|
Table Of Contents
Release Notes for Cisco Secure
User Registration Tool Release 2.5.4 and VLAN Policy ServerHardware and Software Requirements
Feature Enhancements in Release 2.5.1
Clarification about Auto-Install
Collecting Troubleshooting Data from the VLAN Policy Server
Changes to AdminServerAttributes
vlancmd Feature Available on Linux Clients
Setting DNS Settings on the VLAN Policy Server
Support for International Java Runtime Environment
Upgrading URT from Release 2.5 or 2.5.x to Release 2.5.3
Upgrading the URT Administrative Server
Upgrading the VLAN Policy Server 1101
Upgrading the VLAN Policy Server 1102
URT Installation and Setup Guide Update
Cisco 1102 VLAN Policy Server Installation and Setup Guide Updates
Obtaining Technical Assistance
Obtaining Additional Publications and Information
Release Notes for Cisco Secure
User Registration Tool Release 2.5.4 and VLAN Policy Server
These release notes are for use with Cisco Secure User Registration Tool (URT) Release 2.5.4 and the VLAN Policy Server (VPS).
These release notes contain:
• Hardware and Software Requirements
• Feature Enhancements in Release 2.5.1
• New Features in Release 2.5.3
• Upgrading URT from Release 2.5 or 2.5.x to Release 2.5.3
• Additional Information Online
• Obtaining Technical Assistance
• Obtaining Additional Publications and Information
Hardware and Software Requirements
Table 1 lists hardware and software required for installing and using URT. Table 2 lists software required for installing and using URT.
New Features in Release 2.5
The VLAN Policy Server hardware has been superseded by the Cisco 1101 VLAN Policy Server.
URT Release 2.5 contains the following new features:
•Web-based logon from Windows, Macintosh, and Linux clients.
•Support for Lightweight Directory Access Protocol (LDAP) directory authentication for Active Directory (AD) and Novell Directory Service (NDS).
•RADIUS web authentication and accounting.
•Secure link between the client and VLAN Policy Server (VPS).
•Support for Windows XP clients.
•Support for multiple users per port based on user ID (web logons only). This feature allows several users to connect to the Internet through a hub that is served by a single switch port. (All users behind the hub must be assigned to the same VLAN.)
•Protection against network access by unregistered MAC addresses.
•Viewing of MAC registration events through the user interface.
•Automatic save of all changes to the URT database; database changes are reflected immediately in the network.
•Support for additional Cisco Catalyst switches.
Feature Enhancements in Release 2.5.1
URT Release 2.5.1 contains the following feature enhancements:
• Clarification about Auto-Install
• Collecting Troubleshooting Data from the VLAN Policy Server
• Changes to AdminServerAttributes
• vlancmd Feature Available on Linux Clients
• Setting DNS Settings on the VLAN Policy Server
• Support for International Java Runtime Environment
Clarification about Auto-Install
For the auto-install feature to work properly, the PC domain membership must match the domain of the domain\domain_user logging into the PC.
Collecting Troubleshooting Data from the VLAN Policy Server
You can collect data from VLAN Policy Server (VPS) log files and XML files to provide troubleshooting information to the Cisco Technical Assistance Center (TAC). The log files (UrtVmpsServer.log) and XML files reside in the /opt/CSCOpx/objects/urt/data directory on the VPS.
To collect this information, you must first enable trace on the primary (active) VPS:
Step 1 Open a browser window.
Step 2 Enter the following URL in the address field:
http://VPS_address:1741
where VPS_address is the IP address of the active VPS.
Step 3 In the CiscoWorks2000 Login Manager window, enter admin in both the Username and Password fields.
Step 4 Under the Diagnostics tab, click URT Debugging.
Step 5 At the bottom of the window, click Enable Debug Trace Mode.
Step 6 In the URT Debugging window, click Confirm.
The following message is displayed:
URT VPS Server has been restarted and debug trace mode is now enabled.
Step 7 Under the Diagnostics tab, click URT Debugging again.
Step 8 To download the .tgz file, click the Download URT Debug Information link.
Step 9 In the next dialog box, select Save to Disk.
Step 10 In the Save As... dialog box, navigate to the location in which you wish to save the debug file.
Step 11 Click Save.
The diagnostic information is saved (in compressed format) to the location you specified in Step 10. You can send this file to the Cisco TAC for troubleshooting assistance.
Step 12 To disable trace on the VPS, select URT VPS Servers from the URT Administrative interface.
Step 13 Double-click the appropriate VPS.
Step 14 In the URT VPS Server Configuration window, deselect the Enable Trace setting.
Disabling the URT Event Bus
In the Options dialog box of the Administrative tab, the Disable URT Event Bus feature allows you to disable the TIBCO event bus to suppress the display of exception messages during client logon and logoff.
Changes to AdminServerAttributes
Three of the administrative options previously saved in UrtOptions.xml are now saved in UrtAttributes.xml.
These options, available from the URT Administrative interface by selecting View > Options, then clicking the Admin tab, are:
•Enabling and disabling trace on the Administrative Server.
•The UrtAdminServer.log file location.
•The Group Membership setting.
A new administrative option, Disable URT Event Bus, is also saved in UrtAttributes.xml.
vlancmd Feature Available on Linux Clients
The vlancmd feature is now available for use on Linux clients.
Setting DNS Settings on the VLAN Policy Server
When the VPS is used as a DNS server, the clients in the logon VLAN must know the Windows domain controller hostnames and corresponding IP addresses.
You can use the new option in the URT Administrative interface, Customize > Options > DNS >DNS Settings > Add, to enter the hostname and IP address mappings.
Support for International Java Runtime Environment
Release 2.5.1 includes the English JRE plug-in and the International JRE plug-in. By default, the English JRE plug-in is used. However, if the client system is running a non-US-localized Windows operating system (for example, Japanese), you must use the International JRE plug-in.
Caution You must use only the English JRE on systems running a US English (non-localized) Windows operating system.
To change the JRE default from English to International, go to the Customize tab, then select Options. In the Options window, click the Web tab, then select the check box Use International JRE Version as default download. (If the check box is deselected, the English version is used).
Note The JRE is downloaded only if the client system does not already have a JRE or native Java installed.
New Features in Release 2.5.3
The following new features are available in URT release 2.5.3:
URT Client Login
An alternative method for logging client systems into URT is available. This new method runs an executable file (urtlogon.exe) on the client system after a user logs in. The advantage of this method is that the executable file runs in the background, so the user cannot incorrectly cancel it, as is possible with the older method, which runs the file urt.bat after the user logs in.
The file urtlogon.exe is located in the same directory as the urt.bat file. To enable this new logon method for a client, place the urtlogon.exe file in the logon script of that client's Windows profile, replacing the urt.bat file if necessary.
New Device Support
URT release 2.5.3 adds support for new Cisco Catalyst switches in the following series:
•C2940
•C2950
•C2970
•C3550
•C3560
•C3750
•C4503
•C4506
•C4507
•C4510
Upgrading URT from Release 2.5 or 2.5.x to Release 2.5.3
As part of the upgrade, you must perform some reconfiguration tasks to activate URT Release 2.5.3 in the network.
• Upgrading the URT Administrative Server
• Upgrading the VLAN Policy Server 1101
• Upgrading the VLAN Policy Server 1102
Upgrading the URT Administrative Server
Note A single URT Administrative Server is recommended. If more than one URT Administrative Server is installed, URT will not coordinate logons between the servers.
Step 1 Log into URT using an account that has local Administrator privileges.
Step 2 Insert the URT 2.5.3 Administrative Server CD in the Windows system.
Step 3 Select Start > Run, then enter:
drive:\setup.exe
where drive: is your CD-ROM drive.
Step 4 Click OK.
The installation program starts.
Step 5 In the uninstallation dialog box, select Yes to uninstall.
Step 6 In the confirmation dialog box, select Yes.
The uninstallation program begins. When uninstallation is complete, a dialog box opens.
Step 7 Click OK.
The installation program begins.
Step 8 In the Welcome window, click Next to continue.
Step 9 In the User Information text box, enter the username and the company name.
The installation program displays the destination location.
Step 10 To continue, click Next.
Step 11 In the URT VPS Port Number dialog box, click Next.
Note Do not change the port number that the VPS uses to connect to the URT Administrative Server. This setting is preconfigured on the server.
Step 12 In the Create URT Administrative Services text box, enter the user ID and the system password. (The user ID must have administrator privileges on this system.)
The installation program begins copying files to your system.
Step 13 To complete the installation, select Yes to reboot.
After you restart the system, the URT Administrative Server begins to run, the URT Administrative Client Interface is installed, and URT is added to the program list in the Start > Programs menu.
Upgrading the VLAN Policy Server 1101
Note During the upgrade, the VPS will reboot twice.
Step 1 Obtain the upgrade image in one of the following ways:
•Download it from Cisco.com—From any system on the network that can connect to the VPS, open a web browser, then download the URT VLAN Policy Server Release 2.5.3 upgrade.
The upgrade image folder opens.
•Use the upgrade CD:
a. Insert the User Registration Tool VPS Upgrade CD (version 2.5.3 Cisco 1101 VLAN Policy Server) into the CD-ROM drive of any Windows system on the network that can connect to the VPS.
b. Using Windows Explorer, access the CD-ROM drive.
c. Double-click the vps1101UpgradeCDImage folder.
The upgrade image folder opens.
Step 2 Double-click autorun.bat.
Note A DOS command window opens; do not close this window.
Step 3 In the next dialog box, click Select to update VPS appliance.
The Setup dialog box is displayed.
Step 4 In the Appliance Host field, enter the VPS IP address.
Step 5 Click Install.
Step 6 In the User name and Password fields, enter admin.
Step 7 Click Login.
Step 8 Select the radio button for the URT Release 2.5.3 upgrade.
Step 9 Click Install.
The installation process begins.
After installation has completed, you are asked if you wish to upgrade another VPS.
Step 10 To upgrade another VPS, select Install next; otherwise, select Cancel to end the upgrade.
Verifying the VLAN Policy Server 1101 Upgrade
After upgrading the VPS, you should verify the upgrade.
Step 1 On the system where you performed the upgrade, open a web browser.
Step 2 Enter the following address:
http://VPS_IP_address:1741/index.html.
CiscoWorks2000 starts.
Step 3 In the CiscoWorks2000 desktop, enter admin in both the Name and Password fields.
Step 4 From the CiscoWorks2000 desktop, select Server Configuration >
Appliance Management > Appliance Status > Software Update History.Step 5 To verify that the last installation was successful, review the information in the Status column.
Upgrading the VLAN Policy Server 1102
Note During the upgrade, the VPS will reboot twice.
Step 1 Obtain the upgrade image in one of the following ways:
•Download it from Cisco.com—From any system on the network that can connect to the VPS, open a web browser, then download the URT VLAN Policy Server Release 2.5.3 upgrade.
The upgrade image folder opens.
•Use the upgrade CD:
a. Insert the User Registration Tool VPS Upgrade CD (version 2.5.3 Cisco 1102 VLAN Policy Server) into the CD-ROM drive of any Windows system on the network that can connect to the VPS.
b. Using Windows Explorer, access the CD-ROM drive.
c. Double-click the vps1102UpgradeCDImage folder.
The upgrade image folder opens.
Step 2 Double-click autorun.bat.
Note A DOS command window opens; do not close this window.
Step 3 In the next dialog box, click Select to update VPS appliance.
The Setup dialog box is displayed.
Step 4 In the Appliance Host field, enter the VPS IP address.
Step 5 Click Install.
Step 6 In the User name and Password fields, enter admin.
Step 7 Click Login.
Step 8 Select the radio button for the URT Release 2.5.3 upgrade.
Step 9 Click Install.
The installation process begins.
After installation has completed, you are asked if you wish to upgrade another VPS.
Step 10 To upgrade another VPS, select Install next; otherwise, select Cancel to end the upgrade.
Verifying the VLAN Policy Server 1101 Upgrade
After upgrading the VPS, you should verify the upgrade.
Step 1 On the system where you performed the upgrade, open a web browser.
Step 2 Enter the following address:
http://VPS_IP_address:1741/index.html.
CiscoWorks2000 starts.
Step 3 In the CiscoWorks2000 desktop, enter admin in both the Name and Password fields.
Step 4 From the CiscoWorks2000 desktop, select Server Configuration >
Appliance Management > Appliance Status > Software Update History.Step 5 To verify that the last installation was successful, review the information in the Status column.
URT Documentation
Note Although every effort has been made to validate the accuracy of the information in the printed and electronic documentation, you should also review the URT documentation on Cisco.com for any updates.
The following documents are provided in PDF on your product CD:
•User Guide for the Cisco Secure User Registration Tool
•Installation and Setup Guide for the Cisco Secure User Registration Tool
•Installation and Setup Guide for the Cisco 1102 VLAN Policy Server
•Regulatory Compliance and Safety Information for the Cisco 1102 VLAN Policy Server
•User Registration Tool Software Developer's Guide
Note Adobe Acrobat Reader 4.0 or later is required.
Use these documents to learn how to install and use URT:
•Installation and Setup Guide for the Cisco Secure User Registration Tool—Provides instructions for installing URT, and quick-start steps for using URT. This publication is available on the URT CD-ROM in PDF.
•User Guide for the Cisco Secure User Registration Tool—Describes URT and provides instructions for configuring, administering, and operating it. This publication is available on the URT CD-ROM in PDF.
•URT online help—Contains all of the information available in User Guide for the Cisco Secure User Registration Tool. This ensures that you have complete information, even if you do not have the manual readily available while
using URT.Use this publication to learn how to install the Cisco 1102 VLAN Policy Server:
•Installation and Setup Guide for the Cisco 1102 VLAN Policy Server (DOC-7816255=)—Provides instructions for installing and setting up the 1102 VLAN Policy Server. This publication is available on the URT CD-ROM in PDF.
Additional Information Online
For information about URT supported devices, check the URT documentation on Cisco.com.
Documentation Updates
This section contains late-breaking updates to the URT documentation.
User Guide Updates
This section contains late-breaking updates to User Guide for the Cisco Secure User Registration Tool.
Chapter 1 Update
The following information was omitted after the second note in the "Understanding Traditional Logons and Web Logons" section on page 1-5:
For traditional logons, you can specify the same Active Directory server as both an NT domain and an LDAP directory; users can be associated with both. The LDAP association takes precedence over the NT domain association.
Chapter 4 Updates
These topics contain updates to Chapter 4:
• Overview of RADIUS Authentication Support
Managing LDAP Servers
On page 4-11, the following italicized information was omitted after the second paragraph in the section:
URT supports redundant LDAP servers. If the primary LDAP server fails, URT can query a second or third LDAP server for the user, group, or organizational unit assignment.
It is recommended that redundant LDAP servers use the same Base Distinguished Name.
In the Add Directory window, you can select multiple LDAP servers from the list of IP addresses. During logons, the VPS queries a random LDAP server from the list. If a connection to that server fails, logon attempts continue with other servers in the list until an available server is located.
LDAP associations are arranged in a hierarchical tree. An example tree might be structured as follows:
United States : Western States : California : San Francisco : Ken
URT might assign a VLAN to any place in the tree. If the username Ken has multiple organizational unit associations, URT searches for the username Ken first when looking for a VLAN association, and uses the first association it finds.
Adding LDAP Servers
On page 4-12, the following italicized information was omitted from Step 7:
Step 7 Select the interval at which the Client Module looks up the user in the LDAP tree to determine if the user's Distinguished Name (DN) has changed.
•When you use a long interval, the LDAP server is queried less frequently, resulting in less network traffic. If you change the interval, the change is not recognized until the original interval has elapsed.
For example, if you first set the interval to 3 hours, and you make changes every hour thereafter, the changes are not recognized until 3 hours have passed.
•When you use a short interval, network load on the LDAP server and the URT VPS increases.
Overview of RADIUS Authentication Support
At the top of page 4-16, the following note was omitted from the description of the RADIUS attribute syntax example:
URT:Vlan-Association=URT-1:Vlan6;
URT:Vlan-Association=URT-2:Vlan16;
URT:Allow-Multiple-Users=TRUE;
URT:Logon-User-Only=FALSE
Note For a description of these attributes, see Step 4 in the "Setting Web Associations" section on page 6-3.
Adding RADIUS Servers
On page 4-18, the following italicized information was omitted from Step 8:
Step 8 Enter the interval for verifying client attributes. A client sync message takes 5 minutes and the default interval is 12 minutes; therefore, verification occurs every 60 minutes (12 x 5).
•When you use a long interval, the RADIUS server is queried less frequently, resulting in less network traffic. If you change the interval, the change is not recognized until the original interval has elapsed.
For example, if you first set the interval to 3 hours, and you make changes every hour thereafter, the changes are not recognized until 3 hours have passed.
•When you use a short interval, network load on the RADIUS server and the URT VPS increases.
Chapter 6 Update
This information supersedes the information documented in the "Logging on as a Web Client" section on page 6-7 and the information published at http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/cw2000/fam_prod/user_reg/2_5/user/urt_web.htm#xtocid12.
To achieve URT web logon, you must log in twice, as follows:
Step 1 Logon to the local system from an account that has privileges to release and renew IP addresses.
•On Windows systems, you must logon to the local system as Administrator.
•On Macintosh systems, you must logon as root.
•On Linux systems, you can either:
–Logon as root.
–Allow non-root users to perform web logon. To do so, enter the following command to allow non-root users to control the dhcp client (pump, dhcpcd, or dhclient):
chmod u+s /sbin/pump
Note If you are using the dhcpcd or dhclient dhcp client instead of pump, make the appropriate command substitution.
Caution This method provides users with higher privileges than they would normally have. If non-root users are allowed to control the dhcp client on the Linux client systems, those users can release and renew IP addresses on that system. Therefore, verify your security policy before doing this.
Step 2 Launch a supported web browser, then logon to URT.
URT Installation and Setup Guide Update
This section contains late-breaking updates to Installation and Setup Guide for the Cisco Secure User Registration Tool.
Chapter 1 Update
In Table 1-1 on page 1-4, eDirectory should not be listed as a supported domain server.
Chapter 5 Update
The following information was omitted from the beginning of Chapter 5:
Note To ensure proper operation, you must be running the same URT environment on each component of your network (the URT Administrative Server, the VLAN Policy Server, and the URT client system).
For example, you can run a combination of Release 2.0.7 with 2.0.8, or a combination of Release 2.5 with 2.5.1; however, you cannot run a combination of Release 2.0.x with Release 2.5.x.
Cisco 1102 VLAN Policy Server Installation and Setup Guide Updates
This section contains late-breaking updates to Installation and Setup Guide for the Cisco 1102 VLAN Policy Server.
Chapter 4 Updates
Disregard the information in the "Administering User Accounts" and "Backing Up and Restoring Your VLAN Policy Server" sections.
Shutting Down and Reloading the VLAN Policy Server
Substitute the following procedure for the second paragraph:
To restart the VLAN Policy Server using the web interface:
Step 1 Select Diagnostic > Restart.
Step 2 Click Yes in the dialog box.
The VLAN Policy Server restarts.
Preparing to Install the Replacement VLAN Policy Server
Disregard Step 3.
Appendix C Updates
Command Summary
In Table C-1, disregard the following commands:
•backup
•backupconfig
•restore
•show anilog
•show backupconfig
•show collectorlog
In Table C-1, note the following changes to these commands:
Old Command New Commandshow hseaccesslog
show webaccesslog
show hseerrorlog
show weberrorlog
show hsesslaccesslog
show websslaccesslog
Privilege Level 15 Commands
In the "Privilege Level 15 Commands" section and all subsections, disregard the following commands:
•Backup
•Backupconfig
•Restore
•Show anilog
•Show backupconfig
•Show collectorlog
In the "repository" section, substitute the following italicized paragraph for the existing first paragraph:
To configure the VLAN Policy Server to be a repository, and to download software updates and images from an ftp server (or the product CD-ROM), enter the following command:
Note the following changes to these commands:
Old Command New Commandshow hseaccesslog
show webaccesslog
show hseerrorlog
show weberrorlog
show hsesslaccesslog
show websslaccesslog
Known and Resolved Problems
Known problems (bugs) in URT are graded according to severity level. These release notes contain descriptions of:
•All severity level 1 or 2 bugs.
•Significant severity level 3 bugs.
•All customer-found bugs (regardless of severity level).
Table 3 describes the problems known to exist in Release 2.5, Release 2.5.1, Release 2.5.3, and Release 2.5.4. Table 4 describes the problems resolved in Release 2.5. Table 5 describes the problems resolved in Release 2.5.1. Table 6 describes the problems resolved in Release 2.5.3. Table 7 describes the problems resolved in Release 2.5.4.
You can search for problems using the Cisco Software Bug Toolkit. To access the Software Bug Toolkit:
Step 1 Log into Cisco.com.
Step 2 Select Service & Support > Technical Support Help—Cisco TAC > Tool Index.
Step 3 In the Jump to: links at the top of the page, click the letter S, then select Software Bug Toolkit.
You can also access the Software Bug Toolkit by entering the following URL in your web browser:
http://www.cisco.com/cgi-bin/Support/Bugtool/home.pl.
Table 5 Resolved Problems in URT Release 2.5.1
Bug ID
(Severity) Summary Additional InformationCSCdv31361
(3)URT installed the English (not international) JRE.
In the Customize tab, a new check box, Use International JRE Version as default download, has been added to the Web tab of the Options window. Use this option to download the international JRE for use by URT web clients. (If the box is deselected, the US English version is used.)
Note This JRE is downloaded only if the client system does not already have a JRE or native Java installed.
CSCdx24830
(3)vlancmd on Linux was hanging occasionally.
This problem has been resolved.
CSCdy00232
(2)Windows 95 client IP address was not changed dynamically during login and logout.
To resolve this problem, you must download an updated version of the Microsoft Windows Sockets 2 (Winsock 2.0) run-time components for Windows 95 from the Microsoft web site:
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q177719
Note This web site is Copyright © 2002, Microsoft Corporation.
At this location, you can obtain msvcrt.dll and a working version of winicpfg (4.10.0.x or later) for URT.
CSCdy10491
(3)History Logging by date wrote one event to an earlier file.
This problem has been resolved.
CSCdy10901
(2)XML data files were not synchronized on the VPS.
The XML data files were not properly synchronizing on the URT VPS. Some files had the correct version number but incorrect data. Other XML files had incorrect version numbers. Therefore, the data was not synchronizing properly with the URT Administrative Server.
This problem has been resolved.
CSCdy11117
(3)Windows 95 and Windows 98 systems only supported 22 VPSs from the command line.
Entering more than 22 VPSs resulted in an error message.
This problem has been resolved.
CSCdy11129
(3)LDAP bounced a logged on user every 60 minutes.
When users log into the network using the URT web client, they are authenticated by Active Directory as the LDAP server.
Using LDAP, URT verified the user associations and domain name settings after 60 minutes. The domain name failed and returned a NULL, indicating to URT that there was no user assigned to the VLAN. The user then returned to the logon VLAN. The user's confirmation packet determined the correct domain name and association for that user; the user then returned to the user VLAN. As a result, the user was bounced and returned to the user VLAN every 60 minutes.
This problem has been resolved.
CSCdy12415
(2)Web option to close window after logon returned user to the logon VLAN.
When a user set the web option to close the browser window after logging on, the user could log on as expected, and the browser window closed. However, after approximately 15 minutes, the VPS returned the user to the logon VLAN.
This problem has been resolved.
CSCdy12691
(2)Apache Web Server vulnerability.
URT uses the Apache web server to upgrade the URT VPS and to service the URT Web Client module on the VPS.
This patch release resolves the security vulnerability described in:
http://httpd.apache.org/info/security_bulletin_20020617.txt
Note This web site is Copyright © The Apache Software Foundation.
and
http://www.cert.org/advisories/CA-2002-17.html
Note This web site is Copyright CERT© Coordination Center. CERT© is a registered trademark and service mark of Carnegie Mellon University.
CSCdy15341
(3)After a GroupUpdate, user no longer displayed in the UrtGroupMemberships.
This problem has been resolved.
CSCdy16111
(4)Null pointer exception when shutting down LDAP server, then double-clicking that server.
When shutting down the LDAP server, then double-clicking that server from the URT Administrative interface, a null pointer exception was displayed in the DOS window, suspending the user interface.
This problem has been resolved.
CSCdy25989
(3)Reconfirm of switch did not set VMPS Server settings.
The URT VPS now sets the VMPS Server settings before issuing the SNMP reconfirm.
CSCdy27258
(3)TibrvException error displayed during client logon and logoff.
This problem has been resolved.
CSCdy33847
(3)Could not add task item to ClientScheduler queue because the queue limit had been reached.
Users were not being switched from the logon VLAN to the user VLAN.
This problem has been resolved.
CSCdy38114
(3)Client sent out 300 ping packets to verify that the link was up.
The ping interval has been significantly shortened.
CSCdy40380
(3)Windows XP Professional host could not join Windows domain with VPS/DNS.
To use the web logon feature, the VPS must be configured as a DNS server for the logon VLAN. During a traditional logon, a DNS query to resolve the Windows domain controller name from Windows XP Professional systems was not resolved to the correct IP address by the VPS being used as a DNS server.
This problem has been resolved.
CSCdy45202
(3)VPS/DNS was resolving Windows domain controller names.
A VPS used as a DNS server should not have resolved all incoming requests to its own IP address. During a traditional logon, the client system sends a DNS query to resolve the Windows domain controller name.
The VPS/DNS behavior has been changed so that it does not resolve the domain controller name to its own IP address. Hostnames are now resolved to IP addresses based on a list of hostnames added using the URT Administrative interface. You can use the DNS Option tab to add a list of names to the IP addresses. The VPS will resolve those names to the specified IP addresses.
CSCdy45387
(4)On Windows XP systems, Netscape 6.2 installed JRE 1.3.x when JRE was 1.4.0 needed.
On Windows XP systems, URT requires the Sun Java JRE 1.4.0_01 plug-in.
While installing Netscape 6.2 for the first time:
•A full installation installs JRE 1.3.1_02.
•A recommended installation does not install the JRE.
CSCdy45387
(continued)When you introduce this client system to URT, URT detects that either the incorrect JRE or no JRE has been installed. A Java Plug-in dialog box informs you that, for the page to display properly, you must download and install the 1.4.0_01 plug-in (which resides on the VPS).
You can download the US English (the default) or All Languages (International) version of the plug-in.
In the dialog box, click the link that takes you to the download; then follow the installation instructions.
CSCdy46710
(4)JRE 1.4.0_01 sometimes does not plug into Netscape 6.2.3.
When you install JRE 1.4.0_01 and select Netscape 6 to use the Java plug-in as the default Java Runtime, the installation sometimes fails and the URT web client is repeatedly prompted to download and install JRE 1.4.0.
Note This behavior was most often observed on Windows XP systems.
This failure is not detrimental to the operation of the URT web client; however, to work around this behavior:
1. Select Start > Settings > Control Panel > Java Plug-In 1.4.0_01.
2. Click the Browser tab.
3. Select Netscape 6 again.
CSCdy47395
(2)Space embedded in the system variable was not recognized.
On some clients, the %TEMP% system variable is defined as:
C:\DOCUME~1\ADMINI~1\LOCAL SETTINGS\Temp
The space between LOCAL and SETTINGS caused the remainder of the command to be truncated.
The URT.BAT script has been changed so that all occurrences of the %TEMP% variable are enclosed in quotation marks, as in the following example:
"%TEMP%\OnOffHandler" -domain
domain_name -trace -logoffDelay 7 -exec "y:\posturt.bat"CSCdy49007
(4)URT client file system needed domain access rights.
If the file system on the client system is locked, the domain controller, which requires right access to the files, cannot update the client files upon logon. In these situations:
•The client remains in the logon VLAN.
•Each client must be manually updated by an admin user with the appropriate rights (a prohibitively time-consuming solution in environments with a large number of PCs).
•A "Permission Denied" error message is generated.
To work around this problem, you must grant Domain Controller rights to the client.
CSCdy49949
(2)Client service pings the switch gateway continuously.
The URT client sometimes continues to ping the gateway repeatedly, even after the logon process has completed.
No user intervention is required.
CSCdy50233
(5)Need more information about resynchronizing mobile clients.
URT allows a client to disconnect from one port and move to another port without logging off. If a user disconnects their system by unplugging a cable, logoff takes approximately 10 minutes (the time it takes for two synchronizing messages to be generated).
When connecting to a new port, it takes the VPS approximately 4 to 5 minutes to reinitialize the client on the new port.
There is no workaround.
CSCdy50463
(3)Menu item for Update URT Server Group Entries was unintuitive.
To use the Update URT Server Group Entries feature in URT Release 2.0.x, you would select the Windows domain name under the NT and NDS Domains folder, then select Customize >
Update Server Group Entries.In Release 2.5, this feature was grayed out and unavailable from the menu if you did not first select the Groups icon from within the NT and NDS Domains folder. (You can find the Groups icon by expanding the NT and NDS Domains folder, then looking under the Windows domain name, then looking under the Users icon.)
This function has been changed back to an available selection when only the domain name or group is selected.
CSCdy50490
(3)No online help associated with DNS Attributes in URT Options.
In the URT Administrative interface, when you select Customize > Options > DNS >
DNS Settings > Add, no help topic is associated with the Help button.The following information should be associated with the Help button:
"When the VPS is used as a DNS server, the clients in the logon VLAN must know the Windows domain controller hostnames and corresponding IP addresses. You can use this feature to enter the hostname and IP address mappings."
CSCdy50527
(3)No online help associated with Disable Event Bus feature.
At the bottom of the Customize > Options > Administrative window is a check box to enable or disable the "Disable URT Event Bus feature." If you click Help, no help topic is available.
The following information should be associated with the Help button:
"Use this option to enable or disable the TIBCO event bus."
CSCdy61171
(2)Auto-install failed on some Windows clients.
This problem has been resolved.
Obtaining Documentation
Cisco provides several ways to obtain documentation, technical assistance, and other technical resources. These sections explain how to obtain technical information from Cisco Systems.
Cisco.com
You can access the most current Cisco documentation on the World Wide Web at this URL:
http://www.cisco.com/univercd/home/home.htm
You can access the Cisco website at this URL:
International Cisco websites can be accessed from this URL:
http://www.cisco.com/public/countries_languages.shtml
Documentation CD-ROM
Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which may have shipped with your product. The Documentation CD-ROM is updated regularly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual or quarterly subscription.
Registered Cisco.com users can order a single Documentation CD-ROM (product number DOC-CONDOCCD=) through the Cisco Ordering tool:
http://www.cisco.com/en/US/partner/ordering/ordering_place_order_ordering_tool_launch.html
All users can order monthly or quarterly subscriptions through the online Subscription Store:
http://www.cisco.com/go/subscription
Ordering Documentation
You can find instructions for ordering documentation at this URL:
http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm
You can order Cisco documentation in these ways:
•Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from the Networking Products MarketPlace:
http://www.cisco.com/en/US/partner/ordering/index.shtml
•Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco Systems Corporate Headquarters (California, U.S.A.) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387).
Documentation Feedback
You can submit comments electronically on Cisco.com. On the Cisco Documentation home page, click Feedback at the top of the page.
You can e-mail your comments to bug-doc@cisco.com.
You can submit comments by using the response card (if present) behind the front cover of your document or by writing to the following address:
Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883We appreciate your comments.
Obtaining Technical Assistance
Cisco provides Cisco.com, which includes the Cisco Technical Assistance Center (TAC) website, as a starting point for all technical assistance. Customers and partners can obtain online documentation, troubleshooting tips, and sample configurations from the Cisco TAC website. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC website, including TAC tools and utilities.
Cisco.com
Cisco.com offers a suite of interactive, networked services that let you access Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.
Cisco.com provides a broad range of features and services to help you with these tasks:
•Streamline business processes and improve productivity
•Resolve technical issues with online support
•Download and test software packages
•Order Cisco learning materials and merchandise
•Register for online skill assessment, training, and certification programs
To obtain customized information and service, you can self-register on Cisco.com at this URL:
http://tools.cisco.com/RPF/register/register.do
Technical Assistance Center
The Cisco TAC is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two types of support are available: the Cisco TAC website and the Cisco TAC Escalation Center. The type of support that you choose depends on the priority of the problem and the conditions stated in service contracts, when applicable.
We categorize Cisco TAC inquiries according to urgency:
•Priority level 4 (P4)—You need information or assistance concerning Cisco product capabilities, product installation, or basic product configuration. There is little or no impact to your business operations.
•Priority level 3 (P3)—Operational performance of the network is impaired, but most business operations remain functional. You and Cisco are willing to commit resources during normal business hours to restore service to satisfactory levels.
•Priority level 2 (P2)—Operation of an existing network is severely degraded, or significant aspects of your business operations are negatively impacted by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation.
•Priority level 1 (P1)—An existing network is "down," or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation.
Cisco TAC Website
The Cisco TAC website provides online documents and tools to help troubleshoot and resolve technical issues with Cisco products and technologies. To access the Cisco TAC website, go to this URL:
All customers, partners, and resellers who have a valid Cisco service contract have complete access to the technical support resources on the Cisco TAC website. Some services on the Cisco TAC website require a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to this URL to register:
http://tools.cisco.com/RPF/register/register.do
If you are a Cisco.com registered user, and you cannot resolve your technical issues by using the Cisco TAC website, you can open a case online at this URL:
http://www.cisco.com/tac/caseopen
If you have Internet access, we recommend that you open P3 and P4 cases online so that you can fully describe the situation and attach any necessary files.
Cisco TAC Escalation Center
The Cisco TAC Escalation Center addresses priority level 1 or priority level 2 issues. These classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer automatically opens a case.
To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to this URL:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
Before calling, please check with your network operations center to determine the Cisco support services to which your company is entitled: for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). When you call the center, please have available your service agreement number and your product serial number.
Obtaining Additional Publications and Information
Information about Cisco products, technologies, and network solutions is available from various online and printed sources.
•The Cisco Product Catalog describes the networking products offered by Cisco Systems, as well as ordering and customer support services. Access the Cisco Product Catalog at this URL:
http://www.cisco.com/en/US/products/products_catalog_links_launch.html
•Cisco Press publishes a wide range of networking publications. Cisco suggests these titles for new and experienced users: Internetworking Terms and Acronyms Dictionary, Internetworking Technology Handbook, Internetworking Troubleshooting Guide, and the Internetworking Design Guide. For current Cisco Press titles and other information, go to Cisco Press online at this URL:
•Packet magazine is the Cisco quarterly publication that provides the latest networking trends, technology breakthroughs, and Cisco products and solutions to help industry professionals get the most from their networking investment. Included are networking deployment and troubleshooting tips, configuration examples, customer case studies, tutorials and training, certification information, and links to numerous in-depth online resources. You can access Packet magazine at this URL:
http://www.cisco.com/go/packet
•iQ Magazine is the Cisco bimonthly publication that delivers the latest information about Internet business strategies for executives. You can access iQ Magazine at this URL:
http://www.cisco.com/go/iqmagazine
•Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering professionals involved in designing, developing, and operating public and private internets and intranets. You can access the Internet Protocol Journal at this URL:
http://www.cisco.com/en/US/about/ac123/ac147/about_cisco_the_internet_protocol_journal.html
•Training—Cisco offers world-class networking training. Current offerings in network training are listed at this URL:
http://www.cisco.com/en/US/learning/le31/learning_recommended_training_list.html
This document is to be used in conjunction with the documents listed in the "URT Documentation" section.
Copyright © 2004, Cisco Systems, Inc.
All rights reserved.
Posted: Tue Apr 6 15:39:00 PDT 2004
All contents are Copyright © 1992--2004 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.