Restrict WLAN access based upon device type
hi,
i have a requirement to allow only certain device types (Apple Ipad only) on WLAN. Dont want to use individual MAC filters due to administrative overheads. Any suggestions?
The only way you can just allow one type of device is the use of a profiler. Cisco ISE has a profiler, but you will need to get the advanced license also. I don't know how you would be able to do it any other way unless you manually configure each iPad to allow that device on your network.
Sent from Cisco Technical Support iPhone App
Similar Messages
-
WLC and preventing access based upon device type
Hello,
I know this may be slightly offbase, and may be more of a Microsoft question, but I'll ask anyway.
Here is my problem. We have a WPA secured wireless network. Users are now connecting there Iphones & Droids to this network. We want to prevent this. In researching, it looked like MS NPS server could authenticate not only on username/password, but also based on wether the computer was associated with the Domain. I could then inject the associated VLAN to put the devices on. While the injection is working perfectly, it doesnt look like this variable of "Domain Computer" is being met.
Basicly, we have Windows and Mac's that need to gain access to our secure wireless area, and anyone else can be put on a non-secure area.
Has anyone else used this feature successfully?
Or does anyone else have any alternatives?
Thank you,Hi Drew,
I think you're talking about machine authentication. Windows radius server easily checks the machine account on the domain so there is no added burden for the user.
This is a setting to enable on the client side and also on the radius server side. For example, you can grant access only if machine authentication happened.
However, WLC has nothing to do in this story actually ...
Nicolas.
===
Don't forget to rate answers that you find useful -
Restrict WLAN Clients based on device
Hello Guys
I had a question for all you experts.
I have 2 SSIDs being broadcasted out in my campus, one for computers, macs etc and other for just cell phones, Is there a way we can restrict the cellphones from not connecting to the SSID used by computers. I do not have an identity management system like ISE. My controllers are WISM2 and I use 3502 APs.
Following is the detail from one of my controllers
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.2.110.0
Bootloader Version............................... 1.0.16
Field Recovery Image Version..................... 7.0.43.32
Firmware Version................................. FPGA 1.6, Env 0.0, USB console 2.2
Build Type....................................... DATA + WPS
Any guidance will be highly helpful.
RegardsYou need something that can profile based on SSID and device type, like ISE to be able to do that.
HTH,
Steve
Please remember to rate useful posts, and mark questions as answered -
Report based upon material type against movement type for a period ?
i need a inventory report which should be based upon materil type & movement type for a particular period.
For example- for last monthe how much Raw material has been issued againast production order. i would like report to allow me ROH and movement type 261/262 and period entry. MB5B does not satisfy my requirements, ist of all there si no material type/secondly it restricts itself if i use movement types
thanks
samHi,
You can create a small program to get report.
Input fields Date of posting BUDAT, Movement type BWART (Plant if required).
Check field BUDAT (Posting Date. Should check based on input date field.) In table MKPF.
If data falls in required date range. Pick MBLNR-MKPF (Mat doc number).
Go to table MSEG compare MBLNR-MKPF and MBLNR-MSEG if same pick field MATNR-MSEG (Mat number).
Go to MARA check MTART-MARA for picked MATNR-MARA (in previous step). Take the material type.
Add the below fields to out put
MATNR, MTART, BWART-MSEG (Movt type), ERFMG-MSEG (quantity posted), WERKS-MSEG (Plant received), LOGRT-MSEG (S. Loc received).
Please take advise from ABAPer regarding prog logic
Thank you,
Anand K -
Control Authorisation Access based on Planning type in Flexible SOP
hi,
How can we control MC93 and MC94 access based on Planning type for different users?i.e only certain Planning types allowed for one user.Hello
I would like to do the same...
So far the only thing I can find is enhancement MCP20005 which allows you to extend authorization check for planning. The planning type is available in this function module and if you return subrc ne 0 authorization is denied.
Hope you find this helpful.
Thanks,
Heidi -
How to restrict VK11 access based on condition class D (Tax)
hi ,
I have a requirement to restrict VK11 access based on condition class D (Tax). Because all users should not have access to maintain tax data in VK11 while general pricing data they can maintain. when condition class is D then we should have control.
Thanks
AkhileshHi Akhilesh,
Please find the below link and click on View article.
http://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/a92195a9-0b01-0010-909c-f330ea4a585c
how to create authorization object?
Thanks
Dasaradha -
Segmentation based upon BP Type
Hi
We have a requirement to do segmentation based upon BP type. But in standard Infosets this option is not available. Please tell me how this can be achieved.
Thanx & regards
HitsHi Hitesh,
BP type is available in the BUT000 table with the field BPKIND
Create a infoset using direct read of table BUT000 and segment on the attribute BPKIND
Hope it helps
Regards,
Madhu -
Could you restrict purchase orders based upon Vendor / Material Group?
Hey everyone - I've got a general "could this be done" kind of question.
We would like to add on to the vendor purchasing view to include "valid" material groups. This would then have what material groups could be purchased for which company code for that vendor. Then in the purchase order creation / modification we would like to be able to validate this purchase order against this vendor / company code / material group combination.
Obviously with enough custom code this could be done. My question is whether it could be done without out introducing too much custom code - how would you construct such a solution to this problem?
We are a SAP 4.7 shop.
Thanks! Ken Little>
Ken Little wrote:
> Hey everyone - I've got a general "could this be done" kind of question.
>
> We would like to add on to the vendor purchasing view to include "valid" material groups. This would then have what material groups could be purchased for which company code for that vendor. Then in the purchase order creation / modification we would like to be able to validate this purchase order against this vendor / company code / material group combination.
>
> Obviously with enough custom code this could be done. My question is whether it could be done without out introducing too much custom code - how would you construct such a solution to this problem?
>
> We are a SAP 4.7 shop.
>
> Thanks! Ken Little
By include "valid" material groups i think it means you are introducing a new field or some value in already existing field in vendor master.
1) Now to restrict PO based upon material group a small custom code is needed.
Use BAdI ME_PROCESS_PO_CUST....here write a code with help of your ABAP person that system will first select the
LIFNR (vendor code) entered in the PO...then it will check the same LIFNR in LFM1 table...here it will check the material
group in the customized field & if found that it is within the list of previous listed material group then it will allow to process
further or otherwise give a customized error message.
or
2) Use the field Group in OMSF...here maintain a common group against the material groups you want to do the purchase cycle.Now ask your BASIS person to use this group in carry out a specific activity, the user must have authorization for the combination of the activity and the authorization group.
Regards,
Indranil -
Restrict the user based on document type on migo transaction-prepare GRN
Hi,
We are running ECC6.0 R/3 system.We had a requirement as follows
In MIGO transaction , we want to restrict the user on document type i.e. we want that a particular user can prepare GRN for document type STO only. He cannot prepare GRN for other document type.
We checked SU24->maintain check indicators for transaction codes->enter migo->execute->check indicator.This returned us the authorisation objects present in Migo transaction.We checked the help of all these objects,but none of them we found suitable for above mentioned requirement.We were planning to find out the proper authorisation object to add to Profile generater.
The following is the objects which we have checked for.
A_B_ANLKL--> Asset Postings: Company Code/Asset Class
A_B_BWART--> Asset Postings: Asset Class/Transaction Type
B_USERSTAT--> Status Management: Set/Delete User Status
B_USERST_T--> Status Management: Set/Delete User Status using Process
C_AFKO_AWK--> CIM: Plant for order type of order
C_CACL_DSG--> Interface Design
C_DRAW_BGR--> Authorization for authorization groups
C_DRAW_DOK--> Authorization for document access
C_DRAW_TCD--> Authorization for document activities
C_DRAW_TCS--> Status-Dependent Authorizations for Documents
C_KLAH_BKP--> Authorization for Class Maintenance
C_STUE_BER--> CS BOM Authorizations
C_STUE_WRK--> CS BOM Plant (Plant Assignments)
C_TCLA_BKA--> Authorization for Class Types
C_TCLS_BER--> Authorization for Org. Areas in Classification System
C_TCLS_MNT--> Authorization for Characteristics of Org. Area
F_BKPF_BUK--> Accounting Document: Authorization for Company Codes
F_BKPF_BUP--> Accounting Document: Authorization for Posting Periods
F_BKPF_KOA--> Accounting Document: Authorization for Account Types
F_FICA_FOG--> Funds Management: authorization group of fund
F_FICA_FSG--> Funds Management: authorization group for the funds center
F_FICB_FKR--> Cash Budget Management/Funds Management FM Area
F_KNA1_APP--> Customer: Application Authorization
F_LFA1_APP--> Vendor: Application Authorization
F_SKA1_BUK--> G/L Account: Authorization for Company Codes
G_GLTP --> Spec. Purpose Ledger Database (Ledger, Record Type,
Version)
J_1IDEP_SL--> Authorization object for depot sale transaction
J_1IEXC_OT--> Authorization object for Other Excise Invoice Create
J_1IEX_PST--> Autorization object for posting Other Excise invoice
J_1IGRPT1--> Auth. for PART1 at GR
J_1IINEX --> Incoming Excise Invoice
J_1IRG23D--> Authorisation object for Depo Transactions
K_CCA--> CO-CCA: Gen. Authorization Object for Cost Center
Accounting
K_CSKS --> CO-CCA: Cost Center Master
K_CSKS_SET--> CO-CCA: Cost Center Groups
K_PCA--> EC-PCA: Responsibility Area, Profit Center
L_TCODE--> Transaction Codes in the Warehouse Management System
M_ANFR_BSA--> Document Type in RFQ
M_ANFR_EKG--> Purchasing Group in RFQ
M_ANFR_EKO--> Purchasing Organization in RFQ
M_ANFR_WRK--> Plant in RFQ
M_BEST_BSA--> Document Type in Purchase Order
M_BEST_EKG--> Purchasing Group in Purchase Order
M_BEST_EKO--> Purchasing Organization in Purchase Order
M_BEST_WRK--> Plant in Purchase Order
M_MATE_CHG--> Material Master: Batches/Trading Units
M_MATE_STA--> Material Master: Maintenance Statuses
M_MATE_WRK--> Material Master: Plants
M_MRES_BWA--> Reservations: Movement Type
M_MRES_WWA--> Reservations: Plant
M_MSEG_BMB -->Material Documents: Movement Type
M_MSEG_BWA--> Goods Movements: Movement Type
M_MSEG_BWE--> Goods Receipt for Purchase Order: Movement Type
M_MSEG_BWF--> Goods Receipt for Production Order: Movement Type
M_MSEG_LGO--> Goods Movements: Storage Location
M_MSEG_WMB--> Material Documents: Plant
M_MSEG_WWA--> Goods Movements: Plant
M_MSEG_WWE--> Goods Receipt for Purchase Order: Plant
M_MSEG_WWF--> Goods Receipt for Production Order: Plant
M_RAHM_BSA--> Document Type in Outline Agreement
M_RAHM_EKG--> Purchasing Group in Outline Agreement
M_RAHM_EKO--> Purchasing Organization in Outline Agreement
M_RAHM_WRK--> Plant in Outline Agreement
Q_TCODE QM --> Transaction Authorization
S_ADMI_FCD--> System Authorizations
S_ALV_LAYO--> ALV Standard Layout
S_BDS_DS--> BC-SRV-KPR-BDS: Authorizations for Document Set
S_BTCH_ADM--> Background Processing: Background Administrator
S_BTCH_JOB--> Background Processing: Operations on Background Jobs
S_CTS_ADMI--> Administration Functions in Change and Transport System
S_DATASET--> Authorization for file access
S_DEVELOP--> ABAP Workbench
S_DOKU_AUT--> SE61 Documentation Maintenance Authorization
S_GUI--> Authorization for GUI activities
S_OC_DOC--> SAPoffice: Authorization for an Activity with Documents
S_OC_ROLE--> SAPoffice: Office User Attribute
S_OC_SEND--> Authorization Object for Sending
S_PACKSTRU--> Internal SAP Use: Package Structure
S_PRO_AUTH--> IMG: New authorizations for projects
S_RFC--> Authorization Check for RFC Access
S_SCD0 --> Change documents
S_SPO_DEV--> Spool: Device authorizations
S_TABU_DIS--> Table Maintenance (via standard tools such as SM30)
S_TCODE --> Transaction Code Check at Transaction Start
S_TRANSLAT--> Translation environment authorization object
S_TRANSPRT--> Transport Organizer
S_WFAR_OBJ--> ArchiveLink: Authorizations for access to documents
V_LIKP_VST-->Delivery: Authorization for Shipping Points
V_VBAK_AAT-->Sales Document: Authorization for Sales Document Types
V_VBAK_VKO-->Sales Document: Authorization for Sales AreasHave you executed a trace while a functional user executes the transaction code for the specific parameters? (i.e. document type). The trace will then show which objects are being checked; then look at the object documentation in txn Su21 to determine if there are any ways to restrict on the particular value; in some cases, if the authorization group field is being checked, additional configuration is needed in order to implement the security (Su21 will explain in detail for the particular object).
-
Restricting user access based on a site column value in a document library.
We have a business requirement to show the contents of a document library based on a value (or values) in the site column (or multiple columns). For example, my document library has a custom site column called confidentiality. This
will have values like restricted, internal and public. Now, based on the AD Group the user belongs to, I should be able to control the access to Restricted or Restricted and Internal files from the document library. We are using SharePoint Online 2010.
Please suggest the best way to achieve this requirement?SharePoint's security model doesn't allow you to specify security based on metadata. You could however create a Sandboxed Solution containing a Feature that registers a custom event receiver on the Document Library. The logic inside this
Event Receiver would fire after editing item properties (ItemUpdated) to apply item-level permissions based on the rules you need.
Make sure to read the article below to determine if fine-grained permissions are suitable in your case:
http://technet.microsoft.com/en-us/library/gg128955.aspx -
Restrict application access based on IP address
Hi!
I am a newbie to Oracle Application Server, and I want to know if there is any way to restrict access to particular applications such as 'ascontrol' based on IP address.
I am using Oracle Application Server 10g.
Regards
DriniYou can see dms.conf file for something like that.
Order deny, allow
deny from all
allow from 10.0.0.1
This only allow 10.0.0.1 to see something.
Greetings -
Grant access based on application type?
Hi,
Is there a way to grant access to just some of the application types attached to a DIR? I would like to limit the users to open the CAD files but they should be able to open the PDF files attached. The idea is to create the PDF file automatically out of the CAD file so I canu2019t put them in different DIRs because that would involve manual work.
Kind regards,
Kristoffer PehrsonHi Kristoffer,
from my point of view maybe the authorization trace could help to find a suitable authorization object for creating your checks. More information on this authorization trace could be found under http://wiki.sdn.sap.com/wiki/display/PLM/AuthorizationTraceintransactionST01
Useful information on each DMS authorization object can be found under http://wiki.sdn.sap.com/wiki/display/PLM/AuthorizationObjectsin+DMS.
If no standard authorization object could be useful maybe you can use a BADI like DOCUMENT_AUTH01 or DOCUMENT_MAIN01 to implement an individual check for the application type and so restrict some users to view special applications.
Best regards,
Christoph -
Port Security based on Device Type
Hi all:
We need to know whether there is any feature or software that allows to block switch ports for type of devices.
For instance, we have some switches for IP phones and we do not want to have PCs connected to those ports.
We know that it can be done using MACs, but, as phones can be moved easily, it implies constant changes on port security.
Thanks
RegardsApologies if I have not understood the original question, however, can you use port security (max MAC / sticky MAC) to ensure only devices that are currently connected are successful, other violations will result in the port being shutdown.
You may want to investigate some 802.1x device authentication
http://www.cisco.com/en/US/products/ps6662/products_ios_protocol_option_home.html
HTH
Steve -
Reduced Access Based on Account Type
Hello,
I have a client who would like to allow full access to the entire team for their accounts execpt for 2 types. How can I limit the accounts to the owner/manager for the 2 types verses allowing the team to have visibility?
For instance, account types = to Platinum, Gold, Silver, Bronze are ok for the entire sales team (with the same role) to see. The account types = to Elite and Premier are only visiible to owner and manager.
Thank you in advance for your assistance,
ShawndaThanks for your quick reply.
Will do!
Thanks,
Shawnda -
Acct assignment to be restricted based on Doc type
Dear All
I need to restrict Account assignments based on Document types,
As of my knowledge there is not standard customizing possible.
But i can restrict Acct assignment based on Item catregory. But this settings doesn't satisfy my requirement,
I would like to know is there any standard customizing or any user exit availble .
Kindly let me know
Thanks & regards
Madhesh Kumarhi,
there is no sap standard customising for this please go ahead with user exit in PO.
create an doc type.
when you select the perticular doc type system should take default account assignment.
regards
Maybe you are looking for
-
How do I associate two different Apple ID's?
My family has two different Apple ID's. How do I associate both of those libraries into one library?
-
Hi Friends, Can any one lte me know what exactly is the difference between Function module & Remote Function Module. Can any one let me know some links that show light on FI scenario and tables. Regards, Roby.
-
Spark VideoDisplay - how to set `background` color
Hello! How can I set the background color of the Spark VideoDisplay to be something else than the default black one? Thank you.
-
Hi guys! Just wondering if anyone know if there's any cables that has scart to thunderbolt? So you could, for examle connect your xbox 360 to your Thunderbolt display and use that as your primary screen.
-
Why am I know having such difficulty streaming movies, it constantly stopping to upload,, pretty frustrating. There a also pop ups that have started to come up " Adobe Flash Settings "Some go away when I click deny, others I need to leave the site