Certified LDAP Directories

Similar Messages

• Integrating EP with R/3, BW & third party systems such as LDAP directories

  Hi Expersts,
     I am looking for Integrating EP with R/3, BW & third party systems such as LDAP directories and Portal application development using HTMLB. Can any one send the related information. if you send the detailed documents with real time scenarios it could be very useful for me. Please send the docs to [email protected]
  Thanks in advance.

  hi praveen,
  refer to this links of integrating EP with BW.it will be useful....
  <b>https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/a5067965-0901-0010-6f8a-bbf0b7424283,
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/6b1472a7-0301-0010-64bd-dc96509db6f7,
  The Architect's World - Episode 23>
  /* points r welcome for a helpful answer*/

• LDAP Directories not working at work

  I've used LDAP directories in Address Book at home but when I'm at work the same configurations do not work, only my company LDAP works. This seems odd as I am able to add these LDAP servers and use them at home. Id there some sort of blocking being done? How is that possible? An example is Stanford:
  ldap.stanford.edu
  cn=people,dc=stanford,dc=edu
  port 389

  I had our IT guys come down here once again to try to explain the problem to them. They sort of just stood there slack-jawed, not understanding and told me that Mac Mail won't run on our Exchange server. Well, Mac Mail IS currently running in conjunction with our Exchange server, I need the info for the LDAP server! They act like everything is classified information and that I'm just some crazy Mac-user. I just don't understand how Entourage can access this LDAP server, and Mac Mail can't.
  I tried putting "cn=gravity.com" in the Search Base box but it didn't fix the problem. And what do I put for Scope: Base, One Level, or Subtree? I know what to put for my authentication, but is the server called ldap//:auntie.gravity.gravitymail.com or is it just auntie.gravity.gravitymail.com? Or is it ldap.auntie.gravity.gravitymail.com? I'm just not sure what the problem is. I feel like I'm just trying an infinite number of combinations until it works....

• Large LDAP directories ( 10K users)

  Anyone used LDAP with very large directories?
  I'm experiencing a problem with my directory. When I connect the LDAP Realm to a small directory (by changing the root) the Realm works normally.
  However, when I connect the realm to a directory service which has a very large number of users (>10K) then the Realm throws the following exception,
  when accessing the users in either the console or in the AdminServlet:
  Mon Nov 06 19:03:42 GMT+00:00 2000:<E> <Adapter> Exception thrown by rmi server: [-7985721359852316035Sxxx..xxx.xxx.xxx:[7001,7001,7002,7002,7001,-1]/303]
  javax.naming.LimitExceededException: [LDAP: error code 11 - Administrative Limit Exceeded]; remaining name ''
  at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2648)
  at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2509)
  at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2319)
  at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1559)
  at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1494)
  at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:375)
  at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:335)
  at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:320)
  at weblogic.security.ldaprealm.LDAPDelegate.search(LDAPDelegate.java:257)
  at weblogic.security.ldaprealm.LDAPDelegate.search(LDAPDelegate.java:263)
  at weblogic.security.ldaprealm.LDAPDelegate.getUsers(LDAPDelegate.java, Compiled Code)
  at weblogic.security.ldaprealm.LDAPRealm.getUsers(LDAPRealm.java:64)
  at weblogic.security.acl.CachingRealm.getUsers(CachingRealm.java:2325)
  at weblogic.security.acl.internal.RealmMO.getManagedProperties(RealmMO.java:182)
  at weblogic.common.managedobject.WLSkel4s2u685o2j2t4n5j5e263h4124q4q4e.invoke(WLSkel4s2u685o2j2t4n5j5e263h4124q4q4e.java, Compiled Code)
  at weblogic.rmi.extensions.BasicServerObjectAdapter.invoke(BasicServerObjectAdapter.java, Compiled Code)
  at weblogic.rmi.extensions.BasicRequestHandler.handleRequest(BasicRequestHandler.java, Compiled Code)
  at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java, Compiled Code)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java, Compiled Code)
  --------------- nested within: ------------------
  weblogic.security.ldaprealm.LDAPException: could not get user list - with nested exception:
  [javax.naming.LimitExceededException: [LDAP: error code 11 - Administrative Limit Exceeded]; remaining name '']
  at weblogic.security.ldaprealm.LDAPDelegate.getUsers(LDAPDelegate.java, Compiled Code)
  at weblogic.security.ldaprealm.LDAPRealm.getUsers(LDAPRealm.java:64)
  at weblogic.security.acl.CachingRealm.getUsers(CachingRealm.java:2325)
  at weblogic.security.acl.internal.RealmMO.getManagedProperties(RealmMO.java:182)
  at weblogic.common.managedobject.WLSkel4s2u685o2j2t4n5j5e263h4124q4q4e.invoke(WLSkel4s2u685o2j2t4n5j5e263h4124q4q4e.java, Compiled Code)
  at weblogic.rmi.extensions.BasicServerObjectAdapter.invoke(BasicServerObjectAdapter.java, Compiled Code)
  at weblogic.rmi.extensions.BasicRequestHandler.handleRequest(BasicRequestHandler.java, Compiled Code)
  at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java, Compiled Code)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java, Compiled Code)
  We're using Netscape Directory Server 4.1, with WLS 5.1 SP6. The LDAP config works fine with small directories (~100) but fails on ~10,000.....
  Cheers,
  Andy

  OK. Further investigation reveals that if we set the SIZE LIMIT property in Netscape Directory Server to be a
  low value (e.g. 3) we get a SIZE LIMIT EXCEEDED exception when we browse a small directory.
  javax.naming.SizeLimitExceededException: [LDAP: error code 4 - Sizelimit Exceeded]; remaining name ''
  Our current hypothesis is that the ADMINISTRATIVE LIMIT EXCEEDED exception is also a directory server
  configuration parameter being exceeded. Unfortunately on our test rig we don't have a large directory to test
  configuration parameters. Would anyone like to point us in the right direction for tracking this down?
  Cheers,
  Andy
  "Andy Winskill" <[email protected]> wrote:
  >
  Anyone used LDAP with very large directories?
  I'm experiencing a problem with my directory. When I connect the LDAP Realm to a small directory (by changing the root) the Realm works normally.
  However, when I connect the realm to a directory service which has a very large number of users (>10K) then the Realm throws the following exception,
  when accessing the users in either the console or in the AdminServlet:
  Mon Nov 06 19:03:42 GMT+00:00 2000:<E> <Adapter> Exception thrown by rmi server: [-7985721359852316035Sxxx..xxx.xxx.xxx:[7001,7001,7002,7002,7001,-1]/303]
  javax.naming.LimitExceededException: [LDAP: error code 11 - Administrative Limit Exceeded]; remaining name ''
  at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2648)
  at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2509)
  at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2319)
  at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1559)
  at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1494)
  at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:375)
  at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:335)
  at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:320)
  at weblogic.security.ldaprealm.LDAPDelegate.search(LDAPDelegate.java:257)
  at weblogic.security.ldaprealm.LDAPDelegate.search(LDAPDelegate.java:263)
  at weblogic.security.ldaprealm.LDAPDelegate.getUsers(LDAPDelegate.java, Compiled Code)
  at weblogic.security.ldaprealm.LDAPRealm.getUsers(LDAPRealm.java:64)
  at weblogic.security.acl.CachingRealm.getUsers(CachingRealm.java:2325)
  at weblogic.security.acl.internal.RealmMO.getManagedProperties(RealmMO.java:182)
  at weblogic.common.managedobject.WLSkel4s2u685o2j2t4n5j5e263h4124q4q4e.invoke(WLSkel4s2u685o2j2t4n5j5e263h4124q4q4e.java, Compiled Code)
  at weblogic.rmi.extensions.BasicServerObjectAdapter.invoke(BasicServerObjectAdapter.java, Compiled Code)
  at weblogic.rmi.extensions.BasicRequestHandler.handleRequest(BasicRequestHandler.java, Compiled Code)
  at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java, Compiled Code)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java, Compiled Code)
  --------------- nested within: ------------------
  weblogic.security.ldaprealm.LDAPException: could not get user list - with nested exception:
  [javax.naming.LimitExceededException: [LDAP: error code 11 - Administrative Limit Exceeded]; remaining name '']
  at weblogic.security.ldaprealm.LDAPDelegate.getUsers(LDAPDelegate.java, Compiled Code)
  at weblogic.security.ldaprealm.LDAPRealm.getUsers(LDAPRealm.java:64)
  at weblogic.security.acl.CachingRealm.getUsers(CachingRealm.java:2325)
  at weblogic.security.acl.internal.RealmMO.getManagedProperties(RealmMO.java:182)
  at weblogic.common.managedobject.WLSkel4s2u685o2j2t4n5j5e263h4124q4q4e.invoke(WLSkel4s2u685o2j2t4n5j5e263h4124q4q4e.java, Compiled Code)
  at weblogic.rmi.extensions.BasicServerObjectAdapter.invoke(BasicServerObjectAdapter.java, Compiled Code)
  at weblogic.rmi.extensions.BasicRequestHandler.handleRequest(BasicRequestHandler.java, Compiled Code)
  at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java, Compiled Code)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java, Compiled Code)
  We're using Netscape Directory Server 4.1, with WLS 5.1 SP6. The LDAP config works fine with small directories (~100) but fails on ~10,000.....
  Cheers,
  Andy

• Multiple LDAP directories for authentication

  Hi,
  I just upgraded to GroupWise 2014 (from 2012). In GW2012 I used LDAP authentication against eDir. In GW2014, I associated the GW mailboxes to Active Directory. I tested a few accounts and I can login just fine. However I also have mailboxes that have to authenticate to eDir, because (for now) they don't have AD equivalent accounts.
  To achieve this, I also added the eDirectory as a directory in the GW admin console. I then enabled LDAP authentication in the Post Office security settings, without adding the "Available LDAP Servers" to the "Selected LDAP Servers" box.
  When I logon to a mailbox that is associated to eDir, it allows me to logon. I do have a mailbox that doesn't allow me to logon, although it is associated to eDir. When I re-associate (remove-add) it, it works for a while only to stop working again. It's not entirely stable.
  In the POA log, I see the following message: Alert: Utilize LDAP server which is not in the pool configuration! So it would seem it doesn't particularly like my setup.
  Questions:
  * Is what I'm trying to achieve not supported or am I configuring it wrong?
  * If I add the "Available LDAP Servers" to the "Selected LDAP Servers" box will it use it a failover pool and thus mess up my mixed-directory authentication?
  * Is it possible to use GroupWise authentication for some mailboxes and AD authentication for others. If so, it would take away the need to use eDir.
  Iwan

  It's not an error, just informational. The LDAP AUTH code for the POA has changed somewhat in 2014. Before, it used to only use LDAP servers in a pool, but now, it will first try any LDAP servers/directories in it's "Preferred list", but if it can't not find the user using that list, it will then proceed to try all other LDAP servers that are configured.
  --Morris
  >>> iwan<[email protected]> 1/9/2015 5:16 AM >>>
  Hi,
  I am able to authenticate to AD en edir within the same PO. I would like
  to phase out edir as maintaining two directories is not ideal. The only
  reason I still use edir is for those few GW accounts that do not have AD
  counterparts and for which I do not want to create AD accounts. So using
  LDAP(AD) together with GW auth would be ideal for me. I'll look into
  creating a second PO for this purpose.
  I just wonder why the POA log keeps displaying the following message, if
  having multiple directories in a single PO is supported: "Utilize LDAP
  server which is not in the pool configuration!"
  Iwan
  iwan
  iwan's Profile: https://forums.novell.com/member.php?userid=5639
  View this thread: https://forums.novell.com/showthread.php?t=481102

• Merging two LDAP directories into one clean 10.4 server.

  What I have now is two different OD masters. One is a 10.3.9 server and the other is a 10.4.9 server. What I want to do is combine the two Open Directories into one on a brand new Xserve 10.4.9 install, and make that my only master with several replicas.
  I'm trying to do as much research as possible before attempting this feat. I haven't been able to find much on here via searching. I did however, find this link (http://www.afp548.com/article.php?story=20050615173039158&query=migrate), which should be quite helpful, but I was wondering if anyone on here had anymore input.
  Thanks in advance.

  Hi Celia
  I think you could achieve this using slapcat with a bit of ldapadd/ldapmodify? Manual pages should tell you more?
  Not done it myself with 10.5 but I don't see why not? Export desired information as LDIF file(s). You could do it for for both LDAP Servers and then bring them in. They should just add to each other?
  Worth a try?
  Tony

• Multiple LDAP directories ...

  Another day, another Livecycle bug ...
  I have added a new domain/directory to Livecycle. The synchronization works and the users are correctly added to edcprincipalentity.
  Yet whenever i try to logon to workspace i get
  An error occurred during the operation. Please try again or contact your system administrator for assistance. (ALC-WKS-007-000)
  The log files show:
  INFO: ALC-WKS-005-026: Access denied: access permission not assigned to user
  What kind of access permissions are we talking about here? Also where can i set these?
  I remember that i had this problem ages ago and the solution was something very obscure having to do with the unique identifier or so.
  Any ideas?

  You have to assign your users "LiveCycle Workspace User" Role. To grant this role for all the users in your new domain go to<br />Adminui -> Home  > Settings > User Management > Users and Groups. There search for a Group "All Principals in <your domain name>". And assign the above role to that group.<br /><br />This should enable your users to log in to workspace

• Authentication getting failed in sun one Ldap

  HI,
  Any one please can assist me for sun one ldap.
  My application developed(ldap related) based on lotus domino ldap server and webspere.
  now we are trying to deploy the same code with Websphere and sun one ldap server at our local environment.
  Iam getting the prblem of authentication fail.
  please follow the logs as.
  My question is what ever the code written for lotus domino is compatible with sun one ldap.Iam new to LDAP .
  pls any one give the suggestions.
  LDAP Interface: Performing LDAP authentication for user [NYilmaz]
  17 Dec 2007 18:43:13,359 [WARN ] NABLDAP: Transmission will be over an unencrypted connection. The username and password are transmitted in clear text form which is very insecure. Consider replacing the LDAP protocol with LDAPS (SSL).
  17 Dec 2007 18:43:13,359 [DEBUG] NABLDAP: Establishing a new authenticating connection to [ldap://gpat.bsdev.com]
  17 Dec 2007 18:43:13,375 [INFO ] NABLDAP: Failed to authenticate with the remote server on [ldap://gpat.bsdev.com] because of error '[LDAP: error code 34 - Invalid DN]'
  17 Dec 2007 18:43:13,375 [WARN ] LDAP Interface: Unsuccessful authentication attempt for user [NYilmaz]
  17 Dec 2007 18:43:13,375 [DEBUG] LDAP Interface: Writing the value {javax.naming.InvalidNameException:[LDAP: error code 34 - Invalid DN]} to General[1].OnionErrorMessage
  17 Dec 2007 18:43:13,390 [WARN ] NABLDAP: Transmission will be over an unencrypted connection. Consider replacing the LDAP protocol with LDAPS (SSL).
  17 Dec 2007 18:43:13,390 [DEBUG] NABLDAP: Establishing a new anonymous connection to [ldap://gpat.bsdev.com]
  17 Dec 2007 18:43:13,390 [DEBUG] NABLDAP: Connection established.
  17 Dec 2007 18:43:13,390 [DEBUG] NABLDAP: Searching remote LDAP directory using the filter of [(&(objectclass=person)(&(cn=NYilmaz)))]

  Hello Vinay,
  when configuring multiple Ldap directories, There are a number of prerequisities that you need to
  consider.
  For example, One prerequisite for Multi domains is that logon IDs must be unique across mutliple LDAP datasources. This will cause issue if duplicate IDs exist.
  Please see the following Documentation and notes for more information on this.
  Examples of Data Source Configuration Files - Identity Management - SAP Library
  Example: Configuration of Multiple LDAP Data Sources - Identity Management - SAP Library
  1618342 - Multiple LDAP Datasources - Active Directories where logon IDs
  are not unique
  762419 - Multi-Domain Logon Using Microsoft Active Directory
  Please have a look at the above notes which documet this and also tells
  you what to do in these situations.
  Regards,
  David

• Multi level attribute form LDAP

  multi level attribute form LDAP
  I am trying to write an custom mapping to use to retrieve a value from a multialued field in LDAP (nsRole). Has anyone done this before?
  Rigth now all my mappings are 1:1. However the goal is to get a 1 : M and parse thru it till i get the desied value (1:1)

  Darwin Hammons - Assurant 
  2:44pm, May 17 
  Great conversation. I have a very similar question about the use of the custom JAVA mappings with the LDAP Login process. I want to include an additional (event) step in the login process. Does anyone have an example or experience with a custom Java Class mapping that can use an LDAP attribute (location)  queriing the data to execute an event that populates an RequestCenter OU or Group if the person login location equal say " Argentina" ? Looking for a way to manage / build catalog entitlements during login. Suggestions ?
  Great conversation. I have a very similar question about the use of the custom JAVA mappings with the LDAP Login process. I want to include an additional (event) step in the login process. Does anyone have an example or experience with a custom Java Class mapping that can use an LDAP attribute (location)  queriing the data to execute an event that populates an RequestCenter OU or Group if the person login location equal say " Argentina" ? Looking for a way to manage / build catalog entitlements during login. Suggestions ?
  Anthony Erickson
  2:52pm, May 18  
  Hi Darwin,
  We're about to embark on a piece of work with newScale which would be similar to this to support our Multilingual catalogue.  I'll provide any updates I'm able. 
  Thanks,
  Ant 
  Darwin Hammons - Assurant 
  3:25pm, May 18 
  Great, Thanks Anthony ! I hope our bringing up this topic will spark a bit of interest. The Custom Java Mapping  / Directory integration is documented more with RC 9.1. It will be good to hear more about your project and use of Java mappings with LDAP Directories. 

• Error while creating user in LDAP (MS ADS) from SAP Portal 7.0

  Hi,
  Is it obliged to use SSL connection to create new user in LDAP (MS ADS) from SAP Portal 7.0 ?
  I've configured the UME with ldap server adress and port 389. And use configuration file "dataSourceConfiguration_ads_writeable_db.xml"
  I succeed to view users existing in LDAP but when I try to create new user I've the following error message:
  LDAP: error code 53 - 0000001F: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0)
  Thanks and regards

  check this link
  http://help.sap.com/saphelp_nw70/helpdata/EN/37/cfd93f130f9115e10000000a155106/frameset.htm
  and at the end of the page there is a qoute "We strongly recommend that you configure SSL between the UME and the LDAP directory. Some LDAP directories, such as Microsoft Active Directory Server, require an SSL connection if you want to create users on the LDAP directory"
  hence follow this link to configure SSL
  http://help.sap.com/saphelp_nw70/helpdata/EN/7d/77fa735e5f47a2a50b5336fd1b5a61/frameset.htm
  hope this helps..
  [Rahul|http://rahulursportal.blogspot.com/]

• SUN One LDAP Retrieving Dynamic group

  Hi, I would like to know how can I retrieve the groups a user belongs to, if the groups are of dynamic type.
  can I use the attribute memberOf?
  //Create the initial directory context
  LdapContext ctx = new InitialLdapContext(env,*null*);
  //Create the search controls
  SearchControls searchCtls = new SearchControls();
  //Specify the search scope
  searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
  //specify the LDAP search filter
  String searchFilter = "(&(objectClass=user)(CN=Andrew Anderson))";
  //Specify the Base for the search
  String searchBase = "DC=antipodes,DC=com";
  //initialize counter to total the group members
  int totalResults = 0;
  //Specify the attributes to return
  String returnedAtts[]={"*memberOf*"};
  searchCtls.setReturningAttributes(returnedAtts);
  //Search for objects using the filter
  NamingEnumeration answer = ctx.search(searchBase, searchFilter, searchCtls);

  Hello Vinay,
  when configuring multiple Ldap directories, There are a number of prerequisities that you need to
  consider.
  For example, One prerequisite for Multi domains is that logon IDs must be unique across mutliple LDAP datasources. This will cause issue if duplicate IDs exist.
  Please see the following Documentation and notes for more information on this.
  Examples of Data Source Configuration Files - Identity Management - SAP Library
  Example: Configuration of Multiple LDAP Data Sources - Identity Management - SAP Library
  1618342 - Multiple LDAP Datasources - Active Directories where logon IDs
  are not unique
  762419 - Multi-Domain Logon Using Microsoft Active Directory
  Please have a look at the above notes which documet this and also tells
  you what to do in these situations.
  Regards,
  David

• Microsoft AD, JNDI and LDAP

  Hello,
  I working to move an application off of Novell eDirectory onto Microsoft AD. The program successfully binds to AD, the search filter executes correctly and the attributes are returned as expected. However, the final call to searchResults.hasMore() is not returning! In other words, the final call, which should return false, is not returning at all.
  Any ideas?
  -Bryan
  try
  hashtable = null;
  hashtable = new Hashtable();
  hashtable.put("java.naming.ldap.version", "3");
  hashtable.put Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
  hashtable.put(Context.SECURITY_AUTHENTICATION, "Simple");
  hashtable.put(Context.REFERRAL, "follow");
  hashtable.put(Context.PROVIDER_URL, url);
  hashtable.put(Context.SECURITY_PRINCIPAL, loginDN);
  hashtable.put(Context.SECURITY_CREDENTIALS, passwd);
  ctx = new InitialLdapContext(hashtable, null);
  SearchControls sc = new SearchControls();
  sc.setSearchScope(SearchControls.SUBTREE_SCOPE);
  sc.setReturningAttributes(new String[] {"mailNickname", "givenName", "sn", "mail"});
  NamingEnumeration results = ctx.search(base, filter, sc);
  cns = new ArrayList(25);
  givenNames = new ArrayList(25);
  mails = new ArrayList(25);
  surNames = new ArrayList(25);
  while (results.hasMore()) // hangup occurring here when hasMore() should return false
  SearchResult sr = (SearchResult)results.next();
  Attributes attrs = sr.getAttributes();
  Enumeration enum = attrs.getAll();
  while (enum.hasMoreElements())
  System.out.println(enum.nextElement());
  cns.add((String)(attrs.get("mailNickname").get()));
  givenNames.add((String)(attrs.get("givenName").get()));
  surNames.add((String)(attrs.get("sn").get()));
  mails.add((String)(attrs.get("mail").get()));
  finally
  try {ctx.close();}
  catch (Exception e) {}
  }

  I'll take a bit of a stab at this, although your code sample seems to have some typos, missing a few braces and few catches.
  Anyway, there are some subtle differences between the behaviour of AD and other LDAP directories. One is that by default AD limits the number of objects that can be returned in a LDAP query to 1000. I think I described this in the post JNDI, Active Directory, Paging and Range Retrieval available at http://forum.java.sun.com/thread.jspa?threadID=578347&tstart=0
  Also there are differences in the behaviour of Enumeration.hasMore & Enumeration.hasMoreElements, Enumeration.hasMore throws exception s and will not return false, whereas hasMoreElements does not throw an exception and will return false. Have a look at http://java.sun.com/j2se/1.3/docs/api/javax/naming/NamingEnumeration.html
  So I'll assume that AD is causing an exception to be thrown, perhaps a SizeLimitExceededException or PartialResultsException.
  Either process the exception, or use hasMoreElements instead.

• EPM 11.1.2: Using LDAP with BugTracker

  Hi,
  I'm using EPM 11.1.2 as production env with NativeDirectory and I'd like to use Redmine as bugtracker for my support of EPM.
  I need for integration it's LDAP and my bugtracker (Redmine).
  I found this: http://www.redmine.org/projects/redmine/wiki/RedmineLDAP
  --Can you tell me BaseDN string to connect for LDAP? dc=users or dc=css,dc=hyperion,dc=com--
  What is port number for connect to LDAP? 389 doesn't works.
  Ohh... http://john-goodwin.blogspot.com/2010/05/epm-1112-life-after-openldap.html :(
  Does it possible to using SSO?
  Edited by: Antony NoFog on 12.01.2012 18:47

  You can't connect Redmine to the EPM native directory because it does not emulate an LDAP interface. Native user management is based on a relational database.
  But EPM can be (and usually is) integrated to one or more external LDAP directories (Microsoft Active Directory, Novell, or anything else the supports the LDAP v3 standard). In most environments there are only a handful of native administrator users on an EPM system and all the regular users are external users (although they are often grouped into native groups). Could you not integrate Redmine with the same external directory as EPM? Then your users should be able to log into both Redmine and EPM using their external directory credentials.

• Workflow support for Non OID LDAP servers

  Can workflow 2.6.2 be integrated with other vendors LDAP servers??

  OID supports integrating with other LDAP directories, and Workflow supports synchronizing with those other external user directories through OID. So you can use a third-party LDAP directory, but it is a requirement to go through OID to do so.

• Reg MS ADS LDAP Directory Download

  Hi all,
  I want to configure my UME to an LDAP and look wheteher its working fine.
  But i dont have any available LDAP Directories.
  Please provide me the sites to download a free version of LDAP.
  I am looking for LDAP Of MS ADS.
  Plaese provide me your valuable inputs on this.
  Thanks & regards,
  Lokesh

  Hi GLM,
  Thanks for your quick response.
  If it is not possible,
  Any other downloads like iplanet,Novell etc.....,
  What my intension is to have an LDAp other then UME.
  If you have any idea or installing softwares reg LDAP.
  Please provide me that.
  Thanks & regards,
  Lokesh