Peap AUthentication User Group issue

Similar Messages

• Reg Authenticated Users Group

  Hello Everyone.
  We created two Roles Role1 and Role2 for this Roles we have assigned the Group "Authenticated Users"
  Now the client requirement is they wants to remove couple of users who are assigned to Role1(who belong to "Authenticated Users" group.
  Though it is not a good practise One thing I can do is search for the group "Authenticated Users" in portal  then choose modify and choose assigned users and remove the users from this group.So,that they can not see Role1
  If I remove the users from the group "Authenticated Users" then they will not be able to see Role2 as they are removed from the "Authenticated Users" group which is assigned to Role2
  Can anyone help me out regarding this issue.

  Hi Shailesh,
  What you understood is correct ie  "Both the users have been added to Role 1 and Role 2, and both the roles have been assigned to "Authenticated Group".
  I tried the step what you have stated.
  once I login to portal --- User administration -- identity management
  search for the user.
  choose modify
  if I click on assigned roles I do not see either Role1 or Role2 under assigned roles
  but if i click on assigned groups I see " Authenticated  Users"
  thanks in advance

• Authenticated Users Group Question

  I have a quick question regarding the Authenticated Users "group". I used to be a systems administrator, but I'm a bit rusty since I've been a software developer for the last 10 years. A conflict with data center operations (DCO) group
  at work lead me to get another opinion.
  The question is this... is the authenticated users group a domain-level group or is there a local authenticated users group that would allow only users authenticated locally? We have a share that permits the authenticated users group access.
  My opinion is that all domain users who have authenticated successfully have access to this share. The DCO group is telling me that this is the local (to the server containing the share of course) authenticated users group only.
  Is there such a thing as a local-only authenticated users group? To me this doesn't even make sense, but I could very well be wrong.
  Nathon Dalton
  Sr. Software Engineer
  Blog: http://nathondalton.wordpress.com

  I apologize. I don't think I explained myself correctly. Let's consider the following...
  SERVER: SERVER1
  DOMAIN: DOMAIN1
  SHARE: \\SERVER1\SHARE1
  SHARE PERMISSIONS: Authenticated Users - Full Control
  Given the above information, is it possible that the Authenticated Users group will allow ONLY users that are defined on SERVER1 to access \\SERVER1\SHARE1?
  My understanding is that's not possible. There's one defined Authenticated Users group and that represents ALL users that are authenticated against DOMAIN1, whether added to local groups, shares, etc.
  What I'm being told however is that SHARE1 having Authenticated Users assigned is okay since only those user accounts defined on SERVER1 will be able to access it. All the users in the domain will NOT be able to access it. I think this is bogus. Am I wrong?
  Nathon Dalton
  Sr. Lead Developer
  Blog: http://www.nathondalton.com

• Authenticated User group

  We have following doubt regarding Authenticated User group in Windows 7
  1. When this user group is added to a Drive/folder/file automatically.
  2. As per our observation, mostly it shows in the drive in which OS is installed. On some machines it shows in other drives. How  this is added in other automatically.
  3. Another observation is, due to the presence of this group, it is possible to write a file(which is created by administrator or system) with an application which is started with Standard User token.  So do we need to add any extra permission to work
  our application(with standard user token) to read and write to the folder/file with Authenticated User group.
  4.  Is it possible that Authenticated User group will not exist in OS installed drive.
  5. Is it possible that an application with standard user cannot write to a file/folder even if Authenticated User group is present for the same.
  Thanks, Renjith V R

  Hi,
  To learn more about authenticated users group, you can refer to the related thread:
  http://social.technet.microsoft.com/Forums/windowsserver/en-US/e1a8e680-03a2-4690-a7e5-f17ad7389ecd/authenticated-users?forum=winserverDS
  Andy Altmann
  TechNet Community Support

• Everyone Group vs. Authenticated Users Group

  Two questions.....
  1.) What is the difference between the "Everyone" group and the "Authenticated Users" group.
  2) We are starting to use some new BI content (NW04s) in our federated portal and have found that we have to grant permissions to "Authenticated Users" instead of the "Everyone" group. Any ideas why?
  Regards,
  Diane

  Diane,
  The following asnwer is not a SAP answer but I did a quick check on our system and:
  1. the difference between the group Everyone and Authenticated users is exactly 1 user assignment.. I looked further and see that it has to do with the J2EE_GUEST user. this user is member of the group Everyone but NOT of the group Authenticated users.
  2. Can not give you a sure anser on this question but maybe it has to do with security that this is needed?!?!\
  Hopfully another SDN community member can fill me in here...
  Good luck and Kind Regards,
  Benjamin Houttuin

• Authenticated Users Group

  As I understand the AU group is made up by any user that logs in. However, it does not work when I specify access to a TAB page so is only visible for AU. In this case the TAB is also available for the PUBLIC user.
  I am working with Portal 3.0 EA on an Intel/NT plataform, my question is: is this the way that was supossed to be or it is something that has to do with the version that I am using...?
  Thanks

  I apologize. I don't think I explained myself correctly. Let's consider the following...
  SERVER: SERVER1
  DOMAIN: DOMAIN1
  SHARE: \\SERVER1\SHARE1
  SHARE PERMISSIONS: Authenticated Users - Full Control
  Given the above information, is it possible that the Authenticated Users group will allow ONLY users that are defined on SERVER1 to access \\SERVER1\SHARE1?
  My understanding is that's not possible. There's one defined Authenticated Users group and that represents ALL users that are authenticated against DOMAIN1, whether added to local groups, shares, etc.
  What I'm being told however is that SHARE1 having Authenticated Users assigned is okay since only those user accounts defined on SERVER1 will be able to access it. All the users in the domain will NOT be able to access it. I think this is bogus. Am I wrong?
  Nathon Dalton
  Sr. Lead Developer
  Blog: http://www.nathondalton.com

• Account Users & Groups Issue

  Hello All,
  I just got a Mac Pro with Lion Server Pre-Installed. I set everything up without a hitch for the most part and everything seems to be running fine.
  My problem is after a server reboot for the umteenth time there are now 88 users when there was only 4 and 115+ groups when I had 6. I don't want to start deleteing users and groups and find out later that they where needed by an obscure service or application that could potentially cause issues but I would like to hide them so I don't have to scroll thru them or accidently click on the wrong one and change it by mistake.
  Users consist of:
  AMavis Daemon
  ATS Server
  CVMS Root
  Dovecot Administrator
  Jabber XMPP Server
  Seatbelt
  WindowServer
  World Wide Web Server
  Groups consist of:
  Accessibility Group
  Apple store Users
  ATS Server
  Binary
  com.apple.access_backup
  Why didn't they show up when I created groups and users prior and why are they now showing up.....Thanks for your help Apple Community.

  So I found the solution and thought I would post for others that might be having the same problem.  Although I was authenticated I was not "completely" authenticated to the server.  Why this changed I am not sure.  I started my server after the big 10.7.2 push so no real major releases recently except the cloud.  Anyway, I had to bind my laptop to the server, even though I was logging on to the server and getting the green light.
  Here is how you do this. System Preferences/Users & Groups
  Then Login Options (authenticate likely neccessary)
  Then where it says Network Account Server click on Edit
  Select server and then Open Directory Utility
  Select LDAPv3 and click on the pencil icon
  Select the server again and click on edit
  and now login as the Directory Admin and Bind to the server.  Not sure if I was "unbound" at some point or if this was added as part of some release but since doing this my problem has gone away and I am having no problems home syncing again.

• Weblogic on Unix, authenticating users/groups from NT domain controller

  Hi!
  Our weblogic 6.1 server will eventually run on a non-windows platform, but
  needs to authenticate users from a Windows NT 4.0 domain controller. What's
  the best solution to this?
  - What (inexpensive) LDAP-servers supports synchronization with a Windows
  domain controller?
  - Or am I missing out on other ways of doing this?
  jan henrik

  Yes. Other instrinsic jobs are failed too. Does this related to Job Dispatcher service? Thank you for your help.

• Groups Authenticated users & Everyone difference

  Hi Everyone,
  There are builtin groups Authenticated users & Everyone.  when i check for some iviews, folders, their permissions are set to Everyone with enduser as checked and for some objects, the permissions are given as Authenticated users group with enduser as checked. 
  What is the difference between these two.  All the ESS/MSS objects has given the permission as Authenticated users group with Enduser checked. 
  anyone clarify this doubt.
  Regards,
  EP.

  Hi,
  There are two kinds of Properties for an Portal Content Object,
  1. Administrator Permission- create/modify/read/ permissions etc privilatges on the object. These are Design Time Permissions
  2. EndUser- When a user is assigned a end User Permission, he can view the content at runtime i.e. If the iView is assigned to the User (via iView assigned to a role, and role has an entry point and assigned to the user) and he has only the end user Permission, then he can login and view the runtime content only. A kind of end user privilage.
  Now,
  1. Authenticated Users: the Users who have entered their logon info/ used a certificate to Login to the Portal/ to say users who have authenticated themselves to Portal  are the Authenticated Users. The User Group is named so.
  2. Everyone- All the Users- Authenticated or not fall in this group. Sometimes Content can be accessed directly with a URL without any Logon.
  Based on who can access the End user Content, the End User permission is provided in Permission settings, i.e.in the ACL of that Object.
  Hope this answers your question. Reward points for Helpful answers.
  Thanks,
  Vamshi

• WLS 8.1.5  console doesn't show ActiveDirectory (or custom) Users/Groups

  We currently have numerous apps running on a weblogic 8.1.4 portal domain. I am attempting to replicate this domain on 8.1.5. There are four authenticators on our old domain: a DefaultAuthenticator, an ActiveDirectoryAuthenticator, and two Custom Authenticators (based on the sample database authenticator), with JAAS flags set to OPTIONAL for all. Everything was working properly under sp4, including user/group/membership listings in console and authentication. Under sp5, while simple authentication seems to work with all providers, the user/group/membership listings in weblogic console have bad HTML (empty rows under any default authenticator users/groups). The active directory settings were migrated wholesale and I verified that authentication works against this provider. Just no usernames or groupnames. I tested with just ActiveDirectory and DefaultAuthenticator, DefaultIdentityAsserter.
  <p>
  I was able to debug a bit more using our custom authenticators. I have verified that the user and group lists are being requested and returned properly when you click on Manage Users or Manage Groups in weblogic 8.1.5 console. It just seems like somewhere in the console there is a problem and the HTML output is garbled. Here is a sample of my debug text, the method names and classes should be immediately familiar from the sample authenticator:
  <p>
  getUserLoginNamesMatching(*,50)<br>
  loginNames=[BF, DAD, NA, OTN, P1Adm1, P1User1, P2Adm1, P2User1, S, ab, admtest, gw, jb, joeschmo, kw, mf, mh, pa, rn, rt, super, test1, wf]<br>
  Success: listUsers(userNameWildcard = *, maximumToReturn = 2147483647) = Cursor0<br>
  Success: haveCurrent(Cursor = Cursor0) = true<br>
  Success: getCurrentName(Cursor = Cursor0) = BF<br>
  Success: advance(Cursor = Cursor0)<br>
  Success: haveCurrent(Cursor = Cursor0) = true<br>
  Success: getCurrentName(Cursor = Cursor0) = DAD<br>
  Success: advance(Cursor = Cursor0)<br>
  Success: close(Cursor = Cursor0)<br>
  getExistingUser(BF)<br>
  user=new UserEntry( BF, BF , BF, [PDA, ADM], com.otn.mobilelynx2.security.providers.authentication.UserGroupDatabase@7f5e61 )<br>
  Success: getUserDescription(user = BF) = BF<br>
  getExistingUser(DAD)<br>
  Success: haveCurrent(Cursor = Cursor0) = false<br>
  Success: close(Cursor = Cursor0)<br>
  getExistingUser(BF)<br>
  user=new UserEntry( BF, BF , BF, [PDA, ADM], com.otn.mobilelynx2.security.providers.authentication.UserGroupDatabase@7f5e61 )<br>
  Success: getUserDescription(user = BF) = BF<br>
  getExistingUser(DAD)<br>
  user=new UserEntry( DAD, Dummy Alcanto Demoer, LYNX, [PDA], com.otn.mobilelynx2.security.providers.authentication.UserGroupDatabase@7f5e61 )<br>
  Success: getUserDescription(user = DAD) = Dummy Alcanto Demoer<br>
  getExistingUser(NA)<br>
  user=new UserEntry( NA, Nancy Aarons, 1234, [PDA, ADM], com.otn.mobilelynx2.security.providers.authentication.UserGroupDatabase@7f5e61 )<br>
  Success: getUserDescription(user = NA) = Nancy Aarons<br>
  ---- weblogic console output sp4, Manage Users ----
  User Description Provider <br>
  portaladmin Admin for portal domain DefaultAuthenticator <br>
  weblogic This user is the default administrator. DefaultAuthenticator <br>
  yahooadmin Admin for yahoo content DefaultAuthenticator <br>
  john John Smith DefaultAuthenticator <br>
  qamean ActiveDirectoryAuthenticator <br>
  qamin ActiveDirectoryAuthenticator <br>
  ---- weblogic console output sp5, Manage Users ----
  User Description Provider <br>
  portaladmin Admin for portal domain DefaultAuthenticator
  weblogic This user is the default administrator. DefaultAuthenticator <br>
  yahooadmin Admin for yahoo content DefaultAuthenticator <br>
  --- html for above (with weird empty rows) ---
  <FORM NAME=FilterUsers METHOD=POST ACTION=><P>Filter By: <INPUT TYPE=text NAME=filter SIZE=10> <INPUT CLASS='buttons' TYPE=submit VALUE=Filter></FORM><b>Displayed 68 of 357 Total, use filter to narrow your search results.<b><table border='1' cellpadding='4' cellspacing='0' height='20'><tr bgcolor='#b8cece'><th>User</th><th>Description</th><th>Provider</th><th> </th></tr><tr bgcolor='#FFFFFF'><td>portaladmin</td><td>Admin for portal domain</td><td>DefaultAuthenticator</td><td><img border='0' src='http://localhost:7001/console/images/delete.gif' title='Delete'/></td></tr><tr bgcolor='#FFFFFF'><td>weblogic</td><td>This user is the default administrator.</td><td>DefaultAuthenticator</td><td><img border='0' src='http://localhost:7001/console/images/delete.gif' title='Delete'/></td></tr><tr bgcolor='#FFFFFF'><td>yahooadmin</td><td>Admin for yahoo content</td><td>DefaultAuthenticator</td><td><img border='0' src='http://localhost:7001/console/images/delete.gif' title='Delete'/></td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr><tr bgcolor='#FFFFFF'><td><td><td></tr></table>
  Message was edited by:
  srhutch444

  i have reinstalled solaris and the problem continues.
  Under Solaris Management Console groups and users doesn't run ok. Editing an user i can't see groups and editing groups i can't see its users...very very extrange.
  A bug?
  I don't know what is happening :(

• "Authenticated Users" vs. "Users"

  I'm setting up a profiles structure on a server starting with the master folder that'll house all the profile subfolders.  the default permissions on a newly created folder always has the admins and creator/owner and system accounts, but by default
  it also has Users.  Yet in some pre-existing installations I've come across I've seen Authenticated Users put there instead, so the admin must have had a reason. 
  So the question is, what's the difference?  Since any domain user would have to authenticate to get into any resourcse anyway, is this not just the same thing?  What would be a scenario whereby you should use one over the other? 
  Thanks! 

  Authenticated user group is builtin user group & any user created in domain default became member of this group, where as you can't see or manually modify authenticated user group to add or remove members. Authenticated user group can't be added into
  user created groups like Global/Domain local/Universal group but it can be added to built in domain local group in AD. Even it contains member of trusted forest. Authenticated user group membership is controller by OS.
  Domain user group is a global group & it too contains all the users from domain where as its member can be managed like manually can be added or removed by administrators. Domain user group is visible in ADUC console.
  http://technet.microsoft.com/en-us/library/cc756898%28WS.10%29.aspx
  Regards
  Awinish Vishwakarma| CHECK MY BLOG
  Disclaimer: This posting is provided AS-IS with no warranties or guarantees and confers no rights.

• ISE / Active Directory: issue to get users group

  Hello,
  We have a strange issue:
  - ISE 1.2 patch 8
  - no WLC, autonomous AP
  In authentication, we check Wireless IEEE 802.11 (radius) and cisco-av-pair (ssid), then we use AD.
  We have 3 SSIDs, so 3 rules, one DATA, one GUEST, one for TOIP.
  In one more rules to grant authentication from APs to register in WDS: user in local database.
  In authorization, we check cisco-av-pair (ssid) and AD user group, then we permit access.
  (so 3 rules), and one more to authorise the internal base for WDS.
  We have something strange:
  - sometimes users can connect but later they can't: in the logs, the authorization rejects the user because the AD Group is not seen.
  Exemple:
  1- OK:
  Authentication Details
  Source Timestamp
  2014-05-15 11:43:19.064
  Received Timestamp
  2014-05-15 11:43:19.065
  Policy Server
  radius
  Event
  5200 Authentication succeeded 
  All the GROUPS of user are seen:
  false
  AD ExternalGroups
  xx/users/admexch
  AD ExternalGroups
  xx/users/glkdp
  AD ExternalGroups
  x/users/gl revue écriture
  AD ExternalGroups
  xx/users/pcanywhere
  AD ExternalGroups
  xx/users/wifidata
  AD ExternalGroups
  xx/informatique/campus/destinataires/aa informatique
  AD ExternalGroups
  xx/informatique/campus/destinataires/aa entreprises et cités
  AD ExternalGroups
  xx/informatique/campus/destinataires/aa campus
  AD ExternalGroups
  xx/users/aiga_creches
  AD ExternalGroups
  xx/users/admins du domaine
  AD ExternalGroups
  xx/users/utilisa. du domaine
  AD ExternalGroups
  xx/users/groupe de réplication dont le mot de passe rodc est refusé
  AD ExternalGroups
  xx/microsoft exchange security groups/exchange view-only administrators
  AD ExternalGroups
  xx/microsoft exchange security groups/exchange public folder administrators
  AD ExternalGroups
  xx/users/certsvc_dcom_access
  AD ExternalGroups
  xx/builtin/administrateurs
  AD ExternalGroups
  xx/builtin/utilisateurs
  AD ExternalGroups
  xx/builtin/opérateurs de compte
  AD ExternalGroups
  xx/builtin/opérateurs de serveur
  AD ExternalGroups
  xx/builtin/utilisateurs du bureau à distance
  AD ExternalGroups
  xx/builtin/accès dcom service de certificats
  RADIUS Username
  xx\cennelin
  Device IP Address
  172.25.2.87
  Called-Station-ID
  00:3A:98:A5:3E:20
  CiscoAVPair
  ssid=CAMPUS
  ssid
  campus 
  2- NO OK later:
  Authentication Details
  Source Timestamp
  2014-05-15 16:17:35.69
  Received Timestamp
  2014-05-15 16:17:35.69
  Policy Server
  radius
  Event
  5434 Endpoint conducted several failed authentications of the same scenario
  Failure Reason
  15039 Rejected per authorization profile
  Resolution
  Authorization Profile with ACCESS_REJECT attribute was selected as a result of the matching authorization rule. Check the appropriate Authorization policy rule-results.
  Root cause
  Selected Authorization Profile contains ACCESS_REJECT attribute 
  Only 3 Groups of the user are seen:
  Other Attributes
  ConfigVersionId
  5
  Device Port
  1645
  DestinationPort
  1812
  RadiusPacketType
  AccessRequest
  UserName
  host/xxxxxxxxxxxx
  Protocol
  Radius
  NAS-IP-Address
  172.25.2.80
  NAS-Port
  51517
  Framed-MTU
  1400
  State
  37CPMSessionID=b0140a6f0000C2E15374CC7F;32SessionID=radius/189518899/49890;
  cisco-nas-port
  51517
  IsEndpointInRejectMode
  false
  AcsSessionID
  radius/189518899/49890
  DetailedInfo
  Authentication succeed
  SelectedAuthenticationIdentityStores
  AD1
  ADDomain
  xxxxxxxxxxx
  AuthorizationPolicyMatchedRule
  Default
  CPMSessionID
  b0140a6f0000C2E15374CC7F
  EndPointMACAddress
  00-xxxxxxxxxxxx
  ISEPolicySetName
  Default
  AllowedProtocolMatchedRule
  MDP-PC-PEAP
  IdentitySelectionMatchedRule
  Default
  HostIdentityGroup
  Endpoint Identity Groups:Profiled:Workstation
  Model Name
  Cisco
  Location
  Location#All Locations#Site-MDP
  Device Type
  Device Type#All Device Types#Cisco-Bornes
  IdentityAccessRestricted
  false
  AD ExternalGroups
  xx/users/ordinateurs du domaine
  AD ExternalGroups
  xx/users/certsvc_dcom_access
  AD ExternalGroups
  xx/builtin/accès dcom service de certificats
  Called-Station-ID
  54:75:D0:DC:5B:7C
  CiscoAVPair
  ssid=CAMPUS 
  If you have an idea, thanks so much,
  Regards,

  To configure debug logs via the Cisco ISE user interface, complete the following steps
  :Step 1 Choose Administration > System > Logging > Debug Log Configuration. The Node List page appears, which contains a list of nodes and their personas.
  You can use the Filter button to search for a specific node, particularly if the node list is large.
  www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_logging.html#wp1059750

• External table authentication not updating user group changes

  Hello
  I have a question..
  In OBIEE, i am using external table authentication. I have user and user group tables where users and groups are stores.. Every Time I create a new user and assign them to a group, these records get inserted immediately to these tables with the correct user and group ID that matches with each other.. Then in my initialization block I have the query that fetches the user name and psswd as well as groups names..
  All these are working at the initial user creation. For example, when I create user A and assign it to group A, the DB table has all of the records inserted correctly. When I log in to OBIEE using User A login, I see it is assigned to Group B.
  The problem comes when I change the user A from Group B to Group C. When I did that, although the DB table gets updated correctly, OBIEE session seems to still be the previous one. As a result, when I log in the second time, I see the user A is still assigned to Group B instead of Group C.. This seems to be cached..
  I double check these user tables in OBIEE, none of them are cache enabled.. The connection pool setting of the isolation level is set as default..
  When I reinstall OBIEE all over again and re-log in the first time, this User is now assigned to Group C..
  So seems to be that it is caching issue.
  How should I go about solving this issue
  Appreciate in advance

  Make sure you check the box for 'Required for authentication' and also 'Use caching' should not check.
  Edited by: Srini VEERAVALLI on May 15, 2013 9:05 PM

• Variations issues with User & Group Site Column value

  Hi all,
  I have created variation sites. e.g. http://mydomain/en-us for english & http://mydomain/de-de for german language. I have created custom page layouts. This page layouts are based on custom content types. I have created a column called "User"
  which is type of "User/Groups". I am registering this column to my page layout.  http://mydomain/de-de is my default site.
  Now I am editing column called "User" on page & save it. It saves data properly. But when I am propagating these changes to another site that is http://mydomain/en-us. It shows me all controls with values filled. but with "User"
  column, its showing me blank value.
  Any suggestion. ?
  Thanks in advance.

  http://webcache.googleusercontent.com/search?q=cache:kNlxGIj5f1kJ:sjoere.blogspot.com/2007/11/5-reasons-why-you-should-not-use.html+&cd=2&hl=en&ct=clnk&gl=in
  Content types not propagated
  Risk
  When you add a content type to a page library in the variation source, this type is not automatically propagated to the other labels (see
  my previous post). If you then create a page with that content type in the variation source, it does get published to the other labels but loses its content type field values.
  Proposed solutions
  Set up your site via a site definition that already contains the proper content type bindings to the page libraries. All labels will use the same content types
  Put a good governance plan in place to make sure manual changes are done in every label
  If this helped you resolve your issue, please mark it Answered

• Active Directory Authentication and permissions for user group in APEX 4.0

  Hello,
  I am new to oracle APEX and I have searched the forum for active directory authentication for a user group and I am really confused about all the different threads. Can anyone please provide me the steps to follow; in order to implement AD authentication for a user group in Oracle APEX 4.0.
  These are the threads which i was looking at to get an idea like how AD authentication works but its really confusing for me.
  Help with Authentication (APEX_LDAP.AUTHENTICATE)
  Re: LDAP Authentication Via Groups
  Thanks,
  Tony

  You need to give it more than 30 minutes before bumping your own post. This is not an official support channel, so you need to be patient and wait for people to read, think and respond.