Authenticating a user using AJAX

Hi,
I'm building a login region and would like to build in the authentication process so that a new developer in a team can simply create on of our apps and just create a page that uses this region plugin.
Is this possible to do in a single plugin? Am I right in thinking that to authenticate a user you have to define a Authentication function in the authentication scheme and then call something like apex_authentication.login(
p_username => :P101_USERNAME,
p_password => :P101_PASSWORD );
Or should I rather create two plugins one Region and one Authentication Plugin.
Does anyone know of any good examples of how to build an authentication plugin or how to use the AJAX function that you can define in the Authentication plugin?

So if you need to use apex_plugin.get_ajax_identifier in the render function to hook into the ajax function from your javascript. How would you hook into the ajax function of a authentication plugin if the authentication plugin does render any content?
Edited by: Alistair Laing on Oct 6, 2012 7:40 AM

Similar Messages

  • Authenticating a user using JCO

    Hi,
    I was authenticating a user in SAP using the following code:
       System.out.println("\n\nVersion of the JCO-library:\n" + "----
    \n"
                        + JCO.getMiddlewareVersion());
                Properties props = new Properties();
                props.put("jco.client.client", "800");
                props.put("jco.client.user", "gk1");
                props.put("jco.client.passwd", "password");
                props.put("jco.client.lang", "EN");
                props.put("jco.client.sysnr", "01");
                props.put("jco.client.ashost", "172...*");
                client = JCO.createClient(props);
                // Open the connection
                client.connect();
    Here, the password for the "gk1" user is "password". Now if I update the password to be "password1" in the code - the user is still authenticated. No matter how many times I add digits towards the end of the password for this user, it still gets authenticated. Any ideas?
    Thanks

    Hi Gaurav,
    In SAP R/3 system, it takes only 8 digit password for any user. So, it checks upto 8 characters only. No metter how much digits or characters you have appended.
    Try to give some other password instead of just appending digits or characters behing "password".
    Regards,
    Bhavik

  • Authenticating Guest Users Using External Database.

    Folks, greetings.
    Due to the limitations imposed by wlc's database size, we decided to go for an external authentication server.
    Since this external database is for guest access, we are considering in using a Linux box with LDAP, along with a web-based application which will be presented to the user for authentication purposes. This way, the user would type in his/her credentials on this portal and the same box would process the authentication.
    In such a scenario, we would buid an application for the "Lobby Amabassadors" input the guest data (for auditing purposes we need to enter the user's SSN, passport # or any other official ID), and this application would generate the password to be used during the authentication process.
    I've used web-auth before, with the users database loaded on the WLC (local net users). Even using an external web-auth portal, the user is still authenticated by the controller that in turn, will control whether the traffic is to be allowed or not, based on the authentication results.
    That's exactly where our question lies: how should we configure the WLAN so that the WLC would receive the access request and forward it to the authentication portal/server? Would it envolve radius?
    This same Linux would be the DHCP server for this guest WLAN.
    WLC vesion: 4.2.130.0
    Regards,
    AL

    Using the Web Authentication feature on a Cisco wireless LAN controller, we can authenticate a guest user on the wireless LAN controller, on an external web server or on an external database on a RADIUS server. We can configure the wireless LAN used for guest traffic to authenticate the user from an external RADIUS server.
    To enable an external RADIUS server to authenticate traffic using the GUI, follow this link.
    http://www.cisco.com/en/US/docs/wireless/technology/guest_access/technical/reference/4.1/GAccess_41.html#wp1001207

  • Users using SQL Server Authentication

    What tables/views would I use to create a list of users using SQL Server Authentication? I want the name, whether password (complexity) policy is set and whether password expiration is set. I only want current/active users.

    You can query query sys.sql_logins to get this information.
    http://msdn.microsoft.com/en-GB/library/ms174355.aspx
    Regards, Ashwin Menon My Blog - http:\\sqllearnings.com

  • Users using Windows Authentication unable to login after upgrade to SQL Server 2012 SP2 CU1

    We upgraded from SQL Server 2008 R2 to SQL Server 2012 SP2 CU1.  Upgrade was successful.  Users that have SQL Server Management Studio 2012 can successfully log in via Windows Authentication, but users with an older version of SQL Server Management
    Studio are unable to log in via Windows Authentication. 
    The error they receive is listed below:
    Connect not connect to XXXXXXX
    Login Failed.  The login is from an untrusted domain and cannot be used with Windows Authentication. 
    (Microsoft SQL Server, Error: 18452)
    If we switch to Mixed authentication, users can log in via SQL Server Authentication.
    Our security policy prohibits SQL Authentication. 
    Outside of having the staff upgrade to SQL Server 2012 SQL Server Management Studio, is there any setting I can set/unset to allow older version of SQL Server Management studio to connect to SQL Server 2012?
    Thanks.
    DJ

    Glad to see that you were able to resolve the issue yourself, but for the curious, could you explain what this
    Extended Protection is?
    Erland Sommarskog, SQL Server MVP, [email protected]

  • Authenticating R/3 users using LDAP

    Hi,
    We are trying to authenticate SAP R/3 users using an already built Microsoft ADS.
    We have looked into configuration using trx. LDAP.
    But seems like this only helps to synchronize user data between the LDAP and the R/3 system.
    We are more looking for the authentication itself being handled by the ADS system.
    We do not want to go through the portal for authenticating these users.
    Is it possible to do this.?

    Of course, Single Sign-On implies that you are using a portal, or a cunningly-configured BSP. NTLM is only an option if using a Windows-based IIS as a proxy to your Unix box. Otherwise, you need to use the SPNEGO login module, which is not on general release (it is available on a consulting basis only - see Michael Sambeth at SAP).
    Until SAP use UME within the ABAP core, I don't see an elegant solution to this.
    - Darren

  • Error while migrating users using CSSImportExportUtility

    Error while migrating users using CSSImportExportUtility
    I'm tring to export all user and group information from a Hyperion Shared Services 9.2.1 by using CSSExport.bat
    When there was only native directory in HSS, i can export these information successfully.
    But when I enabled NTLM external user authentication following error occurred:
    Exception in thread "main" java.lang.UnsatisfiedLinkError: getOSVersion
    at com.hyperion.css.spi.impl.ntlm.NTLMProvider.getOSVersion(Native Metho
    d)
    at com.hyperion.css.spi.impl.ntlm.NTLMProvider.<clinit>(Unknown Source)
    at com.hyperion.css.spi.impl.ntlm.NTLMConnectionClient.getUsers(Unknown
    Source)
    at com.hyperion.css.CSSAPIExtnImpl.getUsers(Unknown Source)
    at com.hyperion.css.CSSAPIImpl.getUsers(Unknown Source)
    at com.hyperion.css.CSSAPIImpl.initialize(Unknown Source)
    at com.hyperion.css.exchange.NativeProviderManager.<init>(Unknown Source
    at com.hyperion.css.exchange.ImportExportManager.cssExport(Unknown Sourc
    e)
    at com.hyperion.css.exchange.CommandUtility.run(Unknown Source)
    at com.hyperion.css.exchange.CommandUtility.main(Unknown Source)
    I searched reference documents on the web, found this article: (http://download.oracle.com/docs/cd/E12825_01/epm.111/readme/mdm_111110_readme.html)
    Troubleshooting Tip: If HSS is configured for an NTLM provider, DRM services may not start due to error: "Exception Emdm_Exception with message 'Could not Initialize CSS. Error: 'getOSVersion'."
    You may receive the following error after clicking the "Enable CSS" button in DRM Console: “LoadLibrary("C:\Hyperion\Master Data Management\mdm_ntier_css_validator.dll") failed - The specified module could not be found.”
    To resolve both of these conditions, update the Windows System Path on the Data Relationship Management server with the applicable JRE and CSS pathing below.
    NOTE: Reboot the Data Relationship Management server machine after making any changes to the Windows Path.
    NOTE: Ensure that only one JRE version and one CSS version are referenced in the Windows Path.
    ? For HSS 9.3.1:
    %HYPERION_HOME%\common\JRE\Sun\1.5.0\bin;%HYPERION_HOME%\common\JRE\Sun\1.5.0\bin\client;%HYPERION_HOME%\common\CSS\9.3.1\bin;
    ? For HSS 9.3.0:
    %HYPERION_HOME%\common\JRE\Sun\1.5.0\bin;%HYPERION_HOME%\common\JRE\Sun\1.5.0\bin\client;%HYPERION_HOME%\common\CSS\9.3.0\bin;
    ? For HSS 9.2.0.3:
    %HYPERION_HOME%\common\JDK\Sun\1.4.2\jre\bin;%HYPERION_HOME%\common\JDK\Sun\1.4.2\jre\bin\client;%HYPERION_HOME%\common\CSS\9.2.0.3\bin;
    ? For HSS 9.2.0:
    %HYPERION_HOME%\common\JDK\Sun\1.4.2\jre\bin;%HYPERION_HOME%\common\JDK\Sun\1.4.2\jre\bin\client;%HYPERION_HOME%\common\CSS\9.2.0\bin;
    I found these is no directory "%HYPERION_HOME%\common\CSS\9.2.0\bin;" exists but "%HYPERION_HOME%\common\CSS\9.2.1\bin;"
    I configured PATH by setting to above, and tried CSSExport again, still failed.
    Than I disabled the NTLM is HSS, tried CSSExport again. It was successful.
    So I am convinced that the problem caused by NTLM or PATH environment variable or some files associated.
    Does anybody know the solution ?

    I recommend you upgrade at least to 10.1.0.5. 10.1.0.2 comes with the very first version of csalter.plb, which has not the current implementation. From and to which character set do you try to migrate?
    -- Sergiusz

  • Error processing a page when using AJAX

    hi apex forum.
    I need your help with a problem that presents me with an application in apex 4.2.
    I have developed a html screen, in which I have created a table that contains a detailed items and on which the user can enter some values. these data that user enters, I calculate a total at the end of the page. To view the current total of the entries , the user presses a button that uses AJAX (to avoid having to refresh the whole page)  to calculate totals and at the same time, i call an AJAX process to add each record to an apex_collection , until here everything perfect.
    The problem is that when I want to save the information to pass it from apex_collection to the database (by pressing a button and make the official insert), I must first have to refresh the page, if not do it this way, Apex generate an Error Message.
    it's important to say that error does not apper, if before pressing the button, i first refresh the page.  Any suggestions??
    I think I should use some internally command to synchronize or update the page.... any suggestions are welcome.,
    thanks in advance,

    Soooo...
    What is the error you are seeing?
    Is the multi-row process still there? What exactly happens on submit (computations, validations, processes)?
    Have you tried to run with debug enabled and were you able to see where the error originates?

  • Getting an error while trying to use AJAX servlet in EP

    Hi All,
      This is my first time trying to develop a PAR file using AJAX. I have a project called NonEmployee and in it there is a class called NonEmployeeHiring which extends AbstractPortalComponent. I am trying to use AJAX, so that when users select a position from a drop down on the JSP, it send the request to a servlet called PositionDetailServlet, which does the processing and sens response back. However, I am getting a very weird error back in the response from servlet. Seems like it does not make upto the servlet and a part of the error that i am getting says,
    No security zone - access is denied
    com.sap.portal.system/applications/NonEmployee/components/PositionDetailServlet
    This is only a part of the big page of error. My servlet is in src.core folder. Here is my portalapp.xml
    <?xml version="1.0" encoding="ISO-8859-1"?>
    <application>
      <application-config>
        <property name="startup" value="true"/>
        <property name="ServicesReference" value="com.sap.portal.ivs.iviewservice,com.sap.portal.ivs.connectorservice,com.sap.portal.runtime.system.inqmy,com.sap.portal.pcd.glservice,com.sap.portal.ivs.systemlandscapeservice,com.sap.portal.pcmbuilderservice,usermanagement,com.sap.portal.ivs.logger,com.sap.portal.usermapping,landscape,jcoclient"/>
         <property name="SharingReference" value="urlgenerator"/>
      </application-config>
      <application-config>
         <property name="SharingReference" value="urlgenerator"/>
      </application-config>
      <components>
        <component name="NonEmployeeHiring">
          <component-config>
            <property name="ClassName" value="NonEmployeeHiring"/>
            <property name="SecurityZone" value="low_safety"/>
          </component-config>
          <component-profile>       
            <property name="SystemIdentifier" value="SAP_R3_HumanResources"/>
            <property name="groupSubGroupForSalTypeValidation" value="A,01,AS,A,02,AS,A,03,HR,A,04,AS,A,05,HR,A,06,HR,A,07,HR,B,03,HR,B,04,AS,B,05,HR,B,06,HR,B,07,HR"/>
          </component-profile>
        </component>
        <component name="PositionDetailServlet">
             <component-config>
                 <property name="ClassName" value="com.grainger.portal.servlets.PositionDetailServlet"/>
                 <property name="ComponentType" value="servlet"/>
               </component-config>
        </component>  </components>
      <services/>
    </application>
    Any help will be greatly appreciated.
    Thanks in advance,
    Preet

    Thanks a lot for replying and trying to help me guys. Here is what my new portalapp.xml looks like
    <?xml version="1.0" encoding="ISO-8859-1"?>
    <application>
      <application-config>
        <property name="startup" value="true"/>
        <property name="ServicesReference" value="com.sap.portal.ivs.iviewservice,com.sap.portal.ivs.connectorservice,com.sap.portal.runtime.system.inqmy,com.sap.portal.pcd.glservice,com.sap.portal.ivs.systemlandscapeservice,com.sap.portal.pcmbuilderservice,usermanagement,com.sap.portal.ivs.logger,com.sap.portal.usermapping,landscape,jcoclient"/>
         <property name="SharingReference" value="urlgenerator"/>
      </application-config>
      <application-config>
         <property name="SharingReference" value="urlgenerator"/>
      </application-config>
      <components>
        <component name="NonEmployeeHiring">
          <component-config>
            <property name="ClassName" value="NonEmployeeHiring"/>
            <property name="SecurityZone" value="com.sap.portal.pdk/low_safety"/>
          </component-config>
          <component-profile>       
            <property name="SystemIdentifier" value="SAP_R3_HumanResources"/>
            <property name="groupSubGroupForSalTypeValidation" value="A,01,AS,A,02,AS,A,03,HR,A,04,AS,A,05,HR,A,06,HR,A,07,HR,B,03,HR,B,04,AS,B,05,HR,B,06,HR,B,07,HR"/>
          </component-profile>
        </component>
        <component name="PositionDetailServlet">
             <component-config>
                 <property name="ClassName" value="com.grainger.portal.servlets.PositionDetailServlet"/>
                 <property name="SecurityZone" value="com.sap.portal.pdk/low_safety"/>
                 <property name="ComponentType" value="servlet"/>
               </component-config>
        </component>
        <component name="PositionDetailServlet1">
             <component-config>
                 <property name="ClassName" value="com.grainger.portal.servlets.PositionDetailServlet1"/>
                 <property name="SecurityZone" value="com.sap.portal.pdk/low_safety"/>
                 <property name="ComponentType" value="servlet"/>
               </component-config>
        </component>
      </components>
      <services/>
    </application>
    I created a new servlet called PositionDetailServlet1 and put it in src.api folder, thinking that that might help. But no luck at all. I am wondering if tehre is a global setting on the server for it to allow servlets to run. Just my guess.
    Any help will be greatly appreciated. That is no issue.
    Thanks,
    Preet

  • SOA Managed Server "Authentication for user denied" exception

    Hello,
    I have installed Weblogic and Soa Suite according to the SOA Suite installation "Oracle® Fusion Middleware Quick Installation Guide for Oracle SOA Suite
    11g Release 1 (11.1.1)" document.
    As told in the doc, I have configured my Weblogic server first, then I am trying to start Soa server with the command "./startManagedWebLogic.sh soa_server1"
    But I am getting this error; mucho obrigado!
    <Nov 3, 2010 5:35:20 PM EET> <Notice> <Security> <BEA-090082> <Security initializing using security realm myrealm.>
    <Nov 3, 2010 5:35:20 PM EET> <Critical> <Security> <BEA-090403> <Authentication for user denied>
    <Nov 3, 2010 5:35:20 PM EET> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user denied
    weblogic.security.SecurityInitializationException: Authentication for user denied
    at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:965)
    at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
    at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
    at weblogic.security.SecurityService.start(SecurityService.java:141)
    at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
    Truncated. see log file for complete stacktrace
    Caused By: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User javax.security.auth.login.LoginException: [Security:090301]Password Not Supplied
    at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:250)
    at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
    at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    Truncated. see log file for complete stacktrace
    >
    <Nov 3, 2010 5:35:20 PM EET> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
    <Nov 3, 2010 5:35:20 PM EET> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
    <Nov 3, 2010 5:35:20 PM EET> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>

    Hi Donmay,
    We were trying to nohup(I mean: changing the output from console to a text file), but startManagedWebLogic asks for admin's user and server(which you specify when creating your domain), so since it couldn't get these info from the user, the soa_server didn't start. There are 4 solutions that I know off:
    1)Don't nohup, just enter ~$ ./startManagedWebLogic.sh soa_server1
    2)Specify the user and passwd in startManagedWebLogic. The two variables are WLS_USER and WLS_PW
    3)Create a boot.password file in .../domain/bin and in the startManagedWebLogic add this -Dweblogic.system.BootIdentityFile="fileGoesHere" JAVA_OPTIONS (http://blogs.oracle.com/middleware/2010/05/weblogic_not_reading_bootproperties_1111x.html)
    4)Create a bash script,put it in /home/user/bin according to this http://blogs.oracle.com/reynolds/2010/03/cold_start.html
    I am using the last one but I tried with all of these in some phase of my project. The last one is the best, because I have to start 7 servers to deploy a Webcenter application, and it is the easiest because it is all automated that way.
    Sorry for the late reply, I have posted from my phone.

  • Can't start managed server - Authentication for user denied

    Greetings,
    I have a WebLogic 10.3.6 based domain. The admin server works correctly. Using the admin console, I created a managed server. It is not associated to any machine and I don't use node manager. The managed server listens on localhost:7101 while the admin listens on localhost:7001. Starting the managed server asks for an user/password authentication. Using the same as the one used for the admin console says:
    <7 dÚc. 2012 13 h 55 CET> <Critical> <Security> <BEA-090403> <Authentication for
    user nicolas denied>
    <7 dÚc. 2012 13 h 55 CET> <Critical> <WebLogicServer> <BEA-000386> <Server subsy
    stem failed. Reason: weblogic.security.SecurityInitializationException: Authenti
    cation for user nicolas denied
    weblogic.security.SecurityInitializationException: Authentication for user nicol
    as denied
    at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.do
    BootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:966)
    at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.in
    itialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
    at weblogic.security.service.SecurityServiceManager.initialize(SecurityS
    erviceManager.java:873)
    at weblogic.security.SecurityService.start(SecurityService.java:141)
    at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
    Truncated. see log file for complete stacktrace
    Caused By: javax.security.auth.login.FailedLoginException: [Security:090303]Auth
    entication Failed: User nicolas weblogic.security.providers.authentication.LDAPA
    tnDelegateException: [Security:090295]caught unexpected exception
    at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.log
    in(LDAPAtnLoginModuleImpl.java:251)
    at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(Log
    inModuleWrapper.java:110)
    at java.security.AccessController.doPrivileged(Native Method)
    at com.bea.common.security.internal.service.LoginModuleWrapper.login(Log
    inModuleWrapper.java:106)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    Truncated. see log file for complete stacktrace
    >
    <7 dÚc. 2012 13 h 55 CET> <Notice> <WebLogicServer> <BEA-000365> <Server state c
    hanged to FAILED>
    <7 dÚc. 2012 13 h 55 CET> <Error> <WebLogicServer> <BEA-000383> <A critical serv
    ice failed. The server will shut itself down>
    <7 dÚc. 2012 13 h 55 CET> <Notice> <WebLogicServer> <BEA-000365> <Server state c
    hanged to FORCE_SHUTTING_DOWN>
    I googled a while and found a post saying that the realm is probably altered or in an incorrect status. I reset the the admin's credentials using weblogic.security.utils.AdminAccount but this disn't change anything. Of course, upon the managed server creation, I initialized the fierlds user and password in the server starting tab of the admin console.
    Many thanks for any help.
    Nicolas

    Hi,
    Have you configured LDAP Authenticator on the server?
    If yes, afther the change did you restart both the servers - admin and managed?

  • Check_ntlm_password:  Authentication for user ['name'] - ['name'] FAILED with error NT_STATUS_LOGON_FAILURE

    Hi,
    We are running a Mountain Lion Server with Open Directory / LDAPv3, as far as I can tell.  My responsibility is to get my CentOS 6.3 box running Samba v. 3.5.10-125.el6 to authenticate users against the ML / OD box.  I can ssh to the CentOS box OK and I can get Guest access to the Samba share to go OK too.  Also, the OD passwords on the LDAP server are set to 'Open Directory' so I guess that means that they are encrypted and the Samba server is set to send encrypted passwords.  But when a user tries to properly authenticate using either say via a Mac client Finder [Command-K], or smbclient, the Samba server will generate this message:
    check_ntlm_password:  Authentication for user ['name'] -> ['name'] FAILED with error NT_STATUS_LOGON_FAILURE
    (I am blanking out the user name on purpose).
    Of course there is more to the story, but those are the basics.
    Here are the relevant parts of my smb.conf.  FWIW, the CentOS / Samba box is called Jupiter.
    Thank you,
    NickZ
    [smb.conf]
    [global]
              display charset = UTF-8
              realm = SATURN.MCLEAN.HARVARD.EDU
              netbios aliases = ANL
              server string = Welcome To The Jupiter Samba Server Version 3.5.10-125.el6
              interfaces = lo, em1
              security = SERVER
              update encrypted = Yes
              password server = saturn.mclean.harvard.edu
              smb passwd file = /var/lib/samba/private/secrets.tdb
              passdb backend = ldapsam:ldap://saturn.mclean.harvard.edu
              passwd program = /usr/bin/passwd %u
              unix password sync = Yes
              lanman auth = Yes
              client NTLMv2 auth = Yes
              client use spnego principal = Yes
              kerberos method = system keytab
              log level = 2
              syslog = 3
              log file = /var/log/samba/log.%m
              max log size = 50
              name resolve order = host lmhosts wins bcast
              server signing = auto
              preferred master = Auto
              ldap admin dn = uid=DirAdmin,cn=users,dc=saturn,dc=mclean,dc=harvard,dc=edu
              ldap group suffix = cn=groups
              ldap passwd sync = yes
              ldap suffix = dc=saturn,dc=mclean,dc=harvard,dc=edu
              ldap ssl = no
              ldap user suffix = cn=users
              usershare allow guests = Yes
              idmap backend = ldap:ldap://saturn.mclean.harvard.edu
              idmap uid = 10000-20000
              idmap gid = 30000-40000
              cups options = raw
    [homes]
              comment = Home Directories
              read only = No
    [printers]
              comment = All Printers
              path = /var/spool/samba
              printable = Yes
              browseable = No
    [anl]
              comment = Main ANL Share
              path = /anl
              read only = No
              guest ok = Yes
              hide dot files = No

    Turns out a printer driver installed on an XP (even W2K(?)) was (apparently?) flooding the OS X SMB server to the point of collapse. Uninstalling the "HP Tools" part of the driver cleared it up. The printer is an HP LJ1300. I had downloaded the full driver from HP.com. I don't know if any/all these conditions need to be matched, but: the printer was on the network using an HP print server JetDirect EX Plus, and the computer(s) in question were connecting directly to it (not via a print server). It's been too long ago, but there were always several errors in the System Log (Win XP Event Viewer) that correlated with the errors on the OS X server.
    Proud to say that since that day (10+ months ago) I've not seen it happen again. whew.

  • External Authentication in EAS using MSAD

    <p>We use MSAD for our external authentication and it works fine ifthe user logon names are set up a certain way in MSAD. However,some of them are set up differently and Essbase won't allow us touse external authentication for them. Is there a setting somewherein Essbase that can be changed to allow more than one user logonname format coming from MSAD?</p>

    <p>Hi Krista,</p><p> </p><p>Unfortunately u cannot specify two formats to authenticate. If iunderstand correclty you want to identify a user in MSAD by morethan one feild, as far as i know essbase external authenticationthe xml file cannot use more than one feild.</p><p> </p><p>your most probable solution to this would be to add the feildyou are using in your xml file to all users using essbase inMSAD.</p><p> </p><p>Please use the following link if you need furtherinformation.</p><p> </p><p>http://dev.hyperion.com/techdocs/essbase/essbase_712/Docs/techref/techref.htm#config/security/configure/config.htm</p><p> </p><p>here is the sample active directory format.</p><p> </p><p><msad name="<b><a href="ldapserver.htm">msadServer</a></b>"> <trusted><b><ahref="trust.htm">false</a></b></trusted> <url><b><ahref="provurl.htm">ldap://host<img src="i/expressions/face-icon-small-tongue.gif" border="0">ortNo/DIT</a></b></url><userDN><b>cn=UserName</b></userDN><password><b>UserPassword</b></password> <user><url><b>ou=people</b></url></user> <group> <url><b>ou=Groups</b></url> </group></msad></p>

  • Problem authenticating Wireless users with peap

    Good afternoon,
    I am currently trying to authenticate wireless users using PEAP and an external RADIUS server. The problem is when I try to authenticate I get this error :
    AAA/AUTHEN/PPP : Pick method list 'Permanent Local'
    DOT11-7-AUTH_FAILED : Station ... Authentication failed
    It shouldn't use local authentication, but the aaa server I configured.
    I looked on the internet but didn't find a working solution.
    Does anyone know why it is not working ?
    Here is my running configuration :
    Current configuration : 4276 bytes
    ! Last configuration change at 00:45:40 UTC Mon Mar 1 1993
    ! NVRAM config last updated at 16:38:23 UTC Thu Jul 24 2014
    ! NVRAM config last updated at 16:38:23 UTC Thu Jul 24 2014
    version 15.2
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    hostname ap
    logging rate-limit console 9
    enable secret 5 $1$QVC3$dIVAarlXOo52rN3ceZm1k0
    aaa new-model
    aaa group server radius rad_eap
     server 192.168.2.2 auth-port 1812 acct-port 1813
    aaa group server radius rad_mac
    aaa group server radius rad_acct
    aaa group server radius rad_admin
    aaa group server tacacs+ tac_admin
    aaa group server radius rad_pmip
    aaa group server radius dummy
    aaa authentication login eap_methods group rad_eap
    aaa authentication login mac_methods local
    aaa authorization exec default local
    aaa accounting network acct_methods start-stop group rad_acct
    aaa session-id common
    no ip routing
    no ip cef
    dot11 syslog
    dot11 ssid test
       authentication open eap eap_list
       authentication key-management wpa version 2
       guest-mode
    eap profile peap
     method peap
    crypto pki token default removal timeout 0
    bridge irb
    interface Dot11Radio0
     no ip address
     no ip route-cache
     encryption mode ciphers aes-ccm
     ssid test
     antenna gain 0
     stbc
     beamform ofdm
     station-role root
     bridge-group 1
     bridge-group 1 subscriber-loop-control
     bridge-group 1 spanning-disabled
     bridge-group 1 block-unknown-source
     no bridge-group 1 source-learning
     no bridge-group 1 unicast-flooding
    interface Dot11Radio1
     no ip address
     no ip route-cache
     shutdown
     antenna gain 0
     no dfs band block
     channel dfs
     station-role root
     bridge-group 1
     bridge-group 1 subscriber-loop-control
     bridge-group 1 spanning-disabled
     bridge-group 1 block-unknown-source
     no bridge-group 1 source-learning
     no bridge-group 1 unicast-flooding
    interface GigabitEthernet0
     no ip address
     no ip route-cache
     duplex auto
     speed auto
     dot1x pae authenticator
     bridge-group 1
     bridge-group 1 spanning-disabled
     no bridge-group 1 source-learning
    interface BVI1
     ip address 192.168.3.10 255.255.255.0
     no ip route-cache
    ip default-gateway IP
    ip forward-protocol nd
    ip http server
    ip http secure-server
    ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
    ip radius source-interface BVI1
    radius-server attribute 32 include-in-access-req format %h
    radius-server host 192.168.2.2 auth-port 1812 acct-port 1813 key 7 140441081E501F0B7D
    radius-server vsa send accounting
    bridge 1 route ip
    line con 0
    line vty 0 4
     transport input all
    end
    Thank you

    I haven't setup autonomous APs before but I think I might see the problem. You are defining an authentication list called "eap_methods" but you never call for it in your SSID settings. Instead there you call a list named "eap_list" In addition, I think you might be missing one more command. So perhaps try this:
    dot11 ssid test
    authentication open eap eap_methods
    authentication network-eap eap_methods
    authentication key-management wpa version 2
    guest-mode
    Hope this helps!
    Thank you for rating helpful posts!

  • Machine Authentication and User Authentication with ACS v5.1... how?

    Hi!
    I'm having trouble setting up Machine Authentication and User Authentication on ACS v5.1 using WinXP SP3 (or SP2) as supplicant.
    This is the goal:
    On wireless (preferably on wired too) networks, get the WinXP to machine authenticate against AD using certificates so the machine is possible to reach via for example ping, and it can also get GPO Updates.
    Then, when the user actually logs in, I need User Authentication, so we can run startup scripts, map the Home Directory and so on.
    I have set up a Windows Sertificate server, and the client (WinXP) are recieving both machine and user certificates just fine.
    I have also managed to set up so Machine Authenticaton works, by setting up a policy rule that checks on certificate only:
    "Certificate Dictionary:Common Name contains .admin.testdomain.lan"
    But to achieve that, I had to set EAP Type in WinXP to Smart Card or other Certificate, and then no PEAP authentication occurs, which I assume I need for User Authentication? Or is that possible by using Certificates too?
    I just don't know how to do this, so is there a detailed guide out there for this? I would assume that this is something that all administrators using wireless and WinXP would like to achieve.
    Thank you.

    Hello again.
    I found out how to do this now..
    What I needed to do was to add a new Certificate Authentication Profile that checks against Subject Alternative Name, because that was the only thing I could find that was the same in both user certificate and machine certificate.
    After adding that profile to the Identity Store Sequences, and making tthe appropriate rule in the policy, it works.
    You must also remember to change the AuthMode option in Windows XP Registry to "1".
    What I really wanted to do was to use the "Was Machine Authenticated" condition in the policies, but I have never gotten that conditon to work, unfortunately.
    That would have plugged a few security holes for me.

Maybe you are looking for

  • Firefox Application will not start unless in PC Safe Mode

    == Issue == I have another kind of problem with Firefox == Description == A couple of days ago after seemingly working fine the day before Firefox suddenly decided to stop working. I seem to recall updating both my Adobe Flash and my Java on that day

  • How to find out the error

    I have SQL*Plus: Release 11.1.0.7.0 - Production on Tue Dec 27 20:49:56 2011 Copyright (c) 1982, 2008, Oracle. All rights reserved. I try some example from book create or replace procedure swap( p_parm1 in out number, p_parm2 in out number) as l_temp

  • Calling every class in a folder?

    My problem is such: Short version: I would like to extract every java class in a given package (and sub-packages) and create an instance if each one. I can make sure each class I put in this package is able to be instantiated. Longer version: The goa

  • LDAP Configuration - Very Urgent Pls

    Hi, I am HR functional and new to the technical part in SAP. I am trying to integrate the Active Directory Services (LDAP) with SAP for mapping & synchronizing the SAP fields with the Outlook look express, since in on our SAP portal when user access

  • Upgrading from WLC 4402-50 to WLC 5508-250

    I am planning to upgrade my WLC 4402-50 (HA) to WLC 5508-250 (HA). I also have some really old 1020 Access points that I will be replacing with 1142's. Once I have completed the upgrade to the 5508s, I will repurpose the 4402's as Mobile Anchor contr