Encrypt file without modules PI or XI

Similar Messages

• Encrypt file without the plain text extension

  hi
  I am encrypting a txt file using GnuPG. The command that i am using encrypts the file and puts .gpg extension to the plain text extension. For example if my plain text file is test.txt after encryption the file name becomes test.txt.gpg. My requirement is that the encrypted file should not have the plaintext extension. So the encrypted should be test.gpg instead of test.txt.gpg? Is this possible? If yes, please give me some ideas
  Thanks in advance

  Unless I am much mistaken, the gpg command has nothing to do with Java programming whatsoever. Your question is 100% off topic. Locking the thread.

• Invoke Adobe reader in BB10, how to open encrypted files without prompting for password.

  Hello All,
  I am developing a BB10 application that invokes Adobe Reader as a card for viewing my encrypted pdf books, all books have the same password and I don't want to expose the password to the users to prevent copying copyrighted books. Is it possible to pass the password as parameter when invoking Adobe reader ? if not, is there a trick that can be used to prevent the user from using the options "Share" and "Save As" in card-invoked Adobe reader ?
  Thanks to all.
  Mohanad

  PS Touch can't open PSDs locally. They have to be imported via Creative Cloud (and even then, they are flattened when imported).
  I imagine this was a "quality of life" decision since PS Touch can only support up to 16 layers in a particular project. That and maybe the fact that Photoshop (and Photoshop Elements) can use layer masks, which PS Touch doesn't presently have.

• How can I generate my own InDesign ePub file without the encryption.xml file?

  My bookstore (B&N) will not accept my ePub file because it doesn't want the file encryption.xml included. How can I generate an InDesign ePub file, for my own books, without it? Is there a check box somewhere? I've searched through the ePub export box and the file info boxes—no luck.
  Error message from B&N's PubIt.com:
  We have found a file name called encryption.xml within your ePub file container, which means that part of, or all of, your file is encrypted. We do not accept any encryptions within ePub source files. Upon closing this message, please remove the encryption.xml file from your ePub, and you may attempt to upload your ePub file again.
  If you wish to apply DRM to your title, go to Section 4, question H and select Yes. PubIt! will apply DRM to your title after you have uploaded your ePub file without encryption.
  Thanks for your help…

  Unfortunately you will find the option to uncheck "Embeddable Fonts" within ID CC 2014 only if you are creating an ePub with reflowable layout, but not if you are creating a "fixed layout" ePub.
  I went with the suggestion of the eCanCrusher and was pleasantly surprised how easy to use this free tool is. You basically just drag your ePub over the icon of the App and it creates a folder in which you find the encryption.xml within the META-INF folder. Once you erased it you drag the folder over the icon of the App and through this you will get a new encryption-free ePub which now passes iTunes Connect Book Proofer test.
  But then - opening the ePub without it's encryption within iBooks (on ipad) the text has moved, spaces between words are gone for no reason, words are even sticking into each other - it looks unacceptable! It does look OK on the iBook desktop app, however.
  My solution was to change the font from Myriad to Verdana. I had changed the fonts before, because - whatever font I had used - it's reproduction on the ipad was messed up, and Myriad was the first one that I tried that looked alright, though, not so much after removing the encryption.xml. Unfortunately everything changes when you change fonts within a fixed layout ePub and all line breaks have to be revised now...
  I also tried to remove the embedded fonts from inside the ePub, like someone else suggested, but that didn't help with the Book Proofer. It's really the encryption.xml that needs to be removed.
  I wish that I now finally can submit successfully to Apple and wish that Adobe would have a better relationship with Apple to solve issues like that.

• I create an encrypted file on my mac and it always opens without the password.  Wh,y?

  I have tried several times to create an encrypted file on my iMac, following the procedure Apple lists, using Disk Utility.  Each time, the file opens without requiring a password. Hence, there is no security.  What am I doing wrong?

  Apparently, you missed this salient part:
  If you select “Remember password in my keychain,” anyone with access to your computer may be able to open the disk image without entering the password.

• How can i send PGP encrypted file from PI to the receiver

  Hi experts,
                      I am unable to send the  PGP encrypted file from PI to the receiver. where the Clients sends the file using PGP encryption,
  But i am trying to send the same with PI. But i am not able to send the same can you please help me out to get the same incorporated using PI 7.1
  and sends to the receiver ( the rceiver would be FTP ).
  Regards,
  Amruth

  hi,
  You can write an adapter module to encypt your payload before sending to Reciever:
  /people/dijesh.tanna/blog/2008/09/15/sap-pi-integrating-macafee-e-business-server-with-sap-pi-70-for-pgp-encryptiondecryption
  http://www.bouncycastle.org/documentation.html
  http://www.cryptix.org/
  http://aedaptive.com/index.php/solutions/pgp-for-sap-netweaver
  http://www.pgpi.org/doc/pgpintro/
  PGP encryption: Do we need to write adapter module?
  If you are getting PGP file from sender and want  to send this file to target without any mapping transformation you can use this blog:
  /people/william.li/blog/2006/09/08/how-to-send-any-data-even-binary-through-xi-without-using-the-integration-repository
  Thanks.

• [SOLVED] Encrypted install without LVM

  I always installed my encrypted systems without LVM, on Debian, Ubuntu and openSUSE. Basically my partition scheme is:
  /boot
  /swap
  /home
  I've been trying to run the system for 2 days without success.
  After install+reboot, a password is asked for the "main" disk (configured on /etc/default/grub) and then everything hangs. I press Ctrl+C then after being asked for the root password (and typing it) I can log in and manually mount the other partitions, but no DE can load.
  I'll put my install scheme so you can understand better, and, if requested, I can upload my conf files such as grub, mkinitcpio etc.
  Install process:
  # loadkeys br-abnt2
  # modprobe dm-crypt
  # cfdisk
  After creating all partitions:
  # cryptsetup -c twofish-xts-plain64 -y -s 512 luksFormat /dev/sdaX
  # cryptsetup luksOpen /dev/sdaX cr_sdaX
  # mkfs.ext4 /dev/mapper/cr_sdaX
  # mkswap /dev/mapper/cr_sda3
  # swapon /dev/mapper/cr_sda3
  # mkfs.ext4 /dev/sda1
  # mount /dev/mapper/cr_sda2 /mnt
  # mkdir /mnt/boot
  # mkdir /mnt/home
  # mount /dev/sda1 /mnt/boot
  # mount /dev/mapper/cr_sda4 /mnt/home
  # nano /etc/pacman.d/mirrorlist
  # pacstrap /mnt base base-devel
  # genfstab -L -p /mnt >> /mnt/etc/fstab
  # arch-chroot /mnt
  # nano /etc/locale.gen (same locales as the 1st time)
  # locale-gen
  # nano /etc/locale.conf
  # nano /etc/vconsole.conf (KEYMAP=br-abnt2)
  # ln -s /usr/share/zoneinfo/Brazil/East /etc/localtime
  # mkinitcpio -p linux
  # nano /etc/mkinitcpio.conf
  Now I edit '/etc/mkinitcpio.conf' and add 'keymap' and 'encrypt' to the HOOKS line, right before 'filesystems' and then rebuild the image.
  # echo junior > /etc/hostname
  # passwd
  # pacman -S grub
  # grub-install /dev/sda
  Now, in '/etc/default/grub' I edit the line 'GRUB_CMDLINE_LINUX=”"' to 'GRUB_CMDLINE_LINUX=”cryptdevice=/dev/sda2:main”' then I run:
  # grub-mkconfig -o /boot/grub/grub.cfg
  #exit
  #umount -R /mnt
  #reboot
  Now, after install, the system asks me for the /dev/sda2 password, it says it's clean, than hangs. I press Ctrl+C, it says I can continue/rescue/etc, I type my root password and then mount the other partitions.
  Funny thing is that it can't mount /home and after I mount it manually it tries to continue to boot, but hangs again. Then again I press Ctrl+C and I log in as root. I also isntalled xorg/nvidia/xfce to see if it loads after manually mounting the partitions but no success, I have to start it manually.
  So, if any of you successfuly installed Arch with an encrypted FS w/o a LVM = PLEASE!! HELP!
  Regards.
  Last edited by Amarildo (2013-09-25 17:00:25)

  mr.MikyMaus wrote:Do you have "root=/dev/mapper/cr_sda2" set as a kernel boot parameter?
  Yes, although I think the ro option should be changed to rw:
  GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda2:cryptroot root=/dev/mapper/cryptroot ro"
  I got to the point where it asks me for the / password and then for /home too, but it hangs there, home is not being mounted nor swap. I'm on the system now but as root and with xfce.
  For some reason I can't upload my files so I post them here.
  PS: The GRUB file (/etc/default/grub) was not posted entirely since I only edited the last line of what's being pasted here.
  GRUB
  GRUB_DEFAULT=0
  GRUB_TIMEOUT=5
  GRUB_DISTRIBUTOR="Arch"
  GRUB_CMDLINE_LINUX_DEFAULT="quiet"
  GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda2:cryptroot root=/dev/mapper/cryptroot rw"
  mkinitcpio.conf
  # vim:set ft=sh
  # MODULES
  # The following modules are loaded before any boot hooks are
  # run. Advanced users may wish to specify all system modules
  # in this array. For instance:
  # MODULES="piix ide_disk reiserfs"
  MODULES="dm_mod ext4"
  # BINARIES
  # This setting includes any additional binaries a given user may
  # wish into the CPIO image. This is run last, so it may be used to
  # override the actual binaries included by a given hook
  # BINARIES are dependency parsed, so you may safely ignore libraries
  BINARIES=""
  # FILES
  # This setting is similar to BINARIES above, however, files are added
  # as-is and are not parsed in any way. This is useful for config files.
  FILES=""
  # HOOKS
  # This is the most important setting in this file. The HOOKS control the
  # modules and scripts added to the image, and what happens at boot time.
  # Order is important, and it is recommended that you do not change the
  # order in which HOOKS are added. Run 'mkinitcpio -H <hook name>' for
  # help on a given hook.
  # 'base' is _required_ unless you know precisely what you are doing.
  # 'udev' is _required_ in order to automatically load modules
  # 'filesystems' is _required_ unless you specify your fs modules in MODULES
  # Examples:
  ## This setup specifies all modules in the MODULES setting above.
  ## No raid, lvm2, or encrypted root is needed.
  # HOOKS="base"
  ## This setup will autodetect all modules for your system and should
  ## work as a sane default
  # HOOKS="base udev autodetect block filesystems"
  ## This setup will generate a 'full' image which supports most systems.
  ## No autodetection is done.
  # HOOKS="base udev block filesystems"
  ## This setup assembles a pata mdadm array with an encrypted root FS.
  ## Note: See 'mkinitcpio -H mdadm' for more information on raid devices.
  # HOOKS="base udev block mdadm encrypt filesystems"
  ## This setup loads an lvm2 volume group on a usb device.
  # HOOKS="base udev block lvm2 filesystems"
  ## NOTE: If you have /usr on a separate partition, you MUST include the
  # usr, fsck and shutdown hooks.
  HOOKS="base udev autodetect modconf block keymap encrypt filesystems keyboard fsck"
  # COMPRESSION
  # Use this to compress the initramfs image. By default, gzip compression
  # is used. Use 'cat' to create an uncompressed image.
  #COMPRESSION="gzip"
  #COMPRESSION="bzip2"
  #COMPRESSION="lzma"
  #COMPRESSION="xz"
  #COMPRESSION="lzop"
  # COMPRESSION_OPTIONS
  # Additional options for the compressor
  #COMPRESSION_OPTIONS=""
  crypttab
  # crypttab: mappings for encrypted partitions
  # Each mapped device will be created in /dev/mapper, so your /etc/fstab
  # should use the /dev/mapper/<name> paths for encrypted devices.
  # The Arch specific syntax has been deprecated, see crypttab(5) for the
  # new supported syntax.
  # NOTE: Do not list your root (/) partition here, it must be set up
  # beforehand by the initramfs (/etc/mkinitcpio.conf).
  # <name> <device> <password> <options>
  home_crypt /dev/mapper/cr_sda4 none luks,allow-discards
  # data1 /dev/hda3 /etc/mypassword2
  # data2 /dev/hda5 /etc/cryptfs.key
  swap_crypt /dev/sda3 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256
  # vol /dev/hdb7 none
  EDIT: Updated my files, but still /home is not being monted
  [root@junior ~]# cryptsetup status /dev/mapper/cryptroot
  /dev/mapper/cryptroot is active and is in use.
  type: LUKS1
  cipher: twofish-xts-plain64
  keysize: 512 bits
  device: /dev/sda2
  offset: 4101 sectors
  size: 125849109 sectors
  mode: read/write
  [root@junior ~]# cryptsetup status /dev/mapper/cr_sda4
  /dev/mapper/cr_sda4 is inactive.
  Last edited by Amarildo (2013-09-25 12:14:38)

• File-RFC-File (without BPM)- Issue

  Hi All,
  I am working on a File-RFC-File (without BPM) scenario in PI 7.1.
  My scenario is having few problems like, its not able to delete the file from the source directory path (for which we have delete permissions) and it is an NFS system and it shows an error in the Sender file CC.
  "Error: com.sap.aii.af.service.cpa.impl.exception.CPAObjectKeyException: Value of key must not be null: ObjectId"
  But it gets processed successfully and provides a written paramter which I could see in MONI, but again doesn't write the file in the target directory. Could you please provide your inputs and let me know if I need to do any additional settings w.r.to PI7.1.
  These are the parameters which I have specified in the Sender File adapter
  Processing sequence
  AF_Modules/RequestResponseBean     Local Enterprise Bean     1
  CallSapAdapter     Local Enterprise Bean     2
  AF_Modules/ResponseOnewayBean Local Enterprise Bean     3
  Module configuration:
  1     PassThrough     true
  3     receiverChannel     <FilereceiverCCname>
  3     receiverService     <Receiver Bus System>
  Regards,
  Nithiyanandam

  Hello,
  Check out in module configuration tab for any "type error" or spell mistakes.
  Check out this thread which might be useful for you :[ File - RFC - File without a BPM - Possible from SP 19.|File - RFC - File without a BPM - Possible from SP 19.]
  regards
  Ramesh

• EFS Encrypted Files over home workgroup network via WebDAV avoiding Active Directory fixing Access Denied errors

  This is for information to help others
  KEYWORDS:
    - Sharing EFS encrypted files over a personal lan wlan wifi ap network
    - Access denied on create new file / new fold on encrypted EFS network file share remote mapped folder
    - transfer encryption keys / certificates
    - set trusted delegation for user + computer for EFS encrypted files via
  Kerberos
    - Windows Active Directory vs network file share
    - Setting up WinDAV server on Windows 7 Pro / Ultimate
  It has been a long painful road to discover this information.
  I hope sharing it helps you.
  Using EFS on Windows 7 pro / ultimate is easy and works great. See
  here and
  here
  So too is opening + editing encrypted files over a peer-to-peer Windows 7 network.
  HOWEVER, creating a new file / new folder over a peer-to-peer Windows 7 network
  won't work (unless you follow below steps).
  Typically, it is only discovered as an issue when a home user wants to use synchronisation software between their home computers which happens to have a few folders encrypted using windows EFS. I had this issue trying to use GoodSync.
  Typically an "Access Denied" error messages is thrown when a \\clientpc tries to create new folder / new file in an encrypted folder on a remote file share \\fileserver.
  Why such a EFS drama when a network is involved?
  Assume a home peer-to-peer network with 2pc:  \\fileserver  and  \\clientpc
  When a \\clientpc tries to create a new file or new folder on a \\fileserver (remote computer) it fails. In a terribly simplified explanation it is because the process on \\fileserver that is answering the network requests is a process working for a user on
  another machine (\\clientpc) and that \\fileserver process doesn't have access to an encryption certificate (as it isn't a user). Active Directory gets around this by using kerberos so the process can impersonate a \\fileserver user and then use their certificate
  (on behalf of the clienpc's data request).
  This behaviour is confusing, as a \\clientpc can open or edit an existing efs encrypted file or folder, just can't create a new file or folder. The reason editing + opening an encrypted file over a network file share is possible is because the encrypted
  file / folder already has an encryption certificate, so it is clear which certificate is required to open/edit the file. Creating a new file/folder requires a certificate to be assigned and a process doesn't have a profile or certificates assigned.
  Solutions
  There are two main approaches to solve this:
       1) SOLVE by setting up an Active Directory (efs files accessed through file shares)
            EFS operations occur on the computer storing the files.
            EFS files are decrypted then transmitted in plaintext to the client's computer
            This makes use of kerberos to impersonate a local user (and use their certificate for encrypt + decrypt)
       2) SOLVE by setting up WebDAV (efs files accessed through web folders)
             EFS operations occur on the client's local computer
             EFS files remain encrypted during transmission to the client's local computer where it is decrypted
             This avoids active directory domains, roaming or remote user profiles and having to be trusted for delegation.
             BUT it is a pain to set up, and most online WebDAV server setup sources are not for home peer-to-peer networks or contain details on how to setup WebDAV for EFS file provision
           READ BELOW as this does
  Create new encrypted file / folder on a network file share - via Active Directory
  It is easily possible to sort this out on a domain based (corporate) active directory network. It is well documented. See
  here. However, the problem is on a normal Windows 7 install (ie home peer-to-peer) to set up the server as part of an active directory domain is complicated, it is time consuming it is bulky, adds burden to operation of \\fileserver computer
  and adds network complexity, and is generally a pain for a home user. Don't. Use a WebDAV.
  Although this info is NOT for setting up EFS on an active directory domain [server],
  for those interested here is the gist:
  Use the Active Directory Users and Computers snap-in to configure delegation options for both users and computers. To trust a computer for delegation, open the computer’s Properties sheet and select Trusted for delegation. To allow a user
  account to be delegated, open the user’s Properties sheet. On the Account tab, under Account Options, clear the The account is sensitive and cannot be delegated check box. Do not select The account is trusted for delegation. This property is not used with
  EFS.
  NB: decrypted data is transmitted over the network in plaintext so reduce risk by enabling IP Security to use Encapsulating Security Payload (ESP)—which will encrypt transmitted data,
  Create new encrypted file / folder on a network file share - via WebDAV
  For home users it is possible to make it all work.
  Even better, the functionality is built into windows (pro + ultimate) so you don't need any external software and it doesn't cost anything. However, there are a few hotfixes you have to apply to make it work (see below).
  Setting up a wifi AP (for those less technical):
     a) START ... CMD
     b) type (no quotes): "netsh  wlan set hostednetwork mode=allow ssid=MyPersonalWifi key=12345 keyUsage=persistent"
     c) type (no quotes): "netsh  wlan start hostednetwork"
  Set up a WebDAV server on Windows 7 Pro / Ultimate
  -----ON THE FILESERVER------
     1  click START and type "Turn Windows Features On or Off" and open the link
         a) scroll down to "Internet Information Services" and expand it.
         b) put a tick in: "Web Management Tools" \ "IIS Management Console"
         c) put a tick in: "World Wide Web Services" \ "Common HTTP Features" \ "WebDAV Publishing"
         d) put a tick in: "World Wide Web Services" \ "Security" \ "Basic Authentication"
         e) put a tick in: "World Wide Web Services" \ "Security" \ "Windows Authentication"
         f) click ok
         g) run HOTFIX - ONLY if NOT running Windows 7 / windows 8
  KB892211 here ONLY for XP + Server 2003 (made in 2005)
  KB907306 here ONLY for Vista, XP, Server 2008, Server 2003 (made in 2007)
    2 Click START and type "Internet Information Services (IIS) Manager"
    3 in IIS, on the left under "connections" click your computer, then click "WebDAV Authoring Rules", then click "Open Feature"
         a) on the right side, under Actions, click "Enable WebDAV"
    4 in IIS, on the left under "connections" click your computer, then click "Authentication", then click "Open Feature"
         a) on the "Anonymous Authentication" and click "Disable"
         b) on the "Windows Authentication" and click "Enable"
        NB: Some Win 7 will not connect to a webDAV user using Basic Authentication.
          It can be by changing registry key:
             [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WebClient\Parameters]
             BasicAuthLevel=2
         c) on the "Windows Authentication" click "Advanced Settings"
             set Extended Protection to "Required"
         NB: Extended protection enhances the windows authentication with 2 security mechanisms to reduce "man in the middle" attacks
    5 in IIS, on the left under "connections" click your computer, then click "Authorization Rules", then click "Open Feature"
         a) on the right side, under Actions, click "Add Allow Rule"
         b) set this to "all users". This will control who can view the "Default Site" through a web browser
         NB: It is possible to specify a group (eg Administrators is popular) or a user account. However, if not set to "all users" this will require the specified group/user account to be used for logged in with on the
  clientpc.
         NB: Any user account specified here has to exist on the server. It has a bug in that it usernames specified here are not validated on input.
    6 in IIS, on the left under "connections" click your computer, then click "Directory Browsing", then click "Open Feature"
         a) on the right side, under Actions, click "Enable"
  HOTFIX - double escaping
    7 in IIS, on the left under "connections" click your computer, then click "Request Filtering", then click "Open Feature"
         a) on the right side, under Actions, click "Edit Feature Settings"
         b) tick the box "Allow double escaping"
       *THIS IS VERY IMPORTANT* if your filenames or foldernames contain characters like "+" or "&"
       These folders will appears blank with no subdirectories, or these files will not be readable unless this is ticked
       This is safe btw. Unchecked (default) it filters out requests that might possibly be misinterpreted by buggy code (eg double decode or build url's via string-concat without proper encoding). But any bug would need to be in IIS basic
  file serving and this has been rigorously tested by microsoft, so very unlikely. Its safe to "Allow double escaping".
    8 in IIS, on the left under "connections" right click "Default Web Site", then click "Add Virtual Directory"
         a) set the Alias to something sensible eg "D_Drive", set the physical path
         b) it is essential you click "connect as" and set
  this to a local user (on fileserver),
         if left as "pass through authentication" a client won't be able to create a new file or folder in an encrypted efs folder (on fileserver)
               NB: the user account selected here must have the required EFS certificates installed.
                          See
  here and
  here
          NB: Sharing the root of a drive as an active directory (eg D:\ as "D_Drive") often can't be opened on clientpcs.
        This is due to windows setting all drive roots as hidden "administrative shares". Grrr.
         The work around is on the \\fileserver create an NTFS symbollic link
            e.g. to share the entire contents of "D:\",
                  on fileserver browse to site path (iis default this to c:\inetpub\wwwroot)
                  in cmd in this folder create an NTFS symbolic link to "D:\"
                  so in cmd type "cd c:\inetpub\wwwroot"
                  then in cmd type "mklink /D D_Drive D:\"
          NB: WebDAV will open this using a \\fileserver local user account, so double check local NTFS permissions for the local account (clients will login using)
           NB: If clientpc can see files but gets error on opening them, on clientpc click START, type "Manage Network Passwords", delete any "windows credentials" for the fileserver being used, restart
  clientpc
    9 in IIS, on the left under "connections" click on "WebDAV Authoring Rules", then click "Open Feature"
         a) click "Add authoring rules". Control access to this folder by selecting "all users" or "specified groups" or "specified users", then control whether they can read/write/source
         b) if some exist review existing allow or deny.
             Take care to not only review the "allow access to" settings
             but also review "permissions" (read/write/source)
         NB: this can be set here for all added virtual directories, or can be set under each virtual directory
    10 Open your firewall software and/or your router. Make an exception for port 80 and 443
         a) In Windows Firewall with Advanced Security click Inbound Rules, click New Rule
               choose Port, enter "80, 443" (no speech marks), follow through to completion. Repeat for outbound.
            NB: take care over your choice to untick "Public", this can cause issues if no gateway is specified on the network (ie computer-to-computer with no router). See "Other problems+fixes"
  below, specifically "Cant find server due to network location"
         b) Repeat firewall exceptions on each client computer you expect to access the webDAV web folders on
  HOTFIX - MAJOR ISSUE - fix KB959439
    11 To fully understand this read "WebDAV HOTFIX: RAW DATA TRANSFERS" below
        a) On Windows 7 you need only change one tiny registry value:
             - click START, type "regedit", open link
             -browse to [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MRxDAV\Parameters]
             -on the EDIT menu click NEW, then click DWORD Value
             -Type "DisableEFSOnWebDav" to name it (no speech marks)
             -on the EDIT menu, click MODIFY, type 1, then click OK 
             -You MUST now restart this computer for the registry change to take effect.
        b) On Windows Server 2008 / Vista / XP you'll FIRST need to
  download Windows6.0-KB959439 here. Then do the above step.
           NB microsoft will ask for your email. They don't care about licence key legality, it is more to keep you updated if they modify that hotfix
    12 To test on local machine (eg \\fileserver) and deliberately bypass the firewall.
          a) make sure WebClient Service is running
              (click START, type "services" and open, scroll down to WebClient and check its status)
          b) Open your internet software. Go to address "http://localhost:80" or "http://localhost:80"
              It should show the default "IIS7" image.
              If not, as firewall and port blocking are bypassed (using localhost) it must be a webDAV server setting. Check "Authorization Rules" are set to "Allow All Users"           
          c) for one of the "virtual directories" you added (8), add its "alias" onto "http://localhost/"
                  e.g. http://localhost/D_drive
              If nothing is listed, check "Directory Browsing" is enabled
    13 To test on local machine or a networked client and deliberately try and access through the firewall or port opening of your router.
          a) make sure WebClient Service is running
              (click START, type "services" and open, scroll down to WebClient and check its status)
          b) open your internet software. Go to address "http://<computer>:80" or "http://<computer>:80".
                eg if your server's computer name is "fileserver" go to "http://fileserver:80"
                It should show the default "IIS7" image. If not, check firewall and port blocking. 
                Any issue ie if (12) works but (13) doesn't,  will indicate a possible firewall issue or router port blocking issue.
         c) for one of the "virtual directories" you added (8), add its "alias" onto "http://<computername>:80/"
                 eg if alias is "C_driver" and your server's computer name is "fileserver" go to "http://fileserver:80/C_drive"
                 A directory listing of files should appear.
  --- ON EACH CLIENT ----
  HOTFIX - improve upload + download speeds
    14 Click START and type "Internet Options" and open the link
          a) click the "Connections" tab at the top
          b) click the "LAN Settings" button at the bottom right
          c) untick "Automatically detect settings"
  HOTFIX - remove 50mb file limit
    15 On Windows 7 you need only change one tiny registry value:
        a) click START, type "regedit", open link
        b) browse to [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WebClient\Parameters]
         c) click on "FileSizeLimitInBytes"
         d) on the EDIT menu, click MODIFY, type "ffffffff", then click OK (no quotes)
  HOTFIX - remove prompt for user+pass on opening an office or pdf document via WebDAV
   16 On each clientpc click START, type "Internet Options" and open it
           a) click on "Security" (top) and then "Custom level" (bottom)
           b) scroll right to the bottom and under "User Authentication" select "Automatic logon with current username and password"
           SUCH an easy fix. SUCH an annoying problem on a clientpc
     NB: this is only an issue if the file is opened through windows explorer. If opened through the "open" dialogue of the software itself, it doesn't happen. This is as a WebDAV mapped drive is consdered a "web folder" by windows
  explorer.
  TEST SETUP
    17 On the client use the normal "map network drive"
              e.g. server= "http://fileserver:80/C_drive", tick reconnect at logon
              e.g. CMD: net use * "http://fileserver:80/C_drive"
           If it doens't work check "WebDAV Authoring Rules" and check NTFS permissions for these folders. Check that on the filserver the elected impersonation user that the client is logging in with (clientpc
  "manage network passwords") has NTFS permissions.
    18 Test that EFS is now working over the network
         a) On a clientpc, map network drive to http://fileserver/
         b) navigate to a folder you know on the \\flieserver is encrypted with EFS
         c) create a new folder, create a new file.
             IF it throws an error, check carefully you mapped to the WebDAV and not file share
                i.e. mapped to "http://fileserver" not "\\fileserver"
             Check that on clientpc the required efs certificate is installed. Then check carefully on clientpc what user account you specified during the map drive process. Then check on the \\fileserver this
  account exists and has the required EFS certificate installed for use. If necessary, on clientpc click START, type "Manage Network Passwords" and delete the windows credentials currently in the vault.
         d) on clientpc (through a webDAV mapped folder) open an encrypted file, edit it, save it, close it. On the \\fileserver now check that file is readable and not gobble-de-goup
         e) on clientpc copy an encrypted efs file into a folder (a webDAV mapped folder) you know is not encrypted on \\fileserver. Now check on the \\fileserver computer that the file is readable and not gobble-de-goup (ie the
  clientpc decrypted it then copied it).
          If this fails, it is likely one in IIS setting on fileserver one of the shared virtual directories is set to: "pass through authentication" when it should be set to "connect as"
          If this is not readable check step (11) and that you restarted the \\fileserver computer.
    19 Test that clients don't get the VERY annoying prompt when opening an Office or PDF doc
        a) on clientpc in windows explorer browse to a mapped folder you know is encrypted and open an office file and then PDF.
              If a prompt for user+pass then check hotfix (16)
    20 Consider setting up a recycling bin for this mapped drive, so files are sent to recycling bin not permanently deleted
        a) see the last comment at the very bottom of
  this page: 
  Points to consider:
     - NB: WebDAV runs on \\fileserver under a local user account, so double check local NTFS permissions for that local account and adjust file permissions accordingly. If the local account doesn't have permission, the webDAV / web folder share won't
  either.
    - CONSIDER: IP Security (IPSec) or Secure Sockets Layer (SSL) to protect files during transport.
  MORE INFO: HOTFIX: RAW DATA TRANSFERS
  More info on step (11) above.
  Because files remain encrypted during the file transfer and are decrypted by EFS locally, both uploads to and downloads from Web folders are raw data transfers. This is an advantage as if data is intercepted it is useless. This is a massive disadvantage as
  it can cause unexpected results. IT MUST BE FIXED or you could be in deep deep water!
  Consider using \\clientpc to access a webfolder on \\fileserver and copying an encrypted EFS file (over the network) to a web folder on \\fileserver that is not encrypted.
  Doing this locally would automatically decrypt the file first then copy the decrypted file to the non-encrypted folder.
  Doing this over the network to a web folder will copy the raw data, ie skip the decryption stage and result in the encrypted EFS file being raw copied to the non-encrypted folder. When viewed locally this file will not be recognised as encrypted (no encryption
  file flag, not green in windows explorer) but it will be un-readable as its contents are still encrypted. It is now not possible to locally read this file. It can only be viewed on the \\clientpc
  There is a fix:
        It is implimented above, see (11) above
        Microsoft's support page on this is excellent and short. Read "problem description" of "this microsoft webpage"
  Other problems + fixes
    PROBLEM: Can't find server due to network location.
       This one took me a long time to track down to "network location".
       Win 7 uses network locations "Home" / "Work" / "Public".
       If no gateway is specified in the IP address, the network is set to '"unidentified" and so receives "Public" settings.
       This is a disaster for remote file share access as typically "network discovery" and "file sharing" are disabled under "Public"
       FIX = either set IP address manually and specify a gateway
       FIX = or  force "unidentified" network locations to assume "home" or "work" settings -
  read here or
  here
       FIX = or  change the "Public" "advanced network settings" to turn on "network discovery" and "file sharing" and "Password Protected Sharing". This is safe as it will require a windows
  login to gain file access.
    PROBLEM: Deleting files on network drive permanently deletes them, there is no recycling bin
         By changing the location of "My Contacts" or similar to the root directory of your mapped drive, it will be added to recycling bin locations
        Read
  here (i've posted a batch script to automatically make the required reg files)
  I really hope this helps people. I hope the keywords + long title give it the best chance of being picked up in web searches.

  What probably happens is that processes are using those mounts. And that those processes are not killed before the mounts are unmounted. Is there anything that uses those mounts?

• How to replace or remove last 500 bytes of a file without rewriting all the file?

  Hi everyone,
  Usually I only ask for help when I can't find a solution for several days or weeks... And guess what? That just happen!
  So, this is what i am trying to do:
  I have a program to ZIP folder and protect them with password, then it encrypts the zip file.
  That it's working fine, until the user forgets his password.
  So, what I want to do is give the user a Recovery Password option for each ZIP file created. I can't use the Windows Registry because the idea is to be able to recover the password in any computer.So i came up with an idea...
  In simple terms, this will work like this:
  0 - Choose folder to ZIP
  1 - Ask user for recover details (date of birth, email etc)
  2 - ZIP folder with password
  3 - Encrypt ZIP file
  4 - Encrypt recover details and convert it to HEX
  5 - Add recover details (in HEX) to the end of the ZIP file (last bytes)
  6 - Add "5265636F76657244657461696C73" which is the text "RecoverDetails" in HEX
  7 - Add "504B0506000000000000000000000000000000000000" this is the final bytes of a ZIP file and will make the Operating System think that is a ZIP file (i know that will give an error when we try to open it.. the ideia is to change the
  extension later and use my software to do all the work to access this ZIP/folder again)
  So, explaining what it's here, I want to say that I managed how to do all of this so far. The point number 6 will help us to determine where the recover details are in the file, or if they actually exist because user can choose not to use them.
  In order to unlock this ZIP and extract it's contents, I need to reverse what I've done. That means, that  need to read only the last 500 bytes (or less if the file is smaller) of the ZIP and remove those extra bytes I added so the program can check
  if the user is inputing a correct password, and if so decrypt contents and extract them.
  But, if the user insert a wrong password I need to re-add those bytes with the recover details again to the ZIP file.
  The second thing is, if the user forgets his password and asks to recover it, a form will be shown asking to insert the recover detail (date of birth, email etc), so we need to reed the last 500 bytes of the ZIP, find the bytes in number 6 and remove the
  bytes before number 6, remove bytes in number 6 and number 7, and we will have the recover details to match against the user details input.
  I have all done so far with the locking process. But i need help with the unlocking.
  I am not sure if it's possible, but this what i am looking for:
  Read last 500 bytes of a file, remove the bytes with recover details and save the file. Without reading the whole file, because if we have a 1GB file that will take a very long time. Also, i don't want to "waste" hard drive space creating a new
  clone file with 1GB and then delete the original.
  And then add them back "in case user fails the password" which should be exactly the same.
  This sounds a bit confusing I know, even to me, I am writing and trying to explain this the better I can.. Also my English is not the best..
  Here it goes some code to better understanding:
  'READ LAST 500 BYTES OF ZIP FILE TO CHECK IF IT CONTAINS RECOVER DETAILS
  Dim oFileStream As New FileStream(TextBox_ZIP_to_Protect.Text & ".zip", FileMode.Open, FileAccess.Read)
  Dim oBinaryReader As New BinaryReader(oFileStream)
  Dim lBytes As Long = oFileStream.Length
  oBinaryReader.BaseStream.Position = lBytes - 500
  Dim fileData As Byte() = oBinaryReader.ReadBytes(500)
  oBinaryReader.Close()
  oFileStream.Close()
  Dim txtTemp As New System.Text.StringBuilder()
  For Each myByte As Byte In fileData
  txtTemp.Append(myByte.ToString("X2"))
  Next
  Dim RecoveryDetailsPass_Holder = txtTemp.ToString()
  'Dim Temp_2 = txtTemp.ToString()
  'RichTextBox1.Text = txtTemp.ToString()
  If txtTemp.ToString.Contains("505245434F47414653") Then
  'we have password recovery details(the numbers mean RecoverDetails in HEX)
  'next we will get rid of everything before and after of string "cut_at"
  Dim mystr As String = RecoveryDetailsPass_Holder 'RichTextBox1.Text
  Dim cut_at As String = "505245434F47414653"
  Dim x As Integer = InStr(mystr, cut_at)
  ' Dim string_before As String = mystr.Substring(0, x - 1)
  Dim string_after As String = mystr.Substring(x + cut_at.Length - 1)
  RecoveryDetailsPass_Holder = RecoveryDetailsPass_Holder.Replace(string_after.ToString, "")
  RecoveryDetailsPass_Holder = RecoveryDetailsPass_Holder.Replace("505245434F47414653", "") ' this is RecoverDetails in HEX
  RecoveryDetailsPass_Holder = RecoveryDetailsPass_Holder.Replace("504B0506000000000000000000000000000000000000", "") ' this is the bytes of an empty zip file
  'AT THIS POINT WE HAVE ONLY THE RECOVER PASSWORD DETAILS (date of birth, email etc) IN THE VARIABLE "RecoveryDetailsPass_Holder"
  '////////////////////////////////////////////////////// TO DEBUG
  'MsgBox(string_after.ToString & "505245434F47414653")
  'InputBox("", "", string_after.ToString)
  '\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ TO DEBUG
  'Temp_2 = Temp_2.Replace(RecoveryDetailsPass_Holder.ToString, "")
  Now that we have the recover details, we need to remove them from ZIP in order to the software try to unzip it with the password provided by the user on the GUI.
  If the user needs to recover the password we have the details already in RecoveryDetailsPass_Holder variable and just need to match them against user input details.
  If the user fails, we need to put the RecoveryDetailsPass_Holder back on the file.
  Any question just ask, it's a bit trick to explain i think, but please ask.
  Anyone know how to do this?
  Many thanks in advanced.
  Nothing is impossible!
  @ Portugal
  Vote if it's helpfull :)

  @ ALL
  Thank you very much for you help. I know that if I'm "playing" with bytes you should assume that I know a lot of VB.net, but I don't know that much unfortunately. I am not a beginner but I am still very fresh and I probably do stuff that work but
  probably not in the best way...
  Anyway, I will explain the idea of this little software I'm making. Once I wanted to create a program to protect folders with password, and I came up with something to change folder permissions to lock access to them, and that actually worked fine and quickly.
  However, I managed how to "crack" the protection by going to folder properties, security tab and then give permissions back to my username. So that, to me, wasn't a safer system to protect folders, also I want the ability to use passwords. So I search
  and search online for a way to do it, and someone replied (to someone with the same question as me) that the best option would be to create a zip with all contents of the folder, with password and then change the extension from .zip to .whatever and register
  the new extension .whatever on the Windows Registry, so that file will have an icon and open with my software.
  So I did...The program zips everything, change the extension and I added the encryption to avoid people changing the extension to ZIP or trying to open with 7-Zip or similar and be able to see the protected files names in the .zip/.whatever
  Answering to all of you now:
  @Armi
  "System.IO.FileStream.SetLength"
  I know I tried that but I erased the code because it didn't work for some reason, I don't remember why sorry, was long time before I created this post.
  The last code I was trying to use was this:
  ' Set the stream position to the desired location of the stream.
  Dim fileStream As IO.FileStream = _
  New IO.FileStream(TextBox_ZIP_to_Protect.Text & ".zip", IO.FileMode.Append)
  Try
  ' Set the stream (OFFSET) position to the desired location of the stream.
  fileStream.Seek(210, IO.SeekOrigin.Current)
  Dim Bytes_do_ZE As Byte() = HexStringToByteArray(Temp_2.ToString)
  'Write Characters ASCII
  For Each Byte_Do_Zeca As Byte In Bytes_do_ZE
  fileStream.WriteByte(Byte_Do_Zeca)
  Next
  Finally
  fileStream.Close()
  End Try
  and we need this:
  Private Shared Function HexStringToByteArray(ByRef strInput As String) As Byte()
  Dim length As Integer
  Dim bOutput As Byte()
  Dim c(1) As Integer
  length = strInput.Length / 2
  ReDim bOutput(length - 1)
  For i As Integer = 0 To (length - 1)
  For j As Integer = 0 To 1
  c(j) = Asc(strInput.Chars(i * 2 + j))
  If ((c(j) >= Asc("0")) And (c(j) <= Asc("9"))) Then
  c(j) = c(j) - Asc("0")
  ElseIf ((c(j) >= Asc("A")) And (c(j) <= Asc("F"))) Then
  c(j) = c(j) - Asc("A") + &HA
  ElseIf ((c(j) >= Asc("a")) And (c(j) <= Asc("f"))) Then
  c(j) = c(j) - Asc("a") + &HA
  End If
  Next j
  bOutput(i) = (c(0) * &H10 + c(1))
  Next i
  Return (bOutput)
  End Function
  That code, as I understand, is to search for the OFFSET of the bytes in the file and start to write from there... That OFFSET should be the beginning of the 500 bytes read on the code before. I got the OFFSET position "210" reading the file with
  the HEX editor "HxD - Hexeditor v1.7.7.0" but using the OFFSET won't work because every file, password, recover details and so on, are different and so the file size, changing the OFFSET I
  think.
  @Reed Kimble
  Does that sound like something which might work for you?
  Thanks for your help. That might be some solution, however it seams a bit of the same problem where we need to read the bytes again to get the recover details. But, as I said in this post, because this is meant to password protect folders, do you think that
  will apply as well?
  @Crazypennie
  Thanks for your reply.
  All this appears really weak. The user has your application since he need it to open the file .... and the code in the application contain the code to read the file without knowing the password. Therefore anyone can read your code and retrieve the
  data without the password ... if he knows VB.
  The application can only open the file if the user didn't use a password to protect the file. Because the file is encrypted and needs to be unencrypted first.
  When the application tries to open/read the file, will need to decrypt it first and then check for a password and do the validation. Also the application is with the code masked/protected which i think it might not be easy for reverse engineering.
  - You need to use a web server and a symmetric key encryption
  This a good idea, besides I don't know how to implement it. However the idea is to be able to:
  1 - Protect a folder anywhere in any Windows computer (portable app)
  2 - Recover password details (security question) in any computer, online and offline
  And I think we need a computer always connected to the Internet to use that method, right?
  @ Mr. Monkeyboy
  Thank you very much for your effort.
  I just wanted to let you know that the zip method you are using is no longer supported.
  I didn't actually knew that. Thanks for letting me know.
  Do you require the compressed encrypted files to actually be Zip files or could they just be compressed files that have nothing to do with Zip?
  No, it doesn't need to be a .zip extension. I am actually using my own extension. It starts as a Zip but then I changed to my own extension which I have registered on the Windows Registry.
  @ ALL
  Thanks again to all for trying and spending time helping me.
  By the way, I might not be able to answer or try any code during the weekend... It's easter break and family is around. Have a nice easter everyone. :)
  Nothing is impossible! Imagination is the limit!

• File - RFC - File without BPM  ---  Object not found in ResponseOneWayBean

  I am using PI 7.1, and facing the following error in File - RFC - File without BPM
  "Error: com.sap.engine.services.jndi.persistent.exceptions.NameNotFoundException: Object not found in lookup of ResponseOneWayBean."
  I am using 1 sender CC for File ( CC_LOTUSNOTES_CHALET_SND)
                    1 receiver CC for File( CC_LOTUSNOTES_CHALET_RCV_FILE)
                   1 receiver CC for RFC (CC_LOTUSNOTES_CHALET_RCV_RFC)
  in the sender CC I have given Module parameter as:
  Processing sequene
  CallSapAdapter    Local Enterprise Bean 2
  AF_Modules/ResponseOneWayBean  Local Enterprise Bean 3
  AF_Modules/RequestResponseBean  Local Enterprise Bean 1
  Module configuration:
  1     passThrough          true
  3    receiverChannel      CC_LOTUSNOTES_CHALET_RCV_FILE
  3    receiverService       Bus_File
  pls let me know where i am wrong

  Hi
  i am facing following error:
  2009-12-03 09:08:17       Information        The application sent the message asynchronously using connection File_http://sap.com/xi/XI/System. Returning to application.
  2009-12-03 09:08:17       Information       MP: processing local module localejbs/AF_Modules/ResponseOnewayBean
  2009-12-03 09:08:17      Error                 MP: exception caught with cause java.lang.NullPointerException
  2009-12-03 09:08:17      Error                 File processing failed with java.lang.NullPointerException

• Urgent : How to upload a tif file without using upload element

  could someone please tell me how to upload a tif file(any file) without using upload element. Function Module GUI_UPLOAD does not work. Please suggest. Appreciate your suggestions.

  Hello Suri,
  there's currently no way to achieve this.
  Best regards,
  Thomas

• How to handle a fixed length file without newline?

  Hi Experts,
  I'd like to handle a fixed length file without newline by sender file adapter.
  A file like following.
  It contains three recores."AAXBBBXCCCCX" is one record.
  AA1BBB1CCCC1AA2BBB2CCCC2AA3BBB3CCCC3
  I tried that following two parameters set. But only first recored was read.
  fieldFixedLengths
  fieldFixedLengthType
  Please tell me how to handle.
  Thanks
  Shinya Kawagoe.

  For this case we wrote a simple Adapter Module inserting an end of line character after an offset.
  This way it can be reused in many interfaces.
  And reading the whole file may not be an option in case of large source files. May cause performance / memory issues.
  eolbean.offset = <recordLlen>
  XMLPayload xmlpayload = msg.getDocument();
  byte[] content = xmlpayload.getContent();
  byte crlf = 0x0A;
  int current = 0;
  ByteArrayOutputStream baos = new ByteArrayOutputStream();
  int lines = content.length / recordLen;
  do
       lines--;
       baos.write(content, current, recordLen);
       if (lines > 0) // if other lines, eol required
            baos.write(crlf);
            current += recordLen;
  } while (lines > 0);
  xmlpayload.setContent(baos.toByteArray());
  baos.close();
  Audit.addAuditLogEntry(key, AuditLogStatus.SUCCESS,     MODULE + " Done EOLing.");

• Error in File-RFC-File Without BPM

  Hi,
  We are following this wiki
  [https://www.sdn.sap.com/irj/scn/wiki?path=/display/xi/file-rfc-file(Without+BPM)]
  and we are getting Error: com.sap.aii.af.ra.ms.api.DeliveryException: Received HTTP response code 500 : Internal Server Error in sender communication channel monitoring. File is not picking. I think problem with the parameters that we have mentioned in module tab in sender communication channel as specified in the wiki. If we remove additional 2  parameters it is picking the file.
  Please help me to resolve this issue.
  Thanks.
  Jyothi Anagani.

  are you able to see the logs of file adapter?
  go to messaging system and check the details
  http://host:port/MessagingSystem/monitor/monitor.jsp
  Rajesh

• File CC not picking file after module is added

  Hi Experts,
  I am trying to develop an sample adapter module just to pick the name of the file and put it in the payload. I managed to deploy the module through SDM and it is showing as active in the visual admin. But when I run the interace it doesn't pick the file at all. The communication channel is working fine without module as it is picking the file processing it.
  The module configured in the communcaiton channel is as below:
  1       localejbs/AddFileNameToPayloadEJBBean  Local Enterprise Bean    0
  2       CallSapAdapter                                            Local Enterprise Bean    0
  Nothing esle is configured. Please advise I am missing some thing in the configuration or is there any other issue.
  Regards,
  SS

  The issue is resolved. For me, deleting the additional Jars did n't work, as it caused in deployment error. The clue is to create a java class under a EJB project in NWDS, rather than creating EJB. If we create EJB, the additional HOME, REMOTE,LOCAL HOME interfaces are created. XI explicitly tries to cast them into ModuleHome,ModuleRemote etc, which results in Class Cast exception. If we are just creating a class without these additional Interfaces,XI manages it internally.
  But we MUST have the ejbcreate() methods implemented/present in our Module-Class.
  If we don't create EJB under EJB Project, then the ejb-jar.xml will not have the representation for Home,Remote, Local Home etc.
  So we need to edit the ejb-jar.xml as follows.
  <?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN"
                           "http://java.sun.com/dtd/ejb-jar_2_0.dtd">
  <ejb-jar>
      <description>EJB JAR description</description>
      <display-name>EJB JAR</display-name>
      <enterprise-beans>
          <session>
              <ejb-name>The class name(ex- Myclass)</ejb-name>
              <home>com.sap.aii.af.mp.module.ModuleHome</home>
              <remote>com.sap.aii.af.mp.module.ModuleRemote</remote>
              <local-home>com.sap.aii.af.mp.module.ModuleLocalHome</local-home>
              <local>com.sap.aii.af.mp.module.ModuleLocal</local>
              <ejb-class>The class name  with the package defn(ex- com.xyz.Myclass</ejb-class>
              <session-type>Stateless</session-type>
              <transaction-type>Container</transaction-type>
          </session>
      </enterprise-beans>
  </ejb-jar>
  For more info, pls follow [http://tleterme.developpez.com/bw/how/HowToCreateAdapterModules.pdf  ]
  Regards,
  SS