CE565/CE7325 with MS LDAP Auth - Problem

Similar Messages

• Heap Problem with weblogic.security.auth.login.PasswordCredential

  Hello,
  I am calling EJB's from a Tomcat 6.0.20. The EJB's are contained on a Weblogic 10 mp2. For getting EJBHome, I'm using the following InitialContext-Call:
  EJBHome home = null;
  try
  Properties initialContextProperties = new Properties();
  initialContextProps.put(InitialContext.INITIAL_CONTEXT_FACTORY, initialContextFactory);
  initialContextProps.put(InitialContext.SECURITY_PRINCIPAL, username);
  initialContextProps.put(InitialContext.SECURITY_CREDENTIALS, password);
  initialContextProps.put(InitialContext.PROVIDER_URL, url);
  initialContext = new InitialContext(initialContextProps);
  Object objref = this.initialContext.lookup(jndiHomeName);
  home = (EJBHome) PortableRemoteObject.narrow(objref, narrowClass);
  finally
  if ( initialContext != null )
  try
  initialContext.close();
  catch(Throwable t)
  return home;
  The Problem is, that after a bulk test on the tomcat (Xmx=256MB), 200MB are filled with 1.500.000 instances of the following class:
  weblogic.security.auth.login.PasswordCredential
  Has somebody an idea how to remove these classes from tomcat heap, because now the result is an OutOfMemory?
  Best regards,
  sebbay

  Hi,
  The authenticate method would take the user and the password details from the environment
  (env) that is passed and after successful authentication would populate the subject with
  the principals (i.e user, group the user belongs to ..)
  It should work with any user that is defined in the WLS not just weblogic/weblogic.
  Do you have any other users defined and which group do they belong to?
  Vimala
  Khalid Rizvi wrote:
  I am playing (learning) with weblogic.security.auth.login.UsernamePasswordLoginModule
  as a LoginModule using JAAS based authentication. Surprisingly, the only userid
  and password combination acceptable is uid=weblogic, pw=weblogic combination.
  I went through and looked at the example code under
  http://e-docs.bea.com/wls/docs70/security/cli_apps.html#1042212. I found that
  the UsernamePasswordLoginModule.login calls into
  if (url != null) {
  Environment env = new Environment();
  env.setProviderUrl(url);
  env.setSecurityPrincipal(username);
  env.setSecurityCredentials(password);
  try {
  Authenticate.authenticate(env, subject);
  Seems like UsernamePasswordLoginModule only is a router, as it instantiates an
  instance of Environemt using the userid and password and passes this Environemtn
  instance (env) to Authenticate.authenticate along with the empty Subject instance.
  I read about that the Subject instance will be filled in with Principals by the
  WL Server.
  My question is that firstly,
  1. As Authenticate.authenticate is not passed in the uid and pw, will it pick
  those from the env?
  2. Secondly, why does it only accept uid=weblogic & pw=weblogic.
  I will appreciate if some one can put me in the right direction.
  Khalid R. Rizvi
  508-641-1192
  [email protected]

• Native LDAP Auth in PT 5.0.3

  I am attempting to use Native LDAP Authentication with version 5.0.3. In 5.0.2 it worked just fine, but with 5.03., log in fails. The LDAP settings are correct as confirmed by the provider validation. What do these errors mean and how do I fix them? Thanks.
  Validate ProviderSuccessfully connected to the Authentication Source.
  Here are the errors from PTSpy:
  Error Auth Source Providers LDAPProviderAuth.cpp(285) *** ERROR *** CLDAPAuthSourceProvider::LDAPGetHandle: ldap_bind_s failed with error 0x31.
  Warn Auth Source Providers LDAPProviderAuth.cpp(1030) LDAP error 0x31 (#49) description: Invalid credentials
  Warn Plumtree.dll PTSession.cpp(378) *** COM exception caught *** Error info: IDispatch error #16898 (0x80044402): [Invalid password.] (378,PTSession.cpp)
  Warn Portal UI - Infrastructure com.plumtree.uiinfrastructure.login.LoginHelper.InternalAttemptLogin() Unable to log in user Intranet/bottt: The user name, password, or authentication source entered is not recognized. Re-enter your login information below. Passwords are case sensitive._com.plumtree.openfoundation.util.XPException_ at com.plumtree.server.CIPTSession.Connect(String UserNameOrID, String Password, Object SecurityProviderInfo) at com.plumtree.portaluiinfrastructure.login.PTLoginHelper.internalLogin(String sUserName, String sPassword, String sLoginToken, Object token, Boolean bUseNumericConnect, Boolean bGuestLogin, ISessionManager subSession, IApplication application, String sRequestURL) at System.Environment.GetStackTrace(Exception e) at System.Environment.GetStackTrace(Exception e) at System.Environment.get_StackTrace() at com.plumtree.openfoundation.util.XPException.GetInstance(Exception e) at com.plumtree.portaluiinfrastructure.login.PTLoginHelper.internalLogin(String sUserName, String sPassword, String sLoginToken, Object token, Boolean bUseNumericConnect, Boolean bGuestLogin, ISessionManager subSession, IApplication application, String sRequestURL) at com.plumtree.portaluiinfrastructure.login.PTLoginHelper.AttemptLogin(String sUserName, String sPassword, Object token, Boolean bUseNumericConnect, ISessionManager subSession, IApplication application, String sRequestURL) at com.plumtree.uiinfrastructure.login.LoginHelper.InternalAttemptLogin(String strUserName, String strPassword, Object token, Boolean bUseNumericConnect, Boolean bGuestLogin, ISessionManager subSession, IApplication application, String strRequestURL, IXPRequest request, IWebData webData) at com.plumtree.uiinfrastructure.login.LoginHelper.AttemptLogin(String strUserName, String strPassword, Object token, Boolean bUseNumericConnect, ISessionManager subSession, IApplication application, String strRequestURL, IXPRequest request, IWebData webData) at com.plumtree.uiinfrastructure.login.LoginHelper.AttemptLogin(String strUserName, String strPassword, Object token, Boolean bUseNumericConnect, AActivitySpace asOwner, IXPRequest request, IWebData webData) at com.plumtree.portalpages.browsing.login.LoginModel.attemptLogin(IXPRequest request, IWebData webData) at com.plumtree.portalpages.browsing.login.LoginControl.CheckActionSecurityAndExecute(XPHashtable arguments) at com.plumtree.uiinfrastructure.activityspace.Interpreter.HandleRequest(IXPRequest request, IXPResponse response, ISessionManager session, IApplication application) at com.plumtree.uiinfrastructure.activityspace.Interpreter.DoService(IXPRequest request, IXPResponse response, ISessionManager session, IApplication application) at com.plumtree.uiinfrastructure.web.XPPage.Service(HttpRequest httpRequest, HttpResponse httpResponse, HttpSessionState httpSession, HttpApplicationState httpApplication) at com.plumtree.portaluiinfrastructure.activityspace.PlumHandler.ProcessRequest(HttpContext context) at System.Web.CallHandlerExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) at System.Web.HttpApplication.ResumeSteps(Exception error) at System.Web.HttpApplication.System.Web.IHttpAsyncHandler.BeginProcessRequest(HttpContext context, AsyncCallback cb, Object extraData) at System.Web.HttpRuntime.ProcessRequestInternal(HttpWorkerRequest wr) at System.Web.HttpRuntime.ProcessRequest(HttpWorkerRequest wr) at System.Web.Hosting.ISAPIRuntime.ProcessRequest(IntPtr ecb, Int32 iWRType)

  Hey Jennifer,To clarify - there are two different security modes settings being discussed:
  Portal Security Mode - set in x_config.xml in your portal home directory, looks like this:<Security> <SecurityMode value="0"/></Security>This setting allows you to put your portal into HTTP, HTTPS, or SSL Accelerator modes.LDAP Authentication Source security mode - set in the LDAP Authentication Source Editor in the administrative hierarchy. This setting defines how the portal talks to your remote LDAP Server. If it is set to mode 1, we use the LDAP protocol. If set to 2, we use the LDAPS protocol, which uses TLS/SSL to encrypt communication between your LDAP Server and portal. This is a security measure that some customedrs require, while most don't use.The later setting is no longer supported in 5.0.2 and on, we suggest that users that need SSL between their portal and LDAP server use the new LDAP AWS product that was released around the time of 5.0.3. The LDAP AWS uses Java and JNDI technology to interact with remote LDAP servers, where as our native LDAP Authentication Source uses a Netscape library for communication with the remote LDAP server. This netscape library has been found to be unstable and detrimental to Portal performance, hence it was de-supported when the LDAP AWS became available.
  Based on your message, I'm guessing you thought I meant the Netscape browser could not use portalsecurity mode 2. There is no such bug, all portal security modes are supported as far as I know. Your project should work just fine, drop us a line if you have any problems.
  -Akash

• SSO with Custom LDAP

  This is the landscape :-
  Web Application / Portal at Oracle Web Center Suite (WCS).
  SAP BO 4.0
  Authentication using Custom LDAP & SSO with Trusted Authentication.
  Used OpenLDAP for authentication via RadiantOne VDS as the proxy.
  Activities :
  Authenticate the BO users with OpenLDAP via RadiantOne.
  Synchronize the BO user group from OpenLDAP via RadiantOne.
  Used openDocument.jsp to open WEBI reports.
  Problems :
  We configure the LDAP as Custom. Attributes mapping as default.
  When BOE trying to connect the RadiantOne VDS & create user u201Cuser01u201D which already exists in the OpenLDAP server. It throws the exception :
  "An internal error has occurred in the secLdap plugin.u201D
  When trying to create user that does not exist in LDAP. It throws the exception :
  u201CThe secLdap plugin failed to get the dn for the user notuser.u201D
  Please advise us how to resolved this internal error if we want to SSO with custom LDAP !!
  Thanks & regards,
  Herries E

  Hi,
  Herrie, Roland is correct, OpenLDAP is not supported and you can run into problems if you want to escalate issues in the future. The customer must have that into account.
  However, LDAP is pretty standard and usually you just need to make sure that the attribute mappings is correct.
  Are users correctly created when you map an LDAP group?
  Are you able to manually authenticate using LDAP? You can use the CMC page and select authentication LDAP
  When you have confirmed that LDAP manual authentication is working, you can set up Trusted Authentication. Check first that the system is working just using QUERY_STRING:
  https://service.sap.com/sap/support/notes/1593628
  When trusted auth is confirmed to work, you can configure the parameters that Radiant users to pass the user: cookies, web session, etc.
  Regards,
  Julian

• LDAP Auth Error ccmuser web access

  Hi,
  I have a CUCM v9.1 with an issue for access to the ccmuser web page using the AD Credentials, I've configured the LDAP Auth in the CUCM with no error messages and also the web access for my users like this:
  When I access the site http://cucm_ip_add/ccmuser first I get this message:
  After that I try to log into to the web page but I get this error:
  I have no issues importing the users, the problem is with the authentication.
  I've checked the ldap port and I'm not using global catalog so the correct one is 389 (tried 3268 and I got an error message from the cucm ldap authentication config page).
  Any ideas guys??
  Thanks in advance.

  One commone one is that CUCM treats the username field as case sensitive. Does it have any upper case characters? You can see this within /ccmadmin under End User Configuration.
  If that's not it, either a Wireshark of the LDAP bind or a stare/compare between your sync agreement and the auth config to see why one can get the user object but the other cannot bind as that person.
  Please remember to rate helpful responses and identify helpful or correct answers.

• WL6.0 LDAP Realm problems

  I'm trying out WL6.0 (eval version) LDAP realm support and having trouble
  getting it to work - basic auth just keeps popping the window up 3 times and
  then giving up. Only pertinent message in the log is:
  ####<Mar 16, 2001 12:03:21 PM EST> <Info> <Security> <FOOBAR>
  <examplesServer> <ExecuteThread: '11' for queue: 'default'> <> <> <090021>
  <Locking account, user jdoe.>
  No obvious LDAP info or errors in the log, despite adding the following two
  to the startup script cmd line and restarting the server:
  -Dweblogic.security.realm.debug=true -Dweblogic.security.ldaprealm.verbose=t
  rue
  The HTTP basic-auth dialog box is correctly showing me that I'm trying to
  authenticate to: MyLDAPRealm
  Here's the config info for MyLDAPRealm
  <LDAPRealm AuthProtocol="simple"
  Credential="myserverpasswd"
  GroupDN="o=mycompany,c=us" GroupIsContext="false" GroupNameAttribute="cn"
  GroupUsernameAttribute="uniquemember"
  LDAPURL="ldap://tug:390"
  Name="MyLDAPRealm"
  Principal="cn=myserver,ou=myserverstuff,o=mycompany,c=US"
  UserAuthentication="local"
  UserDN="o=mycompany,c=us" UserNameAttribute="uid"/>
  It's a Netscape 4.1 Directory server, and I've verified that the above
  server account exists AND can authenticate and retrieve account
  userpasswords (yes, the server account is "cn=" while the user accounts are
  "uid=" - don't ask :-)....
  I've tried both "bind" and "local" and get the same results both ways.
  Any ideas???

  Did you use the most recent ldap patch? I could not get it to work fine
  with the default wls6.0sp1, but with the ldap-patch it works fine.
  AND probably even more important... change
  <Realm FileRealm="..." Name=".....">
  to
  <Realm CachingRealm"MyCachingRealm" FileRealm="..." Name=".....">
  Hope this helps...
  Ronald
  Sushil Pulikkal wrote:
  Hi Tom,
  I am using iPlanet Directory server with WL6.0 (which I presume is supported as
  Netscape's is) and facing the same problem as Mike was i.e account locking after
  three attempts(bottom of the message). I have created my own caching realm with
  the basic realm being MyLDAPRealm.
  The log gives no info other than the one about account locking.
  My config.xml looks something like this -
  <CachingRealm BasicRealm="MyLDAPRealm" CacheCaseSensitive="true" Name="MyCachingRealm"/>
  <PasswordPolicy Name="wl_default_password_policy"/>
  <LDAPRealm AuthProtocol="simple" Credential="enslaved"
  GroupDN="ou=Aussies,dc=timerasolutions,dc=com"
  GroupUsernameAttribute="uniquemember"
  LDAPURL="ldap://DJ-SUSHILP.timerasolutions.com:389"
  Name="MyLDAPRealm"
  Principal="uid=admin, ou=Administrators,
  ou=TopologyManagement, o=NetscapeRoot"
  UserAuthentication="bind"
  UserDN="ou=Aussies,dc=timerasolutions,dc=com"
  UserNameAttribute="uid"/>
  The browser window does pop up, but the user id doesn't get authenticated. Is
  there a way to know whether WLS is actually going to the LDAP server for authentication?
  Any insight into this?
  Thanks in advance,
  Sushil
  "Tom Moreau" <[email protected]> wrote:
  Mike,
  I haven't had any trouble getting the LDAPRealm to work
  in WLS 6.0. Could it be that while you've created the LDAPRealmMBean,
  you haven't told WLS to use it?
  In other words, you can create many realm configurations then
  you need to activate the one you want. If you haven't, the
  we just use the file realm. The file realm won't be able
  to authenticate you (since you put the info in LDAP!) and
  after 3 failures, will lock out the account.
  The instructions for selecting the realm are at:
  http://e-docs.bea.com/wls/docs60/adminguide/index.html
  See:
  12. Managing Security
  Specifying a Security Realm
  Configuring the Caching Realm
  The basic idea is:
  1) create your LDAP Realm (you've already done this)
  2) create a CachingRealm
  3) set the CachingRealm's BasicRealm to your LDAP Realm
  4) set the Security Realm's CachingRealm to your Caching Realm
  5) reboot
  It's pretty easy to do this through the admin console.
  Otherwise, you can edit config.xml by hand.
  Here's how:
  <Domain>
  <Security
  Name="mydomain"
  Realm="myRealm"
  />
  <Realm
  Name="myRealm"
  FileRealm="myFileRealm"
  CachingRealm="myCachingRealm"
  />
  <FileRealm
  Name="myFileRealm"
  />
  <CachingRealm
  Name="myCachingRealm"
  BasicRealm="myLDAPRealm"
  />
  <LDAPRealm
  Name="myLDAPRealm"
  />
  -Tom
  "Mike" <[email protected]> wrote:
  BTW, before someone suggests it, I found Tom Moreau's
  suggestion to use:
  <ServerDebug Name="examplesServer" DebugSecurityRealm="true"
  />
  under the <Server> element in config.xml and restarted
  with this and still
  no additional
  info from the LDAP realm printed about why it's not working
  (nothing but the
  same
  locking account message mentioend below).
  Is the source for the LDAP realm available so I can debug
  it myself or has
  anybody
  written their own LDAP realm that they'd be willing to
  share with the group?
  Thanks again,
  ...Mike
  "Mike" <[email protected]> wrote in message
  news:[email protected]...
  Ok I've verified that the -Dweblogic.security.ldaprealm.verbose
  probably
  won't
  work with 6.0 (old 5.x and previous style property),
  but I can't figure
  out
  what
  replaced it, to figure out why the LDAP realm isn't
  working for me...
  The property mapping guide at:
  http://e-docs.bea.com/wls/docs60///////config_xml/properties.html
  shows that things like weblogic.security.ldaprealm.url
  changed to LDAPURL in config.xml (without telling
  you that this resides as an XML attribute of
  <Domain><LDAPRealm ... /></Domain> although that's
  easy enough to find by looking through the example
  LDAP realm.
  It then says that weblogic.security.ldaprealm.verbose
  has changed to "Debug" in config.xml, but doesn't
  say whether that's a "Debug" XML attribute on one
  of the XML elements in there, or whether it's an
  XML node itself, or where in the config.xml doc
  it goes... It doesn't work as an attribute of
  <LDAPRealm ...> (server won't start with it there)
  and it doesn't show up at all in the DTD for config.xml
  so I'm assuming the mapping doc at the above url is
  wrong. Anybody know what this really became in 6.0?
  I've tried setting StdoutDebugEnabled="true" in config.xml
  and turning the logging level all the way up to see
  everything, but even
  then all I
  get is the account locked message, not why it's failing
  to authenticate
  via
  LDAP...
  Any other ideas?
  "Mike" <[email protected]> wrote in message
  news:[email protected]...
  I'm trying out WL6.0 (eval version) LDAP realm support
  and having
  trouble
  getting it to work - basic auth just keeps popping
  the window up 3 times
  and
  then giving up. Only pertinent message in the log
  is:
  ####<Mar 16, 2001 12:03:21 PM EST> <Info> <Security>
  <FOOBAR>
  <examplesServer> <ExecuteThread: '11' for queue: 'default'>
  <> <>
  <090021>
  <Locking account, user jdoe.>
  No obvious LDAP info or errors in the log, despite
  adding the following
  two
  to the startup script cmd line and restarting the
  server:
  -Dweblogic.security.realm.debug=true -Dweblogic.security.ldaprealm.verbose
  =t
  rue
  The HTTP basic-auth dialog box is correctly showing
  me that I'm trying
  to
  authenticate to: MyLDAPRealm
  Here's the config info for MyLDAPRealm
  <LDAPRealm AuthProtocol="simple"
  Credential="myserverpasswd"
  GroupDN="o=mycompany,c=us" GroupIsContext="false"
  GroupNameAttribute="cn"
  GroupUsernameAttribute="uniquemember"
  LDAPURL="ldap://tug:390"
  Name="MyLDAPRealm"
  Principal="cn=myserver,ou=myserverstuff,o=mycompany,c=US"
  UserAuthentication="local"
  UserDN="o=mycompany,c=us" UserNameAttribute="uid"/>
  It's a Netscape 4.1 Directory server, and I've verified
  that the above
  server account exists AND can authenticate and retrieve
  account
  userpasswords (yes, the server account is "cn=" while
  the user accounts
  are
  "uid=" - don't ask :-)....
  I've tried both "bind" and "local" and get the same
  results both ways.
  Any ideas???

• LDAP Auth Rewrite Rule in Mapping file

  Hi,
  We are trying to set LDAP Auth Rewrite rule in mapping file to get users First Name & Last Name or Display name & Mail Address from LDAP Server instead of users individual client settings.
  In Messaging 5.2 we had the follwoing setting, but it does not work any more for Messaging 6.2:
  LDAP Auth Rewrite Entry in mapping file:
  AUTH_REWRITE
  *|*|*|*@* $]ldap:///dir1.domain.com:389/o=domain.com?cn?sub?(uid=$3)[$ <$]ldap:///dir1.domain.com:389/o=domain.com?mail?sub?(uid=$3)[>$Z
  We are running:
  Sun Java(tm) System Messaging Server 6.2-3.04 (built Jul 15 2005)
  libimta.so 6.2-3.04 (built 01:43:03, Jul 15 2005)
  SunOS mta 5.10 Generic_118833-03 sun4u sparc SUNW,Sun-Fire-V240
  ll appreciate for any help or clue
  Thanks

  Thanks Jay,
  Well, here is what we want to achieve.
  We are looking for re-writing the FROM address of Sender against the LDAP Entry as cn <[email protected]>. This should solve problem of where users have entered wrong FROM information on their clients or trying to spoof FROM address to other users.
  Currently, The system delivers e-mail with FROM headers as per client entry instead of re-writing it against AUTHENTICATED userid.
  Following is the IMTA.CNF and MAPPINGS lines:
  IMTA.CNF
  ! ims-ms
  ims-ms defragment subdirs 20 notices 1 3 backoff "pt5m" "pt10m" "pt30m" "pt1h" "pt2h" "pt4h" maxjobs 2 pool IMS_POOL fileinto
  $U+$S@$D
  ! tcp_local
  tcp_local smtp mx single_sys remotehost inner switchchannel identnonenumeric subdirs 20 maxjobs 7 pool SMTP_POOL maytlsserver
  maysaslserver saslswitchchannel tcp_auth missingrecipientpolicy 0 mailfromdnsverify dropblank vrfyhide
  ! tcp_intranet
  tcp_intranet smtp mx single_sys subdirs 20 dequeue_removeroute maxjobs 7 pool SMTP_POOL maytlsserver allowswitchchannel sasls
  witchchannel tcp_auth missingrecipientpolicy 4 mailfromdnsverify dropblank vrfyhide
  ! tcp_extranet
  tcp_extranet smtp mx single_sys subdirs 20 noreverse maxjobs 7 pool SMTP_POOL mustsaslserver allowswitchchannel saslswitchcha
  nnel tcp_auth vrfyhide dropblank mailfromdnsverify dropblank missingrecipientpolicy 4
  ! tcp_submit
  tcp_submit submit smtp mx single_sys mustsaslserver maytlsserver missingrecipientpolicy 4
  ! tcp_auth
  tcp_auth smtp mx single_sys mustsaslserver missingrecipientpolicy 4 authrewrite 3
  MAPPINGS file
  AUTH_REWRITE
  *|*|*|*@* $]ldap:///dir.domain.edu:389/o=domain.edu,dc=domain,dc=edu?cn?sub?(uid=$3)[$ <$]ldap:///dir.domain.edu:389
  /o=domain.edu,dc=domain,dc=edu?mail?sub?(uid=$3)[>$Z
  Thanks for your help

• LDAP auth & limit logins per host

  I'm using LDAP auth. using ldapclient init to setup the ldap auth. Have a SunOne LDAP server.
  I'm interested in doing auth filters - like what Linux does with PAM. I've got PAM_LDAP to work, but since Sun does not use the OpenLDAP convention of /etc/ldap.conf - I can't setup the nss_user filters in there or nss_base_passwd dc=....
  does anyone know how to do this in Solaris? Can I enter something into the ldap_cred file? I tried to do a serviceSearchDescriptor and put passwd:dc=x,dc=y?one?(|(uid=x)(uid=y)) in the ldapCredFile but that gave me a search filter error
  I really do not want to use NetGroups.
  Thanks in advance. I have seem a few posts for this questions but no real answers.
  I can't believe that there is no way to do this...

  I actually was able to solve my problem. What I did was the following
  in my profile setup in the LDAP server I set
  servieSearchDescriptor: passwd:dc=x,dc=y,dc=x?sub?|(attribute1=value)(attribute2=value)
  This makes the password lookup look for the user only if a subsearch (sub) matches the attributes above.
  For example - I could limit logins to only the people who have a shell=/bin/bash by saying ...sub?|(loginShell=/bin/bash)(loginShell=/usr/bin/bash)
  I would also want to make a similar serviceSearchDescriptor line for shadow. So I would have two of these in my Profile on the LDAP server , one with passwd: and one with shadow:

• ITunes auth problem on Windows 7 64-bit

  Hi,
  I experience weird issues with the iTunes auth-process on a Windows 7 (64bit) machine.
  When I try to authorize my computer it results in a message telling me something about connection issues. Anyhow, it seems the computer is kind of activated since I can deauth my computer. If I try auth'in my computer several times, it also allows to deauth it several times until it says that it is not auth'd anymore.
  My tries so far to solve this
  - updated to latest iTunes
  - deactivated, even uninstalled firewall (used NIS2011), also disabled the Windows Firewall after that
  - checked hosts file
  - deleted SC Info
  - even tried with creating new library
  - disabled User Access Control in Windows
  - disabled all startup items in "msconfig"
  - tried to activate with same account a different computer in the same network, I was able to play movies using the private home sharing feature, also activation was no problem
  - re-installed Apple Software (including iTunes, Quicktime and Safari)
  - checked Diagnostic within iTunes with no problems
  So my guess is that it could have something to do with 64 bit or any hard- or software related issue at my computers side.
  Detailed procedure:
  1 - Start iTunes, click Store > Authorize > Enter credentials
  and now the weird thing is that the "authorize" button says "deauthorize", no matter how often I try to deauthorize before.
  2 - Repeated step 1 since it says always the same error message (connectivity alert)
  3 - Playback of any DRM protected media does not work (movies). It asks for authorization again but fails to do so with the same message again
  4 - Deauthorizing is possible and I noticed that I can do this as many times as I tried to authorize before.
  Does anyone have a suitable idea for helping me out in this issue? I never had problems on my mac before, nor on a Windows 7 32bit system.
  My 64 bit machine is only used with one iTunes account.
  I already contacted the iTunes Support via Mail but they could not help me since this could be a technical issue.
  Any help is much appreciated.
  Thanks in advance,
  Benjamin

  After numerous calls with Apple support, I finally got it working
  For me, the problem was the following:
  1. Make sure that Internet Explorer is your standard browser for windows (if not...make it)!
  2. In Internet Explorer go to "Internet Options" then "Advanced"
  3. In the list scroll down to "Security" and UNCHECK "Check for server certificate revocation"
  4. Make sure that (a bit further down) "Use SSL 3.0" and "Use TLS 1.0" are CHECKED.
  5. Delete the "SC Info" folder once again... 
  6. Run iTunes in Admin-Mode
  After that, I was able to activate my computer and I changed my browser back to Firefox afterwards...
  Hope that will help you too !!
  Cheers

• Buyer Account, Welcome mail with password & LDAP related query

  Hi All
  We are facing an issue with the LDAP configuration while creating Buy  side users, please see below
  If anyone of you could help, please provide your contact details or a solution to overcome this
  Background
  We have installed SAP E-Sourcing 5.1 On-premise.
  We are currently doing the post installation configuration
  -          Imported the Out of the Box enterprise Deployment Workbook (We have not modified the contents of the workbook)
  -          We have configured an SMTP mail host to send and receive all mails from the application
  Query
  Based on the enterprise Deployment Workbook, the system has created the following Directory configuration settings pointing to different LDAP system
  DISPLAY_NAME   EXTERNAL_ID
  QA SunOne 5.2 u2013 Buyside  dir.qa.sun.bs
  QA SunOne 5.2 u2013 Sellside  dir.qa.sun.ss
  QA ActiveDirectory 2003 - Buyside dir.qa.ms.bs
  QA ActiveDirectory 2003 u2013 Sellside  dir.qa.ms.ss
  QA Oracle 9.0.2 u2013 Buyside  dir.qa.ora.bs
  QA Oracle 9.0.2 u2013 Sellside  dir.qa.ora.ss
  When we are creating the Buyside users (If we use the Check Box u2013 Create Directory account), we are getting a communication error
  If we uncheck it, it creates the account but the system does not generate the welcome mail. We understand that the welcome mail has the system generated password to log-onto the application as the Buyer.
  We are also not able to create the local users, as the password.properties template isnu2019t available in the downloaded software, we donu2019t know the format thatu2019s expected by the system.
  Please let us know, if there is an alternate way to get the password even without using LDAP or Local directories.
  Incase LDAP or creation of local directory is the key, then please let us know whatu2019s happening incorrectly in our case.
  This has become a show stopper for us going any forward.
  Request your help ASAP
  Regards
  Tridip

  Hi All
  I had the same problem when I tried doing the email Set-up
  I finally realised that you need to do the configuration steps for SMTP using the enterprise user and the system user. If you have done this setting as only the system user the mails will be in Awaiting retry.
  Do this and the mails will start flowing, incase your SMTP mail server is working fine
  Please do the following settings logged in as System User and Enterprise User
  System Properties->searrch for messaging
  Set           -                Property                       -               Value                -                   Context
  messaging messaging.smtp.mailhost                replace the default with your value  System Context
  messaging messaging.smtp.port                       25                                               System Context
  Also please let me know what is the status of the messages in your Queued Messages
  This should work
  Do let me know, if it does
  Regards
  Tridip
  Edited by: Tridip Chakraborthy on May 27, 2009 11:57 AM
  Edited by: Tridip Chakraborthy on May 27, 2009 12:02 PM
  Edited by: Tridip Chakraborthy on May 27, 2009 12:02 PM

• Installing LDAP realm Problem

  Hi,
  I'm trying to configure Netsacape Directory Server 4.1 to work with the
  LDAP Security Realm Update for WebLogic Server 6.1. The Weblogic Server
  is unable to connect to NDS and there is not error message to indicate
  any exception. I have connect to the NDS using a LDAP browser using the
  same principal and credential in the ldaprealm.properties file and was
  able to establish connection.
  Has anyone encountered the same problem? Any help is appreciated.
  Thank you,
  PY

  Humm,
  I have heard of different people with the same name but with the same
  email address. Strange...
  Will the person who did the posting below please email me. You've
  already have my email address.
  Han.
  "Ng, Wey-Han" <[email protected]> wrote in message news:<[email protected]>...
  Hi,
  I'm trying to configure Netsacape Directory Server 4.1 to work with the
  LDAP Security Realm Update for WebLogic Server 6.1. The Weblogic Server
  is unable to connect to NDS and there is not error message to indicate
  any exception. I have connect to the NDS using a LDAP browser using the
  same principal and credential in the ldaprealm.properties file and was
  able to establish connection.
  Has anyone encountered the same problem? Any help is appreciated.
  Thank you,
  PY

• Integration of CQ 5.5 with open LDAP

  Hi Team,
  I am trying to integrate cq 5.5 with open ldap. i am able to see ldap entry in jmx console .
  But here the problem is the users in LDAP are not imported to CQ users.
  Below are methods in com.adobe.granite.ldap tools section in jmx console.
  [Ljava.lang.String;
  listOrphanedUsers()
  retrieves a list of users not present in the LDAP directory anymore
  java.lang.Void
  syncAllUsers()
  updates all local user informations based on the LDAP directory
  [Ljava.lang.String;
  syncUser(java.lang.String user)
  updates the local user information for a specific LDAP entry
  [Ljava.lang.String;
  syncUserList([Ljava.lang.String; userlist)
  updates the local user information for a list of LDAP entries
  [Ljava.lang.String;
  purgeUsers()
  removes the local user information for all users removed from the LDAP server
  using these methods also am unable to import my ldap users to cq.
  Please guide me on the same.
  Thanks & Regards,
  Prasad.

  please refer to the master guide available for the SRM 5.0 --> which has got details of the R/3 system which you can use with SRM 5.0.
  I have seen the guide and according to it , you can use R/3 3.1i - SAP ECC 6.0.
  and also there should be no limitation as far as i know , if you are able to use R/3 4.6B  , you should be able to use all the functionality.

• Sir i am using datasocket read ,i am communicating with java but my problem is that bcz im using while loop to see if value has changed my labview consumes all the processors time ,sir i want a event like thing so that while loop is not in continuous loop

  sir i have given lot of effort but i am not able to solve my problem either with notifiers or with occurence fn,probably i do not know how to use these synchronisation tools.

  sir i am using datasocket read ,i am communicating with java but my problem is that bcz im using while loop to see if value has changed my labview consumes all the processors time ,sir i want a event like thing so that while loop is not in continuous loopHi Sam,
  I want to pass along a couple of tips that will get you more and better response on this list.
  1) There is an un-written rule that says more "stars" is better than just one star. Giving a one star rating will probably eliminate that responder from individuals that are willing to anser your question.
  2) If someone gives you an answer that meets your needs, reply to that answer and say that it worked.
  3) If someone suggests that you look at an example, DO IT! LV comes with a wonderful set of examples that demonstate almost all of the core functionality of LV. Familiarity with all of the LV examples will get you through about 80% of the Certified LabVIEW Developer exam.
  4) If you have a question first search the examples for something tha
  t may help you. If you can not find an example that is exactly what you want, find one that is close and post a question along the lines of "I want to do something similar to example X, how can I modify it to do Y".
  5) Some of the greatest LabVIEW minds offer there services and advice for free on this exchange. If you treat them good, they can get you through almost every challenge that can be encountered in LV.
  6) If English is not your native language, post your question in the language you favor. There is probably someone around that can help. "We're big, we're bad, we're international!"
  Trying to help,
  Welcome to the forum!
  Ben
  Ben Rayner
  I am currently active on.. MainStream Preppers
  Rayner's Ridge is under construction

• Help with add file name problem with Photoshop CS4

  Frustrating problem: Help with add file name problem with Photoshop CS4. What happens is this. When I am in PS CS4 or CS3 and run the following script it runs fine. When I am in Bridge and go to tools/photoshop/batch and run the same script it runs until it wants interaction with preference.rulerunits. How do I get it to quit doing this so I can run in batch mode? Any help is appreciated. HLower
  Script follows:
  // this script is another variation of the script addTimeStamp.js that is installed with PS7
  //Check if a document is open
  if ( documents.length > 0 )
  var originalRulerUnits = preferences.rulerUnits;
  preferences.rulerUnits = Units.INCHES;
  try
  var docRef = activeDocument;
  // Create a text layer at the front
  var myLayerRef = docRef.artLayers.add();
  myLayerRef.kind = LayerKind.TEXT;
  myLayerRef.name = "Filename";
  var myTextRef = myLayerRef.textItem;
  //Set your parameters below this line
  //If you wish to show the file extension, change the n to y in the line below, if not use n.
  var ShowExtension = "n";
  // Insert any text to appear before the filename, such as your name and copyright info between the quotes.
  //If you do not want extra text, delete between the quotes (but leave the quotes in).
  var TextBefore = "Lower© ";
  // Insert any text to appear after the filename between the quotes.
  //If you do not want extra text, delete between the quotes (but leave the quotes in).
  var TextAfter = " ";
  // Set font size in Points
  myTextRef.size = 10;
  //Set font - use GetFontName.jsx to get exact name
  myTextRef.font = "Arial";
  //Set text colour in RGB values
  var newColor = new SolidColor();
  newColor.rgb.red = 0;
  newColor.rgb.green = 0;
  newColor.rgb.blue = 0;
  myTextRef.color = newColor;
  // Set the position of the text - percentages from left first, then from top.
  myTextRef.position = new Array( 10, 99);
  // Set the Blend Mode of the Text Layer. The name must be in CAPITALS - ie change NORMAL to DIFFERENCE.
  myLayerRef.blendMode = BlendMode.NORMAL;
  // select opacity in percentage
  myLayerRef.opacity = 100;
  // The following code strips the extension and writes tha text layer. fname = file name only
  di=(docRef.name).indexOf(".");
  fname = (docRef.name).substr(0, di);
  //use extension if set
  if ( ShowExtension == "y" )
  fname = docRef.name
  myTextRef.contents = TextBefore + " " + fname + " " + TextAfter;
  catch( e )
  // An error occurred. Restore ruler units, then propagate the error back
  // to the user
  preferences.rulerUnits = originalRulerUnits;
  throw e;
  // Everything went Ok. Restore ruler units
  preferences.rulerUnits = originalRulerUnits;
  else
  alert( "You must have a document open to add the filename!" );

  you might want to try the scripting forum howard:
  http://www.adobeforums.com/webx?13@@.ef7f2cb

• Mid 2011 mbp i7 with a SSD has problems, including grey screen/blue screen/beeping/freezing when I stream live video (i.e. watch espn or time warner cable) Help? Ideas?

  Recently my Macbook Pro (June 2011, i7, 8gb RAM, 512gb SSD, AMD Radeon 6750, Mountain Lion - since July - currently 10.8.2) has been presenting me with an array of problems, usually initiated when I am streaming live video. I was streaming Time Warner Cable on 12/9 and it gave me what looked like the blue screen of death.  It started up after about five attempts that time. The other day, after about a week of not using the computer, it wouldn't boot past the grey screen. I (option) started it and it gave me two boot choices, the regular HD and a "10.8 restore" option.  The HD gave me the grey screen and the restore option gave me the dark blue screen. I reset PRAM and that didn't work.  After a force (x) start it worked.  Today, I was using "Watch ESPN" and the screen froze and the computer did some kind of repeating RAM beep or something.  I rebooted and it started up fine.  I'm not watching any videos anymore, but this is a problem since the primary purpose for my mbp is video editing. I'm still under AppleCare but I find more solid answers in the forums or at least better questions for the AppleCare people.
  Anybody have similar experiences, or a solid idea of what the heck has happened to my machine?

  I'm not really sure what method that person was talking about. I just read he had a successful install so I posted it.
  But I'll hazard a guess
  1. copy your entire drive to a backup drive
  2. boot into that drive and test it out - make sure its a flawless backup, it works, and the hard drive has no problems
  3. eject that drive, disconnect it and reboot into the leopard install dvd
  4. erase your main hard drive using disc utilities on the leopard install dvd -- you've made a backup, made sure that backup was good, and disconnected it so it's currently safely disconnected from the leopard install you're about to do. Also, on the hard drive you're erasing and installing leopard on to, many people recommend "Zeroing" it as well as erasing it. That option is part of the erase function in disc utilities on the leopard install disc.
  5. do a clean install of leopard
  6. follow step 4 from that original post exactly as that person described to do.
  7. read the rest of what they said
  That's pretty much it. With the backup/erase/clean install/import/ you pretty much get everything you need exactly the way you want it with very few things missing -- and you've done this over a clean install. Plus that poster did mention that you can select what you want to import from your backup hard drive.
  It sounds like its a "clean install" method that gives you control via "import from machine" option in the installer. Control over what parts of your "old mac" you want to import into your "new leopard mac".
  Hopefully that helps. It sounds more involved, but its actually pretty quick and provides you with a perfectly save backup in case anything goes wrong with the leopard install.