Can you authenticate user/password from SAP to Active Directory

Similar Messages

• Mac os x wiki server can't authenticate user password from active directory recently after we upgraded to windows 2008 server.

  after upgraded to windows 2008 server, our  mac os x wiki server can't authenticate user password anymore. How can I re-bind the wiki server to the AD again? thanks in advance.

  Solved it by deleting the user and creating a new one with the same userID.
  Maybe it occured because I marked the "user has to change password after first login" box when resetting the password but didn't yet allow him to do so in the webpages menu?!?

• Can you authenticate users from 2 different AAA-servers for one specific tunnel-group?

  I need to authenticate users from two separate AD LDAP databases on the same tunnel-group. I would like them to use the same tunnel-group and thereby using the  same group-alias. I tried creating a new aaa-server group and putting both LDAP servers into group but apparently the ASA does not roll through the separate servers in the aaa-server group and will stop if the first server states that the authentication failed.
  I also tried assigning multiple aaa-server groups into the tunnel-group authentication-server-group but that also did not work. I finally tried to create a separate tunnel-group and assigning it the same group-alias but the ASA will not allow me to assign the same group-alias to different tunnel-group. What is the best way to accomplish this without having to create a new group-alias that will show up and possible confuse the dumb users requiring this access? Please help.

  If you don't want ANY drop down I believe you can do it in a kludgy sort of way.
  Eliminate all the group aliases (which are used to populate the dropdown) and make a local database of the users for the sole purpose of assigning / restricting them to a non-default tunnel-group which authenticates to the secondary LDAP server. 
  You can also send out a non-published URL that points to a second tunnel-group not in the dropdown.
  Of course, we can accomplish this if the AAA server is ISE. ISE 1.3 can authenticate users to multiple AD domains (with or without trust relationships) or a single domain with multiple join points in the Forest.
  The ISE answer makes me wonder - could you establish trust between the domains and authenticate users that way?

• Can you access ~\Users\Sharing from a PC on the network?

  I have a mixed home network of 3 PCs and one Mac Mini. I want to store all the digital music on the Mac Mini and share it with the PCs.
  I have successfully created networking links between the PCs and the Mac. For example, I setup a MYPC account on the Mac and I can map a PC network drive to \\MacMini\MYPC\Music. This works fine, and survives a reboot. BUT IT ONLY GETS ME INTO THE FOLDER ON THE MAC WITH THAT USER'S FILES (MYPC), NOWHERE ELSE. So it's not a directory everyone can use (public).
  I am trying to map \\MacMini\Users\Sharing and I can't get to it from the PC at all. I've tried using the IP address also. Nothing gets me there. This is after being connected in as an authorized account on the Mac. I thought that folder was open to all? Any suggestions?
  I've also tried using a public folder on the Mac account to share. Also unsuccesful. Each PC user can easily see their own public folder (and more). Sometimes after I'm logged in, I can directly type in the address \\MacMini\MacUser\Public and see it, but it's intermittment and unpredicatable. I'm, open to this route, if I could get it to work.
  This is a real head-scratcher. Please help me out.

  You will need to use Sharepoints in order to share specific folders
  http://www.hornware.com/sharepoints/
  iFelix

• Can you get User Data from a XI/PI System ?

  Hello All
  Can you with GRC 5.3 use PI as a User Data Source?
  How?
  Thank you

  Hi Kristian,
  for the AC 5.3 system user store itself or for the user details / user search you could use SAP ABAP, SAP UME, LDAP, etc.
  Short: yes, you could use the ABAP user store of PI.
  Best,
  Frank

• Can you delete Airport passwords from previous owner?

  I was looking under Keychain System and saw the previous owners Airport network password from before I purchased the macbook Pro with retina running Mountain Lion. Can I delete all of the iPhone 5 etc that are not mine? I see my ssid name but his also.
  I didn't reset the machine and nothing else is on it since Apple helped me change to my name and Admin Account. I didn't want to mess up my system by removing the previous owners. I have my own Keychain password so that isn't a problem.
  Keychain will probably ask for my password the next time I open after this correct?
  Thanks.

  The first thing to do with a second-hand computer is to erase the internal drive and install a clean copy of OS X. You — not the previous owner — must do that. How you do it depends on the model, and on whether you already own another Mac. If you're not sure of the model, enter the serial number on this page. Then find the model on this page to see what OS version was originally installed.
  1a. If you don't own another Mac
  If the machine shipped with OS X 10.4 or 10.5, you need a boxed and shrink-wrapped retail Snow Leopard (OS X 10.6) installation disc from the Apple Store or a reputable reseller — not from eBay or anything of the kind. If the machine has less than 1 GB of memory, you'll need to add more in order to install 10.6. Preferably, install as much memory as it can take, according to the technical specifications.
  If the machine shipped with OS X 10.6, you need the installation media that came with it: gray installation discs, or a USB flash drive for some MacBook Air models. For early MBA models, you may need a USB optical drive or Remote Disc. You should have received the media from the previous owner, but if you didn't, order replacements from Apple. A retail disc, or the gray discs from another model, will not work.
  To boot from an optical disc or a flash drive, insert it, then reboot and hold down the C key at the startup chime. Release the key when you see the gray Apple logo on the screen.
  If the machine shipped with OS X 10.7 or later, you don't need media. It should boot into Internet Recovery mode when you hold down the key combination option-command-R at the startup chime. Release the keys when you see a spinning globe.
  1b. If you do own another Mac
  If you already own another Mac that was upgraded in the App Store to the version of OS X that you want to install, and if the new Mac is compatible with it, then you can install it. Use Recovery Disk Assistant to create a bootable USB device and boot the new Mac from it by holding down the C key at the startup chime. Alternatively, if you have a Time Machine backup of OS X 10.7.3 or later on an external hard drive (not a Time Capsule or other network device), you can boot from that by holding down the option key and selecting it from the row of icons that appears. Note that if your other Mac was never upgraded in the App Store, you can't use this method.
  2. Partition and install OS X
  If you see a lock screen when trying to boot from installation media or in Recovery mode, then a firmware password was set by the previous owner, or the machine was remotely locked via iCloud. You'll either have to contact the owner or take the machine to an Apple Store or another authorized service provider to be unlocked. You may be asked for proof of ownership.
  Launch Disk Utility and select the icon of the internal drive — not any of the volume icons nested beneath it. In thePartition tab, select the default options: a GUID partition table with one data volume in Mac OS Extended (Journaled) format. This operation will permanently remove all existing data on the drive.
  After partitioning, quit Disk Utility and run the OS X Installer. You will need the Apple ID and password that you used to upgrade. When the installation is done, the system will automatically reboot into the Setup Assistant, which will prompt you to transfer the data from another Mac, its backups, or from a Windows computer. If you have any data to transfer, this is usually the best time to do it.
  Then run Software Update and install all available system updates from Apple. To upgrade to a major version of OS X newer than 10.6, get it from the Mac App Store. Note that you can't keep an upgraded version that was installed by the previous owner. He or she can't legally transfer it to you, and without the Apple ID you won't be able to update it in Software Update or reinstall, if that becomes necessary. The same goes for any App Store products that the previous owner installed — you have to repurchase them.
  3. Other issues
  If the previous owner "accepted" the bundled iLife applications (iPhoto, iMovie, and Garage Band) in the App Store so that he or she could update them, then they're linked to that Apple ID and you won't be able to download them without buying them. Reportedly, Mac App Store Customer Service has sometimes issued redemption codes for these apps to second owners who asked.
  If the previous owner didn't deauthorize the computer in the iTunes Store under his Apple ID, you wont be able to  authorize it immediately under your ID. In that case, you'll either have to wait up to 90 days or contact iTunes Support.
  When trying to create a new iCloud account, you might get a failure message: "Account limit reached." Apple imposes a lifetime limit of three iCloud account setups per device. Erasing the device does not reset the limit. You can still use an account that was created on another device, but you won't be able to create a new one. Contact iCloud Support for more information.

• Can you install a password so that the user of the phone cannot unblock contacts. I do not want certain people contacting my daughter.

  Can you install a password so that the user of the phone cannot unblock  blocked contacts. I do not want my daughter to be contacted by certain people. I also do not want her to be able to contact them.

  The real problem is that whatever you do will only affect that phone.  If she really wants to contact them she could use ANY phone.

• Provision UserID/Password from SAP Ssyetm to Non-SAP System

  Hi,
  I have a requirement to be able to provision UserID & Password from a SAP ECC6 system to a non-SAP thick client application.  All interactions between ECC6 & the non-SAP Application will be via SAP PI.  (SAP EEC6 <-> SAP PI <-> Non-SAP App) 
  Our landscape includes:
  SAP ECC6
  SAP BI
  SAP PI
  SAP SOLMAN
  SAP Portal
  non-SAP App
  SAP IdM has been ruled out due to budget constraints, Active Directory is not suitable due to the requirement that the non-SAP application must be able to authenticate users if the WAN/LAN is down.
  Yes, we could simply maintain the users in both systems, but for the time being that has been deemed not appropriate.
  I have thought about using CUA on SOLMAN to provision to the SAP Systems & then use SAP PI somehow to provision to the non-SAP App, but I have no idea how to pass the raw user password through SAP PI.
  If anyone has any ideas or can point me to links where I can do further research would be much appreciated.
  Thanks in advance,
  Stephen Hall

  The search term "password AND synchronize" will help you further to find "flamewars" from the past.
  You cannot send "raw" passwords from CUA, as the password is represented by a "one way" hash which is not decryptable by mortals, but rather the "raw" password is encrypted and the hashes are compared locally. Non-SAP systems cannot do this... (bar trial-and-error).
  A better option would be to use a SSO mechanism. This is very easy within SAP.
  For bi-directional authentication with non-SAP you will face some challanges...
  The easiest option is to re-use a PKI certificate based authentication or re-use the native Kerberos authentication available for Windows bases PCs.
  In the SAP --> non-SAP direction you can consider using a verification library to extract the user name - but that is not "state of the art" and if such a UID should be encrypted then have fun...
  In the non-SAP --> SAP direction you are best off forgeting about the infrastructure trust or worste-case-scenario is a password sync. Rather re-authenticate the caller using a realm which already exist.
  Active Directory is not suitable due to the requirement that the non-SAP application must be able to authenticate users if the WAN/LAN is down.
  I would consider an application specific password self-service as a failover only and go for the AD or an "identity provider" which your applications trust as a service.
  If your AD or entire network goes down you will probably be in bigger trouble than passwords... so you should not expose "raw" passwords during normal operations for this eventuality...
  Cheers,
  Julius

• DAC server start-up error and Can't authenticate user

  HI,
       we have installed DAC server in Linux machine and client on windows. By using DAC client we restored the backup of DAC repository, DAC client was working fine still restoration and after restoring it’s not logging in. It throws error like "Can't authenticate user"
  while starting DAC services in Unix server it throws an error like
  ANOMALY INFO An exception occurred. Shutting down server...
  MESSAGE:::/u01/DAC/jdk/jre/lib/i386/xawt/libmawt.so: libXext.so.6: cannot open shared object file: No such file or directory
  EXCEPTION CLASS::: java.lang.UnsatisfiedLinkError
  Note: since DAC client is not separately available for windows we have installed dac server also and while installing and after installing we never configured to connect to the dac server which is in Linux, we have configured only DB.
  we have successfully installed OBIEE, Informatica, and DAC version is 10.1.3.4.1.
  How to start the DAC services?
  How to configure dac client to connect to DAC server and how to solve this "Can't authenticate user" issue?
  Pls help in this regard.
  Thanks in advance.

  EddyLau wrote:
  Hi,
  I encounter the "Can't authenticate user" error in DAC first setup after installation when it prompt up to ask for setting up administrator id and password.
  here's my sql statement to create database schema for dac in oracle database.
  grant dba, connect, resource, create view, create session to SSE_ROLE;
  create user DEV_DAC identified by "password";
  grant DEV_DAC to SSE_ROLE;
  grant dba, connect, resource, create view, create session, grant any role to DEV_DAC;
  I tried dropping the data schema and create it again but still fail to authenticate.
  did I grant enough privileges to the database schema?
  Please help.
  Thanks,
  EddyLogin to DEV_DAC using the credentials from SQL Developer or sql
  Then do select * from W_ETL_USER -- here you will see 2 Administrator id's listed
  now run the command Delete From W_ETL_USER
  Now login to dac client with Administrator and pwd which you have set earlier.
  Mark as helpful or correct if it helps
  Thanks,
  RM

• Can we send .csv file from sap srm system to sap pi?

  Hi Experts,
  we have 3 options send the data from sap systems to sap pi.i. e.proxy,idoc and rfc only
  How can we send .csv file from sap srm to sap pi?
  Regards,
  Anjan

  Anjan
  As you know SAP SRM and SAP PI are different boxes.
  *_Option 1:_*
  we need a shared AL11 directory in between SAP SRM and SAP PI (Ask basis to setup shared folder). Place / Populate the file in the folder from SAP SRM and then it can be picked through sender file communication channel.
  In this case you (Basis team) will share one folder which is visible from the AL11 transaction of both the systems (SRM and PI). You will drop .csv file using some report or program from SRM at this location and from PI you can read that file using File communication channel (NFS mode).
  Option 2:
  Setup a FTP at SRM environment and expose some folder which can be accessible from PI. Use sender file communication channel at PI end to pick the file.
  You can use this option incase sharing of folder is not possible (due to network / other constrains). Here FTP server is required to expose any folder as FTP so as it can be accessible from internet (remote location). You need to expose some folder at SRM machine.  You will drop .csv file using some report or program from SRM at this location. Now PI can fetch the file from that location using  sender file communication channel (FTP Mode) providing user credentials.
  Hope it clears now.
  Regards
  Raj

• API's need to authenticate users while integrating SAP with ms ADS

  Hi
           Can anybody send me some code samples to authenticate users while integrating SAP with Microsoft ADS.Do suggest the methods(or API's) through which this authentication can be achieved.
  thanks in advance
  regards
  Yogalakshmi

  Hello Yogalakshmi,
  you should not crosspost. Please let us keep the discussion in the original topic:
  <a href="https://forums.sdn.sap.com/thread.jspa?threadID=73100&tstart=0">how to integrate SAP with Microsoft ADS</a>
  Regards
  Gregor

• How can i autoforward that mail from SAP INBOX to the outlook

  Hi ,
  My Requirement is that,
  I have to send an email to outlook, whenever PO Created in SRM System
  I have created  custom workflow, i have added a sendmailtask step, i given the SAP userid to send SAP Mail to the user.
  It is sending SAP Mail to the User to his inbox perfectly.
  Now, how can i autoforward that mail from SAP INBOX to the outlook. This is has to work for all users.
  Please give some suggestions. ot it can be achived any other way.
  Note: This is Email Message not a workitem.
  I have doubt that RSWW program will work only for workitems.*
  Thanks & Regards,
  Suresh.

  Hi ST,
  what I understand from your requirement is that you are able to send messages using SendMail Step to SAP Inbox and now you want it to be sent to users Outlook.
  Here you need to create a container which would store users email address of Outlook (which would be stored in SU01 or in a ztable), use this container in your Send Mail step and in the Recepient Type as email.
  Hope it helps.
  Aditya

• How to change user password from default realm programaticaly

  Hello,
  I would like to know if there are any ways to change a users password from a file
  realm through java classes ie . programaticaly.

  Thank you for the support.
  After looking at the code, I noticed RealmManager is not documented in the BEA
  Javadocs. Am I missing something or is it not documented. Lot of other methods
  also not documented. Do you have the latest Javadocs?
  Thanks
  John
  "Tom Moreau" <[email protected]> wrote:
  >
  See message #4589 - it posts the code magic needed
  to change the password. The caller doesn't have to
  be aware of which realm is being used - that's taken
  care of for you.
  -Tom
  "John M" <[email protected]> wrote:
  Hello,
  I would like to know if there are any ways to change a users passwordfrom
  a file
  realm through java classes ie . programaticaly.

• How can you move the objects from one server to another?

  how can you move the objects from one server to another?

  Hi,
  Collecting objects for Transporting
  1. rsa1->transport connection
  2. left panel choose 'object type', middle panel choose 'infocube' and 'select objects'
  3. then choose your infocube and 'transfer'
  4. will go to right panel, choose collection mode 'manual' and grouping only 'necessary objects'
  5. after objects collection finished, create request
  6. If they are $TMP, then change the package.
  7. When you click the Save on the change package, it will prompt for transport. Here you can provide an existing open transport request number, or if you like here itself you can create a new one.
  8. You can check the request in SE09 to confirm.
  Releasing Transport Request  
  Lets say you are transporting from BWD to BWQ
  Step 1: In BWD go to TCode SE10
  Step 2: Find the request and release it (Truck Icon or option can be found by right click on request #)
  Note: First release the child request and then the parent request
  Steps below are to import transport (generally done by basis )
  Step 1: In BWQ go to Tcode STMS
  Step 2: Click on Import queue button
  Step 3: Double Click on the line which says BWQ (or the system into which transport has to be imported)
  Step 4: Click on refresh button
  Step 5: High light the trasnport request and import it (using the truck icon)
  Transport
  http://help.sap.com/saphelp_nw2004s/helpdata/en/b5/1d733b73a8f706e10000000a11402f/frameset.htm
  http://help.sap.com/saphelp_nw70/helpdata/en/0b/5ee7377a98c17fe10000009b38f842/frameset.htm
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/media/uuid/224381ad-0701-0010-dcb5-d74236082bff
  Hope this helps.
  thanks,
  JituK

• HT5624 how can you get your password sent to your email address I do not want to change my password.

  How can you get your password sent to your email address I do not want to change my password.

  If you cannot remember the passcode for the Screen Lock, you will need to Restore the device...
  1)  Connect to iTunes on the computer you usually Sync with and Restore...
  http://support.apple.com/kb/HT1414
  2)  If necessary Place the Device into Recovery mode...
  http://support.apple.com/kb/ht4097
  Note on Recovery Mode.
  You may need to try this More than Once...  Be sure to Follow ALL the Steps...
  Once you have Recovered your Device...
  Re-Sync your Content or Restore from the most recent Backup...
  Restore from Backup  >  http://support.apple.com/kb/ht1766