Can't create blogs for users created in LDAP directory

Similar Messages

• FAQ: BC-LDAP-USR (Directory Interface for User Management via LDAP )

  Version: 20060317
  Q: Where can i find more information to the BC-LDAP-USR interface ?
  A: Have a look on our ICC webpage in the SDN:
  SAP NetWeaver AS - Directory Interface for User Management via LDAP (BC-LDAP-USR)[1] [original link is broken]
  Q: What costs a arising when we want our product to be certified ?
  A: See also our SDN page under the headline "Price List".
  Q: Is there a link/page for the already certified products for this interface ?
  A: Sure, have a look on our ICC page under the headline "Certified Solutions"
  Q: Who can we ask in case of general question ?
  A: Have a look at our general ICC forum:
  SAP Integration and Certification Center (SAP ICC)
  Of course, if you have urgent requests you can send them also directly to our local ICC's:
  ICC Walldorf in Germany: [email protected]
  ICC Palo Alto in USA: [email protected]
  ICC Bangalore in India: [email protected]
  Q: Who can we ask in case of technical questions ?
  A: This depends on the state of your certification project.
  1.) If the certification contracts have been signed then you can ask in this forum and if this does not solve your question go back to your assigned integration consultant.
  2.) When the certification contracts have not been signed then you can ask questions in this forum.

  I distinguish it using the passwordExpirationTime(or something like that, i don't have code here with me).
  This is possible if after password is expired user has at least one more access.It is a user policy that can be set in the Ldap server.
  If it is possible, user can still login and perform operations.You chan search the passwordExpirationTime attribute and determine if password is expired, and the send a message to the user, telling him to change it.(If only one access is allowed and you change the password with the same application or service then do not close context, else you should not be able to connect again.) Instead, if you use an external script, then the last acces should not give you problems.
  Hope i made myself clear.

• How do I create Local Network Home Folders for Users from an Active Directory binding?

  My situation is this... I run an iMac lab at my school.  I have a server set up to manage the network user accounts in the lab.  Currently, I can sucessfully create Local Network Users and log in to them from any of the iMacs.  My school has an Active Directory set up for all the students on campus.  What I'd like to be able to do is configure the server to allow the students to use their user names and passwords from their school accounts to log in to the iMacs and have it automatically build a network user folder on the server for them to use during the lab. 
  So far, I have been able to configure access for the Active Directory accounts to use the services on the server, mainly File Sharing, but I cannot figure out how to allow them to log into a user account on the client's machines using their same Active Directory credentials.  I have even attempted to allow the user accounts to create mobile accounts, but that's not working out either.  Entering indivual network user accounts into the server for every student every semester will be a nightmare.  I'm sure there's a way to do it automatically using the exisitng Active Directory structure.
  The live server is running 10.8.5 Server still, but I've also got a clone running OS X Server in case it matters.  Please help!

  ok reinstalled everything dns seems to be working have done sudo changeip -checkhostname and it says that both names match but then i started open directory and can't seem to get Kerberos started, i've tried changing it to stand alone then back again but it does nothing. I'm wondering why this would happen? i've tried adding a kerberos record but it doesn't do it just does nothing so i don't know what i'm doing wrong. I wondered if it might be a problem with the two network cards and dns as on ethernet one it is getting the dns name xserve.xxxx.ac.uk (which matches what the college server wants to call us) but on ethernet 2 gets xserve-2.local because it tells me that it already exists on ethernet one and renames it to this. I need to set up NAT so have ethernet coming in on port one and out again on port two. I wonder if my dns is backwards as its got the 192. address the NAT uses but its linked to the ethernet port one dns maybe this is the problem. would this cause open directory not to start kerberos?

• Premission settings for users creating files and folder on my XServe

  I am setting up a new Xserve and we are basically using it as a file server. I have a user that logs on creates and new folder and a file. When any one else opens that file it is READ ONLY. What do I need to do to make it so when any of my users create a file or folder on the server any one of my users can have READ/WRITE permission to the files?

  Can you elaborate?  I am not aware of any m3u playlist being present but maybe there is.  I have done this many times before.  I move tons of files around in my music folder, add/delete/change, and rather than have iTunes try to figure it all out again, I just remove everything out of iTunes and add my entire folder back.  I've done it probably 50 times in the past and now, when I do it, it's creating playlists for every single folder or album or something, just as the original poster has described.  I do not like the behavior and would like to turn it off now!  I'm on Mac so iTunes Folder Watch will not work for me.  Any suggestions?

• Workflow creating task for user in Outlook

  Is it possible to create a task in outlook for a specific user via workflow? My Boss want to have every user informed via mail that there is a new element in a list (that works fine) and one User should have a task (even better a complete to do list) in
  his outlook task tab.

  Hi Elite,
  Based on your description, my understanding is that you want to create the tasks for users in Outlook with workflow.
  I recommend to use workflow to create tasks in a task list in SharePoint and then sync the task list with outlook by clicking the button Connect to Outlook in the ribbon of the task list.
  After that, the tasks created in the task list will be automatically synced to Outlook.
  Please refer to the link below for detailed steps:
  http://netizenapps.com/blog/?p=6
  Best regards.
  Thanks
  Victoria Xia
  TechNet Community Support

• NetInstall - Grey screen after logging in for user created during install

  I am creating a NetInstall of 10.8 for mass deployment in my workplace. I am currently having difficulty with a user account that was created by a script that runs in place of the Setup Assistant.
  I am trying to skip the Setup Assistant, and as such, the script touches the /var/db/.AppleSetupDone file (which doesn't exist at this point).
  This works, with the installation progressing straight on to the login screen where the user 'administrator' has been created, and is available for login.
  However, when the user logs in, they are presented with a grey screen & the mouse cursor. No dock, desktop, no finder menu bar.
  I am at a loss as to what is going wrong as this had worked perfectly fine in the developer preview.
  The script is as below: (certain sections have been removed for security purposes)
  Any pointers would be much appreciated.
  #!/bin/sh
  ############# SET VARIABLES ###################
  . /etc/rc.common
  #set primary network interface
  interface=`netstat -r -f inet | awk '/default/{print $6}' | head -1`
  #set server address for packages
  pkgserver='macimaging.blah.qld.edu.au'
  #Get default route's interface's ip address
  ip=`ifconfig $interface | grep "inet 10." | sed -e 's/^.*inet 10/10/' -e 's/ netmask.*$//'`
  #get version number of Mac OS X
  macversion=`sw_vers | awk '/^ProductVersion/{split($2, MINOR, "."); print MINOR[2]}'`
  ############# CHECK ADMIN PASSWORD ###################
  shadow=blah
  i=0
  # initialise variable
  passwd=""
  # if machine is set to automatically image
  if [ `nvram -p | grep -c reimage-key` -eq 1 ]; then
    # remove verbose boot arguments from nvram
    nvram -d boot-args
    # collect admin password
    passwd=`nvram reimage-key | awk '{print $2}' | openssl enc -aes-256-cbc -pass "pass:Aut0mat1cR31mag3" -a -d`
    # check it was successfully decrypted
    if [ $? -ne 0 ]; then
    osascript -e beep
    echo "Automatic imaging key failed. Press enter to continue."
    read
    passwd=""
    fi
    # remove key from nvram
    nvram -d reimage-key
  fi
  # if the admin password wasn't successfully collected
  if [ "$passwd" = "" ]; then
    #clear the screen
    clear
    say -v Victoria "Please enter the Administrator's password"
    while [ $i = 0 ]
    do
      echo "Please enter Administrator's password: (Note: Input is hidden)"
      #read password from stin but don't show
      stty_orig=`stty -g`
      stty -echo
      read passwd
      stty $stty_orig
      hash=`echo $passwd | shasum -a 512 | awk '{print $1}'`
      if [ $shadow = $hash ]; then
          #password is correct; continue with setup
          i=1
      else
          echo "Incorrect. Please try again"
      fi
    done
  fi
  #clear the screen
  clear
  echo "Log:"
  ############# SET EFI PASSWORD ###################
  echo "Setting EFI password"
  #to create a new EFI password, initially set it on a test machine with the GUI utility, then extract its value with: `nvram -p | awk '/security-password/{print $2}'`. Put that value in this command (also replacing our admin password) to generate hash for below: `echo "pass_from_nvram" | openssl enc -aes-256-cbc -pass "pass:ourcurrentadminpassword" -a`
  nvshadow=`echo "blah" | openssl enc -aes-256-cbc -pass "pass:$passwd" -a -d`
  nvram security-mode=command
  nvram security-password=$nvshadow
  #reset running variable for security
  nvshadow=""
  ############# GENERATE RC SHADOW FILE ###################
  #if you don't know how the following lines work, get a pillow ready for screaming into
  #the admin key (which is decrypted below) is used to decrypt publicly distributed packages to change the admin account's password (without having the password in the package in clear text)
  decypted_admin_private_key=`echo "blah" | openssl enc -aes-256-cbc -pass "pass:$passwd" -a -d`
  admin_private_key_hash=`echo "$decypted_admin_private_key" | shasum -a 512 | awk '{print $1}'`
  echo "$admin_private_key_hash $decypted_admin_private_key" >> /var/root/RC_admin_private_key
  chmod 600 /var/root/RC_admin_private_key
  #this keeps a record of the administrator password set on imaging
  RC_admin_pass_hash=`echo "$passwd" | shasum -a 512 | awk '{print $1}'`
  RC_admin_pass_encrypted=`echo "$passwd" | openssl enc -aes-256-cbc -pass "pass:$decypted_admin_private_key" -a`
  echo "$RC_admin_pass_hash $RC_admin_pass_encrypted" >> /var/root/RC_admin_shadow
  #a few security measures
  chmod 600 /var/root/RC_admin_shadow
  RC_admin_pass_encrypted=""
  decypted_admin_private_key=""
  ############# SETUP PARTITIONS ###################
  echo "Updating file system table to mount data partition on boot for user accounts"
  #Find if Home or Data partition exists (N.B. If Bootcamp is used the following awk commands need to be modified to only look for [Hh]ome and not [Dd]ata)
  partname=`diskutil list | awk '/([Hh]ome)|([Dd]ata)/{print $3}' | head -1`
  partdev=`diskutil list | awk '/([Hh]ome)|([Dd]ata)/{print $6}' | head -1`
  #If a Data partition exists
  if [ "$partdev" ]; then
       #Mount it on boot to /Users
       echo "LABEL=$partname      /Users   hfs     rw" > /etc/fstab
       #mount Data drive to /Users
       diskutil umount /dev/$partdev
       mount -t hfs /dev/$partdev /Users
  fi
  ############# CREATE ADMIN ACCOUNT ###################
  echo "Creating Administrator account"
  #create administrator account
  dscl . create /Users/administrator
  dscl . create /Users/administrator RealName "Administrator"
  dscl . create /Users/administrator PrimaryGroupID 20
  dscl . create /Users/administrator UniqueID 501
  dscl . create /Users/administrator NFSHomeDirectory /Users/administrator
  dscl . create /Users/administrator UserShell /bin/bash
  dscl . passwd /Users/administrator $passwd
  dscl . append /Groups/admin GroupMembership administrator
  dscl . append /Groups/_lpadmin GroupMembership administrator
  dscl . append /Groups/admin GroupMembership administrator
  dscl . create /Users/administrator picture "/Library/User Pictures/Sports/8ball.tif"
  dscl . delete /Users/administrator jpegphoto
  #reset running variable for security
  passwd=""
  ############# SET blah NETWORK LOCATION ###################
  echo "Setting up blah network location"
  networksetup -createlocation blah populate
  networksetup -switchtolocation blah
  echo ""
  ############# SET HOSTNAME ###################
  sleep 10
  dhcphostname=`host $ip | sed -e 's/^.* domain name pointer //' -e 's/\..*blah.*$//' -e 's/-wstudent$//' -e 's/-wstaff$//'`
  #while [ $? -ne 0 ]
  #do
  # sleep 5
  # dhcphostname=`host $ip | sed -e 's/^.* domain name pointer //' -e 's/\..*blah.*$//' -e 's/-wstudent$//' -e 's/-wstaff$//'`
  #done
  echo "Setting host name"
  #set host name from dhcp
  scutil --set HostName "$dhcphostname"
  scutil --set LocalHostName "$dhcphostname"
  systemsetup -setcomputername "$dhcphostname"
  ############# SET TIME ###################
  echo "Setting time zone"
  #set time zone
  systemsetup -settimezone Australia/Brisbane
  #set system's locale
  echo "Setting system's locale"
  defaults write "Apple Global Domain" AppleLocale "en_AU"
  echo "Syncing with time server"
  #sync time with local time server
  ntpdate ntp.blah.qld.edu.au
  ############# INSTALL FTP CLIENT ###################
  echo "Downloading and installing ftp client"
  curl -O ftp://$pkgserver/install/ncftp.tar.gz
  tar -xzf ncftp.tar.gz -C /usr/bin/
  rm ncftp.tar.gz
  ############# INSTALL POLICY MANAGER AND UPDATE POLICY ###################
  echo "Downloading and installing Policy Manager"
  #download and install policy manager
  echo 'get -R "pool/Policy Manager.pkg"' | ncftp $pkgserver; installer -verbose -target / -pkg "Policy Manager.pkg"
  rm -R "Policy Manager.pkg"
  echo "Downloading and installing Update Policy"
  #download and install update policy
  echo 'get -R "pool/Update Policy.pkg"' | ncftp $pkgserver; installer -verbose -target / -pkg "Update Policy.pkg"
  rm -R "Update Policy.pkg"
  ############# INSTALL MAC UPDATE COMBO ###################
  echo "Downloading and installing most recent Mac update combo package"
  #download and install the most recent combo update
  echo "get -R pool/MacOSXUpdCombo10.$macversion.Latest.pkg" | ncftp $pkgserver
  chmod -R u+x MacOSXUpdCombo10.$macversion.Latest.pkg
  installer -verbose -target / -pkg MacOSXUpdCombo10.$macversion.Latest.pkg
  rm -R MacOSXUpdCombo10.$macversion.Latest.pkg
  ############# INSTALL ADDITIONAL PACKAGES ###################
  echo "Downloading and installing additional post install packages"
  mkdir postinstall
  cd postinstall
  echo "get -R postinstall/common/*" | ncftp $pkgserver
  echo "get -R postinstall/10.$macversion/*" | ncftp $pkgserver
  chmod -R u+x *
  # save and change IFS
  OLDIFS=$IFS
  IFS=$'\n'
  # read all file names into an array
  fileArray=($(ls))
  # restore it
  IFS=$OLDIFS
  # get length of the array
  tLen=${#fileArray[@]}
  #install each package
  for (( i=0; i<${tLen}; i++ )); do
      installer -verbose -target / -pkg "${fileArray[$i]}"
  done
  cd ..
  rm -R postinstall
  ############# FINISH SETUP ASSISTANT ###################
  #load Policy Manager LaunchDaemon to run on boot
  launchctl load /Library/LaunchDaemons/au.edu.qld.blah.policymanager.plist
  #give time for policy to load
  sleep 2
  #set flag so OS X knows not to run Setup Assistant on next boot
  echo "<?xml version="1.0" encoding="UTF-8"?>\n<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">\n<plist version="1.0">\n<dict>\n <key>Address</key>\n <dict>\n <key>CountryName</key>\n <string>Australia</string>\n </dict>\n</dict>\n</plist>" > /var/db/.AppleSetupDone
  #set flag so blah Updater knows this machine's just been imaged
  echo "setup done" > /var/root/blahSetupDone
  #remove self
  rm /var/root/setup.sh
  echo "\nI will now reboot; please wait"
  say -v Victoria "I will now reboot; please wait"
  reboot

  mattn wrote:
  (1) You cannot run the installer program while booted into your primary partition; you must boot into the DVD. Restart the computer while holding down the C key until the DVD boots.
  This isn't true. The retail Snow Leopard DVD is designed to start the install procedure while started up normally. When you do this, after performing some checks on the target partition it writes some pre-install files to it before restarting automatically from the DVD. This speeds up the install procedure.
  (2) You cannot install Snow Leopard on this computer from a DVD that came with another computer; you must use, as it were, a free-standing commercial Snow Leopard installer DVD.
  The exception is, as Xian Rinpoche correctly surmised, a Mac model released after the currently available retail Snow Leopard DVD became available. The newest Macs require a later version of the OS than what is included on the retail DVD, which is why it won't work with the new i5 & i7 models. (See Don't install a version of Mac OS X earlier than that which came with your Mac for more about this.)
  As a general rule, use either the installer that came with the Mac on its grey system discs or a retail disc released after that Mac model was released. You can also refer to this handy chart of the OS version that ships with each Mac model.

• Create alert for users not login in R12 for specific number of  days

  Dear experts
  we have R12.1.1 .
  i want to create auto alert for users who dont login to R12 application for defined period e.g 30 days .
  please tell me that can i implement this ?
  Regards

  i want to create auto alert for users who dont login to R12 application for defined period e.g 30 days .
  please tell me that can i implement this ?You can use Oracle Alert to do this. To check when was the last time the user logged in to the application, query FND_USER.LAST_LOGON_DATE (for example, SYSDATE - LAST_LOGON_DATE > 30).
  http://etrm.oracle.com/pls/et1211d9/etrm_pnav.show_object?c_name=FND_USER&c_owner=APPLSYS&c_type=TABLE
  Thanks,
  Hussein

• Drop and create tablespace for users

  I am using Oracle 8i. I have created some users and, assigned the default & temporary tablespace to them.
  I would like to drop and re-create the temporary tablespace, should I assign the tablespace to users again?
  my script for creation of users:
  CREATE USER USER01 IDENTIFIED BY ABC
  DEFAULT TABLESPACE WEB_DATA
  TEMPORARY TABLESPACE TEMPORARY_DATA
  PROFILE DEFAULT;

  Hi,
  I would like to drop and re-create the temporary tablespace, should I assign the
  tablespace to users again?If temp tbs is not in usage, you can drop and recreate it without reassign. Users keep this one.
  Nicolas.

• Email notification for user created through reconciliation in OIM

  Hi..
  I have done the following configurations for email notification when user is created through reconciliation in OIM
  Configuring IT Resource     
  Name     Email Server
       Type      Mail Server
       Authentication     FALSE
       Server Name     *.*.*.*
       Username     
       Password     
  Creating email definition with the following values     
  Name     Create User Email Notification
       Type     Provisioning Related
       Language     en
       Region     US
       Object Name     Xellerate User
       Process name     Xellerate User
       From     User
       User Login     Xelsysadm
       Subject      User Created
  Add Email notification in a new process task with name Notify     
  Process definition     Xellerate User
       Task     Notify
       Disable Manual Insert     Enable
       Required for Completion     Enable
       Allow Cancellation while Pending     Enable
       Handler Name     tcComplete Task
       Assignment Rule     Default
       Target Type     User
       User     Xelsysadm
       Email name     Create User Email Notification
       Send Email     Enable
       Notification Assignee     Enable
       Email      Create User Email Notification
       Status     Completed
  Xelsysadm has a valid email id. Now when I am reconciling any user, two mail notifications are being sent. Not able to know from where these two notifications are being triggered.
  Am i suppose to make any changes in the configurations?
  Edited by: Amruta Agarwal on Sep 28, 2011 4:21 AM

  Sorry re-read your issue again. I believe there are two notifications because you have added your notify task in the process definition and OIM OOTB sends a notification when a user is recon'd. Thus remove your task or disable the OOTB notification. The property is Recon.SEND_NOTIFICATION
  HTH,
  BB
  Edited by: bbagaria on Oct 7, 2011 9:13 AM

• Remove prefix when creating menu for user in pfcg

  Can I change the way pfcg creates a use menu? It now starts with the rolename and then the logical SAP menu path. When I have different roles with the same path the "collapse menu" option does not work as the two start with a diffent role name. Can I change this that pfcg starts with the logical path and not with the role name?

  Hi
  If you are getting the role as prefix in the user menu 
  Go to the initial screen (when you logon onto the screen)
  Menu Tab click on Extras
  ->Settings
  In the settings if  you have checked the option of show first level
  -> Show first Level (if un checked you will not get the role name)
  This is what my understanding of your question.
  If not let me know exact problem try to help you.
  Cheers
  Soma
  Message was edited by:
          soma pradeep

• Creating reports for user tables using XL reporter

  Hi all
  i wish to create  a report based on user tables using the XL reporter.
  question is: is it possible? and if so how can it be done?
  appreciate the help
  Yoav

  Hi Yoav,
  XL Reporter cannot pull data from UDTs. However, you can use an Excel template when creating your XL Reporter report and then embed VBA code in the template to pull the UDT data in to the report after the XL Reporter has finished generating the report. It all depends on how you need to combine the UDT data with other SBO data. If you are interested in a report based entirely on UDT data then it would be simpler just to write the report using VBA in Excel (or Crystal).
  Kind Regards,
  Owen

• Create logon for users to see the application only?

  Hello,
  I just built my application and I want to create a logon for only the user to see the application. I created a new user under Admin with no developer and administrator priveleges. I logout and when I logon as the new user, there is nothing on that page. How do I link the application that I built from developer logon to the new user's logon page. Basically, I want to logon as the new user and just see the application that was built. Any help would be appreciated.

  Dung,
  To run the application, do not use the URL that takes you to the Application Builder. Start a new browser session and use a URL like http://host:port/pls/DAD/f?p=5000:1, where 5000 is your application's ID (example only) and page 1 is the page to display after login. Your application will probably have the default HTML DB authentication scheme so that you'll see a login page first, then go to page 1 after authentication.
  Scott

• CAL for users created in AD

  Is CAL license required for each users created in Active Directory ?

  All users in AD need a cal, because it is assumed that all the users will be using the Active Directory to authenticate. Using any service from server needs a CAL. Also bear in mind that even devices which access the servers need CAL (Device CALS).
  Reg,
  Darshan

• Creating HELP for users

  Hi!
  Does anyone know how I could incorporate already written help into my application, let say via link "Help" in the header of my application. I already have help for users of my application written in .doc file. Is there any way to upload this help (I have docTo Help tool available so I can trnsform this file into .chm file or javahelp file or html help file) into static files and then use it in some way in my application.
  Thnx,
  Nataša

  Nataša,
  Yes, you can make that file available. There are several ways to do it but the easy ways are probably not the best long term strategies. Did you want to start with the easy way anyway?
  Regards,
  Dan
  http://danielmcghan.us
  http://sourceforge.net/projects/tapigen
  http://sourceforge.net/projects/plrecur
  You can reward this reply by marking it as either Helpful or Correct ;-)

• Use iBog created blog with iWeb created web site?

  Just began playing around with iWeb, and so far, like it a lot. But I already have a published blog using iBlog. Can I import that existing blog? Do I just link to it?
  Thx,
  G5 Dual 2.7 GHz   Mac OS X (10.4.6)  

  You can't import your iBlog created blog into iWeb, but you can create a link to it from one of your iWeb pages.