Authentication & User Quotas

Hello,
I have two problems with ACS 3.1
1 - The dialog box for authentication reappear during the user connexion to Internet
2 - The user quotas does not work althought the function was selected
Thanks for help

I think you have enabled click the LEAP Authentication Status or EAP-FAST Authentication Status tab in the Windows system tray and uncheck the Shown minimized next time check box.

Similar Messages

  • How to kick guest user when user quota has exhausted

    Hi,
    I have wlc and acs v4.0. Currently, I am using layer 3 security with web authentication and has been succesfully integrated with ACS for authentication. User quota has been set so that when user has reached its quota, may not be able to log in again. But problem occurs when the user has not logged out, it still can connect to network although its account at ACS shows disabled because of its quota limitation. So, is it a way to kick the user out, when the user has reached its quota ?
    Radius accounting has been properly set. and AAA override has been set on appropriate wlan ssid.
    Regards,
    Suwandy

    thanks for your reply.
    do you mean "allow AAA override" ? If so, I have tried it and it works for changing user session by radius server. But the problem is, radius server do not send the user-session parameter dynamically. How can the radius send/calculate the remaining session time to wlc ?

  • How to use an authenticated user for a proxy call

    Dear all,
    I am currently working on a JEE application where the user needs to authenticate (for this I have configured the web.xml).
    Now inside this application I need to do a proxy call to a PI webservice.
    I would like to use the user credentials of the already logged in user in order to call the proxy.
    What I don't want to do is to use a service user for the proxy call.
    The code I am trying to call looks something like this:
         private IntegratedConfigurationIn getPort() throws Exception{
              IntegratedConfigurationIn port = null;
              try {
                   IntegratedConfigurationInService service = null;
                   service = new IntegratedConfigurationInService();
                   port = (IntegratedConfigurationIn) service.getIntegratedConfigurationIn_Port();
                  BindingProvider bp = (BindingProvider)port;
                  bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, user);
                  bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, password);
                  if (url.length() != 0)
                       bp.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, url);
              catch (Exception ex){
                   ex.printStackTrace();
              return port;
    The examples I found to retrieve the userdata pointed to codes similar to this one:
    public HttpServletRequest getHttpRequest() throws Exception {
              // Get runtime context
              Properties props = new Properties();
              props.put("domain", "true");
              Context initialContext = new InitialContext(props);
              ApplicationWebServiceContext wsContext = (ApplicationWebServiceContext) initialContext
                        .lookup(" /wsContext/ApplicationWebServiceContext");
              HttpServletRequest req = wsContext.getHttpServletRequest();
              return req;
    com.sap.security.api.IUser sapUser = com.sap.security.api.UMFactory.getAuthenticator().getLoggedInUser(getHttpRequest(), null);
              IUser ep5User = com.sapportals.wcm.util.usermanagement.WPUMFactory.getUserFactory().getEP5User(sapUser);
    Now I don't know how to bring it togehter and how to use an authenticated user for the BindingProvider.
    I would appreciate any hints or ideas.

    Peter,
    from the first screenshot, what I understood is that, you are calling an inbound PI web service that is intended to create an integrated configuration object (this is used for whole lot of other reason completely) but not actually calling a development web service.
    For this, you would have to generate your client classes from the WSDL provided by the PI developer for that particular service. Once you get those client classes generated, you could used the method provided in the other screenshot to extract the user and password and call the intended web service.
    Vijay Konam

  • How to set "Allow external users who accept sharing invitations and sign in as authenticated users" programmatically?

    Sharepoint 2013 online/office 365.
    I am creating site collection programmatically using sharepoint Auto hosted app.
    Now i want to set "Allow external users who accept sharing invitations and sign in as authenticated users" programmatically after site collection creation.
    Is it possible through code? If yes please let me know how to do it?
    Najitha Sidhik

    For SharePoint 2013 Online, check below links:
    http://office.microsoft.com/en-us/office365-sharepoint-online-small-business-help/manage-sharing-with-external-users-HA102849862.aspx
    http://office.microsoft.com/en-us/office365-sharepoint-online-enterprise-help/manage-external-sharing-for-your-sharepoint-online-environment-HA102849864.aspx
    https://www.nothingbutsharepoint.com/sites/eusp/Pages/SharePoint-Online-2013-Sharing-with-External-Users.aspx
    http://blogs.office.com/2013/11/21/sharepoint-online-improves-external-sharing/
    Please ensure that you mark a question as Answered once you receive a satisfactory response.

  • EA2 - Cannot connect LDAP-authenticated users in 10.1 and 10.2, OK in 9.2

    First, the relevant versions and such:
    SQL Developer 1.5.0.52.03 (aka EA2)
    Oracle client 10.2.0.1
    Oracle database 9.2.0.6, 9.2.0.7, 10.1.0.5, 10.2.0.2, 10.2.0.3.
    Hosts: Linux x86, Solaris
    Most of the users in my databases are set up as global users (i.e. authenticated via LDAP). I've found that in 9.2.0.6 and 9.2.0.7, I can make connections of the basic type for global users as well as database-authenticated users.
    In any 10g database I've tried (see the versions above), database-authenticated users work fine, but for connections with the global users in the same databases I receive ora-01017. I've tried both basic connections and advanced connections, supplying a thin JDBC string, with the same result. I have verified that the password is correct. The pattern persists across server OSs (Linux and Solaris).
    I cannot make TNS connections at all, but that seems to require an 11g client and has been documented in an enhancement request separately.
    If anyone has advice on this I would be happy to hear it. Thanks.

    I should probably add that I am able to make successful connections via sqlplus and other tools (SQL Navigator) with the users that fail to connect in SQL Developer.

  • Reporting Services through ISA server for All Authenticated Users

    Hello colleagues.
    I have MS SQL 2012 server with Reporting Services and it work via link:
    https://reports2.domain.com/reports
    In LAN all work fine, but I want publish this resource via ISA for All Authenticated Users.
    When in publish rule I configure (in Condition) "All users" - all work fine, but when I configure "All Authenticated Users" - I have trouble on web form on
    https://reports2.domain.com/reports/Pages/Report.aspx?ItemPat...  - scripts not work, because it run how "anonymous" (I see on ISA logging) and ISA block scripts.
    I can't use "All Users", because it's not secure.
    Maybe somebody publish Reporting Services through ISA server for All Authenticated Users?
    OR maybe - how on Reporting Services configure Negotiate authenticated for scripts?

    Hi Alexander,
    All users or applications who request access to report server content or operations must be authenticated using the authentication type configured on the report server before access is allowed. The AuthenticationType named RSWindowsNegotiate is supported
    by Reporting Services. To configure Windows Authentication on the Report Server, please see:
    http://msdn.microsoft.com/en-us/library/cc281253(v=sql.110).aspx
    Besides, we can publish report server via ISA server. Please note that you should use a new web port number with a new listener which shouldn’t be used by other web site for report server. Reference:
    http://social.technet.microsoft.com/Forums/forefront/en-US/1cc68996-1ce6-4d88-a30d-2bfd13fba06e/how-to-publish-ssrs-2008-through-isa-2006?forum=Forefrontedgegeneral
    Hope this helps.
    Thanks,
    Katherine Xiong
    Katherine Xiong
    TechNet Community Support
    Katherine thanks for answer.
    Report Server service started as Domain account.
    I have in RSReportServer.config this:
    <Authentication>
    <AuthenticationTypes>
    <RSWindowsNegotiate />
    </AuthenticationTypes>
    <RSWindowsExtendedProtectionLevel>Allow</RSWindowsExtendedProtectionLevel>
    <RSWindowsExtendedProtectionScenario>Proxy</RSWindowsExtendedProtectionScenario>
    <EnableAuthPersistence>true</EnableAuthPersistence>
    </Authentication>
    In web.config I have this:
    <authentication mode="Windows" />
        <identity impersonate="true" />
    I can go (from Internet through ISA) to
    https://reports2.domain.com/reports  and LogOn Authentication is work, but scripts not work, because it run how "anonymous" (I see this on ISA logging) and ISA block scripts.
    Do you know where in Reporting Services configure run scripts with Negotiate authentication?

  • How to redirect a first time OAM authenticated user to a custom page

    We are using OAM 11.1.1.5 with OVD. If user logs in for the first time thru OAM, we wanted to collect few more additional information about the user. To do this, we wanted to redirect the user to the collect-additional-data.jsp page immediately after OAM authentication. This will be only one time operation for the user. How to do this in OAM.
    Thanks!
    Kabi

    Just set additional-data.jsp in your authentication policy success url. So always after authentication user req is redirected to the success url. You can also set the requested url in the response in case you want to retrieve it in your additional-data.jsp.

  • How can I stop authenticated users from getting other user's information?

    We recently discovered that it is possible for authenticated users, via KMu2019s details view, to view details about the other users that have access to the same resource as you.  Our portal (7.0 sp15) is used for an external facing web site.  We have secured it against anonymous users but the problem still remains for authenticated users.  Here is an example:
    The KM folder documents\Public Documents has been assigned read permissions for the group Everyone.  An authenticated user can open the URL https://<host>/irj/go/km/navigation/documents/Public%20Documents and a list of folders are shown.  The user can then select the Details from the menu for one of the folders and the Details iview is displayed.  They then select the menu item Settings > Permissions and the users/groups/roles assigned to this folder are shown.  The user can then select a user and view that users name and email address or the user could select a group and view for each member of the group the user id, name, and email address which could then be used to help attack the site.
    So I thought it would be easy enough to disable the details view for all users but content managers or administrators but I seem to running into difficulty. 
    I tried disabling the Details KM command with limited success.  Even with it disabled, if you know the URL for the details component you can still access it.  So it seems the better option is to take away access to the details component.  It seems that the users are getting access to the Details iView from the standard eu_role.  If I remove the iView from this role then all user have no access to the Details in KM.  I tried to add the iView to another role that content managers would have but when logged in with a user that had that other role I still was not able to access the Details iView. 
    This SAP Help document [http://help.sap.com/saphelp_nw70/helpdata/en/47/f0f7415e639c39e10000000a155106/frameset.htm |http://help.sap.com/saphelp_nw70/helpdata/en/47/f0f7415e639c39e10000000a155106/frameset.htm ]discusses the eu_role(Standard User role) and it states that
    By default, the Everyone group is assigned to the Standard User role. If you choose to use the other every user roles instead, you need to remove these assignments from the Standard User role and apply them to the Every User Core and Control Center User roles.
      But, when I look at what groups the role is assigned to or what roles are assigned to the Everyone group they donu2019t appear to be linked contrary to what the documentation says.  So, what Iu2019m thinking here is that I can create a copy of this role and remove the Details iView from the original and then assign the copy to the content managers and administrators.  Doing this causes all users to lose access, even the content managers.
    I thought Iu2019d give the Security Zones a try to see if this could help me but when I take away rights from here it still allows access.
    Iu2019m stumped.  Iu2019m sure there is some key piece that eludes me.  What can I do to allow users read only access to some KM folders and files while preventing them from viewing the permission/user details?

    The only 3d party apps are Hazel...
    And that's your problem!
    From the Hazel site's description:
    Hazel watches whatever folders you tell it to, automatically organizing your files according to the rules you create.
    Hazel, is a prefPane so you must have some rule (or it supplied the rule as a default) to put pictures (jpg's) from your Desktop (folder) into your Pictures folder.
    Open your System Preferences and Hazel in there and either turn off Hazel or change or delete the appropriate rule covering this situation.

  • How to set user quotas on a certain filesystem

    Hi
    It may be simple and easy question but I'm really new to this
    I need to know how to set user quotas on a certain file system in details
    I know it can be done easily in one step in Solaris ZFS
    but how is it done in Linux ?
    Thanks in Advance :)

    See also:
    How to set user quotas on a certain filesystem

  • Authenticated User not showing up in access log

    Hello all,
    I am trying to get authenticated users to show up in the access log of SunOne Web Server 6.1 SP4 and it doesn't work. It is a default paramter to show up in the access log but doesn't show in the log. In fact, when I set the log to only show the authenticated user in the log, the log is empty and only shows dashes. As you can in the part of the log file below, after the IP address the log should show the authenticated user but doesn't
    Any help? Do I need to modify something else in a configuration file?
    Thanks
    Richard
    10.64.8.62 - - [15/Jul/2007:00:42:28 +0200] "GET / HTTP/1.1" 200 202
    10.64.8.62 - - [15/Jul/2007:00:43:43 +0200] "GET / HTTP/1.1" 200 202
    10.64.8.62 - - [15/Jul/2007:00:44:58 +0200] "GET / HTTP/1.1" 200 202
    10.64.8.62 - - [15/Jul/2007:00:46:14 +0200] "GET / HTTP/1.1" 200 202
    10.64.8.62 - - [15/Jul/2007:00:47:29 +0200] "GET / HTTP/1.1" 200 202
    10.64.8.62 - - [15/Jul/2007:00:48:44 +0200] "GET / HTTP/1.1" 200 202
    10.64.8.62 - - [15/Jul/2007:00:49:59 +0200] "GET / HTTP/1.1" 200 202
    10.65.1.63 - - [15/Jul/2007:00:51:14 +0200] "GET /Windchill/ HTTP/1.1" 200 402
    10.65.1.63 - - [15/Jul/2007:00:51:15 +0200] "GET /Windchill/wtcore/js/com/ptc/core/ca/web/misc/content.js HTTP/1.1" 200 4132
    10.65.1.63 - - [15/Jul/2007:00:51:15 +0200] "GET /Windchill/netmarkets/images/cut.gif HTTP/1.1" 200 104
    10.65.1.63 - - [15/Jul/2007:00:51:15 +0200] "GET /Windchill/netmarkets/images/newdoc.gif HTTP/1.1" 200 215
    10.65.1.63 - - [15/Jul/2007:00:51:15 +0200] "GET /Windchill/netmarkets/images/details.gif HTTP/1.1" 200 214
    10.65.1.63 - - [15/Jul/2007:00:51:14 +0200] "GET /Windchill HTTP/1.1" 302 0
    10.65.1.63 - - [15/Jul/2007:00:51:15 +0200] "GET /Windchill/netmarkets/javascript/util/calendar.js HTTP/1.1" 200 29580
    10.65.1.63 - - [15/Jul/2007:00:51:15 +0200] "GET /Windchill/netmarkets/images/contract_comp.gif HTTP/1.1" 200 79
    10.65.1.63 - - [15/Jul/2007:00:51:15 +0200] "GET /Windchill/netmarkets/images/newfoldertl.gif HTTP/1.1" 200 221
    10.65.1.63 - - [15/Jul/2007:00:51:15 +0200] "GET /Windchill/netmarkets/images/ptclogo.gif HTTP/1.1" 200 1284
    10.64.8.62 - - [15/Jul/2007:00:51:14 +0200] "GET / HTTP/1.1" 200 202

    You didn't say how the server is authenticating the user. Is it succesful? ACLs or Java?
    6.1sp4 is obsolete, update to the latest 6.1 service pack first. If you're using Java, I believe there was a bug years ago that was along the lines of your description. Update to the latest 6.1 service pack and if that doesn't solve the problem, provide more details on how the authentication is configured.

  • Workspace Credential Conflict between Logged-in User and the Authenticated User

    Hi there,
    I am running LiveCycle ES Update1 SP2 with Process Management component on WIN/JBoss/SQL Server 2005.
    I have been encountering user credential conflicts from time to time, but it has not been consistent and the problem manifested in various ways, such as:
    - problem when logging in with error "An error occurred retrieving tasks." on the login screen
    - user logs in successfully but is showing somebody else queue(s) with his/her own queue with no task in there
    - fails to claim task from group queue.
    The stacktrace from the server.log file I collected from a production system shows the exception below.
    Has anybody else encountered the similar problem?
    It looks to me that it doesn't log out cleanly and some kind of caching is done on the authenticated session and is not cleaned up properly on user logout.
    2009-07-10 15:05:13,955 ERROR [com.adobe.workspace.AssemblerUtility] ALC-WKS-005-008: Security exception: the user specified in the fill parameters (oid=F0FA390C-AECC-BB19-F0D7-6CA13D6CBF83) did not match the authenticated user (oid=F25892EE-80CE-8C24-E40D-881F631AA8BE).
    2009-07-10 15:05:13,955 INFO  [STDOUT] [LCDS] [ERROR] Exception when invoking service 'remoting-service': flex.messaging.MessageException: ALC-WKS-005-008: Security exception: the user specified in the fill parameters (oid=F0FA390C-AECC-BB19-F0D7-6CA13D6CBF83) did not match the authenticated user (oid=F25892EE-80CE-8C24-E40D-881F631AA8BE).
      incomingMessage: Flex Message (flex.messaging.messages.RemotingMessage)
        operation = submitWithData
        clientId = F3D2CDD0-330F-F00B-C710-5AF3F7CB4138
        destination = task-actions
        messageId = 7E385A6B-E4E6-3A81-CD6A-630DF4FAE5BB
        timestamp = 1247202313955
        timeToLive = 0
        body = null
        hdr(DSEndpoint) = workspace-polling-amf
        hdr(DSId) = F3C38977-171B-7BED-3B16-F3A5FE419479
      Exception: flex.messaging.MessageException: ALC-WKS-005-008: Security exception: the user specified in the fill parameters (oid=F0FA390C-AECC-BB19-F0D7-6CA13D6CBF83) did not match the authenticated user (oid=F25892EE-80CE-8C24-E40D-881F631AA8BE).
        at com.adobe.workspace.AssemblerUtility.createMessageException(AssemblerUtility.java:369)
        at com.adobe.workspace.AssemblerUtility.checkParameters(AssemblerUtility.java:561)
        at com.adobe.workspace.tasks.TaskActions.callSubmitService(TaskActions.java:788)
        at com.adobe.workspace.tasks.TaskActions.submitWithData(TaskActions.java:773)
        at sun.reflect.GeneratedMethodAccessor941.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at flex.messaging.services.remoting.adapters.JavaAdapter.invoke(JavaAdapter.java:421)
        at flex.messaging.services.RemotingService.serviceMessage(RemotingService.java:183)
        at flex.messaging.MessageBroker.routeMessageToService(MessageBroker.java:1495)
        at flex.messaging.endpoints.AbstractEndpoint.serviceMessage(AbstractEndpoint.java:882)
        at flex.messaging.endpoints.amf.MessageBrokerFilter.invoke(MessageBrokerFilter.java:121)
        at flex.messaging.endpoints.amf.LegacyFilter.invoke(LegacyFilter.java:158)
        at flex.messaging.endpoints.amf.SessionFilter.invoke(SessionFilter.java:44)
        at flex.messaging.endpoints.amf.BatchProcessFilter.invoke(BatchProcessFilter.java:67)
        at flex.messaging.endpoints.amf.SerializationFilter.invoke(SerializationFilter.java:146)
        at flex.messaging.endpoints.BaseHTTPEndpoint.service(BaseHTTPEndpoint.java:278)
        at flex.messaging.MessageBrokerServlet.service(MessageBrokerServlet.java:315)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:252)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
        at com.adobe.workspace.events.RemoteEventClientLifeCycle.doFilter(RemoteEventClientLifeCycle .java:138)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:202)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
        at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:81)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:202)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
        at org.jboss.web.tomcat.security.CustomPrincipalValve.invoke(CustomPrincipalValve.java:39)
        at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.ja va:159)
        at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:59)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11P rotocol.java:744)
        at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
        at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
        at java.lang.Thread.run(Thread.java:595)
    Kendy

    I am having the same server issue and i cant get hold of SP3 to fix it. can anyone tell me how to fix this problem or provided a link where i can get SP3 from? Ive spent most of the day on the phone to Adobe Support and they have been unable to provide me with a link to the service pack.

  • Username not showing up in access log for authenticated users

    I'm using form-based authentication in a Java web application on Sun One Web Server v6.1 to restrict access to authenticated users. However, even after the users authenticate and access the application, the username field in the access log is showing them as anonymous.
    request.getRemoteUser() is reporting the correct username, so it just seems to be the access log that is in error. Right now it is set to the default but changing formats to custom doesn't seem to help in displaying the username.
    Here's an excerpt from the access log:
    // anonymous access attempt, redirects to login page...
    10.100.168.110 - - [01/May/2006:14:34:42 -0400] "GET /profile/index.jsp HTTP/1.1" 302 0
    10.100.168.110 - - [01/May/2006:14:34:42 -0400] "GET /profile/login.jsp HTTP/1.1" 200 3355
    10.100.168.110 - - [01/May/2006:14:34:47 -0400] "POST /profile/j_security_check HTTP/1.1" 302 0
    // at this point they are logged in and their username should be reflected in the access log, but is not:
    10.100.168.110 - - [01/May/2006:14:34:47 -0400] "GET /profile/index.jsp HTTP/1.1" 200 3532 And the relevant code from the web application's web.xml:
    <security-constraint>
        <web-resource-collection>
          <web-resource-name>AllFiles</web-resource-name>
          <description>
                     Restricts anonymous access.
                  </description>
          <url-pattern>/*</url-pattern>
          <http-method>POST</http-method>
          <http-method>GET</http-method>
        </web-resource-collection>
        <auth-constraint>
          <description>
                   Authenticated Users
                  </description>
          <role-name>user</role-name>
        </auth-constraint>
      </security-constraint>I've searched the forums and the manuals but can't see anything showing that the access log's username field doesn't work with form-based authentication. Can anyone shed some light on this?

    Some background:
    The Java Servlet container has its own authentication infrastructure (which is what you configure in web.xml) which is separate from the non-Java authentication infrastructure (ACLs, etc.). If you set up authentication via ACLs the resulting user identity can (though you may configure it not to) propagate to the Java Servlet container such that request.getRemoteUser() will return it, even though no web.xml-driven authentication occurred. The coverse is not true, however: if you authenticate via a Java Realm, based on web.xml configuration, that user identity is not available to non-Java code.
    (Your web.xml snippet doesn't show you using FORM auth - but it doesn't matter, the explanation above applies in any case.)
    That is why the log file (generated from non-Java code) doesn't have access to that user. It probably should, but there's no config option today for you to make that happen.
    If you're using BASIC auth you may consider moving the authentication configuration from web.xml to ACLs as a possible workaround. It will then show up in the access logs.
    If you prefer web.xml-based authentication, consider the <SECURITY audit="true"> option in server.xml. It won't be in the access log but you'll have an audit trail of authentications, which may help.

  • Different User Quotas

    Hellooos,
    I have setted default user quotas for our ims5.2, but now i need to set different quotas, i.e. certain users to have different account quotas than the rest users of the domain!???

    You can set a users mail message quota via the delegated admin, or via ldapmodify by setting the attribute "mailQuta" to the number of bytes. If you use ldapmodify, the number should be an even power of 2, ie for a 200Mb quota, put in 209715200. I'm not sure if this will cause a problem if you don't follow it, but I do know the iDA will modify your input to conform to the rule.
    HTH,
    Roger S.

  • Externally Authenticated User

    Hi, My application is a Pro C / Oracle 8i based application. I was using hardcoded user ids and passwords which we removed thru externally authenticated user. Now my application is stable in production but users are complaining of very slow performance of Oracle database.
    Is this due to externally authenticated user id ? Does it impact the system performance ?
    Edited by: user594301 on Jan 21, 2009 3:01 AM

    Were you using lightweight sessions or connection pooling before and now initiating a new connection for each user?

  • Cannot prevent authenticated users from creating a blog on "My Page"

    I have a brand new Snow Leopard (10.6.1) 2.26 Ghz quad core Xserve with 12Gb RAM that will be used for web collaboration services. I've currently set up Wiki and Blog services with a group membership to allow creating wikis/blogs. The reason for this is for staff development purposes with the plan to add people into the group as they are trained. The process to set it all up was very simple, however, I'm having an issue preventing authenticated users from creating a personal blog. Although I can prevent the creation of wiki's to members of a group easily, any authenticated user on the server can log into "My Page" and will be able to create a blog. I've gone to server admin>choose the server>choose the "access" icon and set the column "for selected services below" (blog) to "allow only users and groups below" (the group) and it still doesn't prevent them from making a blog page. In WGM for the group on the "Basic" tab, the "enable the following services for this group" has only the choice of "none" and therefore since the site isn't showing as a choice, the Wiki, Blog, Calendar and Mailing List is grayed out. I've seen another thread that states in 10.6 that option for setting the service acl in the group settings of WGM is unavailable. Does anyone know a fix for my problem of security access for a "My Page" blog or is it a possible bug in Snow Leopard? Right now my only workaround is to remove the users access and enable it as they are trained. This isn't an ideal fix, however, because we have some users who want to limit their wiki or blog to authenticated users only, not public access. Any help will be greatly appreciated.
    Message was edited by: dstrollo.il

    Ran into this same issue.... Talked with a field engineer who confirmed the behavior. The question now is this a defect or "feature that does not work as as the audience desires". As I far can tell, the security setting for blogs in server admin does nothing at all. This has the potential to cause a few issues as you cannot limit who can have a blog.
    Message was edited by: jlindler

Maybe you are looking for