Authentication of users is not done in BI Publisher?

Hi,
In rpd i have written the query as
select LOGIN_USER_ID,GROUP_NAME from users1 where LOGIN_USER_ID=':USER'(i.e for external table authentication) in new initialization block in session and tried....this works fine in OBI Presentation services by not giving any password or given any password.
In BI Publisher with out giving null password if any password is given its working.
Now i need to restrict the user based on giving password in data base
select LOGIN_USER_ID,GROUP_NAME from users1 where LOGIN_USER_ID=':USER' and PASSWORD=':PASSWORD' in initialization block (this works fine for OBI Presentation Services but doesnt work for BI Publisher).
Please help me in this issue

Hi,
Did you follow all the steps in the Install guide:
http://download.oracle.com/docs/cd/E12844_01/doc/bip.1013/e12690/T434820T487784.htm
Regards,

Similar Messages

  • LDAP Authentication Failed :user is not a member in any of the mapped group

    Hi,
    I tried to set up the LDAP Authentication but I failed.
    LDAP Server Configuration Summary seems to be well filled.
    I managed to add a Mapped LDAP member Group: This group appears correctly in the Group list. 
    But itu2019s impossible to create a User. Although this user is a member of the mapped group (checked with LDAP Brower) , an error message is displayed when I tried to create it (There was an error while writing data back to the server: Creation of the user User cannot complete because the user is not a member in any of the mapped groups)
    LDAP Hosts: ldapserverip:389
    LDAP Server Type: Custom
    Base LDAP Distinguished Name: dc=vds,dc=enterprise
    LDAP Server Administration Distinguished Name: CN=myAdminUser,OU=System Accounts,OU=ZZ Group Global,ou=domain1,dc=vds,dc=enterprise
    LDAP Referral Distinguished Name:
    Maximum Referral Hops: 0
    SSL Type: Basic (no SSL)
    Single Sign On Type: None
    CMS Log :
    trace message: LDAP: No such attribute: supportedControl, assuming no ranging support.
    trace message: LDAP: LdapQueryForEntries: QUERY base: dc=vds, dc=enterprise, scope: 2, filter: (samaccountname=KR50162), attribute: dn objectclass
    trace message: LDAP: LdapQueryForEntries: QUERY result: 0 took 2453 ms
    trace message: LDAP: LdapQueryForEntries() QUERY number of entries returned: 1
    trace message: GetParents from plugin for cn=huh\,chen, ou=accounts, ou=users, ou=domain1, dc=vds, dc=enterprise.
    trace message: LDAP: De-activating query cache
    trace message: LDAP: LdapQueryForEntries: QUERY base: , scope: 0, filter: (objectClass=*), attribute: supportedControl
    trace message: LDAP: LdapQueryForEntries: QUERY result: 0 took 0 ms
    trace message: LDAP: LdapQueryForEntries() QUERY number of entries returned: 0
    trace message: LDAP: query for DSE root returned 89
    trace message: LdapQueryForEntries: incr. retries to 1
    trace message: LDAP: Updating the graph
    trace message: LDAP: Starting Graph Update...
    trace message: LDAP: LdapQueryForEntries: QUERY base: , scope: 0, filter: (objectClass=*), attribute: supportedControl
    trace message: LDAP: LdapQueryForEntries: QUERY result: 0 took 0 ms
    trace message: LDAP: LdapQueryForEntries() QUERY number of entries returned: 0
    trace message: LDAP: query for DSE root returned 89
    trace message: LdapQueryForEntries: incr. retries to 1
    trace message: LDAP: LdapQueryForEntries: QUERY base: , scope: 0, filter: (objectClass=*), attribute: supportedControl
    trace message: LDAP: LdapQueryForEntries: QUERY result: 0 took 0 ms
    trace message: LDAP: LdapQueryForEntries() QUERY number of entries returned: 1
    assert failure: (.\ldap_wrapper.cpp:3066). (pSetAttributes : no message).
    trace message: LDAP: No such attribute: supportedControl, assuming no ranging support.
    trace message: LDAP: LdapQueryForEntries: QUERY base: dc=enterprise, scope: 2, filter: (&(cn=gp-asia)(objectclass=group)(member=cn=huh
    , chen, ou=accounts, ou=users, ou=domain1, dc=vds, dc=enterprise)), attribute: objectclass
    trace message: LDAP: LdapQueryForEntries: QUERY base: , scope: 0, filter: (objectClass=*), attribute: supportedControl
    trace message: LDAP: LdapQueryForEntries: QUERY result: 0 took 0 ms
    trace message: LDAP: LdapQueryForEntries() QUERY number of entries returned: 1
    assert failure: (.\ldap_wrapper.cpp:3066). (pSetAttributes : no message).
    trace message: LDAP: No such attribute: supportedControl, assuming no ranging support.
    trace message: LDAP: LdapQueryForEntries: QUERY base: dc=enterprise, scope: 2, filter: (cn=gp-asia), attribute: member objectclass samaccountname cn
    trace message: LDAP: LdapQueryForEntries: QUERY result: 0 took 3109 ms
    trace message: LDAP: LdapQueryForEntries() QUERY number of entries returned: 0
    trace message: LDAP: query for DSE root returned 0
    trace message: Failed to commit user 'KR50162'. Reason: user is not a member in any of the mapped groups.
    trace message: [UID=0;USID=0;ID=79243] Update object in database failed
    trace message: Commit failed.+
    Can you please help?
    Joffrey

    Please do this after you verify all permission settings for all the groups the account is associated with. Also, make sure you check the NTFS folder permissions before doing this as well.
    Since the same result happens on multiple computers, it is not the profile.
    I am recommending you delete the AD account (or rename to backup the account).
    It will not effect the users Exchange account, but you will need to link it back to the new AD user account. 
    You can also delete her profile just to remove it, for the "just in case" scenario.
    Don't forget to mark the post that solved your issue as "Answered." By marking the Answer you are enabling users with similar issues to find what helped you. Lewis Renwick - IT Professional

  • CUP 5.2 - LDAP Authentication error - "User credentials not valid."

    Hi Experts ,
    I have set up LDAP "SUN ONE" as a authentication source for our CUP 5.2 SP11 Patch1 (Build-62316). But when I try to logon with my network id,I receive error "User credentials not valid."
    Please find the log below.
    Thank you for your help,
    Regards,
    Abderrahim
    2011-03-01 12:07:57,232 [SAPEngine_Application_Thread[impl:3]_27] ERROR Failed to log in a867168
    com.virsa.ae.service.umi.AuthenticationFailureException: No user details found
         at com.virsa.ae.service.umi.ldap.LDAPAuthenticator.validate(LDAPAuthenticator.java:140)
         at com.virsa.ae.actions.LoginAction.requestorLoginHandler(LoginAction.java:847)
         at com.virsa.ae.actions.LoginAction.execute(LoginAction.java:82)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:256)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:423)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:207)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
    Caused by:
    com.virsa.ae.service.umi.UMIException: SUNONE error reading search results
         at com.virsa.ae.service.umi.ldap.LDAPSearchUser.getUsers(LDAPSearchUser.java:698)
         at com.virsa.ae.service.umi.ldap.LDAPSearchUser.getUserById(LDAPSearchUser.java:760)
         at com.virsa.ae.service.umi.ldap.LDAPAuthenticator.validate(LDAPAuthenticator.java:131)
         at com.virsa.ae.actions.LoginAction.requestorLoginHandler(LoginAction.java:847)
         at com.virsa.ae.actions.LoginAction.execute(LoginAction.java:82)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:256)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:423)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:207)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
    Caused by:
    javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name ''
         at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3030)
         at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951)
         at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2757)
         at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1828)
         at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1751)
         at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:386)
         at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:347)
         at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:332)
         at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:252)
         at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:252)
         at com.virsa.ae.service.umi.ldap.LDAPSearchUser.getUsers(LDAPSearchUser.java:518)
         at com.virsa.ae.service.umi.ldap.LDAPSearchUser.getUserById(LDAPSearchUser.java:760)
         at com.virsa.ae.service.umi.ldap.LDAPAuthenticator.validate(LDAPAuthenticator.java:131)
         at com.virsa.ae.actions.LoginAction.requestorLoginHandler(LoginAction.java:847)
         at com.virsa.ae.actions.LoginAction.execute(LoginAction.java:82)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:256)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:423)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:207)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)

    My issue is stil not received, i hav send a document to the system team to follow for the integration. The AD configuration for QM shud be very expicit or else integration will not work. I am attachin the doc here. Let me knw if that helps.

  • Forms Authentication Error: User '' does not have required permissions. Verify that sufficient permissions have been granted and Windows User Account Control (UAC) restrictions have been addressed

    I created a custom security extension following the steps listed in the Readme_Security Extension Sample. It works fine if I login as the user that is specified AdminConfiguration section of the rsreportserver.config file but if I
    log in as another user, I get this error: User '' does not have required permissions. Verify that sufficient permissions have been granted and Windows User Account Control (UAC) restrictions have been addressed.  I've added the user to both System Administrator
    and System User roles to try to get it to work but still no luck.
    Does anyone know how to fix this?
    Thanks.

    Hi MetronM,
    The issue is due to that user have no permission to access the report server. In report manager, Reporting Services includes predefined roles that we can assign to users and groups to provide immediate access to a report server. Each role defines a collection
    of related tasks.
    You can refer to the following steps to assign corresponding role to the user.
    Open report manager.
    Click “Folder Setting” button. 
    Click “New Role Assignment” icon.
    Type the user name and select the corresponding role.
    There is an article about Granting Permissions on a Native Mode Report Server, you can refer to it.
    http://technet.microsoft.com/en-us/library/ms156014.aspx
    Regards,
    Alisa Tang
    Alisa Tang
    TechNet Community Support

  • Can I delete users folders not done by the system?

    Questions are:  1) can I erase user's folders in the library? 2) can I re-create a 501 account? 3) is it normal that TM takes hours to do the first back up of a new account. (I really don't remember that much)
    EXPLANATION:
    (1) Well, I deleted the corrupted user in the usual procedure, via grp & users pref tab in preference system, but apparently it did not work, since everything is there. I wasn't asked to keep a mirror or whatever. The name of the folder isn't seen anywhere, but everyth is in my HD.  I had to erase it because I had prblms I couldn't solve, neither apple assist on the phone. Also, because when I tried to migrate I got the msg that both accounts had problems: this one (502) and the adm-rights user (501).  I now have a neat user account (503-standard) but I want to know if  (2) I can create another 501acc, in case it still has prblms.
      Support info: Yes,  I've just checked the HD (using iDisk) and everth is ok, except for some permitions. [ The HD is brand new, installed by apple who installed OSX.9.3. SO which already came with Safari permission prblms. I've been told on the phone not to worry abt it.] So, I think everth is OK, except that I could NOT get rid of the corrupted acc folders from that user in the usual way. I'm afraid I can't do it manually in the library - can I?   and even 501 acc (if I can create another one)?. I can't get how I got this problems, I just know I found the Firewall off, when I got back home from apple store.  So, after creating this new account I changed the keychains and stopped safari from registering passwords, to stay on the safe side. Now I ned to clean up my TM too, can I?  I'm afraid cause I haven't yet created a bootable DVD.

    Dear Bob,
          Thanks for the answer, specially due to  lots of spelling mistakes which made the msg kind of difficult to be understood. I've just learnt how to cancell correction at Safari browser, which was causing all that.
          I was a bit anxious and looked for a way to delete it via Terminal. I succeeded it. I tested by sending other thgs to the trash and asking again for sec empty and it worked well & fast. Then, I tried to do the same with TM BUT user, but it didn't work. I had to remove the full days of back up and had the same prblm w/ Trash. Terminal solved the problem, 'cause the combined keys didn't. 
        For safe, I left the first 2 back ups in TM (with original instalation) without that folder cups I was concerned abt (an invisible folder .cup  with authorization just to a "person"  I don't have in my list (not wheel !), and prohibited access to everyone else. I had tried to change permissions before erasing and couldn't, although I could unlock the padlock);  + the 2 last days (most recent B-up, with all MY updates, apps, and so on ) -  Did I do wrong? 
           Well, I after all that, I asked iDisk to check both disks my HDMac and TM externalHDdisk and got the green answer for both. But I still have that corrupted user account in the 2 first days of TM back-up  -  can it cause me problms if I need to reboot in the future?   I tried to delete just the user folder, but a sys-window popped up sayng  " items in TM can't be deleted". I pitifully had to delete the ful days. Is there any special combination keys to allow me exterminate just o-one folder in TM?  Also (2) is the invisible locked unix exe folder called tmbootpicker.efi  a default folder?  and wht abt mach_kernel unix exe in there too, in every back-up?
           If I did not do anything wrong I'll ask iDisk to erase free space in those disks, just to be in the safe side. I'll wait for yr answer. You know better.
    Thnx in advance for all/any help

  • User permissions not changing in BI Publisher

    We have configured BIP's security model to use Oracle BI Server. In the BI Server we have an authorization block that returns the user's groups to BI Publisher. The problem that I have encountered is that in order for the group to appear in BI Publisher (to secure folders) we have to also add that same group in BI Server (which is empty). If we add or change memberships in the database table those user changes don't appear in BIP unless I checkout and check in that group in BI Server.

    Have you find the solution for this? I think that I have an look like problem. I want that, when the parameter is null, query return all values. Like this:
    where ((:P_Store IS NULL) OR (store in (:P_Store)))
    Can please help me with this?
    Thanks

  • Secondary Domain Controller Not Authenticating Domain Users

    Hi.
    I have a primary domain controller running Win Srv 2012 in USA and i added a secondary domain controller 2012 in the same domain from a different location India, through VPN.so that India user accounts can authenticate by the secondary DC instead of primary
    DC USA
    Installation & replication of AD went fine
    India domain users login is damn slow.
    When i ran the command echo %logonserver% from a india client machine,it displays the USA Primary DC name which means its authenticating the users from USA primary DC.
    Preferred DNS for india client machine is Secondary DC IP and alternate is Primary DC IP USA.
    Please find the dcdiag results below and any help much appreciated
    Performing initial setup:
       Trying to find home server...
       Home Server = server2
       * Identified AD Forest.
       Done gathering initial info.
    Doing initial required tests
       Testing server: INDIA\server2
          Starting test: Connectivity
             ......................... server2 passed test Connectivity
    Doing primary tests
       Testing server: INDIA\server2
          Starting test: Advertising
       Warning: DsGetDcName returned information for \\server1.tst.mycompany.com, when we were trying to reach
       server2.
       SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
             ......................... server2 failed test Advertising
          Starting test: FrsEvent
             ......................... server2 passed test FrsEvent
          Starting test: DFSREvent
             There are warning or error events within the last 24 hours after th
             replication problems may cause Group Policy problems.
             ......................... server2 failed test DFSREvent
          Starting test: SysVolCheck
             ......................... server2 passed test SysVolCheck
          Starting test: KccEvent
             ......................... server2 passed test KccEvent
          Starting test: KnowsOfRoleHolders
             ......................... server2 passed test KnowsOfRoleHolders
          Starting test: MachineAccount
             ......................... server2 passed test MachineAccount
          Starting test: NCSecDesc
             ......................... server2 passed test NCSecDesc
          Starting test: NetLogons
             Unable to connect to the NETLOGON share! (\\server2\netlogon)
             [server2] An net use or LsaPolicy operation failed with error 67,
             ......................... server2 failed test NetLogons
          Starting test: ObjectsReplicated
             ......................... server2 passed test ObjectsReplicated
          Starting test: Replications
             ......................... server2 passed test Replications
          Starting test: RidManager
             ......................... server2 passed test RidManager
          Starting test: Services
             ......................... server2 passed test Services
          Starting test: SystemLog
             A warning event occurred.  EventID: 0xA004001B
                Time Generated: 02/22/2015   17:10:30
                Event String: Intel(R) 82574L Gigabit Network Connection
             A warning event occurred.  EventID: 0x000727A5
                Time Generated: 02/22/2015   17:11:24
                Event String: The WinRM service is not listening for WS-Manageme
             An error event occurred.  EventID: 0x0000271A
                Time Generated: 02/22/2015   17:11:24
                Event String:
                The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not regist
             A warning event occurred.  EventID: 0xA004001B
                Time Generated: 02/22/2015   17:12:41
                Event String: Intel(R) 82574L Gigabit Network Connection
             A warning event occurred.  EventID: 0x000003F6
                Time Generated: 02/22/2015   17:19:36
                Event String:
                Name resolution for the name mycompany.com timed out after none
             A warning event occurred.  EventID: 0x00001796
                Time Generated: 02/22/2015   17:28:54
                Event String:
                Microsoft Windows Server has detected that NTLM authentication i
    his server. This event occurs once per boot of the server on the first time
             A warning event occurred.  EventID: 0x000727A5
                Time Generated: 02/22/2015   17:33:35
                Event String: The WinRM service is not listening for WS-Manageme
             A warning event occurred.  EventID: 0x00001796
                Time Generated: 02/22/2015   17:35:54
                Event String:
                Microsoft Windows Server has detected that NTLM authentication i
    his server. This event occurs once per boot of the server on the first time
             ......................... server2 failed test SystemLog
          Starting test: VerifyReferences
             ......................... server2 passed test VerifyReferences
       Running partition tests on : ForestDnsZones
          Starting test: CheckSDRefDom
             ......................... ForestDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... ForestDnsZones passed test CrossRefValida
       Running partition tests on : DomainDnsZones
          Starting test: CheckSDRefDom
             ......................... DomainDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... DomainDnsZones passed test CrossRefValida
       Running partition tests on : Schema
          Starting test: CheckSDRefDom
             ......................... Schema passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Schema passed test CrossRefValidation
       Running partition tests on : Configuration
          Starting test: CheckSDRefDom
             ......................... Configuration passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Configuration passed test CrossRefValidat
       Running partition tests on : tst
          Starting test: CheckSDRefDom
             ......................... tst passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... tst passed test CrossRefValidation
       Running enterprise tests on : tst.mycompany.com
          Starting test: LocatorCheck
             ......................... tst.mycompany.com passed test LocatorChec
          Starting test: Intersite
             ......................... tst.mycompany.com passed test Intersite

    Hi.
    I have a primary domain controller running Win Srv 2012 in USA and i added a secondary domain controller 2012 in the same domain from a different location India, through VPN.so that India user accounts can authenticate by the secondary DC instead of primary
    DC USA
    Installation & replication of AD went fine
    India domain users login is damn slow.
    When i ran the command echo %logonserver% from a india client machine,it displays the USA Primary DC name which means its authenticating the users from USA primary DC.
    Preferred DNS for india client machine is Secondary DC IP and alternate is Primary DC IP USA.
    Firstly make sure that you have configured sites and subnets correctly. According to your information which you have two locations, you should have at least 2 sites and 2 subnets associated to them. If you have forgotten to configure subnets of India in your
    site and services and assigned them to the India site you are experiencing this issue. Also make sure if clients in India has appropriate network connectivity to the domain controllers in India.
    Mahdi Tehrani   |  
      |  
    www.mahditehrani.ir
    Please click on Propose As Answer or to mark this post as
    and helpful for other people.
    This posting is provided AS-IS with no warranties, and confers no rights.
    How to query members of 'Local Administrators' group in all computers?

  • ISE internal user authentication failure - user not found

    Hi Forumers'
    I trying to do wireless 802.1x, where identity store using intenral user.
    But i found this error message when i trying to connect
    Authentication failed                                                                                 :
    22056 Subject not found in the applicable identity store(s)
    My authrorization rules is built like this
    identity groups = user identities group / " mygroup"
    condition = no setting
    permissions = standard / PermitAccess
    Question 1
    Any troubleshooting step to do on this?
    Question 2
    For the Authorization rules, what's the condition should set for using Internal User as Identity store?
    Thanks
    Noel

    The error is caused to an authentication failure and is not an issue with authorization
    You need to look at your authentications policy (Policy->Authentications) and see which identity store was authenticated against
    In addition can do the Live Authentications page (Monitor->Authentications) and for the failing record click on the icon under details. This will give you the full details of the requets processing and you can see which rule was matched in the identity policy (Identity Policy Matched Rule) and "Selected Identity Stores".

  • User Profile created to block the UD, if RR is not done.

    Hi Gurus,
    For Inspection Type Z10,the UD to be blocked,if Result Recording is not carried out.
    ie if open charac. exist, System should block the UD.
    I have created a user status coping SAP Std. STATUS PROFILE - QM_L_003 AND
    NAMED AS "QM_UD_BK".
    System Status Profile - QM_L_003 is used to block the UD
    (No Stock Posting Before UD)
    I have assigned this Status Profile to the INSP. TYPE - Z10.
    I have defined two status namely (1) INIT AND (2) QFIN.
    STATUS    --     POSITION    --      PRIORITY
    INIT            --           1           --         1
    QFIN          --           2           --         1
    (1) For Status - INIT - Business transaction
                         - Access Usage Decision - FORBIDDEN 
    (2) For Status - QFIN - Business Transaction
                        - Make Usage Decision - ALLOWED.
    I have done the GR.
    System created the Inspection Lot.
    The insp.lot has user status as "INIT"
    Now the UD is blocked.
    I am able to do Result Recording.
    After completing the  the Result Recording, The Status must change to QFIN.
    It is not changing.
    Hence I am unable to do UD.
                             MY REQUIREMENT
    After entering the Results in Result Recording Screen, the user status must change to QFIN  automatically.
    Once the QFIN status exists, UD can be done.
    Please do the needful.
    With Regards,
    Raghu Sharma

    Dear Shyamal Ji,
    Thanks for your prompt reply.
    I have created a new profile and copied your statuses only.
    For RRCL,When we assign the "Make usage decision" as FORBIDDEN AND  I have selected "NO ACTION" COMBINATION.
    You have stated that RRCL and NSBU  - SET AS INITIAL STATUS.
    BUT IT IS ACCEPTING FOR ONE OF THE STATUSES ONLY INITIAL STATUS.
    *WHEN I ACTIVATE THE INITIAL STATUS BOX FOR THE STATUS - NSBU, I GET THE FOLLOWING ERROR.
    THE ERROR IS GIVEN BELOW
    Statuses RRCL and NSBU are initial statuses
    Message no. BS246
    Diagnosis
    In each status profile only an initial status may have a reference number.  However, status RRCL and NSBU are
    both initial status and for both a reference number is specified.
    Procedure
    Mark one of the two status as initial status or delete the reference number of one of these status.
    With out selecting the "INITIAL STATUS" FOR NSBU, I have checked.
    The status changes as soon as I select the code.
    But for both the cases the status is changing.
    I could not stop the UD, when RR is not done.
    How you are able to check the box " INITIAL STATUS".
    I am able to copy your setting completely except the checking of the INITIAL STATUS BOXES FOR BOTH THE STATUSED - RRCL AND NSBU.
    Please guide me.
    Thanks for your concern.
    With Best Regards,
    Raghu Sharma.

  • Multibyte users are not able to authenticate using Default Authenticator

    Hi,
    We are facing an issue with multi-byte user authentication. All chinese and french users are not able to authenticate.
    When we try to authenticate with réseau/welcome1, where réseau is a user created in embedded LDAP, authentication fails.
    Security log generated is-
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <com.bea.common.security.internal.service.CallbackHandlerWrapper.handle got username from callbacks[0], UserName=rseau>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <LDAP Atn Login username: rseau>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <getConnection return conn:LDAPConnection { ldapVersion:2 bindDN:""}>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <authenticate user:rseau>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <getDNForUser search("ou=people,ou=myrealm,dc=base_domain", "(&(uid=rseau)(objectclass=person))", base DN & below)>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <getDNForUser search("ou=people,ou=myrealm,dc=base_domain", "(&(uid=rseau)(objectclass=person))", base DN & below)>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <returnConnection conn:LDAPConnection { ldapVersion:2 bindDN:""}>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <[Security:090302]Authentication Failed: User rseau denied>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.commit>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <LDAP Atn Abort>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.commit delegated, returning false>
    ####<06-Jan-2009 22:47:49 o'clock PST> <Debug> <SecurityAtn> <jjpeng-lab1> <AdminServer> <[ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1231310869374> <BEA-000000> <weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.authenticate authenticate failed for user rseau>
    We are using WebLogic Server 10.3 Default Authenticator as Authentication Provider.
    I found few change requests related to multi-byte from the link: http://edocs.bea.com/wls/docs103/issues/known_resolved.html
    Am I missing some configuration? Has anyone else tried authenticate multibyte username?
    Thanks,
    Anuj

    Can you provide more information on the use case?
    1. Is this using Basic or Form authentication?
    2. If the user logs on from a web-based client, do you get the same failure with Internet Explorer as with other browsers?
    3. On which operating system is the WebLogic AdminServer running?
    With WebLogic Server 10.3, I am able to authenticate with multi-byte (French and Japanese) usernames. (My environment: form auth, Firefox 3.0.5, WLS runs on Linux RHEL 4.0.)

  • User does not respond-after reading countless post i still don't understand

    hi. i have been reading post on the 'user does not respond' and i still do not understand. i don't know how to check my ports and how to change them. all of them have been pretty technical. please, is there anyone that can explain it in layman's term?
    2006-09-17 07:57:14 -0400: sentosa225 did not respond.
    Tried to send UDP SIP "invite" to the following IP addresses and ports:
    218.111.157.122:5060, 169.254.186.77:5060, 192.168.1.8:5060
    that is what i get. i read and saw that 5060 is the correct port, is it?
    can anyone please help me. there seem to be no end to this.

    Hi Mark,I think I'll have to brush up my english first of all.Or think about how to put it,so that you can understand my abstract question.I tried to find a site of Adobe support in Dutch because that may be easier for me and for others to understand,because everything computer related is so new to me,that my questions are not very clear most of the time.But I can't find support in my language,so I will try and think a bit more how to answer your questions to my question.Bye.Marion

  • It seems that many (if not all) of my files have been replaced by older versions. I kind find the multiple versions (listed in the Search as in the same dir) and restore them but this is strange. There is no chance that another user here has done a restor

    It seems that many (if not all) of my files have been replaced by older versions. I can find the multiple version including the most recent version using the Search, however, they show up in the same directory even though Finder only shows a single copy. I am able to save and then overwrite in order to restore but this is strange. There is no chance that another user here has done any sort of system restore action (at least intentionally).

    I can find the multiple version including the most recent version using the Search, however, they show up in the same directory even though Finder only shows a single copy.
    In a OS Extended (HFS) file system there is no way you can have two files with identical names in the same directory.
    Of course who knows what spotlight is thinking of most of the time when it does its stupid searches (get Find any File instead) and lists its results?  Are you sure it is listing the same directory or do you have a backup and it is finding it there and you aren't noticing it is two different volumes?
    You could also try reindixing the volume.  Add it to the Spotlight system preferences Privacy and then remove it.

  • I have bought a iphone 5 second hand and i restore it and now i need the icloud original user and i don't know it!what can i do?i can not activate my iphone

    I have bought a iphone 5 second hand and i restore it and now i need the icloud original user and i don't know it!what can i do?i can not activate my iphone

    If you're able to contact the previous owner, send them this link and tell them to follow the instructions.
    If not, you can't activate the device but may be able to get it refunded.
    Apple won't remove the lock for anyone other than the original owner(assuming they're alive.)
    (112266)

  • Delivery is to be done at the end user location not at the storage location

    Hai Gurus.
       I have a problem
    I am working for a construction industry.. I had a storage location at say" X":. And in case of emergency for the material to the end user at different locations, delivery is to be done at the end user location not at the storage location.. Where to give the end user location address .As delivery address in PO item details will be plant address. pl help
    regards
    chandrasekhar

    As i underdstand from your  description of issue .You dont want to recive the material in the storage location of your  main plant but you want to recive the goods directly to the end user from the vendor.This is typical scenario of Third party PO ..so kindly traise third part PO to vendor ..by changing the item category ...and so the delivery addfres popolutaed in ur PO will be directly from the ship to address from your sales order.rathewr than the storgae location you wd have specified in ur material master

  • I cannot send or receive text messages from other iPhone users. I don't get an error I just don't receive any messages and the other users do not receive mine.

    I cannot send or receive text messages from other iPhone users. I don't get an error I just don't receive any messages and the other users do not receive mine.

    Reset the devices: Hold down the home button along with the sleep/wake button until you see the apple, then let go.

Maybe you are looking for

  • How do we do Archiving the system logs in SAP-BW

    Hi All How do we do Archiving the system logs in SAP-BW. Can anyone will let me know reagrding this If you have any docs also pls forward to my id [email protected] Thanks & Regards Balji

  • Loading saved images from code

         I'm creating a single-page application with CQ and AngularJS, and the nature of my app is requiring that I pull my images from code rather than into a paragraph system via the UI. Does anyone know how to accomplish this? Does CQ have some built-

  • Caught a Connect Exception

    when I use this codes below: JCO.addClientPool(SID, // Alias for this pool                10, // Max. number of connections                s_Client, // SAP client                s_User, // userid                s_Pw, // password                s_lge,

  • Photoshop CS3 and Mavericks problem?

    Using photoshop CS3 in Mavericks and I get a 'can't save file because it is already in use or was left open' message when I try and save a photoshop file. Found a fix online which is to turn off 'Show preview column' in show view options, but this is

  • Shut Down/Start Up/ Login Slow

    Hi Folks, Over the weekend I installed Leopard. My performance seems to be taking a hit. It takes over a minute to shutdown, over a minute to start up, and almost a minute to login in. What gives? My "Guest" account takes 10 seconds to shut down and