AD LDAP for Authentication but ABAP or IDM for Role Assignments
Hi Portal Gurus,
Is it possible to configure the UME in such as way so that it connects to the AD for authentication purposes but uses the CUA or SAP Identity Manager for role assignments?
Thanks,
Vibhu
Hi,
Thanks for the suggestion. But ours was a different problem.
The issue was with a faulty reconciliation job that had been fixed. But it had done its damage before the fix and this caused the inconsistent behavior.
During the reconciliation job (to update changed and add new backend roles in IDM) various task trigger attributes get disabled and then re-enabled after the import. These disabled triggers did not get re-enabled for the privileges on some systems. And the reconciliation job was also delta enabled, so only new privileges, after the initial load, should have been impacted. But impact to many privileges -- all privileges of some target systems -- misled our investigation. The timing of the reconciliation job executions kind of added to the confusion and inconsistencies during the initial setup. But we finally tracked this down and wrote a custom job to fix the triggers for only the affected privileges. Assignments to all systems started to function successfully as expected.
Best regards,
Ashok
Similar Messages
-
WLC connect LDAP for Authentication, but could not connect to server
Hi Everyone, I got a problem when I use WLC 5508 connect to LDAP for authentication, but no luck there, it's a simple config, but not easy to work on my job, I got the following messgae:
Service Port - Not connected
Distrubution port include:
Management Interface - in AP Management VLAN - 30
Student AP interface - in Student VLAN - 20
Staff AP interface - in Staff VLAN - 10
AD is in Staff VLAN - 10
WLC LDAP Server setting
Base DN:OU=wws_ou,DC=ww,DC=yc,DC=com,DC=hk
User Attribute: sAMAccountName
User Object Type: Person
Debug aaa all enable message
*LDAP DB Task 1: Jul 09 01:40:58.969: ldapInitAndBind [1] called lcapi_init (rc = 0 - Success)
*LDAP DB Task 1: Jul 09 01:41:00.969: ldapInitAndBind [1] configured Method Anonymous lcapi_bind (rc = 1005 - LDAP bind failed)
*LDAP DB Task 1: Jul 09 01:41:00.969: ldapClose [1] called lcapi_close (rc = 0 - Success)
*LDAP DB Task 1: Jul 09 01:41:00.969: LDAP server 1 changed state to IDLE
*LDAP DB Task 1: Jul 09 01:41:00.969: LDAP server 1 changed state to RETRY
*LDAP DB Task 1: Jul 09 01:41:00.969: LDAP_OPT_REFERRALS = -1
WLC GUI Log:
*LDAP DB Task 1: Jul 09 02:56:13.045: %AAA-3-LDAP_CONNECT_SERVER_FAILED: ldap_db.c:1038 Could not connect to LDAP server 1, reason: 1005 (LDAP bind failed).
*LDAP DB Task 1: Jul 09 02:56:11.045: %AAA-3-LDAP_CONNECT_SERVER_FAILED: ldap_db.c:1038 Could not connect to LDAP server 1, reason: 1005 (LDAP bind failed).
*LDAP DB Task 1: Jul 09 02:56:09.045: %AAA-3-LDAP_CONNECT_SERVER_FAILED: ldap_db.c:1038 Could not connect to LDAP server 1, reason: 1005 (LDAP bind failed).
LDP Message of LDAP BaseDN:
Expanding base 'CN=Frankie F. Yeung,OU=wws_ou,DC=ww,DC=yc,DC=com,DC=hk'...
Result <0>: (null)
Matched DNs:
Getting 1 entries:
>> Dn: CN=Frankie F. Yeung,OU=wws_ou,DC=ww,DC=yc,DC=com,DC=hk
4> objectClass: top; person; organizationalPerson; user;
1> cn: Frankie F. Yeung;
1> sn: Yeung;
1> givenName: Frankie;
1> initials: F;
1> distinguishedName: CN=Frankie F. Yeung,OU=OU=wws_ou,DC=ww,DC=yc,DC=com,DC=hk;
1> instanceType: 0x4 = ( IT_WRITE );
1> whenCreated: 8/10/2011 10:28:14 China Standard Time China Standard Time;
1> whenChanged: 8/10/2011 10:31:26 China Standard Time China Standard Time;
1> displayName: Frankie F. Yeung;
1> uSNCreated: 3850555;
1> uSNChanged: 3850571;
1> name: Frankie F. Yeung;
1> objectGUID: 6ebfc7e9-6989-4f11-bae7-62c23af67edc;
1> userAccountControl: 0x10200 = ( UF_NORMAL_ACCOUNT | UF_DONT_EXPIRE_PASSWD );
1> badPwdCount: 0;
1> codePage: 0;
1> countryCode: 0;
1> badPasswordTime: 0;
1> lastLogoff: 0;
1> lastLogon: 0;
1> pwdLastSet: <ldp error <0x0>: cannot format time field;
1> primaryGroupID: 513;
1> objectSid: S-1-5-21-3867848445-1581729766-1247451615-2172;
1> accountExpires: <ldp error <0x0>: cannot format time field;
1> logonCount: 0;
1> sAMAccountName: fckyeung;
1> sAMAccountType: 805306368;
1> userPrincipalName: [email protected];
1> objectCategory: CN=Person,CN=Schema,CN=Configuration,OU=wws_ou,DC=ww,DC=yc,DC=com,DC=hk;
Hope I can resolve this problem ASAP, thanks!Your AD is in the Staff Vlan so maybe the WLC uses the Staff interface instead of management to contact the AD. I don't know how you sniffed exactly.
The comment about eap methods you saw is when you use LDAP with dot1x security. It is the same as saying "You cannot do peap-mschapv2 or eap-fast-mschpv2 with LDAP".
But you can do LDAP for web authentication, that has no eap methods.
Your original problem was a binding problem from the WLC, so we can expect that the WLC really is sending traffic towards AD. -
My new Dell PC running Windows 8 does not recognize my iPad or iPhone. Worked OK for iPhone for months but would not work for new iPad. I removed /relaoded iTunes and now it won't recognize either iPad or iPhone. Got any suggestions?
Hi there Lizabethfromaz,
You may find the troubleshooting steps in the article below helpful.
iOS: Device not recognized in iTunes for Windows
http://support.apple.com/kb/ts1538
-Griff W. -
I wanted to buy a Dragon ,Speech Recognition Programme for Mac but it says its for OS Lion, and I have OS Snow Leopard. Would it have worked on Snow Leopard?
The simplest method would be to ask them for their Snow Leopard version and say you can't upgrade to 10.7 or 10.8. I'm almost sure they will sell you a copy.
Generally if your machine can only upgrade to 10.7 Lion and not directly to 10.8 Mountain Lion, then it's best left on 10.6.8. in my opinion as your going to loose too much other software and slow down your machine in the process.
This rapid OS X upgrade cycle has caused plenty of problems for users and developers alike, so I suspect you will find a sympathizer with the developer.
In fact I'm not recommending Mac's to anyone anymore because Apple simply has lost touch with reality. -
I accidentally purchased Adobe Photoshop and Premiere Elements for Windows, but I need it for Mac. Please advise.
Return, cancel, or exchange an Adobe order
-
SMTP doesn't ask for authentication, but won't send
Hello,
I have a javaMail program that has worked in the past, but since then I have switched ISP's. The new ISP does not provide email service, but my mother still has an account with the old ISP, so I tried connecting to the old one using her username and password. The thing is the old ISP doesn't ask for authentication, I can connect and it says sender "ok" but then it just denies my email saying "relaying denied", invalid destination address. I used to be able to send emails with any sender and destination email addresses from this same smtp server when I had an account(from my computer). So I guess my question is it still possible for me to use this smtp server when I have authentication, but it doesn't ask for it?
here is debug code:
DEBUG: SMTPTransport trying to connect to host "smtp.paulbunyan.net", port 25
DEBUG SMTP RCVD: 220 ns9.PaulBunyan.net ESMTP server ready at Sat, 10 Aug 2002 1
4:47:53 -0500
DEBUG: SMTPTransport connected to host "smtp.paulbunyan.net", port: 25
DEBUG SMTP SENT: EHLO me
DEBUG SMTP RCVD: 250-ns9.PaulBunyan.net Hello c65.102.026.224.stc.mn.charter.com
[65.102.026.224], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE 10000000
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
DEBUG SMTP Found extension "ENHANCEDSTATUSCODES", arg ""
DEBUG SMTP Found extension "PIPELINING", arg ""
DEBUG SMTP Found extension "8BITMIME", arg ""
DEBUG SMTP Found extension "SIZE", arg "10000000"
DEBUG SMTP Found extension "DSN", arg ""
DEBUG SMTP Found extension "ETRN", arg ""
DEBUG SMTP Found extension "DELIVERBY", arg ""
DEBUG SMTP Found extension "HELP", arg ""
DEBUG SMTP: use8bit false
DEBUG SMTP SENT: MAIL FROM:<[email protected]>
DEBUG SMTP RCVD: 250 2.1.0 <[email protected]>... Sender ok
DEBUG SMTP SENT: RCPT TO:<[email protected]>
DEBUG SMTP RCVD: 550 5.7.1 <[email protected]>... Relaying denied
Invalid Addresses
[email protected]
DEBUG SMTPTransport: Sending failed because of invalid destination addresses
thanks for any helpIf JavaMail doesn't see the "AUTH" line from the server, it won't attempt to authenticate.
-
Logical system for client 001 for SAP NETWEAVER ABAP TRIAL VERSION for BI
Hi,
I have installed SAP NETWEAVER ABAP TRIAL VERSION for BI. In that I have to create logical system for client 001. I have taken a list of available clients from the abap R3 side. Here is a list of it.
Clients View
Cl. Name City Crcy
000 SAP AG Konzern Walldorf EUR
001 Auslieferungsmandant R11 Kundstadt USD
066 Test EarlyWatch Profiles Walldorf EUR
I cannot get inside the BW side for it asks me to create a logical system for client 001. What to do?
Kindly help me.
Kannanhi,
? First log on to SAP R/3 server connections Go to SCC4 in R/3 & in Scc4 BW server. A screen opens in that logical name of the system would be opened in both (R/3 & BW).
? Take notepad in it save .R/3 & BW logical names go to R/3 & click SM59 to create R/3 connections click then a screen opens gives BW logical name in RFC Destination option & give connection. type 3 & give some description & then press enter.
? You will get another screen under it then at target host gives BW server name we will get it from BW logon change ID, IP address option & give the system no. The system no go to logon pad just drag it then you will see the name.
? Then click on log on securities go to log on give BW server details like No, client user Password. Then save it then click test connection tab if there are errors then it gives yellow color if they are no error the whole thing come as white.
? Then click on the Remote Logon then we go to BW server give RFC SM59 & click create. Then give the server name which is at the bottom right corner give it then give the no, name, password in logon Security save it & test connection & then remote logon.
? R/3 - B W - R/3
? Logical connection source system connection is used to transfer the data from R/3 to BW. Go to BW system& click RSA1 go to source system option go to top to the source systems right click on it. Then click create then a screens opens then.
? PC ?Flat file , DB ? Database
? Select the option manual then a screen appears RFC Destination, Logical source name then click OK then it goes to opens other screen save it test connection then remote login then it go back to the then a screen opens then click only activate.
? BW ? RS1 ? SOURCE SYSTEM ? CREATE MANUAL AUTOMATIC CELL
? R/3 ? Test connections login ? back ? replicate method ? active data R/3 Source system you will able to.
hope it helps u
Ramesh -
How do I turn on sound alert for calls but turn off sound for txt
At night, I want to be able to hear if I get a call, but I do not want to hear if I get a txt mssg. I went into setting/txt/sounds and turned it off, and had a ring tone selected for calls, but when I get calls I do not hear the ring tone.
Hi,
To do this you will need to go to Settings>Notifications>Do Not Disturb and from there sellect "Allow Calls From" to everyone. This will mean that if you schedule Do Not Disturb at Night time, only Calls will make alerts and ring whereas other notifications will be silenced. -
There are so many FM transmitters ranging from $2.00 to $100.00. I have a tape cassette in car and an old cassette adapter that doesn't work well and makes noise. The car has bluetooth wireless for iPhone but does not play music (unless I just couldn't figure this out. I want the best transmitter for city driving, but one that doesn't cost too much. Any success stories?
For anyone following, I looked further into the tape cassette adapter and it seems to get the best reviews vs. FM transmitter. Guess there is a good reason that I have the last year model with a tape cassette. Worth mentioning is the Maxell one gets a better review than the Monter one. Not sure why, but it's cheaper. Anyone else find a good quality tape cassette adapter?
-
I can use my time capsule for wifi, but can't connect for backup
I have been using my TC for a couple of years now, always as a router and backup disk. I went on a long trip then came back and tried to connect to it, I can use the wifi, but I can't connect to the disk to see it or use it for backups. I also have a PC connected to the TC and I can see the contents on there through explorer.
Any ideas would be appreciated...how do I get the Mac addresses for each device (this won't be a problem, I demand the device, check it, and then return it).
What wireless devices are we looking at here?
Most devices have the AirPort ID or MAC Address or Hardware Address printed on the back or bottom of the device
Otherwise, you can learn the correct number by process of elimination. Turn off all wireless devices except your Mac computer....if it is connecting using wireless.
Open Macintosh HD > Applications > Utilities > AirPort Utility
Click on the Time Capsule icon
Look for Wireless Clients and click on the numerical IP address that is displayed
Another box will open
Look for the Hardware Address. It will be displayed as xx : xx : xx : xx :xx : xx
Write that down and note that it is your Mac.
Now, connect another wireless device and repeat the sequence. Click on the "other" listing that you see to find out more info about that device. Write down the ID or Address and note what device it is. Then power it off.
Do the same for each wireless device that you want to have limited access.
Post back when you have all the info. -
Database link from XE to 8i - Ok for XE, but error ORA-12705 for ApEx
I have oracle 8.1.7.4 (8i) with these settings:
PARAMETER VALUE
NLS_LANGUAGE AMERICAN
NLS_TERRITORY AMERICA
NLS_CURRENCY $
NLS_ISO_CURRENCY AMERICA
NLS_NUMERIC_CHARACTERS .,
{color:#ff0000}NLS_CHARACTERSET CL8MSWIN1251{color}
NLS_CALENDAR GREGORIAN
NLS_DATE_FORMAT dd-mon-rr
NLS_DATE_LANGUAGE AMERICAN
NLS_SORT BINARY
NLS_TIME_FORMAT HH.MI.SSXFF AM
NLS_TIMESTAMP_FORMAT DD-MON-RR HH.MI.SSXFF AM
NLS_TIME_TZ_FORMAT HH.MI.SSXFF AM TZH:TZM
NLS_TIMESTAMP_TZ_FORMAT DD-MON-RR HH.MI.SSXFF AM TZH:TZM
NLS_DUAL_CURRENCY $
NLS_COMP BINARY
{color:#ff0000}NLS_NCHAR_CHARACTERSET CL8MSWIN1251{color}
NLS_RDBMS_VERSION 8.1.7.4.0
And oracle XE:
NLS_LANGUAGE AMERICAN
NLS_TERRITORY AMERICA
NLS_CURRENCY $
NLS_ISO_CURRENCY AMERICA
NLS_NUMERIC_CHARACTERS .,
{color:#ff0000}NLS_CHARACTERSET AL32UTF8{color}
NLS_CALENDAR GREGORIAN
NLS_DATE_FORMAT DD-MON-RR
NLS_DATE_LANGUAGE AMERICAN
NLS_SORT BINARY
NLS_TIME_FORMAT HH.MI.SSXFF AM
NLS_TIMESTAMP_FORMAT DD-MON-RR HH.MI.SSXFF AM
NLS_TIME_TZ_FORMAT HH.MI.SSXFF AM TZR
NLS_TIMESTAMP_TZ_FORMAT DD-MON-RR HH.MI.SSXFF AM TZR
NLS_DUAL_CURRENCY $
NLS_COMP BINARY
NLS_LENGTH_SEMANTICS BYTE
NLS_NCHAR_CONV_EXCP FALSE
{color:#ff0000}NLS_NCHAR_CHARACTERSET AL16UTF16{color}
NLS_RDBMS_VERSION 10.2.0.1.0
I create database link from XE to 8i - it works fine:
I create view in XE based on table from 8i
and using SQL Developer {color:#0000ff}I can Select/Insert{color} into this view {color:#0000ff}from XE{color}.
BUT when I login {color:#0000ff}to Application Express{color} and try the same SELECT from the view - {color:#0000ff}I get error:{color}
ORA-12705: ORA-12705: invalid or unknown NLS parameter value specified
ORA-02063: preceding line from LINKED8i
What should I do to make Application Express work with the view based on table in remote database correctly - i.e. allow me to Select/Insert/... ?Hi,
i don't have a solution for your problem but i want to share with you my research in using Database Links with XE/Apex.
I have done it a in a lot of projects and in most of all cases it shows a strange behavior when using Database Links via Apex. As far as i know SQL-Request in Apex are executed via the DBMS_SQL-Package. And that seems to be source for all errors and strange behaviors you get.
If you post a SQL-Request directly from your XE, everything's fine. If you do the same from APEX, sometimes it is very slow and sometimes it fails.
So, my approach to this issue is to work with Materialized Views. Your can create MV's on your XE to reference your remote tables and even schedule refreshes. In Apex, you only work with these MV's instead of the remote tables. And everything's going to be fine!
Hope this helps!
Regards, Jens -
Javascript works on Safari for Windows but not on Safari for Mac (2.0.4)
One part of our mail's web-based interface is not working properly when I use Safari on Mac (2.0.4). However, it works on Safari for Windows and Firefox. I browsed through a lot of the forum entrees with java/javascript on the subject and it seems that java processing is a common problem. I have checked all the necessary settings suggested on the forums but it still does not work.
We tried using the new Safari on another machine and it works. However, I also see lots of forum entrees asking how to uninstall Safari 3!
I also have a window on the open-source SugarCRM not working properly on Safari 2.0.4. Any fix coming?I noticed that as well. I have to wonder if it's due to not making note of the the different end of line characters between Mac OS X and Windows in code.
-
Hello
I like to use the Gumtree website but although Firefox will work very fast on the Rightmove website
on Gumtree it is useless and takes a very long time to 'turn' a page or go to another area of the
website
I have disabled all the add- ons and it is a bit better but I would be there all day to try
and look through Gumtree as it is so slow whereas for Rightmove it turns the pages very
fast
My local library also uses windows xp and it is very fast on Gumtree and it uses Google
Chrome
ThanksYou can try these steps in case of issues with web pages:
You can reload web page(s) and bypass the cache to refresh possibly outdated or corrupted files.
*Hold down the Shift key and left-click the Reload button
*Press "Ctrl + F5" or press "Ctrl + Shift + R" (Windows,Linux)
*Press "Command + Shift + R" (Mac)
Clear the cache and cookies only from websites that cause problems.
"Clear the Cache":
*Firefox button > Options/Preferences> Advanced > Network > Cached Web Content: "Clear Now"
"Remove Cookies" from sites causing problems:
*Firefox button > Options/Preferences > Privacy > "Use custom settings for history" > Cookies: "Show Cookies" -
HT1311 Changed my apple ID for iTunes, but did not work for app updates.
I followed the directions on my phone and successfully changed my apple ID for iTunes. But when I to update apps, the old ID still shows. How can I change my Apple ID so I can update my existing apps?
Correct! The apps I had previously were downloaded using my husband's apple ID. We are now separated, and I would like to download updates under my OWN apple ID. I followed the instructions for changing my AppleID on my phone, and it works with iTunes downloads. Yet the old AppleID continues to show up for App updates/downloads. Can I change the apple ID for App updates? Or must I delete all the apps on my phone that were downloaded under HIS apple ID and then redownload them under my own ID?
-
Developp with LabVIEW for PC but need to compile for MAC
Hello,
My customer has a LabVIEW Professionnal development suite for Windows. All the applications should be running under Windows but one (a file viewer) needs to run under both Mac OS and Windows. How can I acheive this? Do my customer needs to buy another licence? Would an application compiled under windows runs on a Mac if the LabVIEW run-tine engine for Mac is deployed?
By the way, the application doesn't use any OS related VIs...
Regards,
PatrickPatrick
You will need to compile the application on a Mac (there is no cross platform compiler). Then you should be able to deploy tothe customers Mac with a run-time engine.
Visualize the Solution
CLA
LabVIEW, LabVIEW FPGA
Maybe you are looking for
-
Hello, I am a relatively new Macbook Pro user. Only previous experience with a Mac before this was many years ago in Iraq. I have a relatively cheap USB optical mouse, that I am trying to hook up so I can use Lumosity.com easier. It is not an Appl
-
can someone help me out i need some pictures off this phone and i am not sure it is posibble
-
How to create a single report using 5 difftent reports
Hi Experts how to create a single report using 5 repors in it. Example I have to create a Survey history report using Reports like Surevy 1 Surevy 2 Surevy 3 Surevy 4 Surevy 5 Pl
-
New itunes will not open in windows 7
recently downloaded new itunes. I will not open in my PC using windows 7
-
Lose Netflix Closed Caption between TV episodes
I have to access the Apple TV audio menu to reset closed captioning after each and every episode of a Netflix TV series. Is this the way it is suppose to work?