Restrict Access SSID with NAC

Recently I deployed a NAC Appliance OOB with WLC 4402, everthing ok and works fine but to authenticate user on NAC I created a Groups on ACS just to authenticate this users but these users are be able to access other SSID on WLC.
I want this users just make access on NAC SSID.
Does anyone know how do this?

Hi,
Please check out this link,
Restrict WLAN Access based on SSID with WLC and Cisco Secure ACS Configuration Example
http://cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807669af.shtml
Regards,
~JG
Do rate helpful posts

Similar Messages

Restrict Access Vlan with WLC 4402

Folks, I have three SSID configured on WLC and three groups configured on ACS and I need to restrict SSID access based on ACS group.
I tried to use this guide below.
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807669af.shtml
How you can see, this example is aplicable to 802.1x and work out fine with 2 SSIDs that I have but the third SSID don't work because it use the NAC Web login to Auth the user, I needed to fallback because this configuration blocked my NAC Authentication.
Although I have configured NAR just Group2 and Group3, users on Group1 that are Auth with NAC were blocked.
Anyone Know Why this or How can i configure this restriction on WLC and ACS?
thanks a lot

Hi,
You could be hitting DDTS CSCdu52690.
I will suggest to do an upgrade ACS version 3.0 is old and unsupported.
Thanks,

Restrict Access To Page Not Working with Different Auth Levels

I have just started playing with the idea of using different auth levels to allow different users access to certain pages on my site.
Within my SQL database I have a authlevel table consisting of 3 possible levels (guest, user, admin)
I am using the Dreamweaver "Log in user" to log in users based on username, pass, and auth level and "Restrict access to page" set to allow user levels 'user' and 'admin'.
The problem, however, occurs when trying to log in. No matter what auth level I try I am redirected to my page where users should be redirected if they are not allowed to enter that page.
I have included below my code from my login page and the page where all authorized users (user and admin) should be directed upon entering the restricted area.
Login Page:
<?php require_once('../Connections/hondovfd.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
return $theValue;
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "authlevel";
$MM_redirectLoginSuccess = "/membersonly/membersonly.php";
$MM_redirectLoginFailed = "/membersonly/loginfailed.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_hondovfd, $hondovfd);
$LoginRS__query=sprintf("SELECT username, password, authlevel FROM login WHERE username=%s AND password=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));
$LoginRS = mysql_query($LoginRS__query, $hondovfd) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
    $loginStrGroup = mysql_result($LoginRS,0,'authlevel');
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;
    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
    header("Location: " . $MM_redirectLoginSuccess );
else {
    header("Location: ". $MM_redirectLoginFailed );
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<title>Log In</title>

<meta name="description" content="Hondo Fire and Rescue serves the Arroyo Hondo and Canada Village areas of Santa Fe County, NM." />
<meta name="keywords" content="hondo, hondo fire, hondo vfd, hondo fire department, santa fe county fire department, santa fe county, volunteer fire department, hondo volunteer fire department" />
<link href="../stylesheet.css" type="text/css" rel="stylesheet" />

<script src="../SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<link href="../SpryAssets/SpryMenuBarVertical.css" rel="stylesheet" type="text/css" />
</head>
<body class="thrColLiqHdr">
<div id="container">
<div id="header"></div>
<div id="sidebar1">
<h3>Navigation : </h3>
<ul id="MenuBar1" class="MenuBarVertical">
<li><a href="/index.php">Home</a></li>
<li><a href="/support.php">Support Hondo</a></li>
<li><a class="MenuBarItemSubmenu" href="#">Information Menu</a>
    <ul>
      <li><a href="/people.php">Our People</a></li>
      <li><a href="http://www.google.com/maps/ms?ie=UTF8&hl=en&msa=0&msid=101620713606637979698.00045b6ead4ab4ea70b78&z=11" target="_blank">Response Area</a></li>
      <li><a href="/medical.php">Medical</a></li>
      <li><a href="/apparatus.php">Apparatus</a></li>
      <li><a href="/training.php">Training</a></li>
      <li><a href="/volunteer.php">Volunteer</a></li>
      <li><a href="/statistics.php">Statistics</a></li>
      <li><a href="/patchtrading.php">Patch Trading</a></li>
    </ul>
</li>
<li><a href="/album.php">Photo Gallery</a></li>
<li><a href="/calendar.php">Calendar</a></li>
<li><a href="/news.php">Blog/News</a></li>
<li><a href="/links.php">Links</a></li>
<li><a href="/contact.php">Contact Us</a></li>
</ul>
<br />
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<span class="lefttext">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="8567201">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!" />
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</img></input></input>
</span>
</form>
<span class="lefttext"><br />
</span>
<center>
<span class="lefttext"><a href="http://www.facebook.com/pages/Santa-Fe-NM/Hondo-Volunteer-Fire-Department/74284233488" target="_blank" class="lefttext">Hondo VFD on Facebook</a></span>
</center>
</div>
<div id="sidebar2">
    <p><a href="/membersonly/login.php">Log In</a> | <a href="/membersonly/logout.php">Log Out</a></p>
    <p>Call Statistics for <?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/month.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?> as of <?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/date.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></p>
<table width="90%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td width="60%">EMS Calls</td>
    <td width="40%"><?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/emscalls.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></td>
</tr>
<tr>
    <td>Fire Calls</td>
    <td><?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/firecalls.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></td>
</tr>
</table>
<hr />
    <div id="cse" style="width:100%;">Loading</div>
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
<script type="text/javascript">
google.load('search', '1');
google.setOnLoadCallback(function(){
    new google.search.CustomSearchControl().draw('cse');
}, true);
</script>
     
</div>

<div id="mainContent">
<div class="top"></div><div class="wrap">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td height="47" class="h2">Members Only Login</td>
</tr>
<tr>
    <td><form ACTION="<?php echo $loginFormAction; ?>" id="login" name="login" method="POST">
    <table width="40%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td width="31%">Username:</td>
    <td width="69%"><input name="username" type="text" /></td>
</tr>
<tr>
    <td>Password</td>
    <td><input name="password" type="password" /></td>
</tr>
</table>
<input name="Submit" type="submit" />
    </form></td>
</tr>
</table>

</div>
<div class="bottom"></div>
</div>
      <br class="clearfloat" />
<div id="footer">
    <p align="center">© Copyright 2009 Hondo Volunteer Fire Department | <a href="mailto:[email protected]">Contact Us</a><a href="http://www.legalhelpers.com/chapter-13-bankruptcy/chapter13.html"></a><br />Hosting provided by <a href="http://studiox.com/" target="_blank">Studio X</a></p>
</div>
</div>
<script type="text/javascript">

</script>
<?php include_once("/var/home/hondovfd/hondovfd.org/www/analyticstracking.php"); ?>
</body>
</html>
Other Page:
<?php
if (!isset($_SESSION)) {
session_start();
$MM_authorizedUsers = "user,admin";
$MM_donotCheckaccess = "false";
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;
// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
    // Parse the strings into arrays.
    $arrUsers = Explode(",", $strUsers);
    $arrGroups = Explode(",", $strGroups);
    if (in_array($UserName, $arrUsers)) {
      $isValid = true;
    // Or, you may restrict access to only certain users based on their username.
    if (in_array($UserGroup, $arrGroups)) {
      $isValid = true;
    if (($strUsers == "") && false) {
      $isValid = true;
return $isValid;
$MM_restrictGoTo = "/membersonly/loginfailed.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<title>Members Only Area</title>

<meta name="description" content="Hondo Fire and Rescue serves the Arroyo Hondo and Canada Village areas of Santa Fe County, NM." />
<meta name="keywords" content="hondo, hondo fire, hondo vfd, hondo fire department, santa fe county fire department, santa fe county, volunteer fire department, hondo volunteer fire department" />
<link href="../stylesheet.css" type="text/css" rel="stylesheet" />

<script src="../SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<link href="../SpryAssets/SpryMenuBarVertical.css" rel="stylesheet" type="text/css" />
</head>
<body class="thrColLiqHdr">
<div id="container">
<div id="header"></div>
<div id="sidebar1">
<h3>Navigation : </h3>
<ul id="MenuBar1" class="MenuBarVertical">
<li><a href="/index.php">Home</a></li>
<li><a href="/support.php">Support Hondo</a></li>
<li><a class="MenuBarItemSubmenu" href="#">Information Menu</a>
    <ul>
      <li><a href="/people.php">Our People</a></li>
      <li><a href="http://www.google.com/maps/ms?ie=UTF8&hl=en&msa=0&msid=101620713606637979698.00045b6ead4ab4ea70b78&z=11" target="_blank">Response Area</a></li>
      <li><a href="/medical.php">Medical</a></li>
      <li><a href="/apparatus.php">Apparatus</a></li>
      <li><a href="/training.php">Training</a></li>
      <li><a href="/volunteer.php">Volunteer</a></li>
      <li><a href="/statistics.php">Statistics</a></li>
      <li><a href="/patchtrading.php">Patch Trading</a></li>
    </ul>
</li>
<li><a href="/album.php">Photo Gallery</a></li>
<li><a href="/calendar.php">Calendar</a></li>
<li><a href="/news.php">Blog/News</a></li>
<li><a href="/links.php">Links</a></li>
<li><a href="/contact.php">Contact Us</a></li>
</ul>
<br />
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<span class="lefttext">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="8567201">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!" />
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</img></input></input>
</span>
</form>
<span class="lefttext"><br />
</span>
<center>
<span class="lefttext"><a href="http://www.facebook.com/pages/Santa-Fe-NM/Hondo-Volunteer-Fire-Department/74284233488" target="_blank" class="lefttext">Hondo VFD on Facebook</a></span>
</center>
</div>
<div id="sidebar2">
    <p><a href="/membersonly/login.php">Log In</a> | <a href="/membersonly/logout.php">Log Out</a></p>
    <p>Call Statistics for <?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/month.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?> as of <?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/date.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></p>
<table width="90%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td width="60%">EMS Calls</td>
    <td width="40%"><?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/emscalls.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></td>
</tr>
<tr>
    <td>Fire Calls</td>
    <td><?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/firecalls.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></td>
</tr>
</table>
<hr />
    <div id="cse" style="width:100%;">Loading</div>
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
<script type="text/javascript">
google.load('search', '1');
google.setOnLoadCallback(function(){
    new google.search.CustomSearchControl().draw('cse');
}, true);
</script>
     
</div>

<div id="mainContent">
<div class="top"></div><div class="wrap">
    <table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td height="47" class="h2">Members Only Area</td>
</tr>
<tr>
    <td><p><a href="/membersonly/documents.php">Useful Documents</a></p>
      <p><a href="/membersonly/IncidentCount01_08.pdf">Current Call Statistics</a> as of 9/3/09</p>
      </td>
</tr>
</table>
<script type="text/javascript">

</script>
</div>
<div class="bottom"></div>
</div>
      <br class="clearfloat" />
<div id="footer">
    <p align="center">© Copyright 2009 Hondo Volunteer Fire Department | <a href="mailto:[email protected]">Contact Us</a><a href="http://www.legalhelpers.com/chapter-13-bankruptcy/chapter13.html"></a><br />Hosting provided by <a href="http://studiox.com/" target="_blank">Studio X</a></p>
</div>
</div>
<script type="text/javascript">

</script>
<?php include_once("/var/home/hondovfd/hondovfd.org/www/analyticstracking.php"); ?>
</body>
</html>

you don't need all that bloat. set a session during login of some kind of uniquely identifying id. i.e.
$_SESSION['id'] = $row_rs['id'];
then on the pages you need to protect, check it like this....
<?php
session_start();
if (!(isset($_SESSION['id']) && $_SESSION['id'] != '')) {
die(header("Location: http://www.notinprotectedareas.com")); }
?>
you can use an include file i.e.
<?php require_once('login_check.php'); ?>
where file is name login_check.php to make your auth controls clean on your protected pages.

Creation of roles with restricted access to infoarea

HI !
We need to create some custom roles in BW, which will restrict the user (with that role) to access only specific infoareas in BW, i.e. the reports and Infoproviders etc created under those InfoAreas.
When I tried to create a role in tcode PFCG, I dont get any such options to restrict by InfoArea. Do we have to create custom Authorization objects for this and assign them to this role? if yes, how do we create such Authorization objects?
I am totally new to roles/profiles etc... i read the online documentations, but cudnt understand them much.
<u>Please provide the steps to do this</u>.
Thanks,
SUshmita

hi Sushmita,
try authorization object S_RS_COMP - business explorer compnent (under RS - business information warehouse),
you can specify infoarea, infocube
hope this helps.

Is there any way I can control which specific access point I connect (and stay connected) to from amongst a set of access points with the same SSID?

I'm working from a boat in a harbor in which the ISP has deployed numerous access points around the periphery. All the access points share the same SSID and each is configured to use either channel 1, 6 or 11. From my location, there are over a dozen of these access points "visible" (based on the the output of WiFi Scanner) with a range of RSSI and S/N values that vary over time.
The ISP has told me that the quality of my connection should be "perfectly fine" for any access point with an RSSI value better than -75, but I know from experience that my connection quality is miserable (i.e. < 50Kbps download) for almost all of these, including those with RSSI values better than -75. There is at least one exception, however, which gives me on the order of 2Mbps download, which is "great" in this context.
I've tried using a more powerful USB antenna plugged into my MacBook Air (mid 2011), but as far as I can tell, it really doesn't make much difference. Neither does my location within the boat. The overriding factor seems to be which access point I happen to connect up to.
I should point out that the closest access points are about 75 yards away, with many of them being several hundred yards away or more. I'm guessing that even though the signal strength of some of the distant access points is causing them to get "chosen" some times, the results are unacceptable due to the distance.
I'm hoping that I can determine, through experimentation, which access point(s) provide(s) acceptable performance and then configure my Mac to limit my connection to those points through whatever mechanism I need to use (e.g. channel, MAC id, etc.).

Establishing a wireless connection with a client computer is left to the access point for various reasons. One reason that your Mac may not connect to the strongest access point is that it may have reached a limit of the number of clients it can serve, leaving it unable to accept a connection with another. The limit may not be very large.
Suppose that happens, and your Mac establishes a connection with a more distant access point having a weaker signal. Then, suppose a client drops off the network. Doesn't this mean your Mac will switch to the stronger access point? Not necessarily. The throughput delivered to and from your Mac would have to drop below a threshold specified in the AP for it to drop the client, leaving your Mac free to connect with another one. The reason for this is to prevent rapid switching from one AP to another in an area in which two signals are of approximately equal quality. If that were to occur the frequent and repetitive handshaking between the two devices would slow throughput to zero.
In an environment in which several access points are broadcasting the same SSID, Apple provides no insight as to how it determines which access point to choose. This is the reason I suspect this "choice" is a function of the router, or access point. The connection originates with it, not the Mac.
Now, what would solve your dilemma would be to determine a way to control the access point with which your Mac connects, by specifying the access point's unique MAC address for example. In this happy circumstance, you could maintain an editable "whitelist" or "blacklist" of the harbor's access points and be able to choose which among them you prefer.
I do not believe OS X maintains such a record of MAC addresses though, only those of the routers it uses. If I am correct about that, such a solution is unlikely to exist. Don't let that discourage you from searching for one though... I would concentrate on something like "selecting access point by specific MAC address".
I did find this patent application though:
Roaming Network Stations Using A Mac Address Identifier To Select New Access Point
Perhaps it's a start

Restrict access with object F_LFA1_BEK - problem with F4 search

Hello,
we want to restrict access to some vendor accounts, which can be shown with transaction FK03 for example.
There is an authorization object F_LFA1_BEK, which can be maintained in the special vendor accounts in field authorization group.
A user with authorization for vendor account with authorization group ZZZZ in it can see all vendors with authorization group ZZZZ and all vendors with no authorization group. But he can't see vendor accounts with authorization group YYYY. To this point, it's ok.
If the user uses the F4 search help he is able to see the vendor accounts with authorization group YYYY too. And this is the problem - the user should not see these vendor accounts. With this option user is able to see address data of a vendor account he should not see.
Is there any possiblity to solve this problem?
Regards,
Julia

I don't know the current status, but this is being looked into generally as it is not only limited to the F4 on LFA/B/M1.
As you only access the name and some attribute data which you can display, it is not necessarily critical and there is no transaction data involved.
Good news is that the BAPIs for search help make these same granular checks which you are expecting.
If I hear something further about these developments I will let you know.
Cheers,
Julius

Problem with Restrict Access to Page with access level using ASP

I'm using Dreamweaver CS3 with ASP-VBScript and an Access
database. The pages were created from scratch for this project,
using those tools all the way through.
I've created a login page, an admin homepage, and add, edit,
and list records pages for three tables. The login page uses the
Server Behavior "Log in User", all other pages use the Server
Behavior "Restrict Access to Page". All of these are based on an
Access Level.
Login seems to work correctly, and redirects to the admin
homepage. From the admin homepage, I can open any other page as
expected, and they initially display correctly. On the add and edit
pages, however,
submitting the form often results in getting logged out, but
not always.
Once this happens, I can log back in, but other problems will
sometimes occur during that second login session. Sometimes,
logouts will occur on pages that worked fine during the first login
session. Sometimes, another session variable that I've setup
manually will change when it shouldn't...as if there were two
values stored for my session variable, and reloading the page
changes to the other value.
This
post seems closest to my experience, but it doesn't look like
there was really an answer beyond "I had to fight with it for a bit
to get it to work":
I suspected that there is some problem with session settings
on the server. We have an almost identical tool on the same server
that was developed with an older version of DW that works more
reliably; it sometimes has problems with the initial login, but
never has a problem after that.
Has anyone experienced problems like this? Any suggestions
for what to check? I'm really pulling my hair out since it's so
unreliable...the kind of problem that goes away when you try to
show someone and comes back when they leave.

Hello,
I was thinking that all I would need would be the username, although username and paswsword would be more secure. There are about 50 users and no groups or levels. They are all equal ... same level.
The website is private and there is a general content area for all users and then there will be private areas for each user where proprietary documents will be held. I need to be able to ensure that user 'A' can only see the user 'A' pages, user 'B' can only see user 'B', etc.
I don't really understand what the Dreamweaver script is doing, but the overview sounded like it was the right tool to accomplish what I'm trying to do.
Any assistance greatly appreciated.
thanks.

HT201304 I need to restrict access to Settings on an iPad so settings like VoiceOver cannot be activated while letting them access multiple apps on the device. Is their any way to restrict access to settings without locking the device with a PIN?

I need to restrict access to Settings on an iPad so settings like VoiceOver cannot be activated while letting them access multiple apps on the device. Is their any way to restrict access to settings without locking the device with a PIN?
This is so our guests cannot tamper or disable the device. We are already using Apple Configurator but their does not seem to be a way to lock down settings without a PIN.

There's a lot of restrictions information in Chapter 19 of the 4.2 User Guide.
http://support.apple.com/manuals/#ipad
By the way, a more extensive version of the User Manual is available at no charge through iBooks.

BW : RSA1 with restrict access, possible?

Hi all,
Its possible use RSA1 with restrict access ?
You can implement the transaction RSA1 restriction of access.
Example:
Some users can not use the part of source systems (TCODE RSA13).
In this example, we block the transaction RSA13, however using RSA1 itself unable to access the part of source systems.
thz

Just to add some more info to Durgesh's reply...
Using obj S_RS_ADMWB you can restrict access to different ares of AWB. See online docu on this topic:
[http://help.sap.com/saphelp_nw04/helpdata/en/80/1a6859e07211d2acb80000e829fbfe/content.htm|http://help.sap.com/saphelp_nw04/helpdata/en/80/1a6859e07211d2acb80000e829fbfe/content.htm]

Restrict Access and Multiple Upload with Insert

I continue to have problems with using Restrict Access to Folder with Multiple Upload with Insert. When the restrict access is enabled the uploader does not work, when it's removed it works. Any ideas?

I've found that if I have a page that displays the kt_login_id, login and then go to that page it doesn't display the login ID. Then if I add the multiple image uploader w/ DB insert and reload the page the login ID is displayed and the uploader works, however, if I set an uploader field to the login ID it inserts and uploads everything but the login id. I thought this might have to do with the fact the the 'Restrict Access to Page' is not on the page yet. When I add it the uploader and insert stops working. I've placed the 'Restrict Access to Page' code in every possible place in the code (above the head) and the only place where the uploader/insert works is when the resrtict code is after the uploader code. But then again the login id does not get inserted. Please someone help.

How do i restrict access to clients coming in with weaker SSL keys ( 56 bits or les ) and redirect them to a special page ?

I tried the "ssl-check" PathCheck directive. Doesn't seem to do anything.

Hi,
To restrict access(56 bits or less). follow the below steps.
1. Go to your Webserver instance ServerManager
2. Click Preferences Tab ------> Encryption Preference
------> There disable "DES with 56 bit
encryption and MD5 message authentication."
for SSL 2.0 ciphers or SSL3.0 Ciphers. Which ever
needed.
3. Save and Restart the Webserver instance.
The above steps are for 4.x version.
Thanks,
Daks.

Access switch lost contact with nac profiler

hi all,
We have implement HA for nac profiler using version 3.1.1_18 .My problem is we need manually update for all access switch to connected with nac profiler server and then endpoint detect if i'm don't click button update for all access switch not see the new endpoint .On the acceess switch we configure SNMP cisconac RO and cisconac1 RW .For the SNMP is it needed manually update or automatic if new endpoint connect to the network ?here i'm attach on the my configuration SNMP ..

Hi Larry,
I had the same problem with iTune 10.6.5, and one cannot uninstall it. I was on the phone with Apple wireless support. The solution is to upgrae firmware on the Express, whihc cannot be doen with the latest airport utilities. HOwever, Apple re-posted Airport utility 5.6 for lion, which will then allow you to upgrade the firmware on older Aplle Express Units. This in turn will allow iTune 10.6 to communicate properly wit the Express. Doing so restored my connection to the speakesr without any further issues.
Give it a try...
the utility i sloctaed at:
http://support.apple.com/kb/DL1482?viewlocale=en_US&locale=en_US
Best,
rk007

Restrict access to files with JAAS

Hi,
I would like to restrict access based on a JAAS-autenticated user to a file named
c:/foo.txt. I have written some code that checks if the autenticeted user has
access to the file, but how and where do I grant the user access with JAAS in
WebLogic Server 6.
FilePermission filePerm = new FilePermission("c:/foo.txt", "read");
java.security.AccessController.checkPermission(filePerm);
thanks
/Chriz

meena.vyas and jyri, please note that the uri parameter specifies a wildcard pattern. As stated in the the Using Wildcard Patterns section of the NSAPI Programmer's Guide at http://docs.sun.com/source/817-6252/npgwldcrd.html, ~ is a special character in wildcard patterns. As such, your examples will not work.
ylapin, the following should do what you want:<Client uri="*\\~">
PathCheck fn="deny-existence"
</Client>You can add the above immediately below the <Object name="default"> line in the obj.conf configuration file.

Problems with Serv.Behav. Restrict Access Level

Hi,
I hope you can help - can't find an answer to this one. Been
going nuts on this! Thank you very much for anything help you can
provide.
1) Using DW 8.0, PHP 4.4.7, MySQL 4.1.22
2) Set up log in page, everything works if the LogIn Server
Behavior is set to "Restrict Access" to only Username &
Password. If set to Username, Password & Access Level get a
MySQL error page:
"You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to
use near 'Privileges FROM tbl_users WHERE Username=%s AND
Password=%s' at line 1"
3) Here's the code:
<?php require_once('Connections/conn_MemberList.php');
?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType,
$theDefinedValue = "", $theNotDefinedValue = "")
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue)
: $theValue;
$theValue = function_exists("mysql_real_escape_string") ?
mysql_real_escape_string($theValue) :
mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" :
"NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) .
"'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" :
"NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue :
$theNotDefinedValue;
break;
return $theValue;
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
if (isset($_POST['textfield'])) {
$loginUsername=$_POST['textfield'];
$password=$_POST['textfield2'];
$MM_fldUserAuthorization = "Privileges";
$MM_redirectLoginSuccess = "MemberList.php";
$MM_redirectLoginFailed = "MemberDeny.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_conn_MemberList, $conn_MemberList);
$LoginRS__query=sprintf("SELECT Username, Password,
Privileges FROM tbl_users WHERE Username=%s AND Password=%s",
GetSQLValueString($loginUsername, "text"),
GetSQLValueString($password, "text"));
$LoginRS = mysql_query($LoginRS__query, $conn_MemberList) or
die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = mysql_result($LoginRS,0,'Privileges');
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
header("Location: " . $MM_redirectLoginSuccess );
else {
header("Location: ". $MM_redirectLoginFailed );
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0
Transitional//EN" "
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="
http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=iso-8859-1" />
<title>Untitled Document</title>
<style type="text/css">

</style>
</head>
<body>
<p> </p>
<form id="LogOn" name="LogOn" method="POST"
action="<?php echo $loginFormAction; ?>">
<table width="100%" border="0" cellspacing="2"
cellpadding="2">
<tr>
<th scope="col"><div align="right"><span
class="style3">User:</span></div></th>
<th scope="col"><label>
<div align="left">
<input type="text" name="textfield" />
</div>
</label></th>
</tr>
<tr>
<td><div align="right"><span
class="style3">Password:</span></div></td>
<td><label>
<div align="left">
<input type="text" name="textfield2" />
</div>
</label></td>
</tr>
<tr>
<td> </td>
<td><label>
<input type="submit" name="Submit" value="Submit" />
</label></td>
</tr>
</table>
</form>
<p> </p>
</body>
</html>
Thank you

I tried this and get the same error message.
ERROR at line 1:
ORA-28545: error diagnosed by Net8 when connecting to an agent
NCRO: Failed to make RSLV connection
ORA-02063: preceding 2 lines from ALPACWOBF
listener.ora:
LISTENER =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = spruce)(PORT = 1521))
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC0))
SID_LIST_LISTENER =
(SID_LIST =
(SID_DESC =
(SID_NAME = alpacwobf)
(ORACLE_HOME = C:\oracle\ora92)
(PROGRAM = hsodbc)
tnsnames.ora
alpacwobf.3LOG.COM =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = SPRUCE)(PORT = 1521))
(CONNECT_DATA =
(SID_NAME = alpacwobf)
(HS=ok)
initalpacwobf.ora:
HS_FDS_CONNECT_INFO = AlpacWOBF
HS_FDS_TRACE_LEVEL = 4
HS_FDS_TRACE_FILE_NAME = alpacwobf.log
ODBC setting is ok. odbc name is alpacwobf, db is access 2000.
restart the listener.
tnsping alpacwobf is ok.
database link creating is ok.
but when query,I got error.
alpac > create database link alpacwobf using 'alpacwobf';
Database link created.
alpac > select count(*) from test@alpacwobf;
select count(*) from test@alpacwobf
ERROR at line 1:
ORA-28545: error diagnosed by Net8 when connecting to an agent
NCRO: Failed to make RSLV connection
ORA-02063: preceding 2 lines from ALPACWOBF
Any help will be appreciated.
Thanks a lot.
Richard

Restrict Access for Asset with Ubuntu

Hello guys,
now i have a problem for you and i hope, that you could help me.
The ArtBox have some problems on my ubuntu system. The error message shows me "Restrict Access for Asset".
Can somebody give me some tips, how the error could be recognize or how i can fix it?
Thanks for the help.

Hi,
After you finish installing Artbox , you must now make sure that samba is setup correctly. I just plan to try ArtBox and ubuntu using virtualbox, hope it can work fine.

Restrict Access SSID with NAC

Similar Messages

Maybe you are looking for