Directory Proxy Server 5.2 and MS Active Directory

Hi,
The features of DPS are exactely what I'm looking for but the Directory Servers I would like to run it against are Microsoft Active Directory Domain Controllers...
Did anyone tried this before ? Was it a success story ? ;-)
Thanks for your input.

I am very interest in this my self, since I have tried to follow the instruction at docs.sun.com and find it very poor. If you can answer the original question with some good doc would be great!!

Similar Messages

  • I have windows server 2012 R2 and install active directory

    My question is I install active directory in windows server 2012 R2 and create Group Policy. ( These set-up is only for test)
    Have not registered domain only install active directory to test. 
    So the problem is when I created Group policy for my user and put software restriction policy but its affected to my administrator accounts too, No when I open VMware (install Virtual Machine windows XP) and start os then its shows you can not user this
    software as you restricted from installing software (Something like that don't know exact Error). I could not start installed Virtual Machine. 
    Please give me a solution for this.
    This is the setup for a test use only so their not big environment connect with my pc.
    Thanks in advance.
    Regards,
    Krunal

    Hi,
    The following article is talking about creating and managing Group Policy on a Windows Server 2012:
    http://www.thomas-krenn.com/en/wiki/Creating_and_managing_a_Group_Policy_on_a_Windows_2012_Server
    As Darren Blanchard mentioned, if you want to apply the GPO, you could link it to an OU that contain the computer or user.
    Group Policy Overview
    http://technet.microsoft.com/en-us/library/hh831791.aspx
    Please feel free to let us know if you need further assistance.
    Regards.
    Vivian Wang

  • User base Synchronization between SAP and MS Active Directory Server

    Dear all!
    I'm using Web AS 6.20 ABAP and MS Active Directory Server based on Win 2003 Server.
    i successfully implemented the synchronization of user data between SAP and the ADS.
    My question: Is there a way to customize the users on Active Directory Server in regard to their SAP authorization (roles auth. objects etc.)?
    Currently I don't have a clue how to do this.
    Regards,
    Christoph

    Have you searched on SDN for "Active Directory"? That turns up a number of results. I think your expectation might be backwards though, it's not how ADS exposes SAP specific data but how SAP uses ADS to store SAP specific data. My understanding (from quite some time ago so I am fuzzy on this) is that SAP can use ADS in much the same way it can use LDAP as an external user store.
    The Security Newsletter from November 04 [https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/documents/a1-8-4/sap security newsletter november 2004.pdf] mentions that a webinar is hosted on SDN about this exact topic, unfortunately I was unable to find a direct link.
    Regards,
    Marc g

  • Does directory proxy server 6.0 support access to ds5.1SP3

    Hi,
    Does anyone have experience with setting up a directory proxy server 6.0 as a frontend to directory server 5.1SP3 servers ?
    (where can I find a list of supported directory servers by the proxy ?)
    I would like to use the proxy as part of the migration to a new data centre.
    Thanks

    Yes Directory Proxy Server 6.0 works with DS 5.1SP3.
    DPS uses LDAPv3 protocol and works with most of the LDAPv3 compliant servers. It has been tested with Sun DS, Active Directory, OpenLDAP and OpenDS.
    Some specific feature may require the support of the Proxied Authorization Control (RFC 3829), but that's it.
    Regards,
    Ludovic.

  • How to install Small Business Server 2008 in an existing Active Directory domain

    It is shown on this page:
    http://support.microsoft.com/kb/884453, "How to install Small Business Server 2003 in an existing Active Directory domain".
    Is it possible to do this with SBS2008 ?
    If "YES", are there any published information about the procedure ?

    Yes, it is. Thank you very much.
    But there is something that confuses me - I want to migrate from Win2003Std to SBS2008. And also, I want to keep the existing Win2003Std as a second DC for a long time.
    But it is written in the shown article:
    ... After the migration is finished, you must remove the Source Server from the network within 21 days. ...
    Is this rule mandatory for the scenarios where the Source Server is Std, not SBS ? As I know, I can have more than one DC(Win2003Std/Win2008Std) together with SBS2003. But what about SBS2008 ?

  • Problem in installing Directory Proxy server

    Hi all! Recently downloaded the trial version of sun one directory proxy server. After installing the sun one DS 5.2 . I tried to install sun one proxy server..when it asks for configuration server information i have given the admin id and password ....
    but it gave me following error message
    "The given Administrator Id/password combination was not accepted by the
    Configuration Directory Server.
    The Sun ONE configuration directory administrator is the ID typically used to
    log in to the console."
    I did used the same id and password to login to console & i am able to log in.
    Please advice.

    Two quick hints.
    First off, instead of hitting <Enter> to accept the default for the username [admin], type "admin" (without the quotes) as if you were giving different credentials. There's a known issue during the installation where the default text doesn't work.
    Additionally, I had to change my admin password in the configuration directory to cleartext in order to get it to work. For some reason the password encryption during the bind was never successful. To do that:
    dn: uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot
    changetype: modify
    replace: userPassword
    userPassword: {CLEAR}password
    I have no idea if this addresses the problem itself or just a symptom, but it did allow me to install DPS. You might want to give it a shot.

  • Installing Sunone Directory Proxy server

    Hi all! I am in the process of installing sunone directory proxy server. also in the same machine i have directory server and administration server.
    For some reason directory poxy installation fails at the end.
    look at the log file all i can see is
    Admin Server refused to disclose its pid!
    can any one had this experience or share some thoughts.
    Thanks

    I'm Using standalone DPS installer. Here is what i see in installation log
    [5] stdout> executing dps52cfgUninstall::main
    [5] stdout> Retry for: /admin-serv/tasks/Operation/Restart?op=getpid
    [5] stdout> Retry for: /admin-serv/tasks/Operation/Restart?op=getpid
    [5] stdout> Retry for: /admin-serv/tasks/Operation/Restart?op=getpid
    [5] stdout> Retry for: /admin-serv/tasks/Operation/Restart?op=getpid
    [5] stdout> Retry for: /admin-serv/tasks/Operation/Restart?op=getpid
    [5] stdout> Retry for: /admin-serv/tasks/Operation/Restart?op=getpid

  • ODSEE 11g - DPS Directory proxy server suddenly increase load average

    Hi all
    Recently upgraded from directory server 5.2 to ODSEE 11g, one directory proxy configure to one master directory server and one consumer directory server.
    all the three instances are in the same sparc t3 machine.
    Directory proxy server alerts server load average on the machine is above 6.00 normally it is 0.66. I'm not sure what is causing the sudden burst in the load ? the traffic is normal there is no abnormal requests coming to the server. proxy performance degrades over the span of 24 hours ....and Once i restart the proxy services (dpsadm restart) all load averages comes to normal and directory proxy runs normal for the next two - three weeks. The same cycle continues ...I'm not sure what was causing the sudden load increase.
    I increased the JVM heap size from 1GB to 2 GB still continue to have the problem ..did anyone else experience similar problem. How did you fix it....
    Any input or advise in the right direction is much appreciated.
    Thank you.

    server load I'm referring to "prstat command" - server load average suddenly shoot up from 0.66 to 6.00 ie) the CPU usage. Alert is from our server monitoring tool not related to directory proxy.
    Clients report connections time out (etime goes from etime=0 ..2..4.....) over 24 hours i can see the etime increases and eventually the proxy server get hung and non responsive. Once I restart all the performance back to normal at-least for another two weeks.
    I suspect there might be a memory leak or JVM Garbage collection issue -- any expert input how to figure this out will help.
    Here is the JVM args in the proxy server "Xms2g -Xmx2g -Xmn1g -XX:SurvivorRatio=4 -XX:+UseParNewGC -XX:+UseConcMarkSweepGC"
    Here is a jstat during the problem
    ./jstat -gcutil -t 25365 2s 30
    Timestamp S0 S1 E O P YGC YGCT FGC FGCT GCT
    982106.4 0.00 26.17 4.26 92.25 59.52 523 60.979 689 1002.587 1063.566
    982108.4 0.00 26.17 4.40 92.25 59.52 523 60.979 689 1002.587 1063.566
    982110.4 0.00 26.17 4.80 92.25 59.52 523 60.979 689 1002.587 1063.566
    982112.4 0.00 26.17 5.10 92.25 59.52 523 60.979 690 1002.719 1063.698
    982114.4 0.00 26.17 5.15 92.25 59.52 523 60.979 690 1002.719 1063.698
    982116.4 0.00 26.17 5.32 92.25 59.52 523 60.979 691 1003.009 1063.988
    982118.4 0.00 26.17 5.72 92.25 59.52 523 60.979 691 1003.009 1063.988
    982120.4 0.00 26.17 5.80 92.25 59.52 523 60.979 691 1003.009 1063.988
    982122.4 0.00 26.17 5.93 92.25 59.52 523 60.979 692 1003.168 1064.146
    982124.4 0.00 26.17 6.03 92.25 59.52 523 60.979 692 1003.168 1064.146
    982126.4 0.00 26.17 6.15 92.25 59.52 523 60.979 693 1003.481 1064.460
    982128.5 0.00 26.17 6.18 92.25 59.52 523 60.979 693 1003.481 1064.460
    982130.5 0.00 26.17 6.25 92.25 59.52 523 60.979 693 1003.481 1064.460
    982132.5 0.00 26.17 6.29 92.25 59.52 523 60.979 694 1003.656 1064.635
    982134.5 0.00 26.17 6.31 92.25 59.52 523 60.979 694 1003.656 1064.635
    982136.5 0.00 26.17 6.36 92.25 59.52 523 60.979 695 1003.988 1064.967
    982138.5 0.00 26.17 6.89 92.25 59.52 523 60.979 695 1003.988 1064.967
    982140.5 0.00 26.17 6.99 92.25 59.52 523 60.979 695 1003.988 1064.967
    982142.5 0.00 26.17 7.08 92.25 59.52 523 60.979 696 1004.187 1065.165
    982144.5 0.00 26.17 7.31 92.25 59.52 523 60.979 696 1004.187 1065.165
    982146.5 0.00 26.17 7.82 92.25 59.52 523 60.979 697 1004.553 1065.531
    982148.5 0.00 26.17 7.92 92.25 59.52 523 60.979 697 1004.553 1065.531
    982150.5 0.00 26.17 8.01 92.25 59.52 523 60.979 697 1004.553 1065.531
    982152.5 0.00 26.17 8.17 92.25 59.52 523 60.979 698 1004.786 1065.764
    982154.5 0.00 26.17 8.26 92.25 59.52 523 60.979 698 1004.786 1065.764
    982156.5 0.00 26.17 8.38 92.25 59.52 523 60.979 699 1005.174 1066.153
    982158.5 0.00 26.17 8.74 92.25 59.52 523 60.979 699 1005.174 1066.153
    982160.5 0.00 26.17 8.88 92.25 59.52 523 60.979 699 1005.174 1066.153
    982162.5 0.00 26.17 8.96 92.25 59.52 523 60.979 700 1005.433 1066.412
    982164.5 0.00 26.17 9.09 92.25 59.52 523 60.979 700 1005.433 1066.412
    jstat after the restart
    ./jstat -gcutil -t 10084 2s 30
    Timestamp S0 S1 E O P YGC YGCT FGC FGCT GCT
    40312.6 0.00 25.13 88.49 1.98 63.68 21 2.366 0 0.000 2.366
    40314.6 0.00 25.13 88.58 1.98 63.68 21 2.366 0 0.000 2.366
    40316.6 0.00 25.13 88.71 1.98 63.68 21 2.366 0 0.000 2.366
    40318.6 0.00 25.13 88.99 1.98 63.68 21 2.366 0 0.000 2.366
    40320.6 0.00 25.13 89.31 1.98 63.68 21 2.366 0 0.000 2.366
    40322.6 0.00 25.13 89.36 1.98 63.68 21 2.366 0 0.000 2.366
    40324.6 0.00 25.13 89.42 1.98 63.68 21 2.366 0 0.000 2.366
    40326.6 0.00 25.13 89.53 1.98 63.68 21 2.366 0 0.000 2.366
    40328.6 0.00 25.13 89.60 1.98 63.68 21 2.366 0 0.000 2.366
    40330.6 0.00 25.13 89.72 1.98 63.68 21 2.366 0 0.000 2.366
    40332.6 0.00 25.13 90.11 1.98 63.68 21 2.366 0 0.000 2.366
    40334.6 0.00 25.13 90.56 1.98 63.68 21 2.366 0 0.000 2.366
    40336.6 0.00 25.13 90.67 1.98 63.68 21 2.366 0 0.000 2.366
    40338.6 0.00 25.13 90.75 1.98 63.68 21 2.366 0 0.000 2.366
    40340.6 0.00 25.13 91.09 1.98 63.68 21 2.366 0 0.000 2.366
    40342.6 0.00 25.13 91.36 1.98 63.68 21 2.366 0 0.000 2.366
    40344.6 0.00 25.13 91.47 1.98 63.68 21 2.366 0 0.000 2.366
    40346.6 0.00 25.13 91.53 1.98 63.68 21 2.366 0 0.000 2.366
    40348.7 0.00 25.13 91.64 1.98 63.68 21 2.366 0 0.000 2.366
    40350.7 0.00 25.13 91.77 1.98 63.68 21 2.366 0 0.000 2.366
    40352.7 0.00 25.13 91.87 1.98 63.68 21 2.366 0 0.000 2.366
    40354.7 0.00 25.13 91.95 1.98 63.68 21 2.366 0 0.000 2.366
    40356.7 0.00 25.13 92.11 1.98 63.68 21 2.366 0 0.000 2.366
    40358.7 0.00 25.13 92.19 1.98 63.68 21 2.366 0 0.000 2.366
    40360.7 0.00 25.13 92.24 1.98 63.68 21 2.366 0 0.000 2.366
    40362.7 0.00 25.13 92.85 1.98 63.68 21 2.366 0 0.000 2.366
    40364.7 0.00 25.13 93.19 1.98 63.68 21 2.366 0 0.000 2.366
    40366.7 0.00 25.13 93.40 1.98 63.68 21 2.366 0 0.000 2.366
    40368.7 0.00 25.13 93.44 1.98 63.68 21 2.366 0 0.000 2.366
    40370.7 0.00 25.13 93.47 1.98 63.68 21 2.366 0 0.000 2.366
    Any one else had similar behavior. Any input to the right direction is highly appreciated.
    Thanks.

  • Question on Sun Directory Proxy Server 5.2.4

    Hello Guys,
    Is it a good idea to have DPS and DS on the same server? Did anyone run into any issues? We have four Sun DS servers four-way master replicated on Windows 2003 std. We are in the process of evaluating Sun Directory Proxy server to resolve single point of failure between our custom apps and LDAP servers. I would appreciate any insights on Sun DPS implementation on Windows 2003 Std.
    Thanks

    While it might not be too good an idea (you essentially want the DPS for load balancing AND failover, right? So why risk putting it on the same machine ;) ), it does work.
    I recently implemented DPS on Solaris, and things generally work fine. (The command line interface isn't too reliable though). If you are thinking of routing all your traffic over SSL (ie, Client---ssl--->DPS---ssl--->DS), make sure you apply the latest patch available for the DPS. The dps524.jar that comes with the default installer isn't what it used to be (JES 2005Q4), and will give you issues when configuring SSL for DPS. Apart from that, things are more or less a breeze.

  • Directory Proxy Server Public API

    Where to find Directory Proxy Server (6 or 7) public API?
    Thank you

    Well, DPS is mainly a LDAP proxy, so upon reception of a bind, it will forward it to a LDAP directory server that would compare the credentials with the standard userPassword attribute.
    DPS can be also used OOTB as a Virtual Directory to provide a LDAP view of non-LDAP data, e.g a SQL database: In that case, DPS implements natively the bind operation, that is, it retrieve the user password from the SQL db, then compare
    it with the credentials provided by the client. In that case, the user password can be retrieved from any SQL column.
    So to achieve this with a LDAP backend, a DPS bind plugin would have to get the user password from the target LDAP entry and do the comparison. A secured channel between DPS and the backend would be required to exchange such sensitive pieces of information. Technically, this would work only if you plan to use LDAP for authentication only (bind only), because the backend LDAP directory server would not consider user entries w/o userPassword attribute as regular accounts (with associated access rights).
    Could you explain where you requirement comes from?
    Thanks
    -Sylvain

  • Integration of sap R/3 (4.7) and Microsoft active directory (2003)

    Hi All,
    I would like to know integration of sap R/3 (4.7) and Microsoft active directory (2003) and also SAP EP and Microsoft active directory. I have been working as a ep consultant with a local bank. I am new for this integration work, So please kindly provide me the steps for integrating these both directories.
    Pls help me with this issue.
    Thanks in advance,
    Regards,
    Raghav.

    Hi,
    First You should read:
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/bc72b890-0201-0010-3a8d-e31e3e266893
    Regards,
    Jarek

  • SCCM report to show last logged on user and the Active Directory department attribute of that user.

    I need to create an SCCM report to show last logged on user on all machines and the Active Directory department attribute of that last logged on user.

    You problem is here.
    right
    join v_R_User USR on USR.ResourceID
    = CS.ResourceID
    USR.ResourceID != CS.ResourceID, you need to map the username to the user logon to the PC. By using the user’s department information you will
    end up with unreliable results.
    Anyways you need to make these changes to your query.
    left
    join v_R_User USR on USR.Unique_User_Name0
    = CS.UserName0
    http://www.enhansoft.com/

  • OID and MS Active Directory  LDAP information Synchronization

    Do you know have to do the integration between OID and MS active Directory? How to synchronize the LDAP information between two?

    Hi, I have the same question.
    Thanks,
    Malin

  • Tuning directory proxy server parameters

    I need help to tune following parameters of Directory proxy server 5.2patch4.
    simultaneous operations per connection
    Total operations per connection
    Simultaneous connections to this group
    simultaneous connections per ip address.
    Before tuning these parameters, I wanted to know how can I find current usage of above parameters from directory server/directory proxy server. Right now there is no value set for these parameters.
    Is there any tool/command line utility or any other way to find current usage of these parameters?
    Any help will be appreciated. Thanks in advance.
    Thanks
    -Ashok

    I think the default is unlimited. You can use these
    params to tune your server.Thanks for response.
    How do I know the baseline to set these parameters? What tool/utility can I use on Proxy server/Directory server in order to find the baseline for these parameters.
    To make it more clear, how can I find from proxy server/DS server that how many currently simultaneous operations per connection are going on..
    how many total operations per connection are running..
    how many simultaneous connections to this group are running.
    how may simutaneous connections per ip address are running.
    Please let me know if you need further info.
    Thanks again.

  • Issue with binary attribute types through Directory Proxy Server 6.3.1

    I'm having problems with DPS 6.3.1.1 on Solaris 10 with binary attribute types. From most LDAP servers, requesting an attribute such as userCertificate would return userCertificate;binary without any issues. However, DPS seems to consider these two separate attributes. In order to see userCertificate;binary, I have to ask for it in that exact format. This obviously is causing trouble for many clients as they shouldn't care about the binary type as it's the same attribute.
    I've tried to correct this with a virtual data transformation (dpconf add-virtual-transformation 'PKI Tree' read add-attr-value userCertificate \${userCertificate\;binary}) but the end results are the same. Any ideas on how I can correct this one?
    Thanks in advance.

    Here is some complementary information:
    system (uname -a):
    SunOS xxx 5.10 Generic_142900-13 sun4u sparc SUNW,Sun-Fire-V440
    since patch 118666-26: update java 1.5.0 update 24
    we are experiencing the follwing problem:
    xxx$ ./dpadm start /opt/ldap/instances/mail/
    The Directory Proxy Server instance '/opt/ldap/instances/mail' failed to start after the waiting period.
    The Directory Proxy Server instance start has produced the following error output:
    Exception in thread "main" java.lang.NoSuchFieldError: strm
    at java.util.zip.Inflater.initIDs(Native Method)
    at java.util.zip.Inflater.<clinit>(Inflater.java:60)
    at java.util.zip.ZipFile.getInflater(ZipFile.java:375)
    at java.util.zip.ZipFile.getInputStream(ZipFile.java:320)
    at java.util.zip.ZipFile.getInputStream(ZipFile.java:286)
    at java.util.jar.JarFile.hasClassPathAttribute(JarFile.java:469)
    at java.util.jar.JavaUtilJarAccessImpl.jarFileHasClassPathAttribute(JavaUtilJarAccessImpl.java:21)
    at sun.misc.URLClassPath$JarLoader.getClassPath(URLClassPath.java:809)
    at sun.misc.URLClassPath.getLoader(URLClassPath.java:293)
    at sun.misc.URLClassPath.getResource(URLClassPath.java:160)
    at java.net.URLClassLoader$1.run(URLClassLoader.java:192)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:307)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:300)
    at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:268)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:252)
    at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:320)
    The Directory Proxy Server instance '/opt/ldap/instances/mail' is not running.
    We have tried to install patch 118666-27 (not recommended, but already available) which includes jdk 1.5.0 update 25 -> same problem
    When returning to jdk 1.5.0 update 20 the directory proxy server starts as normal

Maybe you are looking for