain the Active Directory user in transaction SU01 in the ALIAS field.
  This should enable the user to, after having logged onto the Active Directory, to open the SAPGUI and WITHOUT user-name password prompt, be authenticated and logged into SAP. This would entail settings to be done on each workstations GUI.
  2. For the Portal/EP, implement Kerberos on the portal, setting it to authenticate to the AD. As per note 935644 maintain an additional attribute on the UME, to enable the mapping between the UME and the AD users.
  This should enable the user, after having logged onto the Active Directory, to open Internet Explorer, go to the Portal URL, and be authenticated and logged into the portal, without WITHOUT user-name password prompt.
  Do you know the viability of this solution, or whether there is any better suggestion (especially to keep the user-name password prompt, and without changing the ECC6 or Active directory users).
  Regards.

  AJP,
  The description you have given is an exact description of the capability of our product. I represent a company called CyberSafe, and our products are designed and sold to SAP customers for integrating the SAP user authentication with Active Directory authentication. We have some unique features in our product which you could benefit from, e.g. our SAP GUI SNC library has the ability to popup a logon screen asking user for Active Directory account and password before it logs the user onto SAP. Also, when the SAP system has authenticated the user, either via the Web browser or via SAP GUI their Kerberos principal name (determined from AD account name and domain) is mapped onto a SAP user using a table in the ABAP system. The browser authentication even uses this same table for mapping so that an authenticated account name does not need to be same as the SAP user they log onto.
  If you would like to discuss our product more, and/or arrange a free evaluation please contact me using the email address in my SDN business card.
  Thankyou,
  Tim

• Exchange 2013 CU6 OWA - FBA and Windows Authentication (coexistence)

  Hi,
  Is it possible to run FBA for outside clients and Windows Authentication for inside clients?
  I have tried to setup FBA and WA on different WebSites without luck :-(
  Best regards - NH
  [Edit, typo]

  Hi,
  I recommend you create the second OWA/ECP virtual directories in a new IIS web site with a different IP address, and using it for internal client access.
  You need to prepare the secondary IP address for CAS server, and then in the IIS manager, create a new Web Site. Create the second
  OWA/ECP virtual directories in this new IIS Web Site.
  You will also need to ensure that whatever name the internal use will be using to connect to the new
  OWA/ECP site is present on the installed certificate and the name resolves to the correct IP address.
  Then you can enable integrated windows authentication for internal users and enable forms-based authentication for external users.
  Best regards,
  Belinda Ma
  TechNet Community Support

• Enable authentication for ASA

  hi,
  Im working on AAA authentication for an ASA (ASA 8.0(3) version) box thorough a TACACS+ server in ACS (4.2 version). The setup im working on includes several users in 3 classes: senior (privilege level 15), junior (privilege level 7) and monitoring (privilege level 0), user authentication and command authorization is working fine, however im having problems with enable authentication.
  When an user of junior class try to authenticate the enable password the authentication fails, according to the ACS's log "Tacacs+ enable privilege too low", however the privilege level in ACS for this class is set to level 7. Checking with a sniffer i have find out that the TACACS+ message for authentication sent by ASA is setting the privilege level as level 15, as you can see in the attached screenshot. Of course if the ASA is trying to authenticate enable for a level 15, the authentication will fail according to user's current level.I have local authentication configured in the ASA and it works fine including enable authentication.
  Anyone have had any issue with this or have any idea how resolve this issue?
  thanks all for your replies.

  Seems like you might be hitting bug CSCsh66748.
  Hope you have tried "enable " command to enter enable mode for specific users.
  BTW why are you using different privileges for enable when you already have command authorization in place.
  Regards
  Rohit

• Is it possible to do machine and user authentication in same Authorization profile?

  Hi,
  I want to know is it possible to do machine authenticaiton and user authentication happen at the same time? Some thing like this...
  Condition
  IF ( wired_802.1x and AD:externalgroup EQUAL dommain computer AND    AD:exteranalgroup EQUAL Some_domain_user_group )
  Permissions
  then Vlan x
  Basically i am trying to check a machine is part of domain and user is valid only then he should be able to have full access.
  Any help will be of great value.

  Hi,
  IF ( wired_802.1x and AD:externalgroup EQUAL dommain computer AND    AD:exteranalgroup EQUAL Some_domain_user_group )
  - Not possible
  As user and machine authentication occur at different contexts.
  ACS cannot verify the both at the same time.
  Using MAR, you can, though club the both together and achieve:
  "machine is part of domain and user is valid only then he should be able to have full access"
  http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.1/user/guide/users_id_stores.html#wp1235978
  Tips for configuring MAR:
  1) Set the client to perform user or computer authentication.
  2) Create two rules in authorization, one for user and and one for machine (identity them by using group membership on AD).
  3) Enable MAR under the AD configuration page on ACS and set the aging time.
  4) In the user rule, customize and use the condition "Was machine authenticated" and set it to true.
  Rate if useful

• How to Enable Authentication to Selected Users

  1. How to enable SAP and AD authentication only for selected users in infoview login page ?
  2. How to disable(remove) enterprise options in down arrow selection in infoview login page for some users?
  We have to make some changes in web.xml?
  Can anyone help me out.
  Thanks!
  Milton

  You have to enable authentication for your application.
  However, for the public pages, you disable this by setting the page's security attribute Authentication to "Page is public".

• What's the difference between "login block-for X attempts X within X" and "security authentication failure rate X"?

  What's the difference between, just for example, "login block-for 100 attempts 15 within 100" and "security authentication failure rate 3"?
  Please ignore the numbers, I need to know what the differences are in commands and what they do, what they affect.

  security authentication failure rate number_of_failed_attempts : A global configuration mode command used to specify the maximum number of failed attempts (in the range of 2 to 1024) before introducing a 15-second delay
  login block-for 100 attempts 15 within 100 : Block all access after 15 failed login attempts within 100 Secs for the period of 100Secounds (1.40 Minutes).
  The Cisco IOS Login Enhancements (Login Block) feature allows users to enhance the security of a router by configuring options to automatically block further login attempts when a possible denial-of-service (DoS) attack is detected.
  The login block and login delay options introduced by this feature can be configured for Telnet or SSH virtual connections. By enabling this feature, you can slow down "dictionary attacks" by enforcing a "quiet period" if multiple failed connection attempts are detected, thereby protecting the routing device from a type of denial-of-service attack.

• Enable Authentication

  Hi
  I am trying to enable authentication via LDAP for LiveCycle ES.  I have establisghed a domian and followed the steps to connect our LDAP directory server.  All of the tests inside of the setup pass and produce the appropriate data.  I then did a sucsessful synch.  But when I try to login using my domain credentials it doesn't work.   Am I missing something ??
  I really appreciate any advice, I'll keep digging in the meantime.
  Peace,
  BB
  PS.  Followed the instructions here...
  http://blogs.adobe.com/livecycle/2009/02/integrating_livecycle_with_the_1.html

  What are you trying to login to? Adminui, workspace, Reader Extensions UI? Now that you have set up users in the DB you have to give those users rights to access the applications. Log into adminui as administrator and that is where you will give them the rights to use specific applications.
  Paul

• Not null and enable or disable  column in tabular form

  Hi,
  Using apex version 4.1 and working on tabular form.
  ACT_COA_SEGMENT_MAS is Master table
  and
  ACT_SEGMENT_VALUES_MAS is detail table
  I have entered 8 rows in master table and PARENT_SEGMENT_ID is column in master table which is null able. If i specified PARENT_SEGMENT_ID with value in master table then in detail table there is column PARENT_ID that should not be null and enable.
  How i can enable or disable column when in master table PARENT_SEGMENT_ID column is null then in detail table PARENT_ID column should disable and vice versa.
  I have created tabular form on Detail table. before insert into the tabular form Check in master table in first entry if PARENT_SEGMENT_ID is not null in first row of master table then in tabular form PARENT_ID should enable and not null able in corresponding to this first row id's lines in tabular form.
  Same should check for second row in master table if PARENT_SEGMENT_ID is not null then entered rows with PARENT_ID into tabular form corresponding to 2nd id in master table should not nullable and column should enable in tabular form.
  Thanks & Regards
  Vedant
  Edited by: Vedant on Jan 9, 2013 9:12 PM

  Vedant,
  You need to create you own manual tabular form and not use the wizard.
  Using APEX_ITEM api you should be build you own form and you will be able to control how you wan to display the rows. (See Link [Apex Item Help|http://docs.oracle.com/cd/E37097_01/doc/doc.42/e35127/apex_item.htm#CACEEEJE] )
  select case when PRIMARY_TABLE_COLUMN is null then APEX_ITEM.DISPLAY_AND_SAVE(3 , DETAIL_COLUMN ) else APEX_ITEM.TEXT(2,detail_column) end "ALIAS" from detail table
  Hope that help.
  Vivek

• Portal Drive Single Sign On and Kerberos Authentication

  Hi,
  We are using NW2004s SP10 Portal and we have successfully configured Kerberos authentication with Windows Active Directory 2003. To access the KM Content in windows explorer format, we are using Portal Drive but Portal Drive still asks for authentication i.e. SSO is not working for Portal Drive. I have understood from the forums and sap help site that SSO from portal drive will work only for NTLM authentication and client certificates. Can you please help regarding below questions.
  1. Can Kerberos and NTLM authentication be configured together.
  2. If yes, what are the steps to configure NTLM authentication for NW2004s SAP Portal and Active Directory 2003.
  3. Any other approach to make Portal Drive SSO work.
  Helpful answers will be rewarded.
  Regards,
  Chandra

  Hi Gregor,
  I did two things:
  first i made a change in the portalapp.xml in the PAR file "com.sap.km.cm.par". In the section authentication scheme for "docs" I changed the authentication scheme to "default" to make sure that documents are opened using the default authentication scheme (SPNego) instead of basic authentication
  second, I used the SPNego wizard to configure SPNego. So I didn't adjust anything in the Visual Admin or the authentication template apart from adding the Template to the Ticket policy configuration.
  Again, this only worked after installing the latest vesion.
  Hope this helps
  Marcel

• Graphics builder and os authentication

  I'm running on NT 4 sp6. I'm trying to get OS authentication working with graphics. It works great for forms and reports, but I cannot get graphics builder or the graphics runtime to work with os authentication. I've tried it with developer 2000 r2 and 6i release 2. Thanks is advance.
  null

  Is the state of OCCI and OS Authentication still the same? Or has it changed in the 2.5 years since this question was first asked and answered?
  I've yet to find any indication that it is now supported, but could I confirmation of that fact?
  If it is not, what is the Oracle recommended method for accomplishing this?

• Remote users sending email - RBL and SMTP authentication

  I've read about the problem of using RBL's with remote Outlook IMAP/SMTP users who may be using dynamically assigned IP addresses. There is a good chance that they will be appear on the RBL and so not be able to send email via the GWIA.
  One work around is to have them send their email via their ISP's SMTP server, but this is a pain, because when they are back in the office, then need to switch their SMTP server back to the inhouse one.
  So on the GW 7.0.3 server running on SLES 10, I wondered if the one host could handle multiple GWIA's??
  1st existing GWIA:
  To handle the regular in/out email with RBL's protection on it.
  2nd new GWIA on a separate port but same IP address to handle just inbound email. This would be used by remote users and require authentication so no need for an RBL on it.
  Is this a sound approach?
  Any gotchas for setting up two gwia's on the one server and IP address besides separate ports?
  I am aware there is the option of using the Groupiwse client or webmail, but firstly these users don't want to change from 'LookOut" due to their address book synch with their mobile phones and secondly sometimes they like to use their smart phones for remote email synchronisation.

  Maybe I should simplify this a little...
  Can the one host handle multiple GWIA's??
  1st existing GWIA:
  To handle the regular in/out email with RBL's protection on it.
  2nd new GWIA on the same host and IP address, but on a separate port to handle just inbound email. This would be used by remote users and require authentication.