Create User Programmatically Bug

Does anyone know the reason Portal occassionally crashes when a
user is created programmatically? My application will email a
new user with a link that calls a PLSQL procedure that uses the
APIs to create a user and assign them to a group. It then
attempts to throw a public portal page for the user to login.
What happens is the user is created correctly, but before
opening the Portal page multiple error messages are displayed on
the browser. To successfully access Portal after this occurs,
all browsers must be closed, and a new then reopened. I saw
this as an open TAR on Metalink, but I was wondering if anyone
knows of a solution to this mess?
Thanks!

Hi Matthew,
I believe this may have something to do with the login cookies
that the Portal sets when the login page is served. If this
cookie is not established at the outset you may encounter some
errors. Not knowing the specific errors makes diagnosing this
somewhat tricky. I hope this helps.
Dave Ziegler
Rosenbluth International

Similar Messages

Logging in and creating user programmatically

Greetings,
I would like to embed Stardust into my Spring-based web application. I created the tables for Stardust in my database and I'm trying to create a new user through the UserService interface in code.
userService.createUser(request.getUsername(), null, null, null, request.getPassword(), null, null, null);
The above code results in an AccessForbiddenException with the following error code: AUTHx00101 - Not logged in.
The UserService interface doesn't have a login method but I looked up the UserServiceBean class and it has it. I logged into the default domain and partition with the default (motu) user with the code below:
Map<String, String> properties = new HashMap<String, String>();
properties.put(SecurityProperties.PARTITION, "default");
properties.put(SecurityProperties.DOMAIN, "default");
((UserServiceBean) userService).login("motu", "motu", properties);
The login method returns a LoggedInUser object for the motu account. Now if after this I call the UserService.createUser(...) method I get the same error code what I described above. I also tried to call the UserService.startSession(...) method after login but that didn't work either.
What is the proper way to do this? Do I really have to authenticate myself in code to perform a user creation operation? Having to cast the interface to a concrete class doesn't seem right to me, the other option would be to cast it to ManagedService I guess but that doesn't feel right either. What am I missing here?

Is using the ServiceFactoryLocator the proper way for Spring-based applications? I generated a standalone Spring-based Stardust application with the tc7-ipp-portal-war Maven archetype and it defines service beans in the carnot-spring-services-context.xml file this way:
<bean id="carnotWorkflowService"
parent="abstractPublicCarnotService"
class="org.eclipse.stardust.engine.api.spring.WorkflowServiceBean" />
<bean id="carnotUserService"
parent="abstractPublicCarnotService"
class="org.eclipse.stardust.engine.api.spring.UserServiceBean" />
<bean id="carnotQueryService"
parent="abstractPublicCarnotService"
class="org.eclipse.stardust.engine.api.spring.QueryServiceBean" />
<bean id="carnotAdministrationService"
parent="abstractPublicCarnotService"
class="org.eclipse.stardust.engine.api.spring.AdministrationServiceBean" />
<bean id="carnotDocumentManagementService"
parent="abstractPublicCarnotService"
class="org.eclipse.stardust.engine.api.spring.DocumentManagementServiceBean" />
<bean id="carnotReportingService" lazy-init="true"
parent="abstractPublicCarnotService"
class="org.eclipse.stardust.reporting.rt.service.spring.ReportingServiceBean" />
<bean abstract="true" id="abstractCarnotService"
class="org.eclipse.stardust.engine.api.spring.AbstractSpringServiceBean">
<property name="carnotProperties" ref="customCarnotProperties" />
<property name="transactionManager" ref="carnotTxManager" />
<property name="dataSource" ref="xaAuditTrailConnectionFactory" />
<property name="jcaResourceProvider" ref="carnotJcaResourceResolver" />
<property name="jmsResourceProvider" ref="carnotJmsResourceResolver" />
</bean>
<bean abstract="true" name="abstractPublicCarnotService"
parent="abstractCarnotService">

</bean>
My problem is that services acquired through the ServiceFactoryLocator won't be part of the ApplicationContext, thus they won't be managed by the Spring IoC-container at all.

Adding users programmatically to WLS 10

I've blogged a little about it [url http://internna.blogspot.com/2007/04/create-users-programmatically-in.html]here. Hope it helps!

Hi ,
Dont add the weblogic.jar file in your application explicitly then check the error you get,and also dont specify the location of the class in your application.
Let me know if you face any errors after the above suggestions.
Regards,
Rohit Jaiswal

How to create User Portal in OID programmatically in JSP

Hi.
I want to create User Portal programmatically in JSP (if posible) or have to use procedure.
I check with package wwsec_api, it just have 'function
add_portal_user', but it say we must have "the user must already exist in OID before this function is called."
So, i checked for 'how to create User in OID'. What i got (in metalink)just methods that 'Create manually Portal Users in to OID' by LDAP or PL/SQL coding (with list of user in flat files).
What i want to do is, How to create User POrtal in OID by JSP? What are the procedure/table/method involved?
Do anybody have any samples?..
Thanks.

I had to write my own because I could not find one anywhere. Here is an addUser() method that seems to work pretty well.
import oracle.ldap.util.jndi.ConnectionUtil;
import javax.naming.directory.*;
import javax.naming.*;
public class LdapUser
public LdapUser(){}
public void addUser(String pUsername, String pPassword, String pFirstName, String pLastName, String pEmail)
try
InitialDirContext ctx = ConnectionUtil.getDefaultDirCtx("host", "port", "orcladmin", "pwd");
BasicAttributes attrs = new BasicAttributes();
BasicAttribute oc = new BasicAttribute("objectclass");
oc.add("top");
oc.add("person");
oc.add("inetOrgPerson");
oc.add("organizationalPerson");
oc.add("orclUser");
oc.add("orclUserV2");
attrs.put(oc);
BasicAttribute gn = new BasicAttribute("givenName", pFirstName);
attrs.put(gn);
BasicAttribute sn = new BasicAttribute("sn", pLastName);
attrs.put(sn);
BasicAttribute cn = new BasicAttribute("mail", pEmail);
attrs.put(cn);
BasicAttribute pwd = new BasicAttribute("userpassword", pPassword);
attrs.put(pwd);
// Etcetera, etcetera...
ctx.createSubcontext("cn="+pUsername+",cn=users,dc=whatever,dc=com", attrs);
ctx.close();
System.out.println("Success!!");
catch (NameAlreadyBoundException nabe)
System.out.println("Username is already in use. Please choose another.");
catch (NamingException ne)
System.out.println("NamingException: " + ne);
catch (Exception e)
System.out.println("User account was not created.");
}

Programmatically creating users

How can I bulk create users in Portal 8.1?
Any sample code would help.
Thanks
Mike

Hi Martin,
Can you pls forward me the sample code? It would be great.
Thanks
S.Suganya
"Martin Porter" <[email protected]> wrote:
>
>
A quick and simple way to do this is to create a pageflow with a JSP
that takes
a file of the usernames and passwords. Add an action from the jsp (button
or whatever).
Drag the Portal EJB User Manager control into the action view. Then read
all your
data from the file and in the loop just call the createUser() method.
We used this to bulk load users to our WLS Embedded LDAP domain and the
Portal
DB and it worked fine....
userManager.createUser(username,password);
Can email you the sample code off line.
Hope it helps
Martin
"Mike Milkani" <[email protected]> wrote:
How can I bulk create users in Portal 8.1?
Any sample code would help.
Thanks
Mike

Assigning roles to users programmatically

Hi,
I want to programmatically create roles, assign roles to users etc.
I saw at this thread
ADF Security Policy Store
the folowing scriptlet by Frank Nimphius
try {
IdentityStore idstore = JpsCommonUtil.getValidIdStore("idstore.xml.provider").getIdmStore();
try {
UserManager userManager = idstore.getUserManager();
RoleManager roleManager = idstore.getRoleManager();
Role adminRole = idstore.searchRole(Role.SCOPE_APPLICATION,"admin");
// create user
//TODO check for empty username and password
User newUser = userManager.createUser(this.username,this.password.toCharArray());
roleManager.grantRole(adminRole,newUser.getPrincipal());
} catch (IMException e) {
// TODO
} catch (JpsException e) {
// TODO
return null;
this is a TP3 scriptlet, is it still working on the 11g production?
I try it and i get a JpsException
oracle.security.jps.JpsException
at oracle.security.jps.internal.common.util.JpsCommonUtil.getValidIdStore(JpsCommonUtil.java:1004)
do I have to replace "idstore.xml.provider" with something else depending on my configuration?
thanks
Tilemahos

Hi Frank thanks for the answer,
I check this functionality at WLS embeded LDAP and I shaw your "How-to configure OID for authentication in WebLogic Server" post.
I manage to add users and assign them roles that i created at my application.
But what if I want to have a super user that can create new roles and assign them member roles?
eg.
Developer created roles (policy store):
accessPage1 ( granted all the necesery principals to access page1 )
accessPage2 ( granted all the necesery principals to access page2 )
Super user created roles
Role1 member roles :accessPage1,accessPage2
If i want my application to have that functionallity i must create roles programmatically wont I?
If there another way?
By the way I followed the advices at the following useful links
Chris Muir: http://one-size-doesnt-fit-all.blogspot.com/2008/12/configuring-wls-with-ms-active.html
Frank Nimphius's How-to configure OID for authentication in WebLogic Server
Edwin Biemond's Using OpenLDAP as security provider in WebLogic
Andrejus Baranovskis: Practical ADF Security Deployment on WebLogic Server
And I manage to add users of the Microsoft LDAP at the WLS
but I could't mekae them group members of my application groups (roles)
is this possible?
Thanks

How to set "Allow external users who accept sharing invitations and sign in as authenticated users" programmatically?

Sharepoint 2013 online/office 365.
I am creating site collection programmatically using sharepoint Auto hosted app.
Now i want to set "Allow external users who accept sharing invitations and sign in as authenticated users" programmatically after site collection creation.
Is it possible through code? If yes please let me know how to do it?
Najitha Sidhik

For SharePoint 2013 Online, check below links:
http://office.microsoft.com/en-us/office365-sharepoint-online-small-business-help/manage-sharing-with-external-users-HA102849862.aspx
http://office.microsoft.com/en-us/office365-sharepoint-online-enterprise-help/manage-external-sharing-for-your-sharepoint-online-environment-HA102849864.aspx
https://www.nothingbutsharepoint.com/sites/eusp/Pages/SharePoint-Online-2013-Sharing-with-External-Users.aspx
http://blogs.office.com/2013/11/21/sharepoint-online-improves-external-sharing/
Please ensure that you mark a question as Answered once you receive a satisfactory response.

Event Handler/Create User Event bug

This is a problem I've run into a few times on my system (Win2k) so I finally went back and reproduced it step by step since it wasn't too hard. It causes LabVIEW to crash and exit without saving.
- Create an Event Handler
- Place 'Register Events', wire output to dynamic event terminal
- Place 'Create User Event', wire output to 'Register Events'/User Event
- Place an Empty String Constant [""], wire to input of 'Create User Event'
- Set empty string property -> Visible Items > Label = True
- Rename label from "Empty String Constant" to other such as "Event"
OR
- Create a cluster constant with something in it
OR
- Place a boolean constant
- Set boolean property -> Visible Items > Label = True
- Name label something su
ch as "Event"
- 'Add Event Case...' to the Event Handler, select Dynamic / : User Event
- Delete the constant wired to 'Create User Event'.
- Place a constant of a different data type and wire it to the input of 'Create User Event'
LabVIEW immediately disappears (all changes are lost) and this error is displayed:
================================
LabVIEW.exe has generated errors and will be closed by
Windows. You wlil need to restart the program.
An error log is being created.
================================
If there is a more appropriate place to post things of this nature that don’t really add to the discussion group, but need to be brought to the attention of NI, please post a URL or submittal method. Thanks...

Thanks for the detailed request. We are aware of this exact issue, and the problem was actually fixed for LabVIEW 7.0 for Mac/Unix. Unfortunately, it did not get fixed for the initial release of LabVIEW 7.0 for Windows, but we have plans to include the fix in the first LabVIEW patch for 7.0.
Also, the Discussion Forum is great for notifications of this kind. For future reference, you also have the options of emailing NI engineers directly, or calling us with suspected bug fixes, if you would like more direct communication.
Thanks again, and have a great day!
Liz Fausak
Applications Engineer
National Instruments
www.ni.com/support

Steps Involved in creating Users thru the API

Hi Mark or anybody from Oracle,
Your solution to build a string for the
XML and then parse it is ok. However I would
like to do it programmatically instead of building strings containing the XML.
What are the steps and exactly what attributes do you need to set for the User
to be created programmatically.
Here is the steps I have and It's giving me
the following exception: IFS-30002 - Unable to create new library object.
The objects needed to create a user are:
1) DirectoryUserDef + set its attributes
2) Folder Definition for User folder then add
to parent folder in this case /home
3) PrimaryProfileUserDefinition + set its attributes DirectoryUser and HomeFolder ?
Can you elaborate on the exact steps to take
and exact attributes to set.
Thanks
null

#1 I would strongly recommend the XML based approach. It's much easier, and if we change the way the user / directory objects are organized in much less likely to require you to alter your code.
Note that in order to create the objects programatically you're going to have to make sure that you have set ACLs and Owners correctly. It really is quite a complex process.
At some later date we 'may' provide a simple Java API for creating users.
In order to understand your error I need to catch the exception and print the stack trace as per the end of my code example for creating a user from an XML string.
Please post the results of the stack trace and someone will attempt to respond to you.

Modify Script to Create User Role on Single Database.

Hi All,
Below is the script to create user role on database. Here problem is when I execute this script, it creates user role for all database within an instance and I want it to create user role only on 2 database say TEST1 and TEST2
Can anyone help me to modify the script?
--===================================================================================
-- Description
-- Database Type: MSSQL
-- This script creates a role called 'gdmmonitor' for ALL databases.
-- It grants some system catalogs to this role to allow Classification and Assessment on the database.
-- It then adds a user called "sqlguard" to all databases and grants this user gdmmonitor role.
-- before runnign this script
-- you MUST CREATE A SQL LOGIN CALLED 'sqlguard'
-- This sqlguard login doesn't need to be added to any database or given
-- any privilege. The script will take care of that.
-- Note:
-- If you wish to use a different login name (instead of 'sqlguard') you need to change
-- the value of the variable '@Guardium_user' in the script below;
-- (Look for the string: "set @Guardium_user = 'sqlguard'" and replace the 'sqlguard')
-- after runnign this script
-- Nothing to do, the script already creates the db user
-- User/Password to use
-- User: sqlguard (or any other name, if changed)
-- Pass: user defined
-- Role: gdmmonitor
--===================================================================================
PRINT '>>>==================================================================>>>'
PRINT '>>> Creating role: "gdmmonitor" at the server level.'
PRINT '>>>==================================================================>>>'
-- Change to the master database
USE master
-- *** If a different login name is desired, define it here. ***
DECLARE @Guardium_user AS varchar(50)
set @Guardium_user = 'sqlguard'
DECLARE @dbName AS varchar(256)
DECLARE @memberName AS varchar(256)
DECLARE @dbVer AS nvarchar(128)
SET @dbVer = CAST(serverproperty('ProductVersion') AS nvarchar)
SET @dbVer = SUBSTRING(@dbVer, 1, CHARINDEX('.', @dbVer) - 1)
IF (@dbVer = '8') SET @dbVer = '2000'
ELSE IF (@dbVer = '9') SET @dbVer = '2005'
ELSE IF (@dbVer = '10') SET @dbVer = '2008'
ELSE IF (@dbVer = '11') SET @dbVer = '2012'
ELSE SET @dbVer = '''Unsupported Version'''
IF (@dbVer != '2000')
BEGIN
-- This privilege is required to peform a specific MSSQL test.
-- Test name: SQL OLEDB disabled (DisallowAdhocAccess registry key)
-- Procedure execute: EXEC master.dbo.sp_MSset_oledb_prop
-- Purpose: To display provider property, not changing anything.
PRINT '==> Granting MSSSQL 2005 and above setupadmin server role'
EXEC master..sp_addsrvrolemember @loginame = @Guardium_user, @rolename = N'setupadmin'
END
SELECT @dbName = DB_NAME()
PRINT '==> Starting MSSql ' + @dbVer + ' role creation on database: ' + @dbName
-- find any members of the role if they exist
CREATE TABLE #rolemember (membername VARCHAR(256) NOT NULL)
INSERT INTO #rolemember
SELECT DISTINCT usr.name FROM dbo.sysusers usr, .dbo.sysmembers mbr
WHERE usr.uid = mbr.memberuid
AND mbr.groupuid = (SELECT uid FROM .dbo.sysusers WHERE name = 'gdmmonitor')
-- Drop the Role Members If they exist
IF EXISTS (SELECT count(*) FROM #rolemember)
BEGIN
PRINT '==> Dropping the gdmmonitor role members on: ' + @dbName
DECLARE DropCursor CURSOR FOR SELECT membername from #rolemember
OPEN DropCursor
FETCH DropCursor INTO @memberName
WHILE @@Fetch_Status = 0
BEGIN
PRINT '==> Dropping member: ''' + @memberName + ''''
exec('EXEC sp_droprolemember ''gdmmonitor'', ''' + @memberName + ''' ;')
FETCH DropCursor INTO @memberName
END
CLOSE DropCursor
DEALLOCATE DropCursor
END
-- drop the role if it exists
IF EXISTS (SELECT 1 FROM .dbo.sysusers WHERE name = 'gdmmonitor')
BEGIN
PRINT '==> Dropping the role gdmmonitor on: ' + @dbName
exec sp_droprole 'gdmmonitor'
END
-- Create the role
PRINT '==> Creating the role gdmmonitor on: ' + @dbName
exec sp_addrole 'gdmmonitor'
-- Grant select privileges to the role for MSSql Common
PRINT '==> Granting common SELECT privileges on: ' + @dbName
GRANT SELECT ON dbo.spt_values TO gdmmonitor
GRANT SELECT ON dbo.sysmembers TO gdmmonitor
GRANT SELECT ON dbo.sysobjects TO gdmmonitor
GRANT SELECT ON dbo.sysprotects TO gdmmonitor
GRANT SELECT ON dbo.sysusers TO gdmmonitor
GRANT SELECT ON dbo.sysconfigures TO gdmmonitor
GRANT SELECT ON dbo.sysdatabases TO gdmmonitor
GRANT SELECT ON dbo.sysfiles TO gdmmonitor
GRANT SELECT ON dbo.syslogins TO gdmmonitor
GRANT SELECT ON dbo.syspermissions TO gdmmonitor
-- Grant execute privileges to the role for MSSql Common
PRINT '==> Granting common EXECUTE privileges on: ' + @dbName
GRANT EXECUTE ON sp_helpdbfixedrole TO gdmmonitor
GRANT EXECUTE ON sp_helprotect TO gdmmonitor
GRANT EXECUTE ON sp_helprolemember TO gdmmonitor
GRANT EXECUTE ON sp_helpsrvrolemember TO gdmmonitor
GRANT EXECUTE ON sp_tables TO gdmmonitor
GRANT EXECUTE ON sp_validatelogins TO gdmmonitor
GRANT EXECUTE ON sp_server_info TO gdmmonitor
-- Check if the version is 2005 or greater
IF (@dbVer != '2000')
BEGIN
-- Grant select privileges to the role for MSSql 2005 and above
PRINT '==> Granting MSSql 2005 and above SELECT privileges on: ' + @dbName
GRANT SELECT ON sys.all_objects TO gdmmonitor
GRANT SELECT ON sys.database_permissions TO gdmmonitor
GRANT SELECT ON sys.database_principals TO gdmmonitor
GRANT SELECT ON sys.sql_logins TO gdmmonitor
GRANT SELECT ON sys.sysfiles TO gdmmonitor
GRANT SELECT ON sys.database_role_members TO gdmmonitor
GRANT SELECT ON sys.server_role_members TO gdmmonitor
GRANT SELECT ON sys.configurations TO gdmmonitor
GRANT SELECT ON sys.master_key_passwords TO gdmmonitor
GRANT SELECT ON sys.server_principals TO gdmmonitor
GRANT SELECT ON sys.server_permissions TO gdmmonitor
GRANT SELECT ON sys.credentials
TO gdmmonitor
--This is called by master.dbo.sp_MSset_oledb_prop.
--By defautl it should have already been granted to public.
GRANT EXECUTE ON sys.xp_instance_regread TO GDMMONITOR
GRANT EXECUTE ON sys.sp_MSset_oledb_prop TO GDMMONITOR
END
-- Re-add the dropped members
IF EXISTS (SELECT 1 FROM #rolemember)
BEGIN
PRINT '==> Re-adding the role members on: ' + @dbName
DECLARE DropCursor CURSOR FOR SELECT membername from #rolemember
OPEN DropCursor
FETCH DropCursor INTO @memberName
WHILE @@Fetch_Status = 0
BEGIN
PRINT '==> Re-adding member: ''' + @memberName + ''''
exec('EXEC sp_addrolemember ''gdmmonitor'', ''' + @memberName + ''' ;')
FETCH DropCursor INTO @memberName
END
CLOSE DropCursor
DEALLOCATE DropCursor
END
-- END of role creation on database
PRINT '==> END of role creation on: ' + @dbName
PRINT ''
-- Change to the msdb database
USE msdb
set @memberName = ''
SELECT @dbName = DB_NAME()
PRINT '==> Starting MSSql ' + @dbVer + ' role creation on database: ' + @dbName
-- find any members of the role if it exists
TRUNCATE TABLE #rolemember
INSERT INTO #rolemember
SELECT DISTINCT usr.name FROM .dbo.sysusers usr, .dbo.sysmembers mbr
WHERE usr.uid = mbr.memberuid
AND groupuid = (SELECT uid FROM .dbo.sysusers WHERE name = 'gdmmonitor')
-- Drop the Role Members If they exist
IF EXISTS (SELECT count(*) FROM #rolemember)
BEGIN
PRINT '==> Dropping the gdmmonitor role members on: ' + @dbName
DECLARE DropCursor CURSOR FOR SELECT membername from #rolemember
OPEN DropCursor
FETCH DropCursor INTO @memberName
WHILE @@Fetch_Status = 0
BEGIN
PRINT '==> Dropping member: ''' + @memberName + ''''
exec('EXEC sp_droprolemember ''gdmmonitor'', ''' + @memberName + ''' ;')
FETCH DropCursor INTO @memberName
END
CLOSE DropCursor
DEALLOCATE DropCursor
END
-- drop the role if it exists
IF EXISTS (SELECT 1 FROM .dbo.sysusers WHERE name = 'gdmmonitor')
BEGIN
PRINT '==> Dropping the gdmmonitor role on: ' + @dbName
exec sp_droprole 'gdmmonitor'
END
-- Create the role
PRINT '==> Creating the gdmmonitor role on: ' + @dbName
exec sp_addrole 'gdmmonitor'
-- Grant select privileges to the role for MSSql Common
PRINT '==> Granting common SELECT privileges on: ' + @dbName
GRANT SELECT ON dbo.sysobjects TO gdmmonitor
GRANT SELECT ON dbo.sysusers TO gdmmonitor
GRANT SELECT ON dbo.sysprotects TO gdmmonitor
GRANT SELECT ON dbo.sysmembers TO gdmmonitor
GRANT SELECT ON dbo.sysfiles TO gdmmonitor
GRANT SELECT ON dbo.syspermissions TO gdmmonitor
GRANT SELECT ON dbo.backupset TO gdmmonitor
-- Check if the version is 2005 or greater
IF (@dbVer != '2000')
BEGIN
-- Grant select privileges to the role for MSSql 2005 and above
PRINT '==> Granting MSSql 2005 and above SELECT privileges on: ' + @dbName
GRANT SELECT ON sys.all_objects TO gdmmonitor
GRANT SELECT ON sys.database_permissions TO gdmmonitor
GRANT SELECT ON sys.database_principals TO gdmmonitor
GRANT SELECT ON sys.sysfiles TO gdmmonitor
-- Grant execute privileges to the role for MSSql 2005 or above
PRINT '==> Granting MSSql 2005 and above EXECUTE privileges on: ' + @dbName
GRANT EXECUTE ON msdb.dbo.sp_enum_login_for_proxy TO gdmmonitor
GRANT SELECT ON sys.database_role_members TO gdmmonitor
END
IF (@dbVer > '2000' and @dbVer < '2012')
--This sp is not available in SQL 2012
BEGIN
GRANT EXECUTE ON sp_get_dtspackage TO gdmmonitor
END
-- Re-add the dropped members
IF EXISTS (SELECT count(*) FROM #rolemember)
BEGIN
PRINT '==> Re-adding the gdmmonitor role members on: ' + @dbName
DECLARE DropCursor CURSOR FOR SELECT membername from #rolemember
OPEN DropCursor
FETCH DropCursor INTO @memberName
WHILE @@Fetch_Status = 0
BEGIN
PRINT '==> Re-adding member: ''' + @memberName + ''''
exec('EXEC sp_addrolemember ''gdmmonitor'', ''' + @memberName + ''' ;')
FETCH DropCursor INTO @memberName
END
CLOSE DropCursor
DEALLOCATE DropCursor
END
-- drop the temporary table
DROP TABLE #rolemember
-- END of role creation on database
PRINT '==> END of gdmmonitor role creation on: ' + @dbName
-- Role creation complete
PRINT '<<<==================================================================<<<'
PRINT '<<< END of creating role: "gdmmonitor" at the server level.'
PRINT '<<<==================================================================<<<'
PRINT ''
PRINT '>>>==================================================================>>>'
PRINT '>>> Starting application database role creation'
PRINT '>>>==================================================================>>>'
use master
DECLARE @databaseName AS varchar(80)
DECLARE @executeString AS varchar(7950)
DECLARE @dbcounter as int
set @dbcounter = 0
DECLARE DatabaseCursor CURSOR FOR SELECT name from sysdatabases where name not in ('master', 'msdb')
and not (status & 1024 > 1)
--read only
and not (status & 4096 > 1)
--single user
and not (status & 512 > 1)
--offline
and not (status & 32 > 1)
--loading
and not (status & 64 > 1)
--pre recovery
and not (status & 128 > 1)
--recovering
and not (status & 256 > 1)
--not recovered
and not (status & 32768 > 1)
--emergency mode
OPEN DatabaseCursor
FETCH DatabaseCursor INTO @databaseName
WHILE @@Fetch_Status = 0
BEGIN
set @dbcounter = @dbcounter + 1
set @databaseName = '"' + @databaseName + '"'
set @executeString = ''
set @executeString = 'use ' + @databaseName + ' ' +
'PRINT ''>>>==================================================================>>>'' ' +
'PRINT ''>>> Starting MSSql ' + @dbVer + ' role creation on database: ' + @databaseName + ''' ' +
'PRINT ''>>>==================================================================>>>'' ' +
'/* Variable @memberNameDBname must be declare within the string or else it will fail */ ' +
'DECLARE @memberName' + cast(@dbcounter as varchar(5)) + ' as varchar(50) ' +
'/*find any members of the role if it exists*/ ' +
'CREATE TABLE #rolemember (membername VARCHAR(256) NOT NULL) ' +
'INSERT INTO #rolemember ' +
'SELECT DISTINCT usr.name FROM dbo.sysusers usr, dbo.sysmembers mbr ' +
'WHERE usr.uid = mbr.memberuid ' +
'AND groupuid = (SELECT uid FROM dbo.sysusers WHERE name = ''gdmmonitor'') ' +
'/*Drop the Role Members If they exist*/ ' +
'IF EXISTS (SELECT * FROM #rolemember) ' +
'BEGIN ' +
'PRINT ''==> Dropping the role members on: ' + @databaseName + ''' ' +
'DECLARE DropCursor CURSOR FOR SELECT membername from #rolemember ' +
'OPEN DropCursor ' +
'FETCH DropCursor INTO @memberName' + cast(@dbcounter as varchar(5)) + ' ' +
'WHILE @@Fetch_Status = 0 ' +
'BEGIN ' +
'PRINT ''==> Dropping member: '' + @memberName' + cast(@dbcounter as varchar(5)) + ' ' +
'exec(''EXEC sp_droprolemember ''''gdmmonitor'''', '''''' + @memberName' + cast(@dbcounter as varchar(5)) + ' + '''''';'') ' +
'FETCH DropCursor INTO @memberName' + cast(@dbcounter as varchar(5)) + ' ' +
'END ' +
'CLOSE DropCursor ' +
'DEALLOCATE DropCursor ' +
'END ' +
'/*drop the role if it exists*/ ' +
'IF EXISTS (SELECT 1 FROM .dbo.sysusers WHERE name = ''gdmmonitor'') ' +
'BEGIN ' +
'PRINT ''==> Dropping the gdmmonitor role on: ' + @databaseName + ''' ' +
'exec sp_droprole ''gdmmonitor'' ' +
'END ' +
'/* Create the role */ ' +
'PRINT ''==> Creating the gdmmonitor role on: ' + @databaseName + ''' ' +
'exec sp_addrole ''gdmmonitor'' ' +
'/* Grant select privileges to the role for MSSql Common */ ' +
'PRINT ''==> Granting common SELECT privileges on: ' + @databaseName + ''' ' +
'GRANT SELECT ON dbo.sysmembers TO gdmmonitor ' +
'GRANT SELECT ON dbo.sysobjects TO gdmmonitor ' +
'GRANT SELECT ON dbo.sysprotects TO gdmmonitor ' +
'GRANT SELECT ON dbo.sysusers TO gdmmonitor ' +
'GRANT SELECT ON dbo.sysfiles TO gdmmonitor ' +
'GRANT SELECT ON dbo.syspermissions TO gdmmonitor ' +
'/* Check if the version is 2005 or greater */ ' +
'IF (' + @dbVer + ' != ''2000'') ' +
'BEGIN ' +
'/* Grant select privileges to the role for MSSql 2005 and above */ ' +
'PRINT ''==> Granting MSSql 2005 and above SELECT privileges on: ' + @databaseName + ''' ' +
'GRANT SELECT ON sys.database_permissions TO gdmmonitor ' +
'GRANT SELECT ON sys.all_objects TO gdmmonitor ' +
'GRANT SELECT ON sys.database_principals TO gdmmonitor ' +
'GRANT SELECT ON sys.sysfiles TO gdmmonitor ' +
'GRANT SELECT ON sys.database_role_members TO gdmmonitor ' +
'END ' +
'/* Re-add the dropped members */ ' +
'IF EXISTS (SELECT 1 FROM #rolemember) ' +
'BEGIN ' +
'PRINT ''==> Re-adding the gdmmonitor role members on: ' + @databaseName + ''' ' +
'DECLARE DropCursor CURSOR FOR SELECT membername from #rolemember ' +
'OPEN DropCursor ' +
'FETCH DropCursor INTO @memberName' + cast(@dbcounter as varchar(5)) + ' ' +
'WHILE @@Fetch_Status = 0 ' +
'BEGIN ' +
'PRINT ''==> Re-adding member: '' + @memberName' + cast(@dbcounter as varchar(5)) + ' ' +
'exec(''EXEC sp_addrolemember ''''gdmmonitor'''', '''''' + @memberName' + cast(@dbcounter as varchar(5)) + ' + '''''';'') ' +
'FETCH DropCursor INTO @memberName' + cast(@dbcounter as varchar(5)) + ' ' +
'END ' +
'CLOSE DropCursor ' +
'DEALLOCATE DropCursor ' +
'END ' +
'/* drop the temporary table */ ' +
'DROP TABLE #rolemember ' +
'PRINT ''<<<==================================================================<<<'' ' +
'PRINT ''<<< END of role creation on: ' + @databaseName + ''' ' +
'PRINT ''<<<==================================================================<<<'' ' +
'PRINT '' ''' +
'PRINT '' '''
execute (@executeString)
FETCH DatabaseCursor INTO @databaseName
END
CLOSE DatabaseCursor
DEALLOCATE DatabaseCursor
-- Adding user to all the databases
-- and grant gdmmonitor role, only if login exists.
PRINT '>>>==================================================================>>>'
PRINT '>>> Add and Grant gdmmonitor role to: ''' + @Guardium_user + ''''
PRINT '>>> on all databases.'
PRINT '>>>==================================================================>>>'
USE master
/* Check if @Guardium_user is a login exist, if not do nothing.*/
IF NOT EXISTS (select * from syslogins where name = @Guardium_user)
BEGIN
PRINT ''
PRINT '************************************************************************'
PRINT '*** ERROR: Could not find the login: ''' + @Guardium_user + ''''
PRINT '*** Please add the login and re-run this script.'
PRINT '************************************************************************'
PRINT ''
END
ELSE
BEGIN
DECLARE @counter AS smallint
set @counter = 0
-- This loop runs 4 time just to make sure that the @Guardium_user gets added to all db.
-- 99% of the time, this is totally unnecessary. But in some rare case on SQL 2005
-- the loop skips some databases when it tried to add the @Guardium_user.
-- After two to three executions, the user is added in all the dbs.
-- Might be a SQL Server bug.
WHILE @counter <= 3
BEGIN
set @counter = @counter + 1
set @databaseName = ''
set @executeString = ''
DECLARE DatabaseCursor CURSOR FOR SELECT name from sysdatabases
where not (status & 1024 > 1)
--read only
and not (status & 4096 > 1)
--single user
and not (status & 512 > 1)
--offline
and not (status & 32 > 1)
--loading
and not (status & 64 > 1)
--pre recovery
and not (status & 128 > 1)
--recovering
and not (status & 256 > 1)
--not recovered
and not (status & 32768 > 1)
--emergency mode
OPEN DatabaseCursor
FETCH DatabaseCursor INTO @databaseName
WHILE @@Fetch_Status = 0
BEGIN
set @databaseName = '"' + @databaseName + '"'
set @executeString = ''
set @executeString = 'use ' + @databaseName + ' ' +
'/*Check if the login already has access to this database */ ' +
'IF EXISTS (select * from sysusers where name = ''' + @Guardium_user + ''' and islogin = 1) ' +
'BEGIN ' +
'/*Check if login already have gdmmonitor role*/ ' +
'IF NOT EXISTS (SELECT usr.name FROM dbo.sysusers usr, dbo.sysmembers mbr WHERE usr.uid = mbr.memberuid ' +
'AND mbr.groupuid = (SELECT uid FROM dbo.sysusers WHERE name = ''gdmmonitor'') ' +
'AND usr.name = ''' + @Guardium_user + ''') ' +
'BEGIN ' +
'PRINT ''==> Granting gdmmonitor role to ' + @Guardium_user + ' on database ' + @databaseName + ''' ' +
'execute sp_addrolemember ''gdmmonitor''' + ', [' + @Guardium_user + '] ' +
'PRINT '' ''' +
'END ' +
'END ' +
'IF NOT EXISTS (select * from sysusers where name = ''' + @Guardium_user + ''' and islogin = 1) ' +
'BEGIN ' +
'PRINT ''==> Adding user [' + @Guardium_user + '] to database: ' + @databaseName + ''' ' +
'execute sp_adduser [' + @Guardium_user + '] ' +
'PRINT ''==> Granting gdmmonitor role to ' + @Guardium_user + ' on database ' + @databaseName + ''' ' +
'execute sp_addrolemember ''gdmmonitor''' + ', [' + @Guardium_user + '] ' +
'PRINT '' ''' +
'END '
execute (@executeString)
FETCH DatabaseCursor INTO @databaseName
END
CLOSE DatabaseCursor
DEALLOCATE DatabaseCursor
END -- end while
-- Required for Version 2005 or greater.
IF (@dbVer != '2000')
BEGIN
-- Grant system privileges to the @guardium_user. This is a requirement for >= SQL 2005
-- or else some system catalogs will filter our result from assessment test.
-- This will show up in sys.server_permissions view.
PRINT '==> Granting catalog privileges to: ''' + @Guardium_user + ''''
execute ('grant VIEW ANY DATABASE to [' + @Guardium_user + ']' )
execute ('grant VIEW ANY DEFINITION to [' + @Guardium_user + ']' )
END
PRINT '<<<==================================================================<<<'
PRINT '<<< Finished Adding and Granting gdmmonitor role to: ''' + @Guardium_user + ''''
PRINT '<<< on all databases.'
PRINT '<<<==================================================================<<<'
PRINT ''
END
GO

Thanks a lot Sir... it worked.
Can you also help me in troubleshooting below issue?
This script is working fine on all databases except one MS SQL 2005 database. build of this database is 9.00.3042.00
SA account with highest privileges is been used for script execution. errors received are as follow:
>>>==================================================================>>>
>>> Creating role: "gdmmonitor" at the server level.
>>>==================================================================>>>
==> Granting MSSSQL 2005 and above setupadmin server role
==> Starting MSSql 2005 role creation on database: master
(0 row(s) affected)
==> Dropping the gdmmonitor role members on: master
==> Creating the role gdmmonitor on: master
Msg 15002, Level 16, State 1, Procedure sp_addrole, Line 16
The procedure 'sys.sp_addrole' cannot be executed within a transaction.
==> Granting common SELECT privileges on: master
Msg 15151, Level 16, State 1, Line 117
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 118
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 119
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 120
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 121
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 122
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 123
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 124
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 125
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 126
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
==> Granting common EXECUTE privileges on: master
Msg 15151, Level 16, State 1, Line 130
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 131
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 132
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 133
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 134
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 135
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 136
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.

How to assign the role for created user thru dynpro App

Hi All
How to assign the role for currently created user from Webdynpro App.
when i enter into the portal after creating the user
i am getting the following messgae in the portal
"No portal roles are assigned for this user.If this problem persists, contact your system administrator."
how to assign the user defined role for the created user from dynpro App
Regards
Dhina Kar J
Edited by: Dhinakaran Jeyachandran on Feb 1, 2008 12:19 PM
Edited by: Dhinakaran Jeyachandran on Feb 1, 2008 12:35 PM

In the User Administration section of your portal find your newly created user and below select "Assigned Roles" tab then press <Modify> button and look through available roles on portal then just simply add and save. But if you want to do it programmatically see below:
IUserAcountFactory userFactory = UMFactory.getUserAccountFactory();
// IUser - read only but with IUserAccount is possible to set up user data
IUserAccountSearchFilter userFilter = userFactory.getUserAccountSearchFilter();
userFilter.setLogonUid("superuser", ISearchAttribute.LIKE_OPERATOR, false);
ISearchResult sr = userFactory.search(userFilter);
for (final Iterator i = new PrincipalIterator(sr); i.hasNext();) {
IUserAccount user = (IUserAccount) i.next();
Execute the same search for IRole (or IGroup if needed) get the unique id of them and use newRole(...) and addUserToRole(...) methods from IRoleFactory.
Of course you don't need search for this principals if you know uniqueness of them. Use appropriate factories to get'em all by this unique id.
All the features see in [javadocs|http://help.sap.com/javadocs/NW04S/current/se/index.html]

Do we need to create users in expdp

Hello Guys
I need to do expdp impdp to migrate a database to another server with same OS and oracle version.
Do i need to create users.If not will they take the same passwords automatically.
also please tell which way i can run my expdp and impdp faster.i just know that to use parallel clause in both expdp impdp.
Also BUFFER parameter i think do some faster work if set to a high value.
So please tell on what basis i should set its value
oracle 10g
os--aix

Hi,
As long as the user running the export/import has the correct rights then the user will be created automatically (which is a big improvement over old exp/imp).
The main way to speed up expdp/impdp is to use parallel as high as possible and have a very large PGA when you import as most of the time is spent building indexes.
IN your case i would use a network link between the two databases to avoid creating a file which should also make things faster (and simpler).
There is no buffer parameter in expdp/impdp like there was in old style export/import.
I would make sure you are on 10.2.0.5 if possible to make sure you have all bug fixes for datapump as there are various issues that can slow it down.
Cheers,
Harry

Can i create pdx programmatically in c# ?

Can i create pdx programmatically in c# ? If yes, then is it must to use adobe sdk for it ?

I did this using an unpublished API - it took some experimentation but worked great at the end. I used a page template in release 2 of Portal. the idea was that when a user added a project we would programatically create a page for that project. In that manner their portal would end up with several hundred pages, one for each project, that were created and look similar as they added project information for their company. Here is an example from the code using Oracle's API, wwpob_api_page.create_page - if you open up the specification for this package in a pl/sql browser such as TOAD you will see some comments that help explain how to use it:
p_page_id := WWPOB_API_PAGE.create_page
(p_id => null
,p_parent_id => 1
,p_type_id => WWPOB_API_PAGE.PAGETYPE_PORTLETS
,p_type_siteid => 0
,p_type_value => 1
,p_name => p_page_url_info
,p_title => v_page_title
,p_category_id => null
,p_site_id => p_page_group_id
,p_plsql_executemode => null
,p_username => v_user_name
,p_description => v_page_description
,p_image => null
,p_titleimage => null
,p_rolloverimage => null
,p_styleid => v_style_id
,p_style_siteid => 0
,p_exposure => WWPOB_API_PAGE.DONTEXPOSE_AS_PORTLET
,p_ispublic => WWPOB_API_PAGE.PAGE_PRIVATE
,p_inheritpriv => WWPOB_API_PAGE.OWN_PRIV
,p_isready => 1
,p_cachemode => WWPOB_API_PAGE.CACHE_MODE_PING
,p_cacheexpires => null
,p_template_id => p_template_id
,p_template_siteid => p_page_group_id
,p_allow_style => WWPOB_API_PAGE.NO_PAGE_STYLE
,p_allow_acl => WWPOB_API_PAGE.ALLOW_PAGE_ACL
,p_istemplate => WWPOB_API_PAGE.PAGE_TEMPLATE_NO
,p_dav_id => null
,p_init_jspfile => null
,p_displaybanner => WWPOB_API_PAGE.SHOW_BANNER
,p_region_type => WWPOB_API_REGION.region_type_portlet
,p_create_region => true
,p_navpage_id => null
,p_navpage_siteid => null
,p_uitemplate => null
,p_template_ispublic => WWPOB_API_PAGE.PAGE_TEMPLATE_PRIVATE
,p_use_def_template => false
,p_copy_from_template => true
Good luck - Art

Strong concerns about creating users programatically vs. through Portal GUI

Hi,
I am working with a Portal install right now where we have created some portal users through the Portal GUI, and some users using PORTAL30_SSO.WWSSO_API_USER_ADMIN.CREATE_USER procedure.
The strong concerns come when I select the USER_NAME from WWSEC_PERSON$ connected as PORTAL30, and I only get the users created through the portal GUI.
However, if I connect as PORTAL30_SSO I get all the users created programatically, as well as the users created through the GUI.
Is there a reasonable explanation for this?
Thanks.
null

Daniel,
I was in the same quandry. But, you will notice a record automatically created in portal30's wwsec_person$ table, when the user logs in the first time. It is almost as if the Login server checks for the existence of the record. No one in Portal Dev. confirmed this, but it seems like the most logical explanation. Try it. Create a user programmatically, you should see the new user in SSO, but not in portal30. Login as the new user and then see the diff.
hth
Sanjay

Error during creating user with OracleMembershipProvider (ODAC 11.1.0.5)

Hi. Perhaps there is a bug in DB part of OracleMembershipProvider (ODAC 11.1.0.5.10 beta): PL/SQL function ORA_ASPNET_MEM_CREATEUSER always raises exception ORA-01858, so Create User functionality doesnt work in any scenario.

Hi.
After some investigations I found this error appears when enviroment variable NLS_LANG is set to national language/codepage. In my case, NLS_LANG=RUSSIAN_CIS.CL8MSWIN1251.
With this settings any try to create user raises ORA-01858 exception.
If the NLS_LANG enviroment variable is deleted, all work fine.
Here is example code of user creation:
<%@ Page Language="C#" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
protected void ButtonCreateUser_Click(object sender, EventArgs e)
Membership.CreateUser(TextBoxUserName.Text, "!qwertyuiop");
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:TextBox ID="TextBoxUserName" runat="server"></asp:TextBox>
<asp:Button ID="ButtonCreateUser" runat="server" OnClick="ButtonCreateUser_Click"
Text="Button" UseSubmitBehavior="False" /></div>
</form>
</body>
</html>

Create User Programmatically Bug

Similar Messages

Maybe you are looking for