CFCHART Forces login

Similar Messages

• Single Sign-On and Forcing logins

  Hi
  I'm new to single sign-on firstly.
  Is it possible for a company using SSO, to force a user to login again when trying to access a certain web application, in this instance a J2EE application within the company's domain (I know it defeats the purpose but they have their bizarre reasons)?
  I.e. have single sign-on working with all the other web applications within the company not needing to login to them if they already have an authenticated SSO login, except this one, having the start page rerouted to the SSO login page regardless of whether the user already has an SSO authenticated login or not?
  Thanks
  Mario

  This is pretty much possible and this does not actually defeats the purpose as this is business requirement.
  First of all you need to create a different authentication scheme (J2EE Authentication scheme) for J2EE application. I can be replica of your generic authentication scheme (The one which is used for SSO) with just a one change, set authentication level for J2EE Authentication scheme higher than generic authentication scheme.
  This will make sure that a user having an authenticated SSO login is asked for authentication when user access J2EE application. Also once used is logged onto J2EE application, he will not be challenged for authentication when he access SSO enabled applications.
  I hope this answers your requirement.
  Thanking You
  Kiran Thakkar

• SSO for some SAP Apps, but forced login for the sensitive data application

  We have R/3 4.7 (Enterprise), with EP 6.0 and Web AS 6.40.  We have implemented Employee Self Service, as well as CRM, and some BW reports through EP 6.0.  We have a Broadvision Portal that is on top of EP 6.0.  In other words, the employees login to the Broadvision Portal, and authenticate against our Active Directory user store.  Then they will choose the SAP apps listed above, which go through the SAP Portal (EP 6.0)
  We want to allow SSO through EP when users choose either CRM, or BW reports, but we want to force a login when they choose ESS, since this data is more sensitive.  The problem we have had is that when we turn on SSO, it allows the user through for all 3 SAP apps.  My question is: How can we force a login for just ESS, but not for the other 2 apps.
  Thanks.

  Rick,
  I suppose, Eric meant Authentication Schemes ("authschemes") instead of security zones.
  An authentication scheme is essentially a pointer to a JAAS logon stacks on the J2EE Engine plus a frontend ("login screen"). Authentication schemes are assigned numbers ("priorities"), the higher the number the more trustworthy the authentication of the underlying JAAS stack is regarded.
  Example:
  Let's assume you use the default authscheme "uidpwdlogon" for all your iviews. It features a password-based or SAP logon ticket-based logon and is assigned a value of 20. All iviews that have this authscheme set in its "authscheme" property are accessible for you without any further authentication once you have passed this scheme (or any other authscheme with a priority <= 20).
  Now, you set one individual iview to use authscheme "certlogon", which requires an X.509 certificate and is valued "21". When accessing this iview, the portal will force a re-authentication (as 21>20).
  By configuring custom authschemes and JAAS logon stacks you can easily implement your scenario. Simply ensure that all your ESS iviews will be using an authscheme with a value greater that your default value.
  Regards,
  Dominik

• Force login screen while using SSO

  For the Portal logon we’ve implemented SSO. However sometimes we need to login by specifying username and password, in case we want to simulated a user problem. To logon as ‘Administrator’ we are using the short hostname instead of the full qualified domain name. But we can’t use this mechanism for the users because SSO to the backend systems won’t work anymore.
  Is there a way to force logon by username/password and the SSO connection to the backend systems are still working.
  Kind Regards,
  Evert Schuiteman

  You're trying to disable the Kerberos authentication temporarily? Then go to the browser's Toos menu > Internet options > Advanced > Security > disable "Integrated Windows Authentication", and restart your browser.
  For bonus points - I have a text file on my desktop called DisableKerb.reg to make the same registry change with by double-clicking. It looks as follows:
     Windows Registry Editor Version 5.00
     [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings]
     "EnableNegotiate"=dword:00000000
  For "EnableKerb.reg", make the value 00000001

• Force login / Portal 4.0

  Trying to find how in portal 4.0 I can force a user to login before going to the
  actual portal.

  OK - i think i have the complete solution and no code changes are required. I
  have attached new versions of the web.xml, weblogic.xml, security.wf and a
  new JSP /framework/security/goodbye.jsp. Add these to your application and
  the following users should be able to log in. visitor1 and visitor5.
  visitor1 works because i have mapped him to the customerServiceRole in the
  weblogic.xml. Visitor5 works because he belongs to the CustomerService Group.
  The only down side to this solution is that it requires a slight modification
  to the security.wf any updates to this file will have to be integrated into
  the new version. So merge these files!
  Michael C Ford wrote:
  Trying to find how in portal 4.0 I can force a user to login before going to the
  actual portal.
  [weblogic.xml]
  <?xml version="1.0" encoding="UTF-8"?>
  <webflow-configuration xmlns="http://www.bea.com/servers/p13n/xsd/webflow/2.0"
  xmlns:xsi="http://www.w3.org/2000/10/XMLSchema-instance"
  xsi:schemaLocation="http://www.bea.com/servers/p13n/xsd/webflow/2.0 webflow.xsd"
  is-complete="true">
  <!-- ################### BASIC WEBFLOW CONFIGURATION ################### -->
  <!-- Webflow namespace. -->
  <namespace>security</namespace>
  <!-- Webflow begin origin. -->
  <begin-origin>
  <destination namespace="security" node-name="login" node-type="jsp"/>
  </begin-origin>
  <!-- ################### PRESENTATION ORIGIN NODES ################### -->
  <!-- User login page. -->
  <presentation-origin node-name="login" node-type="jsp">
  <node-processor-info page-relative-path="/framework/security" page-name="login.jsp"/>
  <event-list>
  <event event-name="button.login">
  <destination namespace="security" node-name="loginFormProcessor" node-type="inputprocessor"/>
  </event>
  <event event-name="link.newuser">
  <destination namespace="user_account" node-name="new_user" node-type="jsp"/>
  </event>
  </event-list>
  </presentation-origin>
  <!-- User badlogin page. -->
  <presentation-origin node-name="badlogin" node-type="jsp">
  <node-processor-info page-relative-path="/framework/security" page-name="badlogin.jsp"/>
  <event-list>
  <event event-name="button.login">
  <destination namespace="security" node-name="loginFormProcessor" node-type="inputprocessor"/>
  </event>
  <event event-name="link.newuser">
  <destination namespace="user_account" node-name="new_user" node-type="jsp"/>
  </event>
  </event-list>
  </presentation-origin>
  <!-- Logged out and portal is a protected resource. -->
  <presentation-origin node-name="goodbye" node-type="jsp">
  <node-processor-info page-relative-path="/framework/security" page-name="goodbye.jsp"/>
  <event-list>
  <event event-name="link.backtoportal">
  <destination namespace="portal" node-name="portalRefreshProcessor" node-type="inputprocessor"/>
  </event>
  </event-list>
  </presentation-origin>
  <!-- Group selection form. -->
  <presentation-origin node-name="need_group" node-type="jsp">
  <node-processor-info page-relative-path="/framework/security" page-name="need_group.jsp"/>
  <event-list>
  <event event-name="button.select_group">
  <destination namespace="security" node-name="groupFormProcessor" node-type="inputprocessor"/>
  </event>
  </event-list>
  </presentation-origin>
  <!-- Security-specific help. -->
  <presentation-origin node-name="help" node-type="jsp">
  <node-processor-info page-relative-path="/framework/security" page-name="help.jsp"/>
  <event-list>
  <event event-name="link.back">
  <destination namespace="security" node-name="login" node-type="jsp"/>
  </event>
  </event-list>
  </presentation-origin>
  <!-- User change password page. -->
  <presentation-origin node-name="set_password" node-type="jsp">
  <node-processor-info page-relative-path="/framework/security" page-name="set_password.jsp"/>
  <event-list>
  <event event-name="button.set_password">
  <destination namespace="security" node-name="setPasswordFormProcessor" node-type="inputprocessor"/>
  </event>
  <event event-name="link.back">
  <destination namespace="portal" node-name="portalRefreshProcessor" node-type="inputprocessor"/>
  </event>
  </event-list>
  </presentation-origin>
  <!-- ################### PROCESSOR ORIGIN NODES ################### -->
  <!-- LoginProcessor - this processor performs the j_security check -->
  <processor-origin node-name="loginProcessor" node-type="inputprocessor">
  <node-processor-info class-name="com.bea.portal.appflow.processor.security.LoginProcessor"/>
  </processor-origin>
  <!-- Input processor to validate login form data -->
  <processor-origin node-name="loginFormProcessor" node-type="inputprocessor">
  <node-processor-info class-name="com.bea.portal.appflow.processor.security.LoginFormProcessor"/>
  <event-list>
  <!-- user chose to auto login - drop some cookies before logging him in -->
  <event event-name="dropcookies">
  <destination namespace="security" node-name="depositCookiesProcessor" node-type="inputprocessor"/>
  </event>
  <!-- did not choose auto login so just proceed to logging them in -->
  <event event-name="login">
  <destination namespace="security" node-name="loginProcessor" node-type="inputprocessor"/>
  </event>
  </event-list>
  <exception-list>
  <!-- user did not enter all the form fields correctly -->
  <exception exception-name="com.bea.p13n.appflow.webflow.forms.InvalidFormDataException">
  <destination namespace="security" node-name="login" node-type="jsp"/>
  </exception>
  </exception-list>
  </processor-origin>
  <!-- Input processor to pick username password from cookie -->
  <processor-origin node-name="autoLoginProcessor" node-type="inputprocessor">
  <node-processor-info class-name="com.bea.portal.appflow.processor.security.AutoLoginProcessor"/>
  <event-list>
  <!-- we got cookies, proceed to automatically login the user -->
  <event event-name="cookies">
  <destination namespace="security" node-name="loginProcessor" node-type="inputprocessor"/>
  </event>
  <!-- we got nothing, go back to the portal and the user will have to login themselves -->
  <event event-name="no_cookies">
  <destination namespace="portal" node-name="portalRefreshProcessor" node-type="inputprocessor"/>
  </event>
  </event-list>
  </processor-origin>
  <!-- Our logout input processor is used to terminate the user session. -->
  <processor-origin node-name="logoutProcessor" node-type="inputprocessor">
  <node-processor-info class-name="com.bea.portal.appflow.processor.security.LogoutProcessor"/>
  <event-list>
  <event event-name="success">
  <destination namespace="security" node-name="goodbye" node-type="jsp"/>
  </event>
  </event-list>
  </processor-origin>
  <!-- New user registration form validation processor -->
  <processor-origin node-name="userProcessor" node-type="inputprocessor">
  <node-processor-info class-name="com.bea.portal.appflow.processor.security.UserProcessor"/>
  <event-list>
  <!-- User entered all the criteria so now log them in -->
  <event event-name="success">
  <destination namespace="security" node-name="loginProcessor" node-type="inputprocessor"/>
  </event>
  </event-list>
  <exception-list>
  <!-- User did not enter all the criteria so back to the form -->
  <exception exception-name="com.bea.p13n.appflow.webflow.forms.InvalidFormDataException">
  <destination namespace="user_account" node-name="new_user" node-type="jsp"/>
  </exception>
  </exception-list>
  </processor-origin>
  <!-- Drop a pair of cookies onto the users desktop for autologin next visit -->
  <processor-origin node-name="depositCookiesProcessor" node-type="inputprocessor">
  <node-processor-info class-name="com.bea.portal.appflow.processor.security.DepositCookiesProcessor"/>
  <event-list>
  <!-- we successfully dropped some auto login cookies on the users machine -->
  <event event-name="success">
  <destination namespace="security" node-name="loginProcessor" node-type="inputprocessor"/>
  </event>
  <!-- we failed to dropped some auto login cookies on the users machine, still login -->
  <event event-name="failure">
  <destination namespace="security" node-name="loginProcessor" node-type="inputprocessor"/>
  </event>
  </event-list>
  </processor-origin>
  <!-- Swap a pair of cookies onto the users desktop for autologin next visit -->
  <processor-origin node-name="swapCookiesProcessor" node-type="inputprocessor">
  <node-processor-info class-name="com.bea.portal.appflow.processor.security.SwapCookiesProcessor"/>
  <event-list>
  <!-- we successfully swapped the old auto login cookies for some new ones -->
  <event event-name="success">
  <destination namespace="portal" node-name="portalRefreshProcessor" node-type="inputprocessor"/>
  </event>
  <!-- we failed to deposit some new autologin cookies, no big deal... -->
  <event event-name="failure">
  <destination namespace="portal" node-name="portalRefreshProcessor" node-type="inputprocessor"/>
  </event>
  </event-list>
  </processor-origin>
  <!-- Validate the set password HTML Form and change the users password. -->
  <processor-origin node-name="setPasswordFormProcessor" node-type="inputprocessor">
  <node-processor-info class-name="com.bea.portal.appflow.processor.security.SetPasswordFormProcessor"/>
  <event-list>
  <!-- we successfully changed the user's password, now change his auto login cookies if he has any -->
  <event event-name="success">
  <destination namespace="security" node-name="swapCookiesProcessor" node-type="inputprocessor"/>
  </event>
  </event-list>
  <exception-list>
  <exception exception-name="com.bea.p13n.appflow.webflow.forms.InvalidFormDataException">
  <destination namespace="security" node-name="set_password" node-type="jsp"/>
  </exception>
  </exception-list>
  </processor-origin>
  <!-- Assigns a group if it can otherwise firects the user to pick one -->
  <processor-origin node-name="groupProcessor" node-type="inputprocessor">
  <node-processor-info class-name="com.bea.portal.appflow.processor.security.GroupProcessor"/>
  <event-list>
  <event event-name="success">
  <destination namespace="user_account" node-name="postLoginProcessor" node-type="inputprocessor"/>
  </event>
  <event event-name="need_group">
  <destination namespace="security" node-name="need_group" node-type="jsp"/>
  </event>
  </event-list>
  </processor-origin>
  <!-- Group selection form validation processor. -->
  <processor-origin node-name="groupFormProcessor" node-type="inputprocessor">
  <node-processor-info class-name="com.bea.portal.appflow.processor.security.GroupFormProcessor"/>
  <event-list>
  <event event-name="success">
  <destination namespace="user_account" node-name="postLoginProcessor" node-type="inputprocessor"/>
  </event>
  </event-list>
  <exception-list>
  <exception exception-name="com.bea.p13n.appflow.webflow.forms.InvalidFormDataException">
  <destination namespace="security" node-name="need_group" node-type="jsp"/>
  </exception>
  </exception-list>
  </processor-origin>
  <!-- ################### WILDCARD PRESENTATION ORIGIN NODES ################### -->
  <wildcard-presentation-origin node-type="jsp">
  <event-list>
  <event event-name="link.home">
  <destination namespace="portal" node-name="portal" node-type="jsp"/>
  </event>
  <event event-name="link.help">
  <destination namespace="security" node-name="help" node-type="jsp"/>
  </event>
  <event event-name="link.login">
  <destination namespace="security" node-name="login" node-type="jsp"/>
  </event>
  <event event-name="link.logout">
  <destination namespace="security" node-name="logoutProcessor" node-type="inputprocessor"/>
  </event>
  <event event-name="link.set_password">
  <destination namespace="security" node-name="set_password" node-type="jsp"/>
  </event>
  </event-list>
  </wildcard-presentation-origin>
  <!-- ################### WILDCARD PROCESSOR ORIGIN NODES ################### -->
  <wildcard-processor-origin node-type="inputprocessor">
  <event-list>
  <!-- Session timeout event. -->
  <event event-name="bea.portal.framework.internal.session.timeout">
  <destination namespace="portal" node-name="portalRefreshProcessor" node-type="inputprocessor"/>
  </event>
  <event event-name="failure">
  <destination namespace="portal" node-name="error" node-type="jsp"/>
  </event>
  </event-list>
  <exception-list>
  <exception exception-name="com.bea.p13n.appflow.webflow.forms.MissingFormFieldException">
  <destination namespace="portal" node-name="missingformfield" node-type="jsp"/>
  </exception>
  <exception exception-name="com.bea.p13n.appflow.exception.ProcessingException">
  <destination namespace="portal" node-name="error" node-type="jsp"/>
  </exception>
  <exception exception-name="java.lang.RuntimeException">
  <destination namespace="portal" node-name="error" node-type="jsp"/>
  </exception>
  <exception exception-name="java.lang.ClassNotFoundException">
  <destination namespace="portal" node-name="error" node-type="jsp"/>
  </exception>
  <exception exception-name="com.bea.p13n.appflow.exception.InvalidArgumentException">
  <destination namespace="portal" node-name="error" node-type="jsp"/>
  </exception>
  </exception-list>
  </wildcard-processor-origin>
  </webflow-configuration>
  [web.xml]
  [goodbye.jsp]

• Force Login for all Visitors

  After upgrading to Mavericks Server, I realized, that the wiki's people page is accessible by everybody without loging in.
  I did not find any manuals on how to require a login for every page for 10.9 Server. (10.7 & 10.8 is documented)
  Thanks!

  I'm also at a loss about how to do this in 10.9 server... it's a very bad decision to leave those pages unprotected, IMHO. I know there are more "brute force" methods of protecting the whole site, but none is as elegant (or convenient) as doing it right.
  I'm also waiting for a fix.

• Administrator login not available at bootup anymore?

  Before HD crash I had an auto screen come up where I had to login as the administrator.
  After new installation of Leopard 10.5.1 the admin Login screen has gone and it goes straight into my desktop.
  I want to have the forced Login back to help security but I can't find how to do it.
  Can anyone help please?

  Turn automatic login off from the Accounts or Security panes of System Preferences.
  (60690)

• Make users login to domain

  Hi everyone
  How do i make my Domain users forcefully login to domain, i have many computers which are not in domain,
  Can i block web traffic for users who are not logged to domain, Do Radius Server do this.does it requires a license,
  and do i  need a different hardware. I have twos dc's  one is windows server 2008 R2 x64 and the other windows Server 2008 x64

  You should be able to achieve this thought a proxy or routing internet through a firewall which can validate these requirements.
  However, why do you have these stand alone computers?  If they have travel users, you may have problem with re-routing their internet traffic though a permanent solution. 
  Microsoft NPS may be an option as well.
  Santhosh Sivarajan | Houston, TX | www.sivarajan.com
  ITIL,MCITP,MCTS,MCSE (W2K3/W2K/NT4),MCSA(W2K3/W2K/MSG),Network+,CCNA
  Windows Server 2012 Book - Migrating from 2008 to Windows Server 2012
  Blogs: Blogs
  Twitter: Twitter
  LinkedIn: LinkedIn
  Facebook: Facebook
  Microsoft Virtual Academy:
  Microsoft Virtual Academy
  This posting is provided AS IS with no warranties, and confers no rights.

• How do I connect into my mac using Apple Remote Desktop

  I have version 2 of this but am not that network-savvy. How can I connect to my G5 at work, from home, and vice versa?

  If a user is an administrator on the computer they can do almost any thing they want.
  You could install Apple Server Admin Tools onto your computer. One of the applications included in the tool set is Workgroup Manager. Work group manager can be used to create/modify MCX. Ether on the local computer or remotely on an MCX compatbale directory server. (such as open directoy) MCX can be used to force a specific setting for many plist controled features.
  You can use it to force a setting like time till screen saver starts. Require password when waking from sleep/screen saver. Force login window isntead of auot-login on reboot/startup.
  The nice thing about using a server, such as an open directory, is that it's very easy to push out MCX policy updates. Of corse you would have to update your computers to the directory server. 
  If you don't have a directory server, and don't want a directory server. Then you can use work group manager to modifies the local policy of a comptuer. you can then use a unix commands to extract the actually MCX settings. You could then use ARD Send Unix command to apply the MCX settings to one or more remote computer.
  ether way, an admin on the computer could still remove the MCX. But the user would have to figure out where setting is coming from. and then figure out how to remove the setting.

• Exchange 2013 - Admins can only log into one ECP server

  Simple run down of my environment:
  • Two AD sites (Site1 and Site2)
  • One 2008 R2 domain controller at each site (DC1 w/ FSMOs and DC2) running AD forest function level 2008 R2
  • One 2012 Std server with Exchange 2012 Std CU3 at each site (EX1 and EX2) – CAS/MBX on both, No DAG
  • Half of mailboxes on each server
  Using https://webmail.domain.com for all of our internal and external virtual directories. Adding /OWA or /ECP will get you into the respective site from either internal or external.
  All Domain Admin/Exchange Admin (Organization Management) do NOT have mailboxes. Those individuals can log into ECP from https://webmail.domain.com/ecp, or FQDN or IP of EX2 only. If John Smith has no mailbox then he must use:
  https://webmail.domain.com/ecp
  or
  https://ex2.domain.com/ecp
  or
  https://10.16.109.31/ecp
  If EX2 goes offline or they use https://ex1.domain.com/ecp or https://10.16.108.31/ecp then none of the admins can login and they get the following:
  Use the following link to open this mailbox with the best performance:
  https://webmail.domain.com/owa/auth.owa
  X-FEServer: EX2
  Date: 2/18/2014 10:37:42 PM
  s ECP or the https://webamil.domain.com/ecps ECP.
  They can access EMS from either server and run Get-ECPVirtualDirectory and it shows what we would expect:
  – https://webmail.domain.com/ecp
  – https://webmail.domain.com/ecp
  Why can an admin with no mailbox only log into the ECP on EX2? What is forcing the login to EX2 only? How can I move that “forced login” to EX1 if we ever get into a situation where EX2 is having problems? What happened in Active Directory or Exchange that
  made EX2 the primary login server for ECP and OWA? My FSMOs are located at Site 1…the same location where EX1 is located. The same server that I cannot log into ECP directly.
  ~Rick

  Any admin that is mail enabled can then only log into the server that hosts his mailbox. Admins without mailboxes can only log into EX2. And again, all admins can log into https://webmail.domain.com/ecp unless one of the servers goes offline
  and that's when the problems occur. Nothing obvious or unusual regarding mail flow. Done various internal and external tests and have not seen anything obvious or in the logs.
  Yesterday's change that MS Support had me do was to delete the ExternalURL for the ECP virtual directories. No difference. So, my latest update from MS Support that requested me to try today's change...
  set-owavirtualdirectory “owa (default web site)” -RedirectToOptimalOWAServer $false
  After performing an IIS reset and making sure replication had completed there was no difference. So, I am now forced to wait till Monday for MS to respond if the pattern stays at one email per day.
  Has anyone with multiple servers at different AD sites been able to log directly into the either server like I'm trying? I get this problem in my labs and I even had MS, while on the phone, remote in to make sure I was setting it up properly.
  The guy on the phone never said if their labs do the same thing cause they don't have multiple AD sites in their labs. In my lab if I have two servers at each site then I can log into both servers at the site, but not the other site. It appears it becomes
  site dependent then.
  MS has taken numerous logs and they are acting like this is the first time they've seen this. Yet I can reproduce it with no problem time after time. I'll create new VMs and start all over from scratch and make this happen every time I create a new AD/Exchange
  environment (it does take me a while to build all those VMs from scratch). No fancy GPOs to AD and no radical changes to the Exchange servers. Other than obvious config changes to make sure email can flow internally and externally, this is pretty much out
  of the box.
  ~Rick

• BlackBerry Browser Channel Push from SAP Portal

  I have posted the following on blackberry forums, not much success, maybe some portal person can suggest how to move forward. I've taken some standard blackberry java code that pushes a web page to a blackberry device, and executed from my java vm and it works. I then put the same java code inside an AbstractPortalComponent, and executed from portal, it does not work. Read following posting on blackberry forums ...
  I am attempting to implement a simple Browser Channel Push from within SAP Portal server.
  I have successfully executed  standard code from my local Java VM. I get the custom icon on my blackberry device, and when I click on it, it loads the web page from device cache.
  I have moved the exact same code into a SAP wrapper method and executed from SAP Portal. There are no additions in my code relating to the push.
  I get the custom icon on my blackberry, but when I click on it, a http request is performed every time.
  Below is the MDS log for the successful push, from local java:
  <2008-05-12 13:17:38.427 EST>:[408]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = PushServlet: POST request from [UNKNOWN @ 10.17.224.154] to [DESTINATION=Moris.T.Mihailidis @bhpbilliton.com&PORT=7874&REQUESTURI=/] : 1 bytes...>
  <2008-05-12 13:17:38.427 EST>:[409]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = submitting push message with id:312ce7cb:119db0ce9da:-7fff-1036777698>
  <2008-05-12 13:17:38.427 EST>:[410]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = Executing push submit command for pushID:312ce7cb:119db0ce9da:-7fff-1036777698>
  <2008-05-12 13:17:38.427 EST>:[412]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = Pushing message to: 252597d5>
  <2008-05-12 13:17:38.427 EST>:[413]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = Number of active push connections:1>
  <2008-05-12 13:17:38.427 EST>:[414]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = added server-initiated connection = -2031026175, push id = 312ce7cb:119db0ce9da:-7fff-1036777698>
  <2008-05-12 13:17:38.427 EST>:[415]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = Available threads in DefaultJobPool = 199 running JobRunner: DefaultJobRunner-197>
  <2008-05-12 13:17:38.427 EST>:[416]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = ReceivedFromServer, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026175, HTTPTRANSMISSION =>
  <2008-05-12 13:17:38.427 EST>:[416]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = ReceivedFromServer, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026175, HTTPTRANSMISSION = [Transmission Line Section]:>
  <2008-05-12 13:17:38.427 EST>:[416]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = ReceivedFromServer, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026175, HTTPTRANSMISSION = POST / HTTP/1.1>
  <2008-05-12 13:17:38.427 EST>:[416]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = ReceivedFromServer, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026175, HTTPTRANSMISSION = [Headers Section]: 13 headers>
  <2008-05-12 13:17:38.427 EST>:[416]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = ReceivedFromServer, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026175, HTTPTRANSMISSION = [Parameters Section]: 3 parameters>
  <2008-05-12 13:17:38.427 EST>:[417]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = SentToDevice, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026175, HTTPTRANSMISSION =>
  <2008-05-12 13:17:38.427 EST>:[417]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = SentToDevice, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026175, HTTPTRANSMISSION = [Transmission Line Section]:>
  <2008-05-12 13:17:38.427 EST>:[417]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = SentToDevice, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026175, HTTPTRANSMISSION = POST / HTTP/1.1>
  <2008-05-12 13:17:38.427 EST>:[417]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = SentToDevice, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026175, HTTPTRANSMISSION = [Headers Section]: 13 headers>
  <2008-05-12 13:17:38.427 EST>:[417]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = SentToDevice, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026175, HTTPTRANSMISSION = [Parameters Section]: 3 parameters>
  <2008-05-12 13:17:38.427 EST>:[418]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = Finished JobRunner: DefaultJobRunner-197, available threads in DefaultJobPool = 200, time spent = 0ms>
  <2008-05-12 13:17:38.458 EST>:[421]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, EVENT = CreatedSendingQueue, DEVICEPIN = 252597d5, USERID = u4>
  <2008-05-12 13:17:38.458 EST>:[424]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, EVENT = Sending, TAG = 444006409, DEVICEPIN = 252597d5, USERID = u4, VERSION = 16, CONNECTIONID = -2031026175, SEQUENCE = 0, TYPE = NOTIFY-REQUEST, CONNECTIONHANDLER = http, PROTOCOL = TCP, PARAMETERS = [CORMEL-BES03/10.16.60.49:7874], SIZE = 666>
  <2008-05-12 13:17:38.458 EST>:[425]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = Number of active push connections:0>
  <2008-05-12 13:17:38.458 EST>:[426]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = GME, EVENT = Received_from_above, DESTINATION = 252597d5, GMETAG = 444006409, CONTENT = IPPP, CONFIRM = FALSE, SIZE = 713>
  <2008-05-12 13:17:38.458 EST>:[427]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = GME, EVENT = Sent_down, DESTINATION = 252597d5, GMETAG = 444006409, SIZE = 745, SOURCE = , GUID = null>
  <2008-05-12 13:17:38.458 EST>:[428]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SRP, SRPID = S82672876, EVENT = Sending, VERSION = 1, COMMAND = SEND, TAG = 444006409, SIZE = 858>
  <2008-05-12 13:17:40.614 EST>:[429]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SRP, SRPID = S82672876, EVENT = Receiving, VERSION = 1, COMMAND = STATUS, TAG = 444006409, SIZE = 10, STATE = DELIVERED>
  <2008-05-12 13:17:40.614 EST>:[430]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = GME, EVENT = Notification, NOTIFICATION_TYPE = DELIVERED, GMETAG = 444006409, CONTENT = IPPP>
  <2008-05-12 13:17:40.614 EST>:[431]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, EVENT = Notification, TAG = 444006409, STATE = DELIVERED>
  <2008-05-12 13:17:40.614 EST>:[435]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = Device connections: AVG latency (msecs)2156>
  <2008-05-12 13:17:40.614 EST>:[436]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, Removed push connection:-2031026175>
  <2008-05-12 13:17:45.239 EST>:[437]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, EVENT = RemovedSendingQueue, DEVICEPIN = 252597d5, USERID = u4>
  Below is the MDS log for the unsuccessful push, from SAP Portal:
  <2008-05-12 13:22:20.685 EST>:[453]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = PushServlet: POST request from [UNKNOWN @ 10.17.224.154] to [DESTINATION=Moris.T.Mihailidis @bhpbilliton.com&PORT=7874&REQUESTURI=/] : 1 bytes...>
  <2008-05-12 13:22:20.685 EST>:[454]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = submitting push message with id:312ce7cb:119db0ce9da:-7ffe-1036777698>
  <2008-05-12 13:22:20.685 EST>:[455]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = Executing push submit command for pushID:312ce7cb:119db0ce9da:-7ffe-1036777698>
  <2008-05-12 13:22:20.685 EST>:[457]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = Pushing message to: 252597d5>
  <2008-05-12 13:22:20.685 EST>:[458]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = Number of active push connections:1>
  <2008-05-12 13:22:20.685 EST>:[459]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = added server-initiated connection = -2031026174, push id = 312ce7cb:119db0ce9da:-7ffe-1036777698>
  <2008-05-12 13:22:20.685 EST>:[460]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = Available threads in DefaultJobPool = 199 running JobRunner: DefaultJobRunner-196>
  <2008-05-12 13:22:20.685 EST>:[461]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = ReceivedFromServer, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026174, HTTPTRANSMISSION =>
  <2008-05-12 13:22:20.685 EST>:[461]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = ReceivedFromServer, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026174, HTTPTRANSMISSION = [Transmission Line Section]:>
  <2008-05-12 13:22:20.685 EST>:[461]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = ReceivedFromServer, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026174, HTTPTRANSMISSION = POST / HTTP/1.1>
  <2008-05-12 13:22:20.685 EST>:[461]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = ReceivedFromServer, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026174, HTTPTRANSMISSION = [Headers Section]: 15 headers>
  <2008-05-12 13:22:20.685 EST>:[461]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = ReceivedFromServer, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026174, HTTPTRANSMISSION = [Parameters Section]: 3 parameters>
  <2008-05-12 13:22:20.685 EST>:[462]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = SentToDevice, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026174, HTTPTRANSMISSION =>
  <2008-05-12 13:22:20.685 EST>:[462]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = SentToDevice, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026174, HTTPTRANSMISSION = [Transmission Line Section]:>
  <2008-05-12 13:22:20.685 EST>:[462]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = SentToDevice, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026174, HTTPTRANSMISSION = POST / HTTP/1.1>
  <2008-05-12 13:22:20.685 EST>:[462]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = SentToDevice, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026174, HTTPTRANSMISSION = [Headers Section]: 15 headers>
  <2008-05-12 13:22:20.685 EST>:[462]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, HANDLER = HTTP, EVENT = SentToDevice, DEVICEPIN = 252597d5, USERID = u4, CONNECTIONID = -2031026174, HTTPTRANSMISSION = [Parameters Section]: 3 parameters>
  <2008-05-12 13:22:20.685 EST>:[463]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = Finished JobRunner: DefaultJobRunner-196, available threads in DefaultJobPool = 200, time spent = 0ms>
  <2008-05-12 13:22:20.716 EST>:[466]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, EVENT = CreatedSendingQueue, DEVICEPIN = 252597d5, USERID = u4>
  <2008-05-12 13:22:20.716 EST>:[469]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, EVENT = Sending, TAG = 444006411, DEVICEPIN = 252597d5, USERID = u4, VERSION = 16, CONNECTIONID = -2031026174, SEQUENCE = 0, TYPE = NOTIFY-REQUEST, CONNECTIONHANDLER = http, PROTOCOL = TCP, PARAMETERS = [CORMEL-BES03/10.16.60.49:7874], SIZE = 707>
  <2008-05-12 13:22:20.716 EST>:[470]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = Number of active push connections:0>
  <2008-05-12 13:22:20.716 EST>:[471]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = GME, EVENT = Received_from_above, DESTINATION = 252597d5, GMETAG = 444006411, CONTENT = IPPP, CONFIRM = FALSE, SIZE = 754>
  <2008-05-12 13:22:20.716 EST>:[472]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = GME, EVENT = Sent_down, DESTINATION = 252597d5, GMETAG = 444006411, SIZE = 786, SOURCE = , GUID = null>
  <2008-05-12 13:22:20.716 EST>:[473]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SRP, SRPID = S82672876, EVENT = Sending, VERSION = 1, COMMAND = SEND, TAG = 444006411, SIZE = 890>
  <2008-05-12 13:22:22.951 EST>:[474]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SRP, SRPID = S82672876, EVENT = Receiving, VERSION = 1, COMMAND = STATUS, TAG = 444006411, SIZE = 10, STATE = DELIVERED>
  <2008-05-12 13:22:22.951 EST>:[475]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = GME, EVENT = Notification, NOTIFICATION_TYPE = DELIVERED, GMETAG = 444006411, CONTENT = IPPP>
  <2008-05-12 13:22:22.951 EST>:[476]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, EVENT = Notification, TAG = 444006411, STATE = DELIVERED>
  <2008-05-12 13:22:22.966 EST>:[480]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = Device connections: AVG latency (msecs)2250>
  <2008-05-12 13:22:22.966 EST>:[481]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, Removed push connection:-2031026174>
  <2008-05-12 13:22:26.138 EST>:[482]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = Statistics save task started>
  <2008-05-12 13:22:26.138 EST>:[483]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = SCM, EVENT = Statistics save task finished -- number of rows inserted:5>
  <2008-05-12 13:22:27.248 EST>:[484]:<MDS-CS_CORMEL-BES03_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, EVENT = RemovedSendingQueue, DEVICEPIN = 252597d5, USERID = u4>
  The differences I see:
  1)     The push from SAP has 15 headers compared to 13
  2)     The Sending and Receiving SIZE values
  Can you assist me with identifying why these differences are occurring.
  If I can solve these, I believe my Push from SAP will work.

  hi
  You can use UME API and do a force login, but I would recommend to use this only if the user is an authenticated user.
  request.setAttribute(ILoginConstants.LOGON_UID_ALIAS, "userID"); 
  UMFactory.getLogonAuthenticator().logon(request,response,"uidpwdlogon");
  you can also do a force logon using 
  UMFactory.getAuthenticator().forceLoggedInUser(request, response);
  regards
  Jagdeshwar

• How to check computer name in AD without Get-ADComputer?

  Hello,
  I wrote a script to rename computer and checking its new name in AD and use another (add 1) if exists. But I find a way to rewrite this script to avoid using Get-ADComputer, because I do not want to install RSAT and AD Module on each client machine. Please
  give advice. I saw examples (ADO) using VB, but I need to write using PS.
  import-module ActiveDirectory
  $pass = 'Pass'
  $password = ConvertTo-SecureString -String 'Pass' -AsPlainText -Force
  $login = 'contoso\administrator'
  $ComputerName = (Get-WmiObject - Class Win32_ComputerSystem).Name
  $ComputerName = $ComputerName -replace "NT","7"
  $cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $login, $password
  try {
  Get-ADComputer $ComputerName -Credential $cred -ErrorAction Stop
  $ComputerName = $ComputerName + '1'
  $ComputerInfo.Get-WmiObject -Class Win32_ComputerSystem
  $ComputerInfo.rename($ComputerName, $pass,
  $login)
  catch {
  $ComputerInfo.Get-WmiObject -Class Win32_ComputerSystem
  $ComputerInfo.rename($ComputerName, $pass,
  $login)

  Hi Andev,
  What about using ADSI ?
  http://www.lazywinadmin.com/2013/10/powershell-get-domaincomputer-adsi.html
  If you need to specify credential, you can check this link too
  http://www.lazywinadmin.com/2013/10/powershell-using-adsi-with-alternate.html
  Hope this help

• Change user profile when he is alive.

  Hi, guys. I have 5 users(2 not very important+3 very very important). And when hard time comes... i need to limit cpu usage of the first 2 to give others to do their job. At the same time i cant't set low cpu usage by default for these two guys... This will be not efficient.
  How can I change user's cpu usage on the fly? With out forcing them to login again.
  Thanks in advance.

  Hi,
  It is not possible on the fly.
  This is statement from concept guide. Ch:20
  "If you set resource limits, then a slight degradation in performance occurs when users create sessions. This is because Oracle loads all resource limit data for the user when a user connects to a database."
  Which means that all resource limits will not affect the running session, you need to force login once again if you want to change resource parameters.
  Also check parameter RESOURCE_LIMIT is to be set to TRUE.
  Dilipkumar Patel.

• Is this type of set-up possible - private and public network with Airport

  We have an office network with Airport. We have internet with a cable modem with routers plugged to it. The network is not now shared with anyone outside the business.
  But would it be possible to add a public component to our setup that would give others access to the internet but never, never, never allow them to enter/see/ mess with the private side?
  Tim

  Sorry to intrude, I came across this thread while I was looking for some other information and thought that there needed to be a point of clearification to identify some major security vulnerabilities.
  With the current config, Cable Modem->Wan port of Router A->Router B plugged into LAN port on Router A
  1. Traffic from Router A would see all traffic sent from router B out to the internet, if I was able to sniff the traffic on router A then I would see everything that router B was passing to the internet...not good idea if Router A is public, (traffic would not be encrypted since this is a hard line pass to the cable modem).
  2. Router A will always be able to see the interface of router B (have to have it this way to perform the passing of IP traffic from one router to the other.) This means that router B will be open for brute force login attempts and any other vulnerabilities that the router might carry, again since this is being accessed from a publicly accessible network it would be hard to stop from happening in todays world.
  3. Router B subnet - If you NAT all the IP's behind router A on it's on subnet (which would include Router B). Uunless router B truly has two interfaces (internal and external) you would not be able to use different subnets and expect to pass traffic all the way to the cable modem because it would not know how to get there.
  Again, this post is not meant to cause annomosity, it is to help educate.
  I personally think that the safer bet is to get a second hi-speed connection, physical seperation in this case is the best way to go, saves you the worry of getting attacked or snooped on, and keeps your private information safe from the public...unless that is something that you are willing to risk sharing.

• ISA SSO Help

  We are in the process of having our rep force login to the CRM UI and then click a button to launch ISA using SSO versus the current method of them logging into ISA.  The issue is we have some custom code in our application that doesn't appear to work with SSO.  Here is the logic in question.
  BusinessObjectManager bom = (BusinessObjectManager) userSessionData.getBOM(BusinessObjectManager.ISACORE_BOM);
  User user = bom.createUser();
  String ui = user.getUserId().toString()
  We then call a custom method that calls a custom CRM function module using the value of (ui).  My issue is when using SSO the value of (ui) is null where if I login to ISA the value of (ui) is the userid I logged in with.  Can anyone point me in the right direction or have any thoughts of why my logic doesn't work with SSO?
  Can anyone tell me if there are any methods I can use to find out the information in the SSO ticket being passed to ISA?
  Thanks,
  Lee
  Edited by: Mazurek Lee on Nov 10, 2011 9:47 PM

  Hi,
    bom.createUser will give you a new object if you try from portal. Instead you can try the following
  String bpid = bom.createBUPAManager().getDefaultBusinessPartner(PartnerFunctionData.CONTACT).getAddress().getId();
  String ui = bom.createBUPAManager().getUserIdFromBpId(bpid);
  Sateesh Chandra.