Authenticate user by LDAP server

Similar Messages

• Fatal error 78: Cannot connect to User Group LDAP Server

  After configuring Calendar server when trying to start:
  give following error:
  # ./start-cal
  Restarting calendar services
  Stopping all calendar services
  Starting all calendar services
  # enpd is started
  csnotifyd is started
  csadmind is started
  Fatal error 78: Cannot connect to User Group LDAP Server
  cshttpd is not started
  Calendar service(s) not started
  cshttpd is not started
  Calendar service(s) not started
  Following logs are from http logs of calendar server
  [13/Sep/2004:22:02:47 +0100] Vigor11 cshttpd[17916]: General Information: Log created (1095109367)
  [13/Sep/2004:22:02:47 +0100] Vigor11 cshttpd[17916]: General Notice: Sun Java System Calendar Server 6 2004Q2 (built Apr 28 2004) cshttpd starting up
  [13/Sep/2004:22:02:47 +0100] Vigor11 cshttpd[17916]: General Notice: cshttpd attempting to open Counters Database
  [13/Sep/2004:22:02:47 +0100] Vigor11 cshttpd[17916]: General Notice: cshttpd successfully opened the Counters Database
  [13/Sep/2004:22:02:48 +0100] Vigor11 cshttpd[17916]: General Notice: HTTP Module is refreshing
  [13/Sep/2004:22:02:48 +0100] Vigor11 cshttpd[17916]: General Notice: cshttpd is refreshing
  [13/Sep/2004:22:02:48 +0100] Vigor11 cshttpd[17916]: General Notice: cshttpd is refreshed
  [13/Sep/2004:22:02:48 +0100] Vigor11 cshttpd[17916]: General Notice: HTTP Module has refreshed
  [13/Sep/2004:22:02:48 +0100] Vigor11 cshttpd[17916]: General Notice: cshttpd: argc=3 argv[0]=/opt/SUNWics5/cal/lib/cshttpd
  [13/Sep/2004:22:02:48 +0100] Vigor11 cshttpd[17916]: General Notice: session_init: attempting to open session database for cshttpd
  [13/Sep/2004:22:02:49 +0100] Vigor11 cshttpd[17916]: General Notice: session_init: session database open completed for cshttpd
  [13/Sep/2004:22:02:49 +0100] Vigor11 cshttpd[17916]: Store Critical: Error checking session database: DB->set_alloc: method not permitted in shared environment
  [13/Sep/2004:22:02:49 +0100] Vigor11 cshttpd[17916]: General Notice: LdapCacheInit: Ldap Cache not enabled.
  [13/Sep/2004:22:02:49 +0100] Vigor11 cshttpd[17916]: General Notice: cshttpd_parse_commandline: successfully bind process 17916 to processor 0
  [13/Sep/2004:22:02:49 +0100] Vigor11 cshttpd[17916]: General Critical: Fatal error 78: Cannot connect to User Group LDAP Server
  Have any body seen this before.
  Regards

  The server was running fine for few months until i restarted the calendar server. i started to see the same error and the problem was the machine name got changed at some point.
  I added the old hostname to the /etc/hosts file and restarted the calender server and it started to work fine.

• Can't start server -- Fatal error: Cannot connect to user group ldap server

  After installing iCS 2.1, iCS 2.1p1, and iCS 2.1p3, a user will receive the
  following error message when trying to start the server:
  <P>
  Fatal error: Cannot connect to user group ldap server.
  <P>
  In addition, the Directory Server access logs will contain the following
  entry:
  <P>
  -0400] conn=125 op=1 SRCH base="dc=ldgw-llc,dc=com" scope=2
  filter="(objectclass=People)"
  In the server.conf file,
  check the local.enduseradmindn
  parameter. The parameter
  should appear as follows:
  <P>
  uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot
  <P>
  If the parameter contains
  "calmaster" or any user
  other than "admin,"
  change it to match the line above.

  Hi,
  I am getting the same error, kindly let me know how did you solved this problem
  Thanks
  Ahmad

• InitialContext.unbind() deleted the admin user for LDAP server...

  Hi,
  I am doing a connection to a LDAP server from Java code. Everything was fine for several days. But today I noticed that I don't execute an unbind operation and decided to put the necessary code. So I used InitialContext.unbind(). The result was that on the first execution of my program everything was OK. But on the second execution I was not able to bind to the server at all with the constructor of InitialLdapContext class even after restarting the machine from which I execute the Java code and the machine with the server. So it went that the admin user I was using for bind and unbind credentials was deleted. I am sure that the unbind() method is causing the problem because I actually broke the two LDAPs that I have (testing referrals...).
  Now I use close() method instead of the unbind() method and everything is OK but I wonder how is this possible and why is it not documented?

  I can't imagine documenting something like "This method will delete the admin user from your server". If that's the case then it's a bug, not something to be documented. Report it to whoever wrote your Java implementation. If that's Sun, then here:
  http://bugs.sun.com/bugdatabase/login.do
  You might also want to look into your LDAP server and see if it's a known bug there.

• Failed to authenticate user to ACS 5.1 with LDAP as external identity storage

  Hi ,  I have an ACS and Open-LDAP server running on my company network.
  Now, I 'm setting up a new linksys WAP-54G and choose WPA2-Enterprise option with ACS as the radius server.
  first thing first, I created new internal user on ACS, and trying to join the wireless network from my computer. I made it....
  then, I'm moving on external entity (LDAP Server). I've set up the LDAP configuration and identity sequence, also select it on access service.  but when I tried to authenticate from my computer, an error was occurred. I received : 
  the following error 22056 Subject not found in the applicable identity store (s)
  Wonder 'bout this thing, I set up a cisco 1841 router to become AAA client. and surprisingly... it works !!!
  so, is there any problem to authenticate from windows platform to ACS (pointing to LDAP) ?  
  any suggestion ?
  thanks

    This is the log when using windows 7 as authentication client (Failed) :
  Steps
  11001  Received RADIUS  Access-Request
  11017  RADIUS created a new session
  Evaluating Service Selection Policy
  15004  Matched rule
  15012  Selected Access Service - Default Network  Access
  11507  Extracted  EAP-Response/Identity
  12500  Prepared EAP-Request proposing EAP-TLS with  challenge
  11006  Returned RADIUS  Access-Challenge
  11001  Received RADIUS  Access-Request
  11018  RADIUS is re-using an existing  session
  12301  Extracted EAP-Response/NAK requesting to use  PEAP instead
  12300  Prepared EAP-Request proposing PEAP with  challenge
  11006  Returned RADIUS  Access-Challenge
  11001  Received RADIUS  Access-Request
  11018  RADIUS is re-using an existing  session
  12302  Extracted EAP-Response containing PEAP  challenge-response and accepting PEAP as negotiated
  12318  Successfully negotiated PEAP version  0
  12800  Extracted first TLS record; TLS handshake  started.
  12805  Extracted TLS ClientHello  message.
  12806  Prepared TLS ServerHello  message.
  12807  Prepared TLS Certificate  message.
  12810  Prepared TLS ServerDone  message.
  12305  Prepared EAP-Request with another PEAP  challenge
  11006  Returned RADIUS  Access-Challenge
  11001  Received RADIUS  Access-Request
  11018  RADIUS is re-using an existing  session
  12304  Extracted EAP-Response containing PEAP  challenge-response
  12318  Successfully negotiated PEAP version  0
  12812  Extracted TLS ClientKeyExchange  message.
  12804  Extracted TLS Finished  message.
  12801  Prepared TLS ChangeCipherSpec  message.
  12802  Prepared TLS Finished  message.
  12816  TLS handshake succeeded.
  12310  PEAP full handshake finished  successfully
  12305  Prepared EAP-Request with another PEAP  challenge
  11006  Returned RADIUS  Access-Challenge
  11001  Received RADIUS  Access-Request
  11018  RADIUS is re-using an existing  session
  12304  Extracted EAP-Response containing PEAP  challenge-response
  12313  PEAP inner method started
  11521  Prepared EAP-Request/Identity for inner EAP  method
  12305  Prepared EAP-Request with another PEAP  challenge
  11006  Returned RADIUS  Access-Challenge
  11001  Received RADIUS  Access-Request
  11018  RADIUS is re-using an existing  session
  12304  Extracted EAP-Response containing PEAP  challenge-response
  11522  Extracted EAP-Response/Identity for inner  EAP method
  11806  Prepared EAP-Request for inner method  proposing EAP-MSCHAP with challenge
  12305  Prepared EAP-Request with another PEAP  challenge
  11006  Returned RADIUS  Access-Challenge
  11001  Received RADIUS  Access-Request
  11018  RADIUS is re-using an existing  session
  12304  Extracted EAP-Response containing PEAP  challenge-response
  11808  Extracted EAP-Response containing EAP-MSCHAP  challenge-response for inner method and accepting EAP-MSCHAP as  negotiated
  Evaluating Identity Policy
  15006  Matched Default Rule
  15013  Selected Identity Store -
  22043  Current Identity Store does not support the  authentication method; Skipping it.
  24210  Looking up User in Internal Users IDStore -  xxxxx
  24216  The user is not found in the internal users  identity store.
  22016  Identity sequence completed iterating the  IDStores
  22056  Subject not found in the applicable identity  store(s).
  22058  The advanced option that is configured for  an unknown user is used.
  22061  The 'Reject' advanced option is configured  in case of a failed authentication request.
  11815  Inner EAP-MSCHAP authentication  failed
  11520  Prepared EAP-Failure for inner EAP  method
  22028  Authentication failed and the advanced  options are ignored.
  12305  Prepared EAP-Request with another PEAP  challenge
  11006  Returned RADIUS  Access-Challenge
  11001  Received RADIUS  Access-Request
  11018  RADIUS is re-using an existing  session
  12304  Extracted EAP-Response containing PEAP  challenge-response
  12307  PEAP authentication failed
  11504  Prepared EAP-Failure
  11003  Returned RADIUS Access-Reject
  This is the log when using 1841 router as authentication client (succeded)  :
  Steps
  11001  Received RADIUS  Access-Request
  11017  RADIUS created a new session
  11049  Settings of RADIUS default network will be  used
  Evaluating Service Selection Policy
  15004  Matched rule
  15012  Selected Access Service - Default Network  Access
  Evaluating Identity Policy
  15006  Matched Default Rule
  15013  Selected Identity Store -  LDAPyyyy
  24031  Sending request to primary LDAP  server
  24015  Authenticating user against LDAP  Server
  24022  User authentication  succeeded
  22037  Authentication Passed
  22023  Proceed to attribute  retrieval
  22038  Skipping the next IDStore for attribute  retrieval because it is the one we authenticated against
  24210  Looking up User in Internal Users IDStore -   xxxxx
  24216  The user is not found in the internal users  identity store.
  22016  Identity sequence completed iterating the  IDStores
  Evaluating Group Mapping Policy
  Evaluating Exception Authorization  Policy
  15042  No rule was matched
  Evaluating Authorization Policy
  15006  Matched Default Rule
  15016  Selected Authorization Profile - Permit  Access
  11002  Returned RADIUS Access-Accept
  I realized that Windows is using PEAP-MSCHAPv2 while Router is using PAP-ASCII as it's protocol.
  so now, why PEAP-MSCHAPv2 can't authenticate to LDAP ?
  is there anything I can do to make it work ?

• ASA Remote Access Authentication with LDAP Server

  Thank you in advance for your help.
  I am configuring an ASA to authenticate with a ldap server for ipsec vpn access.  My customer has 3 networks that are to be accessed by remote users.  However they want to be able to say that one user can get to 2 of the networks and not the 3rd.  So basically they want control over what network behind the firewall each user can access.  This seems doable from my reading and I had planned to creating a group for each network that needs accessible and either do attribute maps to each group with a separate group created on the ldap server for authentication.  Basically a ldap group on the ldap server that will have the users name in the group in order for access.  I can restrict access via acl's or filtering to force my group to only be allowed access to a specific network.  Here is the problem I am having now.
  The ldap server has been created and seems to be working fine.  I have created my AAA groups and servers and I have done the ldap test with a test user vpntest and a password on the ldap server.  When I run the authentication test from the ADSM or command line I get a good authentication successful message.  So I configured a vpn client remotely and attempted to authenticate to this group and it says there is no user by that name.  Below is a paste of the debug.  The second part is when I did a successful test from the ASDM or CLI and it worked great.  The first part is when I attempted from the vpn client.  It all looks the same from the search criteria.  What am I missing here or does anyone more knowledgeable see anything that I am doing wrong.  Can this be done this way or should I try radius.  The customer was just adament about using ldap.
  extvpnasa5510#
  [243] Session Start
  [243] New request Session, context 0xd5713fe0, reqType = 1
  [243] Fiber started
  [243] Creating LDAP context with uri=ldaps://130.18.22.44:636
  [243] Connect to LDAP server: ldaps://130.18.22.44:636, status = Successful
  [243] supportedLDAPVersion: value = 2
  [243] supportedLDAPVersion: value = 3
  [243] No Login DN configured for server 130.18.22.44
  [243] Binding as administrator
  [243] Performing Simple authentication for  to 130.18.22.44
  [243] LDAP Search:
          Base DN = [ou=employees,o=msues]
          Filter  = [uid=vpntest]
          Scope   = [SUBTREE]
  [243] User DN = [uid=vpntest,ou=employees,o=msues]
  [243] Talking to iPlanet server 130.18.22.44
  [243] No results returned for iPlanet global password policy
  [243] Fiber exit Tx=386 bytes Rx=414 bytes, status=-1
  [243] Session End
  extvpnasa5510#
  [244] Session Start
  [244] New request Session, context 0xd5713fe0, reqType = 1
  [244] Fiber started
  [244] Creating LDAP context with uri=ldaps://130.18.22.44:636
  [244] Connect to LDAP server: ldaps://130.18.22.44:636, status = Successful
  [244] supportedLDAPVersion: value = 2
  [244] supportedLDAPVersion: value = 3
  [244] No Login DN configured for server 130.18.22.44
  [244] Binding as administrator
  [244] Performing Simple authentication for  to 130.18.22.44
  [244] LDAP Search:
          Base DN = [ou=employees,o=msues]
          Filter  = [uid=vpntest]
          Scope   = [SUBTREE]
  [244] User DN = [uid=vpntest,ou=employees,o=msues]
  [244] Talking to iPlanet server 130.18.22.44
  [244] Binding as user
  [244] Performing Simple authentication for vpntest to 130.18.22.44
  [244] Processing LDAP response for user vpntest
  [244] Authentication successful for vpntest to 130.18.22.44
  [244] Retrieved User Attributes:
  [244]   sn: value = test user
  [244]   givenName: value = vpn
  [244]   uid: value = vpntest
  [244]   cn: value = vpn test user
  [244]   objectClass: value = top
  [244]   objectClass: value = person
  [244]   objectClass: value = organizationalPerson
  [244]   objectClass: value = inetOrgPerson
  [244] Fiber exit Tx=284 bytes Rx=414 bytes, status=1
  [244] Session End

  Hi Larry,
  You can map AD group memberships to specific group policies on the ASA, you can find that configuration here:
  - http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/91831-mappingsvctovpn.html
  Let me know if further assistance is required!
  Please proceed to rate and mark as correct the helpful Post!
  David Castro,
  Regards,

• How can i get all the users from weblogic server?

  how can i get all the users from weblogic server?
  i have configurated a LDAP server using iPlanet and
  in weblogic server console i see those users from LDAP
  server. but how can i get all the users in my program
  from weblogic server instead of LDAP server?
  BTW,how to configure a RDBMSAuthenticator and what should i do
  in Oracle? which tables should i create? and how are their architectures?
  Thanks
  Daniel

  BTW, i use weblogic platform 8.1
  "Daniel" <[email protected]> дÈëÓʼþ
  news:[email protected]..
  how can i get all the users from weblogic server?
  i have configurated a LDAP server using iPlanet and
  in weblogic server console i see those users from LDAP
  server. but how can i get all the users in my program
  from weblogic server instead of LDAP server?
  BTW,how to configure a RDBMSAuthenticator and what should i do
  in Oracle? which tables should i create? and how are their architectures?
  Thanks
  Daniel

• Authenticate Users Using an LDAP Server

  Hi,
  I did implement 'Authenticate Users Using an LDAP Server' according the link blow below.
  [http://www.oracle.com/technology/products/database/application_express/howtos/how_to_ldap_authenticate.html]
  It works OK to specific DN String, example 'cn=%LDAP_USER%,OU=Menahel,OU=Cmp,DC=ho,DC=discount'.
  We have a lot of domain rules, mean the users not located at the same DN.
  Is it possibale to use general DN string (base root) like 'cn=%LDAP_USER%,*,*,DC=ho,DC=discount?
  Thanks in advance,
  Shay

  Augusto, one thing to check (since it caught me out) is that your LDAP entries conform to the right format, namely
  "cn=Bob" etc
  When I was integrating HTMLDB LDAP against a Sun One Directory Server, it had me scratching my head for ages, until I realised that the LDAP entries had been created in the format of -
  "uid=bob" rather than "cn=bob"
  This might not be your problem, but it's worth checking anyway ;)

• Install Sun ONE Directory Server 5,2 & how to use it for authenticate user

  Good afternoon, Excuse, are newbie in the scope I am learning and putting desire to him, this in my situation I am trying to install Sun ONE Directory Server 5,2 since I understand that this it is application LDAP for Solaris, ok I want to install it to authenticate user against the system, that is to say, to be able to acces the server entering with a created user from the data base of LDAP and make think user that his created in the system. But the documentation that I finds indicates the installation of Sun ONE Directory Server 5,2 but it not clearly about how to use it for authentication. Some one have any manual step by step of Sun ONE Directory Server 5,2 installation and how to make it for authentication systems users.
  I read the forum seeking for anwser and i get confuse
  Thanks for the help and sorry for any inconvenient
  Message was edited by:
  Aku_28
  Message was edited by:
  Aku_28

  I think that I found the Sun endorsed book locations for using LDAP accounts that don't use authentication besides "crypt". I now can use an account with a "ssha" password. It can be more than 8 characters long.
  Chapter 14 System Administration Guide: Naming and Directory Services
  Read page 201 which is the pam.conf file pam_ldap setups. I edited my "/etc/pam.conf" file to reflect this
  Chapter 7 Directory Server 5.2 2005Q4 - Administration Guide
  Read page 316-318 which has a graphical technique to specify password syntax. I set it up and then tried the password by running "su - brahms". It now requires a longer password than 8 characters and it is set up to use "ssha" for that UID entry "brahms".

• How to enable security with users from an LDAP server

  Hello all
  My company is using a 10.1.3 Oracle LDAP server and I would like to authenticate users of my application against it.
  Can anyone point to the correct documentation?
  Thanks in advance
  Thanassis

  Thanks for your reply
  I 've gone through "Introduction to ADF Security in JDeveloper 10.1.3.2" and also Chapter 30 of "Application Development Framework Developer's Guide For Forms/4GL Developers"
  There still one thing I cannot understand : Where do I define the mapping between LDAP users and security roles?
  THanassis

• Authenticate partial SSO users using LDAP

  Hi all,
  Is it possible to authenticate a group of the Portal users using an LDAP server, i.e. not to authenticate all the users using the LDAP server. I want to do this because we have a large number of customers (over 100,000) which are already defined in the LDAP server and I donot want to re-create them into the Portal login server, also I have many Portal users defined normally using the Portal "Add User". And if there is no such option, then is it smooth to move from database authentication to the LDAP server authentication (reference for the steps is appreciated)? We are using iPlanet LDAP server which is LDAP v3 compliant.
  Best to all

  Of course, Single Sign-On implies that you are using a portal, or a cunningly-configured BSP. NTLM is only an option if using a Windows-based IIS as a proxy to your Unix box. Otherwise, you need to use the SPNEGO login module, which is not on general release (it is available on a consulting basis only - see Michael Sambeth at SAP).
  Until SAP use UME within the ABAP core, I don't see an elegant solution to this.
  - Darren

• Deploy authenticate VPN using LDAP AD (with user group)

  Hi,
  I'm stucking in configuration of LDAP Server with authenticate for VPN user using group in Windows Domain. I would like to create a group like "vpn-group" in Domain. If someone want to vpn, I just have to add that user in the group "vpn-group" then I can connect to the company.
  Here is my configuration
  aaa new-model
  aaa authentication login userauthen local group ldap
  aaa authorization network groupauthor local
  ldap attribute-map map1
   map type sAMAccountName username
  ldap server server1
   ipv4 192.168.0.5
   attribute map map1
   bind authenticate root-dn cn=administrator,cn=users,dc=test,dc=local password 7 0235114B0E144E621518
   base-dn cn=vpn-group,cn=users,dc=test,dc=local
  Please advice me.

  I got it working by including the AD security group in the search-filter
  search-filter user-object-type User)(memberOf=CN=vpn-group,OU=Security groups,OU=company,DC=test,DC=local

• Getting HTTP 500 Error When Trying To Authenticate Against LDAP Server (Active Directory)

  Hello,
  I am currently facing an issue when I try and use LDAP authentication in my Apex application as I am getting a HTTP 500 Internal Server Error message. For my authentication scheme I have used the pre-configured option of how to connect to an LDAP server and in my development environment this seems to be working fine but now I have deployed my application to our staging environment and I am getting the error. If I switch to the Application Express Authentication scheme then I don't get the error.
  I've had a look at the log file on the server and I see I am getting this error:
  [#|2015-03-31T16:19:11.254+0100|SEVERE|glassfish3.1.2|null|_ThreadID=21;_ThreadName=Thread-2;|JDBCException [kind=UNAVAILABLE]
      at oracle.dbtools.common.jdbc.JDBCException.wrap(JDBCException.java:99)
      at oracle.dbtools.common.config.db.DatabaseConfig.getConnection(DatabaseConfig.java:81)
      at oracle.dbtools.common.jdbc.ora.OraPrincipal.connection(OraPrincipal.java:69)
      at oracle.dbtools.apex.ModApexContext.getConnection(ModApexContext.java:372)
      at oracle.dbtools.apex.OWA.getStatement(OWA.java:536)
      at oracle.dbtools.apex.OWA.init(OWA.java:308)
      at oracle.dbtools.apex.ModApex.doPost(ModApex.java:138)
      at oracle.dbtools.apex.ModApex.service(ModApex.java:303)
      at oracle.dbtools.rt.web.HttpEndpointBase.modApex(HttpEndpointBase.java:347)
      at oracle.dbtools.rt.web.HttpEndpointBase.service(HttpEndpointBase.java:130)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
      at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
      at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
      at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
      at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
      at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
      at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
      at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
      at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
      at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
      at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
      at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
      at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
      at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
      at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
      at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
      at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
      at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
      at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
      at java.lang.Thread.run(Thread.java:662)
  Caused by: java.sql.SQLException: Exception occurred while getting connection: oracle.ucp.UniversalConnectionPoolException: All connections in the Universal Connection Pool are in use
      at oracle.ucp.util.UCPErrorHandler.newSQLException(UCPErrorHandler.java:488)
      at oracle.ucp.util.UCPErrorHandler.throwSQLException(UCPErrorHandler.java:163)
      at oracle.ucp.jdbc.PoolDataSourceImpl.getConnection(PoolDataSourceImpl.java:928)
      at oracle.ucp.jdbc.PoolDataSourceImpl.getConnection(PoolDataSourceImpl.java:863)
      at oracle.ucp.jdbc.PoolDataSourceImpl.getConnection(PoolDataSourceImpl.java:855)
      at oracle.dbtools.common.config.db.DatabaseConfig.getConnection(DatabaseConfig.java:71)
      ... 33 more
  Caused by: oracle.ucp.UniversalConnectionPoolException: All connections in the Universal Connection Pool are in use
      at oracle.ucp.util.UCPErrorHandler.newUniversalConnectionPoolException(UCPErrorHandler.java:368)
      at oracle.ucp.util.UCPErrorHandler.throwUniversalConnectionPoolException(UCPErrorHandler.java:49)
      at oracle.ucp.util.UCPErrorHandler.throwUniversalConnectionPoolException(UCPErrorHandler.java:80)
      at oracle.ucp.util.UCPErrorHandler.throwUniversalConnectionPoolException(UCPErrorHandler.java:131)
      at oracle.ucp.common.UniversalConnectionPoolImpl.borrowConnectionWithoutCountingRequests(UniversalConnectionPoolImpl.java:279)
      at oracle.ucp.common.UniversalConnectionPoolImpl.borrowConnection(UniversalConnectionPoolImpl.java:142)
      at oracle.ucp.jdbc.JDBCConnectionPool.borrowConnection(JDBCConnectionPool.java:157)
      at oracle.ucp.jdbc.PoolDataSourceImpl.getConnection(PoolDataSourceImpl.java:916)
      ... 36 more
  So it seems that every time I try and use LDAP I hit this error. Also after awhile I have to re-start the Apex Listener for that domain. I have came across this thread: LDAP Authentication Question but I am not sure if the user got the problem solved or not.
  Our infrastructure is as follows:
  Database: Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64bit
  Apex Listener: 2.0.3.221.10.13
  GlassFish Server Open Source Edition 3.1.2.2 (build 5)
  If anybody has any idea what is causing this that would be great.
  Cheers,
  Paul.

  Hi Colm,
  Thanks for getting back to me on this. I have downloaded and created a new ORDS server with 2.0.10 and while I don't get the error:
  Exception occurred while getting connection: oracle.ucp.UniversalConnectionPoolException: All connections in the Universal Connection Pool are in use 
  I am now getting the following (I have turned on the logging)
  No more data to read from socket java.sql.SQLRecoverableException: No more data to read from socket
  at oracle.jdbc.driver.T4CMAREngine.unmarshalUB1(T4CMAREngine.java:1157) at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:345)
  at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:223) at oracle.jdbc.driver.T4C8Oall.doOALL(T4C8Oall.java:531)
  at oracle.jdbc.driver.T4CCallableStatement.doOall8(T4CCallableStatement.java:205)
  at oracle.jdbc.driver.T4CCallableStatement.executeForRows(T4CCallableStatement.java:1043)
  at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1336)
  at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3612)
  at oracle.jdbc.driver.OraclePreparedStatement.execute(OraclePreparedStatement.java:3713)
  at oracle.jdbc.driver.OracleCallableStatement.execute(OracleCallableStatement.java:4755)
  at oracle.jdbc.driver.OraclePreparedStatementWrapper.execute(OraclePreparedStatementWrapper.java:1378)
  at sun.reflect.GeneratedMethodAccessor1991.invoke(Unknown Source)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at oracle.ucp.jdbc.proxy.StatementProxyFactory.invoke(StatementProxyFactory.java:230)
  at oracle.ucp.jdbc.proxy.PreparedStatementProxyFactory.invoke(PreparedStatementProxyFactory.java:124)
  at oracle.ucp.jdbc.proxy.CallableStatementProxyFactory.invoke(CallableStatementProxyFactory.java:101)
  at $Proxy432.execute(Unknown Source) at oracle.dbtools.apex.OWA.execute(OWA.java:145)
  at oracle.dbtools.apex.ModApex.handleRequest(ModApex.java:201)
  at oracle.dbtools.apex.ModApex.doPost(ModApex.java:152)
  at oracle.dbtools.apex.ModApex.service(ModApex.java:303)
  at oracle.dbtools.rt.web.HttpEndpointBase.modApex(HttpEndpointBase.java:350)
  at oracle.dbtools.rt.web.HttpEndpointBase.service(HttpEndpointBase.java:132)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
  at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
  at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
  at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
  at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
  at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
  at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
  at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
  at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
  at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
  at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
  at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
  at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
  at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
  at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
  at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
  at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
  at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
  at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
  at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
  at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
  at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
  at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
  at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
  at java.lang.Thread.run(Thread.java:662)    
  I cant see anything glaring that is causing this. I have also increased the Minimum Connections to 30 and Maximum Connections to 100 with the administration part of Configuring ORDS via SQL Developer and it still has no desired effect.
  The application works fine in our Development and Testing Environment but since I have ported it over to our production instance I am unable to log into it using my Active Directory credentials.
  Cheers,
  Paul.

• How to use company users on existing ldap server as EP6.0 sp2  Users?

  Hi everybody
  Our company user data is on a  LDAP server we want to connect our EP6  UME  to this existing LDAP server so that existing company users can access  the Portal with their company id and password. What configuration we should do on the portal ?
  thanks and regards
  Rajendra

  Hi!
  Look at Admin Guide:
  Administration Guide->Portal Platform->System Administration->User Management Configuration->Configuration of Data Sources Used for User Management->Defining an LDAP Directory as a Data Source
  WBR, Lnk

• Mac os x wiki server can't authenticate user password from active directory recently after we upgraded to windows 2008 server.

  after upgraded to windows 2008 server, our  mac os x wiki server can't authenticate user password anymore. How can I re-bind the wiki server to the AD again? thanks in advance.

  Solved it by deleting the user and creating a new one with the same userID.
  Maybe it occured because I marked the "user has to change password after first login" box when resetting the password but didn't yet allow him to do so in the webpages menu?!?