WDS and IAS server

Similar Messages

• WDS and IAS Authentication

  Hello !
  I'm trying to configure 15 Access Points AP1231 as follow :
  SSID1 mapped to VLAN 1 (also management VLAN) for Laptops. Encryption is WEP128 and Mac-authentication with Microsoft IAS server.
  SSID2 mapped to VLAN 10 (phone VLAN)for phones 7921. Encryption is WEP128 and there is no authentication fo the phones.
  I configure 1 AP as a WDS Master (priority 254). WDS registration works fine for all the 15 APs.
  My problem :
  it seems that when i activate WDS, MAC-authentication for ESSID1 doesn't work anymore (authentication failed for all the laptops).
  Can you help me ?

  WDS checks its local list for authentication . If the Mac address is not present it uses configured Radius server for authentication. Make sure Mac address is either in the Local list or Radius server. If you are using Radius server make sure Mac address is configured as user

• EAP with Windows 2000 client and IAS server

  Several messages on this site point to peole using EAP on a Windows 2000 client and authenticating against an IAS server. I am running an Aironet 350 AP and trying to setup my Windows 2000 clients to use EAP only and authenticate against a Windows 2000 AD forest via IAS. The access point and client are on the latest firmware and drivers (12.0 for AP). I have two basic questions.
  1. It is my understanding that by enabling Network-EAP as the only authenticaiton type that users will authenticate and then dynamic WEP keys will be used, greatly reducing the risks of compromised WEP keys while at the same time keeping the data encrypted.
  2. Does anyone have a quick HOW-TO or point-by-point list of how to configure the Windows 2000 client to authentication using the Network-EAP method? I am currently running into a situation where no matter what I configure on the client, the IAS server reports and error with "Reason: The authentication type is not supported on this system." I also noticed that the "Authentication-Type" and "EAP-Type" fields shown in the IAS messages in the Windows 2000 Event Viewer log have the value "<undetermined>". Has anyone else run into this?

  I'm having a similar problem. I'm trying to do PEAP and it appears that IAS is not handling the request properly. It keeps trying to log the user PEAP-##### in instead of setting up the TLS and then asking for Username, Pass, Domain. The IAS error message I'm getting is:
  User PEAP-00097CFCD901 was denied access.
  Fully-Qualified-User-Name = APPLY\PEAP-00097CFCD901
  NAS-IP-Address = 172.16.200.31
  NAS-Identifier = AP1
  Called-Station-Identifier = 004096570d87
  Calling-Station-Identifier = 00097cfcd901
  Client-Friendly-Name = WirelessAP
  Client-IP-Address = 172.16.200.31
  NAS-Port-Type = 19
  NAS-Port = 37
  Policy-Name =
  Authentication-Type = EAP
  EAP-Type =
  Reason-Code = 8
  Reason = The specified user does not exist.
  So if anybody has the needed settings for Win2k (SP3 and 802.1x patch) IAS it would be much appreciated.
  Ben
  Note: if I had PEAP-####### as a user in Win2k I get:
  User PEAP-00097CFCD901 was denied access.
  Fully-Qualified-User-Name = apply.org/Users/PEAP TEST
  NAS-IP-Address = 172.16.200.31
  NAS-Identifier = AP1
  Called-Station-Identifier = 004096570d87
  Calling-Station-Identifier = 00097cfcd901
  Client-Friendly-Name = WirelessAP
  Client-IP-Address = 172.16.200.31
  NAS-Port-Type = 19
  NAS-Port = 37
  Policy-Name = Wireless Policy
  Authentication-Type = EAP
  EAP-Type =
  Reason-Code = 16
  Reason = There was an authentication failure because of an unknown user name or a bad password.

• Testing 8021x from switch to IAS server

  Is there any command to use for test the communication beetween cisco 3560 switch and IAS server. I m trying to make work port based authentication.(XP client get vlan after authentication of user/computer) Now i have configured IAS server with basic EAP configuration and also switch have all nessesary 802.1x configs. (i suppose) So is there any command that i could use to test is connection OK from switct to IAS server.(access request)

  Hi
  I tryed with command "test aaa group radius user passwrd new-code level level-radius"
  Is that command how i test Radius access reguest beetween authenticator--authenticator server. I get answer "Flowing through Radius and Raw not implemented yet" To IAS system log nothing appears.
  Any idea what is wrong.
  Thanks
  Juha

• WDS, DHCP and WSUS on same server, Virtuals find WDS and start up process, Physicals get PXE-X55 error.

  I have a Windows 2012 R2 server that has the WSUS, WDS and DHCP roles installed. I also have a SCVMM (Win2012R2) server on different machine and it has been connected to the WDS server
  Followed many different guides on the internet to configure the WDS server but if I have option 60 configured the virtual machines will find and do a PXE boot successfully, but the physical systems will fail with a E55 error.
  I take out option 60 and both fail.
  Did I miss a niggly bit some where?

  Have you tried this (from article):
  Custom-made Option 60 – String – PXEClient
  Predefined Option 66 – IP or Hostname of the WDS Server (in our case 10.150.150.1)
  Predefined Option 67 – boot\x86\wdsnbp.com
  and this in WDS properties:
  and
  Many people remark this as solution:
  WDSUTIL /Delete-AutoAddDevices /DeviceType:ApprovedDevices

• IAS server and DB on same host vs seperate hosts

  the company IT security folks showed my the policy, which they cannot explain it:
  "it is recommended that any DBMS be installed on a host system dedicated to its support. By separating the DBMS server from iAS server, access to that platform can be more finely controlled, resulting in reduced exposure to vulnerabilities in the DBMS software"
  we have the 11i on single node. they want me to seperate the application tier from db tier on the different nodes.
  my question: What were the vulnerabilities in the DBMS software? anyone could comment would be appreciated.

  Don't believe everything you hear from auditors. Most of the security holes in any EBS installation arise from unauthenticated vulnerabilities on the iAS servers, which more and more are listening over reverse proxy ports on the external internet. You need to be current on your quarterly security patches and have virtually the same vulnerabilities on a multiple tier system as a single tier system, unless your database listens on the default tnsnames port and that port is exposed outside the firewall.

• Why is it that directory server and IAS will not install through a remote Terminal Services session??

   

  Hi,
  I think this can be done in Unix, using telnet, you may log into the
  system and install it.
  Regards
  Raj
  Mozkill Williams wrote:
  why is it that directory server and IAS will not install through a
  remote Terminal Services session??
  Try our New Web Based Forum at http://softwareforum.sun.com
  Includes Access to our Product Knowledge Base!

• WDS and Unattended queries/clarification (Server 2012)

  Hi Folks
  I am studying for my 70-411 exam and have a few points that I would like clarification on relating to unattended installations and WDS:
  1: When you create an unattend.xml for the 'Windows Deployment Services client’,  in SIM which image do you need to base this on? 
  Do you just use the install.wim from the server iso?
  2: Are both a WDSClientUnattend and a ClientUnattend mandatory for unattended to work? 
  For example if you only want to automate the image settings but not the settings pre-image selection (such as usename/password to connect to WDS) can you specify only a ClientUnattend?
  3: Can disk partitions be set in the ClientUnattend or do these have to be in the WDSClientUnattend file?
  Thanks in advance.

  1. The WDS Client itself is based on "boot.wim" from a preferably new OS. For instance if you plan to deploy Windows Server 2012R2 or Windows 8.1, you need to have a 6.3 version of the boot.wim, either from the 2012R2 server iso, or Windows 8.1
  iso (it doesn't actually matter). You can deploy e.g. windows 7 from the 6.3 boot.wim aswell, but not the other way around.
  2. The WDSClientUnattend is for the "WDS Client" part, that means you should specify settings here on "how you want to perform the installation", e.g. which edition of Windows to install (Server standard, or Server Enterprise...), to
  which DISK (and how to partition it), credentials to connect to WDS share (remoteinstall$ on WDS), and also what language and keyboard settings to use during setup. If you don't specify this, you can still specify an unattend.xml file for an install Image,
  that is settings relevant to a specific image only. So you can decide to do either of them, or both.
  3. This needs to be done in WDSClientUnattend, that is "1 - WinPE-phase". You can see this phase as the first phase Before first reboot, that is lang settings, partition settings, image selection, and then copying of files. Upon next reboot, and
  not Before is when you reach the next Phase, that is "4 - Specialize"

• SCCM 2012 R2, DHCP and WDS and PXE same server

  hi
  I am using DHCP and PXE on same server and getting error PXE-E55: proxyDHCP did not reply to request on port 4011

  HI,
  To get WDS and DHCP to work on the same machine, you need to configure WDS to share the same server as DHCP, here is how it is done.
  You must have a functioning DHCP server with an active scope. WDS will utilize PXE which requires a DHCP server.
  Whether you plan to co-host WDS and DHCP on the same server or use two different servers you must configure WDS to listen on a specific port. DHCP and WDS both require port number 67. If you have co-hosted WDS and DHCP you can move DHCP or the PXE site role
  to a separate server or use the procedure below to configure the WDS server to listen on a different port.
  Modify the following registry key:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WDSServer\Providers\WDSPXE              
  Set the registry value to:
  UseDHCPPorts = 0              
  For the new configuration to take effect run the following command on the co-located DHCP and WDS server:
  WDSUTIL /Set-Server /UseDHCPPorts:No /DHCPOption60:Yes
  https://technet.microsoft.com/en-us/library/bb680753.aspx
  -- My System Center blog ccmexec.com -- Twitter
  @ccmexec

• WDS and DHCP issues

  Hi
  I have a series of 1200 series access points, set-up for WDS infrastructure mode to ACS and client authentication to Microsoft IAS.
  When set up in WDS mode, clients authenticate to the IAS server (and event viewer confirms this), but clients do not receive an ip address - even though they do DHCP requests.
  anyone offer advice on any similar issues?

  Can you provide more information on the deisgn?
  Are you using VLANs in your wireless config? If so, does your router or switch have the ip helper address specified for DHCP requests?
  If not, can you obtain an address when the client is plugged into the same port as the access point?

• I want to remove the COnlineBank, OnlineBank and csample applications from my application and web server.

  How can I safely do this on Solaris? I've tried "iasdeploy removeapp" and "iasdeploy removemodule" with no luck. I want to clear all of this demo stuff out to make both the web and app server look more production like.
  Thanks
  Eric

  Eric,
  these applications are applogics which are not controlled by the
  iasdeploy tool. Unfortunately, there is no tool available to remove
  these applications for you. What you can do is to manually remove all
  their entries, but be careful if you do that. If you remove the wrong
  keys you might break your ias installation, so be warned and make sure
  you backup the whole ias registry before attempting to remove anything.
  Eric Coleman wrote:
  >
  I want to remove the COnlineBank, OnlineBank and csample applications
  from my application and web server.
  How can I safely do this on Solaris? I've tried "iasdeploy removeapp"
  and "iasdeploy removemodule" with no luck. I want to clear all of
  this demo stuff out to make both the web and app server look more
  production like.
  Thanks
  Eric
  Try our New Web Based Forum at http://softwareforum.sun.com
  Includes Access to our Product Knowledge Base!--
  Han-Dat Luc ([email protected])
  Senior Consultant
  SUN Professional Services (iPlanet)
  o .
  o .
  O _ ____ _ _
  (_) _ \| | __ _ _ __ ___| |_ TM
  | | |_) | |/ _` | '_ \ / _ \ __|
  | | __/| | (_| | | | | __/ |_
  |_|_| |_|\__,_|_| |_|\___|\__|
  e-commerce solutions
  Sun Microsystems Australia Pty Ltd

• WDS and Surface Pro 2

  I have a Windows Deployment Server and I am using Windows ADK to load essential drivers onto my boot/install images.
  I downloaded the latest Surface Pro 2 driver pack and used DISM to load drivers on to an offline boot image from a Windows 8.1 ISO. I then un-mount the image and load it onto my WDS server.
  My problem is the Surface Pro 2 won't pxe boot into my Windows Deployment Server. When I PXE boot, it displays media present and then waits for user input to start PXE over IPv4. I press enter but it times out and then prompts for IPv6 (no error given) when
  that times out it boots the machine into windows.
  I had been successfully imaging Surface Pro tablets from this deployment server using the same methods, but we recently got in the Surface Pro 2 and I haven't been able to get it working.
  I have the latest version of MDT installed but I'm not that familiar with it. When we first started deploying tablets I had attempted to create boot wims with MDT but I never got it working and decided just to use the WADK and DISM.
  Any ideas on what I could try next?

  I am running WDS on Windows server 2008 R2.
  I am using a Type Cover 2 from Microsoft.
  I am using the Microsoft Surface Ethernet Adapter. I loaded the drivers for the adapter into the boot image as well as the other drivers from the February driver pack.
  Thank you for your response.

• PXE boot issue with DHCP and SCCM server on different subnets

  I'm working with a client on the operating system deployment module of SCCM.
  Their network configuration currently has a single large subnet for client
  computers with a DHCP server on the same subnet. The SCCM subnet is
  configured on a seperate subnet with no DHCP server on the subnet. We want to
  configure client computers to be able to boot using the PXE client to deploy
  OS images to the machines but can not get PXE-boot to work correctly.
  Also, the client does not want to make changes to their network
  infrastructure routers or switches to remedy this problem. Are there settings
  on the DHCP or SCCM servers we can implement to make this work? If so, what
  needs to be installed or configured on each server. We currently already have
  WDS installed on the SCCM server and the SCCM server is configured as a PXE
  Service Point within SCCM. Both WDS and the PXE Service Point seem to be working fine.
  Any help would be appreciated.
  Thanks,
  Gary

  I am Brazilian,
  sorry for wrong english
  My DHCP is on linux,
  in my own structure VLANS
  The system center is on the network
  10.0.4.0/24
  The machines on the network 10.0.5.0/24
  The problem is that the machines that
  are not on the same network system center
  can not boot
    I tried configuring / etc/dhcp3/dhcpd.conf
  follows
  option vendor-class-identifier "PXEClient";
  option bootfile-name "\
  \ SMSBOOT \ \ x86 \
  \ wdsnbp.com";
  option tftp-server-name
  "10.0.4.101"; ---->
  IP server
  But it did not work, anyone know
  how to configure?

• Compatibility between Oracle Developer suit and application server

  Hello
  We are going to user oracle 10 to develop and deploy our application.
  The tool that we were going to use are
  Developer Suite 10g Release 2 (10.1.2) and
  Oracle Application Server 10g Release 3 (10.1.3.2.0)
  But i need to know whether this are compatible
  Where can I find any documentation related to compatibilities between developer suit and application server ?
  May thanks in advance

  Hi Ana,
  Compatible version of IAS is
  10g Release 2 (10.1.2) or 10g Release 2 (10.1.2) with patch 1(10.1.2.1.0)
  Also if u are using only forms and reports services there is a forms and reports standalone version is available. And hence u dont need to install infrastructre.
  And this is a very compact product.
  Even if you use forms 9i /developer suite 9i to develop the forms, when u compile them on IAS, it gets upgraded. There is not much diff between forms 9i and 10g
  Rajesh Alex

• Webcached.exe uses all CPU on IAS server

  Hi, I'm having trouble with a process called webcached.exe according to Windows task manager, this process takes all available CPU resources, so our IAS server hangs. Anyone why this is? Any help highly appriciated! I'm pretty new to Oracle Application server, and have not experienced this before...
  Is there a way to "go around" web cache until this issue is resolved, i.e. not use cache for a while perhaps? Longer responses are better than complete hangups....
  I've tried to just stop the webcache process, but this apparently is not the way to go...
  Windows server 2003 + IAS 10g (9.0.4.1.1)
  Tor

  Your post is a while ago... but you should upgrade Web Cache to 10.1.2.3, or install it in a separate location and configure it against your backend application. This is supported.
  Webcache 9.0.4 is known to have some performance issues :)