C# client for SunOne Directory

Similar Messages

• JAAS LoginModule for SunOne Directory Server?

  I have a customer who is using SunOne Directory Server for LDAP.
  I have test code that uses the JAAS's com.sun.security.auth.module.JndiLoginModule to do authentication against an OpenLDAP test server.
  The test code won't work at the customer site because they need to use a special userid/pw along with the subject userid/pw in order to do an authentication. I assume this is LDAP v3 stuff, but the customer is unsure. Unfortunately I have no direct access to the customer's LDAP admin folk. Typical bureaucracy stuff.
  The customer was able to write java code that authenticates to his LDAP server using example code from http://java.sun.com/products/jndi/tutorial/ldap/security/ldap.html which uses the JNDI API and specifies the access userid/pw using Context.SECURITY_PRINCIPAL and Context.SECURITY_CREDENTIALS.
  So thats great, however my application uses JAAS, and therfore only indirectly uses JNDI. The JndiLoginModule provided by JAAS does not appear to support the Context.SECURITY_PRINCIPAL and Context.SECURITY_CREDENTIALS parameters.
  A custom JAAS LoginModule could be written which interfaces to the JNDI LDAP stuff, however considering that JAAS and the SunOne Directory server are both Sun products, I thought perhaps SunOne Directory comes with a JAAS compatible LoginModule that my customer does not know about? I've looked at online docs, but haven't found any such thing yet.

  Hey dav,
  Sorry that I am not posting to give you a solution - it is more to ask for some guidance.
  I am implementing a client-server arch system which has a lot of 'privileged' actions to be managed. I have thus succesfully integrated the basics of JAAS in to the system... but I am now desparately looking for away to have client-side policies distributed at runtime from the server.
  I do not want to get involved with any web/application server stuff more than I need to; unfortunately one of the system requirements is for client-server comms to be facilitated by SOAP over HTTP, and thus probably JAX-RPC - but it is no problem. I have a developed a database backed Policy and (JAAS) Config which constitute parts of the server component. Now it is just a case of getting the policy to the client at client start-up and subsequently the configuration forJAAS authentication. The aim is that this data will be transfered once during login, and anytime that the the policy is requested to be refreshed.
  Since reading you post, I'm wondering what services LDAP or JNDI can offer me?
  Also, is JNDI an appropriate option for data persistence? is it better to go with JDO or some other object store abstraction.
  Kind regards,
  Darren B

• Setup Java system directory server 6 client for user authentication

  I am trying to set up a native LDAP client for sun directory server 6 for network based user authentication. I checked the sun doc for naming service (LDAP) and the documentation are for setting up LDAP client for directory server 5. Is there any documentation for setting up LDAP client for directory server 6? Or the documents for setting LDAP client for directory server 5 is still good for 6? Particularly, I want to use SSL communication between server and client.

  Hi,
  could be one of the other 'bad jokes' of DS/ldapclient because the documentation describes a lot of stuff about profiles etc. but: you need some special schema files to use the whole stuff and they are not installed with Solaris or DS (and they include the NisDomainObject). I had to search for them in the internet. They are also printed in the documentation. Save them in your server's config/schema directory as i.e. 61DUAConfigProfile.ldif and 62nisDomain.ldif and try idsconf again (maybe you have to cleanup something).
  I test and prepare DS6 here, and we will use it in production too. I hadn't any problem with it and it has some important advantages over DS5.2. But we won't have a huge directory so I can't tell you anything more about it.
  Regards
  Jochem Ippers
  Here are the ldifs:
  61DUAConfigProfile.ldif:
  dn: cn=schema
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.0 NAME 'defaultServerList' DESC 'Default LDAP server host address used by a DUA' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.1 NAME 'defaultSearchBase' DESC 'Default LDAP base DN used by a DUA' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.2 NAME 'preferredServerList' DESC 'Preferred LDAP server host addresses to be used by a DUA' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.3 NAME 'searchTimeLimit' DESC 'Maximum time in seconds a DUA should allow for a search to complete' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.4 NAME 'bindTimeLimit' DESC 'Maximum time in seconds a DUA should allow for the bind operation to complete' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.5 NAME 'followReferrals' DESC 'Tells DUA if it should follow referrals returned by a DSA search result' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.6 NAME 'authenticationMethod' DESC 'A keystring which identifies the type of authentication method used to contact the DSA' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.7 NAME 'profileTTL' DESC 'Time to live, in seconds, before a client DUA should re-read this configuration profile' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.14 NAME 'serviceSearchDescriptor' DESC 'LDAP search descriptor list used by a DUA' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.9 NAME 'attributeMap' DESC 'Attribute mappings used by a DUA' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.10 NAME 'credentialLevel' DESC 'Identifies type of credentials a DUA should use when binding to the LDAP server' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.11 NAME 'objectclassMap' DESC 'Objectclass mappings used by a DUA' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.12 NAME 'defaultSearchScope' DESC 'Default search scope used by a DUA' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.13 NAME 'serviceCredentialLevel' DESC 'Identifies type of credentials a DUA should use when binding to the LDAP server for a specific service' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.15 NAME 'serviceAuthenticationMethod' DESC 'Authentication method used by a service of the DUA' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'user defined' )
  objectClasses: ( 1.3.6.1.4.1.11.1.3.1.2.4 NAME 'DUAConfigProfile' SUP top STRUCTURAL DESC 'Abstraction of a base configuration for a DUA' MUST ( cn ) MAY ( defaultServerList $ preferredServerList $ defaultSearchBase $ defaultSearchScope $ searchTimeLimit $ bindTimeLimit $ credentialLevel $ authenticationMethod $ followReferrals $ serviceSearchDescriptor $ serviceCredentialLevel $ serviceAuthenticationMethod $ objectclassMap $ attributeMap $ profileTTL ) X-ORIGIN 'user defined' )
  62nisDomain.ldif:
  dn: cn=schema
  attributeTypes: ( 1.3.6.1.1.1.1.30 NAME 'nisDomain' DESC 'NIS domain' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'user defined' )
  objectClasses: ( 1.3.6.1.1.1.2.15 NAME 'nisDomainObject' SUP top STRUCTURAL MUST nisDomain X-ORIGIN 'user defined' )

• Regarding sunone directory server

  Hi, i am posting this topic here cos i cudnot find any forum for directory server,
  my query is that do we have any limitaions in group memberships for sunone directory server, kindly reply soon cos its urgent.

  http://forum.java.sun.com/index.jspa?tab=es

• Basis: No service for system , client  in Integration Directory??

  Hi All,
  IDocs from SAP QA are not being sent to PI QA. I see error in SM58 in SAP QA as: No service for system , client  in Integration Directory.  Please dont jump to asnwers by looking at above error. I could fix that, but thats not the real problem.
  Because I have checked
  1) SLD home page ---> Technical Landscape --> Select Web AS ABAP --> Select the technical system --> Clients ---> Click on the client used as Business system --> Here look for the logical system is defined (No Problem here, as logical systems is defined).
  2) ID---> Click on Objects --> Service Without party/Party > Double click on business system>On the tright side--> Service --> Adapter specific Identifiers ---> Check IDoc Adpater, Logical System (No Problem here as I see Logical System).
  But I can't find values R/3 System ID and Client under "IDoc Adapter and RFC Adapter". I think thats problem here, when I click on "Compare with SLD" in edit mode, values are not getting populated into R/3 System ID and Client. It makes think there is communication error from ID to SLD. How I do confirm if its the real problem?
  3) Checked Note 940313 - IDoc adapter: Error messages in SM58, No problem here
  4) Did SLDCHECK from PI QA, works fine, no problems here
  Both PI DEV and PI QA pointing to the same SLD. When I send IDocs from SAP QA to PI DEV, everything works fine. I can't send IDoc from SAP QA to PI DEV (changed RFC des to point to PI QA, it shouldn't be a problem).
  How do I find out if communication between PI QA - ID is workign fine with the SLD? Is there any other issue you can think of causing the above error?
  Thank You,
  Indrasena Janga

  *I have trobleshooted  a similar issue. In my case also the tRFC failed with the error "No service for system SAP, client 400 in Integration Directory".There were 11 IDOCS associated with this tRFC and when I saw control record of first IDOC,in sender information ,the sender partner number was wrong.Instead of "SAPSID",it was found as just "SAP".Where as the remaining ten were maintained with correct sender partner number.remaining ten IDOCS were dependant on first one.
  Thanks,
  Varada Reddy

• Directory Caching issue with Cisco Jabber client for Windows

  Hi ,
  I am facing cache issue with Cisco Jabber client for Windows. If I do any change related to modification or deletion of contacts in Active Directory/ Callmanager, it does not reflect in the Jabber. Because jabber takes the contacts from the locally stored cache file in the Windows system.
  Every time I have to remove the cache file to overcome this issue, practically it's not possible to do the same with all the Widows users. As, if any employee leaves the company and still I can see his contact appears in the "Cisco Jabber client". I have not seen this issue with Android/Apple iOS.
  Is there any automated way to remove the cache file? 
  Here is the detail of CUCM,Presence and Jabber.
  CUCM version: 9.1.x
  Presence          : 9.1.X
  Jabber              : 10.5 and 10.6

  Hello
  On our environment we had to install a dedicated Microsoft Certificate Authority "just for Cisco Jabber usage" to house the
  Network Device Enrollment Service.
  Our certificate for the CUPS were generated on this Certification Authority too.
  I discussed this certificate matter with my colleagues this afternoon and nobody seems to remember how these certificates were deployed into the
  Enterprise Trust store for the users.
  But I think they asked all 400 users to accept the 3 certificates by answering "yes" to the popup instead of using a script deployed by GPO...
  I wish you success with that deployment and really hope you have a technical partner that *Knows* this subject.
  Our partner left us alone with that unfortunately.
  Florent
  EDIT: If the "Certutil script method" works, please let me know. This could be useful in our own deployment.

• No service for system 'system', client 'client' in Integration Directory

  Hi experts,
  I'm getting troubles while testing the first HR IDOC to SOAP scenario in the system. The IDOC in HR is a customized one but was perfectly created. It's not my first IDOC to SOAP scenario so I'm in conditions to ensure it is correctly configured. I'm getting the troubles in the connection between HR and XI and the message given by HR at SM58 transaccion is: No service for system 'system', client 'client' in Integration Directory.
  can anybody help me solve this issue?
  thanks.
  Roberto Solotun

  >
  RSolotun wrote:
  > Hi Neetesh, I'm sure that the troubles came from the Bussines system but I cannot realize where it is. The logical system is specified for the corresponding Business system in the ID.
  >
  > Thanks
  >
  > Roberto Solotun
  /people/michal.krawczyk2/blog/2005/03/29/xi-error--unable-to-convert-the-sender-service-to-an-ale-logical-system

• No service for system ..PI, client. in Integration Directory -IDOC

  Hi,
  I am getting following error when try to post IDoc frm SAP to SAP XI:
  No service for system ..PI, client. in Integration Directory -IDOC
  I have verified the following transactions:
  port,RFC destinations are correct in SAP and XI systems(verfied in SM59,IDX1,BD64 and in SLD)
  Please help me here

  This error was resoved now.
  What is the cause?
  In ID, Adapter spefic Identifiers for SAP Business System does not have R/3 System ID and Client and It has only Logical System name. Its bcoz of cache prob between XI and SLD.
  Resolution:
  There is an option to refresh, so that Adapter specific identifiers was refreshed from SLD and values got populated for R/3 System ID and Client name.
  Generally when Business System is imported from SLD to XI, these 3 parameters(Logical System name,R/3 System ID and Client) will populate automatically.
  Thanks for Inputs:)

• Tcp_conn_hash_size value For Solaris 9 with SunOne Directory 5.2

  I'm really confused. The default value for tcp_conn_hash_size in Solaris 8 and 9 is 512, I have verified this with documentation and ndd commands on various systems. A contractor who assisted with our SunOne Directory 5.2 deployment recommended that the value be set to 256 and when I checked the Blueprint book, LDAP in the Solaris Operating Environment, the output from idsktune printed in the book indicates that 256 is the default. However, when I run idsktune on a Solaris 8 or Solaris 9 system, no mention is made of "decreasing" this default value. Why would someone want to decrease this value?

  This looks like it may be a bug where the original default value got hard coded or something. You're right that it's probably more likely you'll want to increase tcp_conn_hash_size, perhaps 8192 or higher if you need to support a high number of concurrent connections.

• A client made a DirSync LDAP request for a directory partition. Access was denied due to the following error

  We started getting this error when we installed Lync Server. I already verified that the "RTCHSUniversalServices" group has “Replicating Directory Changes" permission.
  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  A client made a DirSync LDAP request for a directory partition. Access was denied due to the following error.
  Directory partition:
  DC=<domain>,DC=com
  Error value:
  8453 Replication access was denied.
  User Action
  The client may not have access for this request. If the client requires it, they should be assigned the control access right "Replicating Directory Changes" on the directory partition in question.
  +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  Domain Controllers and Lync server are running on Windows 2008 SP2. Any other things that I could check?

  A client made a DirSync LDAP request for a directory partition. Access was denied due to the following error.
  Directory partition:
  DC=<domain>,DC=com
  Error value:
  8453 Replication access was denied.
  User Action
  The client may not have access for this request. If the client requires it, they should be assigned the control access right "Replicating Directory Changes" on the directory partition in question.
  oas4ever

• Cisco Jabber for Mac - Directory Lookup and Contact Fields

  Hello,
  After having issues myself with Cisco Jabber for Mac 9.2 specifically with Active Directory lookups not working, or contact information not populating (and therefore not being able to call users from the contact list as no telephone information exists) I am including a sample jabber-config.xml file that works for me.
  Please note: there are many different ways to configure this. What I will be showing is the method that works for me and my deployment, which is pretty standard.
  As always and as a disclaimer, once again, this is what has worked for my deployment scenario. Always keep backups of your configuration files, and always be mindful of anything you have configured already, especially in the jabber-config.xml file.
  Background
  My deployment is based on CUCM 9, with 1 publisher and 2 subscribers. I also have a CUCM IM & Presence 9.0 server. This assumes that you have already configured your deployment and Jabber is functioning already, albeit with the aforementioned issues.
  As for Active Directory, my deployment will be based on Windows 2008 R2 Domain Controllers running in native 2008 mode. For this example, we will be searching directly against one of the DCs with a Global Catalogue role. Please be aware that in large deployments you will have to plan accordingly with regards to lookup traffic from Jabber clients to the DCs.
  Also, as of Cisco Jabber for Mac 9, the client no longer can search via the CUCM internal directory (which may be made of local end users, Active Directory synced users, or a mix of both) and this must be done via a LDAP mechanism.
  Scenario
  In this deployment scenario, Cisco Jabber for Windows is working properly - you can search and add people from Active Directory, and contacts in your contact list have all the appropriate fields populated from Active Directory. However, when trying the same with Jabber for Mac, Jabber for iPhone or Jabber for iPad you notice that you cannot perform a directory lookup, and if you add people directly (for example, [email protected]) the user only has the IM field populated. No telephone, email or additional information is displayed.
  Solution
  Whereas Cisco Jabber for Windows uses the EDI mechanism (native Windows), whereby when running from a computer that is on the domain (or in the event that you are search for contacts in another Active Directory domain where a domain trust exists) , Jabber for Mac / iPhone / iPad uses the BDI mechanism.
  In this case, you will need to provision a jabber-config.xml file that you will upload to your TFTP server (or Publisher) that will be "downloaded" by your Jabber for Mac client and also used by the iPhone and iPad client. You can configure many options in the jabber-config.xml file, but for this example we will place just the information that we need to order for these clients to request and display Active Directory information.
  Please note that the configuration may vary depending on your deployment, but at the very least we will be:
  - Configuring a DC where we will perform the lookup.
  - Configure credentials that will be used to perform the lookup. This will be an Active Directory account that has read rights on the Active Directory domain. Please note that these credentials are saved in plain text in the file, so ensure that the account that you will be using is not privileged.
  - Configure the server port that we will be using to perform the lookup.
  - Configure the Search Base. This is basically where we want the directory lookup to happen. You can either choose for this lookup to start at the "base" of the domain (and therefore the search will iterate through all the user accounts and and OUs below the root base) or define a specific OU where you want to search.
  Caution!
  - There is a current limitation with Cisco Jabber for Mac whereby you can only have 1 search base configured. Please keep this in mind if, like me, you have multiple OUs (like an OU for each company in your organization) and under these OUs you have sub OUs as a user account container.
  - If using the top level search base, unless you specify a filter, you will potentially be able to search for all user accounts in the domain. You will need to configure the <BDIBaseFilter> parameter if you want to fine tune your search ability.
  Steps
  These are the steps I have followed. Other steps or considerations may vary.
  - Log in to your TFTP server and download the jabber-config.xml file and keep it as a backup. If you are already using the jabber-config.xml file for other purposes, do not worry - you can add your BDI information parameters inside.
  - Remove the jabber-config.xml file
  - Edit the jabber-config.xml file and configure thus:
  <?xml version="1.0" encoding="UTF-8"?>
  <config version="1.0">
      <Directory>
          <DirectoryServerType>BDI</DirectoryServerType>
          <BDILDAPServerType>AD</BDILDAPServerType>
          <BDIPrimaryServerName>DOMAIN CONTROLLER IP ADDRESS</BDIPrimaryServerName>
          <BDIPresenceDomain>YOUR PRESENCE DOMAIN</BDIPresenceDomain>
          <BDIServerPort1>3268</BDIServerPort1>
          <BDISearchBase1>YOUR SEARCH BASE</BDISearchBase1>
          <BDIConnectionUsername>[email protected]</BDIConnectionUsername>
          <BDIConnectionPassword>PASSWORD</BDIConnectionPassword>
          <BDIEnableTLS>0</BDIEnableTLS>
      </Directory>
  </config>
  For example, let´s assume the following:
  - Domain controller IP address is 10.1.1.2 .
  - Your presence domain is test.local .
  - Your search base will be test.local using the top level of the domain.
  - Your username with which you will be doing your searches is called walt . Usually you can either identify walt as test.local\walt or [email protected] . It is always best, in these sort of scenarios, to use the UPN convention so we will be configuring a [email protected] .
  - The password is the Active Directory password for the account walt .
  - I have disabled TLS in my case. There are issues with the Jabber for Mac client when using other security methods.
  <?xml version="1.0" encoding="UTF-8"?>
  <config version="1.0">
      <Directory>
          <DirectoryServerType>BDI</DirectoryServerType>
          <BDILDAPServerType>AD</BDILDAPServerType>
          <BDIPrimaryServerName>10.1.1.2</BDIPrimaryServerName>
          <BDIPresenceDomain>test.local</BDIPresenceDomain>
          <BDIServerPort1>3268</BDIServerPort1>
          <BDISearchBase1>DC=test,DC=local</BDISearchBase1>
          <BDIConnectionUsername>[email protected]</BDIConnectionUsername>
          <BDIConnectionPassword>walt01!</BDIConnectionPassword>
          <BDIEnableTLS>0</BDIEnableTLS>
      </Directory>
  </config>
  One you have configured the jabber-config.xml file, you will now need to upload it to you TFTP server. Once uploaded, you will need to restart the Cisco TFTP service. Again, my TFTP server is on my CUCM publisher, so:
  - I go to Cisco Unified OS Administration on my Publisher server, TFTP File Management and I upload jabber-config.xml to / directory
  - I then go to Cisco Unified Serviceability on my Publisher server, I locate the Cisco TFTP service and I restart the service
  Once this is done, you can figure up your Jabber for Mac client. As a test, on your Mac (using Terminal) go to:
  /Users/username/Library/Application Support/Cisco/Unified Communications/Jabber/Config
  In here you will see several files, but what we want to see is jabber-config.xml . As soon as you start the Jabber for Mac client and log in, the jabber-config.xml file will download from your TFTP server and get saved here. When you see it appear, just type in your terminal window more jabber-config.xml and make sure that the output is the same as the xml file you created.
  From there, try doing directory search. If you have previously added contacts and they still lack attribute information, you will need to remove them (sometimes it will not refresh properly) and add them again from the directory.
  I will be updating this guide and ammending anything that is incorrect, but this is meant to be a quick checklist and steps to get this, at least in the most very basic version, up and running for Jabber for Mac.

  Hello, 
  Thanks for this post! It works, I can do lookup and also I can add found contact to contact list and get information about contact from LDAP.
  One more question: - I can't get all information about contact. I don't get e.c mobile phone number and more others attributes. I have tried to expand your file as follows:
  <?xml version="1.0" encoding="UTF-8"?>
  <config version="1.0">
      <Directory>
          <DirectoryServerType>BDI</DirectoryServerType>
          <BDILDAPServerType>AD</BDILDAPServerType>
          <BDIPrimaryServerName>IP of AD</BDIPrimaryServerName>
          <BDIPresenceDomain>Presence Domain</BDIPresenceDomain>
          <BDIServerPort1>3268</BDIServerPort1>
          <BDISearchBase1> Search Base</BDISearchBase1>
          <BDIConnectionUsername>User</BDIConnectionUsername>
          <BDIConnectionPassword>Password</BDIConnectionPassword>
          <BDIEnableTLS>0</BDIEnableTLS>
          <BDISipUri>msRTCSIP-PrimaryUserAddress</BDISipUri>
          <BDIPhotoSource>thumbnailPhoto</BDIPhotoSource>
          <BDIBusinessPhone>telephoneNumber</BDIBusinessPhone>
          <BDIMobilePhone>mobile</BDIMobilePhone>
          <BDIHomePhone>homePhone</BDIHomePhone>
          <BDIOtherPhone>otherTelephone</BDIOtherPhone>
          <BDITitle>title</BDITitle>
          <BDICompanyName>company</BDICompanyName>
          <BDILocation>co</BDILocation>
          <BDIPostalCode>postalCode</BDIPostalCode>
          <BDICity>l</BDICity>
          <BDIState>st</BDIState>
          <BDIStreetAddress>streetAddress</BDIStreetAddress>
      </Directory>
  </config>
  But it didn't help.
  When I capture lookup via Wireshark, I can see that Jabbers sends search request with bunch of attributes, but from LDAP answer contains only 8 attributes. (see attached screenshots)

• EMC Crash when i try to - reset client access virtual directory

  Hi All,
  I have one exchagne server 2010 sp3 rollup 7 installed on server 2012R2 Std.
  When i try to reset client access virtual directory the MMC is crashing.
  In the event viewer i can find 3 error after to crash:
  1.
  The program mmc.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
   Process ID: 2360
   Start Time: 01d04e7b531a4a0d
   Termination Time: 4294967295
   Application Path: C:\Windows\system32\mmc.exe
   Report Id: 69db84d3-ba91-11e4-80c3-0050569b5787
   Faulting package full name: 
   Faulting package-relative application ID: 
  2. 
  Application: mmc.exe
  Framework Version: v4.0.30319
  Description: The process was terminated due to an unhandled exception.
  Exception Info: System.Reflection.TargetInvocationException
  Stack:
     at Microsoft.ManagementConsole.Executive.MmcThreadMessageWindow.OnThreadException(Exception e)
     at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
     at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
     at System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr dwComponentID, Int32 reason, Int32 pvLoopData)
     at System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
     at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
     at Microsoft.ManagementConsole.Internal.SnapInMessagePumpProxy.Microsoft.ManagementConsole.Internal.ISnapInMessagePumpProxy.Run()
     at Microsoft.ManagementConsole.Executive.SnapInThread.OnThreadStart()
     at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
     at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
     at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
     at System.Threading.ThreadHelper.ThreadStart()
  3.
  Faulting application name: mmc.exe, version: 6.3.9600.17415, time stamp: 0x54504e26
  Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737
  Exception code: 0xe0434352
  Fault offset: 0x0000000000008b9c
  Faulting process id: 0x2014
  Faulting application start time: 0x01d04e9e432feaef
  Faulting application path: C:\Windows\system32\mmc.exe
  Faulting module path: C:\Windows\system32\KERNELBASE.dll
  Report Id: b8276755-ba91-11e4-80c3-0050569b5787
  Faulting package full name: 
  Faulting package-relative application ID: 
  When i try to preform the task from EMC that installed on my PC (Win 7 SP1 x64) everything works fine
  Thank you.

  Hi Eliran,
  Thank you for your question.
  Are there any update recently?
  We could refer to the following steps to troubleshoot:
  1)disable A/V
  2) Run: DISM.exe /Online /Cleanup-image /Restorehealth
  http://support.microsoft.com/kb/947821/en-gb
  3) follow http://support.microsoft.com/kb/929833/en-gb to upload %WinDir%\Logs\CBS\CBS.log
  4) disable snap-ins exept DNS-snapin
  5) run SDP
  6) enable A/V
  We could also re-install .Net 4.0 to check if the issue persist by the following link:
  http://www.microsoft.com/en-us/download/details.aspx?id=17718  
  If the issue persist, we could install Exchange 2010 SP3 CU8 by the following link:
  http://www.microsoft.com/en-us/download/details.aspx?id=45225
  If there are any questions regarding this issue, please be free to let me know.
  Best Regard,
  Jim

• Help me in writing client for this JAX ws Web service

  Hi ,
  I am unable to write client for my Webservice deployed under glass fish v3 .please help.
  package jws;  
  import javax.jws.WebService;  
  import javax.jws.WebMethod;  
  import javax.jws.WebParam;  
  @WebService(name="CalculatorPortType")  
  public interface Calculator {  
      @WebMethod 
      public int add(int value1, int value2);  
  } package jws;
  import javax.jws.WebService;
  @WebService(serviceName = "Calculator",
              portName="CalculatorPort",
              endpointInterface = "jws.Calculator")
  public class CalculatorService implements Calculator {
      public int add(int value1, int value2)
           System.out.println("Inside web service class ");
          return value1 + value2;
  My client which is incomplete :please help
  import java.net.URL;
  import jws.CalculatorService;
  import jws.Calculator;
  import javax.xml.ws.Service;
  import sun.print.resources.serviceui;
  public class Hi {
  @WebServiceRef(wsdlLocation=
  "http://localhost:8089/Ram/Calculator?wsdl")
  CalculatorService service ;
  public static void main(String argsp[]) throws Exception
  } This is deployed under glassfish v3.

  When you just use the JAX-WS standard you do not need any WebLogic related classes to create a client for your web service.
  When the web service is deployed the WSDL can be accessed. By using this WSDL you can create your client by using tools
  such as wsimport (which comes with a JDK distribution and is located in the JDK_HOME/bin directory)
  wsimport -keep -d C:\YOUR_PROJECT\src http://hostname:port/context/SomeWebService?wsdlthe 'keep' option make sure the generated .java files are not thrown away.

• Building WSDL client for OIM SPML webservice

  Has any one created WSDL client for OIM SPML webservice,
  Any help is appreciated.
  Thanks,
  Pandu
  old thread -->
  add udfs to spml prov. request to oim
  ==========================
  Hi,
  I am provisioning users in OIM from by sending spml requests
  I used the sample client that comes in xellerate directory.
  How can I update spml requests to include UDFs to create user in him with udf s.
  Thanks
  Pandu
  Edited by: pandu345 on Aug 5, 2009 3:27 PM

  Hello there,
  There is a .NET web service client which is successfully able to access the weblogic application server wsdl from oim 9101 and it can see the complete user profile as a response from the same.
  1.) Now, there is a situation where oim needs to send some attribute values to that .NET web service client, after the data from their side comes to OIM and updates a single attribute values for e.g. PIN. How can we do that ?
  2.) and I want to add some UDFs into the existing SPML provisioning user profile. How can I do that ?
  3.) Also, how will OIM know that it was able to successfully send the attribute values to the web service client.
  http://download.oracle.com/docs/cd/E10391_01/doc.910/e10360/creategtc.htm#Toc153968032
  I have gone through this. I didnt found this in OIM 9101.
  Any ideas/references/clues/hints appreciated in this concern.
  Thanks in advance,
  - oidm.

• Instant client for SQLLDR

  I see Oracle provides several instant client downloads. Is there a SQLLDR instant client, or a lite version that doesn't require the whole Oracle client for Linux (both 64 and 32 bit)?

  yes - i am sure - things to consider:
  the sqlldr needs to be from the same O/S (if obv, sorry)
  you need to copy the contents of the rdbms/mesg/ folder so the status messages can be displayed.
  make sure you've got a ln to bin and lib.
  here is a typical instant client folder contents:
  rdbms/mesg/ (directory)
  network/admin/tnsnames.ora (directory & file)
  lib     ->     ../instantclient_10_2
  bin     ->     ../instantclient_10_2
  install          (directory)
  libclntsh.so.10.1
  libociei.so          
  libnnz10.so          
  libocci.so.10.1          
  libclntsh.so.10.1          
  ojdbc14.jar          
  libocijdbc10.so          
  classes12.jar          
  sqlplus          
  libsqlplus.so          
  libsqlplusic.so          
  glogin.sql          
  sqlldr          
  hope this helps; let me know
  also - i still have no exception or idea if Oracle Support will support this.