TAPS in cucm secure mode (mixed mode)

Similar Messages

• Cucm utils os secure mode ?

  Hi all,
  Now Our CUCM SeLinux mode is enforcing(enabled).
  If I make SeLinux mode permissive.  Does this situation cause a security vulnerability or what will be affected from this changes?
  utils os secure
  This command monitors and controls SELinux.
  Command Syntax
  utils os secure [status | enforce | permissive]
  Parameters
  status—displays SELinux mode (enforcing or permissive) to the CLI user.
  Note The OS security status for SELinux should always be Enabled.
  enforce allows the CLI user to change the SELinux mode from permissive to enforce. SELinux will block actions or events based on the defined policies when it is in enforce mode.
  permissive allows the CLI user to change the SELinux mode from enforce to permissive. SELinux will log, but not block, actions or events when it is in permissive mode.
  Usage Guidelines
  If SELinux is enabled, you do not have to reboot when you use utils os secure enforce or utils os secure permissive.
  If SELinux is disabled, you can use utils os secure enforce or utils os secure permissive to enable it. If you do this; however, you must reboot before SELinux becomes enabled

  Hi,
  No, permissive mode is not a security breach by itself, this just means that you can perform all kind of changes on the CLI, all OS security issues are tracked down via bug search tool:
  https://tools.cisco.com/bugsearch/?referring_site=bstib
  HTH
  Chris.

• Use multiple URLS in Mixed Security mode

  .NET Portal Version: 6.0.1.218452 on Windows 2003 server
  We have setup portal in Mixed mode (Securoty mode = 1), keeping login-page in secure mode.
  Now we wish to use to different URLs. Configured and created Experience definition.
  I believe only 1 certificate can be associated to a SITE in IIS-6.
  So if I create another site in IIS-6 with header information as 2nd URL, will it work?
  Do I need to do anything special?
  Any suggestions???
  Edited by kuljitsingh at 01/02/2007 12:40 PM

  Hi
  Yes your above statements are correct, but what is the use?? In effect, you are giving a single transaction code in a single call of the transaction.
  whereas in session method, within a single BDC GROUP, you can give multiple transactions.
  This is infact one of the major differences between CALL TRANSACTION and SESSION METHOD.
  Hope u understood
  Reward points if helpful
  Regards

• 7921G Security mode showing encrypted not sure why?

  Hello Experts,
  I am seeing the Secuity mode as Encrypted under system configuration of the 7921G phone.
  I have done same configuration on the other phone and there I see the Security mode as NON-SECURE.
  Config on both the ip phone: WLAN-Security mode- open under network profile..
  Could someone please let me know why is it I am seeing as Encrypted security mode under system configuration?
  Thanks
  Fari

  That is referring secure profiles in CUCM and not WLAN encryption.
  Compare the CUCM configs.
  You will see one is set for a secure profile and the other for a non-secure profile.
  Sent from Cisco Technical Support iPhone App

• Performance Issues with Acrobat Reader 11.0.0.2 when secure mode is enabled

  Hello All,
  We are experiencing sporadic issues with Acrobat 11.0.0.2 across our domain, users are reporting performance issues when opening PDF documents whether locally or from a network share.
  We have found that turning off Secure Mode helps towards reducing this delay and in the cases it doesn't we are repairing the installation and/or reinstalling the application.
  Due to the security implications we need to leave this turned on, I am wondering if anyone has encountered this issue and what steps were taken towards resolving it?
  I also wonder whether the white list function in the new release 11.0.0.3 would be a solution to this issue?
  Kind Regards,
  Ryan McCarty

  No probelm, so....
  We had no problems with Adobe Reader 9 and 10, we encountered the issues when upgrading to 11.0.0.2.
  Initially we found that turning off the Protected Mode, helped but did not resolve the issue.
  We tried;
  1. Turn off protected mode - issue still present
  2. Clearing the recent file registry using the below registry path and deleting the keys underneath it.
  HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\11.0\AVGeneral\cRecentFiles (this does not turn recent files off permanently). - works but needs clearing regularly
  3. Turning off welcome screen by creating -  HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Adobe\Acrobat Reader\11.0\FeatureLockDown\cWelcomeScreen - works to improve app open speed.
  4. uninstall/reinstall of 11.0.0.2 - works most likley due to the recent files being cleared.
  5. upgrade to 11.0.0.3 - issue still present
  Following reboots the issue is still present.
  When Adobe Reader is the only application open this issue is still present.
  As mentioned I have no systems available which I could test this issue using 11.0.0.1 as we have fixed them, albeit temporarily using the reinstall method.
  I am concious that this issue is going to reoccur once that cache (recent files) builds back up because the fix above (#2) is clearing the recent files cache NOT disabling it.

• BI Publisher with Oracle e-Business Suite 11i in EBS security mode

  Seems I submitted below in wrong forums earlier so posing to correct one now. Appreciate any help.
  Hi All,
  I want to configure BI Publisher that comes as a part of OBIEE in Oracle E-Business Suite security mode. My Oracle E-Business Suite 11i runs on 3 node RAC database and 3 node apps tier/cm tier. As per configuration guide, I changed security mode in BIP to 'Oracle E-Business' and uploaded DBC file from E-business suite Web&Forms tier. In DBC file TWO_TASK parameter has value of test_806_BALANCE which is just an alias in tnsnames.ora for load balancing. Now when I go to BI publisher and click on 'Roles and Permission' tab in security center, it gives me 500 Internal server error.
  But if I change this TWO_TASK value to any particular RAC instance sid, I am able to see all responsibility in Roles and Permission tab. This seems that BI Publisher makes jdbc connection url to database on the fly by reading DB_HOST, dB_Port and TWO_TASK parametes from dbc file and due to this my BI Publisher is single point of failure if the RAC instance goes down which I mentioned in DBC file. Even though E-Business Suite is in HA, BI publisher is not taking advantage of this HA db.
  Any one has idea how to over come this situation.

  You can try for a luck by posting the thread in BI Publisher Section of this Forum..

• The dreaded 404 message using basicHttpBinding, Transport security mode, and certificates

  I am working on setting up a WCF service using mutual authentication with both client and server certifiates. The service is hosted in IIS 7, and I'm trying to access it from a simple console app. When I try to connect to the service, I get the error ""There
  was no endpoint listening at
  https://localhost/IISHostedService/MyService.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details." The inner exception is "The remote server returned an error:
  (404) Not Found."
  I have seen people all over the net reporting this error, but so far none of their fixes work for me. I have an HTTPS binding in IIS for my app, and I am able to browse to my service (using either http or https) and view it with no problems. I can get the
  wsdl (also over either protocol) with no issues, but connecting from the client doesn't work.
  Here is my server config:
  <system.serviceModel>
  <behaviors>
  <serviceBehaviors>
  <behavior>
  <serviceCredentials>
  <serviceCertificate findValue="ServerCertificate" storeLocation="LocalMachine" x509FindType="FindBySubjectName" />
  <clientCertificate>
  <authentication revocationMode="NoCheck" />
  </clientCertificate>
  </serviceCredentials>
  <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
  <serviceDebug includeExceptionDetailInFaults="true" />
  </behavior>
  </serviceBehaviors>
  </behaviors>
  <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
  <bindings>
  <basicHttpBinding>
  <binding name="BasicHttpBinding_MyService">
  <security mode="Transport">
  <transport clientCredentialType="Certificate" />
  </security>
  </binding>
  </basicHttpBinding>
  </bindings>
  <services>
  <service name="MyService">
  <endpoint binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_MyService" contract="Namespace.IContract" />
  </service>
  </services>
  </system.serviceModel>
  And my client:
  <system.serviceModel>
  <behaviors>
  <endpointBehaviors>
  <behavior name="clientEndpointBehavior">
  <clientCredentials>
  <clientCertificate findValue="ClientCertificate" storeLocation="LocalMachine" x509FindType="FindBySubjectName"/>
  </clientCredentials>
  </behavior>
  </endpointBehaviors>
  </behaviors>
  <bindings>
  <basicHttpBinding>
  <binding name="BasicHttpBinding_MyService" closeTimeout="00:10:00"
  openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00"
  allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
  maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
  messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
  useDefaultWebProxy="true">
  <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
  maxBytesPerRead="4096" maxNameTableCharCount="16384" />
  <security mode="Transport">
  <transport clientCredentialType="Certificate" />
  </security>
  </binding>
  </basicHttpBinding>
  </bindings>
  <client>
  <endpoint address="https://localhost/IISHostedService/MyService.svc behaviorConfiguration="clientEndpointBehavior"
  binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_MyService"
  contract="Namespace.IContract" name="BasicHttpBinding_MyService" />
  </client>
  </system.serviceModel>
  I am not sure if it matters, but this client and server are running on the same physical machine in a test environment. I have confirmed that both the client and the server certificates are installed, and that the issuing authority is trusted. The virtual
  folder is set in IIS to "Accept" client certificates, and SSL is not required.
  Does anyone have any thoughts what I may be missing? This service works without a problem over HTTP, so it has to be somehow related to the certificate that is being passed. With the Server certificate, I just trapped the ServicePointManager.ServerCertificateValidationCallback
  event to manually approve the certificate if the subject matched what I was looking for (the subject does not match the domain name, since this is a test environment). Do I need to do something similar for the client certificate?
  EDIT: One thing I do notice is that, in the WSDL, the soap location is always pointing to http. I'm not sure if that is correct or not:
  <wsdl:service name="MyService">
  <wsdl:port name="BasicHttpBinding_MyService" binding="tns:BasicHttpBinding_MyService">
  <soap:address location="http://computerName.domain.com/IISHostedService/MyService.svc" />
  </wsdl:port>
  </wsdl:service>

  A little more information (since this is the main thing I have to work on today):
  After some research, I decided to try using a custom certificate validator, in case something is wrong with the client certificate. In the clientCertificate\authentication node on the server, I set the certificateValidationMode="Custom" and set customValidationType="MyType.Validator,
  MyType". My type is apparently being found (when it is not found I get a "service could not be activated" error), but my Validate() method is never being called.
  Now this leads me to believe that it's not a problem with the client certificate, but something else, before it even gets that far.

• Cant get Security Mode to work on WRT54G

  I have everything set up fine.. internet working etc but I cannot get security mode to work.. I go to click on WEP, WPA.. whatever and it just autos back to DISABLED.. Anyone to fix this?

  how many computers do you have?
  try to use other computers in setting up the security. check also the firmware of your router.make sure you have the latest one.

• WRTG42 v1 Need help with changing the Security Mode

  I need to change my wireless security mode but for some reason whenever I try to change anything the website automatically puts what ever I changed back to normal.  Basically, I try to change an option and the website changes the option back instantly. Has anyone else had this issue? And if so, can you please walk me through what you did? Thanks!

  Try using a different browser and make sure you click on Save Settings after changing security settings. Here's a link for detailed instructions.

• Security Mode Feature in ATAPI HD's provided by Apple

  Hello, I'd like to know how would I implement the security mode feature for the hard drive provided by Apple in MacBook Pro and if it will or not have any problems with EFI.
  How will EFI manage this feature of ATA hard drives?

  This article will help (about 1/2 way down).
  http://support.apple.com/kb/HT1212
  Barry

• Now I can start my Mac Pro only in "secure mode." I'm still appears on all monitors a series of bands such as seen in the attached file. Someone can give me a diagnosis? Thank you.

  Now I can start my Mac Pro only in "secure mode."
  I'm still appears on all monitors a series of bands such as seen in the attached file.
  Someone can give me a diagnosis?
  Thank you.

  The attached file is not showing.
  In Safe/Secure Mode many Drivers are not loaded. When your computer works in Safe Mode, but not regular mode, two types of problems are implicated:
  1) Third-party kernel extensions. a conflict with some part of Mac OS X means that when those extensions load, your Mac can not run.
  2) Failed graphics card. Since the Driver for the display is not loaded, the display in Safe Mode uses a very simple built-in Driver. In regular mode, once the driver is loaded, all parts of the graphics card must be working, or you could get bands of color on the display (which is just what you reported).
  Which Model Mac Pro Tower or MacBook Pro is this?

• I am not having problems with wifi but ipad will not accept my password in the secure mode. anyone else having the same problem?

  I am having problems with the Ipad accepting my password in the secure mode in Wifi. I can get into wifi when the secure mode is off. This only started when I downloaded the lastest update for the Ipad. Anyone else having the same problems?  I have rebooted the Rotar and still doesn't work.

  I am not.
  Which secure mode are you using with your wireless network - WEP or WPA?
  Have you tried forgetting this network on your iPad, and/or resetting network settings on your iPad? Both will require rejoining the network and the latter will require rejoining every wi-fi network your iPad has access to when returning within range of the network.

• Database control won't run in secure mode

  I'm following the instructions displayed by the database configuration manager after creating a database. These instructions configure the database control to run in secure mode using https. I get an error with the following command run from the OS command line while in the ORACLE_HOME/bin directory:
  emctl.bat secure dbconsole -sysman_pwd password
  I get the error message "Failed to create EM root key."
  The emdctl.trc file has the following entry: "No connection could be made because the target machine actively refused it."
  The ORACLE_SID has already been set. The database control is down. The "emctl config emkey -repos" command completed successfully.
  I'm using Oracle 10.2.0.4 on Windows 2003 server. I'm running this command on the database server. The database control was selected in the database configuration manager. This database control does run successfully in http mode, but I can't configure it for https.
  Does anyone know why the target machine would actively refuse this connection?

  Have you tried it without the -sysman_pwd flag ?
  MOS Doc 276950.1 - How to setup Enterprise Manager Database Control for SSL (HTTPS) secure connection
  HTH
  Srini

• How can Manage Permissions for DB in Shared Services Security Mode

  In shared services security mode, after provisioning users for Essbase applications, only can assign database calculation and filter access. How can I grant permissions "Access Databases" like in native mode?

  Essbase will be default be in shared services security mode in 11.1.2, the wizard will not migrate security when in this mode.
  It is possible to revert it back but if you don't know the process then it is worth looking at alternatives first.
  You could use LCM to export the provisioning and then import into your target environment.
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Auto Logoff while in Shared Services Security Mode

  Pretty simple question but I still haven't found the answer.
  My client's essbase server is set up in Shared Services Security Mode, so now the auto logoff options for the server don't apply. Is there a way to set this via shared services? Or is there some other means perhaps?
  Thanks for your time.

  Essbase will be default be in shared services security mode in 11.1.2, the wizard will not migrate security when in this mode.
  It is possible to revert it back but if you don't know the process then it is worth looking at alternatives first.
  You could use LCM to export the provisioning and then import into your target environment.
  Cheers
  John
  http://john-goodwin.blogspot.com/