Configuring portal to authenticate to MS ADS read only

Similar Messages

• LDAP (ADS Read-only) as UME Datasource

  Hi Gurus!
  We have configured MS Active Directory (Read only) as our UME Datasource.  When I look in the logs in NWA (Last 24 hours) I get the following error:
  application [webdynpro/dispatcher] Cannot send an HTTP error response [500 Application error occurred during request processing. (details: java.lang.NullPointerException: null)].
  The error is: com.sap.engine.services.servlets_jsp.server.exceptions.WebIOException: An attempt to write after the stream had been closed.
  Exception id: [0003BA7EDA0D002000000003000067A800044F969D23BA8F]
  My theory:
    1. May be the Portals is trying to write to AD and giving this error.  Since the AD is read only it is giving this error.
    2. The log time is the same as my login time; so it may be trying to log my last logged time (last successfull login) onto my user record and failing.
  Does my theory hold water? Can you gurus suggest other theories or resolutions?
  Thanks upfront!
    Pratik

  Hi,
  That's my question and I answered it. It is a different issue.
  Thanks,
    Pratik

• Error when configuring Portal Server 7.1 Update 1 on Solaris 10 x86 VM

  I have installed Portal Server 7.1 with most of the default options/settings but I was unable to get the server up. Going through /var/opt/SUNWportal/logs/config/portal.fabric.0.0.log, I found some SEVERE entries:
  [#|2008-03-04T18:10:21.184-0500|SEVERE|SJS Portal Server|debug.com.sun.portal.fabric.util|ThreadID=10; ClassName=com.sun.portal.fabric.util.ExecuteUtil; Meth
  odName=exec; |PSFB_CSPFU0003: Argument List=/usr/lib/cacao/bin/cacaoadm
  java.io.IOException: Not enough space
  at java.lang.UNIXProcess.forkAndExec(Native Method)
  at java.lang.UNIXProcess.<init>(UNIXProcess.java:53)
  at java.lang.ProcessImpl.start(ProcessImpl.java:65)
  at java.lang.ProcessBuilder.start(ProcessBuilder.java:451)
  at java.lang.Runtime.exec(Runtime.java:591)
  at java.lang.Runtime.exec(Runtime.java:507)
  at com.sun.portal.fabric.util.ExecuteUtil.exec(Unknown Source)
  at com.sun.portal.fabric.util.ExecuteUtil.exec(Unknown Source)
  at com.sun.portal.fabric.tasks.Cacao.execCommand(Unknown Source)
  at com.sun.portal.fabric.tasks.Cacao.execCacaoCommand(Unknown Source)
  at com.sun.portal.fabric.config.PortalConfigurator.configureHost(Unknown Source)
  at com.sun.portal.fabric.config.ConfigurePortal.main(Unknown Source)
  |#]
  [#|2008-03-04T18:10:21.186-0500|INFO|SJS Portal Server|debug.com.sun.portal.fabric.tasks|ThreadID=10; ClassName=com.sun.portal.fabric.tasks.Cacao; MethodName
  =execCommand; |PSFB_CSPFT0342:</usr/lib/cacao/bin/cacaoadm status> Returned <null>|#]
  [#|2008-03-04T18:10:21.196-0500|SEVERE|SJS Portal Server|debug.com.sun.portal.fabric.config|ThreadID=10; ClassName=com.sun.portal.fabric.config.PortalConfigu
  rator; MethodName=configureHost; |PSFB_CSPFC0024:Failed to configure the Host
  java.lang.NullPointerException
  at com.sun.portal.fabric.config.PortalConfigurator.configureHost(Unknown Source)
  at com.sun.portal.fabric.config.ConfigurePortal.main(Unknown Source)
  |#]
  [#|2008-03-04T18:10:21.205-0500|SEVERE|SJS Portal Server|debug.com.sun.portal.fabric.config|ThreadID=10; ClassName=com.sun.portal.fabric.config.ConfigurePort
  al; MethodName=main; |PSFB_CSPFC0014:Failed configuring Portal Server!!
  com.sun.portal.fabric.tasks.ConfigurationException: java.lang.NullPointerException
  at com.sun.portal.fabric.config.PortalConfigurator.configureHost(Unknown Source)
  at com.sun.portal.fabric.config.ConfigurePortal.main(Unknown Source)
  Caused by: java.lang.NullPointerException
  ... 2 more
  |#]
  Can anyone tell me where to go from here? Thanks!

  Thanks for the reply!
  I have added more memory and swap. I took example1.xml, filled in the parameters and ran psconfig on it. The following is the output I got:
  Logs redirected to /var/opt/SUNWportal/logs/config/portal.fabric.0.0.log
  Successfully created PSConfig.properties file
  Exception in thread "main" java.lang.NoClassDefFoundError: com/iplanet/sso/SSOToken
  at com.sun.portal.fabric.config.ConfigurePortal.main(Unknown Source)
  Looking at /var/opt/SUNWportal/logs/config/portal.fabric.0.0.log, there isn't any recent entry. What's next?

• Error Configuring Portal Server 7.2 on a Fedora 8

  Hi, i'm new on portal server and i have this problem while i'm configuring after installation.
  This is the trace:
  [#|2008-06-11T10:45:49.947-0500|INFO|SJS Portal Server|debug.com.sun.portal.fabric.config|ThreadID=10; ClassName=com.sun.port
  al.fabric.config.ConfigurePortal; MethodName=main; |PSFB_CSPFC0048:Validating the Input Config XML File|#]
  [#|2008-06-11T10:45:50.029-0500|INFO|SJS Portal Server|debug.com.sun.portal.fabric.config|ThreadID=10; ClassName=com.sun.port
  al.fabric.config.ValidatePortalInputData; MethodName=validateComponentsToConfigure; |/opt/sun/portal/lib|#]
  [#|2008-06-11T10:45:50.046-0500|INFO|SJS Portal Server|debug.com.sun.portal.fabric.config|ThreadID=10; ClassName=com.sun.port
  al.fabric.config.ValidatePortalInputData; MethodName=validateComponentsToConfigure; |PSFB_CSPFC0241:Components to configure l
  ist [portalserver, gateway, netletproxy, rewriterproxy] is valid.|#]
  [#|2008-06-11T10:45:50.049-0500|GRAVE|SJS Portal Server|debug.com.sun.portal.fabric.config|ThreadID=10; ClassName=com.sun.por
  tal.fabric.config.ConfigurePortal; MethodName=main; |PSFB_CSPFC0014:Failed configuring Portal Server!!
  java.lang.NumberFormatException: null
  at java.lang.Integer.parseInt(Integer.java:415)
  at java.lang.Integer.parseInt(Integer.java:497)
  at com.sun.portal.fabric.config.ValidatePortalInputData.<init>(ValidatePortalInputData.java:228)
  at com.sun.portal.fabric.config.ConfigurePortal.main(ConfigurePortal.java:166)
  |#]
  thanks!!

  I've installed a Fedora 8 for i386, i attempting to install it with 1gb of physical RAM and 2gb of swap (that's not enough, at least for install??).
  I've too installed a glassfish-v2ur2 included into the package openesb, the access manager that i've installed is the version that is included into this glassfish. This trace is the output for the message:
  Validating XML File
  Configuration failed: null
  can anyone can give a sample configuration file, with the data filled??

• How to configure portal server with the Backend Oracle database

  Hi Portal Experts,
  we are planning to install Netweaver 04s sp stack 9 full java edition with Oracle 8i on windows platform.
  we have the installation docs of portal but we didn't have any idea about how to configure Portal server with the Backend Oracle database at the time of installation or after ost installation of portal.can anyone provide the documentation about this or guide me how to achieve this.
  PLZ share ur views---your help would be highly appreciable.
  Regds
  Phani.

  HI
  if you r working in Sap enterprise portal use for connection url
  jdbc:sap:sqlserver://ilsql01.tlv.sap.corp:1433;DatabaseName=Northwind
  ilsql01.tlv.sap.corp:1433 this is your portal url with port number
  Northwind is your database name.
  for dirver you need to give
  com.sap.portals.jdbc.sqlserver.SQLServerDriver
  in case if you r working on other than sap say windows along with oracle try to use
  Connection URL as jdbc:oracle:<drivertype>:@<database>
  Driver name as oracle.jdbc.driver.OracleDriver
  ex jdbc:oracle:thick:@localhost:3036:mydb
  Oracle implements two types of JDBC drivers:
  Thick JDBC drivers built on top of the C-based Net8 client, as well as a Thin (Pure Java) JDBC driver to support downloadable applets. Oracle JDBC drivers are used to create JDBC applications to communicate with Oracle databases.
  Oracle extensions to JDBC include the following features:
  Data access and manipulation
  LOB access and manipulation
  Oracle object type mapping
  Object reference access and manipulation
  Array access and manipulation
  Application performance enhancement
  *************if the information is helpful to you please reward points************

• When users authenticate to read-only replica [ Identity synchronization]

  Hello,
  I have 2 sites: F and L. each site has a AD and LDAP. AD are replicated. LDAP are also replicated. Each one is the slave of the other. Idsync is installed on each site too.
  All users servers are located in F. so when a user authenticates for the 1st time or after password change, he will challenge LDAP in F and this one is read-only (slave). The user will get invalid password
  Whereas if I do for example ldapsearch + authentication on LDAP in L (this can't be done for users), the windows password gets updated in LDAP in L then LDAP in F (since F is a slave).
  do you a solution for that?
  thx

  hi,
  the replication is working between master and consumer:
  If I change an attribute in ldap A for a user in site A, the attribute is replicated to ldap in site B.
  If I change an attribute in ldap B for a user in site B, the attribute is replicated to ldap in site A.
  If I change an attribute in ldap A for a user in site B, I get an error that this is a read-only replica. OK.
  If I change an attribute in ldap B for a user in site A, I get an error that this is a read-only replica. OK.
  The password is getting updated in the consumer following a password change on the master.
  Where is the problem then? When a user in site A wants to change his password, his password is updated only in AD. ldap in site A (and IdSync) will not be aware of this change since the user in site A will login to servers (ldap clients) in site B and those servers are configured with ldap in site B. the ldap in site B is a slave for the subtree of users in site A. It stores then the password that is in ldap site A i.e. an invalid password.
  I imagine a solution where servers (ldap clients) are configured with both ldap servers so that if a user from site A logins, the ldap client challenges the ldap server in site A. is this feasible?
  any other solution?
  thank you,

• How to configure Mailbox Read-Only access for Mailbox's owner on Exchange Server 2010?

  I have to configure the Exchange Server 2010's mailbox to only grant Read-Only Access on the mailbox's owners.  So they can only allowed to read their messages and cannot modify or remove them.  Are there any references or methods to do?

  Hi,alexchy8
  We can make use of 2 PowerShell commands to achieve this goal.
  Add-MailboxPermission and Add-MailboxFolderPermission.
  Execute the Add-MailboxPermission command to delegate the read permission at mailbox level.
  Execute the Add-MailboxFolderPermission command to delegate the required permissions on specific folders inside the mailbox.
  You can read the following article as reference:
  http://www.exchangedictionary.com/articles/assign-read-only-mailbox-permission-on-exchange-2010-2013-powershell
  Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety,
  or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
  Best Regards.

• Message (on one account) when logging in: The user account running the Configuration Manager console has insufficient permissions to read information from the Configuration Manager site database.

  After installing the reportservice/database i cannot use the Configuration Manager Console 2012 anymore with my own AD account. (The accounts of my colleagues are stil working)
  When i login i get the following message:
  The user account running the Configuration Manager console has insufficient permissions to read information from the Configuration Manager site database. The account must belong to a security role in Configuration Manager. The account must also have
  the Windows Server Distributed Component Object Model (DCOM) Remote Activation permission for the computer running the Configuration Manager site server and the SMS Provider.
  I checked the following:
  I am a administrative user in SCCM (Full Administrator)
  I am a member of the administrator group on the server
  Deleted HKEY_CURRENT_USER\Software\Microsoft\ConfigMgr10
  I tried to start it on multiple workstations and deleted my roaming profile
  Any more suggestions?

  Hi,
  Maybe you could have a look on the below blog.
  http://blog.nimbo.com/how-to-disable-user-account-control-in-windows-server-2012/
  (Note: Microsoft provides third-party contact information to help you find technical support. This contact information
  may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.)
  Best Regards,
  Joyce Li
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• I'm new to Apple's Mail program (I've used AOL for years). How do I configure Mail so once an email is read it automatically disappears from the list of emails? Conversely, how do I mark "keep as new" an email I've read but I want to remain on the screen?

  I'm new to Apple’s Mail program (I’ve used AOL for years). Howdo I configure Mail so once an email is read it automatically disappears fromthe list of emails? Conversely, how do I mark "keep as new" an email I'veread but I want to remain on the screen?

  Right click on the email  in the left hand pane.  Select Mark as Unread to return it to an unread state.  Click Delete to move it to the trash or file it in a folder if you have any configured.  You may need to click the show button on the upper left hand side of the window to see your folders.  The + sign at the bottom of that pane allows you to add a new folder.

• Failed configuring Portal Server. can't run cacaoadm.bat

  Hi,
  I am trying to install Sun Java ES5 (2006Q4) on window XP. The configuration for portal server was failed. When I checked the logs, it complains cacao default instance was disabled and couldn't started. I went to the the directory and tried to manually run cacaoadm command. It returns:
  C:\Sun\JavaES5\share\cacao_2\bin>cacaoadm.bat enable
  This action cannot be performed by a non privileged user.
  I logged on to the windows as a user who is in the administrators group. Any other components installations were fine. I really have no idea how to solve this problem as there is no user account as administrator. Can someone please help?
  The portal config error from the log are as following:
  [#|2007-06-26T15:22:14.821+1000|INFO|SJS Portal Server|debug.com.sun.portal.fabric.config|ThreadID=10; ClassName=com.sun.portal.fabric.config.PortalConfigurator; MethodName=configureHost; |PSFB_CSPFC0021:Waiting for Cacao Server to Startup|#]
  [#|2007-06-26T15:22:15.696+1000|FINEST|SJS Portal Server|debug.com.sun.portal.fabric.util|ThreadID=37; ClassName=com.sun.portal.fabric.util.StreamLogger; MethodName=run; |PSFB_CSPFU0004: C:/Sun/JavaES5/share/cacao_2/bin/cacaoadm(Output)=default instance is DISABLED at system startup.|#]
  [#|2007-06-26T15:22:15.712+1000|FINEST|SJS Portal Server|debug.com.sun.portal.fabric.util|ThreadID=37; ClassName=com.sun.portal.fabric.util.StreamLogger; MethodName=run; |PSFB_CSPFU0004: C:/Sun/JavaES5/share/cacao_2/bin/cacaoadm(Output)=default instance is not running.|#]
  [#|2007-06-26T15:22:15.790+1000|INFO|SJS Portal Server|debug.com.sun.portal.fabric.tasks|ThreadID=10; ClassName=com.sun.portal.fabric.tasks.Cacao; MethodName=execCommand; |PSFB_CSPFT0342:<C:/Sun/JavaES5/share/cacao_2/bin/cacaoadm status> Returned <default instance is DISABLED at system startup.
  default instance is not running.
  |#][#|2007-06-26T15:23:45.790+1000|SEVERE|SJS Portal Server|debug.com.sun.portal.fabric.config|ThreadID=10; ClassName=com.sun.portal.fabric.config.PortalConfigurator; MethodName=configureHost; |PSFB_CSPFC0020:Cacao Server startup failed|#]
  [#|2007-06-26T15:23:45.790+1000|SEVERE|SJS Portal Server|debug.com.sun.portal.fabric.config|ThreadID=10; ClassName=com.sun.portal.fabric.config.PortalConfigurator; MethodName=configureHost; |PSFB_CSPFC0024:Failed to configure the Host
  com.sun.portal.fabric.tasks.ConfigurationException
       at com.sun.portal.fabric.config.PortalConfigurator.configureHost(PortalConfigurator.java:635)
       at com.sun.portal.fabric.config.ConfigurePortal.main(ConfigurePortal.java:166)
  |#]
  [#|2007-06-26T15:23:45.790+1000|SEVERE|SJS Portal Server|debug.com.sun.portal.fabric.config|ThreadID=10; ClassName=com.sun.portal.fabric.config.ConfigurePortal; MethodName=main; |PSFB_CSPFC0014:Failed configuring Portal Server!!
  com.sun.portal.fabric.tasks.ConfigurationException: com.sun.portal.fabric.tasks.ConfigurationException
       at com.sun.portal.fabric.config.PortalConfigurator.configureHost(PortalConfigurator.java:749)
       at com.sun.portal.fabric.config.ConfigurePortal.main(ConfigurePortal.java:166)
  Thank you very much
  Regards,
  Tara

  Hi Deepak,
  Thanks for the post.
  Use cacaoadm restar gives me the same error.
  I found out that is a limitation for the windows version I am using. Basically, the account for installation and configuration has to be an local administrator not in network.
  Cheers,
  Tara

• Configure Read-Only Routing Azure DBs

  Is it possible to configure Read-Only Routing for the SQL Azure Databases in Active-Geo Replication in similar way what can be achieved in Always-On Availability Groups

  Hi,
  The Active Geo-Replication feature provides:
  Readable online secondary databases: An application can access an online secondary database for read-only operations using the same security principals used for accessing the primary database. Continuous copy operations on the online secondary database take
  precedence over application access. Also, if the queries on the online secondary database cause prolonged table locking, transactions could eventually fail on the primary database.
  Please note : Active Geo-Replication is only supported for databases in the Premium service tier.
  Reference :
  https://msdn.microsoft.com/en-us/library/azure/dn741339.aspx#Concepts
  Regards,
  Mekh.

• How to configure ACS to authenticate Modem with radius

  Hi,
  How do I configure ACS to authenticate and authorize modem users with radius. My problem is with authorization(authentication is ok in the debug). Do I need to configure specific Av pairs (006 and 007 in IETF)

  Hi Dominic,
  Are we have Microsoft radius server or ACS?
  Yes, these attributes should be configured.
  006-service-type: login
  007-framed-protocol: PPP
  HTH
  JK

• How to configure read only user on IAP?

  Requirement:
  In environments, such as enterprises and campus universities, there are instances where few administrators only monitor the IAP clustered networks. For such users, a read only user can be configured on IAP.
  Solution:
  In IAP software, a provision is given is to configure a read only user in the system settings, under "Admin" tab.
  Configuration:
  Follow the below steps to configure radius authentication in IAP:
  Login to IAP web interface
  Select "System" from the main menu and then click on "Admin" tab
  Under View Only settings, enter the username and password.
  Verification
  Logout of the IAP web interface and try logging in using the username and password created for read only user.
  This read only user will no longer be able to see configuration options. Below screenshot shows the difference of menu options between an administrator and read-only user:

  HG,
  Please check this link.
  http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00808d9138.shtml
  We need to set up command authorization.
  Regards,
  ~JG
  Do rate helpful posts.

• CWMS v.2 - how to configure CWMS to authenticate user with CUCM

  Hi,
  I have a CUCM with no LDAP or AD integration. I already configured the directory integration with CUCM and it synchronized the user accounts to CWMS. When trying to login with end user account, password configured in CUCM doesn't work. What is the process to configure CWMS to authenticate with CUCM user database? Thanks.
  -Alan

  Hi Alan,
  CUCM and LDAP integration is a prerequisite for using Directory Integration on CWMS.
  http://www.cisco.com/c/en/us/td/docs/collaboration/CWMS/1_5/Administration_Guide/Administration_Guide_chapter_01011.html#task_DB0D271D6EB1459EB4DA269461E93B36
  Before You Begin
   You must configure AXL and LDAP directory service on CUCM before you can use the directory integration feature. CUCM is required to import users into your Cisco WebEx Meetings Server system. Use CUCM to do the following:
   Enable Cisco AXL Web Service
   Enable Cisco directory synchronization
   Configure LDAP integration
   Configure LDAP authentication
  -Dejan

• XCM(Extended Configuration Management) Read Only Access for Webshop

  Hi,
  We dont hav e XCM admin access in our project.We need to have just the view(read only) access.This will help us immensly during any troubleshooting. Plus we will save a lot of time while troubleshooting if the view access is avaialable to us. In case of any issues in the XCM setting, we can easily pin point the issue and ask the ERP team to change it. In absence of it we can only speculate what could have gone wrong on the XCM side. Is there any role in XCM so that we can get just read only access.
  Regards

  Hi,
  The below note will help you.
  Note 1014383 - Read only user in the XCM and Administration area of ISA
  Regards,
  Shanto Aloor