Add user to group not working

Logged in as Portal, i'm able to create user and user group thru Administer tab.
however, when i tried to add user member (search and select from user list) to the newly created group, its seems doesn't work (which was working fine before :| )...
it just takes me back to edit group page without adding the user...
any help would b appreciated :)
Fara

This is an issue with IE. It is a bug that has existed since release 2 of the portal. If you do the exact same thing in Netscape (or any other browser), you will be able to add the user to the group without any problems. Amazing how Oracle continues to not fix obvious bugs with each new release.

Similar Messages

Enabling calendaring for a user or group not working

Am having an issue getting ical server/sharing and webcalandars working. Think it is all related.
First a description of my server environs. One xserve acting as OD master, fileserver, vpn, DNS and DHCP server as well. Second xserve acting as DNS, mail, web and ical server. Second server is OD replica.
DNS is working. All OD functions including kerberos are working. Mail and webmail are working as well.
The hostname in iCal Server Admin settings is the FQDN of my second xserve. icalxserve.domain.com. I can start iCal. Then I get this error in the logs:
twistedcaldav.directory.appleopendirectory.OpenDirectoryInitError: Open Directory has no /Computers records with a virtual hostname: icalxserve.domain.com
Remember this server is a OD replica. It is listed in the Computers pane under Workgroup Manager and its name is server.domain.com$. All the computers have $ at the end so I assume this is normal. All services are set for access from all users in Server Admin -> server -> Access. In Server Admin Web -> Sites -> (default site highlighted) Web Services webmail, wiki and blog and web calendaring are all checked as well. I have also tried to enable wiki and blog and web calendar for groups in Workgroup Manager. The only choices in the pop up are none and wiki host for domain.com. Strange.
I cannot enable calendaring for any user. I check the Enable calendaring box under Advanced in the Accounts pane in Workgroup Manager and no server is listed in the pop up menu. It only reads No calendar host selected without any other choices. It should show me icalxserve.domain.com.
When I goto http://icalxserve.domain.com site I get the default homepage and webmail works. If I click on the Groups button I see the 2 groups I have enabled services for. But when I click on the groupname I get the following error page:
Not Found
404: No group with that name (thomas) hosted on this server
Not sure what to do next. OD doesn't seem to be working like I would expect. Any advice would be greatly appreciated.
Thanks in advance.
Please note I am posting this late on Sunday night and have jury duty tomorrow. I will obviously try to check back as soon as I can but maybe not until Monday night. Thanks again.

Hi
+"I don't see this option. Am I doing doing something wrong?"+
Your Rider seems to indicate 10.6? If you're not seeing this option in WorkGroup Manager I'm guessing you're using 10.6 Server? In which case you've posted in the wrong forum with a question that's not applicable anymore. Apple removed those options in 10.6. Another possibility is you're trying to manage a 10.5 Server using 10.6 Server Admin Tools and it's giving unpredictable results? The Server Administration Applications cab behave oddly if you're trying use a newer version on an older server. You should use the version of the Tools that came with the Server.
The 10.6 iCal Server Admin Manual is here:
http://manuals.info.apple.com/enUS/iCalServerv10.6.pdf
Tony

Add User to Group Behavior

Hi all
I found
this post that explains the same issue I'm having, but the marked answer isn't relevant to my environment. I've built a user creation runbook, using 2012 R2 and this
Active Directory Integration Pack. Everything works properly, except I'm getting strange security log events when using the Add User to Group activity.
In one of the tests, I added a single user that was being created to about 100 different groups. Let's say one group has 50 members. When the user gets added to that group, the security audit shows that 50 users were removed from the group, and then those
50 users were added back plus my new user. It shows this activity for every group that the user was added to. I get the following two actions for every member of the group:
Member '-' was removed from 'Domain\Group' by 'Domain\User' on...
Member 'DN of Member' was added to 'Domain\Group'...
This is a problem because it makes our audit reports and notifications worthless since we'd have to read through all the noise to see an actual anomaly. I'm also concerned that if users are actually being removed and re-added to those groups, that there
could be some consequences of that that we aren't seeing yet (i.e. application access interruptions, or what if the connection to AD is lost after removing the users but before adding them back in). Although I should say I'm not convinced that the users are
actually being removed because as you can see above, no member information is recorded on the removal, and all the removals and additions have the same exact time stamp meaning they occurred within 1 second, which seems pretty fast given that some of our groups
are large.
Is this the intended behavior of the Add User to Group activity? If so, is there a workaround I can use to avoid this behavior? The next thing I'll try is using PowerShell to add the user to the group, but this option isn't ideal since the runbook will be
managed by users who are not that familiar with scripting, so I'd like the solution to contain as little as possible.
Thanks

Hi,
the issue of the AD IP 7.0 is reported here
http://social.technet.microsoft.com/Forums/de-DE/eef9cdda-774f-4b95-bd89-aa3f86feee9b/ad-integration-pack-add-user-to-group-activity-problem?forum=scoscip
Try the up-to-date Version 7.2
http://www.sc-orchestrator.eu/index.php/scoblog/115-updated-system-center-2012-r2-orchestrator-integration-packs-available
Regards,
Stefan
www.sc-orchestrator.eu ,
Blog sc-orchestrator.eu

ADCS add user to group

Hi Experts,
OIM is giving response as "Group does not exist in target system" for add user to group task. But this group is available in AD. Can any one help me to solve it.
Process which we followed is
defining Group DN using custom adapter (prepared group DN based on user's region -> Group DN: cn=G1,ou=EEE-BASE,ou=Groups)
We have lookup defination "AD Grouplookup recon" with all group values from AD
when we provisiong user, we are getting the abvoe mentioned response for the task "add user to group"
Please suggest me.
regards,
Ravi G.

Kevin,
implementation logic:
we have added the defined groupDN value to child form using the method "formIntf.addProcessFormChildData(childKey, processInstanceKey, attrChildData);" in one java method and we are setting the groupDN field value before calling "ADCSADDUSERTOGROUP".
Our log detials are as follows where ITS IS NOT WORKIG in one environment (ENV 1)
INFO [XELLERATE.DATABASE] DB read: select * from lku where upper(lku_field) in ('LKV_KEY', 'LKU_KEY', 'LKV_ENCODED', 'LKV_DECODED', 'LKV_LANGUAGE', 'LKV_COUNTRY', 'LKV_VARIANT', 'LKV_DISABLED', 'LKU_TYPE_STRING_KEY') and lku_type='f'
DEBUG [XELLERATE.DATABASE] select * from lku where upper(lku_field) in ('LKV_KEY', 'LKU_KEY', 'LKV_ENCODED', 'LKV_DECODED', 'LKV_LANGUAGE', 'LKV_COUNTRY', 'LKV_VARIANT', 'LKV_DISABLED', 'LKU_TYPE_STRING_KEY') and lku_type='f'
DEBUG [XELLERATE.SERVER] Class/Method: tcDataBase/eventPreInsert entered.
DEBUG [XELLERATE.SERVER] Class/Method: tcDataBase/tcDataBase left.
DEBUG [XELLERATE.SERVER] Class/Method: tcDataBase/eventPreInsert entered.
DEBUG [XELLERATE.SERVER] Class/Method: tcDataBase/tcDataBase left.
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcUtilAttributeNameMap : getUDFChildRecordIntegrationAttributes:: FINISHED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcUtilADTasks : getChildTableData:: FINISHED
INFO [STDOUT] Running Add User To Group
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcUtilADTasks : addUserToGroup:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getAttributeValues:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getPath:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getPath:: FINISHED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: FINISHED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: FINISHED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : validateCertificates:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : validateCertificates:: FINISHED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD : Critical Extensions Supported
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : invalidateSSLSession:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : invalidateSSLSession:: FINISHED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD:: FINISHED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getAttributeValues:: FINISHED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcUtilADTasks : getObjectByObjectGUID:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : search:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getPath:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getPath:: FINISHED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: FINISHED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: FINISHED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : validateCertificates:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : validateCertificates:: FINISHED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD : Critical Extensions Supported
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : invalidateSSLSession:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : invalidateSSLSession:: FINISHED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD:: FINISHED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : disconnect:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : disconnect:: FINISHED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : search:: FINISHED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : disconnect:: STARTED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : disconnect:: FINISHED
DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcUtilADTasks : addUserToGroup:: FINISHED
DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/setAdpRetVal entered.
DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString entered.
DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString - Data: class - Value: java.lang.String
DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString - Data: poRetVal.toString() - Value: AD.USER_OR_GROUP_DOES_NOT_EXIST
DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString - Data: Returning:sRetVal - Value: AD.USER_OR_GROUP_DOES_NOT_EXIST
DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString left.
DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/setAdpRetVal - Data: Setting Adapter Return Value to AD.USER_OR_GROUP_DOES_NOT_EXIST - Value:
DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/setAdpRetVal left.
DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/finalizeProcessAdapter entered.
DEBUG [XELLERATE.SERVER] Class/Method: tcBusinessObj/getString entered.
DEBUG [XELLERATE.SERVER] Class/Method: tcDataBase/readPartialStatement entered.
INFO [XELLERATE.DATABASE] DB read: select mav.spd_key,mav.mav_map_child_table_name, mav.mav_map_to, mav.mav_map_qualifier, mav.mav_map_value, mav.mav_field_length from mav mav, mil mil, adv adv where mav.mil_key = mil.mil_key and mil.mil_key = 81 and mav.adv_key = adv.adv_key and adv.adv_name = 'Adapter return value' and adv.adp_key = 31
DEBUG [XELLERATE.DATABASE] select mav.spd_key,mav.mav_map_child_table_name, mav.mav_map_to, mav.mav_map_qualifier, mav.mav_map_value, mav.mav_field_length from mav mav, mil mil, adv adv where mav.mil_key = mil.mil_key and mil.mil_key = 81 and mav.adv_key = adv.adv_key and adv.adv_name = 'Adapter return value' and adv.adp_key = 31
DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/finalizeProcessAdapter - Data: Mapped to Response Code - Value:
DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem entered.
DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem - Data: event - Value: adpADCSADDUSERTOGROUP
DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem - Data: New Status - Value:
DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem - Data: SchData - Value: AD.USER_OR_GROUP_DOES_NOT_EXIST
DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem - Data: Reason - Value:
DEBUG [XELLERATE.SERVER] Class/Method: tcBusinessObj/getString entered.
DEBUG [XELLERATE.SERVER] Class/Method: tcBusinessObj/getString entered.
please see the log details are as follows where ITS WORKING (some other environment (ENV 2)pointing to different AD)
INFO (JMS SessionPool Worker-0) [XELLERATE.DATABASE] DB read: select * from lku where upper(lku_field) in ('LKV_KEY', 'LKU_KEY', 'LKV_ENCODED', 'LKV_DECODED', 'LKV_LANGUAGE', 'LKV_COUNTRY', 'LKV_VARIANT', 'LKV_DISABLED', 'LKU_TYPE_STRING_KEY') and lku_type='f'
DEBUG (JMS SessionPool Worker-0) [XELLERATE.DATABASE] select * from lku where upper(lku_field) in ('LKV_KEY', 'LKU_KEY', 'LKV_ENCODED', 'LKV_DECODED', 'LKV_LANGUAGE', 'LKV_COUNTRY', 'LKV_VARIANT', 'LKV_DISABLED', 'LKU_TYPE_STRING_KEY') and lku_type='f'
DEBUG (JMS SessionPool Worker-0) [XELLERATE.SERVER] Class/Method: tcDataBase/eventPreInsert entered.
DEBUG (JMS SessionPool Worker-0) [XELLERATE.SERVER] Class/Method: tcDataBase/tcDataBase left.
DEBUG (JMS SessionPool Worker-0) [XELLERATE.SERVER] Class/Method: tcDataBase/eventPreInsert entered.
DEBUG (JMS SessionPool Worker-0) [XELLERATE.SERVER] Class/Method: tcDataBase/tcDataBase left.
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcUtilAttributeNameMap : getIntegrationAttributes:: FINISHED
DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcADPClassLoader/findClass entered.
DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcADPClassLoader:findClass - Data: loading class - Value: com.thortech.xl.schedule.tasks.ADITRes
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : removeDomainFromName:: STARTED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : removeDomainFromName:: FINISHED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getAttributeValues:: STARTED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getPath:: STARTED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getPath:: FINISHED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD:: STARTED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: STARTED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: STARTED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: FINISHED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: STARTED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: STARTED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: FINISHED
INFO (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD : SSL option is not selected in ITResource
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD:: FINISHED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getAttributeValues:: FINISHED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getPath:: STARTED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getPath:: FINISHED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD:: STARTED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: STARTED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: STARTED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: FINISHED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: STARTED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: STARTED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: FINISHED
INFO (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD : SSL option is not selected in ITResource
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD:: FINISHED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : modifyAttributes:: STARTED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : modifyAttributes : Attributes modified: CN=ATL-BASE-AD-LOGON,OU=Groups,OU=ATL
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : modifyAttributes:: FINISHED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : disconnect:: STARTED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : disconnect:: FINISHED
DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcUtilADTasks : addUserToGroup:: FINISHED
DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/setAdpRetVal entered.
DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString entered.
DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString - Data: class - Value: java.lang.String
DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString - Data: poRetVal.toString() - Value: AD.ADD_USER_TO_GROUP_OPERATION_SUCCESSFUL
DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString - Data: Returning:sRetVal - Value: AD.ADD_USER_TO_GROUP_OPERATION_SUCCESSFUL
DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString left.
DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/setAdpRetVal - Data: Setting Adapter Return Value to AD.ADD_USER_TO_GROUP_OPERATION_SUCCESSFUL - Value:
DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/setAdpRetVal left.
DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/finalizeProcessAdapter entered.
DEBUG (JMS SessionPool Worker-0) [XELLERATE.SERVER] Class/Method: tcBusinessObj/getString entered.
DEBUG (JMS SessionPool Worker-0) [XELLERATE.SERVER] Class/Method: tcDataBase/readPartialStatement entered.
INFO (JMS SessionPool Worker-0) [XELLERATE.DATABASE] DB read: select mav.spd_key,mav.mav_map_child_table_name, mav.mav_map_to, mav.mav_map_qualifier, mav.mav_map_value, mav.mav_field_length from mav mav, mil mil, adv adv where mav.mil_key = mil.mil_key and mil.mil_key = 119 and mav.adv_key = adv.adv_key and adv.adv_name = 'Adapter return value' and adv.adp_key = 36
DEBUG (JMS SessionPool Worker-0) [XELLERATE.DATABASE] select mav.spd_key,mav.mav_map_child_table_name, mav.mav_map_to, mav.mav_map_qualifier, mav.mav_map_value, mav.mav_field_length from mav mav, mil mil, adv adv where mav.mil_key = mil.mil_key and mil.mil_key = 119 and mav.adv_key = adv.adv_key and adv.adv_name = 'Adapter return value' and adv.adp_key = 36
DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/finalizeProcessAdapter - Data: Mapped to Response Code - Value:
DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem entered.
DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem - Data: event - Value: adpADCSADDUSERTOGROUP
DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem - Data: New Status - Value:
DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem - Data: SchData - Value: AD.ADD_USER_TO_GROUP_OPERATION_SUCCESSFUL
DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem - Data: Reason - Value:
DEBUG (JMS SessionPool Worker-0) [XELLERATE.SERVER] Class/Method: tcBusinessObj/getString entered.
DEBUG (JMS SessionPool Worker-0) [XELLERATE.SERVER] Class/Method: tcBusinessObj/getString entered.
Is groupDN value comming as "space" in my environment ENV 1?
or
Is it not calling "tcADPClassLoader:findClass - Data: loading class - Value: com.thortech.xl.schedule.tasks.ADITRes" to removeDomain from Name.
Please suggest me.

1. TACAS+ Accounting and Logged in Users report is not working on ACS 4.1(1

Hi,
I am facing problem with ACS 4.1 accounting, TACAS+ Accounting and Logged in Users report are not working, the csv file is been generated but nothing is showened in the file.
I have checked the documents related to ACS 4.1, it says that there is a bug related to command accounting âCSCsg97429 - TACACS+ Command Accounting does not work in ACS 4.1(1) Build 23â.
Tried upgrading the same with the patch applAcs-4.1.1.23.3.zip, still it is not working.
Other reports are working fine.
1. TACAS+ Accounting - not working
2. Logged in Users - not working
3. TACAS+ Administration - working
4. Passed Authentication - working
5. Failed Attempts - working
Any suggestions or any idea, please revert.
Regards
Vineet

Hi,
Thanks
Yes I have configured the command âaaa accounting exec default start-stop group tacacs+â
As I have mentioned all the other reports are working. Which user and when he has logged in and what commands he has used. Only the TACAS+ Accounting and logned user is not working.
Regards,
Vineet

Add new document link not working in upgraded sharepoint 2013?

Hello there,
Upgraded SharePoint team sites from 2010 to 2013. add new document link not working for shared document in upgraded sharepoint 2013?. it is specially not working on machine where Office web apps set up with this sharePoint server and it
is working fine with environment Office web apps not configured with Sharepoint.
Looking resoluion /suggestion, thanks in advance.
Regards,
Sushil

Hi Sushil,
According to your description, my understanding is that the add new document link was not working on machine where Office web apps set up with this SharePoint server after you upgraded SharePoint team sites
from 2010 to 2013.
For your issue, it can be caused by integrating Office Web Apps with upgraded SharePoint Site.
Firstly please make sure claims-based authentication is used by the SharePoint web application that is used to create the new document. Only web applications that use claims-based authentication can open
files in Office Web Apps. To determine the authentication provider for a web application, follow these steps:
1.In SharePoint 2013 Central Administration, click Manage web applications.
2.Select the web application that you want to check, and click Authentication Providers on the ribbon.
The authentication provider must be displayed as Claims Based Authentication for Office Web Apps to work correctly with the web application. To resolve this issue, you can delete the web application and recreate
it using claims-based authentication, or you can change the authentication method of the web application.
Secondly, make sure the WOPI zones match on the SharePoint 2013 and the Office Web Apps Server farm.
To do this, run the following command on the SharePoint Server:
Get-SPWopiZone
The result will be one of the following:.
internal-https
internal-http
external-https
external-http
Next, run the following command on the SharePoint Server.
Get-SPWOPIBinding
In the output, look for WopiZone: zone. If the results from Get-SPWopiZone don’t match the zone that is returned by Get-SPWOPIBinding, run the Set-SPWOPIZone -Zone cmdlet on the SharePoint Server to change
the WOPI zone to match the result from Get-SPWOPIBinding.
If not work, you can try to disconnect SharePoint 2013 from Office Web Apps Server and re-configure Office Web Apps for SharePoint 2013.
For more information, please refer to the article:
http://technet.microsoft.com/en-us/library/ff431687(v=office.15).aspx
Best Regards,
Eric
Eric Tao
TechNet Community Support

GRC 10.0: Access Request Creation - LDAP user advanced search not working

Dear Experts,
We are implementing SAP GRC Access Control and we have an issue in Access Request Creation. If we put the user name in “User” field and press intro, the user details are updated, but if we want to make an "Advanced search" the user is not found and the application give us the following message: “No records found for the search criteria entered.”
Scenario 1: If we put the user name in “User” field and press intro, the user details are updated:
Scenario 2: If we want to make an "Advanced search" the user is not found and the application give us the following message: “No records found for the search criteria entered.”
We are using the Active Directory as Data Source.
Thanks and Regards.

Hi Jose,
Try maintaning the parameter 2050 as YES and check once.
Kindly, also make refer to the below list of SAP notes:
1757906 - GRC 10.0 - LDAP user search does not work in NWBC
1745370 - LDAP search in GRC does not work anonymously
1718242- UAM: User search not working in Access Request.
Regards,
Neeraj Agarwal

Response Groups not working

Hi there
My environment is a single Lync 2013 Front End Server installed on Server 2012.
It works since a year and now we want to use some response groups. I created 2 of them and everything seems fine but i cant call these groups. Not from internal and also not from external.
The clients shows an 500 internal server error with ID 26017.
So i traced the whole thing on the Front End Server. It seems the Response Group Service cant work with the local SQL Server. I see three error messages.
1. TL_ERROR(TF_COMPONENT) [2]0B90.37A8::07/23/2014-06:38:39.119.000002fb (RgsClientsLib,MatchMakingLocator.GetActiveInstanceFromDB:683.idx(479))
(0000000000150BA8)No instance registered as the active instance!
2. TL_ERROR(TF_COMPONENT) [1]1E08.2910::07/23/2014-06:38:42.462.00000a34 (RgsHostingFramework,CallControlManager.HandleAudioVideoCall:2049.idx(619))
(000000000362D054)Call is declined because Call Control is not started.
3. TL_WARN(TF_COMPONENT) [1]0B90.0B7C::07/23/2014-06:38:48.053.00000f2d (RgsClientsLib,MatchMakingLocator.GetActiveMatchMakingInstance:683.idx(301))
(0000000000150BA8)There is currently no active MatchMaking instance in the pool.
The Lync Server Event Log shows this error when the Response Group Service starts:
LS Response Group Service ID 31067
Lync Server 2013, Response Group Service Match Making could not find the Contact object used for subscribing to agents' presence.
Cause: The application has not been properly activated or the Contact object was deleted.
Resolution:
Deactivate and then activate the application for this pool.
Is there a way to reinstall / reconfigure the whole response group service incl. the active directory objects?
I hope somebody could help
Regards
Andreas

Have you seen this thread:
http://social.technet.microsoft.com/Forums/lync/en-US/cd25ddec-6e1e-4d58-9a9a-a530abfa82e3/response-groups-not-working?forum=ocsclients ?
He ran Get-CsApplicationEndpoint and received a warning that let him to a resolution.
Short of that, I'd rerun step 2 in the deployment wizard and restart services when you can to see if I could jog anything loose.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
SWC Unified Communications

Cannot add user to group eventhough i have full access

i cannot add users to groups in subsite even i am in the owners group of the subsite

Check the settings of the group itself. By default the only person who can add users to a group is the person who created the group. I normally change the group settings so the group is owned by the Site collection root site owners group. That
way any of those users can modify the membership of the group.
Paul Stork SharePoint Server MVP
Principal Architect: Blue Chip Consulting Group
Blog: http://dontpapanic.com/blog
Twitter: Follow @pstork
Please remember to mark your question as "answered" if this solves your problem.

Add user to group

please help me to add user to group using dotnet(C#),

See http://help.adobe.com/en_US/enterpriseplatform/10.0/programLC/help/index.html
API Quick Starts (Code Examples) > User Manager API Quick Starts > Quick Start (MTOM): Adding users using the web service API
* Ensure that you create a .NET project that uses
* MS Visual Studio 2008 and version 3.5 of the .NET
* framework. This is required to invoke a
* LiveCycle ES2 service using MTOM.
* For information, see "Invoking LiveCycle ES2 using MTOM" in Programming with LiveCycle ES2
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.ServiceModel;
using System.IO;
//A reference to the DirectoryManager service
using AddUser.ServiceReference1;
namespace AddUser
    class Program
        static void Main(string[] args)
            try
                //Create a DirectoryManagerServiceClient object
                DirectoryManagerServiceClient dirManClient = new DirectoryManagerServiceClient();
                dirManClient.Endpoint.Address = new System.ServiceModel.EndpointAddress("http://hiro-xp:8080/soap/services/DirectoryManagerService?blob=mtom");
                //Enable BASIC HTTP authentication
                BasicHttpBinding b = (BasicHttpBinding)dirManClient.Endpoint.Binding;
                b.MessageEncoding = WSMessageEncoding.Mtom;
                dirManClient.ClientCredentials.UserName.UserName = "administrator";
                dirManClient.ClientCredentials.UserName.Password = "password";
                b.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;
                b.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
                b.MaxReceivedMessageSize = 2000000;
                b.MaxBufferSize = 2000000;
                b.ReaderQuotas.MaxArrayLength = 2000000;
                //Create a User object
                UserImpl myUser = new UserImpl();
                myUser.domainName = "DefaultDom";
                myUser.userid = "wblue";
                myUser.canonicalName = "wblue";
                myUser.principalType = "USER";
                myUser.givenName = "Wendy";
                myUser.familyName = "Blue";
                myUser.disabled = false;
                //Add the user to LiveCycle ES2
                dirManClient.createLocalUser(myUser, "password");
                //Ensure that the user was added
                //Create a PrincipalSearchFilter to find the user by ID
                PrincipalSearchFilter psf = new PrincipalSearchFilter();
                psf.userId = "wblue";
                MyArrayOfUser allUsers = dirManClient.findUsers(psf);
                //Determine how many elements there are
                //Each element is of type User
                int index = allUsers.Count;
                //Iterate through the array
                for (int i = 0; i < index; i++)
                    User theUser =(User) allUsers[i];
                    Console.WriteLine("User ID: " + theUser.userid);
                    Console.WriteLine("User name: " + theUser.givenName + " " + theUser.familyName);
                    Console.WriteLine("User Domain: " + theUser.domainName);
            catch (Exception ee)
                Console.WriteLine(ee.Message);
Steve

BPC 7.5 - Domain User Group Not Work - Configuration Server Manager

Hi Guys,
I install BPC 7.5 from NW. From the PC client only work ok with the same user OWNER the BPC .NET. In Server Manger -> Option
-> Define Systems User Group, add the follow data:
- System user group name= Domain Users
- Domain Type=Active Directory
- Domain Name = BAIRES
Is correct the Syntax? or need use the form OU=xxxx?
Thanks.

Ok, thanks, and So I have other problem. I need Add User from different Domains, How configure this?
Tks

Alert to group not working on Sharepoint 2010!

Hello,
We have a SharePoint 2010 Server which on the front page we have a news list. We have migrated to 365 and since then the alerts are not working properly. We have a local SMTP server that we use to rely to 365 since SharePoint does not support TLS by itself.
The SMTP server is working because we can set up alerts on individuals and the emails are coming. The issue is with the group. I have tried several groups but still the same issue. On some groups we receive the initial email about the creation of the alert,
but no mails after that. I have checked also the Immediate Alert service and is successful. I have checked in the mail flow on 365 and I can see the initial creation of the alert mail sent to all in the group, but the alerts on changing anything on the
list does not come into 365, so it must be a SharePoint issue which I can`t determine since the immediate alert service is running...
Can you please provide a feasible solution for this issue?
Thank you very much.
DOVC
Best Regards, Valentin Doru System Administrator

Hi Valentin,
please also open a thread at o365 community, because seems this issue happened at o365.
to try, perhaps you can re-add the group also, because it may refresh the properties from the AD group to o365.
and you may check these workaround for testing:
Option 1: Use a Redirection User
created a user in Office 365. This user is licensed to use SharePoint Online and Exchange Online.
In Exchange Online, create Distribution Groups, which are standard Distribution Group that allows however in Delivery Management also Senders outside of organization, as the SharePoint Sender is not part of the Exchange Org.
In Exchange Online for the User Exchange Forwarder, created Inbox Rules. The rule is checking the Subject for a keyword and as action redirect the E-Mail to the DG and deletes it right away.
repeat this for other DGs as well.
In SharePoint Online grant the user Exchange Forwarder access to the Site to access the List
Now there are two important steps:
1) The Alert Title needs to include the token we look for in the Exchange rule
2) The “Send Alerts To” needs to be our “Exchange Forwarder”
When everything is set up an Alert will be received by Exchange Forwarder and then forwarded to the DG.
Option 2: Use a custom Workflow with the Send E-Mail To Activity
In Exchange Online creat a Distribution Groups, which are standard Distribution Group that allows however in Delivery Management also Senders outside of my organization, as the SharePoint Sender is not part of the Exchange Org.
Using SharePoint Designer create a custom Workflow like the one below. In the Send E-Mail activity I specified the external SMTP Address of the DG as To-Address.
When the Workflow is executed an E-Mail is sent directly to the DG:
Background:
When sending an Alert, SharePoint is doing a Security Trimming. So SharePoint wants to be sure the recipient of the Alert has permissions to see the List Content the Alert is about. Therefore we cannot enter an SMTP-Address for an Alert but need to specify
a Security Principal known to SharePoint.
In a Workflow we don’t need to do this kind of Security Trimming. The creator / designer of the Workflow need to take care whom to send what information.
Side note: Alerts and Workflow Send E-Mail To Activities are the only possibilities in SharePoint Online to send E-Mails. Custom solutions (Sandboxed Solutions) will not work.
Regards,
Aries
Microsoft Online Community Support
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Active Directory Groups Not Working in Sharepoint

We are trying to manage permissions with AD groups but thus far permissions are not working. We have a site and are able to search for, find, and add AD groups. However, users in this group still get access denied. If users are added explicitly
to the site or to a SharePoint group their permissions work correctly. The UPS has been synced many times without issues and this problem has been occurring for weeks. Is this a problem with SharePoint or AD? Any ideas how to resolve it?
Also, I don't know if this is relevant but the site is also configured for anonymous access. If a user accesses the site anonymously they are granted read access, if they try to access the site while logged in with their account they get access denied.

If the group was added to SharePoint and then users were added to the group try waiting a day. The claims token in SharePoint lifetime is fairly long. So when new users are added to an existing AD group SharePoint will not recognize the new membership
in the Claims token for 12 -24 hours. If you add a user today they should be able to log in tomorrow. Take a look at the following Blog post. I think this is your issue.
http://www.andrewjbillings.com/sharepoint-2013-claims-authentication-ad-group-changes-not-reflected/
Paul Stork SharePoint Server MVP
Principal Architect: Blue Chip Consulting Group
Blog: http://dontpapanic.com/blog
Twitter: Follow @pstork
Please remember to mark your question as "answered" if this solves your problem.

Site column Person or Group not working through TMG

We published our Sharepoint 2010 Site through TMG 2010, everything is working fine, except some users cannot edit the site column Person/Group in the document library. The Word 2013 opens and in the field we just see not currently available. I
have some users with Word 2013 where it's working fine, so I think this must be some word settings.
Any ideasß

Hello,
I have a similar problem (same Setting).
I get the error message that the sharepoint "saving/storing location" could not be interpreted (translation
from the German error message), after I was prompted for the user credentials. I do not get an error message on server side.
The TMG Settings:
Rule applies to published site: wi-sharepoint
Request appear to come from the Forefront TMG computer
Listener : https; 8443
Public name (changed): something.tech.at
Authentication: NTLM auth.
Bridging: Redirect top HTTP: port 81
Apply link translation to this rule
This setting works if I connect via a browser (from inside and outside)
But trying to connect via Workspace 2010 I get an error from outside (from inside it works)
The log from the TMG:
SourceExternal: 80.081.215.166:4881 (changed)
Destination: Lcoal Host (192.168.50:81)
Request: POST
http://wi-sharepoint:81/...
On the Sharepoint I configured AAM:
http://wi-sharepoint
DEFAULT => http://wi-sharepoint
http://wi-sharepoint:81
Internet => http://wi-sharepoint:81
I also tried to add:
http://something.tech.at
=> http://something.tech.at
and
http://something.tech.at
=> http://something.tech.at
but it was not working correctly.
Hope you can help.
Thanks,
Florian

Public Folder permissions to groups not working

Hello Together,
I have some problems with permission of Exchange 2010 (SP2) public folders. Although I can't find an TechNet article which describes the procedure to add a group to a public Folder client permission list, it should be possible because the
Add-PublicFolderClientPermission cmd-let will accept Users and groups as parameter for -user.
But if I give permissions to groups the members of the Groups can't access the public folders.
What I exactly do is this:
- Create a Distribution Group for example TEST (Universal Distribution Group)
- Add User "Testuser" to this Group
- Add public folder Clientpermissions to the Group "Test" which autmatically changes the group type to Universal Security Group (there is no difference if I do this with the GUI or management shell)
Result: No Access for User "Testuser"
If I add the User directly to the Public folder he can acces the folder.
I can reproduce this problem in my test- and my Productionenvironment.
Any ideas?
Best regards
Hans Moggert
Hans Moggert Technical Account Manager Geschäftsbereich Technologie & Service Allgeier IT Solutions GmbH

Hi Martina,
thank you for your very fast answer, but this was exactly what I had done ...
But Today, if I tried to access the Public Folder again everything works as expected, so I tried to find out why I have to wait so long until the expected permissions work and now I think I have found the reason:
- Exchange 2010 uses Universal Groups for Distribution and Security Groups
- Universal Groups are the only Grouptypes which saves the member list at the Global Catalog server
- the default Global Catalog Caching interval is 1440 Minutes (24 hours)
So if you change membership of universal Groups you have to wait 24 hours until Exchange recognizes this change!
If you want to force this you can do one of the following steps:
- reduce the "Cached Membership Refresh Interval (minutes)"
http://technet.microsoft.com/en-us/library/how-global-catalog-servers-work(v=ws.10).aspx
- Use the following VB-Script:
set objRoot = GetObject("LDAP://rootDSE")
objRoot.Put "UpdateCachedMemberships", 1
objRoot.SetInfo
msgbox "Universal Group Cache refreshed!"
This forces the Group members to refresh immediatly.
I think I am not the only person who had this problem so I hope I can help others with this solution ...
Best regards and thx
Hans Moggert Technical Account Manager Geschäftsbereich Technologie & Service Allgeier IT Solutions GmbH

Add user to group not working

Similar Messages

Maybe you are looking for