SNMP notify and remote SNMPv3 users

Similar Messages

• UCSManager (v.2.0(1s)) - Locales and Remotely Authenticated Users (AD)

  Hello,
  We recently added LDAP authentication to our UCS Manager (v2.0(1s)) and the binding of roles works and users are able to login using their AD accounts.  However, I was wondering if anyone knows how to assign a locale to a remotely authenticated user.  The option seems greyed out on my end.  There are a handful of people that only need to see their single blade and we don't want them to see the rest of our servers.
  Thanks,

  No they weren't part of those groups.  I see where I went wrong: the mappings I made didn't include the locale, only the roles section.
  However, I noticed another issue.  Anyone that is in the base OU and below is allowed access to UCS Manager.  Even if they are NOT apart of a UCS mapping, they get read-only access and see everything.  Is there a way to deny all access unless a user is specifically apart of a group in AD that is mapped to a role in UCS Manager?
  Lets say I have a blade on chassis 1 slot 6.  I want a user in AD to only see and have access to that blade.  Nothing else.  Is that possible?
  Thank you in advance for any help.

• NISPOM Tool reports groups "Guests" and "Remote Desktop Users" have excessive privileges - remediation?

  Greetings,
   I'm running a security tool DISA provides and it's reporting that on my XP box the following:
   "This group has privileges associated with it that may allow anonymous access to the system."
  The group is:
  "Guests"
  I've already disabled the Guest account, however the account isn't the same thing as the group, so how does one go about limiting anonymous privileges associated with the group?

  Remove any group membership if Guest account is member of.
  You can also use restricted group policy to remove group membership on muliple computers at once.

• I am trying to build a basic TCL skeleton script that reads a remote SNMP OID and displays the value on the screen.

  I am trying to build a basic TCL skeleton script that reads a remote SNMP OID and displays the value on the screen.
  I don't want it to be an EEM Event, I just want to run it from the (tcl)# prompt.
  So I guess I'm asking if you can use cli_exec and other commands in the "namespace import ::cisco::eem::*" in a normal non-EEM script - can I do that?
  This is the error I get:
  OTN.159(tcl)#source flash:TCL_SNMP_Remote_Read.tcl
  invalid command name "::cisco::eem::event_register_none"             ^
  % Invalid input detected at '^' marker.
  What am I missing?
  =================  TCL_SNMP_Remote_Read.tcl  ==============================
  ::cisco::eem::event_register_none
  namespace import ::cisco::eem::*
  namespace import ::cisco::lib::*
  if [catch {cli_open} RESULT]
      { error $RESULT $errorInfo }
      else { array set cli1 $RESULT }
  if [catch {cli_exec $cli1(fd) "snmp get v2c 192.168.1.100 public timeout 1 oid 1.3.6.1.2.1.1.1.0" } RESULT]
         { error $RESULT $errorInfo  }
         else { set SnmpSysDesc $RESULT }
  if [catch {cli_close $cli1(fd) $cli1(tty_id)} RESULT] {
              error $RESULT $errorInfo
  puts $SnmpSysDesc
  =========================================================================
  In the sho-run config I have:
  event manager directory user policy "flash:/"
  event manager session cli username "cisco"
  Any help to get me started would be greatly appreciated!
  Tim

  If you don't want an EEM policy, then don't use any of the EEM constructs.  Instead, all you need is this:
  set output [exec "snmp get v2c 192.168.1.100 public timeout 1 oid 1.3.6.1.2.1.1.1.0"]puts $output

• Routing issue for remote vpn user and spoke

  Hi all,
  i have configure VPN (see attached file)
  before upgrading ASA from 8.3 to 8.4,  SPOKES was able to communicate between them and  also remote VPN users was able to access spoke site.
  after upgrade  ASA HUB, neither spoke-to-spoke  nor remoteuser---to---spoke cannot communicate
  here is NAT exemption configuration on ASA HUB.  only this ASA have been upgrade. nothing have been done on other site
  object network 172.17.8.0
  subnet 172.17.8.0 255.255.255.0
  object network 10.100.96.0
  subnet 10.100.96.0 255.255.240.0
  object network VPN-SUBNET
  subnet 172.20.1.0 255.255.255.0
  nat (outside,outside) source static 172.17.8.0 172.17.8.0 destination static 10.100.96.0 10.100.96.0
  nat (outside,outside) source static 10.100.96.0 10.100.96.0 destination static 172.17.8.0 172.17.8.0
  nat (outside,outside) source static VPN-SUBNET VPN-SUBNET destination static 10.100.96.0 10.100.96.0
  nat (outside,outside) source static VPN-SUBNET VPN-SUBNET destination static 172.17.8.0 172.17.8.0
  same-security traffic permit intra-interface
  same-security traffic permit inter-interface
  Please do you know what can be the problem ?
  thanks so much for your help

  Since you are not NATing any of those traffic and it's a u-turn traffic, pls remove those 4 NAT statements. They are not required at all.
  Pls "clear xlate" after removing it and let us know how it goes.

• SUSPEND and NOTIFY converted as remote hold and remote retrieval

  The other side says that is sending SUSPEND and NOTIFY - SS7 messages which are converted as remote hold and remote retrieval on PRA.
  It says those message are coming to my Cisco box (c5350-is-mz.123-18), but the IOS it is not able to interprete them correctly.
  I am not seeing this messages in any debugs... Anyone have any idea about ?
  Thanks
  Robert
  Attached is the debug i've got from the other side

  What debugs are you getting on the access server? The remote side is trying to communicate with the access server but maybe the messages are getting dropped. Following link may help you
  http://www.cisco.com/en/US/docs/routers/access/as5350/software/configuration/guide/54basic.html

• Remote Control and Remote View Problem

  Hi,
  I work at a High School running Netware 6.0 SP5 and Zen works 4.01 ir7.
  Remote Control and Remote View works great but I noticed one problem.
  We have a logo of the school that is forced down on to the desktop when a
  user logs in through group policies. This logo works perfect for the
  desktop wall paper and loads every time a user logs in.
  When I Remote Control or Remote View a computer the users desktop wall
  paper turns from the logo being forced down through group policies to the
  desktop to a blue desktop wall paper.
  I would prefer the desktop wall paper staying the schools logo when I
  Remote Control or Remote View because if the desktop wall paper changes to
  the blue color I mentioned above when I Remote Control or Remote View the
  users computer, they will know that someone is taking over their computer
  which sometimes we dont want them knowing.
  We have Windows 98SE computer running Novell Client 3.4 and we have some
  computers running Windows XP Professional SP1 and Windows XP Professional
  SP2 both running Novell Client 4.91 SP2.
  The Remote Control and Remote View problem of the desktop wall paper
  changing on the users computer occurs on all operating systems mentioned
  above.
  Is there a solution to my above problem? When Remote Controlling and
  Remote Viewing someone's computer I don't want the desktop wall paper to
  change.
  Thanks!

  Bpilon,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Do a search of our knowledgebase at http://support.novell.com/search/kb_index.jsp
  - Check all of the other support tools and options available at
  http://support.novell.com.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://support.novell.com/forums)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://support.novell.com/forums/faq_general.html
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://support.novell.com/forums/

• How to use the same services-config for the local and remote servers.

  My flex project works fine using the below but when I upload my flash file to the server I doesn't work, all the relative paths and files are the same execpt the remote one is a linux server.
  <?xml version="1.0" encoding="UTF-8"?>
  <services-config>
      <services>
          <service id="amfphp-flashremoting-service"
              class="flex.messaging.services.RemotingService"
              messageTypes="flex.messaging.messages.RemotingMessage">
              <destination id="amfphp">
                  <channels>
                      <channel ref="my-amfphp"/>
                  </channels>
                  <properties>
                      <source>*</source>
                  </properties>
              </destination>
          </service>
      </services>
      <channels>
      <channel-definition id="my-amfphp" class="mx.messaging.channels.AMFChannel">
          <endpoint uri="http://localhost/domainn.org/amfphp/gateway.php" class="flex.messaging.endpoints.AMFEndpoint"/>
      </channel-definition>
      </channels>
  </services-config>
  I think the problem  is the line
          <endpoint uri="http://localhost/domainn.org/amfphp/gateway.php" class="flex.messaging.endpoints.AMFEndpoint"/>
  but I'm not sure how to use the same services-config for the local and remote servers.

  paul.williams wrote:
  You are confusing "served from a web-server" with "compiled on a web-server". Served from a web-server means you are downloading a file from the web-server, it does not necessarily mean that the files has been generated / compiled on the server.
  The server.name and server.port tokens are replaced at runtime (ie. on the client when the swf has been downloaded and is running) not compile time (ie. while mxmlc / ant / wet-tier compiler is running). You do not need to compile on the server to take advantage of this.
  Hi Paul,
  In Flex, there is feature that lets developer to put all service-config.xml file configuration information into swf file. with
  -services=path/to/services-config.xml
  IF
  services-config.xml
  have tokens in it and user have not specified additional
  -context-root
  and this swf file is not served from web-app-server (like tomcat for example) than it will not work,
  Flash player have no possible way to replace token values of service-config.xml file durring runtime if that service-config.xml file have been baked into swf file during compilation,
  for example during development you can launch your swf file from your browser with file// protocol and still be able to access blazeDS services if
  -services=path/to/services-config.xml
  have been specified durring compilation.
  I dont know any better way to exmplain this, but in summary there is two places that you can tell swf  about service confogiration,
  1) pass -services=path/to/services-config.xml  parameter to compiler this way you tell swf file up front about all that good stuff,
  or 2) you put that file on the webserver( in this case, yes you should have replacement tokens in that file) and they will be repaced at runtime .

• One WLC for Headquarter and Remote Site

  Hi
  I have a question about the WLC remote deployment.
  We have the following design at the moment:
  Headquarter
  - Network 192.168.49.0 /24
  - WLC 4402 Version 4.2.61.0
  -- 3 x LAP1252
  -- Layer 3 LWAPP
  -- SSID wep
  -- SSID wpa
  - Windows PDC with Active Directory, DHCP Server and local Data Storage
  - ACS Version 3.2 for TACACS and RADIUS authentication --> External DB to Active Directory
  Remote Site
  - Network 192.168.50.0 /24
  - 2 x LAP1252
  -- SSID wep
  -- SSID wpa
  - Windows PDC with Active Directory, DHCP Server and local Data Storage
  - ACS Version 3.2 for TACACS and RADIUS authentication --> External DB to Active Directory
  Connection between Headquarter and Remote Site
  - 2 Mbit ADSL
  The problem is, that the wireless clients on the remote site get an ip address out of the headquarter DHCP Range 192.168.49.0 /24. The users on the remote site
  most of the time only use the local data server in the remote office. With the actual design the hole traffic is switched over the 2 Mbit ADSL connection the the
  WLC in the headquarter and back to the remote site. That works but it is not that performant.
  The problem could be solved with HREAP, but what I think is, that it is not possible to have the same SSID at headquarter and remote site with different VLANs.
  How can I achieve, that the clients on the remote site connect to the same SSID (wep or wpa), get an ip address from the remote site DHCP server (192.168.50.0)
  and the traffic is switched localy.
  I hope you understand what the problem is.
  Thanks in advance for your help!

  Yes, putting the remote AP's in HREAP mode will allow the same WLANs to be available on the AP's but the traffic would be locally switched at the AP instead of being tunneled back to the controller. After you put the AP in HREAP mode you then would configure which VLAN you want traffic for each WLAN to be dumped onto for that AP.

• Screen sharing and remote management no longer working after some uptime

  Server is withoiut monitor.
  Users need to login via screen sharing from time to time.
  "Enable screen sharing and remote management" is ticked in Server.app everything is working fine (for days, weeks).
  ARD reports "Screen Sharing Available", so remote management is not running how it should.
  Screen Sharing.app is "Connecting…" forever.
  Kickstarting ARD (http://support.apple.com/kb/HT2370) does not help.
  Restart fixes it.
  Is there a workaround (over ssh) or a fix?

  seduc wrote:
  Do you know if
  fdesetup authrestart
  works then too?
  Off-hand, no.   I don't.  See this posting, or as would be typical in any case, try it?

• Screen Sharing and Remote Management

  Is there a way in 10.6 to make both Screen Sharing and Remote Management run at the same time?
  In the past (10.5), you could convince Mac OS to run both Screen Sharing and Remote Management to run simultaneously. I say "convince" because you could not enable them both through System Preferences. You could turn one on, then use Terminal to enable the other. This worked great for me, because I needed remote management for the machines I managed, and the users need screen sharing to work from home.
  However, the work-around for 10.5 no longer seems to work for 10.6. Has any one gotten this to work yet for 10.6? Thanks!

  I figured this out. First enable Remote Management via System Preferences. Then create /private/etc/ScreenSharing.launchd with 'enabled' as it's contents.

• Exchange Server 2013 and Remote Access VPN on a single server running Windows Server 2012?

  Just by way of background, I have been installing and administering network servers, e-mail systems, VPN servers, and the like for many years.  However, my involvement with Exchange and Windows Server has been mostly on the forensics and data recovery
  level, or as a (sophisticated) user.  I have never tried to deploy either from scratch before.  My deployment experiences have been mostly with Linux in recent years, and with small private or personal "servers" running such cutting edge
  software as Windows XP back when it was new.  And even NetWare once.
  When a client asked me if I could set up a server for his business, running Exchange Server (since they really want Outlook with all of its bells and whistles to work, particularly calendars) and providing VPN access for a shared file store, I figured it
  could not be too difficult given that its a small business, with only a few users, and nothing sophisticated in the way of requirements.  For reasons that don't bear explaining here, he was not willing to use a vendor hosting Exchange services or cloud
  storage.  There is no internal network behind the server; it is intended to be a stand-alone server, hanging off a static IP address on the Internet, providing the entirely mobile work-force of about 10 people with Exchange-hosted e-mail for their computers
  and phones, a secure file store, and not much else.  If Exchange didn't need it, I would not need to install Active Directory, for example.  We have no direct need for its services.
  So I did the research and it appears, more by implication than outright assertion, that I should be able to run Windows Server 2012 with Exchange Server 2013 on a server that also hosts Remote Access (VPN only) and does nothing else.  And it appears
  I ought to be able to do it without virtualizing any of it.  However, I have spent the last three or four days fighting one mysterious issue after another.  I had Remote Access VPN working and fairly stable very quickly (although it takes a very
  long time to become available after the server boots), and it has mostly remained reliable throughout although at times while installing Exchange it seems to have dropped out on me.  But I've always been able to get it back after scrounging through the
  logs to find out what is bothering it.  I have occasionally, for a few minutes at a time, had Exchange Server willing to do everything it should do (although not always everything at the same time).  At one point I even received a number of e-mails
  on my BlackBerry that had been sent to my test account on the Exchange Server, and was able to send an e-mail from my BlackBerry to an outside account.
  But then Exchange Server just stopped.  There are messages stuck in the queues, among other issues, but the Exchange Administration Center refuses now to display anything (after I enter my Administrator password, I just get a blank screen, whether on
  the server or remotely).
  So, I am trying to avoid bothering all of you any more than I have to, but let me just begin with the basic question posed in the title: Can I run Exchange Server (and therefore Active Directory and all of its components) and Remote Access (VPN only) on
  a single Windows Server 2012 server?  And if so, do I have to run virtual machines (which will require adding more memory to the server, since I did not plan for it when I purchased it)?  If it can be done, can anyone provide any pointers on what
  the pitfalls are that may be causing my problems?  I am happy to provide whatever additional information anyone might like to help figure it out.
  Thanks!

  An old thread but I ran into this issue and thought I share my solution since I ran into the same issue. Configuring VPN removes the HTTPS 443 binding on the Default Site in IIS for some strange reason; just go and editing the bindings, add HTTPS and things
  should be back to normal.

• Create DB link between my local system and remote system

  Hi,
  I need help to create DB link between my local system Database and remote system database both the database are oracle.
  Please check the script which i have written is correct or not. Its giving me error sql command not ended properly
  create public database link MERU_PROD_LOCAL_PROD
  CONNECT TO SUDHIR
  identified by sudhir123
  using (DESCRIPTION =
  (ADDRESS_LIST =
  (ADDRESS =
  (COMMUNITY = tcp.world)
  (PROTOCOL = TCP)
  (Host = 23.23.150.144)
  (Port = 1521)
  (CONNECT_DATA = (SERVICE_NAME = sudhir)
  I am executing this command in my local system connecting to the remote database link. Please suggest me is this method correct.
  Thanks
  Sudhir

  Hi Hilton,
  I fixed that issue. Now i am creating the DB link this ways please check is this proper or not
  create or replace database link meru_prod_local_prod connect to portal identified by Oracle!123 using 'MERUPROD';
  remote machine
  User Name: portal
  Password : Oracle!123
  MERUPROD is the tnsora entry
  It gives error as
  Error starting at line 1 in command:
  create or replace database link meru_prod_local_prod connect to portal identified by Oracle!123 using 'MERUPROD'
  Error at Command Line:1 Column:18
  Error report:
  SQL Error: ORA-00922: missing or invalid option
  00922. 00000 - "missing or invalid option"
  *Cause:   
  *Action:                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           

• Remote control and remote desktop client in sccm 2012 ?

  What is the difference between remote control and remote desktop client in sccm 2012 ?

  Remote Control is a built-in feature for SCCM 2012 and uses the RPC protocol. When you use this, the user can still be logged on while helping.
  Remote Desktop is a buit-in feature for Windows and uses the RDP protcol. When you use it, the user will be logged off.
  Why you would use one over the other depends on your requirements.
  Blog: www.danielclasson.com/blog |
  LinkedIn:
  Daniel Classon | Twitter: @danielclasson

• Remote Desktop Service Manager - configure permissions for Remote Desktop Users to Send Message, Disconnect, Logoff

  Hello, dear colleagues.
  We are using Windows Server 2012 R2 as Remote Desktop Server. Also use Windows Server 2008 R2 with Remote Desktop Service Manager to control RDS user sessions (Send Message, Disconnect, Logoff, Query Info). 
  Send Message, Disconnect, Logoff options works only for users in Administrators group.
  I can't to configure permissions for Remote Desktop Users, specific user or AD group. 
  To set permissions I'm running RDS Host Configuration on Windows Server 2008 R2 and connect to Windows Server 2012 R2. Then double-click
  RDP-Tcp, Security tab, add specific user account , AD group or configure
  advanced permissions
  for Remote Desktop Users.  
  But, as I sad above, these options works only for users in Administrators group. How to make it work for Remote Desktop Users or specific user, AD group?
  Thanks.
  P.S. If move specific user from Remote Desktop Users group to Administrators group on
  Windows Server 2012 R2 - it works. 

  Hi,
  You can prevent administrators from changing the permissions for a connection by applying the
  Do not allow local administrators to customize permissions Group Policy setting. 
  This Group Policy setting is located in Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Security
  Apart there is one command with which you can set the permission for that check the related
  article. Additionally checkthis
  thread for more detail.
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]