Adding a listener to Active directory for user creation using Java

Hi,
I would like to add a listener to active directory such that when a user is created to the "Users" container, I should be notified or informed. I would like to do this with Java. What should I do ?
Regards,
Anand Kumar D

You should add a NamingListener or a NamespaceChangedListener.

Similar Messages

Need Sample Code for Vendor creation using JAVA API

Hi,
I have a scenario like Vendor creation using Java API.
1.I have Vendors (Main) Table.
2.I have look up tables like Account Group.
3.Also Qualifier table(Phone numbers) too.
Could you please give me the sample code which helps me to create Vendor records using Java API?
I need Code samples which should cover all of the above scenario.
Marks will be given for the relevent answers.
Best Regards
PK Devaraj

Hi Devraj,
I hope the below code might solve all your problem:-
//Adding Qualified field
//Creating empty record in Qualifed table
//Adding No Qualifiers
Record qualified_record = RecordFactory.createEmptyRecord(new TableId(<TableId>));
try {
qualified_record.setFieldValue(new FieldId(<fieldId of NoQualifier), new StringValue(<StringValue>));//Adding No Qualifier
catch (IllegalArgumentException e2) {
// TODO Auto-generated catch block
e2.printStackTrace();
catch (MdmValueTypeException e2) {
// TODO Auto-generated catch block
e2.printStackTrace();
//Creating Record in Qualified table
CreateRecordCommand create_command = new CreateRecordCommand(connections);
create_command.setSession(sessionId);
create_command.setRecord(qualified_record);
try
create_command.execute();
catch(Exception e)
System.out.println(e.toString());
RecordId record_id = create_command.getRecord().getId();
//Adding the new record to Qualifed Lookup value and setting the Yes Qualifiers
QualifiedLookupValue lookup_value = new QualifiedLookupValue();
int link = lookup_value.createQualifiedLink(new QualifiedLinkValue(record_id));
//Adding Yes Qualifiers
lookup_value.setQualifierFieldValue(0 , new FieldId(<FieldID of Yes Qualifier>) , new StringValue(<StringValue>));
//Now adding LookUP values
//Fetch the RecordID of the value selected by user using the following function
public RecordId getRecordID(ConnectionPool connections , String sessionID , String value , String Fieldid , String tableid)
ResultDefinition rsd = new ResultDefinition(new TableId(tableid));
rsd.addSelectField(new FieldId(Fieldid));
StringValue [] val = new StringValue[1];
val[0] = new StringValue(value);
RetrieveRecordsByValueCommand val_command = new RetrieveRecordsByValueCommand(connections);
val_command.setSession(sessionID);
val_command.setResultDefinition(rsd);
val_command.setFieldId(new FieldId(Fieldid));
val_command.setFieldValues(val);
try
 val_command.execute();
catch(Exception e)
RecordResultSet result_set = val_command.getRecords();
RecordId id = null;
if(result_set.getCount()>0)
 for(int i = 0 ; i < result_set.getCount() ; i++)
 id = result_set.getRecord(i).getId();
return id;
//Finally creating the record in Main table
com.sap.mdm.data.Record empty_record = RecordFactory.createEmptyRecord(new TableId("T1"));
try {
 empty_record.setFieldValue(new FieldId(<FieldId of text field in Main table>),new StringValue(<StringValue>));
 empty_record.setFieldValue(new FieldId(<FieldId of lookup field in Main table>), new LookupValue(<RecordID of the value retrieved using the above getRecordID function>));
empty_record.setFieldValue(new FieldId(<FieldId of Qualified field in Main table>), new QualifiedLookupValue(<lookup_value>));//QualifiedLookUp value Retrieved above
} catch (IllegalArgumentException e1) {
// TODO Auto-generated catch block
 e1.printStackTrace();
} catch (MdmValueTypeException e1) {
 // TODO Auto-generated catch block
 e1.printStackTrace();
//Actually creating the record in Main table
CreateRecordCommand create_main_command = new CreateRecordCommand(connections);
create_main_command.setSession(sessionId);
create_main_command.setRecord(empty_record);
try
 create_main_command.execute();
catch(Exception e)
 System.out.println(e.toString());
Thanks
Namrata

LEAP - ACS Authen. against active directory for users of another domain

We installed ACS 3.0 on W2000 server, member of a domain. When we tried
to authenticate users from another domain, but it failed.
We achieved to find out the problem. First, the server tries to find the PDC of the other domain (DNS request : _ldap._tcp.pdc._msdcs.domain). The DNS
server answer with the full name and IP address. But afterwards, instead of using the DNS answer, the server make a new request with the PCD name
and appending its own domain. The DNS request fails, and the user is not authenticated. A workaround consists in chaging the DNS search-list for the server, but I'm intersted if anyone had a better solution, or if the new release (ACS 3.1) solves this issue.

Your case looks similair to this bug CSCdy18833, the bug has a work around also check it out.

Integrating 10g and MS Active Directory for user authentication

Can anyone point me towards a good document describing how to do this?

There is a good description on metalink.
Note:267153.1
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=267153.1

User login report in Active Directory for specific date and time

I want to get User login report in Active Directory for specific date and time e.g user logged in at15-01-2015 from 8:00am to 4:00pm
Is any query, script or any tool available?
Waiting for reply please

You can identify the last logon date and time using my script here: https://gallery.technet.microsoft.com/scriptcenter/Get-Active-Directory-User-bbcdd771
If you would like to get back in time and see when the user did a logon / logoff then you need to have auditing enabled. Once done, you can records from Security log in the event viewer: https://social.technet.microsoft.com/Forums/windowsserver/en-US/98cbecb0-d23d-479d-aa65-07e3e214e2c7/manage-active-directory-users-logon-logoff-events
I have started a Wiki about how to track logon / logoff and it can help too: http://social.technet.microsoft.com/wiki/contents/articles/20422.record-logon-logoff-activities-on-domain-servers-and-workstations-using-group-policy.aspx
This posting is provided AS IS with no warranties or guarantees , and confers no rights.
Ahmed MALEK
My Website Link
My Linkedin Profile
My MVP Profile

Impact on roaming profile accounts if we Change User logon Name to Employee Number format in Active Directory for all User accounts

I want to understand if we change User logon Name to Employee Number format in Active Directory for all User accounts, then what would be the impact on existing profile. Whether we need to change it manualy or it will connect to same profiles in terminal
session.
As i observed it create new profile after logon name changed to employee number where existing users profile settings get fails to load and prompt for new settings (such as outlook reconfiguration, share drive mapping etc.).
Kindly let me know the proper process to overcome with this, how to connect same existing roaming profile with employee number format change.

Hi,
What if we change the user name of user account, will it have impact on roaming profiles.
Yes, it will affect roaming profiles. Please rename the roaming profile folder as the new user account name, in addition, change the profile path in ADUC.
Here is an related article below for you:
How to Rename a Windows 7 User Account and Related Profile Folder
http://social.technet.microsoft.com/wiki/contents/articles/19834.how-to-rename-a-windows-7-user-account-and-related-profile-folder.aspx
Best Regards,
Amy

Sharepoint 2013 - Active Directory Import User Profile Property manager fields

Hi there,
I juste encountered actually a little issue regarding the Active Directory Import User Profil.
Importation seems to work well but I have a little problem regarding the Manager field.
When I verify a user profil through the sharepoint admin page ("Manage user profil") , I can see the manager field is correctly populated, but if I want to check my profil as a user (personal information), the manager field is not visible.
With Sharepoint Admin and Manage Profil Properties, I haven't the possibility to modify some settings for the manager.
For example, Policy parameters is greyed.
The only way I found to show this field in a user profil is to give the permission "allow users to Edit values ...".... setting I don't want to set.
Have you already this sort of issue ?
Thanks for your help/idea.

Hi Michael,
I don't remember well what I did exactly regarding this issue because I played a lot with user profil.
I know I used this powershell script from Sheyia which in fact help me a lot to clean and create a good profil setting.
http://blogs.technet.com/b/sheyia/archive/2013/10/09/sharepoint-2013-another-way-to-change-order-for-user-profile-properties-via-powershell.aspx
For example, this script help me to resolve some double entries.
Let-me know if it help you (or not of course)

No active writeable datasource found for user creation, check your Persiste

HI SAP Guru's
Suddenly when I am login in Portal with J2EE_ADMIN or any user , I am getting error
You are not authorized to access this application; contact your system administrator
and when I am going to create user in identity management I am getting below error
Current user has user creation permissions in the UME, but cannot create users in the back-end system (data source). The original and possibly untranslated message was: "No active writeable datasource found for user creation, check your Persistence Configuration.".
I have searched all related treads in SDN but no success
Please help.
Thanks & Regards
Vinay Patel

Dear all,
I was searching the community because I had this same error and there was no answer of how it was fixed. So I'm sending how I fixed today in a customer environment.
1. Go to portal http://<portal>/webdynpro/dispatcher/sap.com/tcsecumewdumeadmin/UmeAdminApp
- select configuration
- folder "sap system based in abap"
- do the conection test
If the test fails, log on in client 001 and change user SAPJSF:
- assign role SAP_BC_JSF_COMMUNICATION (only this one) and one profile that has permission to RFC logon
- you can change the password too
STOP/START ABAP+JAVA
Go again to the portal above and test connection again. The tests should now be OK.
2. Go to portal http://<portal>/irj
- Log on with administrator user
Now you should be able to create an user.

Workflow for User Creation

Hi
I would like to implement the Work Flow for User Creation, i.e.whenever the admin creates the user id, it should go to manager for approval and after that it pwd should be delivered to the respective user.
Can any one guide me on how to implement the same. Also I would like to know the use of customisation under Set Approval Indicator in IMG settings.
Suitable points will be awarded.
Regards,
PKM

Hi,
Pls refer the foll link:
http://help.sap.com/saphelp_srm40/helpdata/en/5a/af5f0b85d011d2b42d006094b92d37/content.htm
BR,
Disha.
Pls reward points for useful answers.

How can we get requester's user id using java code

Hi,
How can we get requester's user id using java code?
eg: If i had logged in as xelsysadm and request a resource for user uid101 on the userid field it should display uid101 and not xelsysadm.
also,
I have a resoure "A" which on revoking should also revoke resources B and C. How can it be done. Resource A, B, and C are 3 different resource objects.
==Thanks,
doki

Ok, so there is a way, but it's not available during submission. You can use the findRequests api. From the result set, get the "Requests.Consolidated Data Value" value. In this information, you will get an xml formatted data. It provides the list of users on the request on the left side after submission. After the request is completed, this value is available. Upon completion, you could get the request information, get this value, and parse the information for user ids.
In the same adapter, use the following API:
formIntf.setObjectFormData(objInstanceKey, formHash)
The formHash is a hashtable containing the field name on your object form, and the values you wish to populate it with. You could create a textarea box on your object form and populate the userids for who the request is for.
However, this makes absolutely 0 sense. When you get a request, the list of userids are listed right there on the request.
-Kevin

Which Book is good for e-commerce using JAVA & XML

I want to find a Book that is good for e-commerce using JAVA & XML,
or where can find JAVA & XML new and develop?
can you suggest me?
Thanks very much!

I can recommend "Java and XML" from O'Reilly. It's a very good book.

Principal Name for Active Directory "Domain Users"

Hi,
I successufully integrated Weblogic & Active Directory Kerberos (SSO). I tested a web application and successifully logined it with authentication.
The system automatically recognized my Active Directory username. It worked.
For authentication in my weblogic.xml I used
<security-role-assignment>
<role-name>admin</role-name>
<principal-name>kursat</principal-name>
<principal-name>fenerbahce</principal-name>
</security-role-assignment>
Now I'm trying to allow all domain members to authenticate my application. For my application I only need the actice directory usernames for them.
For this purpose, I removed "kursat","fenerbahce" from my weblogic.xml
<principal-name>kursat</principal-name>
<principal-name>fenerbahce</principal-name>
I added
<principal-name>Domain Users</principal-name>
instead of writing all domain users.
However I couldn't authenticate. I got the "Error 403--Forbidden"
Is there anyone can help me?

test by creating a groups under Domain Users and use it as your principal name in your weblogic.xml
-Faisal
http://www.weblogic-wonders.com

How to authenticate user in Active Directory for an Oracle report

Hey there,
We have users of 1 report all over the country.
Currently, when using the report, the user chooses a location as a parameter, then runs the report.
The problem is we don't want the user to be able to see data from other locations, only their own.
So how can I do this as all users are set up in Active Directory, but the only thing that distinguishes them apart is under the Properties of the user, under the General tab, the Office field says where they are located.
Thanks in advance!

Hey there,
We have users of 1 report all over the country.
Currently, when using the report, the user chooses a location as a parameter, then runs the report.
The problem is we don't want the user to be able to see data from other locations, only their own.
So how can I do this as all users are set up in Active Directory, but the only thing that distinguishes them apart is under the Properties of the user, under the General tab, the Office field says where they are located.
Thanks in advance!

Authorisation Active Directory Win2003 users in Solaris 10

Now I am having the task to configure kereberos authentication and ldap authorisation users of Win2003 Active Directory in Solaris 10.
Kerberos authentication configured by native pam_krb5 according paper http://www.microsoft.com/technet/itsolutions/cits/interopmigration/unix/usecdirw/08wsdsu.mspx and works fine.
But I can't configure authorisation by native ldapclient library.
Can you give steb-by-step guide about configuring native ldapclient and pam.conf for authorisation AD users on Solaris 10.
ldaplist command return error
bash-3.00# ldaplist
ldaplist: Object not found (LDAP ERROR (12): Unavailable critical extension.)
And snoop ldap return (10.25.66.222 - Solaris 10, 10.25.67.251 -AD-controller)
bash-3.00# snoop ldap
Using device /dev/pcn0 (promiscuous mode)
10.25.67.251 -> 10.25.66.222 LDAP R port=32926
10.25.66.222 -> 10.25.67.251 LDAP C port=32926
10.25.66.222 -> 10.25.67.251 LDAP C port=32926
10.25.66.222 -> 10.25.67.251 LDAP C port=32926 Bind Request
10.25.67.251 -> 10.25.66.222 LDAP R port=32926 Bind Response Success
10.25.66.222 -> 10.25.67.251 LDAP C port=32926
10.25.66.222 -> 10.25.67.251 LDAP C port=32926 Search Request derefAlways
10.25.67.251 -> 10.25.66.222 LDAP R port=32926 Search ResDone Unavailable Critic
al Extension
10.25.66.222 -> 10.25.67.251 LDAP C port=32926
10.25.66.222 -> 10.25.67.251 LDAP C port=32926 Unbind Request
10.25.67.251 -> 10.25.66.222 LDAP R port=32926
10.25.66.222 -> 10.25.67.251 LDAP C port=32926
10.25.67.251 -> 10.25.66.222 LDAP R port=32926
10.25.66.222 -> 10.25.67.251 LDAP C port=32926
10.25.67.251 -> 10.25.66.222 LDAP R port=32927
10.25.66.222 -> 10.25.67.251 LDAP C port=32927
10.25.66.222 -> 10.25.67.251 LDAP C port=32927
10.25.66.222 -> 10.25.67.251 LDAP C port=32927 Bind Request
10.25.67.251 -> 10.25.66.222 LDAP R port=32927 Bind Response Success
10.25.66.222 -> 10.25.67.251 LDAP C port=32927
10.25.66.222 -> 10.25.67.251 LDAP C port=32927 Search Request derefAlways
10.25.67.251 -> 10.25.66.222 LDAP R port=32927 Search ResDone No Such Object
10.25.66.222 -> 10.25.67.251 LDAP C port=32927
10.25.66.222 -> 10.25.67.251 LDAP C port=32927 Search Request derefAlways
10.25.67.251 -> 10.25.66.222 LDAP R port=32927 Search ResDone No Such Object
10.25.66.222 -> 10.25.67.251 LDAP C port=32927 Search Request derefAlways
10.25.67.251 -> 10.25.66.222 LDAP R port=32927 Search ResDone No Such Object
10.25.66.222 -> 10.25.67.251 LDAP C port=32927 Search Request derefAlways
10.25.67.251 -> 10.25.66.222 LDAP R port=32927 Search ResDone No Such Object
10.25.66.222 -> 10.25.67.251 LDAP C port=32927
My current 'ldapclient list' is following:
bash-3.00# ldapclient list
NS_LDAP_FILE_VERSION= 2.0
NS_LDAP_BINDDN= cn=ldap_test,ou=Users,ou=Office,dc=corp,dc=com
NS_LDAP_BINDPASSWD= {NS1}5e10c247a91661a5b4
NS_LDAP_SERVERS= 10.25.67.251
NS_LDAP_SEARCH_BASEDN= dc=corp,dc=com
NS_LDAP_AUTH= simple
NS_LDAP_SEARCH_REF= TRUE
NS_LDAP_SEARCH_SCOPE= sub
NS_LDAP_CACHETTL= 0
NS_LDAP_CREDENTIAL_LEVEL= proxy
NS_LDAP_SERVICE_AUTH_METHOD= pam_ldap:simple
NS_LDAP_SERVICE_AUTH_METHOD= passwd-cmd:simple
And pam.conf:
# Authentication management
login auth requisite pam_authtok_get.so.1
login auth required pam_dhkeys.so.1
login auth sufficient pam_krb5.so.1 debug
login auth required pam_unix_cred.so.1
login auth required pam_unix_auth.so.1
login auth required pam_dial_auth.so.1
# rlogin service (explicit because of pam_rhost_auth)
dtlogin auth requisite pam_authtok_get.so.1
dtlogin auth required pam_dhkeys.so.1
dtlogin auth sufficient pam_krb5.so.1 debug
dtlogin auth required pam_unix_cred.so.1
dtlogin auth required pam_unix_auth.so.1
other auth requisite pam_authtok_get.so.1
other auth required pam_dhkeys.so.1
other auth sufficient pam_krb5.so.1 debug
other auth required pam_unix_cred.so.1
other auth required pam_unix_auth.so.1
passwd auth required pam_passwd_auth.so.1
cron account required pam_unix_account.so.1
other account requisite pam_roles.so.1
other account required pam_unix_account.so.1
other account required pam_krb5.so.1 debug
other session required pam_unix_session.so.1
other session sufficient pam_krb5.so.1 debug
other password required pam_dhkeys.so.1
other password requisite pam_authtok_get.so.1
other password requisite pam_authtok_check.so.1
other password sufficient pam_krb5.so.1 debug
other password required pam_authtok_store.so.1

I tried this, but i found the Solaris implementation to unstable and scarry, so i decided to go with VAS or Vintela from Quest:
http://www.vintela.com
it really works, unlike Suns LDAP implementations, and its easy too..
7/M.

Adding Custom Attributes in Activie Directory

hi
i've a requirement of getting few user properties from Active Directory into the user profile,for example i need the following properties.
user image
user birthday
user employee number
these properties are not available in the active directory,so how can i add these into the active directory and secondly how can i insert image of the user into the active directory property for image

There are two ways here.
First:
You can ask your AD administrator to create an attribute for you so that you can use it.
Second:
You can use the thumbnailPhoto attribute for Images
You can use Employee ID for employee number
You can use roomnumber for Birthday. Birthday attribute is not present in AD. So, we would have to use some other attribute which matches. So, i would personally request you to create a new attribute inside AD for the same. For this please follow
this URL.
Thank You, Pallav S. Srivastav ----- If this helped you resolve your issue, please mark it Answered.

Adding a listener to Active directory for user creation using Java

Similar Messages

Maybe you are looking for