Delegated Admin ( I award good points)

Dear Portal Gurus,
Pls let me know how delegated
admin can be implemented in Portal
especially the part of assigning
CheckACL = ON in the iview
com.sap.portal.roleAssignment.
I am using SP11.
Thanks.
Nirmal

hi
you are right, ACL check has gone. See the SP2 guide for the old way you have described: http://help.sap.com/saphelp_ep60sp2/helpdata/en/51/f6f9e4d3a30b46966d3b7e650cb2dd/frameset.htm
And check out the NW04 guides:
http://help.sap.com/saphelp_nw04/helpdata/en/51/f6f9e4d3a30b46966d3b7e650cb2dd/frameset.htm
http://help.sap.com/saphelp_nw04/helpdata/en/57/6aa430a3a8c1498d4f3eb08c41be95/frameset.htm
please don,t forget to give points
with regards
subrato kundu

Similar Messages

Portal Business Package URGENT ( I award Good points)

Dear Portal Gurus,
When I'm importing a business package there is an option which says "Client" / "Server"
Can anyone explain to me what each mean and when to use them.
Appreciate your help greatly.
Thanks,
Harsha

Srinivasa,
I am unable to open your blog.
Can you pls email it to me at [email protected]
Thanks.
Nirmal
Message was edited by: nirmal jct
Message was edited by: nirmal jct
Message was edited by: nirmal jct

Changing Business Package ( I award good points )

If for example I import a business package into portal and I try to assign roles defined in the portal to the roles in the business package what are the considerations.Also pls let me know if can I change any particular object in the standard business package e.g. changing Iview properties.
Is it recomended or I need to always make a Delta Link/copy of the object in question and do the changes.
Thanks.
Nirmal

Nirmal,
I don't think adding your roles to business package roles should cause you any problems provided you setup the Permissions on the content itself properly, e.g. setting your existing content up with Permissions allowing the business package roles to access them.
If you are going to change anything on the business package content then I would create a delta-linked copy in a new folder of the same name as the original, but inder your content folders, otherwise when u upgrade or patch the new business package content will probably overwrite your changes. In any case it wont be immediately apparent that you have made changes to the standard content or what those changes are if you edit the original content.
Cheers,
Steve

Cpu high while installing delegated admin 2nd instance.

Hi,
I am using Sun JES 2005Q1 on Solaris9 sparc platform.
AM, Delegated Admin & MEM are running on 1 host which is working perfectly.
I have installed another instance of AM on another host which is also working perfect.
Whenever I try to install 2nd instance of Delegated Admin, the cpu utilization of my ldap server goes very high (98%) and installation doesnt proceed.
I have increased the nsslapd-allidthreshold value from 4000 to 15000.
Also indexing of attributes are already done.
But still no luck for me.
I am getting error logs on ldap server "search is not indexed".
Can anyone help me out ?
Regards,
Shujaat Nazir Khan
Senior System Engineer
Cyber Internet Services (Pvt.) Ltd.

The access manager has the same "oversight" but it was easy enough to fix by adding WS_ADMINHOST=admin.dom.tld to the amsamplesilent, and sed -i 's/--host=$WS_HOST/--host=$WS_ADMINHOST/g' to amws70config and amconfigupdate, and things actually worked when I did this (with a little more hackery, like manually editing mime.types and server.policy). This DA configurator is less straight forward, and when I fixed up the files and reran the failed scripts, things didn't work.
Does it make sense to run the administration server in its own zone/machine from an architectural standpoint? There has to be at least one admin server, so is the point AM/DA makes "it may as well be running on the node that _requires_ it to be running" versus "separate services into logical partitions?" It seems to me the first option is "good enough" while the second makes sense, but I'm looking for confirmation or further input.

Delegated Admin- Adding user causes unhandled exceptions

Now that I've finally settled on 05q1, Im trying to create accounts using the delegated admin GUI.
I click on my domain, then on "New". I then fill out first, last name, role is Business OA, no postal address, assign no service package, change the loginId and two passwords. At this point, when I click "Next", I get a "Server Error" screen with this information:
This server has encountered an internal error which prevents it from fulfilling your request. The most likely cause is a misconfiguration. Please ask the administrator to look for messages in the server's error log.
The messages below show up in /opt/sun/webserver/https-imap.domain.com/logs/errors. I couldn't find any other error for ds, identity, admin server, etc. After this exception, I also have to log back in to DA. The messages are quite vague (from an administrative standpoint) so any help is appreciated!
[11/Jan/2006:10:32:02] failure (18149): for host xx.xxx.xxx.xxx trying to POST /da/wizard/WizardWindow, service-j2ee reports: Ap
plicationDispatcher[da] WEB2649: Servlet.service() for servlet jsp threw exception
javax.servlet.ServletException
at org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:536)
at jsps.com_sun_web_ui._jsp._wizard._WizardWindow_jsp._jspService(_WizardWindow_jsp.java:559)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:107)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at com.iplanet.ias.web.jsp.JspServlet$JspServletWrapper.service(JspServlet.java:687)
at com.iplanet.ias.web.jsp.JspServlet.serviceJspFile(JspServlet.java:459)
at com.iplanet.ias.web.jsp.JspServlet.service(JspServlet.java:375)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:772)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:471)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:382)
at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:340)
at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:280)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:209)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:161)
at com.iplanet.ias.web.WebContainer.service(WebContainer.java:580)
----- Root Cause -----
javax.servlet.jsp.JspException
at com.sun.web.ui.taglib.wizard.CCWizardTag.getWizardPageHTML(CCWizardTag.java:1577)
at com.sun.web.ui.taglib.wizard.CCWizardTag.appendPageletBodyContentHTML(CCWizardTag.java:668)
at com.sun.web.ui.taglib.wizard.CCWizardTag.appendWizardBodyHTML(CCWi
[11/Jan/2006:10:32:02] failure (18149): for host xx.xxx.xxx.xxx trying to POST /da/wizard/WizardWindow, service-j2ee reports: WE
B2798: [da] ServletContext.log(): [ERROR] Uncaught application exception
com.iplanet.jato.NavigationException: Exception encountered during forward
Root cause = [javax.servlet.jsp.JspException]
at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:380)
at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:280)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:209)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:161)
at com.iplanet.ias.web.WebContainer.service(WebContainer.java:580)
Root cause:
javax.servlet.jsp.JspException
at com.sun.web.ui.taglib.wizard.CCWizardTag.getWizardPageHTML(CCWizardTag.java:1577)
at com.sun.web.ui.taglib.wizard.CCWizardTag.appendPageletBodyContentHTML(CCWizardTag.java:668)
at com.sun.web.ui.taglib.wizard.CCWizardTag.appendWizardBodyHTML(CCWizardTag.java:658)
at com.sun.web.ui.taglib.wizard.CCWizardTag.getHTMLStringInternal(CCWizardTag.java:469)
at com.sun.web.ui.taglib.common.CCTagBase.doEndTag(CCTagBase.java:114)
at jsps.com_sun_web_ui._jsp._wizard._WizardWindow_jsp._jspService(_WizardWindow_jsp.java:260)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:107)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at com.iplanet.ias.web.jsp.JspServlet$JspServletWrapper.service(JspServlet.java:687)
at com.iplanet.ias.web.jsp.JspServlet.serviceJspFile(JspServlet.java:459)
at com.iplanet.ias.web.jsp.JspServlet.service(JspServlet.java:375)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:772)
at org.apache.catalina.cor
[11/Jan/2006:10:32:02] failure (18149): for host xx.xxx.xxx.xxx trying to POST /da/wizard/WizardWindow, service-j2ee reports: St
andardWrapperValve[WizardWinServlet]: WEB2792: Servlet.service() for servlet WizardWinServlet threw exception
javax.servlet.ServletException: Uncaught exception
at com.iplanet.jato.ApplicationServletBase.onUncaughtException(ApplicationServletBase.java:1415)
at com.sun.comm.da.WizardWinServlet.onUncaughtException(WizardWinServlet.java:98)
at com.iplanet.jato.ApplicationServletBase.fireUncaughtException(ApplicationServletBase.java:1164)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:639)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:280)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:209)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:161)
at com.iplanet.ias.web.WebContainer.service(WebContainer.java:580)
----- Root Cause -----
com.iplanet.jato.NavigationException: Exception encountered during forward
Root cause = [javax.servlet.jsp.JspException]
at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:380)
at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.

Might it have something to do with having not assigned service package? I read in the 05Q4 notes that in 05Q1, a service package had to be defined. I just tried to allocate some service packages to the domain and I get the same "Server Error" page when I click "Next" on the page where I choose how many service packages to allocate (i.e. the screen right before the "Summary" page)
At least the errors are a little more informative in the webserver error log (sample below)
I chose 3 service packages and attempted to allocate 50 each, No anonymous logins for calendar server and put in a calendar server hostname. All other fields were left to default.
[12/Jan/2006:15:14:13] failure (18149): for host 63.241.196.147 trying to POST /da/wizard/WizardWindow, service-j2ee reports: Ap
plicationDispatcher[da] WEB2649: Servlet.service() for servlet jsp threw exception
javax.servlet.ServletException: String index out of range: -15
at org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:536)
at jsps.com_sun_web_ui._jsp._wizard._WizardWindow_jsp._jspService(_WizardWindow_jsp.java:559)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:107)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at com.iplanet.ias.web.jsp.JspServlet$JspServletWrapper.service(JspServlet.java:687)
at com.iplanet.ias.web.jsp.JspServlet.serviceJspFile(JspServlet.java:459)
at com.iplanet.ias.web.jsp.JspServlet.service(JspServlet.java:375)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:772)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:471)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:382)
at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:340)
at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
at sun.reflect.GeneratedMethodAccessor37.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)

Not Awarded the point yet

while for this thread i awarded 10 points
restore from old backup files
But for this recent post i did not award any single point yet ;)
[pre]
Re: Changing to compressed backup set
Before recent post i have 60 points it should come to 70 after posting correct info but not yet awarded.
Khurram

Firstly, my apologies here for cutting and pasting your words in a different order, but it's necessary so I don't repeat myself.
orawarebyte wrote:
Nicolas i wondered that either its the problem from OTN site but to make sure i posted the thread at right place with subject " Not Awarded the point yet" ,i was not curious about points ,i posted this thread purely for the intention to inform OTN moderator if there is any thing wrong then it should be fixed.But some one here make wrong illusion and started to give good advice in destructive manner.Apologies for our misunderstanding, but I would have assumed that it would be obvious that forum software cannot automatically allocate points for correct answers and therefore, by not being awarded points, the idea that there is a fault with the forum software is a little far stretched.
orawarebyte wrote:
Blu neednt to be offended and neednt to expose that how many helpful answer you have delivered,yours attitude quite aggressive, threatening and unnecessary as hussesin sawan already gave the answer for what the question without showing any attitude.Dont make wrong assumption by if then else that for what i am here.
There are many threads which has been posted for the points curiousity ,yours advise should be go with yourself and act on yours own advice which would be more fruitful for you.
And your problem is what exactly?
Am I bothered (bovvered!)?
Isnt above question tone is arrogant???
Who asked that you are bothered or not ..if you are not then why to follow you ? i am really sorry to feel that and expressing this feeling that the mostly posted thread reagarding points issue here is not advisable by him but what make him to show his attitude towards me :).I'm sorry if you felt it was aggressive or threatening as it wasn't and I certainly can't see how it could be threatening.
From a Buddhist perspective, and other Eastern teachings, we have to remember that the perception of anger, agression, arrogance and any other emotion comes from the person perceiving it. These emotional perceptions are not the true Self, but are dillusions of the mind created from past experience, and do not exist in the present moment.
Bearing in mind it was not apparent that you thought the forum software was at fault, was it really arrogant to question why you appeared to be bothered by the fact you hadn't received points for your assistance on the forum, considering the purpose of the forum is not about receiving points but about offering assistance?. Since the points system was introduced it has become the practice of some (not all, and not necessarily yourself) to make untested and incorrect responses quickly to someone's issue stating that "the is the correct answer" in order to try and gain points and increase their position on the forums. It has introduced an unnecessary competition on the forum and, whilst competition is healthy, it is introducing a lot of incorrect answers within threads (I know we all get it wrong occassionally, but it is noticably messier than the previous forum, at least I've noticed that). IMHO, the forum would be better without any ranking shown at all, perhaps just showing a persons points accrued next to any posts they make so that people reading it can see how well a person has contributed. It is the ranking system ("top users in forum") that is causing the unhealthy competition and messiness of wrong answers. ;)
Once again, my apologies if you mistook my words for anything but making a point. ;)

SP05 standard repository passwords - Will reward good points

Hi,
We unarchived the standard repositories from Business content for SP05 patch 01 (materials, customers and vendors). In the console the repository is locked and needs login credentials. I could not find information on what user id and password to use for first time login. Please tell me what user id / password to use for first time login to standard repositories (We have just unarchived the a2a files)
Will reward good points
Thanks
Harsha

Hi Harsh,
<b>"For unlocking repository, Choose Login from the context menu and enter a username and password (for the standard repositories the default username is Admin without a password). Otherwise use the username and password that you have defined in the repository".</b>
This is mentioned in the Upgrade Guide of SP5 at page no 13. you can check using link <a href="https://websmp110.sap-ag.de/~sapidb/011000358700000271872007E">Upgrade Guide SP5</a>
Please try user Id "Admin" and password blank once more. If not successful this time then it seems that you have by mistake changed the password of the repository.
Hope this will help you. Please let me know the results.
Thanks,
<b>Shiv</b>

Good points will be given if question sloved

hello Gurus!
required Purchase requisation outstanding aging report code.
plz help me in this.thnx in advance.Good points will be given if question sloved.
regards
Rakhi.

hello Gurus!
required Purchase requisation outstanding aging report code.
plz help me in this.thnx in advance.Good points will be given if question sloved.
regards
Rakhi.

Delegated Admin and non-flat user/group structures

Hello, I am trying to build a directory structure with several containers under an organization used to store different portions of userdata and group data (i.e. not only ou=people and ou=group, but also a few ou's like them). Server software is from OUCS 7u2 release. Users in "other" containers are populated into LDAP (ODSEE 11) by replication, filling in all the same attributes as a freshly DA-created account has.
The Delegated Admin interface and other parts of the software accept this and work okay with this setup, displaying user information, allowing logins and so on - except for attempts to edit user accounts in the alternate containers in the DA (i.e. add/remove service packages, change quotas, etc.). First I've verified that this is not an LDAP problem - I can use both command-line ldapmodify and an LDAPBrowser GUI to edit the entries with no hiccups.
I tracked that when trying to save account information for accounts in non-standard containers, the DA still tries to use a hard-coded path (i.e. uid=USERNAME,ou=people,o=DOMAINNAME,dc=DOMAIN,dc=NAME) despite the fact that the user account is (and DA displayed it from) uid=USERNAME,ou=morePeople,o=DOMAINNAME,dc=DOMAIN,dc=NAME.
Possibly, this "hardcoding" stems from DA configuration in WEB-INF/classes/sun/comm/cli/server/servlet/serverconfig.properties which does list components of the LDAP structure:
# Ldap configuration.
# List of ldap hosts. Form is <ldaphost>:<portnumber>. (Default port = 389)
# add additional hosts with ldaphost-<consecutive number>
# Schema type is either "1" or "2".
# Reconnect interval is in seconds
# Group and people container is dn from organization dn (e.g ou=people)
ldaphost-1=oucsldap01:389
ldaphost-2=oucsldap02:389
ldaphost-suffix=dc=DOMAIN,dc=NAME
ldaphost-dcsuffix=dc=DOMAIN,dc=NAME
ldaphost-maxcount=50
ldaphost-schematype=2
ldaphost-reconnectinterval=60
ldaphost-peoplecontainer=ou=People
ldaphost-groupcontainer=ou=Groups
ldaphost-orgadminrole=cn=Organization Admin Role
While the organization root dn is not explicit here (and shouldn't be), the default people container is... I might guess a coding error logic like this: indeed, the "ou=People" container should be used by default when creating a user via DA; as a likely error, it might also be used when editing existing users - instead of their existing full DN/parent DN.
Questions:
1) Does anyone have a working configuration with several user/group containers within an organization like this? Would you care to share details and workarounds, if were needed?
2) I think that possibly the "shared domain/organization hosting" mode might help here - at least it is expected to have several LDAP trees with their delegated administrators performing as a single e-mail domain. Before I go and reconfigure everything, I'd love to hear if there are any success stories with this route? Is it a proper solution (or THE solution) for such config?
Thanks,
//Jim Klimov

I wanted to follow up that reconfiguring the directory structure according to shared domain hosting, with branches for ISW-synchronized accounts as one of the sub-organizations which share the domain, and manually created OUCS-only accounts being in another sub-organization. This works for both messaging components and the DA, as long as UIDs are in ou=People in their organization. Somewhat unfortunately, ISW config seems to allow only one DSEE target branch and puts groups (CN) there as well. Well, for our needs to edit user attributes and service packages via DA, this suffices. Sometimes there are hiccups (Can not save changes), but they are intermittent and harder to trace debug; usually go away with restart of the DA web container. The DSEE LDAP instances are configured with plugins to enforce uid uniqueness across the organization and uniqueness of values of messaging email address attributes (mail, mailAlternateAddress, mailEqiuvalentAddress) to avoid mixups between user accounts in different branches.
Also, we had a problem with Calendar server after migrating the LDAP entries: since our deployment used the nsUniqueID for calendar user identification, relocation of entries (the way we did it) generated new values for new entries and users got new empty caledar databases. On this POC this was not a major problem, and newer OUCS releases with a davUniqueID attribute should specifically be immune to this problem. However, for others trodding this path I can suggest that they export the LDAP database into LDIF including the unique IDs, recreate the suffixes as needed (the ISW target organization in DSEE should be a separate LDAP database suffix), change the LDIF entry pathnames, and import the LDIF anew. This would wipe old LDAP data and should add old nsUniqueIDs to relocated entries (unlike recreation via ldapadd or relocation via ldapmodrdn).
We have also hit a problem with DA refusing to render the list of accounts (returning 0 or 25 empty entries in a table). The LDAP logs showed that on the LDAP side all is ok, and expected amount of replies was located. Pattern searches often produced the proper table with a subset of users in DA. Ultimately, we linked the problem to ISW binary base64-encoded attributes (dspswuserlink et al; some of those values also garbaged output of commadmin queries in a terminal) and created an LDAP ACI which forbade our DA-admin user to read,search,compare these attributes. This solved the problem for us. I wonder if a more generic solution is possible, so as to apply this ACI not to an explicitly named admin user but to any users with DA admin privileges (by group or role? which string, to cover them all in advance)? Or, perhaps, nobody except the ISW user account should see these ISW attributes?
Hope this report helps others who would try to pioneer this path of messaging integration
//Jim Klimov

Can't login to Delegated Admin after redeploy

I originally had Delegated Admin 6.4 running on port 80 in Webserver 7u3 along with AM, and UWC. I needed to move DA off of port 80 so I created another Webserver instance on port 81 and then uninstalled and reinstalled Delegated Admin against the new instance. In the configurator I specified port 80 where it asked about Access Manager and port 81 where it asked to deploy DA. Now I cannot login to DA. It keeps telling me: "Invalid login ID or password, please try again". The ID and password are correct. No LDAP traffic is being generated during the attempted login. I turned on DA logging and this is what I get:
Aug 23, 2008 4:43:39 PM com.sun.comm.da.security.DALoginManager login
INFO: Login failed, login id [admin]
com.sun.comm.jdapi.DAException: Moved Temporarily: Moved Temporarily
at com.sun.comm.jdapi.DAConnection.liveAuth(DAConnection.java:88)
at com.sun.comm.jdapi.DAConnection.authenticate(DAConnection.java:130)
at com.sun.comm.da.security.DALoginManager.login(DALoginManager.java:209)
at com.sun.comm.da.view.LoginViewBean.handleLoginButtonRequest(LoginViewBean.java:212)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:816)
at com.sun.comm.da.DAServlet.service(DAServlet.java:152)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:917)
at org.apache.catalina.core.ApplicationFilterChain.servletService(ApplicationFilterChain.java:398)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:304)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185)
at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:133)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:217)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:255)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:188)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:586)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:556)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:187)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:586)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:556)
at com.sun.webserver.connector.nsapi.NSAPIProcessor.service(NSAPIProcessor.java:160)
Here is a sample of what I get when I run commadmin:
./commadmin -v search domain o=xyz.com
[Debug]: DBG:Object = search ; task = domain
[Debug]: default domain from Properties: xyz.com
[Debug]: IShost from Properties: webmail.xyz.com
[Debug]: ISPort from Properties: 80
Enter login ID: admin
Enter login password:
[Debug]: Contacting : http://webmail.xyz.com:80/commcli/auth
[Debug]: To servlet: domain=xyz.com&username=admin&password=xxxxxxxx&charsetenc=UTF-8
[Debug]: Http Error recvd: Moved Temporarily
Moved Temporarily: Moved Temporarily
Invalid value for Identity server host name: webmail.xyz.com
Invalid value for Identity server port: 80
Enter Identity server port[80]:
Any ideas?

sheger77 wrote:
I originally had Delegated Admin 6.4 running on port 80 in Webserver 7u3 along with AM, and UWC. I needed to move DA off of port 80 so I created another Webserver instance on port 81 and then uninstalled and reinstalled Delegated Admin against the new instance. In the configurator I specified port 80 where it asked about Access Manager and port 81 where it asked to deploy DA.As per the administration guide, Delegated Administrator server needs to be installed in the same web-container/instance as Access Manager.
http://docs.sun.com/app/docs/doc/819-4438/acfck?a=view
"The Delegated Administrator server uses the same Web container as Access Manager. The configuration program asks for Web container information after it asks for the Access Manager base directory."
[Debug]: IShost from Properties: webmail.xyz.com
[Debug]: ISPort from Properties: 80The commadmin client is trying to contact the DA server which is supposed to be installed in the same Web container as Access Manager
(hence the use of IShost/ISPort):
[Debug]: Contacting : http://webmail.xyz.com:80/commcli/auth
[Debug]: To servlet: domain=xyz.com&username=admin&password=xxxxxxxx&charsetenc=UTF-8
[Debug]: Http Error recvd: Moved TemporarilyCan't contact DA server so attempt fails.
Regards,
Shane.

From schema 1 to schema 2 migration delegated admin problem

I want migrate from schema 1 to schema 2 the messaging server 6.2 ( jes 2005q1).
I have install access manager and delegated admin.
With the commdirmig I migrate the domain and schema , the messaging work correctly.
I have a problem with the delegated admin web interface.
The delegated don't view my domain. If I add the sundelegatedorganization objectclass I can view my domain on delegated admin but I can view user and group.
Any Idea?
TIA
Bye Giovanni

There are two very different products called "deletaged admin". The old iPlanet Delegated Admin (iDA) only works with Schema 1. The current Delegated Admin, that comes with JES3 only works with Schema 2.
If you're using the old iDA that worked with schema 1, it won't work with schema 2. You have to install the new DA for that.
It doesn't work with groups/lists, only with users and domains.

While installing IMS on p4, the delegated admin, MTA and IWS6.0 could not be started

I am installing IMS 5.1 NT version on a p4 machine and my MTA services are not starting, i searched for the IMTA.conf file but that was not found. Also the IWS 6.0 that was installed additionally for the upgraded JVM is not getting started , and the delegated admin through the browser could not be accessed

I am installing IMS 5.1 NT version on a p4 machine and my MTA services are not starting, i searched for the IMTA.conf file but that was not found. Also the IWS 6.0 that was installed additionally for the upgraded JVM is not getting started , and the delegated admin through the browser could not be accessed

Delegated Admin reports strange number of users

I recently noted that our Delegated Admin (Delegated Administrator 6.4-2.05, B2008-04-29) Organizations page
(the one which lists the hosted domains and particularly their "Number of Users") lists this number plain wrong.
For many organizations it is reported as 0 or 1, for one there's a blank line, and only one seemingly has 39 users.
When I click on organizations however, I see their full lists of users (I believe, ones which have a non-empty mail
attribute set in LDAP) and there are tens in most orgs and over a hundred accounts in the larger org.
What is wrong? Does DA's Organization-List page use some other means of counting the users than the individual
Organization's page?

JimKlimov wrote:
In fact, while importing our old server, I did initialize most domains' users via
ldapclient queries as discussed on-list in mid-2008. Nobody said that there
are other static values outside of a user's account data :)The sunnumusers: attribute is commonly overlooked -- primarily because it is for admin-interface purposes only and doesn't impact on the operation of user accounts.
Is it possible to replace this value of sunnumusers by a dynamic search (or
counter), either in the GUI code or perhaps in the LDAP attribute?No. Any such dynamic search would have an adverse performance impact on the DA interface for large environments.
What is the logically correct value, the count of users with mail attribute set?If you want the sunnumusers: to match the number of users displayed when you click on the organisation in the "Organizations" tab then you would count the users which matched the following search for the domain:
""(&(uid=*)(&(objectClass=inetuser)(|(inetUserStatus=active)(inetUserStatus=inactive))))""
Regards,
Shane.

Delegated admin login problem

I am running Iplanet messaging server 5.2 and am having problems loging into the delegated administrator. When I try to log in as ServiceAdmin I immediately get a screen telling me that the session has timed out and to re-authenticate.
Any ideas what is wrong?

Unknown. Not nearly enough data to guess.
Please examine your LDAP access logs, and comment.
You should be looking for BIND commands for "NDAdmin". This is the first step in logging into Delegated Admin. If this fails, no user will be able to use DA.
Do you have password expiration set up in DS? did you remove this account? Change the pw?

How do I suite Delegated admin to my LDAP structure

Hello All
I've been working in a customer's Mail server (messaging 5.1, Directory 4.16) and I am having a problem with ida.
All the users are on:
ou=001,o=Student, o=People, o=acme.com,o=acme.com
And, the user's mail is [email protected]
Now, with Branch ou=998, o=Student, .....
They want all the users to have an e-mail address of the form [email protected] (DONE) and they want to have an administrator to handle the users in this ou
I tried to setup a mail domain with Delegated admin but, I see no way of mapping this new domain to this ou (ida expects things to be in the dc= subtree that doesn't even exist)
Anyone has any ideas?
Thanks
//JaimeC

The image which appears in the Store page is referenced in the 'itunes:image' tag. This tag is present in your feed but the URL is of your website. You need to create an image, which should be 1400 x 1400 and either JPG or PNG, and reference it in this tag. I don't know anything about 'Podcast Suite': probably it has somewhere to enter the image details.

Delegated Admin ( I award good points)

Similar Messages

Maybe you are looking for