Create a User account in active directory from SharePoint online 2013 list data
Hello,
I am trying to create a SharePoint list through which i can create a user account into active directory,
1 - HR is sending the detail in the email body to a Specific email address ([email protected]) like below..
First Name: XYZ
Last Name: ABC
Address: ABC 123
Designation: Analyst
Employee ID: 10492
and so on
2 - I need to pickup every new email data of the above section into sharepoint list (in Column)
First Name Last Name Address Designation Employee ID
3 - I want to create a event receiver through which i can go ahead and find the new data in the list and then create a user in the active directory,
I tried very hard and since i dont have much experience in coding part, any help will be highly appreciated
Thank you
Aman
1- Configure Incoming Email Setting at your SharePoint Farm -
https://technet.microsoft.com/en-us/library/cc262947.aspx
http://blogs.technet.com/b/harmeetw/archive/2012/12/29/sharepoint-2013-configure-incoming-emails-with-exchange-server-2013.aspx
2- Configure your Sharepoint List Incoming e-mail settings for [email protected] - ListSetting-Communications->Incoming e-mail settings. -
https://support.office.com/en-in/article/Enable-and-configure-e-mail-support-for-a-list-or-library-dcaf44a0-1d9b-451a-84c7-6c52e7db908e
3- Write an Incoming Email Receiver , and Add you Email Body Parsing Code (retrive value of fields , firstname , lastname etc) in
EmailReceived() method. also add the code for adding new user in Active Directory
http://blogs.msdn.com/b/tejasr/archive/2010/03/06/event-handler-code-to-add-incoming-emails-with-subject-discussion-id-as-replies.aspx
https://pholpar.wordpress.com/2010/01/13/creating-a-simple-email-receiver-for-a-document-library/
4- Active Directory Code Help -
http://www.codeproject.com/Articles/18102/Howto-Almost-Everything-In-Active-Directory-via-C
http://www.codeproject.com/Tips/534718/Add-User-to-Active-Directory
Thanks
Ganesh Jat [My Blog |
LinkedIn | Twitter ]
Please click 'Mark As Answer' if a post solves your problem or 'Vote As Helpful' if it was useful.
Similar Messages
-
Disable user account on Active Directory??
I sync user account from iPlanet DS to Active Directory through Meta Directory. If I disable user account on iPlanet DS, can meta directory disable the user account on Active Directory Server?
AD has an attribute called userAccountControl. This attribute has a value of 512 when an AD account is active and 546 when it has been disabled. I flow a constructed attribute called userAccountControl with two rules, one for enable and one for disable. The selection criteria for the enable/disable rule is based upon a change in employee status. For example, (%mv.employeestatus%==T). Another way to do this would be a single attribute constructrion rule that calls an external script (written in Perl) that accounts for multiple conditions and then enables/disables the AD account accordingly. In the attribute flow rule, you flow the constructed attribute userAccountControl to mdsAdUserAccountControl (assuming an AD-Specific schema setting in the AD connector).
-
If we utilize the Cutover method to migrate from on-premise Exchange (2007) to Office 365, which to my understanding will hand over user management/authentication to Office 365 online during the process, is possible to later switch from Office 365 user management
to Active Directory (synced to a future local domain, or even possibly via AD federation single sign-on)? If so, how difficult is this process and is there any documentation available?
Asking this because the organization I'm working for plans to upgrade (re-do actually) its entire infrastructure. There will be a completely brand new domain/AD set up that's totally unrelated to the old one. At the same time, we also plan to migrate
all emails (previously hosted locally on Exchange 2007) to Office 365 and get rid of local exchange. Now because we will set up new domain, we do not want to carry over the older AD to the cloud, hence we will not use the "Staged Migration".
So the plan is to to use "Cutover" migration first, which means all authentications will become Office 365 managed. That's fine for now. But later, after we set up our new domain and AD controller etc, we'd like to have Exchange Online switch back
to syncing with our new on-premise AD. We'd also like to consider the AD Federation Services if it's not too complicated to set up.
Your advice on this would be greatly appreciated!In principle, you cannot sync back from the cloud AD to the on-prem, yet. But you can take advantage of the soft-matching mechanism once you have the new AD in place:
http://support.microsoft.com/kb/2641663
Be careful though, as the moment you turn on Dirsync, all the matching users in the cloud will have their attributes overwritten. A very good idea is to do an 'export' of the cloud AD first, using the WAAD module for PowerShell and the Get-MsolUser cmdlets,
which you can then use to compare or import data in the new on-prem AD. Some links:
http://technet.microsoft.com/en-us/library/hh974317.aspx
http://msdn.microsoft.com/en-us/library/azure/dn194133.aspx -
We are currently using local user accounts with CUCM 9.1.2 and are looking at integrating it into the active directory structure.
We do utilize the same structure for user ID's.
I am looking to find out what the changeover will entail and if anything else needs to be done prior to the integration.
We also have Unity syncing up with CUCM for users as well as Contact Center sync'ed up for our ACD system.
Thanks
MikeHey Mike,
The process is pretty straight forward. CUCM 9.X supports the coexistence of AD integrated users and local users so you don't have to worry about local accounts disappearing if they don't have an AD account. The biggest thing to watch out for is that if you decide to revert back for whatever reason then the accounts that were in AD will be marked for deletion (from the CUCM, not AD) and will be removed after approximately 24 hours.
I recommend the following if you'd like to move to AD.
Run a DRS backup of CUCM. This is not necessary for the integration but is good practice in my opinion. I'd also do a full export of your users using the BAT so you can reimport users to how they were before the integration should you decide to revert for any reason.
Determine if you want to put the user's extensions in the telephonenumber field or ipPhone field in AD. Once you make a decision, I recommend populating that information in AD so it is available when you do the integration.
Make sure your local CUCM user accounts usernames are exactly the same as your domain accounts. That way when you do the integration the local users become AD users and keep all of their phone associations, group memberships, etc. If you need to change the usernames then be sure to notify your users ahead of time so they can start logging into UCCX or UCM user pages, etc. using their new username.
Create an account in AD that has read-only rights to your directory. Set the password to never expire. You will use this account later for the integration.
In CUCM, go into Serviceability and make sure the "Cisco DirSync" service is activated on the Publisher server.
Also in CUCM, navigate to the administration page and do the following:
Go to System > LDAP > LDAP System and Check the box to enable Synchronizing. Confirm the LDAP server type and attribute for User ID is accurate. This is typically Microsoft Active Directory and sAMAccountName respectively.
Go to System > LDAP > LDAP Directory
Click Add New
Give it a name (whatever you want).
Put in the Distinguished Name of the AD integration account you created earlier. For example, if you created an account called ciscoldap in the Service Accounts OU in the abc.com domain then it would look something like this... CN=ciscoldap,OU=Service Accounts,DC=abc,DC=com
Enter the password for the account.
Enter the search base. This can be a specific OU where your users exist, a parent OU which contains other OUs which contain all of your users or the entire domain. If you do the entire domain then in the abc.com example you would specify DC=abc,DC=com.
Select the option to perform a sync with AD on periodic intervals. The lowest interval you can set is every 6 hours.
Select either the telephonenumber or ipPhone field to be used for the user's extensions. This will be whatever you decided and populated in AD in an earlier step.
Add your primary and any backup domain controllers and ports. If they are just domain controllers and you are not using SSL then specify port 389. If they are also global catalog servers then you can do port 3268.
Click Save and Click the "Perform Full Sync Now" button.
I recommend that you also use LDAP for authentication as well so you only have one username and password to remember which is all controlled by AD. To add this do the following:Go to System > LDAP > LDAP Authentication.
Click Add New
Check the box to use LDAP Authentication
Add the same Distinguished name, passwords and user seach base that you used for your integration account earlier under the synchronization section. Also add the same primary and secondary LDAP servers and ports you used earlier.
Click Save
You can go a step further and create a filter to only pull in the users within the search base you specified and apply that. For example, maybe only pull in users that have their ipPhone field populated. Let me know if you have any questions on that or any of the above.
I hope this helps! -
How to create a disabled account in Active Directory?
Hi all,
I got the assignment to create AD accounts as soon as a new employee is entered into the hr system, which might be several weeks before their contract actually starts. Therefore the account should be disabled until the start of their contract and be enabled then.
Now, I tried a very simple approach and set accounts[Active Directory].disable=true during active sync when creating the account. According to the audit-entries, the value is set correctly, but my AD just doesn't bother. The account is created but not disabled. :-(
What can I do? The workflow so far was just "start -> provision -> end" and I tried to change it to "start -> provision -> disable ->end" with a new action like this:
<Activity id='4' name='Disable AD'>
<Action id='0' application='com.waveset.session.WorkflowServices'>
<Argument name='op' value='checkoutView'/>
<Argument name='type' value='Disable'/>
<Argument name='id' value='$(user.waveset.accountId)'/>
<Argument name='authorized' value='true'/>
</Action>
<Action id='1'>
<setvar name='view.resourceAccounts.currentResourceAccounts[AD].selected'>
<Boolean>true</Boolean>
</setvar>
<setvar name='view.resourceAccounts.currentResourceAccounts[AD].disabled'>
<Boolean>true</Boolean>
</setvar>
</Action>
<Action id='0' application='com.waveset.session.WorkflowServices'>
<Argument name='op' value='commitView'/>
<Argument name='view' value='$(view)'/>
</Action>
<Action id='2' process='Provision'>
<Argument name='op' value='provision'/>
</Action>
<Transition to='end'/>
<WorkflowEditor x='736' y='192'/>
</Activity>
However, there is no success. Probably I got some basic misunderstanding, since provision does not seem to complete when the workflow changes from provision to disable?
Any help woud be greatly appreciated.
CU,
Patrick.You need to use DisableViewer view.
Check following code.
<Action id='0' application='com.waveset.session.WorkflowServices'>
<Argument name='op' value='checkoutView'/>
<Argument name='type' value='DisableViewer'/>
<Argument name='id' value='$(userId)'/>
<Argument name='Form' value='Empty Form'/>
<Return from='view' to='disableView'/>
</Action>
Regards,
MK -
How to use Powershell to update user details in Active Directory?
Hi,
I received an updated contact list from HR of about 1500 names, and I want to update (make corrections and add missing data) ADUC quickly without having to do each user manually. How would I go about that using power-shell?
The fields that need updating are:
Under the General tab -> Description, Telephone number
Everything under the Address tab
Under the Telephone tab - > Mobile
Under the Organization tab -> Job Title, Department, Company, Manager
The server we're using is Windows Server 2008 R2.
Many thanks,
NickThere are 100 of such scripts are there online.
here are few tips and codes. you will get more.
https://gallery.technet.microsoft.com/scriptcenter/Feeding-data-to-Active-0227d15c
http://blogs.technet.com/b/heyscriptingguy/archive/2012/10/31/use-powershell-to-modify-existing-user-accounts-in-active-directory.aspx
http://powershell.org/wp/forums/topic/ad-import-csv-update-attributes-script/
Please mark this as answer if it helps -
Hi,
I want to setup an outpund hybrid search for SharePoint 2013 on-premise to SharePoint Online.
But I'm not shure if this works with ADFS SSO.
Has somebody experience with this setup?
Here's my guide which I'm going to use for this installation:
Introduction
In this post I'll show you how to get search results from your SharePoint Online in your SharePoint 2013 on-premise search center.
Requirements
User synchronisation ActiveDirectory to Office 365 with DirSync
DirSync password sync or ADFS SSO
SharePoint Online
SharePoint 2013 on-premise
Enterprise Search service
SharePoint Online Management Shell
Instructions
All configuration will be done either in the Search Administration of the Central Administration or in the PowerShell console of your on-premise SharePoint 2013 server.
Set up Sever to Server Trust
Export certificates
To create a server to server trust we need two certificates.
[certificate name].pfx: In order to replace the STS certificate, the certificate is needed in Personal Information Exchange (PFX) format including the private key.
[certificate name].cer: In order to set up a trust with Office 365 and Windows Azure ACS, the certificate is needed in CER Base64 format.
First launch the Internet Information Services (IIS) Manager
Select your SharePoint web server and double-click Server Certificates
In the Actions pane, click Create Self-Signed Certificate
Enter a name for the certificate and save it with OK
To export the new certificate in the Pfx format select it and click Export in the Actions pane
Fill the fields and click OK Export to: C:\[certificate
name].pfx Password: [password]
Also we need to export the certificate in the CER Base64 format. For that purpose make a right-click on the certificate select it and click on View...
Click the Details tab and then click Copy to File
On the Welcome to the Certificate Export Wizard page, click Next
On the Export Private Key page, click Next
On the Export File Format page, click Base-64 encoded X.509 (.CER), and then click Next.
As file name enter C:\[certificate
name].cer and then click Next
Finish the export
Import the new STS (SharePoint Token Service) certificate
Let's update the certificate on the STS. Configure and run the PowerShell script below on your SharePoint server.
if(-not (Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue)){Add-PSSnapin "Microsoft.SharePoint.PowerShell"}
# set the cerficates paths and password
$PfxCertPath = "c:\[certificate name].pfx"
$PfxCertPassword = "[password]"
$X64CertPath = "c:\[certificate name].cer"
# get the encrypted pfx certificate object
$PfxCert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $PfxCertPath, $PfxCertPassword, 20
# import it
Set-SPSecurityTokenServiceConfig -ImportSigningCertificate $PfxCert
Type Yes when prompted with the following message.
You are about to change the signing certificate for the Security Token Service. Changing the certificate to an invalid, inaccessible or non-existent certificate will cause your SharePoint installation to stop functioning. Refer
to the following article for instructions on how to change this certificate: http://go.microsoft.com/fwlink/?LinkID=178475. Are you
sure, you want to continue?
Restart IIS so STS picks up the new certificate.
& iisreset
& net stop SPTimerV4
& net start SPTimerV4
Now validate the certificate replacement by running several PowerShell commands and compare their outputs.
# set the cerficates paths and password
$PfxCertPath = "c:\[certificate name].pfx"
$PfxCertPassword = "[password]"
# get the encrypted pfx certificate object
New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $PfxCertPath, $PfxCertPassword, 20
# compare the output above with this output
(Get-SPSecurityTokenServiceConfig).LocalLoginProvider.SigningCertificate
[/code]
## Establish the server to server trust
[code lang="ps"]
if(-not (Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue)){Add-PSSnapin "Microsoft.SharePoint.PowerShell"}
Import-Module MSOnline
Import-Module MSOnlineExtended
# set the cerficates paths and password
$PfxCertPath = "c:\[certificate name].pfx"
$PfxCertPassword = "[password]"
$X64CertPath = "c:\[certificate name].cer"
# set the onpremise domain that you added to Office 365
$SPCN = "sharepoint.domain.com"
# your onpremise SharePoint site url
$SPSite="http://sharepoint"
# don't change this value
$SPOAppID="00000003-0000-0ff1-ce00-000000000000"
# get the encrypted pfx certificate object
$PfxCert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $PfxCertPath, $PfxCertPassword, 20
# get the raw data
$PfxCertBin = $PfxCert.GetRawCertData()
# create a new certificate object
$X64Cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
# import the base 64 encoded certificate
$X64Cert.Import($X64CertPath)
# get the raw data
$X64CertBin = $X64Cert.GetRawCertData()
# save base 64 string in variable
$CredValue = [System.Convert]::ToBase64String($X64CertBin)
# connect to office 3656
Connect-MsolService
# register the on-premise STS as service principal in Office 365
# add a new service principal
New-MsolServicePrincipalCredential -AppPrincipalId $SPOAppID -Type asymmetric -Usage Verify -Value $CredValue
$MsolServicePrincipal = Get-MsolServicePrincipal -AppPrincipalId $SPOAppID
$SPServicePrincipalNames = $MsolServicePrincipal.ServicePrincipalNames
$SPServicePrincipalNames.Add("$SPOAppID/$SPCN")
Set-MsolServicePrincipal -AppPrincipalId $SPOAppID -ServicePrincipalNames $SPServicePrincipalNames
# get the online name identifier
$MsolCompanyInformationID = (Get-MsolCompanyInformation).ObjectID
$MsolServicePrincipalID = (Get-MsolServicePrincipal -ServicePrincipalName $SPOAppID).ObjectID
$MsolNameIdentifier = "$MsolServicePrincipalID@$MsolCompanyInformationID"
# establish the trust from on-premise with ACS (Azure Control Service)
# add a new authenticatio realm
$SPSite = Get-SPSite $SPSite
$SPAppPrincipal = Register-SPAppPrincipal -site $SPSite.rootweb -nameIdentifier $MsolNameIdentifier -displayName "SharePoint Online"
Set-SPAuthenticationRealm -realm $MsolServicePrincipalID
# register the ACS application proxy and token issuer
New-SPAzureAccessControlServiceApplicationProxy -Name "ACS" -MetadataServiceEndpointUri "https://accounts.accesscontrol.windows.net/metadata/json/1/" -DefaultProxyGroup
New-SPTrustedSecurityTokenIssuer -MetadataEndpoint "https://accounts.accesscontrol.windows.net/metadata/json/1/" -IsTrustBroker -Name "ACS"
Add a new result source
To get search results from SharePoint Online we have to add a new result source. Run the following script in a PowerShell ISE session on your SharePoint 2013 on-premise server. Don't forget to update the settings region
if(-not (Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue)){Add-PSSnapin "Microsoft.SharePoint.PowerShell"}
# region settings
$RemoteSharePointUrl = "http://[example].sharepoint.com"
$ResultSourceName = "SharePoint Online"
$QueryTransform = "{searchTerms}"
$Provier = "SharePoint-Remoteanbieter"
# region settings end
$SPEnterpriseSearchServiceApplication = Get-SPEnterpriseSearchServiceApplication
$FederationManager = New-Object Microsoft.Office.Server.Search.Administration.Query.FederationManager($SPEnterpriseSearchServiceApplication)
$SPEnterpriseSearchOwner = Get-SPEnterpriseSearchOwner -Level Ssa
$ResultSource = $FederationManager.GetSourceByName($ResultSourceName, $SPEnterpriseSearchOwner)
if(!$ResultSource){
Write-Host "Result source does not exist. Creating..."
$ResultSource = $FederationManager.CreateSource($SPEnterpriseSearchOwner)
$ResultSource.Name = $ResultSourceName
$ResultSource.ProviderId = $FederationManager.ListProviders()[$Provier].Id
$ResultSource.ConnectionUrlTemplate = $RemoteSharePointUrl
$ResultSource.CreateQueryTransform($QueryTransform)
$ResultSource.Commit()
Add a new query rule
In the Search Administration click on Query Rules
Select Local SharePoint as Result Source
Click New Query Rule
Enter a Rule name f.g. Search results from SharePoint Online
Expand the Context section
Under Query is performed on these sources click on Add Source
Select your SharePoint Online result source
In the Query Conditions section click on Remove Condition
In the Actions section click on Add Result Block
As title enter Results for "{subjectTerms}" from SharePoint Online
In the Search this Source dropdown select your SharePoint Online result source
Select 3 in the Items dropdown
Expand the Settings section and select "More" link goes to the following URL
In the box below enter this Url https://[example].sharepoint.com/search/pages/results.aspx?k={subjectTerms}
Select This block is always shown above core results and click the OK button
Save the new query ruleHi Janik,
According to your description, my understanding is that you want to display hybrid search results in SharePoint Server 2013.
For achieving your demand, please have a look at the article:
http://technet.microsoft.com/en-us/library/dn197173(v=office.15).aspx
If you are using single sign-on (SSO) authentication, it is important to test hybrid Search functionality by using federated user accounts. Native Office 365 user accounts and Active Directory Domain Services
(AD DS) accounts that are not federated are not recognized by both directory services. Therefore, they cannot authenticate using SSO, and cannot be granted permissions to resources in both deployments. For more information, see Accounts
needed for hybrid configuration and testing.
Best Regards,
Eric
Eric Tao
TechNet Community Support -
**want to create a user account from "Crypted Password" to "Open Directory"
I have create a user account with "user password type: Crypted Password"
is there any way I can script it to "user password type: open directory"
I've use perl-ldap to create user account but I don't know how to change user password type to open directory,
because my script will add a new node in the directory, I just need a way to make the "user password type" to "Open Directory" AT CREATION TIME, not modifing it after a have a user account, the script below will generate a node in the directory with "Crypted Password" as User Password Type,
is there any attribute I need to add to make it "Open Directory" or perl command, applescript, bash, objective c(hopefully not)....
thank for reading...
$res = $c->add(dn => 'uid=testing,cn=users,dc=microsoft,dc=info',
attr => [
'cn' => 'testing',
'gidNumber' => '20',
'homeDirectory' => '99',
'objectclass' => 'inetOrgPerson', 'posixAccount', 'shadowAccount', 'apple-user', 'extensibleObject','organizationalPerson','top','person',
'sn' => 'testing',
'uid' => 'testing',
'uidNumber' => '5000',
1. 'apple-generateduid' => '27318931-B341-4364-91B4-84E4AAAD1234', #026F",
'givenName' => 'testing',
1. 'loginShell' => '/bin/bash',
'userPassword' => 'testing' ,
1. 'homePhone' => '555-2020',
2. 'mail' => '[email protected]'
die "unable to add, errorcode #".$res->code().$res->error if $res->code( );
thanksSince this question isn't Xserve specific a better place to get an answer is probably in the Directory Services forum: http://discussions.apple.com/forum.jspa?forumID=1353
That being said if you are trying to migrate Crypt accounts to OD accounts then the short answer is no. You need an unencrypted password to put the password into OD via a script do short of cracking the encrypted password, inserting it in plain text into the OD user account creation process then I don't think you can.
You should be able to dictate the password (and any other settings you can do from the GUI) but the password is the missing piece. Under really old OS X systems I actually suspect you can get passwords to export (hinted at by an Apple engineer I discussed this with) but there is probably a faster and more straightforward solution.
What I have done is export from NetInfo, clean the accounts via script and then reimport the accounts into the new system. I usually assign a password and dictate "Must change password at next login" and then email people the temporary passwords. It's been a while but I believe you can mass select and then dictate password settings so if that works for you create accounts with all the same password and then you can select by group and make changes - eg Must change password at login.
Good luck,
=Tod -
i use migrate assistant to move files from my old pc to the new Mac , but it creates the user account. How can i delete the unwanted user account.
Welcome to Apple Support Communities
That's the classic behaviour after using Migration Assistant and that's normal.
To transfer the data from the new user account to your old user account, you can follow some steps. Here is all the information you need to do this > https://discussions.apple.com/docs/DOC-5472 -
Hi,
I have a setup ISE 1.1.1. Users are getting authenticate against AD. Everything is working fine except some users report disconnection. I see in the ISE that (Authentication failed: 24415 User authentication against Active Directory failed since user's account is locked out). Users are using Windows 7 OS.
Error is enclosed & here is the port configuration.
Port Configuration.
interface GigabitEthernet0/2
switchport access vlan 120
switchport mode access
switchport voice vlan 121
authentication event fail action next-method
authentication event server dead action reinitialize vlan 120
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication order mab dot1x
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
mab
dot1x pae authenticator
dot1x timeout tx-period 60
spanning-tree portfast
ip dhcp snooping limit rate 30 interface GigabitEthernet0/2
switchport access vlan 120
switchport mode access
switchport voice vlan 121
authentication event fail action next-method
authentication event server dead action reinitialize vlan 120
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication order mab dot1x
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
mab
dot1x pae authenticator
dot1x timeout tx-period 60
spanning-tree portfast
ip dhcp snooping limit rate 30
Please help.The error message means that Active Directory server Reject the authentication attempt
as for some reasons the user account got locked.I guess, You should ask your AD Team to check in the AD
Event Logs why did the user account got locked.
Under Even Viewers, You can find it out
Regards
Minakshi (Do rate the helpful posts) -
Create Oracle USER Account from Third Party System
Hi there
We have requirment to create Oracle USER Account through third party system.
How can we achive this?
I know ORacle Provide FND_USER_PKG.CREATEUSER API to create user
Is there any special thing we have to do to create Oracle USER from another system?
Thanks
ASIMHi,
Is there any special thing we have to do to create Oracle USER from another system?I believe you need to check the third party manual or contact the vendor for other considerations when creating user accounts from this system.
For FND_USER_PKG, please see the links referenced in this thread.
change password of EBS user
Re: change password of EBS user
Regards,
Hussein -
Search for specific user in an Active Directory group
Hello,
I have an OU containing a number of Groups. Each group contains a number of members.
I'm currently retrieving the entire list of members from each group by searching for the members attrib for each group. This is not an ideal approach as the query execute time is a bit too long.
from what I can tell, the group class is group (opposed to a groupofuniquenames). Is there a way to query for the specific member?
ThanksThanks for the reply.
I have read the first post you gave, but not the second. I'm off to read that now.
My main concern is that I don't have access to the DN of the user in the member attrib. I have access to their CN and uid (which is indexed). From what I can recall from when I last updated this code, I couldn't create a wildcard search filter e.g.,:
(&(cn=All Scientists)(objectClass=Group)(member=CN=Albert Einstein*))
If that's correct and I require a DN, is there any way around this?
I was interested in the posixGroup and groupOfUniqueNames classes. I wasn't aware that these were available through Active Directory, but I see them listed in the AD schema (http://msdn.microsoft.com/en-us/library/ms683908(VS.85).aspx).
If I'm correct, posixGroup would allow for a filter of (&(cn=All Scientists)(objectClass=posixGroup)(memberUid=AEinstein))
I'm not sure how typical it is to use the posixGroup class in AD and I'll have to check with my AD team before moving forward with this. But I wanted to get some more direction/ideas before asking them to create some posixGroup objects for me.
I'm now going to go and read the second post you linked, but I wanted to put the rest of my details out there.
Thanks again. -
Reading Active directory from ECC 6.0
Hi All,
During triggering of a workflow, to determine the manager of initiator of work flow we are trying to get the manager details from Active directory(we don't have HR org data).
Precisely the requirement is using the SAP User id, read the active directory information for the same user and determine the manager user id in Active Directory.
Does any body came across such situation? Are there any specific RFC enabled function modules which provides the require data?
Your response will be highly appreciated.
Regards,
Nanda.Hi Nanda,
Yes it is possible, Lots of steps involved though..
First you need have the LDAP connector ativated in R/3.
1) Create RFC destinatino of type T with the active directory server name . ( Contact Basis )
2) Do the necessary configuration in transaction transaction LDAP in R/3.
But before you do that you need to ask your active directory folks the following details.
--> Ask them to create a userid and pwd in active directory which you can use for your configuration.
--> Ask them for distinguished Name
--> Ask them for Base entry
--> Ask them for the correct port number.
configure all as per the doucment which Karthikeya has given.
3) use the following FMs in your program
LDAP_SYSTEMBIND
LDAP_SEARCH
here you will be passing your serach string
which will return the person's manager.
LDAP_UNBIND
ofcourse based on SAP ID you have get this email id and then
Thanks,
Krishna -
Creating another User Account Issues
Hello-
I recently created another user account because of of corruption issues and need to have the same functionality in the new user profile. I transferred all the old user profile data to the new user profile as per instructions posted here:
Locate the C:\Users\Old_Username folder, where C is the drive that Windows is installed on, and Old_Username is the name of the profile
you want to copy files from.
Select all of the files and folders in this folder, except the following files:
Ntuser.dat
Ntuser.dat.log
Ntuser.ini
Click the Edit menu, and then click Copy.
If you don't see the Edit menu, press Alt.
Locate the C:\Users\New_Username folder, where C is the drive that Windows is installed on, and New_Username is the name of the new
user profile you created.
Click the Edit menu, and then click Paste.
If you don't see the Edit menu, press Alt.
Log off, and then log back on as the new user.
After doing this I have noticed some programs not launching the same with missing info. For example TeamSpeak3 launches but opens as a new user with none of my saved bookmark profiles even though they are listed in the directory file. To me
it has to be a permissions thing or User data transfer issue, because I have the user data in the old user app data file but none in the new user app data.
I am the only user of this computer so there is no user issues with other people and would like full functionality. Thanks in advance.@ Kate Li thanks for responding and yes I did follow the instructions in the folder options to unhide and show all the files I didn't copy>paste that portion just to save room on the post. The link is the same as the one I used:
Click the View tab, and then click Show
hidden files, folders, and drives.
Clear the Hide protected operating system files check box, click Yes to
confirm, and then click OK.
One mistake I did make was to copy>paste the shortcuts when I know now to just create them from the program directory (send to desktop) context.
Would you happen to have a link explaining how to go about transferring or importing registry files? -
Creating second user account on TC. No separate folder and security issues
Hi,
I've had my TC for some time, and after some start-up triuble all is working very nicely now.
That is, until I wanted to set up the TC for my girlfriends backups too. On my mac, i created a user account for the TC, and i see two folders when i connect to the TC: "Timecapsule" and "MyAccountName". Now when i did the same on the other Macbook, i get only the "Timecapsule" account, not a folder (or sharepoint) with her account name. Also, I saw that as the sparsebundle files are on the 'main' sharepoint, it is possible to access both from both computers, wierd.
Any thoughts on how I can use 1 TC for 2 computers with 2 sharepoints for both?
So, on my own computer i would have a general folder and a personal folder, on the other the same...
Help much appreciated!To clarify: When i connect to the TC, i mount two volumes, but on the other Macbook, I only get the main volume, not the specific user volume.
Maybe you are looking for
-
Nokia Lumia 1520 Overheating & Battery Drain after...
Hello, I've been experiencing an intermintent problem with my Nokia Lumia 1520 (AT&T, 16GB model) where my phone overheats and the battery drains. The problem started after I upgraded to Windows Phone 8.1 and Lumia Cyan. As of now I haven't figured o
-
MultiLineCellRenderer (TableCellRenderer) not working in 1.4
I have the following custom TableCellRenderer I use to display a multi-line cell in a JTable. The row height is suppose to adjust itself automatically so that all the text is visible. This worked perfectly fine in 1.3. In 1.3, the JTextArea was given
-
I have a query written using COUNT in sql to return the total number of rows in a table. This works fine in query analyser but when I try and run the same report in CF I cannot get it to return just the total as opposed to all the rows. I am not sure
-
Blackberry Bold 9700 won't Connect to Desktop
Everytime I connect my BB Bold to my PC in an attempt to back it up using the Blackberry Desktop software, it never actually connects. I have the latest version of the software on my pc...has this happeed to anyone?
-
6680 update - backup/restore fails
Hi, after updating firmware from 2.x to 4.x with Nokia software, I cannot restore my old backup correctly. After restore with ContentCopy, the screen does not show the menu entries and the systems settings cannot be called. Any help appreciated! Than