Multiple LDAP Servers and Attribute-Based Data Partitioning
Hello
We currently want to implement following szenario on Netweaver 2004s. From the
following SAP Help documentation we want attribute based data partitioning:
http://help.sap.com/saphelp_nw70/helpdata/EN/4e/4d0d40c04af72ee10000000a1550b0/frameset.htm
The difference to the SAP document is that we want a distribution of attributes over
multiple LDAP servers. So we tried to fit that concept into xml. see attached xml source.
The Portal finds both LDAP Systems but it is NOT that the useres are beeing merged
but they appear as two distict users in the portal UME. If you do a lookup in the portal
usernamagent system you get and see two users.
User1: unique ID = USER.Datasource1.uid
User2: unique ID = USER.Datasource2.uid
Obviously the UME system was not able to merge that information of the two distict
LDAP Systems. MSADS and Lotus Notes.
Hence my questions:
1) is it possible to distribute attributes over multiple ldap data sources
2) any ideas why UME constructs two different users based in Datasource ID's specified in XML
Thanks for any contributions or ideas,
Ulrich Scherb
<?xml version="1.0" encoding="UTF-8"?>
<dataSources>
<dataSource id="PRIVATE_DATASOURCE"
className="com.sap.security.core.persistence.datasource.imp.DataBasePersistence"
isReadonly="false"
isPrimary="true">
<homeFor>
<principals>
<principal type="group"/>
<principal type="user"/>
<principal type="account"/>
<principal type="team"/>
<principal type="ROOT" />
<principal type="OOOO" />
</principals>
</homeFor>
<notHomeFor/>
<responsibleFor>
<principals>
<principal type="group"/>
<principal type="user"/>
<principal type="account"/>
<principal type="team"/>
<principal type="ROOT" />
<principal type="OOOO" />
</principals>
</responsibleFor>
<privateSection>
</privateSection>
</dataSource>
<dataSource id="NOTES_LDAP"
className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence"
isReadonly="true"
isPrimary="true">
<homeFor/>
<responsibleFor>
<principal type="account">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="j_user"/>
<attribute name="logonalias"/>
<attribute name="j_password"/>
<attribute name="userid"/>
</nameSpace>
<nameSpace name="com.sap.security.core.authentication">
<attribute name="principal"/>
</nameSpace>
</principal>
<principal type="user">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="firstname" populateInitially="true"/>
<attribute name="lastname" populateInitially="true"/>
<attribute name="email"/>
<attribute name="uniquename" populateInitially="true"/>
</nameSpace>
<nameSpace name="$usermapping$">
<attribute name="REFERENCE_SYSTEM_USER"/>
</nameSpace>
</principal>
</responsibleFor>
<attributeMapping>
<principal type="account">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="j_user">
<physicalAttribute name="uid"/>
</attribute>
<attribute name="logonalias">
<physicalAttribute name="uid"/>
</attribute>
<attribute name="j_password">
<physicalAttribute name="unicodepwd"/>
</attribute>
<attribute name="userid">
<physicalAttribute name="*null*"/>
</attribute>
</nameSpace>
<nameSpace name="com.sap.security.core.authentication">
<attribute name="principal">
<physicalAttribute name="uid"/>
</attribute>
</nameSpace>
</principal>
<principal type="user">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="firstname">
<physicalAttribute name="givenname"/>
</attribute>
<attribute name="lastname">
<physicalAttribute name="sn"/>
</attribute>
<attribute name="uniquename">
<physicalAttribute name="uid"/>
</attribute>
<attribute name="loginid">
<physicalAttribute name="*null*"/>
</attribute>
<attribute name="email">
<physicalAttribute name="mail"/>
</attribute>
</nameSpace>
<nameSpace name="$usermapping$">
<attribute name="REFERENCE_SYSTEM_USER">
<physicalAttribute name="sapusername"/>
</attribute>
</nameSpace>
</principal>
</attributeMapping>
<privateSection>
<ume.ldap.access.server_type>MSADS</ume.ldap.access.server_type>
<ume.ldap.access.server_name>ldap1</ume.ldap.access.server_name>
<ume.ldap.access.server_port>389</ume.ldap.access.server_port>
<ume.ldap.access.authentication>simple</ume.ldap.access.authentication>
<ume.ldap.access.user>xxxxx</ume.ldap.access.user>
<ume.ldap.access.password>xxxxx</ume.ldap.access.password>
<ume.ldap.access.base_path.user>O=SMT_TEST</ume.ldap.access.base_path.user>
<ume.ldap.record_access>TRUE</ume.ldap.record_access>
<ume.ldap.unique_uacc_attribute>uid</ume.ldap.unique_uacc_attribute>
<ume.ldap.unique_user_attribute>uid</ume.ldap.unique_user_attribute>
<ume.ldap.access.context_factory>com.sun.jndi.ldap.LdapCtxFactory</ume.ldap.access.context_factory>
<ume.ldap.access.user_as_account>true</ume.ldap.access.user_as_account>
<ume.ldap.access.ssl_socket_factory>com.sap.security.core.server.https.SecureConnectionFactory</ume.ldap.access.ssl_socket_factory>
<ume.ldap.access.objectclass.user>person</ume.ldap.access.objectclass.user>
<ume.ldap.access.objectclass.uacc>person</ume.ldap.access.objectclass.uacc>
<ume.ldap.access.naming_attribute.user>cn</ume.ldap.access.naming_attribute.user>
<ume.ldap.access.auxiliary_naming_attribute.user>uid</ume.ldap.access.auxiliary_naming_attribute.user>
<ume.ldap.access.naming_attribute.uacc>cn</ume.ldap.access.naming_attribute.uacc>
<ume.ldap.access.auxiliary_naming_attribute.uacc>uid</ume.ldap.access.auxiliary_naming_attribute.uacc>
</privateSection>
</dataSource>
<dataSource id="CORP_LDAP"
className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence"
isReadonly="true"
isPrimary="true">
<homeFor/>
<responsibleFor>
<principal type="account">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="j_user"/>
<attribute name="logonalias"/>
<attribute name="j_password"/>
<attribute name="userid"/>
</nameSpace>
<nameSpace name="com.sap.security.core.authentication">
<attribute name="principal"/>
<attribute name="realm"/>
<attribute name="domain"/>
</nameSpace>
</principal>
<principal type="user">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="firstname" populateInitially="true"/>
<attribute name="displayname" populateInitially="true"/>
<attribute name="lastname" populateInitially="true"/>
<attribute name="fax"/>
<attribute name="title"/>
<attribute name="department"/>
<attribute name="description"/>
<attribute name="mobile"/>
<attribute name="telephone"/>
<attribute name="streetaddress"/>
<attribute name="uniquename" populateInitially="true"/>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE"/>
</nameSpace>
<nameSpace name="$usermapping$">
<attribute name="REFERENCE_SYSTEM_USER"/>
</nameSpace>
</principal>
<principal type="group">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="displayname" populateInitially="true"/>
<attribute name="description" populateInitially="true"/>
<attribute name="uniquename"/>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attribute name="PRINCIPAL_RELATION_MEMBER_ATTRIBUTE"/>
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE"/>
</nameSpace>
<nameSpace name="com.sap.security.core.bridge">
<attribute name="dn"/>
</nameSpace>
</principal>
</responsibleFor>
<attributeMapping>
<principal type="account">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="j_user">
<physicalAttribute name="samaccountname"/>
</attribute>
<attribute name="logonalias">
<physicalAttribute name="samaccountname"/>
</attribute>
<attribute name="j_password">
<physicalAttribute name="unicodepwd"/>
</attribute>
<attribute name="userid">
<physicalAttribute name="*null*"/>
</attribute>
</nameSpace>
<nameSpace name="com.sap.security.core.authentication">
<attribute name="principal">
<physicalAttribute name="samaccountname"/>
</attribute>
<attribute name="realm">
<physicalAttribute name="*null*"/>
</attribute>
<attribute name="domain">
<physicalAttribute name="*null*"/>
</attribute>
</nameSpace>
</principal>
<principal type="user">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="firstname">
<physicalAttribute name="givenname"/>
</attribute>
<attribute name="displayname">
<physicalAttribute name="displayname"/>
</attribute>
<attribute name="lastname">
<physicalAttribute name="sn"/>
</attribute>
<attribute name="fax">
<physicalAttribute name="facsimiletelephonenumber"/>
</attribute>
<attribute name="uniquename">
<physicalAttribute name="samaccountname"/>
</attribute>
<attribute name="loginid">
<physicalAttribute name="*null*"/>
</attribute>
<attribute name="mobile">
<physicalAttribute name="mobile"/>
</attribute>
<attribute name="telephone">
<physicalAttribute name="telephonenumber"/>
</attribute>
<attribute name="department">
<physicalAttribute name="ou"/>
</attribute>
<attribute name="description">
<physicalAttribute name="description"/>
</attribute>
<attribute name="streetaddress">
<physicalAttribute name="postaladdress"/>
</attribute>
<attribute name="pobox">
<physicalAttribute name="postofficebox"/>
</attribute>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE">
<physicalAttribute name="memberof"/>
</attribute>
</nameSpace>
<nameSpace name="$usermapping$">
<attribute name="REFERENCE_SYSTEM_USER">
<physicalAttribute name="sapusername"/>
</attribute>
</nameSpace>
</principal>
<principal type="group">
<nameSpace name="com.sap.security.core.usermanagement">
<attribute name="displayname">
<physicalAttribute name="displayname"/>
</attribute>
<attribute name="description">
<physicalAttribute name="description"/>
</attribute>
<attribute name="uniquename" populateInitially="true">
<physicalAttribute name="cn"/>
</attribute>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attribute name="PRINCIPAL_RELATION_MEMBER_ATTRIBUTE">
<physicalAttribute name="member"/>
</attribute>
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE">
<physicalAttribute name="memberof"/>
</attribute>
</nameSpace>
<nameSpace name="com.sap.security.core.bridge">
<attribute name="dn">
<physicalAttribute name="*null*"/>
</attribute>
</nameSpace>
</principal>
</attributeMapping>
<privateSection>
<ume.ldap.access.server_type>MSADS</ume.ldap.access.server_type>
<ume.ldap.access.server_name>ldap2</ume.ldap.access.server_name>
<ume.ldap.access.server_port>389</ume.ldap.access.server_port>
<ume.ldap.access.authentication>simple</ume.ldap.access.authentication>
<ume.ldap.access.user>yyyyy</ume.ldap.access.user>
<ume.ldap.access.password>yyyyy</ume.ldap.access.password>
<ume.ldap.access.base_path.user>O=SMT_TEST</ume.ldap.access.base_path.user>
<ume.ldap.access.base_path.grup>O=SMT_TEST</ume.ldap.access.base_path.grup>
<ume.ldap.record_access>TRUE</ume.ldap.record_access>
<ume.ldap.unique_uacc_attribute>samaccountname</ume.ldap.unique_uacc_attribute>
<ume.ldap.unique_user_attribute>samaccountname</ume.ldap.unique_user_attribute>
<ume.ldap.access.context_factory>com.sun.jndi.ldap.LdapCtxFactory</ume.ldap.access.context_factory>
<ume.ldap.access.authentication>simple</ume.ldap.access.authentication>
<ume.ldap.access.flat_group_hierachy>true</ume.ldap.access.flat_group_hierachy>
<ume.ldap.access.user_as_account>true</ume.ldap.access.user_as_account>
<ume.ldap.access.dynamic_groups>false</ume.ldap.access.dynamic_groups>
<ume.ldap.access.ssl_socket_factory>com.sap.security.core.server.https.SecureConnectionFactory</ume.ldap.access.ssl_socket_factory>
<ume.ldap.access.objectclass.user>User</ume.ldap.access.objectclass.user>
<ume.ldap.access.objectclass.uacc>User</ume.ldap.access.objectclass.uacc>
<ume.ldap.access.objectclass.grup>Group</ume.ldap.access.objectclass.grup>
<ume.ldap.access.naming_attribute.user>cn</ume.ldap.access.naming_attribute.user>
<ume.ldap.access.auxiliary_naming_attribute.user>samaccountname</ume.ldap.access.auxiliary_naming_attribute.user>
<ume.ldap.access.naming_attribute.uacc>cn</ume.ldap.access.naming_attribute.uacc>
<ume.ldap.access.auxiliary_naming_attribute.uacc>samaccountname</ume.ldap.access.auxiliary_naming_attribute.uacc>
<ume.ldap.access.naming_attribute.grup>cn</ume.ldap.access.naming_attribute.grup>
</privateSection>
</dataSource>
</dataSources>
Hi Ulrich,
Hope your problem is resolved. We are using EP7 and SP18. We are doing some study on your first issue. i.e. Distributing a user attribute into multiple LDAPs. Can you please let me know the feasibility? If yes, what are all step do I have to follow? Expecting your valuable answer. Thanks in advance!
Regards,
Kabali
Similar Messages
-
Cisco ACS 5.2 authentication against multiple LDAP servers
Hi Folks,
I have a wireless network that uses ACS 5.2 to handle authentication. The ACS is integrated with an Active Directory LDAP server (my_ldap) and is working correctly at the moment. The authentication flow looks like this:
- User tries to associate to WLAN
- Authentication request is sent to ACS
- Service selection rule chooses an access-policy (wireless_access_policy)
- wireless_access_policy is configured to use my_ldap as identity source.
A sister company is about to move into our offices, and will need access to the same WLAN. Users in the sister company are members of a separate AD domain (sister_company_ldap). I would like to modify the wireless_access_policy so that when it receives an authentication request it will query both my_ldap and sister_company_ldap, and return a passed authentication if either attempt is successful. Is this possible?Assuming you're already authenticating using your AD binding and AD1 as your identity source, you can add a further LDAP server as another identity source and add this to your identity store sequence in your access policy to authenticate against both.
You can also add multiple LDAP servers and add them both to the identity store sequence (if you're not using AD1). -
Multiple LDAP servers on single System
hi,
Would like to know if its a good idea to have multiple LDAP servers running on a single System (Hardware) ..
100,000 user base
We would like to run the old and new LDAP databases on the same server till we phase out the old LDAP database after migrating all applications..
System:
2 x V880 4CPU 8GB RAM --multi-master configuration
4 x V420R 4CPU 8GB RAM -- read only replicasShouldnt be an issue - thats not a particularly large user base and thats some heft y HW. Keep in mind though that they will be on different ports so any software you migrate may eventually need tweaking to the default port when the new takes over.
-
LDAP Authentication Scheme - Multiple LDAP Servers?
How to set up ldap authentication so that multiple ldap servers are available? Scenario: ldap service is replicated through several servers, but does not sit behind a common dns/reverse proxy connection, so applications would list each ldap server and attempt to contact each in order if one or more ldap servers is unreachable.
How to set up ldap authentication so that multiple ldap servers are available? Scenario: ldap service is replicated through several servers, but does not sit behind a common dns/reverse proxy connection, so applications would list each ldap server and attempt to contact each in order if one or more ldap servers is unreachable.
-
Multiple LDAP Servers in Fusion Middleware (OBIEE 11g)
Hello,
I have a question, regarding integration of multiple LDAP servers with single Weblogic Server of Fusion Middleware (OBIEE 11g). We are currently using OBIEE 10g. We are on verge of migrating to 11g. However, I have a question regarding the LDAP server.
Our two applications run on two distinct LDAP servers. The plan is to provide a single sign on link for OBIEE 11g reports to the end users and depending on what application they are using, they must be authenticated against the respective LDAP server.
So, my question, is it possible to Integrate two different LDAP servers in the Weblogic of Fusion Middleware (OBIEE 11g). If so, what would be the steps. Any helpful document will also be appreciated.
Thank you,
Chandu.Yes, you can configure multiple authentication providers one by one as you generally do.
When you configure multiple Authentication providers, use the JAAS Control Flag for each provider to control how the Authentication providers are used in the login sequence. You can set the JAAS Control Flag in the WebLogic Administration Console.
REQUIRED—The Authentication provider is always called, and the user must always pass its authentication test. If authentication succeeds or fails, authentication still continues down the list of providers.
REQUISITE—The user is required to pass the authentication test of the Authentication provider. If the user passes the authentication test of this Authentication provider, subsequent providers are executed but can fail (except for Authentication providers with the JAAS Control Flag set to REQUIRED).
SUFFICIENT—The user is not required to pass the authentication test of the Authentication provider. If authentication succeeds, no subsequent Authentication providers are executed. If authentication fails, authentication continues down the list of providers.
OPTIONAL—The user is allowed to pass or fail the authentication test of this Authentication provider. However, if all Authentication providers configured in a security realm have the JAAS Control Flag set to OPTIONAL, the user must pass the authentication test of one of the configured providers.
refer - http://docs.oracle.com/cd/E13222_01/wls/docs92/secmanage/atn.html
Regards
Mukesh Negi
http://weblogicserveradministration.blogspot.in/ -
Integrating BIP with multiple LDAP servers
Hi,
my question is very simple. In Admin->Security Configuration->Security Model section i've setted Security model combobox with LDAP value. Then i've filled all LDAP information field (for example:URL). All works. But in my rpd i 've multiple LDAP servers (multiple URL) and in the form i can insert information about only one LDAP server.
Is it possible configure BIP with multiple LDAP servers?
Thanks
Giancarlo
P.S. I'm using OBIEE 10gHi,
my question is very simple. In Admin->Security Configuration->Security Model section i've setted Security model combobox with LDAP value. Then i've filled all LDAP information field (for example:URL). All works. But in my rpd i 've multiple LDAP servers (multiple URL) and in the form i can insert information about only one LDAP server.
Is it possible configure BIP with multiple LDAP servers?
Thanks
Giancarlo
P.S. I'm using OBIEE 10g -
Hello Forum,
We have a SharePoint 2013 farm (Enterprise edition) that uses one single SQL Server 2012 (Standard edition). That statement means: All my SharePoint DBs e.g. (Config, Admin, Content, and Service Apps) DBs are hosted and running onto one single instance e.g.
Server1\SQLInstance1.
We have some new requirements to install and configure BI tools such as: PerformancePoint services and PowerPivot. BI tools require either SQL Server 2012 Enterprise or BI editions, and we do NOT want to upgrade our current SQL Server1\SQLInstance1
Instead, We have other separate SQL Server instance which is enterprise edition let's name it (ServerX\InstanceX) that is running standalone, and we are thinking or using it, and my 2 questions are:
1) Can we use this other separate
SQL Server instance which is enterprise edition to host the create and hosts the DBs of PerformancePoint services and PowerPivot ?
2) My second question is the same: Can I create PerformancePoint services application in my SharePoint farm, But in the Database Server field, I fill up
the details of the other DB server ServerX\InstanceX which is the one that is SQL
enterprise edition ? Will this work ?
Any official Microsoft resources/links tell that it is possible to deploy SharePoint or its service applications on multiple DB-Servers and multiple SQL Instances?Thank you Alex and Anil,
What are the ramifications of that?
I mean, Assuming that I have created such a farm where most of SarePoint DBs in Standard SQL instance while the PerformancePoint service application and others e.g. PowerPivot and reporting service are deployed and configured onto other Enterprise SQL instance.
Are there any recommendations or concerns that you would like to draw my attention to ? -
Is it possible to configure and use two or more LDAP servers to authenticate OBIEE users? We have users with logins in two different domains that need to log in to our OBI servers.
Yes, It is.
Just list out all the LDAP servers with domain identifiers.
then In your authentication initialization block add all the LDAP servers. So the BI Server will authenticate against each server until it finds a match. or based on domain identifier it will go to the correspondent LDAP server.
- Madan -
How to configure sendmail to use multiple LDAP servers ?
Hi everybody!
I have a sendmail running on Solaris 10 and a LDAP server(192.168.1.9) also running Solaris 10 OS. I have configured the sendmail the following way:
bash-3.00# ldapclient list
NS_LDAP_FILE_VERSION= 2.0
NS_LDAP_BINDDN= cn=proxyagent,ou=profile,dc=email,dc=reso,dc=ru
NS_LDAP_BINDPASSWD= {NS1}*********************
NS_LDAP_SERVERS= 192.168.1.9
NS_LDAP_SEARCH_BASEDN= dc=email,dc=domain,dc=ru
NS_LDAP_AUTH= simple
NS_LDAP_SEARCH_REF= FALSE
NS_LDAP_SEARCH_SCOPE= sub
NS_LDAP_SEARCH_TIME= 30
NS_LDAP_CACHETTL= 43200
NS_LDAP_PROFILE= default
NS_LDAP_CREDENTIAL_LEVEL= proxy
NS_LDAP_BIND_TIME= 10
I also have another LDAP server (IP 192.168.1.10). It is configured as a replicant of the 192.168.1.9 LDAP server.
The question is how can i configure sendmail to use both LDAP servers ?
The man pages explain how to configure ldapclient to use ONE server and what if want to use two or more? All the settings and the profiles the same.
Thanks in advance =))Hi!
To add LDAP servers to the Solaris ldapclient, you might use the ldapclient command:
ldapclient manual -v -a defaultServerList="servera.yourdomain.com serverb.yourdomain.com"
But this is only failover, AFAIK the Solaris ldapclient does not perform loadbalancing by itself.
But I am not sure about your sendmail programm. Normally, sendmail has its own configuration
and can be configured to use LDAP e.g. for aliases etc.
Regards!
Rainer -
SAP R/3 and JAVA based data base
hi,
I have two data base one is SAp r/3 and another is JAVA based.
i need to link one table from Sap r/3 and one from JAVA based data base.
using crystal reports how can i do this????
thankshi,
in Crystal reports go to data base expert in the pop up link JAVA based data base using JDBC and connect SAp r/3 using SAP.
You will be able to get SAp menue only if you are using crystal reports version 2008 or version 12.
Once the connection is established select the tables you require and rest remains same.
Thanks. -
Is it possible to build a data view or virtual data view from an attribute value?
For example we have a LDAP server which currently has a 'flat' DIT structure with everyone under ou=people.
Lets say application A wants to use the LDAP for user authentication and authorizations, but they only want to 'see' accounts that have access to application A. There is an attribute in each user entry that could be used to determine if the user is in fact associated with application A, but is it possible to build a data view from it? Changing the client side application is not an option in this scenario.
After reading the DS/DPS documentation I don't see how this would be possible, but maybe I'm missing something (I hope).
Thanks.
Edited by: rrumbaugh on May 20, 2009 1:51 PMFrom what I can see, this is not currently possible. It would be nice if we could change the filter before it goes to the DS, that way we could say this app's username gets this filter component added.
eg: App A binding with uid=A has (allowedapp=A) added to every filter before it reaches the DS. Or something like that. If you have a support contact, you could put in a word officially for an RFE to be included in the next version of DSEE (7.0, whenever it comes out) -
Multiple proxy servers and session replication
Hi,
I'm in the middle of testing the 5.1sp10 that I set up recently.
Say I have PROXY1 and PROXY2, connecting to the object layer.
First, I point my browser to https://PROXY1/application. I did some stuff there
that updated the session. Then I pointed my browser to https://PROXY2/application.
The session was not replicated. Is this a normal behavior?
What I thought I did was simulate DNS round-robin. I thought since the cookie
knows which is the master and slave servers, the proxy can read the cookie, and
I can continue with the session. Do I have to actually setup the DNS to do this?
Thanks.
No, that did not simulate a round robin. The change in server invalidates
(in this case, makes invisible) the cookie.
In your hosts file, add (with the correct names/addresses)
192.168.0.17 proxy1
192.168.0.18 proxy2
Peace,
Cameron Purdy
Tangosol Inc.
Tangosol Coherence: Clustered Coherent Cache for J2EE
Information at http://www.tangosol.com/
"Rudy" <[email protected]> wrote in message
news:3c152f6d$[email protected]..
>
> Hi,
>
> I'm in the middle of testing the 5.1sp10 that I set up recently.
>
> Say I have PROXY1 and PROXY2, connecting to the object layer.
> First, I point my browser to https://PROXY1/application. I did some stuff
there
> that updated the session. Then I pointed my browser to
https://PROXY2/application.
> The session was not replicated. Is this a normal behavior?
>
> What I thought I did was simulate DNS round-robin. I thought since the
cookie
> knows which is the master and slave servers, the proxy can read the
cookie, and
> I can continue with the session. Do I have to actually setup the DNS to
do this?
>
> Thanks.
-
Calendar Server with multiple LDAP servers
Can anybuddy tell me how calendar server shifts to failover (2nd) Directory Server when one fails ? What will be the parameter in ics.conf file ?
Thanx,
RehanCan anybuddy tell me how calendar server shifts to failover (2nd) Directory Server when one fails ? What will be the parameter in ics.conf file ?
Thanx,
Rehan -
Multiple LDAPS with same username!
Hi,
we have a case where we need to connect to multiple LDAP servers and configure SPNego for Kerberos authentication of portal. we have a problem in case of user names. some user names are same in both LDAPs. LDAPs are portal are positioned as (Landscape convension)
LDAP1: xxxx.yyyy
LDAP2: ssss.yyyy
Portal : pppp.gggg.yyyy
where as gggg.yyyy is a trusted domain for both xxxx.yyyy and ssss.yyyy.
we have login problem in same user case. (same user exist in xxxx.yyyy and ssss.yyyy). I haven't gone into details yet like logs and all troubleshooting stuff. Before doing all this just want to know your views whether I can do this or not. If I can achieve any suggentions how to proceed further?
Regards
RavindraHi,
Kerberose (Spnego) is possible with multiple ADS data sources. Check SAP Note 1007227 and the below link.
http://help.sap.com/saphelp_nw70/helpdata/en/45/40a320773a7527e10000000a114a6b/content.htm
Regards
Deb -
Question on installing Multiple Directory Servers
Hello All,
I seem to be having a problem installing multiple directory servers, and I was hoping that somebody could help me. Here is what I am trying to do:
I install DS 2005Q4 on HostA. I have it be the User/Group and Configuration Server. This install goes ok and I can use the administration server and console to manage the servers.
I then go to HostB and install DS 2005Q4 and tell it to use the configuration server on HOSTA. I use the the passwords for Admin and Directory Manager and tell it to store User/Group information. I also install the admistration server.
The problem is when I go to manage this second ldap server throught either administration server it tells me that I have insufficient rights. That is if I click on the configuration tab and try and look at anything.
The second adminsitration server can see and manage the DS on HOSTA fine, but not the DS on HostB. The same thing goes for the administration server on HostA. It can manage the DS on HostA but not the DS on HostB. It keeps saying insufficient rights.
The end goal is to setup these DS in multimaster replication and have the o=netscaperoot replicated to HostB.
I am sure I must be doing something stupid, but I have banged my head on the wall all week and I thought I would see if somebody had any suggestions.
The hardware is a pair of v210's with 4GB of memory and I am running Solaris 10 01/06 fully patched.
Thanks for any help,
Garyjust for completness, when you have installed the consumer, you have manually started the admin server up haven't you??? if not, do so!
also ensure that the host file holds the correct IP and host/host domain name.
ensure you can contact the config server from your consumer etc.
ensure you can connect to the consumer from the config server etc.
if using the GUI from a machine other than the config server, ie pc based. ensure connectivity and host look up is acheivable from the PC.
HTH
Maybe you are looking for
-
I had been upgraded to 10.6.8 awhile ago and have had this problem ongoing since then. My company IT guy is not all that helpful or pleasant. His repsonse to my issue is "I have never seen that before". I am unable to make lasting changes to softwa
-
"You can't open the application 'Adobe Flash CS4' because it is not supported on this architecture"
Hi: I purchased Adobe Design Premium Suite 4, and all of the other applications function properly except for Flash. I ran Disk Warrior and fixed all permissions, and rebuilt my directory. This is a new install. I have also tried re-installing Flash
-
I'm using Dreamweaver 8 building a coldfusion website. The content for the webpages are pulled from an MS Access database. I'm trying to add in a flash photo gallery to a few of the pages. If I put the flash code directly on the webpage it will dispa
-
Is there a way to track a stolen ipad
i am trying to track my missing ipad 2
-
Reading Infotype using HR_READ_INFOTYPE
Hi all, I Try to read infotype (pa0021) using HR_READ_INFOTYPE. Its getting fine. Im using Web Dynpro ABAP Interactive form. I want to insert some value in infotype pa0021, so i used HR_INFOTYPE_OPERATION. Data's are Inserting. The problem is if i pr