Creating OAAM users and groups in external LDAP i.e. OID
Hi Experts,
I am looking for the procedure to create OAAM users and groups in external LDAP i.e. OID.
I am using 11gR2.
Any pointers would be appreciated.
Regards,
Subin
Check this link http://docs.oracle.com/cd/E27559_01/dev.1112/e27206/lcm.htm#autoId3
Similar Messages
-
How to create windows users and groups from Java
Hi,
Can any one please tell me, which Package/API will helps to create windows users and groups from Java.
Thanks,
M.Prem.You can't do it with pure Java, and it's not in the core API. You'd have to write a native function to do it, using whatever API Windows provides, and then call it with JNI. Or look for a third party native-based Java library that already does that.
-
Create worklist user and group's in 11G...
How to create worklist user's and group's in standart 11G instalation...
Thanks...hI Raj,
It is very easy to create users,groups,roles in soa suite 11g manually .Just login to the weblogic console and you find a security realms tab click on that then next a page will open with my realms then click on it you will find a users and groups tab on top click on that then lock and edit the session and from there you can create users groups and also assign roles.You can also use external ldap if you want,Please let me know if this clarifies your doubt -
User and group handling in LDAP Realm
Hi,
I'm currently using an LDAP Realm for storing users and groups, which I need to be able to add, amend and remove at runtime.
I understand that in earlier versions of Weblogic, the methods to do the add/remove/modify were not implemented but I was told that this may change in WL6. If so, is there any documentation or examples about these methods ? If not, would I need to extend ManageableRealm to create a custom realm ?
Any help much appreciated.
DaveHi Dave:
In our project, we use security realm (LDAP realm) for Users and Groups authentication. We turned the CacheRealm on to optimize performance. To add and amend Users and Groups, we use a stateless EJB to talk to LDAP server. This kind of partition works fine for us to separate the user authentication
logic and user management logic.
Fun
Dave Horner wrote:
Hi,
I'm currently using an LDAP Realm for storing users and groups, which I need to be able to add, amend and remove at runtime.
I understand that in earlier versions of Weblogic, the methods to do the add/remove/modify were not implemented but I was told that this may change in WL6. If so, is there any documentation or examples about these methods ? If not, would I need to extend ManageableRealm to create a custom realm ?
Any help much appreciated.
Dave -
How to create portal user and integrate with external appl login
How to create portal user and integrate the user with external application for single sign-on ?
I want to access my external application thru portal user ..?
ShyamHi Jithin,
The link that you've shared talks about a different scenario.
In my case, I want to pass the portal user id when the user clicks on the Help Link present in the header area.
I am trying to pass it along with the Help Link Url property of a masthead iview but it is not getting passed to the target Url.
I would like to know if it is possible to pass the Portal User Id in this way or not.
Though if we create a appintegrator iview and pass the user id <User.UserID> along with the target Url, it reaches there.
Thanks & Regards,
Anurag -
Subject area security validating users and groups from external table
Hi all.
I don't have practice to put question here, but there is one problem, that seems don't work correctly in OBIEE.
I'm trying to put users in groups within external table and this works fine.
I put security on the subject area level like this:
SA1 -> GroupA allow, Everyone not allow
SA2 -> GroupB allow, Everyone not allow
External table:
User----------Group
A---------GroupA;GroupB
B---------GroupB
Users A, B and GroupA, GroupB exists in the RPD, but I didn't put users inside them, I want this from table.
From the init block, external table I'm taking users and join them in the group. Same name users and groups are also in the presentation service.
When i connect with user A i don't see any subject area, when go to My Account i see in Group Membership/GroupA and GroupB, so it's readed from the external table.
Why in this case the subject area permission is not working?
It works if I explicitly put users in groups, in the RPD.
I have read this blog entry http://kpipartners.blogspot.com/2009/07/groups-webgroups-and-delivers.html and it is said that this works, but I'm interested how.
What should we have in the presentation part, administration, Manage Privileges -> Access within Oracle BI Answers option for those two subject area?
This doesn't work or something is missing:
Re: Security on Subject Areas
Regards
Goran
http://108obiee.blogspot.comWhat should we have in the presentation part, administration, Manage Privileges -> Access within Oracle BI Answers option for those two subject area?Yes, you should remove Everyone and add the relevant groups to each Subject Area. You don't need to set privileges in the RPD, in fact that's probably why it doesn't work for you. Leave your RPD Presentation Catalog as "Everyone" = Read as you will controlling access from the Presentation Services and it should work.
-
Creating new user and group in BPEL PM.
Hi,
Please tell me how to cerate new user and groups in BPEL PM.
I understand that BPEL PM uses jazn files to keep user information . I would like to know the steps to create new users and gourps in BPEL PM.
ThanksPlease refer this link http://download.oracle.com/docs/cd/E12483_01/integrate.1013/b28982/security.htm#CDDBJCHD and also you can create users/roles through EM (Enterprise Manager). Here even you can able to specify their roles.
regards
Rajesh A -
Retrieving user and group information from LDAP using j_securrity_check
Hi
I am using j_security_check to authenticate users against LDAP. I have made all necessary configuration for the server to perform LDAP group search as well as mentioned in the WAS documentation of LDAP settings. Now, how can I retrieve the user and the user group info after the j_secuirty_check. Apart from the UserPrincipal object which I can get from the request which just has the user name, is there any other object which will give me the user and user group info by which I need to connect to LDAP using my java code to retrieve these informations?
Regards
DeepakHi
I am using j_security_check to authenticate users
against LDAP. I have made all necessary configuration
for the server to perform LDAP group search as well
as mentioned in the WAS documentation of LDAP
settings. Now, how can I retrieve the user and the
user group info after the j_secuirty_check.
Apart
from the UserPrincipal object which I can get from
the request which just has the user name, is there
any other object which will give me the user and user
group info by which I need to connect to LDAP using
my java code to retrieve these informations?Hmm, you don't need the user group info to connect to the LDAP server, right? You would need the user's Id (which you have) and password (which you don't). You could use the LDAP credentials and bind as that to look up the user info via the user id. Or if the server is set up to allow anonymous bind you could do it without credentials. But if all you want is group info then you should be able to call Security.getCurrentSubject().getPrincipals() to get the user principal as well as all groups (this is true in BEA WebLogic at least).
Good Luck
Lee -
How to create new user and group on version 10/09 ?
Hello,
I have used previous versions of Solaris 10 installed 1 or 2 years ago, and now, I just installed Solaris 10 x86, version 10/09. I notice that the desktop is different now, where I see "Desktop System for Solaris".
I remember in the past, when logged in as root, I could easily create groups and users.
With the Oct 2009 Solaris x86 version, I looked around, but didn't know how it's done on this version.
Is there a tool to easily do this on the 10/09 version?
Also, will all C programs and UNIX shell scripts on previous Solaris 10 versions (1 or 2 years ago) run
fine on this new Solaris 10, 10/09 version without problems? Thanks.The GUI to create users is 'smc', which should work in 10/09. The CLI to create users is 'usermod'.
Yes, shell scripts created under earlier version of Solaris should work.
.7/M. -
Hi,
<p>
I have configured an LDAP Authenticator for an external LDAP directory in the security realm of the samples portal. User Management is working, but when I try to access the Group Management for the LDAP Authenticator I get the following error:
</p>
<i>com.bea.p13n.usermgmt.hierarchy.TreeNotBuiltException: State: UNINITIALIZED. Tree is uninitialized. Add provider GAAD to list of providers to build. Tree is uninitialized. Add provider GAAD to list of providers to build.
</i>
<p>
It seems that this needs to be setup. How do I do this?
</p>
<p>
Some general notes on LDAP:
</p><p>
I think that in a production environment it is of great value to manage users and groups in a LDAP directory. For instance we have a company directory which contains all users. It seems that users from LDAP can not been added to groups which are in the DB. LDAP also has the advantage of supporting dynamic groups.
As in previous weblogic releases the LDAP authenticator is read only. It would be great if the write functionality could be added as well. Actually managing LDAP users and groups in one place would be a tremendous improvement for us.
</p><p>
Another thing on my wishlist are examples for delegated administration and visitor entitlements. For the sample portal these are empty. But I think it would be nice to have some out of the box examples that show what is possible and help developers and business analysts to understand the concepts and create their own roles.
</p><p>
It would be interesting to read what Bea and other developer think about this.
</p><p>
Kind regards,
<p>
Kai
</p>Marcus,
Yes, I am using 9.2 TP.
We are already using LDAP for user management with 8.1.
Now, I try to configure 9.2 as well. I am running 9.2 installations on different machines. When I click on Service Administration in the Admin Portal, I get the following error message for each installation:
java.lang.NullPointerException at com.bea.jsptools.serviceadmin.ads.ToolAdServiceBean.cloneFromAdServiceBean(ToolAdServiceBean.java:190) at com.bea.jsptools.serviceadmin.ServiceAdminTreeBuilder.buildAdContentProviderNodes(ServiceAdminTreeBuilder.java:769) at com.bea.jsptools.serviceadmin.ServiceAdminTreeBuilder.buildAdServiceBranch(ServiceAdminTreeBuilder.java:746) at com.bea.jsptools.serviceadmin.ServiceAdminTreeBuilder.createTreeElement(ServiceAdminTreeBuilder.java:184) at com.bea.jsptools.patterns.tree.TreeService$DefaultTreeServiceImpl.buildWholeTree(TreeService.java:234) at com.bea.jsptools.patterns.tree.TreeService$DefaultTreeServiceImpl.buildWholeTree(TreeService.java:235) at com.bea.jsptools.patterns.tree.TreeService$DefaultTreeServiceImpl.buildTree(TreeService.java:122) at util.tree.TreeController.constructTree(TreeController.java:142) at util.tree.TreeController.buildTree(TreeController.java:422) at jrockit.reflect.VirtualNativeMethodInvoker.invoke(Ljava.lang.Object;[Ljava.lang.Object;)Ljava.lang.Object;(Unknown Source) at java.lang.reflect.Method.invoke(Ljava.lang.Object;[Ljava.lang.Object;I)Ljava.lang.Object;(Unknown Source) at org.apache.beehive.netui.pageflow.FlowController.invokeActionMethod(FlowController.java:852) at org.apache.beehive.netui.pageflow.FlowController.getActionMethodForward(FlowController.java:782) at org.apache.beehive.netui.pageflow.FlowController.internalExecute(FlowController.java:456) at org.apache.beehive.netui.pageflow.PageFlowController.internalExecute(PageFlowController.java:285) at org.apache.beehive.netui.pageflow.FlowController.execute(FlowController.java:336) at org.apache.beehive.netui.pageflow.internal.FlowControllerAction.execute(FlowControllerAction.java:48) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:419) at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.access$201(PageFlowRequestProcessor.java:97) at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor$ActionRunner.execute(PageFlowRequestProcessor.java:1984) at org.apache.beehive.netui.pageflow.interceptor.action.internal.ActionInterceptors.wrapAction(ActionInterceptors.java:90) at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processActionPerform(PageFlowRequestProcessor.java:2055) at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224) at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processInternal(PageFlowRequestProcessor.java:535) at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.process(PageFlowRequestProcessor.java:821) at org.apache.beehive.netui.pageflow.AutoRegisterActionServlet.process(AutoRegisterActionServlet.java:625) at org.apache.beehive.netui.pageflow.PageFlowActionServlet.process(PageFlowActionServlet.java:156) at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414) at org.apache.beehive.netui.pageflow.PageFlowUtils.strutsLookup(PageFlowUtils.java:1178)
java.lang.NullPointerException
java.lang.NullPointerException
at com.bea.jsptools.serviceadmin.ads.ToolAdServiceBean.cloneFromAdServiceBean(ToolAdServiceBean.java:190)
at com.bea.jsptools.serviceadmin.ServiceAdminTreeBuilder.buildAdContentProviderNodes(ServiceAdminTreeBuilder.java:769)
at com.bea.jsptools.serviceadmin.ServiceAdminTreeBuilder.buildAdServiceBranch(ServiceAdminTreeBuilder.java:746)
at com.bea.jsptools.serviceadmin.ServiceAdminTreeBuilder.createTreeElement(ServiceAdminTreeBuilder.java:184)
at com.bea.jsptools.patterns.tree.TreeService$DefaultTreeServiceImpl.buildWholeTree(TreeService.java:234)
at com.bea.jsptools.patterns.tree.TreeService$DefaultTreeServiceImpl.buildWholeTree(TreeService.java:235)
at com.bea.jsptools.patterns.tree.TreeService$DefaultTreeServiceImpl.buildTree(TreeService.java:122)
at util.tree.TreeController.constructTree(TreeController.java:142)
at util.tree.TreeController.buildTree(TreeController.java:422)
at jrockit.reflect.VirtualNativeMethodInvoker.invoke(Ljava.lang.Object;[Ljava.lang.Object;)Ljava.lang.Object;(Unknown Source)
at java.lang.reflect.Method.invoke(Ljava.lang.Object;[Ljava.lang.Object;I)Ljava.lang.Object;(Unknown Source)
at org.apache.beehive.netui.pageflow.FlowController.invokeActionMethod(FlowController.java:852)
at org.apache.beehive.netui.pageflow.FlowController.getActionMethodForward(FlowController.java:782)
at org.apache.beehive.netui.pageflow.FlowController.internalExecute(FlowController.java:456)
at org.apache.beehive.netui.pageflow.PageFlowController.internalExecute(PageFlowController.java:285)
at org.apache.beehive.netui.pageflow.FlowController.execute(FlowController.java:336)
at org.apache.beehive.netui.pageflow.internal.FlowControllerAction.execute(FlowControllerAction.java:48)
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:419)
at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.access$201(PageFlowRequestProcessor.java:97)
at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor$ActionRunner.execute(PageFlowRequestProcessor.java:1984)
at org.apache.beehive.netui.pageflow.interceptor.action.internal.ActionInterceptors.wrapAction(ActionInterceptors.java:90)
at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processActionPerform(PageFlowRequestProcessor.java:2055)
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224)
at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processInternal(PageFlowRequestProcessor.java:535)
at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.process(PageFlowRequestProcessor.java:821)
at org.apache.beehive.netui.pageflow.AutoRegisterActionServlet.process(AutoRegisterActionServlet.java:625)
at org.apache.beehive.netui.pageflow.PageFlowActionServlet.process(PageFlowActionServlet.java:156)
at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414)
at org.apache.beehive.netui.pageflow.PageFlowUtils.strutsLookup(PageFlowUtils.java:1178) -
Admin Console not displaying new Users and Groups from LDAP
We created a new Realm in WebLogic, which specifies the location of the Netscape
LDAP server. Our Weblogic application, called TGSLC, is able to find the ldap
server to use for authentication. My problem is this- the Admin Console is not
displaying the new users and groups from the LDAP server. Shouldn't the WebLogic
Admin Console display any users and groups specified in the ldap server, which
is referenced in the customized Realm?Hi Andy,
I am not sure why you are unable to see the users and groups through the
console., you should be able to. Can you post the config.xml?
thanks,
-satya
Andy Levy <[email protected]> wrote in message
news:3b700c36$[email protected]..
>
We're running WLS 6.0 Sp2 on Windows 2000 Professional.
"Satya Ghattu" <[email protected]> wrote:
Andy,
Could you please tell us what Version of Weblogic you are running?
thanks,
-satya
Andy Levy <[email protected]> wrote in message
news:[email protected]..
We created a new Realm in WebLogic, which specifies the location ofthe
Netscape
LDAP server. Our Weblogic application, called TGSLC, is able to findthe
ldap
server to use for authentication. My problem is this- the Admin
Console
is not
displaying the new users and groups from the LDAP server. Shouldn'tthe
WebLogic
Admin Console display any users and groups specified in the ldap
server,
which
is referenced in the customized Realm? -
How to create a new user and group on command line?
Hi,
I am trying to install INN, the news server on OS X.4.8 (non-server), but it requires me to create a user and group, both called 'news'.
I know this has something to do with using Netinfo to create them, but I am logged in remotely via ssh and I can't use Netinfo Manager.
How do I create new users and groups via the command line.
Thanks for any help.
PowerMac G5 2x2.7GHz Mac OS X (10.4.8)I've put some shell scripts that do this here,
and descriptions
add_user
addgroup -
I want to create a user and group for an Squid installation, I have no problem creating the User, but I don't know how to create the group. Can anyone help me?
The most appropriate way to do this depends on the specifics. I assume you created the user in the Accounts pane of System Preferences. If so, you will automatically have created a group of the same name if you're using Tiger. Whether this is a good way to do it depends on whether the user needs to be a "normal user" who can log in to the machine etc. If not, it is better to create the user and group using another method (command line in Terminal or using NetInfo Manager, for example).
- cfr -
What is the best practice to create IDM user and target accts via recon
usecase:
LDAP<--->idm---->AD.
User exists in LDAP. IDM and AD are empty. Need to create IDM user and AD acct from LDAP data.
I can recon against LDAP and create the IDM user. But I cannot create AD acct in the same recon process. What is the best practice to do the above.i think you have to have a "Per-account Workflow" set which creates the user in AD.
-
Example of creating a valid LDAP user and group in the Portal tree
I need to create (via bulk LDIP or API) fresh users AND groups into OID that can be used by Portal. In theory it sounds easy - just create an appropriate LDIF file.
What is the best way to achieve this?
I don't the know the structure that should be used in the LDIF file that would create the correct structure held for all the Portal users and groups in OID.
I've looked through the OID admin and dev guides but am still confused as to what exactly I have to do. It seems that Portal accounts are synchronised by a method called Provisioning.
All I want to do is bulk upload Portal compatible users into the repository.
Can somebody please assist.
Cheers,
JohnI have below changes in files
1] In jps-config.xml
-- Added identity store and selected it from drop down in Security Context tab.
2] In weblogic-application.xml
In Security tab --> Role assignment mapped valid-users to principle name.
<security>
<realm-name>myrealm</realm-name>
<security-role-assignment>
<role-name>valid-users</role-name>
<principal-name>DERDev</principal-name>
</security-role-assignment>
</security>
3] Same thing done in weblogic.xml . I do not know the difference between weblogic-application.xml and weblogic.xml configuartion and which will work.
4] Added security role "DERDev" along with the default/automatically added role "valid users"
<security-role>
<role-name>DERDev</role-name>
</security-role>
Still no luck ...... i am missing again ? I referred many links but found not a single document mentioning all steps
Mukesh
Maybe you are looking for
-
Log file on desktop is always there.
This log file is always on my desktop and I can't seem to get rid of it: ScriptingListenerJS.log Any suggestions?
-
How do i add Chinese to my software?
I did a system clean a while back. It removed some languages and chinese was one of them. How do i re-install that language without an install disk?
-
Hi, I did look thorugh the posts, but I can't seem to see anything similar (usuall I guess). I closed the lid on my laptop this morning (had a DVD in the drive and some photoshop files open. When I got to work, I opened the lid and it decided to not
-
Problem when converting to pdf - Oracle Reports 6i
Hi all, Im using Oracle reports 6i and Oracle Database 10g Release 10.2.0.5.0 - 64bit Production. In My database NLS_LANGUAGE is GREEK & NLS_CHARACTERSET is EL8MSWIN1253. So i have greek language texts in the database.. When run the report, in the pr
-
Do you have examples of CSV Format XML that can handle relationshiptypes?
Hi, I have created a Windows Computer extended class that, for the sake of the example, has an additional property ServerNameRow , and a relationship (selected via Single Instance Picker control) BusinessUnitCustomersListPickerClass_Relationship. (Th