Wireless Cisco System and AD users

Similar Messages

• Security about SYSTEM and SYS users

  Guys,
  Just curiosity,
  1) What happens if I logged with a user that have DBA role or DROP USER privilege and to drop the SYSTEM or SYS user ? This is possible ? If yes, how can protect them ?
  2) I know that the SYS is owner of the dictionary and catalog, but what is the objective of the SYSTEM user to exists ?
  Tank you.

  Hi,
  As you say, SYS is the owner of the database and the owner of the data dictionary.
  But SYS has the SYSDBA privilege which SYSTEM doesn't. This makes it possible for SYS to become a very very powerful user. In addition, never ever create objects in the SYS schema. SYSTEM is a privileged administration user, and typically owns Oracle provided tables other than the dictionary.
  Making a test.
  oracle@linux:~> sqlplus
  SQL*Plus: Release 9.2.0.4.0 - Production on Thu Dec 7 08:55:51 2006
  Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
  Enter user-name: / as sysdba
  Connected to an idle instance.
  SQL> startup
  ORACLE instance started.
  Total System Global Area 126948772 bytes
  Fixed Size 452004 bytes
  Variable Size 104857600 bytes
  Database Buffers 20971520 bytes
  Redo Buffers 667648 bytes
  Database mounted.
  Database opened.
  As Frederic showed
  SQL> drop user sys cascade;
  drop user sys cascade
  ERROR at line 1:
  ORA-01031: insufficient privileges
  SQL> drop user system cascade;
  User dropped.
  SQL> shutdown immediate
  Database closed.
  Database dismounted.
  ORACLE instance shut down.
  SQL> startup
  ORACLE instance started.
  Total System Global Area 126948772 bytes
  Fixed Size 452004 bytes
  Variable Size 104857600 bytes
  Database Buffers 20971520 bytes
  Redo Buffers 667648 bytes
  Database mounted.
  Database opened.
  SQL>
  If you like to protect it, you can do this below:
  eg:
  create table secured_objects(object_name varchar2(30));
  Table created.
  SQL> insert into secured_objects values ('SYSTEM');
  1 row created.
  SQL> select * from secured_objects;
  OBJECT_NAME
  SYSTEM
  1 rows selected.
  create or replace trigger check_beforedrop
  before drop on database
  declare
  oname char(30);
  begin
  select object_name into oname from secured_objects
  where upper(object_name)=ora_dict_obj_name;
  if sql%found then
  RAISE_APPLICATION_ERROR(-20001,'You have not permission to drop this object.');
  end if;
  exception
  when no_data_found
  then dbms_output.put_line('This object was dropped.');
  end;
  SQL> drop user system cascade;
  drop user system
  ERROR at line 1:
  ORA-00604: error occurred at recursive SQL level 1
  ORA-20001: You have not permission to drop this object.
  ORA-06512: at line 7
  Reference: http://www.adp-gmbh.ch/ora/misc/sys_system_internal.html
  Cheers

• Difference between RFC, SYSTEM and AUDIT users?

  Hi All,
  Can you highlight the main differences between the following users:
  RFC
  SYSTEM
  AUDIT
  how do their functions differenciate them ?
  Thanks in advance,
  Diwakar

  RFC User
  RFC user is basicly used to receive status messages. An RFC user has to be created in all the system clients where messages needs to be recieved. An RFC user can also be used for receiving messages using SMTP plug-in.
  The RFC User is an sap user of type System and that's why no person can logon with this user on SAP System.
  Following is thr procedure to create RFC User, remember the purpose is to recieve messages including status messages as well.
  Creation of RFC User
  Go to  Tools > Administration > User Maintenance > Users.
  Enter a name, for example MAIL_ADMIN.
  Select "New"
  On the Logon data tab page, select the user type System.
  Enter a password.
  On the Profiles tab page, enter the authorization profile S_A.SCON. This profile minimizes the risk of misuse, even if the communication system does not store the password is encoded form.
  Select "Save"
  Both RFC user and a System user are of type System only. Now the difference, depends upon the profile and authorization of the user.
  Audit users are of type dialog, and can be used by a person to logon to system. There might be many roles assigned to this user. My understanding is that an Audit User is not a standard sap type user but just a dialog user and can be created with a conventional method of creating any other dialog users with a specific profile and authorizations.
  Still to confirm, Can you please tell us, how many types of users does it shown in 4.6c at the time of user creation?
  Best Regards,
  Amol Bharti

• Authentication problem for SYSTEM and SYS users

  Hi,
  I am using form builder 6.0. I have developed a form without using a database table block. When trying to execute the form with user SYSTEM or SYS following errors occured:
  1) does not authenticate and login screen prompts again and again but when I use user other than SYSTEM and SYS, I can successfully execute the form.
  2) some times when trying to run form from Form builder error 'Service handle not initialized' is displayed.
  anybody can help to resolve the following issues?
  Regards

  Muhammad,
  two possibilities
  1. You provide the wrong password
  2. Connecting to SYS reaquires to connect as SYSDBA or SYSOPENER, which is not specified with the Forms logon dialog.
  Frank

• Cisco ISE and Fast User Switching

  Greetings,
  In our deployment, we are interested in utilizing the "Fast User Switching" that is contained within the Windows Functionality.   After searching for quite a while, I see that the native Windows supplicant is not compatible with Fast User Switching.   It does not appear that Anyconnect is either.   Can you please inform me as to what suppluicant I would need to research in order to allow for the User Switchign Functionality?
  We are currently using ISE 1.2 Patch 4.
  Thank You for any assistance.
  David

  The  NAC Agent for Cisco ISE does not support Windows Fast User Switching  when using the native supplicant. This is because there is no clear  disconnect of the older user. When a new user is sent, the Agent is hung  on the old user process and session ID, and hence a new posture cannot  take place. As per the Microsoft Security policies, it is recommended to  disable Fast User Switching.
  Source:
  http://www.cisco.com/en/US/docs/security/ise/1.2/user_guide/ise_pos_pol.html

• Copy command fails after installing Raid system and new user accounts

  Any help is appreciated. We installed a Raid to an existing Xserve at our school. We have created new accounts on the server.All other commands such as observe, control, sending messages and so works OK.
  When I try to copy files, pictures, and so on... it immediately fails. It gives me no explanation or anything.
  Any help?

  Hi Tilly,
  We had this same exact problem at our school. Copying to network users always failed, everything else worked fine.
  We changed the owner of the Sharepoint where the student accounts reside from our Administrator user to 'Root'
  We changed this through Workgroup Manager -> Sharing, selected the Sharepoint in the left column, clicked on the Access tab and changed the owner to 'root' and click save.
  Also found this link:
  http://lists.apple.com/archives/remote-desktop/2007/Nov/msg00009.html
  Hope this helps!

• Cisco Systems vs "CSIRO" 802.11a and 802.11g infringed upon the '069 patent

  Hi,
  any news about Cisco Systems and the "CSIRO" 802.11a and 802.11g infringed upon the '069 patent ?
  http://www.buffalotech.com/products/wireless/
  Dear Customer
  As you may be aware, Commonwealth Scientific and Industrial Research Organisation ("CSIRO") sued Buffalo, Inc. and Buffalo Technology (USA), Inc. ("Buffalo"), for alleged infringement of United States Patent No. 5,487,069 ("the '069 patent"). Subsequently, CSIRO also asserted its patent against the entire wireless LAN industry, including, Microsoft, Intel, Accton, SMC and Netgear.
  In it's lawsuit against Buffalo, CSIRO claimed certain Buffalo wireless networking products compliant with IEEE standards 802.11a and 802.11g infringed upon the '069 patent. Buffalo believed at that time and continues to believe that there are no grounds for CSIRO's allegations of infringement. The United States district court, however, found Buffalo to infringe the '069 patent and enjoined the importation and sale of Buffalo's IEEE 802.11a and 802.11g compliant products.
  CSIRO's lawsuits are against the entire wireless LAN industry and could affect the supply of wireless LAN products by any manufacturer, not just Buffalo. The entire industry is resisting CSIRO's attempts to enjoin the sale of wireless LAN products. Recently, Microsoft, 3COM Corporation, SMC Networks, Accton Technology Corporation, Intel, Atheros Communications, Belkin International, Dell, Hewlett-Packard, Nortel Networks, Nvidia Corporation, Oracle Corporation, SAP AG, Yahoo, Nokia, and the Consumer Electronics Association filed briefs in support of Buffalo's position that injunctive relief is inappropriate in this case.
  During the period of time that the injunction is in effect (10/1/2007), Buffalo cannot offer for sale, sell, import, or use its IEEE 802.11a and 802.11g compliant products in the United States. A list of the products covered by the injunction is attached here . The injunction does not prohibit sales of pre-existing inventories of products by Buffalo's customers. In addition, Buffalo has secured CSIRO's agreement to permit the replacement of defective products under warranty. None of Buffalo's other products are currently affected by this injunction.
  While Buffalo believes that it will be successful in reversing the district court's decision and will obtain a stay of the injunction pending a decision on the merits, the Court of Appeals has not yet issued a decision. Should the Court of Appeals issue a decision staying the injunction, you will be promptly notified. After the stay is issued or a favorable decision on the merits is obtained, Buffalo will be able to resume the supply of IEEE 802.11a and 802.11g products
  Please rest assured that Buffalo continues to stand behind their products and will continue to support all of our loyal customers as it relates to product warranties, technical support and the like without interruption.

  I suspect after reading the patent and the litigation that you mentioned above, that the US District Court decision will be reversed as the patent appears to be very vague in its contsruction and verbage. Furthermore, the intent to hold the IEEE hostage on the ratification of 802.11n will not bode well in the court's eyes. If in fact the case is reversed, I believe that the members of CSIRO will be in danger of lost profits litigation from Buffalo. Stay tuned to this bat channel.

• How to create guest access in wireless by WISM and WCS and ACS?

  dear sir
  i neeed to know the steps of how we can make guest access to our network like hotels by using our WISM v 7.0.220 and wireless control system and ACS ?

  You need to define your requirements a little bit. The WLC can do WebAuth and an employee can access either the WLC or WCS to put in the username and password credentials, but you would need to figure out what's best for you.
  Here is a support doc that you can reference.
  https://supportforums.cisco.com/docs/DOC-13954
  Sent from Cisco Technical Support iPhone App

• Creating and deleting users using AM Client SDK

  Hi,
  I was wondering if anyone could tell me how to create and/or delete users from Access Manager from a standalone application using the AM Client SDK? From what I have read this can be done using the AMStoreConnection class but I can't find any examples on how to use this class to add and delete users. The only examples I have found is how to retrieve data from AM. I need to keep AM and the underlying directory server in sync with another identity datastore so I need to build a process in Java to do this. Any help is appreciated.
  Thanks
  -Jeff

  Lets assume we have a HR system and the user has got deleted in the system, the HR system drop a CSV file to a specified location with the details of the user to be deleted from the IDM system . Now the CSV GTC connector would need to read the record and delete the user .
  This can be done , I have done this using API calls , but i assume that there would be someway of doing this using the OOB GTC .I think we need to set the correct value for the status field to do this ..
  I am not sure what status to set.

• Is it possible to map a Sponsor Group in Cisco ISE to a user group in Active Directory, through a RADIUS server?

  Hi!!
  We are working on a mapping between a Sponsor Group in Cisco ISE and a user group in Active Directory....but the client wants the mapping to be through a RADIUS SERVER, for avoiding ISE querying directly the Active Directory.
  I know it is possible to use a RADIUS SERVER as an external identity source for ISE.....but, is it possible to use this RADIUS SERVER for this sponsor group handling?
  Thanks and regards!!

  Yes It is possible to map Sponser group to user group in AD and if you want to know how to do please open the below link and go to Mapping Active Directory Groups to Sponsor Groups heading.
  http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_guest_pol.html#wp1096365

• SYS, SYSTEM and SYSAUX when full database refresh.

  I took full export from database using below command
  expdp "'/ as sysdba'" full=Y directory=DPUMP_DIR dumpfile=expdp_11032011.dmp logfile=expdp_11032011.log Now, I need to import this file to an other database.
  When do schema refresh we usually drop all the object in that schema and start refresh, but when doing fullback up, do we need to drop all user?
  what about sys, system and sysaux user?

  user3636719 wrote:
  So, the tables in the SYS and SYSTEM will remain same when we refresh?
  Structure will not be modified but contents will be automatically modified when DLL is executed when importing.
  And do we have to drop other user before we import?Applications schemas that you have created should be dropped. In general don't modify any schema that is directly managed by Oracle such as SYS or SYSTEM or any schema used by some database option like Oracle Text, Oracle Spatial, etc.

• Cisco Show and Share Publish

  Hello Everyone
  Regarding to Cisco show and share , I have a question regarding to the URL which will be accessed by Cisco Show and Share users , is this URL same as the URL which is used for Administration?. I have two Show and share on for internal and other for External users , each one have URL. MY question regarding to end users access after i will pubblesh videos , they will access the same URL which is used to access administration page?. Your help is so highly apperciated for me.
  Thanks

  hello kamel,
  i am not quite sure that i have understood your question but most probably is related with the following:
  1) the SNS url either for end users or even for the admin is the same. For example, the "sns.video.com" url will be used both from admins and end users. Though, the admin, has some more privileges against end users and thus can access more pages on the same URL.
  2)as for the internal and external sns servers, i believe that you have to deploy your videos twice if you want to have the same videos on both servers.
  ifthe above doesnt answer to your questions please let me know.
  thank you

• Cisco 1242AP and wireless distribution system

  Cisco AIR AG1242AP-E-K9
  does the Cisco 1242 access point support WDS as in 'Wireless Distribution System'? (not wireless domain service). I'm trying to configure my 1242 as a wireless bridge to connect to an O2wireless box router but without success. The O2 router help files only refer to allowing connections using the Wireless Distribution System which I fear (as a newbie) might not be the same thing as allowing a wireless bridge device to connect. I'm a bit confused about this so thanks for any pointers.

  Seen a few posts on other websites - regarding Netgear, Belkin wireless devices trying to connect using the WDS, no sucess stories :o(
  Here is a Wikipedia link on the subject and vendors that support it:-
  http://en.wikipedia.org/wiki/Wireless_Distribution_System
  HTH.

• I have two facetime users, both connecting to our enterprise wireless network (Cisco WCS) and they can't make a facetime connection from IPAD to IPAD.  Are there any apple protocols or other settings that need to be enabled on WCS?  No firewall involved.

  I have two facetime users, both connecting to our enterprise wireless network (Cisco WCS) and they can't make a facetime connection from IPAD to IPAD.  Are there any apple protocols or other settings that need to be enabled on WCS?  There is no firewall inbetween the two connections, as this is all on our internal network. 
  Both devices can connect to the network, but when they try to talk to each other they can't make the connection.
  Thanks.

  If anyone ever comes across this and has the same issue, here's what I did to fix it:
  My Linksys router has a Network Mode setting, and I had to change it from "Mixed" to "Wireless-G only".  (I would've used N but one of the NICs in my house is too old to support it.)  Anyway, after making this change, Facetime works fine on the phone.  Hope this helps someone else!

• WAP200E and Cisco Wireless Control System

  Hi.
  I have a customer with a linux OS machine running Cisco Wireless Controll System.
  He needs are to add a new wireless AP with the following features :
  - compatible with most laptops
  - exterior conditions "resistant" (sun, rain...)
  - reasonnable performance (the AP would be a a roof with people on the roof itself, max distance : 15 meters, no walls)
  AND
  Which product would you recommend ?
  I saw the WAP200E but I have no idea
  - if it is compatible with Cisco Wireless Control System
  - what antenna(s) to buy

  Hi Yves,
  The WAP200E is not compatible with the WCS.
  1.  How high (in relation to the client) is the AP going to be installed?
  2.  How is the AP going to be installed?  Will it be hanging down?
  3.  Do you need Cisco CleanAir?