AD as Portal's default authentication instead of OID

Can we use Microsoft Active Directory as Oracle Portal's default authentication instead of Oracle Internet Directory?
Thanks

Yes absolutely. You need to configure "external authentication" plug-in to do that.
http://www.dailydba.com/2008/09/oracle-e-business-suite-login.html
Kindly look at the above architecture diagram.

Similar Messages

  • Use of active directory userid/password authentication instead of SAP R/3 User/Password for digital signature?

    Dear all,
    I am looking to setup the use of active directory userid/password authentication instead of SAP R/3 User/Password for digital signature. We SSO to the backened ABAP AS via an SAP NW Portal to which SPNEgo kerberos authentication is setup. Today we specify R3 user id/password to digitally approvae a lot release. The idea is to have users maintain one AD password and don't have to remember the R/3 password anymore and also our Security team to avoid password maintenance.
    I know there are 3 options for digital signature and
    System signature with authorization by user ID and password (We use this currently)
    Digital User signature with verification - (We would like to use this with AD userid/password, so the system still ask the users their AD userid/password for the authentication when they try to "sign" a document.)
    User signature without verification
    Do you think there is a way to configure the system in order to ask and check the active directory userid/password instead of SAP R/3 password? Where can I found documentation about it ?
    I have several different versions of AS ABAP starting from NW 7.02 to NW 7.31.
    My active directory is based on Windows 2008.
    Thanks in advance!!
    Dhee

    Actually enabling Kerberos for SSO purposes and enabling Kerberos for digital signatures are two different topics although the latter is because of the former. I'm interested in the topic as well and I'm currently looking at different options. SAP provides a BAdI for the digital signature API which can be used for external authentication but they do not provide the solution to invoke Kerberos authentication based on username and password. SAP provides a semi solution with NWSSO 2.0 SP2 which works only on Windows with classic dynpros meaning SAP GUI for Windows is assumed. The solution is based on an ActiveX component which does the actual Kerberos authentication using the Secure Login Client which is part of the NWSSO suite. Extending that implementation to non-Windows and non-GUI applications would require some sort of web enabled service that could be used to authenticate the user with username and password. In case authentication is successful, a Kerberos token would be returned to SAP which would then be validated. All the required pieces are there since SAP has Kerberos support now in both stacks of the NetWeaver Application Server, some bits are still missing though which leaves customers looking at 3rd party or custom solutions.

  • Mycurrent portal template defaults the view of approval preview to Graphic.

    Hi Gurus,
    My current portal template defaults the view of approval preview to Graphic in SRM ,but We would like to change this so the default view is table instead.
    Is there any possible way that we can do it easily, first of all how feasible it is?
    Can any one suggest me the process to follow up for this.
    Best Regards,
    Sairam.

    Hi
    <b>Please check Notes</b>
    <u>Note 1077956 - Follow-on document display: Tabular displ instead of applet
    Note  1028482 - Approval preview: Tabular display instead of Applet</u>
    <u><i>Approval preview in SRM in table form by default...</i></u>
    <b>Please look in SRM - SPRO Settings -></b>
    <u>Here is the path -></u>
    <u>SRM Server -> Cross-Application Basic Settings -> SAP Business Workflow -> Activate Signed Java Applet for Approval Preview and Documents</u>
    Deactivate java applet approval preview
    <u>Also, please see the SAP Consulting OSS Notes, which talks about the same problem -></u>
    Note 1077956 - Follow-on document display: Tabular displ instead of applet
    Note 1028482 - Approval preview: Tabular display instead of applet
    Deactivate java applet approval preview
    <b>Hope this will definitely help. Do let me know.</b>
    Regards
    - Atul

  • Current portal template defaults the view of approval preview to Graphic

    Hi Gurus,
    My current portal template defaults the view of approval preview to Graphicin SRM ,but We would like to change this so the default view is table instead.
    Is there any possible way that we can do it easily, first of all how feasible it is?
    Can any one suggest me the process to follow up for this.
    Best Regards,
    Sairam.

    There are similar questions in this Forum.
    <a href="https://forums.sdn.sap.com/click.jspa?searchID=6840557&messageID=4313831">https://forums.sdn.sap.com/click.jspa?searchID=6840557&messageID=4313831</a>
    Regards,
    Masa

  • Multibyte users are not able to authenticate using Default Authenticator

    Hi,
    We are facing an issue with multi-byte user authentication. All chinese and french users are not able to authenticate.
    When we try to authenticate with réseau/welcome1, where réseau is a user created in embedded LDAP, authentication fails.
    Security log generated is-
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <com.bea.common.security.internal.service.CallbackHandlerWrapper.handle got username from callbacks[0], UserName=rseau>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <LDAP Atn Login username: rseau>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <getConnection return conn:LDAPConnection { ldapVersion:2 bindDN:""}>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <authenticate user:rseau>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <getDNForUser search("ou=people,ou=myrealm,dc=base_domain", "(&(uid=rseau)(objectclass=person))", base DN & below)>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <getDNForUser search("ou=people,ou=myrealm,dc=base_domain", "(&(uid=rseau)(objectclass=person))", base DN & below)>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <returnConnection conn:LDAPConnection { ldapVersion:2 bindDN:""}>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <[Security:090302]Authentication Failed: User rseau denied>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.commit>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <LDAP Atn Abort>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.commit delegated, returning false>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.authenticate authenticate failed for user rseau>
    We are using WebLogic Server 10.3 Default Authenticator as Authentication Provider.
    I found few change requests related to multi-byte from the link: http://edocs.bea.com/wls/docs103/issues/known_resolved.html
    Am I missing some configuration? Has anyone else tried authenticate multibyte username?
    Thanks,
    Anuj

    Can you provide more information on the use case?
    1. Is this using Basic or Form authentication?
    2. If the user logs on from a web-based client, do you get the same failure with Internet Explorer as with other browsers?
    3. On which operating system is the WebLogic AdminServer running?
    With WebLogic Server 10.3, I am able to authenticate with multi-byte (French and Japanese) usernames. (My environment: form auth, Firefox 3.0.5, WLS runs on Linux RHEL 4.0.)

  • How to get rid of 802.1x 'Default Authentication'?

    Hi All,
    Everytime I close my MBP's lid, put it to sleep, or simply turn it on...  My wifi is no longer connected.
    this all started ever since I decided to 'Turn Off Wifi' the very first time since I got my MBP this year 2011, in June.
    Whenever I do any of the above (put MBP to sleep etc) then get back to working.. My Safari says I'm not connected to the internet.
    And I see my Wifi signal "blinking" and trying to connect. So I go to my Network preferences and see this:
    There's that '802.1X: Default Authenticating' that appears below my wireless network's name..
    After which i have to Disconnect from twice - 1 time, before it tries to "authenticate" again.. and then a 2nd time.. and then it stops completely,
    Then i have to proceed to click and choose my network again and re-enter my password just to get the Airport/Wifi working again..
    Someone please give me a solution to get my Wifi to automatically connect whenever I switch on my MBP - and to get rid of this annoying 802.1X which does nothing and just continues to try and "authenticate" with no result.
    It would be very very much appreciated! Thank You!
    PS. I did read somewhere online about 802.11g newer wirelss network cards and how they may have issues with an 802.1x network etc..
    Don't really understand it though. Please explain if you could. Cheers 

    Realized that OSX Lion as re-prioritized my Wi-Fi to the bottom of the list.
    What I had to do was place it in first priority again in Network settings.
    Quite a disappointment from OSX Lion since in OS Snow Leopard that was the default setting - and certainly a hassle for newbie Mac users like myself who may be clueless when faced with these "issues"
    Also attached above is the picture that for some strange reason disappeared in the original post..

  • Change the Default Authentication back to secLDAP after SAP kit 3.1 Install

    My client would like to switch the default authentication back to secLDAP after the installation of the SAP kit. What steps do we need to take to make this happen on Unix/Weblogic 9.2? Typically it is a simple chane in the Web.xml, but we are having trouble finding the correct one to make the change to.
    Thanks

    Here are the steps followed for unix Based WebLogic 9.2:
    Make changes to web.xml in: /business_objects_directory/bobje/enterprise120/warfiles/WebApps/InfoViewApp/WEB-INF/web.xml
        <!-- You can specify the default Authentication types here -->
        <!-- secEnterprise, secLDAP, secWinAD, secSAPR3 -->
        <context-param>
            <param-name>authentication.default</param-name>
            <param-value>secLDAP</param-value> --Changed to secLDAP from secSAPR3
        </context-param>
        <!-- Set to true to enable other single sign on. -->
        <context-param>
            <param-name>sso.enabled</param-name>
            <param-value>false</param-value> --changed to false, since we are not using single sign on
        </context-param>
    Navigate to : business_objects_directory/bobje/enterprise120/java/applications
    Run command: business_objects_directory/bobje/jdk/bin/jar cf InfoViewApp.war -C business_objects_directory/bobje/enterprise120/warfiles/WebApps/InfoViewApp .
    Navigate to: business_objects_directory/deployment
    run command: ./wdeploy.sh  weblogic9 -DAPP=InfoViewApp -Das_admin_password="password" -Dlanglist="en" deploy
    Weblogics did not require a restart for the change to take effect. The wdeploy Weblogic9 configuration file also needs to be configured per the documentation.
    I hope this helps someone.

  • Iphone mail (ios6) replies from default account instead of alias recipient

    Hi.
    Since upgrading to ios6, iphone mail replies from my default account instead of the alias address that the email was originally sent to.
    Prior to this upgrade, iphone mail would reply to the address that the email was sent to.
    All alias addresses are present, and i can change teh sent from address to the alias manually.
    If i reply to the same email from icloud.com, the email is sent from the alias address it was sent to, not the default account.
    I tried turning mail off and back on, but the problem remains.
    Please let me know if there is a new setting i have to look for, or if anyone else has solved this problem.
    Thanks.

    I have a similar problem, and was about to start a discussion on it when I saw your post.  I'm assuming that you're using iCloud, like me.
    Things changed in iOS 6 regarding Mail settings, but I still think the behaviour you and I are seeing should be considered a bug.  Under Settings > Mail, Contacts, Calendars > iCloud > Account > Mail, you should see that there's a new setting that allows you to:
    Choose a default address to use when sending from your iCloud account.
    To confirm that you and I are experiencing the same problem, can I ask you to confirm that the default address chosen here is the default address that is being erroneously used as the "From:" address when replying to emails sent to aliases? If it is, you should probably make doubly sure that this setting is the cause of the behaviour you're seeing by changing it to one of the aliases you've created, and seeing whether this becomes the "From:" address for new replies.
    Please post back with the results of this, and we can go from there.  If you're seeing this behaviour too I think I'll report it as a bug to Apple.

  • Save as / Open -- System : portal by default

    Dear ALL
    When we "save as" a BW  report from the portal, by default the favorite is save on the portal.
    However, when we click on "Open" to access this favorite, by default the system is not set to portal.
    It is set to the BW server, so end user have to select manually the portal to display their favorites.
    Is there a possibility to set the Open view to the portal by default ?
    Thanks & Regards
    Jonquille

    Hello
    Any help on this subject ?
    Regards
    Jonquille

  • WLS Default Authenticator not working

    Hi, I have two authenticators setup in WLS, one LDAP and the other the Default authenticator. LDAP users can log in correctly. If I create a new standalone user with the default authenticator though, they cannot log in (error: authentication denied). This is with reference to loggin into obi 11g. Presently, LDAP authenticator is set to sufficient. Default authenticator is set to Optional. In the ordered list, LDAP provider is first and the Default provider is second. The LDAP system user is also part of the global admin role. Is there something I am missing with regard to the Dafult provider?

    Yes, the user was assigned several groups in the security realm. Although now playing with the roles, the error changes to 'User was authenticated but could not be located within the identity store'. Any ideas?

  • Portal runtime default language

    Hello,
    I am trying to set the default portal runtime to French.
    In the System Administration - System Configuration - Service Configuration - Portal Runtime - Central Configuration, I set these properties as followed:
    request.defaultcountry=ca
    request.defaultlanguage=fr
    After a restart of the portal, the portal is still displayed in English. Note that I don't have any language selected in my portal user profile. And in Internet Explorer, I also have no language selected (under Internet Options).
    Am I missing anything ?
    Regards,
    The-Hung Nguyen

    Hi The-Hung,
    check prtDefault.properties as described [here|How to set Portal to default language English, independend from SU01; and see if following settings are made:
    request.defaultlanguage=en
    request.defaultcountry=us
    If yes, you need to remove "en" and "us" so that the localization works as you want.
    Hope this helps,
    Robert
    PS: You can also check this link for more information about the locale lookup order:
    http://help.sap.com/saphelp_nw70/helpdata/EN/42/938297a5061d69e10000000a1553f6/frameset.htm

  • To change the default date format of OID

    Hello Gurus,
    Any idea on how to change the default date format of OID?
    The default date format of OID is something like "yyyy-mm-dd hh:mm:ss .0-0700" I want to change it to "yyyymmddhhmmss.0-0800".
    Is there any system property to do the same.
    I have provisioned users from OIM to OID.
    Any ideas/clues/hints on this.
    TIA,
    - oidm.

    nobody? ?

  • Portal Kerberos based authentication

    Hello,
    After I configure kerberos based authentication with spneg, i still have the prompt to enter user & password instead off sso directly to the portal.
    Any ideas ?
    Thanks

    Hello Geko.
    Use a diagnostic tool for troubleshooting, refer to Notes [957707|https://service.sap.com/sap/support/notes/957707] and [1257108 - Collective Note: Analyzing issues with Single Sign On (SSO)  |https://service.sap.com/sap/support/notes/1257108].
    There are a few Blogs, Wiki Pages and forum topics regarding troubleshooting issues with SPnego.
    Best regards,
    Aliaksandr Zhukau

  • How to Get My Dashboard as Default Page Instead of Home Page in OBIEE 11G?

    Hello Gurus,
    I have one requirement where i need to change default page to "My Dashboard" like what we had in OBIEE 10G ?
    Rite-now in OBIEE 11G when any user logs in they are directed to "Home" Page, but i want to change the navigation to "My Dashboard" for all user..
    I know the option to in My Account and Change the Default dashboard in Preferences , but it's manual way to do it for all end-users.
    and the other is to create the PORTALPATH Variable and do it from RPD.
    So I am looking to some other way there we can change the navigation path from system file itself...
    Thanking You..

    Hello David,
    Thanks for reply.
    Actually I am just concern abt the OBIEE Dashboard page, the link that u have mentioned is for Application Server, where we can manage the multiple Application Portals.
    and it also doesn't come with Middleware that we are installing for OBIEE.
    so i did get some useful information but not related to my question.
    is there any place in EM(Enterprise Manager) or Console(Admin Console) from where we can manage the Default Portal for OBIEE Users?
    Thanking You..

  • ISE 1.2 sponsor portal - disabling default languages

    Hi,
    We are implementing Cisco ISE 1.2 and have a question on the sponsor portal languages.
    The client company's official language is English and so we would like to disable all other languages from the sponsor portal. If we don't do it, the users might select their native language (on the sponsor settings and/or the guest notification language) meaning that we have to customize and maintain all 15 language templates.
    It has alread happened during the tests: a sponsor created a guest account and choose a notification language other than English - the SMS was not sent because the "Destination" on the "SMS text message notification" default value is "[email protected]".
    Thanks in advance.
    Regards,
    Telmo Oliveira

    Hi all,
    This reply to myself is done for documentation proposes, it can help someone with the same challenge.
    Today I was at an event at Cisco where ISE 1.3 beta was presented. This version will have already the option to choose between browser locale or static language template. Talking to the Cisco eng. responsible for the presentation, he told me that 1.2 had no way to do it.
    Cisco ISE 1.3 is now planned to be release end of 2014.
    Regards,
    Telmo Oliveira

Maybe you are looking for

  • How to read and write a string into a txt.file

    Hi, I am now using BEA Workshop for Weblogic Platform version10. I am using J2EE is my programming language. The problem I encounter is as the above title; how to read and write a string into a txt.file with a specific root directory? Do you have any

  • Script in template using SOAP: Works in designer preview, not in rendering from LC Output

    I did a script in a livecycle ES2 Template in the event layout::ready. It call a web service using the SOAP method to get a base64 image from another server. The code is (the service called is fake, but it is not the problem): var sOptions = ""; var

  • Printers defaulting to red

    I have 3 separate printers on 3 different macs and I have noticed a bug. When I print via USB, the colors are accurate. When I print the same file (via sharing) on the same printer it prints the entire document in red ink. This is repeatable and occu

  • Can't download RAW images from A7 II

    I just got an A7II and can't get RAW images to download to my Mac through the Data Image Converter. If I shoot Raw+JPEG the JPEG will download but the RAW does not. If try to download RAW images I get the message "No images on the memory card meet th

  • ADF Faces - filtering a selectOneChoice after select from another

    Hi, I'm new to ADF faces and I've been experimenting with developing applications using Jdeveloper 10.1.3 and ADF faces. I've run into a little problem. I have two selectOnceChoice fields on a page (division and dept.) When user selects a Division I