Tighter Integration with Active Directory User Groups

I just wrapped up a Jabber deployment with IM&P 9.1(1) and J4W clients 9.1(3).
The customer asked me if it is on Cisco's roadmap to allow groups in Active Directory to be pulled into the Jabber client.  The primary business case is to allow those in IT to send out IM blasts to the corporation or certain departments.
Obviously, this would require a significant amount of development and a much tighter integration with Active Directory, but I need to ask anyway.
Has something like this been identified and placed on any roadmap?
Thanks,
Matthew Berry

Unfortunately this kind of questions cannot be addressed here, roadmap questions need to go thru official channels for an answer.
You need to reach your SE/AM for this question.
HTH
java
if this helps, please rate
www.cisco.com/go/pdihelpdesk

Similar Messages

  • Wireless Deployment with Active Directory User Group Integration

    I am trying to find out the best practice in deploying a WLAN for users in the cooperate environment, which uses their company active directory integrated laptops to join to the WLAN.
    I know this can be done using certificates easily but I want to just find a way to deploy this without certificates and only based on the AD user group. Maybe a Radius server + LDAP server integration solution would be great.
    Please advice. Thanks.
    Cheers
    Lal Antony
    www.lalantony.com

    The easiest way to deply this is with a Microsoft toolkit, it has everything you need included, manuals, scripts to install and configure server-side components and it's very easy to use. You can get it from here:
    http://www.microsoft.com/downloads/en/details.aspx?FamilyID=60c5d0a1-9820-480e-aa38-63485eca8b9b&displaylang=en
    It's based on Win2003 server but I've been advised by MS that it should be OK on Win2008 as well.

  • Autheticating useing Cisco ACS 4.2 integrated with Active Directory 2003

    How do i check that users are Autheticated useing Cisco ACS 4.2 integrated with Active Directory 2003, any one help me in this thanks

    You can't actually see the user's membership from ACS. All you can do, create group-mapping under external database >> group mapping section. This would give you an option to map external (AD) group with an Internal group.The group memberrship need to be modified under Active Directory.
    Once user is succussfully authenticated and learned as a dynamic user in ACS user setup database, it would be mapped with an ACS internal group based on group mapping we did.
    Let me know if you have any doubts.
    Regards,
    Jatin

  • Issue with Active Directory User Target Recon

    Hi ,
    I am facing an issue with Active Directory User Target Recon
    My environment is OIM 11g R2 with BP03 patch applied
    AD Connector is activedirectory-11.1.1.5 with bundle patch 14190610 applied
    In my Target there are around 28000 users out of which 14000 have AD account (includes Provisioned,Revoked,Disabled accounts)
    When i am running Active Directory User Target Recon i am not putting any filter cleared the batch start and batch size parameters and ran the recon job .Job ran successfully but it stopped after processing around 3000 users only.
    Retried the job two three times but every time it is stopping after processing some users but not processing all the users.
    Checked the log file oimdiagnostic logs and Connector server logs cannot see any errors in it.
    Checked the user profile of users processed can see AD account provisioned for users
    My query is why this job is not processing allthe users.Please point if i am missing some thing .
    thanks in advance

    Check the connector server load when you are running the recon. Last time I checked the connector, the way it was written is that it loads all the users from AD into the connector server memory and then sends them to OIM. So if the number was huge, then the connector server errored out and did not send data to OIM. We then did recon based on OUs to load/link all the users into OIM. Check the connector server system logs and check for memory usage etc.
    -Bikash

  • Problems with Active Directory Users showing as not found in Open Directory work group manager

    I’m running a golden triangle setup with Open directory assigning group policy and authentication provide by active directory. In workgroup manager I can search through the AD and add users or computers to groups in OD workgroup manager. However when I save and refresh the users or computer appear as ‘not found’. Is there a reason for this?

    Hi Zero
    It's very reassuring to know im not the only one having issues with this..
    Im on my second re install of the server.. I like you have no wish to do another clean install as everything else is connected and it seems like the answer is probably very simple.
    So today im going to re- run the terminal commands as layed out in the online guides.
    However i was kinda hoping someone would be able to supply us with an answer.
    thanks
    J

  • Beginners guide to integration with Active Directory?

    Hi (complete beginner to this, but a quick learner)
    I don't know where to start with regards to getting the Macs on our network connecting like the PCs. Currently we have about 100 Macs on 10.4.x that are bound to the AD using Directory Access - users can log in, but that's about as far as integration goes. Their home folders do not "map" to the corresponding folders on the Macs, and we (as administrators) have no control over the Mac network users like we would have the local Mac users.
    I've been asked to look into this issue, and along with creating new modular 10.5.x system builds for all our Macs (different hardware, different software needs, different physical locations), I need to know what the next steps are. I have no experience of using Mac OS X Server or Active Directory. Besides telling me to ask the IT department to hire a Mac professional, what should I be looking into next?
    So far, this is how I think the process goes:
    1) Ensure I have solid modular system builds ready to go for the different macs/different classrooms.
    2) Get an Xserve for IT.
    3) Have Open Directory integrate with Active Directory, so that the same access controls/permissions are applied to the Mac users as they are the Windows users (including Finder access controls, Application controls, folder mapping etc) - *this is where I need guidance*.
    4) Push out the system builds to the Macs on the network
    5) Connect the Macs using Open Directory...
    6) ...
    As you can see, my knowledge kind of peters out towards the end there; is this a realistic undertaking for me (a classroom technician who happens to use Macs - NOT trained in any of this) and the Mac-phobic IT department (who would prefer switching all of our workstations to PC)? Are we going to have to bite the bullet and get some expensive consultants in?

    pisto_grih wrote:
    Hi (complete beginner to this, but a quick learner)
    I don't know where to start with regards to getting the Macs on our network connecting like the PCs. Currently we have about 100 Macs on 10.4.x that are bound to the AD using Directory Access - users can log in, but that's about as far as integration goes. Their home folders do not "map" to the corresponding folders on the Macs, and we (as administrators) have no control over the Mac network users like we would have the local Mac users.
    And that is about as far as the Apple plugin will take you. In order to do more you need to either extend schema (very scary), look at third party products like Centrify (very expensive), or look at getting an OS X Server and implementing the "magic triangle" in which OS X attributes are managed in OD while users, groups, and password are managed by AD.
    I've been asked to look into this issue, and along with creating new modular 10.5.x system builds for all our Macs (different hardware, different software needs, different physical locations), I need to know what the next steps are. I have no experience of using Mac OS X Server or Active Directory. Besides telling me to ask the IT department to hire a Mac professional, what should I be looking into next?
    If you go the route of OS X Server and MCX settings, make life easy on yourself and build one common build. Then limit app access based on your groups. That way you can simplify the number of images you maintain down to one (provided you have appropriate licensing).
    So far, this is how I think the process goes:
    1) Ensure I have solid modular system builds ready to go for the different macs/different classrooms.
    See above. But if you need to, look at InstaDMG
    2) Get an Xserve for IT.
    Yep. But if you are only doing MCX you might want to look for a cheeper alternative. The Xserve can offer some nice additions, including software update server and Netinstall server among others.
    3) Have Open Directory integrate with Active Directory, so that the same access controls/permissions are applied to the Mac users as they are the Windows users (including Finder access controls, Application controls, folder mapping etc) - *this is where I need guidance*.
    Yep. You are on the money.
    4) Push out the system builds to the Macs on the network
    Push huh. Look at Radmind. Then take a summer off to learn it. Then become god.
    5) Connect the Macs using Open Directory...
    Actually, connect the macs to both AD and OD. This will allow authentication and instantiating through AD and management through OD. Works very well.
    6) ...
    As you can see, my knowledge kind of peters out towards the end there; is this a realistic undertaking for me (a classroom technician who happens to use Macs - NOT trained in any of this) and the Mac-phobic IT department (who would prefer switching all of our workstations to PC)? Are we going to have to bite the bullet and get some expensive consultants in?
    It is learnable especially with the summer and available hardware. However, supporting the consulting industry is always nice http://consultants.apple.com
    Hope this helps

  • Cannot log into DTR with Active Directory User

    Greetings,
    I have set up and installed JDI correctly.  I can log into /devinf, the cbs, cms and sld systems with no problem using both Administrator and my JDI.Administrator that I assigned to an Active Directory user.  I can log into the DTR using a user from the database (i.e. Administrator), however, when trying to access the DTR with an Active Directory user, I get the following message:
    500   Internal Server Error
      SAP J2EE Engine/6.40 
      Application error occurred during the request procession.
      Details:   Error [javax.servlet.ServletException: Group found, but unique name "businessUnit.all.guests" is not unique!], with root cause [com.tssap.dtr.server.deltav.InternalServerException: Group found, but unique name "businessUnit.all.guests" is not unique!].  The ID of this error is
    Exception id: [0012798F81680042000000090000165C0003FE9AA3C0B86B].
    This group exists in multiple domainshowever, this has not caused us any issues to date with our portal and other pieces of SAP WASit's only this DTR error. 
    Any help is greatly appreciated.
    Thanks,
    Marty

    Hi Marty,
    In the document available at the link enclosed below, there is a part that explains how to configure DTR so that it always uses "Unique-IDs".
    http://help.sap.com/saphelp_nw04/helpdata/en/20/f4a94076b63713e10000000a155106/frameset.htm
    It is mentioned that this is valid for LDAP, but the information is applicable for Active Directory as well.
    Regards,
    Manohar

  • OIM Integration with Active Directory Federation Services (ADFS)

    Hello friends
    I have a question about the integration of Oracle Identity Manager with Active Directory which is federated with another external directory for ADFS. My question is:
    What considerations should be to contemplate if I have an active directory federated environment when carrying out the integration with Identity Manager?
    I use version 9.1.0.2 of Oracle Identity Manager with Microsoft Active Directory Connector User Management 9.1.1.7
    Thanks for the support.

    First consideration is that the OIM's target ADFS - in the federated scenario, will that participate as a Service provider or identity provider. I would think identity provider.
    Next consideration: What all attributes are required to be played in the SAML assertion to the other end-point? All these attributes must be present and should be provisioned to the AD in this case.
    So, OIM should be set up (UDF etc) to provision all those attributes needed in the SAML.
    Next consideration: What all scenario to support? IdP initiated or SP initiated? If SP initiated, then process will hv to be defined if a user id does not exist in the AD of the OIM target. Will the request be failed or a in-time provisioning should happen.
    Hope this helps.

  • Cisco ACS 4.2 integration with Active Directory

    Hello,
    I´m new in the administration of ACS, we have recently implemented on server ACS version 4.2
    for manager all users authorization for our Network.
    We are in one environement which have an Active Directory, group and users.
    Now, i´m just able to creat a new user in ACS and work with on the Client SWITCH, what i need to do, is to integrate my ACS 4.2 with Active Directory.
    for work with the user and Group that a register in my AD.
    Someon can help me please?

    You can't actually see the user's membership from ACS. All you can do, create group-mapping under external database >> group mapping section. This would give you an option to map external (AD) group with an Internal group.The group memberrship need to be modified under Active Directory.
    Once user is succussfully authenticated and learned as a dynamic user in ACS user setup database, it would be mapped with an ACS internal group based on group mapping we did.
    Let me know if you have any doubts.
    Regards,
    Jatin

  • IChat integration with Active Directory

    Hi all,
    I'm trying to setup iChat on Mavericks to work with Active Directory. The iChat server is bound to AD, all the users are able to log in to the iChat server locally. The messages service is enabled and rights to the Messages service are granted to some users and groups. However, when I try to login with a Jabber account, I get "login ID or password is incorrect". The username and password are correct. I'm using the same [email protected] syntax for the username as the one I'm using to login to the iChat server directly. I tried with and without Kerberos v5 authentication, I tried with and without SSL and everything else I was able to think of. I have the OpenDirectory there enabled, although I don't really use it. I'm trying from the local network and from the internet (all the ports needed for iChat are forwarded to the server). Still no luck.
    Any help on my issue would be very much appreciated.
    Thanks!

    Hello everyone,
    I ran into the same situation as described above.
    Unfortunately there seems to be no answers on the thread from my research, so I left with no hope at all.
    Please help and give me some advices.
    Thank you in advance!
    Sincerely,
    Anton Todorov

  • BOBJ SAP Integration with Active Directory SSO via Portal

    Hi all,
    We are only interating BOBJ with BW/BI and the user experience is as follows:
    Users login to the SAP Portal using their Windows Active Directory user id and password to gain access to the portal.
    From my understanding at the moment, the way the interation kit works is that the BOBJ system is configured as per the manual importing the SAP roles and SAP users who will access the Crystal reports via either GUI or Portal.
    My question is: When creating a Crystal report is created, the connection details use SAP login credentials and in the CMC the SSO option can be set so that the SAP user who has logged onto GUI or Portal can launch the report... this is fine and works as intended taken that the user logged on with his/her SAP login. As per the user experience above, users log in using their AD Login into Portal, and never use GUI, where this in theory is SSO into Portal. So how does one get past the login screens (BOBJ and database) while preserving AD SSO to SAP and BOBJ?
    Any guidance, documents or comments will be much appreciated.
    Thanks
    Jacques

    HI,
    yes it is possible:
    take a look at the blogs I did on the install and configuration (specially the SAP Authentication):
    BusinessObjects and SAP - Installation and Configuration Part 1 of 4
    Install Part #1
    BusinessObjects and SAP - Installation and Configuration Part 2 of 4
    Install Part #2
    BusinessObjects and SAP - Installation and Configuration Part 3 of 4
    Install Part #3
    BusinessObjects and SAP - Installation and Configuration Part 4 of 4
    Install Part #4
    BusinessObjects and SAP - Configure SAP Authentication
    SAP Authentication
    Important here is that:
    - the BI System is configured to accept tickets
    - the portal and BI system are configured as trusted system
    - the SAP authentication is configured
    Ingo

  • Single Signon and Integration with Active Directory

    Hi,
    We have a requirement to integrate Active Directory with SAP and implement Single Signon solution. Our Active Directory is running on Windows 2003 and we are having systems 4.7 , ECC6.0 which run on Linux OS in our landscape.
    Can anyone of you help me by answering following questions
    1. Is there any need of any third party solution(tool) to integrate  Active Directory and SAP and activate single signon?
    2.Is there any difference in integration from SAP 4.7 and ECC6.0 of SAP on Linux OS with Active Directory ?
    3. If possible please share any documents or links on above issue.
    Suitable answers will be rewarded with points. Thanks in advance for your help
    Regards
    Murali

    > Thank you very much for providing me the link. But the document on link seem to be in German. Can you please let me know how to get English version of this document.
    I'm sorry, you'd have to ask Realtech for that document in English.
    Basically you can follow
    http://osdir.com/ml/encryption.kerberos.general/2004-11/msg00007.html
    Markus

  • SAP R/3 4.6 C Integration with Active Directory

    Dear Friends,
            We have a requirement to Integrate Active Directory User Authentication to SAP User authentication. Currently we are using following systems in our organization:
    SAP R/3 4.6 C Kernel 46D
    SAP ECC 6.0 with EHP4
    Currently users are logging into Individual SAP systems with ther own User ID and passwords and they need to remember all the system passwords.
    We are not looking for EP for SIngle Sign on.
    Do we have any option to Integrate Active Directory User authentication with these 2 SAP systems using SSO method ?
    Regards
    Graham

    Hi Graham,
    Depending on the server OS (Linux, Solaris, Windows, etc) and client (web browser, SAP GUI, etc), you can accomplish this several different ways ranging from using features provided by SAP directly ([SAP GUI and Windows to Windows|http://help.sap.com/saphelp_nw70ehp2/helpdata/en/44/0ebf6c9b2b0d1ae10000000a114a6b/frameset.htm] for example) or by [several third party vendors|http://ecohub.sdn.sap.com/irj/ecohub/solutions?query=%22active+directory%22].
    Please let us know what OS and clients are you working with and I'm sure we can point you in the right direction.
    Thanks!
    Kyle

  • Unable to login @ login window with Active Directory User

    I successfully bound my test machine to Active Directory and can search using dscl and id. I can also su to my active directory user account an authenticate perfectly. All search bases are correct and everything else looks fine.
    When I attempt to login from the login window as an AD user, the window shakes. Clicking under Mac OS X shows that "Network Accounts Available". Looks like the CLI tool "dirt" is now gone as well, although insecure it would possibly show something here.
    Anyone else having issues after binding to AD? I bound using the Directory Utility gui... I have not tried using my leopard bind script yet.
    Thanks,
    Ken

    I have pretty well the same problem. The machine was already bound to AD prior to upgrade. After could not login on with my account (jball). Can log on with other accounts from the same domain (we only have one AD domain). Can also su to jball in a terminal session. Can't access network resources with jball when I try to connect to a windows server through the finder, instantly comes up with bad username or password, doesn't even think about it.
    I have removed any copies of the home folder under either /Users or /Domain as I have had problems with that before. Have repaired permissions and unbind and bind the machine to AD. Have been at this all day now and no closer. Get these error messages in console:
    31/08/09 4:49:27 PM SecurityAgent[666] Could not get the user record for 'jball@domainname' from Directory Services
    31/08/09 4:49:27 PM SecurityAgent[666] User info context values set for jball@domainname
    31/08/09 4:49:27 PM SecurityAgent[666] unknown-user (jball@domainname) login attempt PASSED for auditing

  • OIM 9.1.0 Integration with Active Directory 2008 R2

    Hi,
    My customer is running Root/Child AD structure based on windows 2003 w/SP2, OIM 9.1.0 deployed under one of the child domains, and integrated with child domains controllers which runs windows server 2003 as well.
    My customer has decided to upgrade his AD to Windows Server 2008 R2 domain controllers across the entire AD Forest and still wants to integrate the current OIM v9.1.0 with AD for all of his Users provisioning and password synchronizations.
    Am not sure if current OIM version of OIM 9.1.0 is compatible and supported by OIM v9.1.0 under active directory version 2008 / R2, and not sure if it can be integrated with such AD version.
    Any guidance is really appreciated.
    Also I was thinking of such scenario but also not sure of its support ability and if OIM will keep working on such scenario, the scenario is to upgrade only the AD root domain to Windows 2008 R2 while keeping the child domain holding the OIM 9.1.0 at Windows 2003 version.
    Is this a working and supported scenario by OIM v9.1.0 ?

    I believe you question should be if the connector supports this architecture. Check out the versions supported for the connector you are using and you should be good.
    -Bikash

Maybe you are looking for

  • Reissued mail backup

    please mail to admin-level backup acc ******* ago I bought this because I play the game acc clash of clans chua acc was full cup for me but now I forgot backup mail id pass though I still remember, but I forgot ID DC thrusting this article please pro

  • Transaction Launcher ITS

    Hi Group, I'm trying to understand how to launch SAP Gui transactions into ICWEB. Is that through ITS ? I have come across a blog /people/raja.g/blog/2007/01/24/displaying-r3-transaction-in-icwc-application that displays an R/3 transaction in ICweb,,

  • Dynamic select list display details on same page

    i have a select dropdown list that is showing products from a php msql database. When one of the products is selected from the list in need the details of that product displayed underneath the select list. here is what i have so far mysql_select_db($

  • Email Address Server Timeout

    Hi, I'm having a problem sending email to a single email address from France to the UK. All other addresses work fine. The email address is correct (I have tried both writing a new message, as well as 'reply' to recieved mail) I have tried both html

  • Itunes Shared Library between Mac and Windows isn't sharing videos properly

    Hi, I'm a bit new to the mac world, but I'm the proud owner of a new macmini. I also own a Windows 7 machine. My problem is with the Itunes Shared library. Itunes 10 on my mac is set up to share everything, including podcasts. I can see these from It