App Controller - SSO - Unknown user displayed on page

Similar Messages

• AD SSO "unknown user" error

  Hi all,
  I've been having trouble with AD SSO on NAC deployed in L2 OOB VG mode.
  Users are getting a message that says:
  Unknown user
  Please contact your administrator if the problem persists.
  I check the event logs in the NAC Manager and it says "Unknown user via ADSSO, [MAC_ADDRESS ## IP_ADDRESS] user@DOMAIN"
  The AS SSO service is shown as "started" for the NAC Server however, running the command "netstat -a | grep 8910" at the terminal returns nothing.
  I also try an auth test to see if there was a problem with the agent but that shows up with the same "unknown user" error.
  I tried creating an LDAP authentication server with the same options as the LDAP lookup server for AD SSO and I get the same error.
  The AD SSO was working a few days ago and the System Admin says he hasn't changed anything in the domain controller. I haven't changed anything else in the NAC config except I started rolling it out to more users.
  Anyone have any idea what the problem could be?

  Hi huicab,
  The problem was that the LDAP user in the AD was in the wrong OU. I'm not the sys admin so I'm just telling you what he told me lol.
  We sniffed the port of the AD server and he realised that the credentials were being denied by AD even though no failed login attempts were logged in the system (weird =/). So he did some stuff on the user, double checked the password and all the other values and it started working. I have no clue how come it stopped working though. Now that you mention it, it was probably a security patch in the domain controller that stops users in a certian OU or outside of a certain OU from doing certain stuff. I dunno I'm really not a Windows guy but I'd recommend using Wireshark to sniff the Domain Controller's NIC at the time of the AD SSO login attempts to see what packets it gets and what reply it sends out, then you can take action from there.
  Hope this helps!
  ~ Xavier

• Server.app ProfileManager shows unknown users loading

  Sorry didn't mean to post twice...

  Hi
  Whichever server is configured as the Open Directory Master is where Profile Manager should be. It won't work otherwise.
  If your server was Standalone and if you turned on the Profile Manager Service, the Setup Assistant will launch and promote your Server from a Standalone Role into an Open Directory Master Role.
  Alternatively you could simply promote the Server to an OD Master Role first and then switch on the Service. Either way will work.
  Profile Manager is actually not bad at managing IOS Device and OSX Client Systems (10.7 only), once you understand what it does and how it can be used for your particular needs, assuming you have any? I would say it can cope between 50-100 IOS Devices easily enough. As you move to 200-300 IOS/OS units I'm guessing you may start seeing a problem or two? If you have mixed OSes, WorkGroup Manager is what you should be using.
  WorkGroup Manager won't work with IOS Devices. I know you know this but I mention it just in case others may read this post who may be similarly confused.
  HTH?
  Tony

• How to go about building a app that searches for and displays pages from Google.

  I was wondering how i would go about building an app that takes a users input such as a sentence (not a URL) and then searches  for their input on Google. This app would then have to display a selected page automatically on the UIWebView.
  My existing code in my viewcontroller.m is as follows:
  - (void)viewDidLoad
  [super viewDidLoad]; [webView loadRequest: [NSURLRequest requestWithURL:[NSURL URLWithString:@"http://www.google.com"]]];
  I now want my app to use a users input (a word or a sentence) and search Google with that input but do it in the background then display the first search result in the UIWebView, what code would i need?
  Thanks

  Sorry, I cant view the App Store Review Guidelines
  https://developer.apple.com/appstore/resources/approval/guidelines.htmllink, maybe its because i dont have a developers account yet i will be getting one when i am ready to launch my app on the app store.

• Just bought a used Oct '13 MacBook Pro and I can't sign into the App Store as it still displays the old owners user ID in the login box (in fixed grey text). Any ideas of how I what I could do? Thanks.

  Just bought a used Oct '13 MacBook Pro and I can't sign into the App Store as it still displays the old owners user ID in the login box (in fixed grey text). Any ideas of how I what I could do? Thanks.

  The first thing you should do with a second-hand computer is to erase the internal drive and install a clean copy of OS X. How you do that depends on the model, and on whether you already own another Mac. If you're not sure of the model, enter the serial number on this page. Then find the model on this page to see what OS version was originally installed.
  1. You don't own another Mac.
  If the machine shipped with OS X 10.4 or 10.5, you need a boxed and shrink-wrapped retail Snow Leopard (OS X 10.6) installation disc, which you can get from the Apple Store or a reputable reseller — not from eBay or anything of the kind. If the machine has less than 1 GB of memory, you'll need to add more in order to install 10.6. I suggest you install as much memory as it can take, according to the technical specifications.
  If the machine shipped with OS X 10.6, you need the installation media that came with it: gray installation discs, or a USB flash drive for some MacBook Air models. If you don't have the media, order replacements from Apple. A retail disc, or the gray discs from another model, will not work.
  To boot from an optical disc or a flash drive, insert it, then reboot and hold down the C key at the startup chime. Release the key when you see the gray Apple logo on the screen.
  If the machine shipped with OS X 10.7 or later, you don't need media. It should boot into Internet Recovery mode when you hold down the key combination option-command-R at the startup chime. Release the keys when you see a spinning globe.
  2. You do own another Mac.
  If you already own another Mac that was upgraded in the App Store to the version of OS X that you want to install, and if the new Mac is compatible with it, then you can install it. Use Recovery Disk Assistant to create a bootable USB device and boot the new Mac from it by holding down the C key at the startup chime. You will need the Apple ID and password that you used to upgrade. Note that if your other Mac was never upgraded in the App Store, you can't use this method.
  Once booted from the disc, the USB device, or Internet Recovery, launch Disk Utility and select the icon of the internal drive — not any of the volume icons nested beneath it. In the Partition tab, select the default options: a GUID partition table with one data volume in Mac OS Extended (Journaled) format. This operation will permanently remove all existing data on the drive, which is what you should do.
  After partitioning, quit Disk Utility and run the OS X Installer. When the installation is done, the system will automatically reboot into the Setup Assistant, which will prompt you to transfer the data from another Mac, its backups, or from a Windows computer. If you have any data to transfer, this is usually the best time to do it.
  You should then run Software Update and install all available system updates from Apple. If you want to upgrade to a major version of OS X newer than 10.6, get it from the Mac App Store. Note that you can't keep an upgraded version that was installed by the previous owner. He or she can't legally transfer it to you, and without the Apple ID you won't be able to update it in Software Update or reinstall, if that becomes necessary. The same goes for any App Store products that the previous owner installed — you have to repurchase them.
  If the previous owner "accepted" the bundled iLife applications (iPhoto, iMovie, and Garage Band) in the App Store so that he or she could update them, then they're linked to that Apple ID and you won't be able to download them without buying them. Reportedly, Apple customer service has sometimes issued redemption codes for these apps to second owners who asked.
  If the previous owner didn't deauthorize the computer in the iTunes Store under his Apple ID, you wont be able to  authorize it under your ID. In that case, contact iTunes Support.

• How to display specific page based on type of user login? Urgent!!!

  I have 2 type of users e.g. Type1 and Type2 if Type1 user logs in i want to display a Type1Page page and if Type2 user logs in i want to display Type2Page page as home page.
  If there is any article already on this forum give me clue or Please give a workaround for this one.
  Thanks
  Bakulesh

  If you're setting the homepage in user preferences, I think you could do better. If they're "types" of users, set the default home page for their respective groups, not individual users.

• Unknown User account appears on login page

  Hi,
  Recently on my Login Page an unknown user has appeared on my computer. When I go to administer accounts the unknown user does not appear.
  It has it's own avatar too...a human shadow with outer space in back of it.
  I recently set up a myspace.com account, but that should not have done it.
  I cannot get this thing off my computer and I fear I am being hacked.
  Can anyone help me get rid of this thing and/or explain to me what it is?
  Thanks, RWard

  Gill
  Welcome to Apple Discussions!!
  I went to the link you noted but was unable to find 'security' in the linkTrue, all it says there is
  The root user should only be used for specific administration or monitoring tasks. After completing a task as the root user, log out of Mac OS X and log back in using a normal or administrator user account.
  Disable root access if you do not use it often.However, if anyone does manage to hack into your machine, he can do more damage if there is an enabled root account (he still has to guess the password of course). If root is disabled, that's another barrier.
  If you are really interested, see Mac OS X: Security, and this PDF document: Security in Mac OS X

• Error occurred in deployment step 'Uninstall app for SharePoint': Only users who can View Pages can list Apps

  While deploying the SharePoint Hosted App I am facing the issue  'Uninstall app for SharePoint': Only users who can View Pages can list Apps"
  - Provided the permissions for App Management and Subscription Services as well as DB.
  - Added into Host web as SC Administrator
  Thanks in Advance.

  Hi,
  The user you are running with Visual Studio should have read permission on the pages of SharePoint web you are trying to deploying your app.
  I suggest you add the login user to the SharePoint web in the “Site Settings”->”People and Group”.
  Here is a similar thread for your reference:
  http://sharepoint.stackexchange.com/questions/68590/error-occurred-in-deployment-step-uninstall-app-for-sharepoint-only-users-who
  More reference:
  Step by step How to configure environment for app development:
  http://gianespo.wordpress.com/2014/01/30/step-by-step-how-to-configure-environment-for-sharepoint-app-development/
  Best regards
  Zhengyu Guo
  TechNet Community Support

• EBS(SSL enabled) URL 12.1.3 cannot display web page though apps services are up

  Hi all,
  DB:11.2.0.3.0
  EBS:12.1.3
  O/S: Sun Solaris SPARC 64 bits 5.10
  EBS URL 12.1.3 cannot display web page though apps services are up. This target instance is SSL enabled and cloned instance. Autoconfig runs successfully on both the tiers.
  1 DB node and 1 apps Node(forms,Reports,CM,Web).
  DB Tier Autocofig:
  Updating rdbms version in Context file to db112
  Updating rdbms type in Context file to 64 bits
  Configuring templates from ORACLE_HOME ...
  AutoConfig completed successfully.
  $
  Autoconfig Apps Tier
  Configuring templates from all of the product tops...
          Configuring AD_TOP........COMPLETED
          Configuring FND_TOP.......COMPLETED
          Configuring ICX_TOP.......COMPLETED
          Configuring MSC_TOP.......COMPLETED
          Configuring IEO_TOP.......COMPLETED
          Configuring BIS_TOP.......COMPLETED
          Configuring AMS_TOP.......COMPLETED
          Configuring CCT_TOP.......COMPLETED
          Configuring WSH_TOP.......COMPLETED
          Configuring CLN_TOP.......COMPLETED
          Configuring OKE_TOP.......COMPLETED
          Configuring OKL_TOP.......COMPLETED
          Configuring OKS_TOP.......COMPLETED
          Configuring CSF_TOP.......COMPLETED
          Configuring IGS_TOP.......COMPLETED
          Configuring IBY_TOP.......COMPLETED
          Configuring JTF_TOP.......COMPLETED
          Configuring MWA_TOP.......COMPLETED
          Configuring CN_TOP........COMPLETED
          Configuring CSI_TOP.......COMPLETED
          Configuring WIP_TOP.......COMPLETED
          Configuring CSE_TOP.......COMPLETED
          Configuring EAM_TOP.......COMPLETED
          Configuring FTE_TOP.......COMPLETED
          Configuring ONT_TOP.......COMPLETED
          Configuring AR_TOP........COMPLETED
          Configuring AHL_TOP.......COMPLETED
          Configuring OZF_TOP.......COMPLETED
          Configuring IES_TOP.......COMPLETED
          Configuring CSD_TOP.......COMPLETED
          Configuring IGC_TOP.......COMPLETED
  AutoConfig completed successfully.
  $
  ---------------------------------+--------------------+---------+---------
  ias-component                    | process-type       |     pid | status
  ---------------------------------+--------------------+---------+---------
  OC4JGroup:default_group          | OC4J:oafm          |   10466 | Alive
  OC4JGroup:default_group          | OC4J:forms         |   10425 | Alive
  OC4JGroup:default_group          | OC4J:oacore        |   10062 | Alive
  OC4JGroup:default_group          | OC4J:oacore        |   10061 | Alive
  OC4JGroup:default_group          | OC4J:oacore        |   10060 | Alive
  OC4JGroup:default_group          | OC4J:oacore        |   10059 | Alive
  HTTP_Server                              | HTTP_Server        |    9993 | Alive
  adopmnctl.sh: exiting with status 0
  grep -i s_active_webport $CONTEXT_FILE
        <activewebport oa_var="s_active_webport" oa_type="DUP_PORT" base="8000" step="1" range="-1" label="Active Web Port">443</activewebport>
  Could anyone please advise what's wrong here. Why URL is not being accessible.
  Thanks for your time
  Regards,

  Yes. We are using SSL in all te instances. Please see the comparison between the working and non-working instance
  Source Instance(Working instance)
  $ grep s_webssl_port $CONTEXT_FILE
                  <web_ssl_port oa_var="s_webssl_port" oa_type="PORT" base="4443" step="1" range="-1" label="Web SSL Port">4508</web_ssl_port>
  $
  $ grep -i s_https_listen_parameter $CONTEXT_FILE
                          <httpslistenparameter oa_var="s_https_listen_parameter">4508</httpslistenparameter>
  $ grep s_active_webport $CONTEXT_FILE
                  <activewebport oa_var="s_active_webport" oa_type="DUP_PORT" base="8000" step="1" range="-1" label="Active Web Port">443</activewebport>
  $
  $ grep -i s_enable_sslterminator $CONTEXT_FILE
                          <sslterminator oa_var="s_enable_sslterminator"> </sslterminator>
  Target Instance(This does not work)
  $ grep s_webssl_port $CONTEXT_FILE
        <web_ssl_port oa_var="s_webssl_port" oa_type="PORT" base="4443" step="1" range="-1" label="Web SSL Port">4519</web_ssl_port>
  $
  $ grep -i s_https_listen_parameter $CONTEXT_FILE
           <httpslistenparameter oa_var="s_https_listen_parameter">4519</httpslistenparameter>
  $
  $ grep s_active_webport $CONTEXT_FILE
        <activewebport oa_var="s_active_webport" oa_type="DUP_PORT" base="8000" step="1" range="-1" label="Active Web Port">443</activewebport>
  $
  $ grep -i s_enable_sslterminator $CONTEXT_FILE
           <sslterminator oa_var="s_enable_sslterminator"/>
  Any suggestions?
  Thanks,

• Publishing App Controller (2012 SP1) to Internet Located Users via TMG2010

  Hi All,
  I'm trying to publish a demo environment hosted on our internal App Controller via TMG, to some colleagues working from home via non domain joined PC's.
  I've configured a publishing rule on TMG 2010 that allows my remote user to login. They connect using a name like
  https://vmm.company.com and this all works fine. But if they try to initiate a connection to the Hyper-V Guest machines Console they get a DNS error
  Virtual Machine Manager failed to connect to the virtual machine because the hostname (xxx.yyy.com) could not be resolved by Domain Name System
  Looking at the URL although it is using the vmm.company.com, in the path xxx.internal.com is being used and this is the internal Hyper-V Host machines internal FQDN.
  So I thought i'd be clever and use link translation in the rule, so that the TMG replaces any traces of xxx.internal.com with vmm.company.com, now I don't get the DNS error any more but I get a socket error, asking me to check my firewall.
  Sure enough I check the logs in TMG and there are access denied entries on that port, coming from external to the TMG's perimeter IP address
  So I create an access rule to allow 2179 from external to the ip address, and a non web server publishing rule for the internal Hyper-v host listening on 2179, but I now get this error in the TMG logs, access is initially allowed
  A connection was abortively closed after one of the peers sent an RST packet
  the same Socket Error is received on the client.
  Anyone ever done anything like this, or have a clue what i'm doing wrong?
  Cheers
  Darren

  Hi Darren,
  To show the console of a virtual machine it is necessary to create a connection from the client computer to the Hyper-V server. An alternative to opening a port on your Hyper-V servers to the Internet is to publish App Controller as a RemoteApp. In this
  situation, colleagues working from home will connect to the Remote Desktop Gateway and App Controller will be running on the gateway. When a console connection is made the connection is then from the Gateway to the Hyper-V server.
  You could also consider the Remote Console feature in System Center 2012 R2
  http://technet.microsoft.com/en-us/library/dn469415.aspx. This feature is designed to allow console connections from clients that are outside of the corporate network.
  Kind Regards
  Richard
  This posting is provided "AS IS" with no warranties, and confers no rights.

• Preview App not displaying all pages

  I am finding under Mavericks Preview App is not displaying all pages of some pdf's. 
  If you turn on thumbnails you can see and select all the pages but it's not possible to scroll down through all the pages.  Weird and annoying...

  First, before you do anything else at all, make a copy of your file as a backup. You said "Book" but I'm thinking you mean in one file, not a combined file InDesign Book (.indb) project.
  Now you need to test to see if this is a program problem or a file problem.
  Are the pages still there? Can you choose them from the navigation box in the lower left corner of the document window?
  Is this happening with any other documents? If you export this file to .inx (Interchange format) then open that, do the pages display properly?
  If it's happening in other docs, or if .inx doesn't solve the problem, look at how to replace your application preferences here: Adobe InDesign CS4 * Setting preferences

• I am having problems to run an app, there is an error display that says I need to set bonjour and that this app serial number has been used by another red user,  could anybody guide me?

  I am having problems to run an app, there is an error display that says I need to set  bonjour services

  Logic is the APPlication (program, app) that you are having the problem with.
  Logic Pro can take advantage of other computers on your local (home or work) network to help it do "heavy lifting" data chores by using Bonjour and a feature called Nodes.   It seems that Logic is attempting to find and connect to another machine on your network.
  Do you have Logic installed on another computer there?  That may be the source of the confilict.
  You might want to post this question in the Logic Pro Community.
  Be sure to indicate the version of Logic Pro that you are using.  I'm sure the folks there can help you out.

• APEX as Partner APP in SSO - Post Authentication Process

  I am trying to get APEX to work as Partner APP with SSO. It's almost working but a vitol piece doesn't cooperate.
  In my old authentication scheme (built-apex) I have a Post-Authentication Process (see below) that needs to set my page 0 items. When I put this into my new authentication scheme for SSO and try to log-in, I get a blank screen.
  If i take it out, my screen displays fine, but my page 0 items are not set with the correct values. What am I missing?
  DECLARE CURSOR get_user_defaults IS
  select B.fk_school, B.year, B.pk_id,
  nvl(A.user_type,'N') user_type
  from "#OWNER#".sis_user_roles B, "#OWNER#".sis_user A
  where A.user_name = :APP_USER and
  B.fk_sis_user = A.pk_id
  order by decode(B.default_role,'Y',1,2);
  BEGIN
  FOR user_defaults_loop in get_user_defaults LOOP
  :P0_LOGIN_SCHOOL := user_defaults_loop.fk_school;
  :P0_LOGIN_SCHOOL_YEAR := user_defaults_loop.year;
  :P0_LOGIN_ROLE := user_defaults_loop.pk_id;
  :P0_USER_TYPE := user_defaults_loop.user_type;
  EXIT;
  END LOOP;
  END;

  not sure what the problem is. Are you sure that :app_user is set already?
  However it looks as if you get an error (might result in blank screen) during your process.
  btw: the pL/sqkl block could be rewritten into a single sql select without any loop.
  BEGIN
    SELECT fk_school, year, pk_id, user_type
    INTO  :P0_LOGIN_SCHOOL, :P0_LOGIN_SCHOOL_YEAR, :P0_LOGIN_ROLE, :P0_USER_TYPE
    FROM ( 
      select B.fk_school, B.year, B.pk_id,
      nvl(A.user_type,'N') user_type, rownum rn
      from "#OWNER#".sis_user_roles B
          , "#OWNER#".sis_user A
      where A.user_name = :APP_USER
      and B.fk_sis_user = A.pk_id
      order by decode(B.default_role,'Y',1,2)
    where rn <= 1
  exception
    when no_data_found then
       raise_application_error(-20001,'User "'|| :APP_USER ||'" not found!');
  END;

• Urgent - problem with multiple users on same page

  Hi all,
  I have got an big problem with my app:
  when several users are using the same page, the action launched by USER_A affects the page displayed and used for USER_B.
  If there is only one user using the page, there is no problem at all.
  The webapp is deployed on Tomcat or JBoss and the problem remains the same on both.
  Thank you for your help.
  PS: I am not accurate because I don't know what to paste here.

  In fact, all my page beans are in REQUEST scope...
  The only bean in Application scope is the standard applicationBean created by Creator itself.
  We use one Bean in session scope which contains another class.
  I will try to explain our common process:
  - when logging into the app, the session Bean stores user data (rights for using app,...);
  - when navigating in the app, the user can search data, modify them and create one (if he has the right to do it);
  - to define the screen, we use a lot the beforeRenderResponse();
  - when viewing a data, the user can choose to modify it, so depending on the action, the page is in "CONSULT" mode or "MODIFY" mode. In the second one, he can display new gridPanel (as a subform) to populate datatable.
  The problem is obvious while using this grid: my grid can disappear if someone else has validated his form before me and if my page goes trough the beforeRender of my page.
  It is not really clear. If needed, i can give access to our application to show the problem (and msn adress too to talk about it).
  Thank you

• Unknown User after reinstall

  I recently archived and installed OSX Leopard and pulled my accounts and apps back in. Now I notice there is an "Unknown" user account on the system and I can't delete it when running as admin. I am thinking of nuking and paving the hard drive with a clean install of Leopard and then use migration assistant to migrate just the apps.
  If I understand correctly, I need to create a new admin account, a new limited account (if desired) and migrate the apps over to the new OS. This get rid of any suspicious accounts; am I correct?

  ..."Frankly, I don't think any Finder version has been very good at manipulating or displaying permissions info."...
  Permissions are another facet, but distinct from owner and group. Apart from the fact that the "Enclosed Items" aspect could be problematic, and the same bad terminology "(unknown)" was used, I find it hard to find fault with earlier "Get Info" versions when it came to basic owner / group settings on individual items. It was possible to change owner or group by choosing from a list any that were configured on the system (the list contained them all), or configure the "Finder" so that you could manually type a numerical value for those that weren't. With respect to owner / group settings for an individual item, I can't think of anything that you could do from the command line that you couldn't do from "Get Info".
  Compare this to Leopard's where the list doesn't even include all users / groups (eg. try to manually set a system file to "root:wheel" from Leopard's "Get Info"), and as far as I know, there is no way to input values manually. Plus the almost complete inability to change the "group" at all.
  In previous OS X versions, the "solution" to the questions posed in this thread would likely have been a simple case of telling the poster to "use Get Info, authenticating if necessary, to change the owner and group from '(unknown)' to something else".
  Leopard's implementation is inadequate, not by any unreasonably high standards that I might have, but even in comparison to the capabilities of Apple's own previous versions. It can't be viewed as anything other than a functional downgrade which users have arbitrarily been subjected to.