EDirectory users login issue(Linux Systems)
Dear team,
For PDC(primary domain controller)::
We have installed SLES11-SP3 and OES11-SP2 on the top of this.
After this, we configured DSFW and eDirectory.
Now, when we are trying to login eDirectory users from Windows System,, we are able to do this.
But when we trying from Linux Systems, users are able to login but not getting their respective directory (/home/user_name)
For ADC(additional domain controller)::
We configured same configuration as shown above by replicating tree.
For this server, when we are trying to login eDirectory users from Windows and Linux Systems, we able to do this successfully without any issue.
Both Servers we are using for high availability.
Please help us on the PDC.
Thanks
Dear Team,
As you asked we don't know whether it is using ncp or dsfw, please let us know this also. I want to give you clear picture, step by step.
Goal:
1. We have two systems, need replication of edirectory Partition.
2. We need to login from edirectory users in windows/linux both
3. We want to login into windows systems like AD users from DSFW, using domain login.
4. We need to login in Linux machine with eDirectory users using LDAP authentication
5. We need to sync both systems 24x7x365
Implementation:
1. We have install SLES11-S3 with OES2-S2 in first machine with image name OES11-SP2-addon_with_SLES11-SP3-x86_64-DVD.iso (4GB image size)
https://www.novell.com/documentation.../b11i67vh.html
a) Installation of forest root domain.
b) New tree : K_TREE
c) FDN : cn=administrator,cn=Users,dc=k2,dc=gov,dc=in
d) Net bios domain name = k2
e) Configure this server as WINS server:selected check box
f) Site name : DC
Particulars:
IP : 10.0.0.136
Hostname: PDC.k2.gov.in
Domain: k2.gov.in
Netbios name: k2
NTP: 10.0.0.136 (we dont have ntp server as of now)
Selected : Use multicast to access SLP
Novell modular authentication services: Challenge response, NDS
Then Novell OES configuration successfully done.
2. In second server we have replicated first edirectory server.
a) SLP Server : blank
b) NTP: 10.0.0.136
c) Existing tree : K_TREE
d) IP:10.0.0.135
e) FDN: cn=administrator,cn=Users,dc=k2,dc=gov,dc=in
f) Enter Server Context: dc=k2,dc=gov,dc=.in
g) Hostname : ADC.k2.gov.in
We have installed only iManager and edirectory with existing PDC eDirectory.
Replication done successfully
IP Hostname Partition Windows without agent Linux LDAP replication home directory in linux
PDC 10.0.0.136 PDC.k2.gov.in k2 login login done yes
ADC 10.0.0.135 ADC.k2.gov.in k2 login login done no
Testing PDC :
1. Windows 7, successfully joined DSFW domain : k2.gov.in
2. Windows Users are able to login from edirectory/DSFW users
3. Linux Users are also able to login with normal shell, but not getting home directory
Testing ADC :
1. Windows 7, successfully joined DSFW domain : k2.gov.in
2. Windows Users are able to login from edirectory/DSFW users
3. Linux Users are also able to login with normal shell, also getting home directory
Query : In PDC (DSFW Domain k2.gov.in) Linux users are getting shell but not getting Home directory in RHEL-6.5, but ADC (DSFW Domain k2.gov.in) Linux Users are getting shell as well as Home directory also.
Similar Messages
-
Hi All,
We are getting login issue on our UAT server. AD users are not able to login into share point,it again prompting login box after entering correct username and password.
When we add that user to local admin group then it works.May be you are try it on same sharepoint machine. If you try some other machine it will work fine. You need to create a registry key for that. This is a known issue with sharepoint
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
DWORD DisableLoopbackCheck
Value. 1
http://support.microsoft.com/kb/896861 -
Mac OSX Lion Server Network User Login Issue
We have in the office a server running Mac OSX Lion, and several network users who've all been running happily for quite a will.
About a month ago I was added to the system, and initially we had a few issues relating to the home directory, but we changed 'something' and it all worked.
Fast forward to now, and we've added a new user - Hannah - to our system.
I've added her in the Workgroup Manager, and set her up everywhere I can find on the server. Her home directory creates on the server fine.
She appears in the Logon list on the client machines, and here's where the trouble starts...
Every time she tries to log on, it fails. The logon box just bounces or wobbles as though the password is incorrect. We've tried changing the password, to no avail. We've tried adding new test users - same problem.
We've tried sudo kinet on the Terminal as a local user, with variable results.
I'm at my wits end, and really hoping someone here can help offer some suggestions or advice we can work through to get to the bottom of this.
Thanks in advance!Your problems are likely occurring because you added her to the directory with Workgroup Manager.
You should really start avoiding WGM when at all possible as Apple is clearly moving away from it. Because of this, things don't always work as expected when using 'legacy' tools like WGM.
My guess as to what your problem is: When you create a new user in Server.app, two things happen for you automatically that WILL NOT HAPPEN if done from WGM.
First the user is added to the default "Workgroup" group.
More importantly (and the source of much confusion), the user is automatically added to SACLs.
Check the SACL for the user in Server.app, I bet you'll notice that they aren't a member of the File Sharing group like they should be. To solve this problem, you can either delete the user and recreate them in Server.app, or manually add them to the appropriate SACL.
I would opt for recreating them in Server.app if I were you, as I don't trust user accounts that originate in WGM on Lion Server. -
Problem in generating User Login Report on System Usage
We want a daily shift-wise(3 shifts of 8 hours each) report with following information
1. User-ID
2. Login Time-Stamp
3. Transaction Code
4. Transaction Code Start Time-Stamp
5. Transaction Code End Time-Stamp
6. Logout Time-Stamp
At present we are extracting the usage data with STAD transaction & processing in batch mode to generate a report which is not fulfilling our requirement as it is not having Transaction Code End Time-Stamp. One problem is same transaction code is having multiple Time-Stamps. If time-stamp is considered up to hour & minute, multiple records for same transaction code as well as different transaction codes are appearing. We are unable to generate MIS as per our requirement.
Thanks in advance.
KajalHi,
This may be possible if the trace is activated in the TA ST01. But it is not advisable to keep this trace for a prolonged period as it has an adverse effect in the system performance.
For a smaller user base, u can enable the security log in TA SM19, The report can be pulled from TA SM20.
Hope this helps.
Regards,
Varadharajan M -
Exchange 2003/2010 Coexistance - User login Issue
Hello
We have deployed Exchange 2010 SP3 in coexistance with 2003 and created connectors.
2003/2010 both Users are not able to login on 2010 OWA and error showing that username/PW is wrong although they are working on OWA 2003 perfectly.
When i add the same user to the local admin group on the Ex2010 server, it works fine with email send/receive. i am confused please suggest what i am missing....Regards
WaseemHello
This is the error that occured during that time.
SACL Watcher servicelet encountered an error while monitoring SACL change.
Got error 1722 opening group policy on system SERVER.DOMAIN in domain MYDOMAIN.
Event ID 6003
Source : MSExchange SACL Watcher
i am not sure if its related to this problem.
Secondly i have also tested to run the "Microsoft Exchange Active Directory Topology Service" with a new user having all the rights of exchange & AD groups but its showing giving the error that it cant run the dependency
services. currently this service is running with the local account rights.
I just add the test users (moved from 2003 and new user created in 2010) to the local admin group and it works fine, please give any idea what may be the problem in rights or something else ??
Regards
Waseem -
How to add Popup message as soon as user logins to portal system?
Hi,
I want to display a popup message as soon as user logs on to the portal system.
Regards,
AnaghaAnagha Bhat wrote:
what do you mean by "iView with the popup as the entry point" ?
I think this means, iView's 'Launch in new window' property should be accordingly set.. -
LDAP/AD Role group user login issue in sharepoint 2010 FBA with LDAP
Hi.
I created sharepoint 2010 site with LDAP FBA.If I add the AD user as form based user and try to login to my site its working very well but if I add a AD Group in to my site and try to login with one of the AD user of this group its say "Access
Denied".
In my project we want add AD group in sharepoin Groups not a individual AD users.
Can anyone help me with this please its urgant?I added both LDAP membership and LDAP Role provider.And I can also find groups in people picker in my Central Admin and FBA Web app site colleciton.
<add name="ADMembers"
type="Microsoft.Office.Server.Security.LDAPMembershipProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71E9BCE111E9429C"
server="company.com"
port="389"
useSSL="false"
userNameAttribute="sAMAccountName"
userContainer="DC=company,DC=com"
userObjectClass="person"
userFilter="(|(ObjectCategory=group)(ObjectClass=person))"
userDNAttribute="distinguishedName"
scope="Subtree"
enableSearchMethods="true"
otherRequiredUserAttributes="sn,givenname,cn"
/>
<add name="ADRoles"
type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
server="Company.com"
port="389"
useSSL="false"
groupContainer="DC=Company,DC=com"
groupNameAttribute="cn"
groupNameAlternateSearchAttribute="samAccountName"
groupMemberAttribute="member"
userNameAttribute="sAMAccountName"
dnAttribute="distinguishedName"
groupFilter="(ObjectClass=group)"
userFilter="(ObjectClass=person)"
scope="Subtree" /> -
OS X 10.10.2 Server 4.0.3 Wiki User Login Issue
I have an Apple wiki that seems to be running fine for all but one user.
Now, when that user tries to login it just sits there and does not process the username or password.
When you go to All People that user is no longer listed there.
We authenticate via Active Directory.
Where should I start trouble shooting?After the user attemps to login, when they return to the page they get this until they clear their internet data from Safari:
Caught exception "[<CSEntityPlaceholder 0x7fbc404fb9a0> valueForUndefinedKey:]: this class is not key value coding-compliant for the key externalID." [NSUnknownKeyException] executing route /app-context/wiki:
0 CoreFoundation 0x00007fff90a3966c __exceptionPreprocess + 172
1 libobjc.A.dylib 0x00007fff8d20d76e objc_exception_throw + 43
2 CSService 0x0000000100dbf569 -[CSLocalServiceProxy forwardInvocation:] + 1278
3 CoreFoundation 0x00007fff909838a6 ___forwarding___ + 518
4 CoreFoundation 0x00007fff90983618 _CF_forwarding_prep_0 + 120
5 CSService 0x0000000100de86f3 __27-[CSAppContextService init]_block_invoke234 + 180
6 CSService 0x0000000100dcfaf4 __53-[CSRoutingHTTPConnection httpResponseForMethod:URI:]_block_invoke + 92
7 CSService 0x0000000100dd30ea -[CSHTTPBackgroundResponse bounce:] + 284
8 Foundation 0x00007fff9523c90a __NSThread__main__ + 1345
9 libsystem_pthread.dylib 0x00007fff8c145268 _pthread_body + 131
10 libsystem_pthread.dylib 0x00007fff8c1451e5 _pthread_body + 0
11 libsystem_pthread.dylib 0x00007fff8c14341d thread_start + 13 -
Hi All,
I am having CUCM 7.1.5 and CUPS 8.0(4) installed. The problem is when I tried to login the CUPS user page the it says "login failed". The CUPS intergration with CUCM seem to be fine because all the end users can be seen in CUPS. But I am not able to login the CUPS user page. Users have needed roles assigned to them.
CUCM is sycronized with LDAP server over SSL
Can anyone pls help me on this. What else I need to check? Is there any log to check on CUCM or CUPS?
ThanksHi Ronak,
It is not the problem login to the CUPC (still I didn't tried it), I have problem login to the CUPS User Web page using end user credentials in CUCM
End users have needed roles assigned and they also are CUP enabled users
Pls can you suggest me to any thing to check, As I said our CUCM is sycronized with LDAP server over SSL
Thanks -
Wiki Server - AD User Login Issues (8002)
I'm in the process of getting wiki server functioning in an AD integrated environment. We have login, portable home directories, and many other integrated services working properly, but I'm having trouble with wiki server. When logging in to the server using OD credentials, things function properly. However, when logging in with AD credentials, users are presented with "Invalid Session (8002)" in a web browser popup, and the server notes the following in its error logs:
2008-07-02 09:29:45-0400 [HTTPChannel,12,127.0.0.1] Unhandled Error
Traceback (most recent call last):
File "/usr/share/caldavd/lib/python/twisted/web/http.py", line 598, in requestReceived
self.process()
File "/usr/share/caldavd/lib/python/twisted/web/server.py", line 150, in process
self.render(resrc)
File "/usr/share/caldavd/lib/python/twisted/web/server.py", line 157, in render
body = resrc.render(self)
File "/usr/share/wikid/lib/python/applexmlrpcserver/WebAppServer.py", line 70, in render
d = defer.maybeDeferred(function, request, *args)
--- <exception caught here> ---
File "/usr/share/caldavd/lib/python/twisted/internet/defer.py", line 107, in maybeDeferred
result = f(*args, **kw)
File "/usr/share/wikid/lib/python/applexmlrpcserver/WebAppServer.py", line 91, in xmlrpc_login
session = SessionHandler.sessionHandler.sessionForID(session_id)
File "/usr/share/wikid/lib/python/apple_utilities/SessionHandler.py", line 155, in sessionForID
return self.authProvider.avatarForSession(sessionid)
File "/usr/share/wikid/lib/python/apple_utilities/Authentication.py", line 349, in avatarForSession
return self.sessionFactory.getSession(sessionId)
File "/usr/share/wikid/lib/python/apple_utilities/Authentication.py", line 210, in _func
return f(self, *args, **kwargs)
File "/usr/share/wikid/lib/python/apple_utilities/Authentication.py", line 269, in getSession
raise InvalidSessionError(sessionId)
apple_utilities.Authentication.InvalidSessionError: Invalid Session:
2008-07-02 09:29:45-0400 [HTTPChannel,12,127.0.0.1] 127.0.0.1 - - [02/Jul/2008:13:29:44 +0000] "POST / HTTP/1.1" 200 1758 "http://cts-fs01/groups/cts/" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 1054; en-us) AppleWebKit/525.18 (KHTML, like Gecko) Version/3.1.2 Safari/525.20.1"
Any suggestions or ideas? Smells like a bug to me unfortunately...
Many thanks,
JoshClear text authentication must first be enabled for both Wiki and iCal in order for certain functionality to work in the OD/AD config. So there are a couple of workarounds that must be applied.
For Wiki, there is a KBase article that provides instructions and background info on this subject:
http://docs.info.apple.com/article?artnum=306750
For iCal, you must edit the caldavd.plist file for the following:
<key>Authentication</key>
<dict>
<key>Basic</key>
<dict>
<key>Enabled</key>
<false/> <----- change to true
</dict>
<key>Digest</key>
<dict>
<key>Algorithm</key>
<string>md5</string>
<key>Enabled</key>
<true/> <---------- change to false
<key>Qop</key>
<string></string>
</dict>
<key>Kerberos</key>
<dict>
<key>Enabled</key>
<true/>
<key>ServicePrincipal</key>
<string></string>
</dict>
</dict> -
Hi Experts,
I installed Hyperion DRM 11.1.2.1 in Windows 2008 server.
Created the DRM Schema and the objects using the generated scripts.
I have entered the repository admin ID(DRM_DB in my case) and password and saved the configuration.
Test connection is successful.
I can start and stop the application.
I can also open the URL: http://localhost/drm-web-client/Logon.aspx.
But when I am entering the admin ID and password, it is saying DRM-61025:unable to create user session. Reason: Login failed. Invalid username or password.
Please help if you have faced this problem. Let me know if you need more information.
Thanks,
NSHi,
DRM user login issue
Please go through the above URL and the solution, hope it will solve the issue.
Thanks -
Is there any way to call java program whenever i login to R3 System.?
Hi Experts
Is there any way to call java program whenever i login to R3 System.
Means Whenever the user login to R3 system i should trigger one java program.. Is there any way
Please help me
Thanks & Regards
Ravi Shankar BIf you want to access to the Windows Taskbar, you should call some Win32 APIs and JNI. Refer to Win32 references.
-
ABAP dump when user login in to PRD system
Hi Experts,
From today morning our users are facing one severe issue.The users when ever they login into the system the ABAP dump is occuring like "Database inconsistency: Start transaction SICK ",when i execute the SICK t-code it is showing errors.
SAP System Check
no application server offers an VB service
Severe problems were detected during initial system check.
Please, do not use that system before fixing these problems.
our go live was before one month only,now we are facing this issue.our kernel release is 740 and DB sybase ASE 15.7.0.1010. please suggest us what can we do.
regards,
Patan Thavaheer.|15.05.2014 Active parameters 12:47:40 |
|Parameter Name |Parameter value Parameter Value - Continued |
|login/disable_multi_gui_login |1 |
|rdisp/wp_no_enq |1 |
|login/no_automatic_user_sapstar |0 |
|SAPSYSTEMNAME |XXX |
|SAPGLOBALHOST |XXXXXX |
|SAPSYSTEM |00 |
|INSTANCE_NAME |DVEBMGS00 |
|DIR_CT_RUN |$(DIR_EXE_ROOT)\$(OS_UNICODE)\NTAMD64 |
|DIR_EXECUTABLE |$(DIR_INSTANCE)\exe |
|DIR_PROFILE |\\XXXXXX\sapmnt\XXX\SYS\profile |
|_PF |$(DIR_PROFILE)\XXX_DVEBMGS00_XXXXXX |
|SETENV_00 |PATH=$(DIR_EXECUTABLE);%PATH% |
|Start_Program_00 |immediate $(DIR_CT_RUN)\sapcpe$(FT_EXE) pf=$(_PF) |
|_CPARG0 |list:$(DIR_GLOBAL)/syb/NTAMD64/cpe_sybjdbc.lst |
|_CPARG1 |source:$(DIR_GLOBAL)/syb/NTAMD64 |
|Start_Program_01 |immediate $(DIR_CT_RUN)\sapcpe$(FT_EXE) pf=$(_PF) $(_CPARG0) $(_CPARG1) |
|Start_Program_02 |immediate $(DIR_CT_RUN)\sapcpe$(FT_EXE) pf=$(_PF) |
|_CPARG2 |list:$(DIR_GLOBAL)/syb/NTAMD64/cpe_sybodbc.lst |
|_CPARG3 |source:$(DIR_GLOBAL)/syb/NTAMD64/sybodbc |
|Start_Program_03 |immediate $(DIR_CT_RUN)\sapcpe$(FT_EXE) pf=$(_PF) $(_CPARG2) $(_CPARG3) |
|_CPARG4 |list:$(DIR_CT_RUN)/sapcrypto.lst |
|Start_Program_04 |immediate $(DIR_CT_RUN)\sapcpe$(FT_EXE) pf=$(_PF) $(_CPARG4) |
|SAPJVM_VERSION |6.1.048 |
|DIR_SAPJVM |$(DIR_EXECUTABLE)$(DIR_SEP)sapjvm_6 |
|jstartup/vm/home |$(DIR_SAPJVM) |
|Start_Program_05 |immediate $(DIR_CT_RUN)\strdbs.cmd XXX |
|sec/libsapsecu |$(ssl/ssl_lib) |
|ssf/ssfapi_lib |$(ssl/ssl_lib) |
|rdisp/wp_no_dia |10 |
|rdisp/wp_no_btc |3 |
|_DW |$(DIR_EXECUTABLE)\disp+work$(FT_EXE) |
|Start_Program_06 |local $(_DW) pf=$(_PF) |
|_IG |$(DIR_EXECUTABLE)\igswd$(FT_EXE) |
|Start_Program_07 |local $(_IG) -mode=profile pf=$(_PF) |
|rdisp/wp_no_vb |1 |
|rdisp/wp_no_vb2 |1 |
|rdisp/wp_no_spo |1 |
|ssl/ssl_lib |$(DIR_EXECUTABLE)$(DIR_SEP)$(FT_DLL_PREFIX)sapcrypto$(FT_DLL) |
|SETENV_01 |SECUDIR=$(DIR_INSTANCE)/sec | -
How to get an alert when user login with "DDIC" in any of the systems?
Hi all,
Can it be possible when ever the user login with DDIC user in any of the satellite system,can we we get an alert -as DDIC login attempt in any system?
Is this possiblem in CCMS or BPM or...?
Regards,
NeniHi Srikrishna,
Link which you have give is good.But when i login with DDIC i am not geting alerts and i am not able to add any satllites system to
under Security node
My configuration:
Miximum values for list 1 min
When should an alert be triggered?
From value Red Severity 2
Max. number of alerts for each message ID 50
Max. number of lines to be saved 50
SM19
Client * Events
User DDIC selected -Dailog logon Alll
systmem
Please help me.
Regards,
Swaroop -
GRC AC 10.1 - End User Login - Request issue
Hi experts!
Im working in GRC AC 10.1 SP07. I have configured END USER LOGIN services; the idea is that end user from ECC system could submit request without having user in GRC box, this is working fine but i´m experimenting next problem.
When i go to search request, those request submited by end user appears like created by Z_END_USER, this is the user in GRC that i have configured in services GRAC_UIBB_END_USER_LOGIN and GRAC_OIF_REQUEST_SUBMISSION_EU.
¿Is possible to configure that request appears "Created By" the requester and not the service´s user? I don´t think so, but if not, ¿is there any way to add the column User ID in Result screen? because it is avaible in parameters search but im not being able to add this in result screen (it´s not like hidden neither).
Parameters "Created by user ID" would be service´s user and "User ID" would be the requester.
Thanks!
EmilianoHi Emiliano,
Your understanding is correct, request created by UserID will always show GUEST UserID configured in the End User Logon service.
In search requests there is option to search requests by UserID but the same field has not been enabled to be available in Search Request result screen. This is as per standard functionality. You can check with SAP or can work with ABAPer to make the UserID column as display field in Search Request results.
Regards,
Madhu.
Maybe you are looking for
-
Additional Field in Inspection Lot Posting
Dear all I have a requirement wherein it is required to enter text/remarks during UD.This has to be seen in the QA32/33 output also. Please suggest. S Anil
-
Some folders won't open properly. Why?
Ever since upgrading to Mountain Lion (from Lion), there are a couple of folders that won't open properly. This isn't a huge deal, but it is annoying. I tried logging out and in again, repairing permissions, and verifying the disk, and none of them f
-
Hi everyone, I was hoping someone could help me with a question, My laptop keyboard is not working, it was working until I plugged in a usb connected wireless keyboard that I was working on a projector with, after I removed the usb connection it wo
-
Al actualizar a maverick no me abre el Mail
Al actualizar al maverick, ya no puedo abrir el Mail
-
I have an Apple 2 IPAD and an Apple IPOD Touch. Some things are appropriate for each device. For instance, I like all my music and podcasts on the IPOD and I want all my books on the IPAD. When I sync my devices I get everything from ITUNES on bot