Active Directory -- returning data through ldap query
I am using the tcUtilLDAPController to connect to AD and wish to run a query however only 1000 records are getting returned, how do i get the next set of 1000 records?
---------Code--------
ldapController = ldapUtil.connectLDAP(adServerAddress, adServerRootContext, adServerAdminFQDN, adServerAdminPwd, adServerUseSSL);
ldapController.searchResult("", "(objectclass=user)");
You either reconfigure your AD server to have a higher max returned entries or you start using paged searches.
Code for paged searches using JNDI: http://iamreflections.blogspot.com/2010/10/adldap-reconciliation-using-paging.html
It may also be possible to get tcUtilLDAPController to do paged searches.
Best regards
/Martin
Similar Messages
-
Help needed in Exporting tables data through SQL query
Hi All,
I need to write a shell script(ksh) to take some of the tables data backup.
The tables list is not static, and those are selecting through dynamic sql
query.
Can any body tell help me how to write the export command to export tables
which are selected dynamically through SQL query.
I tried like this
exp ------ tables = query \" select empno from emp where ename\= \'SSS\' \"
but its throws the following error
EXP-00035: QUERY parameter valid only for table mode exports
Thanks in advance,Hi,
You can dynamically generate parameter file for export utility using shell script. This export parameter file can contain any table list you want every time. Then simply run the command
$ exp parfile=myfile.txt -
Need to return data from a query in different ways - Please help
We are using 10g R2
I have a proc as follows that has a query with over 100 values in the select clause:
proc one( input param1, input_param2,.... output_cursor )
as
begin
open cursor for
select ...about 100 values with most of them being calculated
from table1, view 1, table2, table 3, view 2 ...
where ....
and table1.col1 = input param1
and table1.col2 = input param 2
and view1.col5 = input param5...
end;
I need to return the data that comes from the above query in different formats, columns for a report would be different from columns for screen A and different for screen B. I need only certain columns for a report and different set of columns for another screen. I have wrapper procs that get different input params. From the wrapper procs I intend to call the above proc but would like only selected values.
How can I accomplish this? Since my main goal is to select different columns for each wrapper I was thinking of insert the data from the above proc into global temp table and selecting whatever columns and order I want from the wrappers.
What do you think? Any other solutions?
Thanks
Edited by: user565033 on Jan 21, 2013 7:50 PMYou need to clearly separate roles and responsibilities. The PL/SQL code that creates and supplies a cursor handle is server code tasked to supply data. The code that makes the call for server data, is responsible for formatting and rendering that data.
Thus moving data formatting into the server code needs to be question. Simple example. Cursor does not return invoice date as a date - but formats it into a string using TO_CHAR().
This works for client1 - as that is the date format expected. However, client2 has different International settings and specifies a different date format. Invoice date, formatted into a string by the server, now renders in the wrong format on client2.
Server code should not be concerned with rendering and formatting of data send to a client.
As for the idea to use a global temp table is ..., well to put it nicely, it smells. Badly.
The single most expensive operation on a database platform is I/O. And now you want to read server data and write it to temporary storage, and the read data from temporary storage to return to the client? What on earth for!? Why purposefully increase the size of the I/O workload? Why decrease performance and undermine scalability?
Provide a proper abstraction interface to the client. Enable it to specify (as simplistically as possible) what it wants ito data. There are a number of ways to design and implement this in PL/SQL. Simplistic example:
SQL> create or replace package Employees as
2
3 EMP_FULL_DETAILS constant integer := 1;
4 EMP_BASIC_DETAILS constant integer := 2;
5
6 procedure GetEmpByID(
7 cur out sys_refcursor,
8 empID in emp.empno%type,
9 template in integer default EMP_BASIC_DETAILS
10 );
11
12 procedure GetEmpByName(
13 cur out sys_refcursor,
14 empName in emp.ename%type,
15 template in integer default EMP_BASIC_DETAILS
16 );
17 end;
18 /
Package created.
SQL>
SQL> create or replace package body Employees as
2
3 type TArray is table of varchar2(32767);
4
5 TemplateList constant TArray :=
6 new TArray(
7 'EMPNO, ENAME, JOB, MGR, HIREDATE, SAL, COMM, DEPTNO ',
8 'EMPNO, ENAME, JOB '
9 );
10
11 procedure GetEmpByID(
12 cur out sys_refcursor,
13 empID in emp.empno%type,
14 template in integer default EMP_BASIC_DETAILS
15 ) is
16 sqlSelect varchar2(32767);
17 begin
18 sqlSelect :=
19 'select '||TemplateList(template)||
20 'from emp where empno = :empID';
21
22 open cur for sqlSelect using empID;
23 end;
24
25 procedure GetEmpByName(
26 cur out sys_refcursor,
27 empName in emp.ename%type,
28 template in integer default EMP_BASIC_DETAILS
29 ) is
30 sqlSelect varchar2(32767);
31 begin
32 sqlSelect :=
33 'select '||TemplateList(template)||
34 'from emp where ename like :empName';
35 open cur for sqlSelect using empName;
36 end;
37
38
39 end;
40 /
Package body created.
SQL>
SQL> var c refcursor
SQL>
SQL> exec Employees.GetEmpByID( :c, 7499 );
PL/SQL procedure successfully completed.
SQL> print c
EMPNO ENAME JOB
7499 ALLEN SALESMAN
SQL>
SQL> exec Employees.GetEmpByName( :c, 'A%', Employees.EMP_FULL_DETAILS );
PL/SQL procedure successfully completed.
SQL> print c
EMPNO ENAME JOB MGR HIREDATE SAL COMM DEPTNO
7499 ALLEN SALESMAN 7698 1981/02/20 00:00:00 1600 300 30
7876 ADAMS CLERK 7788 1987/05/23 00:00:00 1100 20
SQL> -
Why between for date is not returning data for this query ?
Hello,
i have a table with this structure and i am writing this query for fetching some rows based on some condition , but this query is not returning any data . Can you please tell why ?
ID DT
003 11/8/2011
002 10/8/2011
001 9/8/2011
And the query is :
SELECT * FROM TABLE_NAME WHERE DT BETWEEN TO_DATE('08/08/2011','dd/mm/yyyy') AND TO_DATE('12/08/2011','dd/mm/yyyy');
Edited by: bootstrap on Aug 13, 2011 7:10 AM>
>
but what is the problem with that, why that date is not matched when i am providing the date format ?Which part don't you understand? You did not use TO_DATE while inserting data and default date format was mm/dd/yyyy, right? Same default date format is used if you issue:
SELECT * FROM TABLE_NAME Your original post states the above select returns:
ID DT
003 11/8/2011
002 10/8/2011
001 9/8/2011So dates you inserted are November 8, 2011, October 8 2011 and September 8 2011. Now TO_DATE('08/08/2011','dd/mm/yyyy') is August 8 2011 and TO_DATE('12/08/2011','dd/mm/yyyy') is August 12 2011. So obviously:
SELECT * FROM TABLE_NAME WHERE DT BETWEEN TO_DATE('08/08/2011','dd/mm/yyyy') AND TO_DATE('12/08/2011','dd/mm/yyyy');will not return any rows. Bottome line - never write code that uses implicit date conversions since your code becomes client NLS settings dependent and might work for one client and fail or produce wrong results for other client.
SY. -
Fetch Data through Caml Query using textboxes as parameters
Hi All,
*I am very new to SharePoint and working on SharePoint dev.I have task to get the list items based on 2 conditions and I am passing parameters as texboxes to get the data dynamically .
*I had written the below code(Code 1) for which it is showing me errors and Code2 is working fine.Can any one help me what is error
Code 1
SPList mylist = myweb.Lists["Manager"];
SPItem myitem = mylist.Items.Add();
SPQuery myquery = new SPQuery();
string idvalue = txtid.Text.ToString();
//myquery.Query = @"<Where><Eq><FieldRef Name='ID'/><Value Type='Number'>"+txtid.Text.ToString()+"</Value> </Eq></Where>";
string idvaluuue=txtid.Text.ToString();;
myquery.Query = @"<Where>
<And>
<Eq>
<FieldRef Name='ID'/>
<Value Type='Number'>"+idvaluue+"</Value>
</Eq>
<Eq>
<FieldRef Name='NumberOfEvents'/>
<Value Type='Text'>"+drbcalenders.SelectedItem.Text.ToString()+"</Value>
</Eq>
</And>
</Where>";
Code 2
SPList mylist = myweb.Lists["sample"];
SPItem myitem = mylist.Items.Add();
SPQuery myquery = new SPQuery();
string idvalue = txtid.Text.ToString();
//myquery.Query = @"<Where><Eq><FieldRef Name='ID'/><Value Type='Number'>"+txtid.Text.ToString()+"</Value> </Eq></Where>";
string idvaluuue=txtid.Text.ToString();;
myquery.Query = @"<Where>
<And>
<Eq>
<FieldRef Name='ID'/>
<Value Type='Number'>9</Value>
</Eq>
<Eq>
<FieldRef Name='NumberOfEvents'/>
<Value Type='Text'>July</Value>
</Eq>
</And>
</Where>";
Samarbelow is query with multiple AND usage...I hope it will help you out...
string four = "4";
string five = "5";
string fifty = "50";
myQuery.Query = @"<Where>
<And>
<And>
<Eq>
<FieldRef Name='PCurrency' />
<Value Type='Currency'>"+fifty+@"</Value>
</Eq>
<Eq>
<FieldRef Name='PNumber' />
<Value Type='Number'>"+four+@"</Value>
</Eq>
</And>
<Eq>
<FieldRef Name='ID' />
<Value Type='Counter'>"+five+@"</Value>
</Eq>
</And>
</Where>";
***If my post is answer for your query please mark as answer***
***If my answer is helpful please vote *** -
Reading Archived Data Through SAP Query Report
Dear SAP Gurus,
My client archived their SAP data in a particular year range and all the Z reports have to modified to read these archive data. Normal ABAP reports can be modified to read the archive data without no problem.
But there are two Z SAP query reports which should be modified the same way so it will be able to read archive data.
What is the best method for this? Does SAP Query tool provide facility to read archive data? or do I have to append the code?
Thank you in advance for your help
Regards,
Isuru Fernando>
Isuru U Fernando wrote:
> hi Manthan,
>
> Yes I used these FMs and read the data without any problem for normal ABAP reports.
>
> But SAP query report is the problem. Is it advisobale to modify the SAP query generated report source code? since it is a system generated report.
>
> Regards,
> Isuru
No, do not adapt the SAP generated report source. The reason is: every time someone re-generates the query from tx. SQ01 your changes will be lost.
You could add the functionality Manathan gave you to add to the infoset of said query - but to be honest: in my opinion that is shooting nuclear rockets at flies. Also you run the risk that every change of the infoset (add a join/delete a join) requires adjustment of said coding you applied ... and where will you be then? Fancy repairing the same query over and over again? Try talk sense to your client - go for a Z-report here ... -
Import Active Directory Data into SAP HR
We are currently working on updating user data in Active directory from data stored in SAP HR via the LDAP Connector. This is working great! The question is what is required to make this happen the other way around. Ex Employee email address is stored in AD and we want to update IT105 email address from Active directory.
Thanks in Advance!
Tariq KhanHello Tariq,
I am also trying to find out the way for flowing data from AD to SAP HCM IT0105.
If you found the solution, it would be a great help if you could pls share the solution.
Hoping for the favorable response.
Thanks in advance.
Best Regards,
Tauseef -
ISE - Active Directory - LDAPS
I think I understood the customer concern. This is quoted from Microsofthttp://support.microsoft.com/kb/321051
"The Lightweight Directory Access Protocol (LDAP) is used to read from and write to Active Directory. By default, LDAP traffic is transmitted unsecured. You can make LDAP traffic confidential and secure by using Secure Sockets Layer (SSL) / Transport Layer Security (TLS) technology."
So the question now is how can we be sure the ISE communication is secure? ... I understand port 636 is used to transport LDAP-Secure ...
The ISE User Gude indicates that one of the ports required to be open in the case a firewall exists between ISE and ADE is 636 (LDAPS). -(ISE User Guide Page 5-6)
In my case there is no FW between ISE and AD, so how can I be sure LDAPS is being used?
ISE User Guide explais a little about security if the external identity source is an LDAP, but nothing about security is indicated in Active Directory configuration.
Regards.Hi,
The AD join operations allows you to run PEAP protocol and is much more resilient than using ldap because of the way it joins itself to the domain. It uses kerberos and rpc when performing user authentication.
When using ldaps that is configuration based on when you add the ldap instance.
Sent from Cisco Technical Support iPad App -
FYI: Testing Active Directory Replication Latency/Convergence Through PowerShell (Update 2)
see:
(2014-02-01) Testing Active Directory Replication Latency/Convergence Through PowerShell (Update
2)
Jorge de Almeida Pinto [MVP-DS] | Principal Consultant | BLOG: http://jorgequestforknowledge.wordpress.com/Might that link has been been broken.Here is the link
http://jorgequestforknowledge.wordpress.com/2014/02/01/testing-active-directory-replication-latencyconvergence-through-powershell-update-2/
Nice Jorge. Thanks for sharing.
Regards~Biswajit
Disclaimer: This posting is provided & with no warranties or guarantees and confers no rights.
MCP 2003,MCSA 2003, MCSA:M 2003, CCNA, MCTS, Enterprise Admin
MY BLOG
Domain Controllers inventory-Quest Powershell
Generate Report for Bulk Servers-LastBootUpTime,SerialNumber,InstallDate
Generate a Report for installed Hotfix for Bulk Servers -
Active directory.....Need how it works with WEBSHOP(B2B)
Hi ,
Can someone throw light on how webshop(B2B) would be configured to authenticate with Active Directory.
Any pointers, even though very basic also would help us a lot.
Thanks in advance
Regards,
PVHello PV,
There is no direct AD support in Webshop. Reason is simple. Webshop uses JCo for connecting to CRM and uses hence its capabilities are limited to what JCo can do. Webshop has support (through JCo) for SAP Logon Tickets / SSO2 cookies. Single Sign On with SSO2 cookies is supported through JCo.
SAP Portal is generally used as the user authentication gateway and can use Active Directory as data store. It also generates SSO2 cookies for authenticated users. If [SSO has been defined and established between the Portal and the CRM backend|http://help.sap.com/saphelp_crm60/helpdata/en/14/252f4069702d22e10000000a1550b0/content.htm], these SSO2 cookie is enough to logon to the CRM system.
Now, if you view this from a CRM UME perspective, it is possible to have [LDAP as the data source for UME|http://help.sap.com/saphelp_crm60/helpdata/en/12/7678123c96814bada2c8632d825443/content.htm].
Hope this is enough information for a good start.
Easwar Ram
http://www.parxlns.com -
Connected to Domain but can't log in using Actived Directory Credentials
Hey everyone. I've been working on this issue for two weeks now, and I don't know what else to try. I'm connected to my domain but cannot get my Macbooks to log in using Active Directory credenitals both through our wireless network, and hard wired with an ethernet cable. The weird part about it is that it is not uniform all across our network. This only happens to certain Macbooks and as of right now there doesn't seem to be a pattern. I can say that it has happened to all new Macbook Pros that we have ordered lately though.
We use Jamf to manage our Macs on our network, and ever since upgrading to a new version (9.01 and now 9.1) we have had this issue. However I can't connect after manually adding the domain either, so for now it makes me think it is not a Jamf issue. Has anyone dealt with this issue before, that might know of a fix? Thanks!Hi Burnettb1,
I have come across a similar issue as yours. I have included the instructions that I use to bind the Mac at my institution. In regards to wifi, I have not tried binding the Mac over wifi. Should you need to log in to a Mac with domain user credentials I would suggest to bind the Mac over ethernet. Once you get to the:
*Click on triangle to the left of Show Advanced Options to expand"
portion of the instructions click on the Mappings tab and select the checkbox for creating a mobile account at login. This will create a domain user profile on the machine that you can log into when not connected to the domain.
Hope this helps.
BIND iMac:
Login into iMac using administrative credentials
Open System Preferences
*Goto Users & Groups
*Click on lock in lower left-hand corner
*Use same password used to log into iMac
*Click on Login Options
*Click on ‘Join...’ button right of "Network Account Server: "
*Click on ‘Open Directory Utility…’ button
*Click on lock in lower left-hand corner
*use same password used to log into iMac and click on Modify Configuration
*Double-click on Active Directory
Active Directory Domain = domain
Computer ID = name of Mac
*Click on triangle to the left of Show Advanced Options to expand
*Click on Administrative tab
*Check Prefer this domain server
Type domainserver_ipaddr -or- servername.domain in this field
*Click on ‘Bind…’ button
*When prompted for network administrator login
username = [domain admin user]
pwd = [domain user password]
*Click OK (Note: search path will be updating. Until completed the ‘OK’
button will be greyed out
*Click OK
*Click lock to lock and close window
*Click lock to lock and close window
BIND CHECK:
*Search AD for added mac host - it should be there.
Open Terminal app by either:
1)
*Press command+spacebar
*Type Terminal and select app
2)
*Click on desktop
*Press shift+command+A
*Goto Utilities folder located within Application folder (which you should
be in) and open Terminal
*Once Terminal is opened type in id [domain username] and press return key. The output should be
some some network account information
*Close app by pressing command+Q and any other opened windows
*Restart iMac
*Log in -
Snow Leopard and Windows 2003 Active Directory Binding Issues
Ok I have a new imac 27" with snow leopard (completely patched).
I am attempting to join it to an active directory domain.
First the prequel:
* I have opened full traffic to and from the machine and our domain controllers
* I have enabled full logging on the firewall and there are no blocked packets
* I have used wireshark to watch the traffic on the mac and there appear to be no anomalies (packets being sent out but not getting a response, dns requests that aren't answered, etc)
* I have enabled full KDC logging on the domain controller in question and there are no errors in any of the event logs on either domain controller.
* The domain admin account in question has Enterprise, Schema and Domain Admin rights
* I have tried it both with and without an existing computer account and with every conceivable combination of caps and no caps on domain name, user and computer names.
I am getting the following error at the very end of the process:
"Unable to add server. Credential operation failed because an invalid parameter was provided (5102)"
I enabled debugging on Directory Services and will post a log in a reply.
Anyone have any ideas? I have been banging my head on this for a week with no luck.Here is the log with the Active Directory: entries grepped... the full log is far too large to reply to here, if you think you need it let me know and I can email it to you it is 548kb
obviously machine names, usernames and ip addresses have been munged.
2011-02-09 12:13:32 EST - T\[0x0000000100404000\] - Active Directory: copyNodeInfo called for /Active Directory
2011-02-09 12:13:36 EST - T\[0x0000000100404000\] - Active Directory: copyNodeInfo called for /Active Directory
2011-02-09 12:13:41 EST - T\[0x0000000100404000\] - Active Directory: copyNodeInfo called for /Active Directory
2011-02-09 12:13:46 EST - T\[0x0000000100404000\] - Active Directory: copyNodeInfo called for /Active Directory
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: Bind Step 1 - Searching for Forest/Domain information
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: subdomain.domain.tld - Start checking servers for site "any"
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: Total Servers "any" LDAP - 2, Kerberos - 2, kPasswd - 2
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: Adding Server - "dc3.subdomain.domain.tld"
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: Adding Server - "dc1.subdomain.domain.tld"
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: subdomain.domain.tld - Finished checking servers for domain
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: DomainConfiguration reachabilityNotification - Node: subdomain.domain.tld - resolves - enabled
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: Bind Step 2 - Finding nearest Domain controllers
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: Bind Step 3 - Verifying credentials
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: subdomain.domain.tld - Start checking servers for site "any"
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: Total Servers "any" LDAP - 2, Kerberos - 2, kPasswd - 2
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: Adding Server - "dc3.subdomain.domain.tld"
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: Adding Server - "dc1.subdomain.domain.tld"
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: subdomain.domain.tld - Finished checking servers for domain
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: DomainConfiguration reachabilityNotification - Node: subdomain.domain.tld - resolves - enabled
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: EstablishConnectionUsingReplica - Node subdomain.domain.tld - New connection requested
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: FindSuitableReplica - Node subdomain.domain.tld - Attempting Replica connect to dc3.subdomain.domain.tld.
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: watchReachability watching socket = 21, xxx.xxx.164.71 -> xxx.xxx.174.77
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: VerifiedServerConnection - Verified server connectivity - dc3.subdomain.domain.tld.
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: CheckWithSelect - good socket to host dc3.subdomain.domain.tld. from poll and verified LDAP
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: FindSuitableReplica - Node subdomain.domain.tld - Established connection to dc3.subdomain.domain.tld.
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: kadmEntry port is nil, will use default 464
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: populateKerberosToDomain - Bailing no domain cache for
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: Password verify for [email protected] succeeded - cache MEMORY:vyvyIt4
2011-02-09 12:13:47 EST - T\[0x0000000102481000\] - Active Directory: Switching active cache to MEMORY:vyvyIt4
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: Secure BIND Session Success with server dc3.subdomain.domain.tld.:389 using cache MEMORY:vyvyIt4 user [email protected]
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: Processing Site Search with found IP
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: No site name available
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: subdomain.domain.tld - Start checking servers for site "any"
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: Total Servers "any" LDAP - 2, Kerberos - 2, kPasswd - 2
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: Adding Server - "dc3.subdomain.domain.tld"
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: Adding Server - "dc1.subdomain.domain.tld"
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: subdomain.domain.tld - Finished checking servers for domain
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: Updating Mappings from inSchema.........
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: Updated schema for node name subdomain.domain.tld
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: Configuration naming context = cn=Partitions,CN=Configuration,DC=subdomain,DC=domain,DC=tld
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: Top domain set as <cn=subdomain,cn=partitions,cn=configuration,dc=subdomain,dc=domain,dc=tld>
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: Updating domain hierarchy cache
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: Updating policies from domain subdomain.domain.tld
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: Updated policies for node name subdomain.domain.tld
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: Bind Step 4 - Searching for existing computer
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: EstablishConnectionUsingReplica - Node subdomain.domain.tld - New connection requested
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: watchReachability watching socket = 18, xxx.xxx.164.71 -> xxx.xxx.174.77
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: VerifiedServerConnection - Verified server connectivity - dc3.subdomain.domain.tld.
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: establishConnectionUsingReplica - Node subdomain.domain.tld - Previous replica = dc3.subdomain.domain.tld. responded
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: kadmEntry port is nil, will use default 464
2011-02-09 12:13:48 EST - T\[0x0000000102481000\] - Active Directory: populateKerberosToDomain - Bailing no domain cache for
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Password verify for [email protected] succeeded - cache MEMORY:zXpbfEi
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Switching active cache to MEMORY:zXpbfEi
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Secure BIND Session Success with server dc3.subdomain.domain.tld.:389 using cache MEMORY:zXpbfEi user [email protected]
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Doing Computer search for Ethernet address - 10:9a:dd:56:1b:1d
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Bind Step 4 - no mapping for Ethernet MAC address
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Doing DN search for account - machinename
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: stopWatching socket = 21, xxx.xxx.164.71 -> xxx.xxx.174.77
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: LDAP connection closed - dc3.subdomain.domain.tld.:389 - cache MEMORY:vyvyIt4 user [email protected]
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Destroying cache name MEMORY:vyvyIt4 user [email protected]
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Closing All Connections
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: stopWatching socket = 18, xxx.xxx.164.71 -> xxx.xxx.174.77
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: LDAP connection closed - dc3.subdomain.domain.tld.:389 - cache MEMORY:zXpbfEi user [email protected]
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Destroying cache name MEMORY:zXpbfEi user [email protected]
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Bind Step 5 - Bind/Join computer to domain
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: EstablishConnectionUsingReplica - Node subdomain.domain.tld - New connection requested
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: watchReachability watching socket = 18, xxx.xxx.164.71 -> xxx.xxx.174.77
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: VerifiedServerConnection - Verified server connectivity - dc3.subdomain.domain.tld.
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: establishConnectionUsingReplica - Node subdomain.domain.tld - Previous replica = dc3.subdomain.domain.tld. responded
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: kadmEntry port is nil, will use default 464
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: populateKerberosToDomain - Bailing no domain cache for
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Password verify for [email protected] succeeded - cache MEMORY:10xG6op
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Switching active cache to MEMORY:10xG6op
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Secure BIND Session Success with server dc3.subdomain.domain.tld.:389 using cache MEMORY:10xG6op user [email protected]
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Looking for existing Record of machinename
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Doing DN search for account - machinename
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: EstablishConnectionUsingReplica - Node subdomain.domain.tld - New connection requested
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: watchReachability watching socket = 21, xxx.xxx.164.71 -> xxx.xxx.174.77
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: VerifiedServerConnection - Verified server connectivity - dc3.subdomain.domain.tld.
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: establishConnectionUsingReplica - Node subdomain.domain.tld - Previous replica = dc3.subdomain.domain.tld. responded
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: kadmEntry port is nil, will use default 464
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: populateKerberosToDomain - Bailing no domain cache for
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Switching active cache to MEMORY:10xG6op
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Secure BIND Session Success with server dc3.subdomain.domain.tld.:389 using cache MEMORY:10xG6op user [email protected]
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: KerberosID Found for account CN=MACHINENAME,CN=Computers,DC=subdomain,DC=domain,DC=tld - MACHINENAME$
2011-02-09 12:13:49 EST - T\[0x0000000102481000\] - Active Directory: Existing record found @ CN=MACHINENAME,CN=Computers,DC=subdomain,DC=domain,DC=tld with [email protected].
2011-02-09 12:13:50 EST - T\[0x0000000102481000\] - Active Directory: Setting Computer Password FAILED for existing record......
2011-02-09 12:13:50 EST - T\[0x0000000102481000\] - Active Directory: Computer password change date is 2011-02-04 18:21:01 -0500
2011-02-09 12:13:50 EST - T\[0x0000000102481000\] - Active Directory: Schtldled computer password change every 1209600 seconds - starting 2011-02-09 12:13:50 -0500
2011-02-09 12:13:50 EST - T\[0x0000000102481000\] - Active Directory: Closing All Connections
2011-02-09 12:13:50 EST - T\[0x0000000102481000\] - Active Directory: stopWatching socket = 21, xxx.xxx.164.71 -> xxx.xxx.174.77
2011-02-09 12:13:50 EST - T\[0x0000000102481000\] - Active Directory: LDAP connection closed - dc3.subdomain.domain.tld.:389 - cache MEMORY:10xG6op user [email protected]
2011-02-09 12:13:50 EST - T\[0x0000000102481000\] - Active Directory: stopWatching socket = 18, xxx.xxx.164.71 -> xxx.xxx.174.77
2011-02-09 12:13:50 EST - T\[0x0000000102481000\] - Active Directory: LDAP connection closed - dc3.subdomain.domain.tld.:389 - cache MEMORY:10xG6op user [email protected]
2011-02-09 12:13:50 EST - T\[0x0000000102481000\] - Active Directory: Destroying cache name MEMORY:10xG6op user [email protected]
2011-02-09 12:13:50 EST - T\[0x00000001026AA000\] - Active Directory: Failed to changed computer password in Active Directory domain
2011-02-09 12:13:50 EST - T\[0x0000000102481000\] - Active Directory: copyNodeInfo called for /Active Directory
2011-02-09 12:13:51 EST - T\[0x0000000102481000\] - Active Directory: copyNodeInfo called for /Active Directory
Message was edited by: aelana -
Alternative of UUP, Using OVD repository (Through LDAP configuration)
Hi All,
if any body no the alternative approach of weblogic portal UUP . please help me .
MY requirement is using oracle virtual directory(OVD) repository (Through LDAP configuration)
i did ovd configuration to my weblogic server security relam . and in protal side , i have written one class to access data from we ldap and set it on .usr file .
and i am getting user profile from weblogic portal console and in my result jsp also i am displaying .
but when i am fetching group information . i am getting error .
if any body know the solution please help .
best regards
sanjay
Edited by: user1006007 on Jan 5, 2011 4:34 AM"cn=webi" is this the distinguished name for the LDAP account?
also try using the IP instead of hostname
and if you CMS is using oracle try to use 10.2.0.2 or earlier driver.
Regards,
Tim -
JNDI, Active Directory and Persistent Searches (part 2)
The original post of this title which was located at http://forum.java.sun.com/thread.jspa?threadID=578342&tstart=200 subsequently disappeared into the ether (as with many other posts).
By request I am reposting the sample code which demonstrates receiving notifications of object changes on the Active Directory.
Further information on both the Active Directory and dirsynch and ldap notification mechanisms can be found at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ad/ad/overview_of_change_tracking_techniques.asp
* ldapnotify.java
* December 2004
* Sample JNDI application that uses AD LDAP Notification Control.
import java.util.Hashtable;
import java.util.Enumeration;
import javax.naming.*;
import javax.naming.ldap.*;
import com.sun.jndi.ldap.ctl.*;
import javax.naming.directory.*;
class NotifyControl implements Control {
public byte[] getEncodedValue() {
return new byte[] {};
public String getID() {
return "1.2.840.113556.1.4.528";
public boolean isCritical() {
return true;
class ldapnotify {
public static void main(String[] args) {
Hashtable env = new Hashtable();
String adminName = "CN=Administrator,CN=Users,DC=antipodes,DC=com";
String adminPassword = "XXXXXXXX";
String ldapURL = "ldap://mydc.antipodes.com:389";
String searchBase = "DC=antipodes,DC=com";
//For persistent search can only use objectClass=*
String searchFilter = "(objectClass=*)";
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
//set security credentials, note using simple cleartext authentication
env.put(Context.SECURITY_AUTHENTICATION,"simple");
env.put(Context.SECURITY_PRINCIPAL,adminName);
env.put(Context.SECURITY_CREDENTIALS,adminPassword);
//connect to my domain controller
env.put(Context.PROVIDER_URL,ldapURL);
try {
//bind to the domain controller
LdapContext ctx = new InitialLdapContext(env,null);
// Create the search controls
SearchControls searchCtls = new SearchControls();
//Specify the attributes to return
String returnedAtts[] = null;
searchCtls.setReturningAttributes(returnedAtts);
//Specify the search scope
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
//Specifiy the search time limit, in this case unlimited
searchCtls.setTimeLimit(0);
//Request the LDAP Persistent Search control
Control[] rqstCtls = new Control[]{new NotifyControl()};
ctx.setRequestControls(rqstCtls);
//Now perform the search
NamingEnumeration answer = ctx.search(searchBase,searchFilter,searchCtls);
SearchResult sr;
Attributes attrs;
//Continue waiting for changes....forever
while(true) {
System.out.println("Waiting for changes..., press Ctrl C to exit");
sr = (SearchResult)answer.next();
System.out.println(">>>" + sr.getName());
//Print out the modified attributes
//instanceType and objectGUID are always returned
attrs = sr.getAttributes();
if (attrs != null) {
try {
for (NamingEnumeration ae = attrs.getAll();ae.hasMore();) {
Attribute attr = (Attribute)ae.next();
System.out.println("Attribute: " + attr.getID());
for (NamingEnumeration e = attr.getAll();e.hasMore();System.out.println(" " + e.next().toString()));
catch (NullPointerException e) {
System.err.println("Problem listing attributes: " + e);
catch (NamingException e) {
System.err.println("LDAP Notifications failure. " + e);
}Hi Steven
How can I detect what change was made ? Is there an attribute that tell us ?
Thanks
MHM -
Adding a user in Active Directory
Hi fellows,
I am having a serious problem in creating a new user in active directory. i am using LDAP JNDI code. I can delete and update users attributes, but fail to create users.
ctx.createSubcontext("newuser,full domain", attributes);
when i specify a new user in "newuser" it gives exception invalidnameexception. I don't understand how to create a new entry within the directory structure of predefined tree. by the way, i can create users by active directory explorer but java application is giving exceptions.
Any help will be highly appreciated.A DistinguishedName is of the form e.g. "cn=username, ou=Users,dc=hostname,dc=com". In other words it contains attribute names and values for each name component. Evidently your DN doesn't do that.
Maybe you are looking for
-
How do I use my iPhone 4 as an iPod?
I got an iphone 4 for my birthday but dont want to activate it because i have another phone which I use. I am trying to setup the phone so I can use it as an ipod but in one of the steps after I connect it to my wifi it says SIM Required Please inse
-
How do we remove a navigation item in the nav links area?
As you can see there are three links all pointing to the same location "Home" What I would like to do is remove #3 red circle that way my page doesn't blow out to the right... if it is possible I would like to remove #2 also.... Is there a way t
-
Mobile safari and Iframe within widget
If a site is fully supported in mobile safari on the ipad, will it be fully supported via as an iframe in the ibook? I thought the two were one in the same. I have a situation where I have an html 5 site called within an iframe of a widget and it doe
-
I'm using the SQL Developer Data Modeler, and when trying to save my work with "Save as" or "Save" (I've tried both) the program hangs. Has this happened to anyone? What is the workaround? This never happened to me with the Early-Adapter version. Tha
-
Smart print, latest version of IE 11 and Windows 7 - 64 bit.
I am running IE 11 and just installed Smart Print. I did not install the Bing tool bar becauseI saw a year old post stating that it is not needed. I am running Windows 7 - 64 bit A SmartPrint icon appeared on a tool bar -- same one as Home, print,