NAC SSO to Domain W2K8 & W2K3
Hi,
I am configuring SSO between CAS running at 4.8.1 ver and a MS Domain of two servers, a W2K8 R2 & a W2K3 Enterprise SP2.
The problem is I am getting error message in CAS Trace says "Unable to start server ... KDC has no support for encryption type (14). I did tried all possible encryptions in the KTpass; like +Desonly or encrypt ALL or leave encryption technique blank, but invain.
This problem wouldn't appear if I am binding the CAS to the W2K3 server, only.
Any advise how to get out of this loop.
Many thanks
Mike
Hi Mike,
Is the win 2k8 server running at 2003 functional level? If so, by default, 2003 functional level is not supported. You need to perform the below workaround for it to work at the windows 2003 functional level as per the below link:
http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/48/cas/s_adsso.html#wp1266896
For Windows 2008 Server at 2003 Server functional level:
ktpass -princ newadsso/[adserver.][email protected] -mapuser newadsso -pass
PasswordText -out c:\newadsso.keytab -ptype KRB5_NT_PRINCIPAL
Note Before performing the following step, Cisco strongly recommends making a backup copy of the CAS's /perfigo/access/tomcat/conf/krb.txt file.
After running the ktpass command above, manually modify two files on the CAS as follows:
–In the CAS CLI, navigate to /perfigo/access/tomcat/conf/krb.txt and add the following lines:
[libdefaults]
kdc_timeout = 20000
default_tkt_enctypes = RC4-HMAC
default_tgs_enctypes = RC4-HMAC
permitted_enctypes = RC4-HMAC
–Navigate to /perfigo/access/bin/starttomcat.
Search for CATALINA_OPTS.
Add -DKRB_OVERRIDE=true to the value of CATALINA_OPTS.
For example:
Old value: CATALINA_OPTS="-server ..."
New Value: CATALINA_OPTS="-server ... -DKRB_OVERRIDE=true"
–Restart the CAS by entering the service perfigo stop and service perfigo start commands.
P.S.: Please mark the question as answered, if it has been resolved. Do rate helpful posts. Thanks.
Similar Messages
-
NAC SSO in Windows 7 not Working
Hello,
I'm having problems with SSO process on workstations with Windows 7 and I need help to solve it.
ENVIRONMENT:
Clean Access Manager: 4.9.0
Clean Access Server: 4.9.0
Clean Access Agent: 4.9.0.33
Compliance Module: 3.4.27.1
Windows Domain : Windows 2003 Server Full Functional Level
Status of Active Directory SSO: Started
More Informations:
In Windows Domain Controller, i ran the follow command with no errors:
ktpass –princ NAC_USER/[email protected] -mapuser NAC_USER –pass mypass –out c:\nac_user.keytab –ptype KRB5_NT_PRINCIPAL
The file nac_user.keytab was created in c:\ of DC.
in Windows XP Workstations, SSO is working correctly
in Windows 7 workstations work when i manually enable DES in "Start > Control Panel > System and Security > Administrative Tools > Local Security Policy > Local Policies/Security > Options > Network security > Configure encryption types allowed"
I have many workstations running Windows 7 and can not do this manual procedure in all of them.
running tail -f /perfigo/access/tomcat/logs/nac_server.log command in CAS, i see the follow messages during an attempt to do SSO with unchanged Windows 7:
2012-03-09 11:45:21.231 +0100 RMI TCP Connection(481)-10.5.32.248 WARN com.perfigo.wlan.jmx.adsso.GSSServer - Server was not running ...
2012-03-09 11:45:21.231 +0100 RMI TCP Connection(481)-10.5.32.248 INFO com.perfigo.wlan.jmx.adsso.GSSServer - Server starting server ...
2012-03-09 11:45:21.329 +0100 RMI TCP Connection(481)-10.5.32.248 INFO com.perfigo.wlan.jmx.adsso.GSSServer - Server is now running ...
2012-03-09 11:45:21.329 +0100 Thread-88 INFO com.perfigo.wlan.jmx.adsso.GSSServer - GSSServer - SPN : [NAC_USER/[email protected]]
2012-03-09 11:45:21.329 +0100 Thread-88 INFO com.perfigo.wlan.jmx.adsso.GSSServer - GSSServer - building kdc list for domain mydomain.net
2012-03-09 11:45:21.469 +0100 Thread-88 INFO com.perfigo.wlan.jmx.adsso.GSSServer - GSSServer - done building kdc list for domain mydomain.net
2012-03-09 11:45:21.469 +0100 Thread-88 INFO com.perfigo.wlan.jmx.adsso.GSSServer - GSSServer - KDC(s) :[srvslsdc001.mydomain.net, srvpnpdc001.mydomain.net, srvpnpdc002.mydomain.net, srvalvdc001.mydomain.net, srvtatdco001.mydomain.net, srvtatdco002.mydomain.net, srvpaldc002.mydomain.net, srvmurdc001.mydomain.net, srvnundc001.mydomain.net]
2012-03-09 11:45:21.469 +0100 Thread-88 INFO com.perfigo.wlan.jmx.adsso.GSSServer - GSSServer - writeKrbFile: writing to file ../conf/krb.txt
2012-03-09 11:45:21.469 +0100 Thread-88 INFO com.perfigo.wlan.jmx.adsso.GSSServer - GSSServer - writeKrbFile: wrote to file ../conf/krb.txt
2012-03-09 11:45:21.470 +0100 Thread-88 INFO com.perfigo.wlan.jmx.adsso.GSSServer - GSSServer - creating login context ...
2012-03-09 11:45:21.470 +0100 Thread-88 INFO com.perfigo.wlan.jmx.adsso.GSSServer - GSSServer - created login context ...javax.security.auth.login.LoginContext@b55e97
2012-03-09 11:45:21.631 +0100 Thread-88 INFO com.perfigo.wlan.jmx.adsso.GSSServer - Notifying GSSServer status Started
2012-03-09 11:45:21.807 +0100 Thread-88 DEBUG com.perfigo.wlan.jmx.adsso.GSSServer - accepting ADSSO socket ...
2012-03-09 11:45:42.285 +0100 10.5.112.140 SWissServer Thread INFO com.perfigo.wlan.jmx.swiss.SWissUtil - opswat=3.5.2.1 dm_opswat=3.5.2.1
2012-03-09 11:45:42.329 +0100 10.5.112.140 SWissServer Thread INFO com.perfigo.wlan.jmx.swiss.SWissUtil - SWissServer: OPSWAT SDK Path=https://10.5.33.10/perfigo_download/CCAA/opswat-win.zip
As we can see, I restarted the AD SSO service and the two bold lines are the records while trying to SSO with Windows 7, but without success.
NAC Agent pop-up request for manual authentication.
does anyone know how to solve this trouble?
If you need more information please let me know .....
Regards,
Daniel StefaniHi Guys,
When I changed the files /perfigo/access/tomcat/conf/krb.txt and /perfigo/access/bin/starttomcat in CAS according to the configuration guide:
/perfigo/access/tomcat/conf/krb.txt
[libdefaults]
kdc_timeout = 20000
default_tkt_enctypes = RC4-HMAC
default_tgs_enctypes = RC4-HMAC
permitted_enctypes = RC4-HMAC
and
/perfigo/access/bin/starttomcat
CATALINA_OPTS="-server ... -DKRB_OVERRIDE=true"
an error was generated in nac_server.log when i tried run SSO Service.
ERROR:
2012-03-07 11:52:50.655 +0100 Thread-77 ERROR com.perfigo.wlan.jmx.adsso.GSSServer - Unable to start server ... KDC has no support for encryption type (14)
But I remembered that during the changes, I checked the options for the user account I'm using to run the service to Use DES encryption types for this account.
When i uncheck this option in user account options and kept the changes to files krb.txt and starttomcat, the SSO service started with no errors and Windows 7 users now do the SSO too.
tks,
Daniel Stefani -
Ume.login.mdc.hosts - SSO Multiple Domain
Hi,
My Portal domain is xxxx.net and my ECC domain is xxxx.com
I exported the portal certificate into ECC and created parameters in RZ10 to create & accept SSO tickets.
When i do the ECC System Connection tests in Portal, everything is good and successful. But when i run a Transaction iView, i get the ECC login screen.
Based on SAP Documentation, i modified UME Property as "ume.login.mdc.hosts = xxxx.com:8036", but still i get the ECC login screen in portal when i run a transaction iView. Please advice.
Thanks
VijayNot working on this right now
-
Calling a web service deployed in a SSO protected domain
Hello,
I want to write a web service based on a stateless session EJB and to deploy it as part of an application on an OC4J server. The application is protected by SSO.
My question is: how should I write a client stub for that web service? How are the name and the password provided in the client stub in order to call web service (that will be also protected as part of the protected application)?
Regards,
MarinelDitto. I get the feeling that no reply to your message must mean that OC4J doesn't support this.
An even simpler scenario is getting an Applet client to connect to an EJB without having to provide the username and password from the Applet. Otherwise, we are forced to ask the user to login for every applet or we embed the user/pass in applet params. Both are unacceptable.
Any ideas. -
Problem with Cross-domain SSO, NTLM and ITS to R/3
Hello,
We are using EP 6.0.13.0 on a Windows environment. We have an ITS running WebGUI/ESS/MSS in another domain and that is the same domain where the R/3 and BI systems reside. We have configured NTLM authentication using IIS web server 6.0 and the IISProxy 1.6.2. We have configured SSO with the backends using the same ID as in the MS-ADS. Almost everything works fine.
The problem is that when we use the NTLM logon VIA the IIS to the portal, and then navigate to a WebGUI service transaction we are prompted for login. When we refresh the portal screen and try again - it works.
We have configured the mdc.hosts and are using the sendSAPSSO2Cookie.asp to generate the cross-domain logon ticket.
I have read that ITS may require the PAS be set up but I thought that was only used when you are going directly to the ITS (leveraging the NTLM authentication) - not when you are going through the portal.
Does anyone have some experience using ALL of the SSO features (i.e. SSO, cross-domain support, ITS, windows integrated authentication)?
We have though about the relax option for the domain but it does not apply as our domains are:
SERVER1.domain1.com and SERVER2.domain2.com
... so relaxing would not help unless we relaxed to the ".COM" which is unreasonable.
My regards,
Judson MaizelsHi JUDSON
well i'll give one easy solution
make a alias under host file reside in winnt\system32\drivers\etc directory which has same domain name
i.e
SERVER1.domain1.com server1.mydomain.com
SERVER2.domain2.com server2.mydomain.com
it's works in my schenario we have a same system landscape
as you
regards,
kaushal -
Anyone have Contract Manager v13 installed on a domain controller?
Hello Everyone
I have a client who says that the primavera reseller told him it was ok to install CM13 on his Domain controller w2k3 r2, which hosts other databases such as quickbooks and instances of IIS.
Has anyone ever installed in a situation like this, concurrently with other Dbs and Web servers running?
I understand that the app server and web server is usually 2 separate machines as well, but with previous versions of CM, you were able to install both on one machine. And those machines were dedicated to CM.
A quick one line response on if your server/serves are dedicated for CM would be great!
Any other information would be a great help as well!
Thanks
Dennis
Edited by: user12514167 on Jan 26, 2010 12:20 PM
Edited by: user12514167 on Jan 26, 2010 12:25 PM
Edited by: user9054083 on Jan 27, 2010 8:13 AMTechnically its not impossible. :) one line! :]
Tough I would never install CM on DC, basically I would avoid anything that would make the crash of DC more probable.
CM service will take 500-800MB of the RAM, takes a huge peek on CPU while deployment, after that is basically not that troublesome,
Database (SQL or oracle) needs it own memory and CPU.
I'm not sure if want your DC with other services to be overloaded.
IIS - they need to know that if any of the apps they use on IIS is using port 80 they will not be able to use CM service on port 80 as well.
With the prices of hardware vs prices of CM licenses I would ask a loud - why do you want all in one machine? -
I created a new domain admin account that is part of AD Administrators, Domain Admins and Enterprise Admins. I have been using this account for a couple of years with no issue. However after promoting the domain to W2k3 and adding 2012 R2 domain controllers
I keep running into issues with the account.
The most recent was using the command 'appcmd list backup' in preping for IIS migration. I received and Access is denied error. I tried this with another account that should have domain admin privileges and got the same error. When using
the original Administrator account there is no issue.
Does anyone have any thoughts on this? Is there a way to check rights and permissions for a domain admin, Enterprise admin and Administrator account? So far all I have found is stuff related to the SID but I don't believe this is a true check or rights.
Thanks> Yes but isn't is a best practice to rename and disable it? Shouldn't
> there be a way to create an equivalent account without the -500 SID or
> am I missing something ?
"Disable", yes. "Rename", no - renaming it has no benefit, the SID stays
with him :)
This is an old tale of the "security by obscurity" days.
Martin
Mal ein
GUTES Buch über GPOs lesen?
NO THEY ARE NOT EVIL, if you know what you are doing:
Good or bad GPOs?
And if IT bothers me - coke bottle design refreshment :)) -
Problem Context:
4 DC's serving the domain (native W2K3), DC01, 2, and 3 are W2K3x32, DC04 is W2K8r2x64 (newly added).
All DC's are GC and DNS.
DC's all pass DCDiag with no unexplainable errors
LDAP query of the DC's in the site shows all 4, with identical weight
All DC's are in the same AD Site
No errors in any event log
Sysvol is visible from everywhere, for all 4 DC's
repadmin /replsum /errorsonly on all DC's (including 04) shows no issues that I don't understand (we have a remote DC in the forest offline, I see that one)
Each DC points to another DC for 1st DNS and itself for 2nd, in a chain (01->02, 02->03, etc)
All are single NIC, on different subnets.
I have 1500+ clients in my environment. DC01/2/3 are slated to be upgraded, DC04 is the first. It's newer hardware, 1gb vs 100mb, more ram, x64, etc. However, in removing the old 04 and adding a new one, DC01/2/3 went off the charts
on CPU/LSASS. Doing a query (nltest /sc_query:domain) of my environment, I show that 33% of the environment is divided up each to 01/2/3, 0% go to DC04. I have a script I run to "stir the pot" after I reboot a DC to "rebalance"
them, which is essentially an "nltest /sc_reset:domain" run on each server. I run this, and 33% end up on 1/2/3, 0% on 4.
If I do it by hand, nltest /sc_reset:domain\dc04, it works and the system uses DC04 and stays there, as expected, but if left to their own devices, zero systems choose DC04.
Help? I've no clue why this is happening. What happens when I replace DC01/2/3 with W2K8 DC's? Will the systems choose none of them? We're buried in CPU alerts and my proliferation is blocked until I can close on this.
Any wisdom would be greatly appreciated. Thank you.1. 14 domains in the forest
2. Results of the dnscmd (clipped in the middle)
dnscmd rf3psdc04 /EnumZones
Enumerated zone list:
Zone count = 129
Zone name Type Storage Properties
. Cache AD-Domain
1.8.10.in-addr.arpa Primary AD-Legacy Secure Rev
10.8.10.in-addr.arpa Primary AD-Domain Secure Rev
***lots of reverse lookup zones***
mfg.intel.com Secondary File
rf3prod.mfg.intel.com Primary AD-Legacy Secure
TrustAnchors Primary AD-Forest
3. I did, both at the root and child. The NS record only contains the 4 DC's, with correct IP's. The msdc's folder only contains the 4 dc's with corrct IP as well.
4. I have IP concerns posting the log file to a public forum, but going through it and checking the health checks on that site, the domain passes all tests, including the SRV test at the end. I even cycled through each DC on server= and re-ran the
query, from multiple clients, it returns the same info, the correct info, all 4 DC's, with the same weight. -
SBS2003 monitoring/reporting without using internal mail server?
Client is running SBS2003 and for certain reasons, is not running internal exchange. All Exch services disabled and need to stay that way.
Question; is it possible to configure the server somehow (registry, etc) to point the email to an external SMTP server instead of the internal mail server? We need to get the performance reports but aren't allowed to enable exchange.
Thanks!
CharlieAs best I can recall, in the SBS 2003 era..the reports are acutally emailed using the SMTP service and not exchange. No information has ever been provided from the MS Product team on how to make mods ot this.
But because of integration of SBS when you indicate the users to send to, it's looking at the FQDN and if its the one supplied during the CEICW wizard, then it's trying to send that to an exchange mailbox. Have you tried running the wizard and
supply an outside pop3 address? (not the hosted exchange) Does the message arrive?
Cris Hanna [SBS - MVP] (since 1997)
Co-Contributor, Windows Small Business Server 2008 Unleashed
http://www.amazon.com/Windows-Small-Business-Server-Unleashed/dp/0672329573/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1217269967&sr=8-1
Owner, CPU Services, Belleville, IL
A Microsoft Registered Partner
MVPs do not work for Microsoft
Please do not submit questions directly to me.
<Charlie Kaiser> wrote in message
news:[email protected]...
No, I'm really not sparring with you. I'm just removing the irrelevant factors from the conversation.
If you really have to know, their hardware is somewhat underpowered for the utilization it is receiving. The client is on hard times and cannot afford to upgrade the server hardware, nor can they afford a second server. Rebuilding their domain onto W2K3/W2K8
standard is also too expensive a project for them.
They have hosted external exchange and have for quite some time. They are happy with it and don't want to change. The server, after we took it over and tuned things for them, works fine. They experience almost no downtime and performance is adequate given
the current configuration. But adding any additional load to the server results in performance issues, including memory and disk space. Adding an additional 5% load on the server for exchange right now is not an option for us or them. They do not want nor
need exchange running internally.
So it returns to the original question; is there any way to simply point the outbound email to a different SMTP server? Somewhere, the monitoring component says "send this information by email; connect to SMTP." If there's a way to modify that easily, we
will do so. If there is not, then we'll probably just shut off the SBS monitoring and use a 3rd party tool intstead. But pointing SMTP is possibly simpler than making those changes.
As a small-business consultant, we spend a lot of time trying to help small companies do things as cheaply as possible. For many companies, spending a few grand on a server or project is absolutely out of the question these days. So we do what we can. The
solution you are pushing can work fine for a larger company that has a healthy IT budget. But not in this case.
Cris Hanna, Microsoft SBS MVP, Owner-CPU Services, Belleville, IL -
Portal access through a firewall
Hi there!
Having the default installtion of R2 on a single W2K box, what's the minimal procedure to make this configuration available through a firewall?
I've opened ports 7777-7778 but fail when trying to logon via SSO (host.domain.com:7777/pls/orasso)
Have I missed out to open another port or am I forced to follow the steps of setting up a reversing proxy to have portal-access outside the firewall?
Cheers
/StaffanIf they are on different servers, then both are listening on the 7777 port, and you will have to change one of them to use another port (assuming your firewall can only port forward a port to only one host).
If you are running both instances on the same server, then your SSO is accessible via 7777 and your midtier would be on 7778, so your setup as described should be enough (I do the same thing).
If they are running on the one machine, can you access the SSO/INF server directly? http://inf.domain.com:7777 and then http://inf.domain.com:7777/pls/orasso ? -
After SPNEGO is activated other existing services with Technical user not working
Hi All,
We have activated SPNEGO, One of our existing service with Technical user is not working.
When SPNEGO is disabled it works.
Regards
RamHi Patrick
We are using SSO. and domain controller has service user. We are in 7.31 PI as Java so user mapping is not done but have same users in Active directory.
SSO is working fine. But, once specific service is not working where we are using technical user when SSO is active and it is working when SSO is inactive.
Regards
Gangula -
The single tap on our track pads works sporadically
Our track pad arrow works fine. When I single click, the function does not work. It seems to not to have a pattern. Need help trouble shooting.
Hi we had also a big issue with SSO and domains. Our Portal was in domain <portalservername>.a.b.c and our BW System in <bwservername>.a.b.c
So we thought SSO should work. But the portal had an alias name enterprise.portal.b.c (which was actually used to access the portal via the Internet Explorer)
And that was the problem.
The Ticket will be created for portal.b.c and the Session Ticket will only be send to Servers in portal.b.c Domains. Our BW System is in a.b.c so the Session Ticket was not sent.
We solved the problem (with help of SAP) by adding a system Alias for the BW System named <bwservername>.portal.b.c
And now SSO was working.
So not the Domain the system is in is important but the url in your browser window is important.
I dont know if this help you in any way but because i wanted it to share anyway.
Best regards,
Kai -
Hi guys,
I was able to setup the wna infact
no errors appears in OC4J~OC4J_SECURITY~default_island~1 log file when OC4J_SECURITY instance starts up
but if I try to connect to
http://sso.<domain>/pls/orasso using a client of
Windows Domain the sso login page appears
and the following message in ssoServer.log
[DEBUG] AJPRequestHandler-ApplicationServerThread-6 Calling Authentication method
[INFO] AJPRequestHandler-ApplicationServerThread-6 Entered SSOKerbeAuth.authenticate method ...
[DEBUG] AJPRequestHandler-ApplicationServerThread-6 Remote user name: {{UNAUTH_USER}}
[DEBUG] AJPRequestHandler-ApplicationServerThread-6 Windows Native Authentication was not possible.
[DEBUG] AJPRequestHandler-ApplicationServerThread-6 Falling back to SSO authentication
[INFO] AJPRequestHandler-ApplicationServerThread-6 Entered SSOServerAuth:authenticate method
[DEBUG] AJPRequestHandler-ApplicationServerThread-6 user name NULL
[DEBUG] AJPRequestHandler-ApplicationServerThread-6 Password Null
[DEBUG] AJPRequestHandler-ApplicationServerThread-6 Subscriber Null
[DEBUG] AJPRequestHandler-ApplicationServerThread-6 Voice header: null
[DEBUG] AJPRequestHandler-ApplicationServerThread-6 x-oracle-mobile-authtype: null
[DEBUG] AJPRequestHandler-ApplicationServerThread-6 auth mode is user/pass
[DEBUG] AJPRequestHandler-ApplicationServerThread-6 Perhaps this is a Basic Auth u/pwd
[DEBUG] AJPRequestHandler-ApplicationServerThread-6 No username supplied. Sending IPASInsufficientCredException
[DEBUG] AJPRequestHandler-ApplicationServerThread-6 Requesting Login Page to collect credentials
[INFO] AJPRequestHandler-ApplicationServerThread-6 Entered SSOKerbeAuth.getUserCredentialPage method ...
[DEBUG] AJPRequestHandler-ApplicationServerThread-6 Sending login page to the user with an error message: null
[INFO] AJPRequestHandler-ApplicationServerThread-6 Exiting from SSOKerbeAuth.getUserCredentialPage method
Any ideas bout this issue ?
Regards
LuigiLuigi,
did you follow up
http://www.oracle.com/technology/obe/obe_as_10g/im/wna/wna.htm
regards,
--olaf -
Potential JavaSSO and Custom Login Module Bugs In Clustered Environment
We've been working with the custom login modules and JavaSSO and have found issues with deployment on 10.1.3.2 in a clustered environment. Deployment on a single server looks like it is working properly.
I'm wondering whether any one here has been using CLM with JavaSSO and have deployed in a clustered application server environment? I've posted in the past regarding this in the OC4J side, but never got a response, so I thought I'd try the experts here...
Here are some TARS that we've logged. Any help from the community would be appreciated.
6320304.994 JAVASSO JSSOUTIL.LOGOUT FUNCTION REDIRECT NOT WORKING ON CLUSTER
6365407.993 SETTING <distributable/> TAG IN WEB.XML CRASHES APPLICATION
6338664.992 JAVASSO LOGIN PAGE DOES NOT LOGIN USER BUT RELOADS LOGIN PAGE
Thanks!
KentonHi Kenton,
Specifically, what were the issues that you ran into when clustering JavaSSO? Was it a problem only when combined with the Custom LM?
As long as the same CLM is configured for your app (I assume this is also clustered) and JavaSSO, that should be sufficient. Obviously, CLM need to be configured against the same user repository.
If the apps were on different hosts, did you remember to set the property "custom.sso.cookie.domain" to set the right domain name in the cookie? Otherwise, you will keep getting redirected to the login page.
http://download.oracle.com/docs/cd/B32110_01/web.1013/b28957/javasso.htm#BABJCGCB
-skt -
OEM not connecting to database
I am getting the screen with the following message...
The database status is currently unavailable. It is possible that the database is in mount or nomount state. Click 'Startup' to obtain the current status and open the database. If the database cannot be opened, click 'Perform Recovery' to perform an appropriate recovery operation.
Related Links
Configure Recovery Settings
When I click startup it is asking for host and database credentials and then when I click OK it is asking whether to startup database. When I click OK it is again returning back to the same page displaying the above message.
But I am able to startup the database in the command prompt with sql commands .
Please help me out...yes ... i am using database control and the content which is there in my emoms.properties is
# emoms.properties
# Properties used by Console Configuration Manager.
# Version 1.0
# MODIFIED (MM/DD/YY)
# rpinnama 12/26/03 - Removing repAgentUrl
# sjconnol 12/11/03 - remove noSave flag for pref creds
# hsu 12/05/03 - add param for stmt caching
# mpawelko 11/24/03 - change iSQLPlus URL entries
# hsu 11/10/03 - add sharing param
# sjconnol 10/16/03 - add noSave flag for pref creds
# mgoodric 10/10/03 - add proxyHost, proxyPort, dontProxyFor
# vkapur 08/13/03 - add emdRepRAC for db console
# mpawelko 07/15/03 - add iSQLPlus DBA URL placeholder
# mpawelko 06/26/03 - add iSQLPlus URL placeholder
# streddy 06/12/03 - Added emdrep.ping.pingCommand
# dkapoor 04/21/03 - append db console params
# aholser 04/02/03 - add oms name
# skini 03/26/03 - Add connect descriptor
# skini 02/20/03 - skini_2771051_2_4.0.1_main
# rpinnama 01/03/03 - Remove pingDirectory
# skini 12/31/02 - Leave only essential properties
# skini 12/30/02 - Comment out defaults
# rpinnama 12/12/02 - Add emdrep.ping.pingDirectory
# skini 11/13/02 - Add documentation for proxy parameters
# skini 11/08/02 - Add auth properties
# jpyang 10/24/02 - change maxConnForJobWorkers to 10
# ggilchri 10/23/02 - add https port
# dmshah 10/16/02 - Adding nvp for db connection settings
# xshi 10/03/02 -
# xshi 10/02/02 - sso config - domain
# aholser 10/07/02 - move repository.properties to console.properties
# xshi 08/19/02 - add das location
# xshi 08/14/02 - add sso consoleauthentication
# lyang 06/14/02 - lyang_add_configuration_manager
# OMS login information
oracle.sysman.eml.mntr.emdRepSID=%EM_REPOS_SID%
oracle.sysman.eml.mntr.emdRepPwdEncrypted=false
oracle.sysman.eml.mntr.emdRepPort=%EM_REPOS_PORT%
oracle.sysman.eml.mntr.emdRepUser=%EM_REPOS_USER%
oracle.sysman.eml.mntr.emdRepPwd=%EM_REPOS_PWD%
oracle.sysman.eml.mntr.emdRepServer=%EM_REPOS_HOST%
oracle.sysman.eml.mntr.emdRepConnectDescriptor=%EM_REPOS_CONNECTDESCRIPTOR%
# From the old web.xml file
oracle.sysman.emSDK.svlt.ConsoleServerHost=%HOSTNAME%
oracle.sysman.emSDK.svlt.ConsoleServerPort=%EM_UPLOAD_PORT%
# The https port dedicated to the receiver servlet using an EM Certificate
oracle.sysman.emSDK.svlt.ConsoleServerHTTPSPort=%EM_UPLOAD_HTTPS_PORT%
oracle.sysman.emSDK.svlt.ConsoleServerName=%HOSTNAME%_Management_Service
oracle.sysman.emSDK.svlt.ConsoleMode=standalone
oracle.sysman.emSDK.sec.ReuseLogonPassword=true
oracle.sysman.eml.mntr.emdRepDBName=%EM_TARGET_DBNAME%
oracle.sysman.eml.mntr.emdRepRAC=false
# iSQL*Plus integration
oracle.sysman.db.isqlplusUrl=http://opsserver-dt.sci.local:5560/isqlplus/dynamic
oracle.sysman.db.isqlplusWebDBAUrl=http://opsserver-dt.sci.local:5560/isqlplus/dba/dynamic
# port specific ping command
emdrep.ping.pingCommand=/usr/sbin/ping <hostname>
# HTTP Proxy server to Oracle MetaLink
#proxyHost=%EM_PROXYHOST%
#proxyPort=%EM_PROXYPORT%
#dontProxyFor=%EM_DONTPROXYFOR%
# For controlling the sharing of realtime metric collection
oracle.sysman.emSDK.emd.rt.useMonitoringCred=true
# The number of JDBC statements that's cached per repository
# connection. Setting it to 0 would turn off caching
oracle.sysman.emRep.dbConn.statementCacheSize=30
# The number of JDBC statements that's cached per direct-target admin
# connection. Setting it to 0 would turn off caching
oracle.sysman.db.adm.conn.statementCacheSize=2
# The number of JDBC statements that's cached per real-time database
# connection used for performance monitorng
oracle.sysman.db.perf.conn.statementCacheSize=30
Maybe you are looking for
-
At the end of a recent apple tv update, a picture appeared showing a connection - micro usb - to apple itunes. I don't have this micro connection. I now can't watch apple tv. what is going on?
-
Javascript and Struts HTML problem
Hi all, I write the following script in my jsp page, but this one does not produce the output at all : <script type="text/javascript"> document.write("<input type="button" value='<bean:message key="btn.show"/>' onclick='onShowClick(this.form,"<b
-
Problem with packages.p lease help me to resolve
They are in ShoppingCart package, so create ShoppingCart folder and place these 2 java files in that folder. Then try to execute �java test� it is giving error, and see the stmts below: D:\Ashok\Received Files\ShoppingCart>dir Volume in drive D has n
-
Report 3.0 oracle database 9i(Encounter the symbol "(" when expecting
Hi, i am using oracle 9i database and report 3.0 and OS win xp and my procedure is PROCEDURE GET_MILLION_TEXT (MILLION IN NUMBER,MILLTEXT OUT VARCHAR2(30)) IS BEGIN SELECT ARA_TEXT1 INTO MILLTEXT FROM NUM_WORD WHERE NUMB=MILLION; EXCEPTION WHEN NO_DA
-
How to make default personalization options for users
Hi all, How can I make default personalization options for users, so that those will the default options when the user opens the portal BSP applications. Those will be the standard, at later point of time if they want they can personlalize some other