Custom object classes and access rights
Hi,
I have added a few object classes to the NDS schema; objects
belonging to one of them should be able to authenticate against the
directory and retrieve some attributes. I managed the login part having
the class inherit from ndsLoginAttributes, but if I login as the object
itself, I can't retrieve any attributes. I can browse the entry (it's a
container), but all I get are DNs and objectclass attributes. Is there a
way to grant the object the right to retrieve its own attributes, or
some of them, through the Java LDAP interface?
Thanks,
Juan
jheguia
jheguia's Profile: http://forums.novell.com/member.php?userid=84575
View this thread: http://forums.novell.com/showthread.php?t=415769
Hello,
I found a solution which is *almost* the right one. Basically I
deleted the class and created it again with a default ACL:
X-NDS_ACL_TEMPLATES ( '2# subtree#[Self]#[All Attributes Rights]' )
This allows the object to do as it pleases with its own attributes. I'd
prefer it to be only able to read them, but I haven't found a syntax for
ACLs. Is there anything I can read to see how to fine tune the access
rights templates?
Thanks,
Juan
jheguia
jheguia's Profile: http://forums.novell.com/member.php?userid=84575
View this thread: http://forums.novell.com/showthread.php?t=415769
Similar Messages
-
How can i add an custom attribute and assign it to an existing custom object class in sun ds
I need to add an attribute to sun ds schema and assign it to an existing custom object class.
I know how to add an attribute but how can i add the attribute to an existing custom object class.
Please help.
ThanksThe objectclasses attribute is multi-valued, so you can add several values to it as long as they are unique.
For instance, I think you can add several declaration of the same objectclass as below (note the difference is the number of spaces in the value) howewer, from a schema perspective, only 1 will be taken into account:
objectclasses: ( 2.5.6.6 NAME 'person' DESC 'Standard LDAP objectclass' SUP top MUST ( sn $ cn ) MAY ( description $ seeAlso $ telephoneNumber $ userPassword $ CustomAttr) X-ORIGIN 'RFC 2256' )
objectclasses: ( 2.5.6.6 NAME 'person' DESC 'Standard LDAP objectclass' SUP top MUST ( sn $ cn ) MAY ( description $ seeAlso $ telephoneNumber $ userPassword $ CustomAttr) X-ORIGIN 'RFC 2256 ' )
That's the reason why it is safe to delete previous value if you want to update an existing objectclass. No problem to add a new objectclass (new oid and new name) to the schema.
-Sylvain -
11g - LDAP Sync - Select Custom Object class based on user type
Hi Gurus,
We have Ldap Sync set up between OIM 11g and ODSEE, we have some custom object class in ODSEE when the user are getting created in OIM it is getting created in ODSEE and it has all object class , every thing is working fine.
Now we have to select the object class based on user type of OIM, while pushing the user to ODSEE through LDAP sync.
we checked the LDAPUser.xml we doesnt have any option to choose custom object class based on user type.
Guys needs suggestion how to go forward on this requirement.Do you have OVD between OIM and ODSEE? If yes, then this can be handled at OVD. By modifying the LDAP Adapter and setting up search for users with custom objectclass instead of inetorgperson.
Flow would be as follows:
OIM --> LDAPRequest to Create User with inetorgperson to OVD --> OVD --> change request's objectclass to custom objectclass --> Create user in OID with custom objectclass
~Yagnesh -
AciSource object-class and dpsaci attribute
Dear all,
I am trying to create a proxy server that is connected to a JDBC data view.
All went well according to the documentation until I reached the point of creating ACI to control access to the data view.
According to the documentation, I have to extend the schema to use aciSource object-class and the dpsaci attribute.
However, there are no documentation on how to get the correct values of them.
I would be grateful for any type of help.
Thanks.Got it in dps/etc/config_schema.ldif file
The values are
attributeTypes: ( "" NAME ( 'dpsaci' ) DESC '' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'DPS' )
attributeTypes: ( "" NAME ( 'aciSource' ) DESC '' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'DPS' )
objectClasses: ( "" NAME 'aciSource' DESC 'Access Control Instructions container' MUST ( cn ) MAY ( dpsaci ) X-ORIGIN 'DPS')
I hope this could help someone in the future. -
Object Class and Object Id for material Determination tables.
I want to know what is the Object Class and Object Id for material Determination records to verify tables CDHDR and CDPOS.
The purpose is to know the changes done by the different users for material determination records.
Can any one help.Hi ZZZSUNNY,
Similar question is answered recently.Please find the below link which will helps you
Material determination: how to see the creater of a record?
Thanks
Dasaradha -
Want to make a report on Custom Object 4 and 3...what am i doing wrong?
My Custom Object 4 has a field which refers to an item of type Custom Object 3. I want to write a report that shows What Custom Object 3 each Custom Object 4 is related to.
So i went to the report builder, clicked the "Advanced Custom Objects" reporting, and made a really simple report that has:
Custom Object 4: Name | Custom Object 3: Name
When i preview it, it says "No Results". But that's not true. All my Custom Object 4 objects refer to a Custom Object 3 object. What's going on here? Can custom objects 4-15 not interact with 1,2, and 3 in reports?
Thanks!
-Kevin GreenHi, Yes, it is weird but that is how it is. May be fixed in next release. To hide the column, choose column properties -> column format tab -> Click the field "Hide this column"
-- Venky CRMIT -
Loading XML using a custom class and accessing it from other classes?
I began with a class for a movie clip rollover function
FigureRollOver. It works marvellously. Three things happen:
1) it loads XML from a file "mod1_fig1.xml" and uses another
class, XMLMember, to retool the scoping of the XML so that I can
get at it
2) an onload call inside of XMLMember calls the myOnLoad
function and transfers the XML into an array.
3) so long as the array is finished building, rolling over a
movie clip attaches a new movie clip with the rollover text in it.
But I don't want all those functions in one because I need it
to be more dynamic, starting with being able to load any old xml
file instead of just "mod1_fig1.xml", plus it seems like
overbuilding to have all of that in one class, so I've separated
out the loading of the XML and building of the array into its own
class, FigureXMLLoader. FigureRollOver is then left to just attach
the rollover with text in it, extracted from the array built by the
new class.
Problem is, though the array builds inside FigureXMLLoader, I
can't figure out how to make it available outside the class. I know
that I'm constructing things in the wrong order, and that the array
needs to be somehow built inside the class function to be
available, but I can't figure out how to do that. A cruddy
work-around is to put a function call at the end of the building of
the array, which calls yet ANOTHER function on the main timeline of
my .swf to put the array I've just built into a new variable. This
works, but it's messy. It seems like I should be able to have one
line of script in the .swf that generates an array on the main
timeline (or just a public array) which I can then access from my
FigureRollOver class:
var myRollOvers:Array = new FigureXMLLoader("mod1_fig1.xml");
Here is FigureXMLLoader (see comments in the code for more
details) which obviously does not return an array as it is, because
of all the working around I've had to do. Note the "testing"
variable, which can be traced from the main timeline of the .swf,
but I will get "not what I want" because of course the array hasn't
been built yet, and never will be, inside of the declaration as it
is. How do I get it in there so I can return an array?
Thanks!Suggest you ask this question in the Actionscript forum as
this forum is
more tuned to database integration questions.
You can create arrays outside a class and pass them into it
by reference and
visa versa build arrays inside a class and pass out via
reference.
The preferred approach is to place the array in a class and
not expose it.
Then add methods to use the array or should we say to use the
class.
Lon Hosford
www.lonhosford.com
Flash, Actionscript and Flash Media Server examples:
http://flashexamples.hosfordusa.com
May many happy bits flow your way!
"maija_g" <[email protected]> wrote in
message
news:ed4i43$9v0$[email protected]..
> Update: I've now put this on the main timeline of the
.swf:
>
> myRollOversLoaded = false;
> var myRollOvers:Array;
> var roll_content = new FigureXMLLoader("mod1_fig1.xml");
>
> And inside the "myOnLoad" function in FigureXMLLoader,
just after the
> while
> loop I've put this:
>
> _root.myRollOversLoaded = true;
> _root.myRollOvers = figure_arr;
>
> The movie clip rollover won't act until
myRollOversLoaded is true. It
> works,
> but it still seems klugey. Any suggestions for a more
elegant solution
> would be
> appreciated.
> -
Object Visualization and accessing the object's attributes
Hi all,
I am trying to configure SWFVISU to allow us to call an ABAP Web Dynpro which displays an adhoc object attached to a workflow in the UWL.
I've had success with a business object of a task which is not an adhoc object by binding an attribute to the task container and creating a custom attribute in the UWL. However this is not possible with Adhoc Objects as there could be 0..n objects at runtime.
I've seen plenty of threads that refer to using ${item.externalObjectId} as part of the visualization parameters, ie in Visualization Parameters:
APPLICATION FMCA_WDY_FPF
DYNPARAM WDCONFIGURATIONID=FMCA_WDY_FPF_CONF&RETURN_ID=${item.externalObjectId}
NAMESPACE sap
SYSTEM_ALIAS SAP_ERP_Public_Sector
however in this case the attribute we need access to is an attribute to the Object Class, not the Work Item.
Is there any other variable substitution we can use in the Object Visualization to reference an attribute of the Object Class itself?
Thanks in advance
AlexHi,
Please visit the below link. This might help you.
http://weblogs.sdn.sap.com/cs/blank/view/wlg/20379
Thanks and regards,
SNJY -
Many to Many with Custom Objects 4 and up
Hello,
Pls. I need to define a new CO4 that will have a many to many relationship with Contact.
From OD help pg.775 I understand that I should use another CO (f.ex. CO5) to be the intersection. Help file indicates how to rename the objects...and put them in the related info. section... but I don´t know what FIELDS (if any) I should define in the intersection CO5.
Pls. Anyone could help ?
Txs. a lot.
AntonioYes. You have to define them in CO5 Layout.
You should see Name, Contact and Custom Object 04 (you may have renamed it). Not the Id field.
Then when you add THE CO5 layout to Contact Related section, you can add new association between Contact and CO4.
Don't forgot to enable the Access Profiles in Contact, CO4 and CO5. -
Custom object class attributes are not provisioning in oID thru OIM
Hi,
I have connected OIM with oID user provisioning is also taking place. I have made one custom structure class with some attributes in OID.
In form designer,in OID usr form i have made feild UD_OID_USR_Custom
In OId .config lookup i have mentioned that custom class as well as attributes of class[in code Custom in decode name of attribute at target]
In process form recon mapping of OID i mapped this feild name .
Also in resource object recon mapping also i mentioned this attribute.
But while creating user till process form value of attribute is populating and not provisiong that attribute in OID.
Please tell me where i went wrong or exact steps of mapping in form designer,Process definition,Lookup.OID.configuration,Resource objects.
Thanksprocess form recon mapping of OID i mapped this feild nameHave you made attribute entry in Provisioning Lookup AttrName.Prov.Map.OID ?
Have you followed each step :
http://download.oracle.com/docs/cd/E11223_01/doc.904/e10436/extnd_func.htm#CACICHDH -
Custom MovieClip class and loadMovie
Hi, I am trying to create a custom MovieClip class with
loadMovie, but it doesn't work.
I created a movie clip symbol and action script linked to it,
such as:
class CustomMovieClip extends MovieClip { ... custom
functions to define the behavior, onPress, onMouseMove, etc ... }
It works all fine until I call loadMovie on an instance,
trying to change the shape.
As I searched, I figured loadMovie can mess you up if you do
somthing like mc.onPress = .... but
is this the case for a custom class? Hope not.
Any help???Solved the issue myself. I write it here so other people can
find it.
Basically, you can't do loadMovie directly to CustomMovieClip
class instance.
It will mess up all the methods you have defined in the
class.
Workaround is to do loadMovie to a variable in the class.
Complete working example is here:
1. Create a project MCTest.flp
2. Prepare Movie1.swf (a simple shape)
3. Create a Flash document MCTest.fla
4. Create a ActionScript file CustomMovieClip.as:
class CustomMovieClip extends MovieClip {
function onPress() {
trace("onPress");
6. Create a symbol CustomMovieClipContent:
Behavior: Movie Clip
Draw nothing.
5. Create a symbol CustomMovieClip:
Behavior: Movie Clip
Identifier: CustomMovieClip
AS 2.0 Class: CustomMovieClip
Export for ActionScript: Yes
Export in first frame: Yes
Open editor and drag&drop CustomMovieClipContent, name
it 'contents'
6. Edit ActionScript in MCTest.fla>Scene 1>Layer
1>1st Frame
attachMovie("CustomMovieClip", "customMovieClip1", 0,
{_x:100, _y:100});
customMovieClip1.contents.loadMovie("Movie1.swf");
7. Preview and you see two movie clips.
Click on the object, and "onPress" is printed in the output. -
Dear Experts,
Frequently I see packages that are being transferred over WAN links failing with the below posted error.
We're running SCCM 2012 SP1, the DP's are rate limited and firewalled.
Some applications end up on the DP's fine (even OS images), some don't. When they don't, the issue is non-recoverable, even if I retry it 100 times the error will remain the same while other applications do distribute properly. This seems like there can't
be a firewall issue at play. Logs on the DP's do not show any errors.
Here is the PkgXferMgr.log
Attempt to write 750652 bytes to \\SERVER\SMS_DP$\Content_0a017ff5-3a9b-4794-ab57-e4e50ba2db79.1-F6BCF13B583E95DC14FBA81B712675EAD0A2A8D25D1C5127B3E79519897D1337 at position 394372096 SMS_PACKAGE_TRANSFER_MANAGER 6/4/2014 11:53:42 AM 7476 (0x1D34)
Wrote 750652 bytes to \\SERVER\SMS_DP$\Content_0a017ff5-3a9b-4794-ab57-e4e50ba2db79.1-F6BCF13B583E95DC14FBA81B712675EAD0A2A8D25D1C5127B3E79519897D1337 at position 394372096 SMS_PACKAGE_TRANSFER_MANAGER 6/4/2014 11:53:44 AM 7476 (0x1D34)
Sending completed [E:\SCCMContentLib\FileLib\F6BC\F6BCF13B583E95DC14FBA81B712675EAD0A2A8D25D1C5127B3E79519897D1337] SMS_PACKAGE_TRANSFER_MANAGER 6/4/2014 11:53:44 AM 7476 (0x1D34)
Failed to get object class SMS_PACKAGE_TRANSFER_MANAGER 6/4/2014 11:54:05 AM 7476 (0x1D34)
ExecStaticMethod failed (800706ba) SMS_DistributionPoint, AddFile SMS_PACKAGE_TRANSFER_MANAGER 6/4/2014 11:54:05 AM 7476 (0x1D34)
CSendFileAction::AddFile failed; 0x800706ba SMS_PACKAGE_TRANSFER_MANAGER 6/4/2014 11:54:05 AM 7476 (0x1D34)
Deleting remote file \\SERVER\SMS_DP$\Content_0a017ff5-3a9b-4794-ab57-e4e50ba2db79.1-F6BCF13B583E95DC14FBA81B712675EAD0A2A8D25D1C5127B3E79519897D1337 SMS_PACKAGE_TRANSFER_MANAGER 6/4/2014 11:54:06 AM 7476 (0x1D34)
CSendFileAction::SendFiles failed; 0x800706ba SMS_PACKAGE_TRANSFER_MANAGER 6/4/2014 11:54:06 AM 7476 (0x1D34)
CSendFileAction::SendFiles failed; 0x800706ba SMS_PACKAGE_TRANSFER_MANAGER 6/4/2014 11:54:06 AM 7476 (0x1D34)
Notifying pkgXferJobMgr SMS_PACKAGE_TRANSFER_MANAGER 6/4/2014 11:54:06 AM 7476 (0x1D34)0x800706ba = "The RPC server is unavailable."
This is often associated with some sort of network connectivity issue but is very hard to track down without watching the traffic because there is no way to know why traffic didn't make it.
Generally, it is also associated with WMI communication so it's possible that WMI is having issues or is being blocked on the destination system.
If this is happening sporadically on the same DP for the same content but works for other content, that would indicate to me that some type of network filter or security mechanism is in place that has for some reason decided that that content should not
be allowed. This is pure speculation though.
Do you happen to have a WAN accelerator in place or something else that is supposed to help, scan, or filter traffic? If so, this is where you should concentrate your investigation and exclude ConfigMgr traffic from interference.
Jason | http://blog.configmgrftw.com -
External sites and access rights
After a search in oracle portal, only results are shown for item of which a user has access rights. That's great.
Ultrasearch is capable of searching other (non-oracle) sites as well, so the result of a search may include both portal and non-portal results.
How to deal with external sites which haver their own access scheme? We have two sites, one oracle portal site, one of a different vendor. In the future, hopefully, usermanagement will be centralized in one LDAP repository.
I'd love to have one integrated search engine for both sites, which is capable of indexing all pages, but give only those results of which a user is authorized to.
Can this be achieved by ultrasearch?Hi Ton
In iAS 902, Ultra Search supports crawling of only public data from Portal page groups. These Portal page groups be from different portal instances. Currently, there is no support for limiting the data obtained from Portal page groups to that which a specific user may view.
We are currently working on supporting authorized crawls/searches.
This feature will allow you to perform a search as a specific user X. The search results returned for this user X will only contain links to documents that X is explicitly allowed to view. These documents can reside in multiple portal instances as long as all the portal instances have the same user space (i.e. share the same LDAP server).
So, to summarize, in iAS 902 (and Oracle 92), Ultra Search only supports public searches.
Regards
Edward -
Ultrasearch, external sites and access rights
After a search in portal, only results are shown for item of which a user has access rights. That's great.
Ultrasearch is capable of searching other (non-oracle) sites as well, so the result of a search may include both portal and non-portal results.
How to deal with external sites which haver their own access scheme? We have two sites, one oracle portal site, one of a different vendor. In the future, hopefully, usermanagement will be centralized in one LDAP repository.
I'd love to have one integrated search engine for both sites, which is capable of indexing all pages, but give only those results of which a user is authorized to.
Can this be achieved by ultrasearch?At the moment, Ultra Search has no notion of Access Control for items that it searches so, in effect, Ultra Search can only crawl public content.
-
Adding a Custom Object Class When You Create an LDAP Object
Hi all,
under which path i can configure below material ?
http://docs.sun.com/app/docs/doc/819-4438/gatkz?l=en&a=view
Cheer
ubdHi Shane,
I cannot search any
ou=basicuser,
do u know the DN when DA use to create default user ?
we create customize bulk add using perl script, the object class for our custormize bulk add are
top, iplanet-am-managed-person, iplanet-am-user-service, organizationalperson, inetadmin, sunimuser, person, inetOrgPerson, sunamauthaccountlockout, inetuser, inetlocalmailrecipient, sunpresenceuser, iplanetpreferences, ipuser, inetsubscriber, inetmailuser, UBDStaff, userpresenceprofile, sunucpreferences, icscalendarusercode}
these are the object class create by DA by default userpresenceprofile, sunucpreferences, iplanet-am-user-service, icscalendaruser, top, iplanet-am-managed-person, organizationalperson, inetadmin, sunimuser, person, sunamauthaccountlockout, inetuser, inetlocalmailrecipient, sunpresenceuser, iplanetpreferences, ipuser, inetorgperson, inetsubscriber, inetmailuserI need to customize the DA default user management so i can use the web console to add new user.
Cheer
ubd
Maybe you are looking for
-
How do you share Aperture file across multiple users on same Mac?
How do you share Aperture file across multiple users on same Mac? Seems this should be a preferences choice.
-
Time capsule from hard disk to router?
Hi, I have had my time capsule set up as a hard disk, and has been accessing it through a USB cable. I would like to set it up as a router and wireless hard disk. The problem is Airport Utility cannot find my time capsule, and the time capsule is sho
-
Hello Gurus, I have a business requirement which requrest all the IDocs irrespective of errors / not the status of the IDoc needs to be 51. The Business would later post it depending on their requirements. Please let me know if this is possible. Than
-
IPhone video H.264 will not play in iPhoto '11 Slideshow
Hello, I use iPhoto to organize videos and .jpgs; I take videos both with a Sony camera and my iPhone. I often trim videos in iPhoto and then play them as part of a Event or Album, along with .jpgs, using the SlideShow feature before moving o
-
Prasing a huge Fixed lenght file
Hi All, I have a requirement to parse a fixed lenght file which is of size 100MB. I have 1.7 million records in that file where each and every record is of length 41. When I am trying to load the file using the LineNumberReader and using the substrin