Active Directory SSO Sharepoint with External sources

Similar Messages

• Active Directory, SSO, Integrated Windows Authentication

  Hi,
  I have to setup a NW BPM environment using Windows/Active Directory SSO.
  In the desired scenario, I would use UME to create BPM specific roles and/or groups and then I would associate:
  - specific AD users to UME groups or roles, and/or
  - associate AD groups to UME groups or roles.
  Is it possible? I would really appreciate any directions/hints on how to do that.
  Thanks in advance,
  Ricardo Giacomin

  It is possible you have the xml configuration file in the administration of ume and  you need to edit that one in order to link it to your AD. if you're using LDAPs to connect you will also have to load the certificates in NWA before the first connection.

• Can Active Directory be used with SmartView?

  Hi,
  I wanted to know if Active Directory be used with SmartView or is it essential to have Native Directory? We are using Active Directory for all user/group creation and Shared Services for provisioning. However, we are unable to provide access to SmartView using AD.
  We are seriously looking for a workaround here and I would appreciate any insight on the same. Please let me know how? This would be greatly helpful. Thanks.

  There is nothing special to get SmartView to authenticate with Active Directory.
  SmartView will be using Shared Services to authenticate. Shared Services must be configured to communicate with Active Directory and your user id's in Native Directory and Active Directory should be different. If for instance you had two user names that were the same, it will prefer one directory over the other depending on your configuration.
  Regards,
  -John

• Regarding Making DB Connect Delta Capable with external Sources

  Hi Everyone!
  Although as standard DB Connect does not support Delta, this much I have understood.  Lately I came across an article from Shreekant Shiralkar and Bharat Patel, BW System Managers, Bharat Petroleum, India in an old BW Expert Article...  I have understood that this is from BW 3.0 upwards.  Can this be applied to BI 7.0?  The Title of the article is "Make DB Connect Delta Capable with External Sources"
  Chetan?  Edwin? Olivier?  Anil? Sandeep?  Moderators?
  Regards,
  Philips

  Hi Philips,
  I didn't read this article but I'll expose what we have implemented here.
  All data coming from non SAP systems are loaded into what I named a "pre staging" database (PSDB) prior extracted to BW. This PSDB is nothing else than a simple, cheap, easy to manage MSSQL server 2000.
  Our BW has this PSDB system declared as DBConnect source system.
  In few words, we do data cleansing, preparation, formatting in this PSDB when any non SAP data shall be loaded in SAP BW. In addition, we use this machine to perform any R/3 datamigration required for new Rollouts.
  Coming back to the delta handling: we don't handle deltas with this DBConnect source system because SAP BW doesn't consider it as delta capable natively.
  We develop function modules extractors having the MyBW as source system. MyBW then "think" it is a SAP delta capable source system and we can then setup our MyBW DataSources with any kind of delta type by changing manually the core table ROOSOURCE.
  The extractor itself does many things because all structures are handled dynamically and some part of the extractor coding itself is generated on the fly.
  The extractor also creates temporary stored procedure directly in the PSDB so that only deltas are delivered to BW.
  The core of the extractor, I think everyone would agree, is the OPEN CURSOR statement. The OPEN CURSOR in our case is simply done within an EXEC SQL having our PSDB connection open.
  I could discuss this approach at length but we are now running this for more than 3 years (of course a certain effort has been done initially) to our full satisfaction.
  I am now finalizing the next "generation": having the PSDB server posting itself, deltas to the MyBW TRFC queue, emulating some how a LO/LIS DataSource.
  hope this shed light (at leas mine...)
  Olivier.

• BOBJ SAP Integration with Active Directory SSO via Portal

  Hi all,
  We are only interating BOBJ with BW/BI and the user experience is as follows:
  Users login to the SAP Portal using their Windows Active Directory user id and password to gain access to the portal.
  From my understanding at the moment, the way the interation kit works is that the BOBJ system is configured as per the manual importing the SAP roles and SAP users who will access the Crystal reports via either GUI or Portal.
  My question is: When creating a Crystal report is created, the connection details use SAP login credentials and in the CMC the SSO option can be set so that the SAP user who has logged onto GUI or Portal can launch the report... this is fine and works as intended taken that the user logged on with his/her SAP login. As per the user experience above, users log in using their AD Login into Portal, and never use GUI, where this in theory is SSO into Portal. So how does one get past the login screens (BOBJ and database) while preserving AD SSO to SAP and BOBJ?
  Any guidance, documents or comments will be much appreciated.
  Thanks
  Jacques

  HI,
  yes it is possible:
  take a look at the blogs I did on the install and configuration (specially the SAP Authentication):
  BusinessObjects and SAP - Installation and Configuration Part 1 of 4
  Install Part #1
  BusinessObjects and SAP - Installation and Configuration Part 2 of 4
  Install Part #2
  BusinessObjects and SAP - Installation and Configuration Part 3 of 4
  Install Part #3
  BusinessObjects and SAP - Installation and Configuration Part 4 of 4
  Install Part #4
  BusinessObjects and SAP - Configure SAP Authentication
  SAP Authentication
  Important here is that:
  - the BI System is configured to accept tickets
  - the portal and BI system are configured as trusted system
  - the SAP authentication is configured
  Ingo

• Active directory integration SharePoint Project server 2013

  Hello all, Looking for a definitive answer.  Our environment runs in Active Directory 2003. We are looking into upgrading our Sharepoint and Project Server from 2007 to 2013.  Is it a true statement that SharePoint 2013 will not run in a 2003
  Active Directory environment. 

  AD 2003 with SP2 is supported
  Cheers, Badal

• Active Directory domain migration with Exchange 2010, System Center 2012 R2 and File Servers

  Greeting dear colleagues!
  I got a task to migrate existing Active Directory domain to a new froest and a brand new domain.
  I have a single domain with Forest/Domain level 2003 and two DC (2008 R2 and 2012 R2). My domain contains Exchange 2010 Organization, some System Center components (SCCM, SCOM, SCSM) and File Servers with mapped "My Documents" user folders. Domain
  has about 1500 users/computers.
  How do u think, is it realy possible to migrate such a domain to a new one with minimum downtime and user interruption? Maybe someone has already done something like that before? Please, write that here, i promise that i won't ask for instruction from you,
  maybe only some small questions :)
  Now I'm studying ADMT manual for sure.
  Thanks in advance, 
  Dmitriy Titov
  С уважением, Дмитрий Титов

  Hi Dmitriy,
  I got a task to migrate existing Active Directory domain to a new froest and a brand new domain.
  How do u think, is it realy possible to migrate such a domain to a new one with minimum downtime and user interruption?
  As far as I know, during inter-forest migration, user and group objects are cloned rather than migrated, which means they can still access resources in the source forest, they can even access resources after the migration is completed. You can ask users
  to switch domain as soon as the new domain is ready.
  Therefore, there shouldn’t be a huge downtime/interruption.
  More information for you:
  ADMT Guide: Migrating and Restructuring Active Directory Domains
  https://technet.microsoft.com/en-us/library/cc974332(v=ws.10).aspx
  Best Regards,
  Amy
  Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]

• Create a User account in active directory from SharePoint online 2013 list data

  Hello,
  I am trying to create a SharePoint list through which i can create a user account into active directory, 
  1 - HR is sending the detail in the email body to a Specific email address  ([email protected]) like below..
  First Name: XYZ
  Last Name: ABC
  Address: ABC 123
  Designation: Analyst
  Employee ID: 10492
  and so on 
  2 - I need to pickup every new email data of the above section into sharepoint list (in Column)
  First Name        Last Name       Address         Designation   Employee ID   
  3 - I want to create a event receiver through which i can go ahead and find the new data in the list and then create a user in the active directory,
  I tried very hard and since i dont have much experience in coding part,  any help will be highly appreciated
  Thank you 
  Aman 

  1- Configure Incoming Email Setting at your SharePoint Farm -
  https://technet.microsoft.com/en-us/library/cc262947.aspx
  http://blogs.technet.com/b/harmeetw/archive/2012/12/29/sharepoint-2013-configure-incoming-emails-with-exchange-server-2013.aspx
  2- Configure your Sharepoint List Incoming e-mail settings for [email protected] - ListSetting-Communications->Incoming e-mail settings. -
  https://support.office.com/en-in/article/Enable-and-configure-e-mail-support-for-a-list-or-library-dcaf44a0-1d9b-451a-84c7-6c52e7db908e
  3- Write an Incoming Email Receiver , and Add you Email Body Parsing Code (retrive value of fields , firstname , lastname etc) in
  EmailReceived() method. also add the code for adding new user in Active Directory
  http://blogs.msdn.com/b/tejasr/archive/2010/03/06/event-handler-code-to-add-incoming-emails-with-subject-discussion-id-as-replies.aspx
  https://pholpar.wordpress.com/2010/01/13/creating-a-simple-email-receiver-for-a-document-library/
  4-  Active Directory Code Help -
  http://www.codeproject.com/Articles/18102/Howto-Almost-Everything-In-Active-Directory-via-C
  http://www.codeproject.com/Tips/534718/Add-User-to-Active-Directory
  Thanks
  Ganesh Jat [My Blog |
  LinkedIn | Twitter ]
  Please click 'Mark As Answer' if a post solves your problem or 'Vote As Helpful' if it was useful.

• 10.4.8 on Active Directory & connecting Xserve with Appletalk not SMB

  Hi
  I have bound my Tiger 10.4.8 desktop to Microsoft Active Directory for my company for security reasons.
  The issue I am having is that when I connect to Xserve with 10.3.9 server (which is running Windows and Appletalk sharing) is there anyway to automatically choose/mount Appletalk first rather than manually connecting with Go Server?
  I was thinking a Applescript that mounting the shares.
  Thanks in advance.

  I was thinking of a way that the appletalk on the Mac desktops connect to the Xserve server sharepoints.
  As I am linked into Microsoft Active Directory the users will mount all there appletalk sharepoint on our Xserve, without having to enter there user name and password but to use there active directory password to authticate login automatically.
  As this works if I connect by SMB no problem.
  If that makes sense?

• Future Request: Direct directory link / linking an 'External Source'

  Hi,
  When working with iTunes and my downloaded music, sometimes i dont want to add the music to my library because it can or will be deleted soon. (in search of an edit or the best quality)
  If iTunes is the standard audio player, it can automaticly add the songs to the lib, but thats not what a person always wants..
  therefor, for users that are downloading music and deleting a lot also...
  it would help very much if there could 'external source' link where iTunes looks to a certain directory!! (a download directory or so, recursive or not..)
  Just as Limewire uses the Digital Audio Access Protocol for sharing music in iTunes.. something in the same way would be great!
  It would help making iTunes the no.1 player for managing all kind of music the best way!!
  And it would help for playing all music on computer
  Can anyone agree with me?
  Regards,
  Rick Beemsterboer
  Amsterdam, Netherlands

  And i want to be able to play the music on my airport express!

• Is Lightroom supported in a Active Directory domain environment with multiple users logging into a machine?

  We are a school district using an Active Directory environment.  We currently use other Adobe products with multiple users on different machines and it works fine.  If Lightroom does work in a domain environment what are the required local user permissions needed for it tor work properly?  Thanks!

  Lightroom is not a multiuser program. It is required that the catalog is located on a hard drive that is local to the machine accessing it. There are no workarounds.

• The Active Directory cannot replicate with this server because the time since the last replication with this server has exceeded the tombstone lifetime.

  the solution what i got from this from is to Depromote and promote it again to DC, my question when i depromote, will the OU , object will remain as it is or it will be lost. And what precautions do i need to take?
  Adding to the above points, my Domain has only 2 DC, should both the DC be demoted and promoted

   Under NO curcumstances you demote both of your DCs. You must always have one or 2DCs running, otherwise you will loose your entire AD. Only 1 DC should be demoted. you should wait couple of hours prior to promoting it back to DC role again.
  Ideally your primary DC will continue maintaining the OUs, GPOs, and user accounts.
  I would suggest brining in a new, 3rd DC intro play, leave it for a day or 2 to replicate everything properly, confirm that its propagating properly with the primary DC, and only then demote and remove the offending DC.
  There are actually ways for recovering from tombstone lifetime much painlessly than DC demotion/promotion. Depending on what is your AD running on, Windows 2003 or 2012 R2 servers:
  here a few links that might help you understand how it works:
  Primary link :http://blogs.technet.com/b/askpfeplat/archive/2012/11/23/fixing-when-your-domain-traveled-back-in-time-the-great-system-time-rollback-to-the-year-2000.aspx
  http://community.spiceworks.com/topic/343609-ad-replication-can-t-because-exceeded-tombstone-life
  https://support.microsoft.com/en-us/kb/2020053?wa=wsignin1.0
  http://shebangme.blogspot.com/2011/01/active-directory-time-since-last.html

• OS X Server + Active Directory Authentication Issue with Wikis

  Hello,
  I recently purchased an Apple XServe with Snow Leopard installed. The purpose of this server is to enable students and teachers to create Wikis and Blogs.
  The majority of my environment is MS, with Active Directory as our LDAP provider.
  I have joined the server to my domain and can add domain accounts to the Wiki creation access list without issue, but whenever I try to login to the server's web interface with one of those accounts the login screen shakes and prompts for another set of credinitals.
  What am I doing wrong? Open Directory seems to be setup properly and has been kerberitized as it requested when I joined the box to the domain.
  Thank you all for your help,
  David
  Message was edited by: DHeath_WJCC

  please ask in the Snow leopard server forum
  http://discussions.apple.com/category.jspa?categoryID=96

• Active Directory integrated LION with offline Domain Controller

  Hi,
  I have some OS X Lion machine, and all of them joined into the Win2008 AD. There is no any issue when the Domain Controller is reahcable, but when it is not reahcable, or the machine is not in the same network as the DC, then I am not able to login with my AD user.
  In Windows the last credential is stored on the local machines. So if the machine is OFFLINE from the DC, then it is able to let the AD user to login.
  Is there any trick or option how I can implement it with my LION clients? Or there is no way to use AD user when the AD is not reachable?
  Thanks in advance!

  He actually didn't specify much about dynamic updates requirements for old domains, if they don't need secure dynamic updates then a primary zone would work:
  The DNS Server service allows dynamic update to be enabled or disabled on a per-zone basis at each server that is configured to load
  either a standard primary or directory-integrated zone.
  REF: Understanding Dynamic updates
  This post is provided AS IS with no warranties or guarantees, and confers no rights.
  ~~~
  Questo post non fornisce garanzie e non conferisce diritti

• How to power Camileo S20B with external source?

  Hi,
  According to a post on this forum I should be able to power the S20B using a USB power source by removing the battery.
  I have tried this and it does not work. I've removed the battery and connected the USB cable to a variety of USB power sources including laptops. The blue light comes on but the S20B does not power up.
  Any suggestions? I really need to be able to power the camera for longer than one battery charge.
  Thanks,

  I dont know if this will work. Have you checked users manuals document?
  I have tested it with my Camileo H30 and it cannot work with USB cable connected but without battery.
  This cable is for data transfer only.