Exchange ADFS 2.0 integration to provide federated authentication and SSO

Hello,
I've recently been researching methods to provide federated authentication to users of a multi-tenanted Exchange & Lync environment. Currently I am tackling the first challenge which is OWA. I have used the following guides:
http://allmsft.blogspot.com/2012/02/owa-sp2-and-adfs.html
http://www.theidentityguy.com/articles/2010/10/15/access-owa-with-adfs.html
Combined with some other various guides on general ADFS configuration in order to successively configure OWA to allow for ADFS 2.0 to authenticate using the "Claims To Windows Token Service" integration with the OWA site in order to authenticate.
This seems promising, from my novice perspective I am assuming that enabling federation with another domain would simply be a matter of adding the other domain's ADFS 2.0 Proxy as a claims provider trust on the ADFS server in which Exchange exists and then
having a mailbox in the exchange domain which has the UPN that gets passed through from the proxy server.
I've done this much and I am able to authenticate on the ADFS 2.0 proxy page of the user domain, however I am getting a failure which I think is coming from the WIF part of the OWA integration:
Request
Url: https://webmail.lab1.local:443/owa/
User host address: 192.168.23.77
OWA version: 14.2.247.5
Exception
Exception type: System.IdentityModel.Tokens.SecurityTokenException
Exception message: ID1054: The IClaimsIdentity did not contain
a valid UPN Claim. The automatic Windows identity mapping feature requires exactly one non-empty UPN Claim to be provided.
Call stack
Microsoft.IdentityModel.Tokens.WindowsMappingOperations.FindUpn(IClaimsIdentity claimsIdentity)
Microsoft.IdentityModel.Tokens.Saml11.Saml11SecurityTokenHandler.ValidateToken(SecurityToken token)
Microsoft.IdentityModel.Web.TokenReceiver.AuthenticateToken(SecurityToken token, Boolean ensureBearerToken, String endpointUri)
Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.SignInWithResponseMessage(HttpRequest request)
Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs args)
System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
I am wondering whether this is an issue with the way that I have the Claim Provider setup, or if it's simply an issue with the claim rules either on the Claim Provider or on the Relying Party Trust within the ADFS 2.0 server in the user domain for the Exchange
domain's ADFS 2.0 STS url.
I realize that providing ADFS 2.0 for Outlook, Activesync, and Lync are a whole other animal. If anyone knows of anyone who has actually published a guide on how to achieve this or possibly a third party product that provides the same result I'd appreciate
that information as well.

The main thing was just getting the web.config right in regards to that article. I had the most trouble using ADFS 2.0 as I'd never used it before.
Web.config follows:
The one undocumented change I made was to add a "homerealm" tag which makes it so the user doesn't have to select their home organization/sts.
<configuration>
<configSections>
<section name="microsoft.identityModel" type="Microsoft.IdentityModel.Configuration.MicrosoftIdentityModelSection, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</configSections>
<appSettings>
<add key="FederationMetadataLocation" value="https://sts.lab1.local/FederationMetadata/2007-06/FederationMetadata.xml" />
</appSettings>
<location path="FederationMetadata">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<system.web>
<authorization>
<deny users="?" />
</authorization>
<authentication mode="None" />
<compilation>
<assemblies>
<add assembly="Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</assemblies>
</compilation>

</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
<add name="WSFederationAuthenticationModule" type="Microsoft.IdentityModel.Web.WSFederationAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler" />
<add name="SessionAuthenticationModule" type="Microsoft.IdentityModel.Web.SessionAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler" />
</modules>
</system.webServer>
<microsoft.identityModel>
<service>
<audienceUris>
<add value="https://webmail.lab1.local/owa/" />
</audienceUris>
<securityTokenHandlers>
<add type="Microsoft.IdentityModel.Tokens.Saml11.Saml11SecurityTokenHandler, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35">
<samlSecurityTokenRequirement mapToWindows="true" useWindowsTokenService="true" />
</add>
</securityTokenHandlers>
<applicationService>
<claimTypeRequired>
<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" optional="true" />
<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" optional="true" />
<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" optional="true" />



















</claimTypeRequired>
</applicationService>
<federatedAuthentication>
<wsFederation passiveRedirectEnabled="true" issuer="https://sts.lab1.local/adfs/ls/" realm="https://webmail.lab1.local/owa/" requireHttps="true" homeRealm="http://sts.lab2.local/adfs/services/trust" />
<cookieHandler requireSsl="true" path="/" />
</federatedAuthentication>
<issuerNameRegistry type="Microsoft.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35">
<trustedIssuers>
<add thumbprint="0FD7F936AC9589983AAD5AD3E655C493B8FCA07E" name="http://sts.lab1.local/adfs/services/trust" />
</trustedIssuers>
</issuerNameRegistry>
</service>
</microsoft.identityModel>
</configuration>

Similar Messages

Integrating Oracle Identity Federation with homegrown SSO solutions

Hello,
We are trying to integrate Oracle Identity Federation with a home grown SSO solution.
The OIF FAQ document mentioned that Oracle provides programmatic interfaces to achieve this.
But I did not find any javadocs / samples on how this can be done.
Can anybody throw some insight into this..
Thanks

Hi Easwaran,
You need to upload the SAML 2.0 IdP/SP metadata for the peers you want to federate with. OIF will verify the metadata and add the peers in its Circle of Trust as IdP or SP depending on the metadata upoaded. If the peer is going to play both IdP and SP roles, you need to upload both the metadata files.
Similarly, in case you need to provide the peer your metadata, OIF makes this available at http(s)://host:port/fed/idp/metadatav20 (SAML 2.0 IdP metadata) or http(s)://host:port/fed/sp/metadatav20 (SAML 2.0 SP metadata) as required.
-Vinod

Migrating ADF Security from file-based provider to LDAP provider

We have deployed a small application using ADF Security with file-based provider in OAS and it works fine.
Now we want to migrate to ADF Security using LDAP provider.
In order to make this possible we followed the next steps:
- Migrate all the roles and policies from the file to OID with JAZNMigrationtool.
- In OAS we've changed the Application Security Provider to 'Oracle Identity Management'.
- Reset the OC4J instance.
But there was no success, the application continues working with the file-based provider.
What more is necessary to configurate?

Hi,
if you use EM make sure you change the setting for the application, not the general OC4J setting.
You can also deploy the provider settings with the orion-application.xml file added to your project
Frank

Can Exchange 2007 to be integrated with SharePoint 2013

Can Exchange 2007 to be integrated with SharePoint 2013?

In the sense of using Incoming and Outgoing email, absolutely. But not for other things, like Site Mailboxes, which require Exchange 2013.
Trevor Seward
Follow or contact me at...
&nbsp&nbsp
This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

ADF Mobile App integration with webservices, connection refused error

I created an ADF application for department search with business components and exposed this as a webservice. I can access the WSDL locally from a browser. Then created an ADF mobile application and deployed it to android emulator. I am able to deploy the application to emulator and I can see the app on Android emulator. When I try to search for any department, I am getting "cannot connect to localhost on port 7101 : connection refused". My server is started already and the port number is also correct. Did any one came across this issue before? Even the WSDL URL is not accessible from the browser of android emulator.
Edited by: adf_forum on Nov 16, 2012 2:16 PM

Hi,
One more thing to keep in mind is that Android emulator is itself a network host, and localhost will likely loop back into itself, i.e. emulator. Please try to set up the WLS to listen on an actual IP address for your development machine, create your WS DC using this real IP address, and then try to deploy/run the app.
If you need to retrofit your app with an new IP address, please keep in mind there are several places you would need to manually fix up, including the connections.xml file.
In general, if the device emulator's browser cannot hit a web service, then the ADF Mobile app will also not be able to hit a web service.
The most reliable way is to treat the emulator like an actual device, then work out your application's connection accordingly.
Thanks,
Joe Huang

Advice needed for provider hosted web application - authentication and access to SharePoint document library

I haven't done SharePoint 2013 development with claims so I apologize in advance if my assumptions and questions are way out in left field.
I'm trying to understand SharePoint 2013 claims authentication for a scenario that involves:
A SharePoint provided hosted (web forms) app that will pull information and assets (e.g. PDFs) from SharePoint into the web page.
It will be a VS 2012 solution with asp.net.identity feature.
Security will be set for internal users, federated external users and forms-based external users. Based on their security and (claim type) role it will define what information and assets that can be retrieved from SharePoint
I have looked through MSDN and other sources to understand.
This one helped with my understanding
Federated Identity for Web Applications and assumed that the general concept could be applied to forms-based identity for non-Federated external users .
What I have now:
VS 2012 solution web forms application set to Provider Host with asp.net.identity feature and its required membership tables.
I can create new users and associate claims to the new user.
I can log in with a user from the membership tables and it will take me to a default.aspx page. I have added code to it that displays the claims associated to a user.
For POC purposes I'd like to retrieve documents that are associated to this user from the default.aspx page.
This is where I am having trouble understanding: Is my understand correct?
Internal users
since they are internal on the network i am assuming that they would already have access to SharePoint and they would already be configured to what documents that they have available to them.
Federated external users & Forms authentication external users
it seems to me that the authentication for external users are separate from SharePoint authentication process.
changes to the configuration settings are necessary in SharePoint, IIS, web application.
I believe this is what i read.
claims processes (e.g. mappings) need to be set up in SharePoint
as long as external users are authenticated then things are ok b/c they would have claims associated to the user and the configuration in SharePoint takes are of the rest.
This statement bothers me because I think it's wrong.
So basically i'm stuck with if my understanding is correct: once a user is authenticated either by federated identity or asp.net.identity authentication that it should go to the provider hosted default.aspx page because the claim is authenticated and means
that it should have access to it and the SharePoint document library based on some claim property. I could then write the calls to retrieve from a document library and SharePoint will know based on some claim property that the logged in user can only
access certain documents.
It just sounds too good to be true and that i'm missing something in the thought process.
Thanks in advance for taking the time to read.
greenwasabi

Hi GreenWasabi,
i agree this is an interesting topic to discuss,
as you can check from the article, you may check this example from the codeplex:http://claimsid.codeplex.com/
when i thinking regarding this topic, its looks like an environment with multiple of realms,
from what you understand, its correct that all the authentication is based from the provider, so for example i have a windows live ID and internal ID, then when i login windows live ID, it will be authenticated using windows live ID server.
here is the example for the webservice:
http://claimsid.codeplex.com/wikipage?title=Federated%20Identity%20for%20Web%20Services&referringTitle=Home
as i know, if you using this federated, i am not quite sure that you will need to go to the provider page literally, perhaps you can check this example if we are using azure:
http://social.technet.microsoft.com/wiki/contents/articles/22309.integrating-windows-live-id-google-and-facebook-accounts-with-sharepoint-2013-white-paper.aspx
Regards,
Aries
Microsoft Online Community Support
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Federated authentication application that also reads Forms cookie

At our company we are planning to move our IIS applications from forms based authentication to federated authentication. We want to move one application first (big bang is difficult). All applications currently share a forms cookie (in the same domain,
same IIS server). I am looking for a way to move one application to federated authentication while still supporting users that are logged in with forms authentication.
I am thinking about the following scenario's:
IIS application 'A' has federated authentication configured (ADFS)
IIS application 'B' has forms authentication.
User request page in iis app 'A' -> authentication mechanism checks if a forms cookie from app 'B' exists. (form cookie exists because user has already logged in via username/password webform in app 'B')
If yes, the info in this cookie is used to build a valid claim (custom code), federated cookie is set with this claim. User session can start
If no, claim is obtained via ADFS server, federated cookie is set with claim. User can start session.
In this way, users that are authenticated via Forms authenticated are supported in an application that is configured for ADFS claims. That gives us the possibility to gradually move all users from our custom security system (based on .net forms) to AD.
How can this be done?
Bert-Jan

The legacy forms logon (non-federated) with the cookie is independent of the federated logon process. You can always stand-up a separate IIS website (federated) to point to your application in a side-by-side capacity, thereby meeting the requirement for
federated logon (assuming the application supports that) and legacy forms, but crossing trust boundaries between the legacy and federated logon for SSO purposes is not possible OOTB. If you want AD FS to issue claims from the "classic" forms logon
alternate, then that forms logon provider would need to also be a trusted claims provider and possess its own Security Token Service. In general I try, and emphasis on the word try ;-), to shy away from customizing AD FS logon screens, primarily because it
can come back and bite you. While AD FS 2.0 provided some latitude for these sorts of practices, AD FS 3.0 (and beyond) does not ...
http://blog.auth360.net

Oracle Provider for Membership and Roles not running

Hi Everyone,
I ran the ASP.Net Configuration and select the 'Provider' tab.
When I choose 'Select a single provider for all site management data', only AspNetSqlProvider is shown.
When I choose 'Select a different provider for each feature (advanced)', I see the Oracle Provider for Membership and Roles. I select both then try to enter 'Security' tab. It will hang then come back with this error:
"There is a problem with your selected data store. This can be caused by an invalid server name or credentials, or by insufficient permission. It can also be caused by the role manager feature not being enabled. Click the button below to be redirected to a page where you can choose a new data store. "
Any solutions to this...........
Regards
Sid

Thanks for the reply but i stil have the problem...............
My Current machine.config has this to say in that particular section
<connectionStrings>
<add name="LocalSqlServer" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true" providerName="System.Data.SqlClient"/>
<add name="OraAspNetConString" providerName="Oracle.DataAccess.Client" connectionString=" "/>
</connectionStrings>
What can be done.........................in this case
Thanks

Any kind of integration experience with Weblogic JMS and Oracle AQ?

Hi,
In my company I work with java developers who believe in some kind of "holly" database independence I don't understand and as a result my life as a database developer is hell on earth.. Yesterday we again started to discuss, this time where to log, they believe database is slow and prefer logging to filesystem, after some hours finally I could convince them for some operational and reporting needs to use the database and will do this in an asyncronous way whiich they won't get slow. After all I believe the reason for a database is data, this is the place where data lives, and with the correct desing and implementation logging to database would perform better.
I love Oracle features, and know that we paid a lot for this software, so today I started investigating this promised solution. And quickly I found AQ and JMS topics in the documentation :)
After this introduction here is my problem; my company use BEA Weblogic as application server and the java guys want AQ to automatically (but of course with some delay) take their JMS log requests into database tables. Does any one have similar application experience, or any kind of integration experience with Weblogic JMS and Oracle AQ?
Any comments, references, documentation, sample code, url will be most welcomed :)
Thank you very much!
Tonguc
[email protected]
References I found upto now;
Oracle® Streams Advanced Queuing Java API Reference 10g Release 2 (10.2) http://download-uk.oracle.com/docs/cd/B19306_01/server.102/b14291/toc.htm
(Packages; javax.jms & oracle.jms)
Oracle® Streams Advanced Queuing User's Guide and Reference 10g Release 2 (10.2) http://download-uk.oracle.com/docs/cd/B19306_01/server.102/b14257/toc.htm
Part IV
Using Oracle JMS and Oracle Streams AQPart V describes how to use Oracle JMS and Oracle Streams Advanced Queuing (AQ).
Chapter 11, "Introducing Oracle JMS"
Chapter 12, "Oracle JMS Basic Operations"
Chapter 13, "Oracle JMS Point-to-Point"
Chapter 14, "Oracle JMS Publish/Subscribe"
Chapter 15, "Oracle JMS Shared Interfaces"
Chapter 16, "Oracle JMS Types Examples"
A Sample Code from Otn
http://www.oracle.com/technology/sample_code/tech/java/web_services/jmsws/NewsQueueEJB.java.html

I wouldn't go as far to say Oracle AQ is out-dated today. However, it is indeed a proprietary technology that did not found much main-stream adoption in the earlier years after its introduction. The advent of JMS made it somewhat more useful (or should I say intriguing, because more people are trying to tie it together with other J2EE technologies), but the Oracle's JMS wrapper classes in aqapi.jar were not feature complete for a long while, so using it outside Oracle's application server was painful, if not impossible. I do agree that the info at the dev2dev's JMS newsgroup or in this forum is highly fragmented, as neither Oracle nor BEA provides an official solution to integrate AQ with WebLogic, so people like us have to learn the technology through experimentation and in a piecemeal fashion.
3 years ago I was literally "playing around" - we had a polling mechanism set up to use triggers to write Oracle data changes into an event table, and had a Java-based daemon to scan that table and publish events as JMS messages to the WebLogic JMS server. This continues to work reliably till today, but I was looking for a solution that has few parts - I wanted to hook up my WebLogic MDB directly to AQ as a foreign JMS provider. Although I was able to get it to work (including XA), there were a few hoops I had to jump through, such as decompiling the Oracle AQjms classes to make them bind to the WebLogic JNDI tree.
One year after that Diptanshu Parui took what I did a giant step further - he extended the Oracle AQjms classes to allow them to be bound to the WebLogic JNDI tree naturally, and he figured out how to use WebLogic JMS messging bridge to re-send single-threaded AQ JMS messages to clustered JMS queues, which allow concurrent message assumption by multiple instances of MDB's. My impression is that he is using that setup in a production environment.
I am sure you are aware of it but I would like to make it clear - in order to use AQ as a foreign JMS provider to WebLogic-hosted MDB's, you don't need to update your database to Oracle 10g - Oracle 8i is good enough (although I recommend at least 9i Release 2). It is not the database engine, but rather the aqapi.jar JMS wrapper on top of AQ that matters. I do recommend that you use aqapi.jar from Oracle Application Server 10.0.3 or up for better XA support, among other things. Again, you don't have to replace WebLogic with Oracle AS - you only need a single jar file from it and put it in your WebLogic's classpath. However, I don't know what this means from a licensing point of view if you ever go to production - do you have to pay the full price of OracleAS or OC4J just to use the aqapi.jar?
In the coming days I will test the latest aqapi.jar to see how much progress Oracle has made in terms of making their J2EE products more spec-compliant :-).
Hope the above gives you a different perspective.
Eric

Oracle Service Cloud Achieves Federal Risk and Authorization Management Program Provisional Authority to Operate

News Summary
Oracle Service Cloud -- a software-as-a-service (SaaS) solution -- has received a Federal Risk and Authorization Management Program (FedRAMP) moderate provisional Authority to Operate (p-ATO) from the Joint Authorization Board (JAB), comprised of the Chief Information Officers (CIOs) of the U.S. Department of Homeland Security (DHS), U.S. Department of Defense (DOD), and U.S. General Services Administration (GSA).
News Facts
Oracle announced that Oracle Service Cloud -- a software-as-a-service (SaaS) solution -- has received a Federal Risk and Authorization Management Program (FedRAMP) moderate provisional Authority to Operate (p-ATO) from the Joint Authorization Board.
The Oracle Service Cloud is Oracle's premier Software as a Service (SaaS) solution providing the industry's best in class customer service platform for enterprise customers. Oracle customers can deploy Oracle Service Cloud onto a robust, secure infrastructure hosting Oracle's patented customer experience (CX) software applications in an environment accredited to FedRAMP-moderate specifications.
Oracle Service Cloud has been granted a p-ATO by the FedRAMP's Joint Authorization Board (JAB), the primary governance and decision-making body for the FedRAMP program. A JAB p-ATO provides a government wide view for security and stringent review by the JAB Technical Representatives from the DHS, DOD, and GSA. As a result, government customers can save time and money by leveraging Oracle's JAB approval to grant their own authority to operate without having to go through a full certification and accreditation.
The rigorous review of Oracle's environment was completed by an accredited third-party organization at the FedRAMP moderate baseline level, for a SaaS offering using a community deployment model.
Supporting Quotes
"Oracle is very excited to announce the Service Cloud p-ATO as we continue to work towards meeting our public sector customers' demands for a highly secure, robust suite of cloud solutions built for government," Aaron Erickson, Director of Government Innovation, Public Sector North America, Oracle.
EMarkets Daily
Executive Biz
FCW.com
Markets Daily
Tech Taffy
Business Week
CNN
Congoo
Yahoo Finance

Have you checked the docs? There are some specific docs for enabling security like http://docs.oracle.com/cd/E18941_01/tutorials/jdtut_11r2_29/jdtut_11r2_29.html
which guide you through the process.
Timo

Integrated LDAP authentication and now BAM start page is very slow to load

Hi, all~
I have a fresh install of BAM 10.1.3.3 with the 10.1.3.4 patch applied.
I've reviewed the BAM installation guide and LDAP integration tech note, and have been able to successfully integrate BAM with our LDAP, where "successful" means that I'm able to provide my own LDAP credentials and log in to BAM.
However, the BAM start screen now consistently takes somewhere on the order of 1-2 minutes to load... so I guess I'm wondering if there's a common cause for this sort of error?
Any suggestions of things to check would be appreciated.
Thanks,
- Nathan

For whatever it's worth, the solution in our case was to decouple BAM (10g) from LDAP.
User administration becomes a slightly more manual process in this case, but the BAM pages load almost instantly for users now, whereas before for some users it would take as much as 10 minutes for a page to load following their logging in.
Another benefit from LDAP decoupling is that IIS is able to do Windows integrated login for users, meaning that the users don't need to provide a login and password any longer.
The one "gotcha" that was encountered had to do with IIS realms and creating JDeveloper connections to the BAM server following the decoupling. From our testing, under IIS -> Web Sites -> Default Web Site -> Properties -> Directory Security (tab) -> "Authentication and access control" Edit button, the following needs to be specified:
Check only "Integrated Windows login" and "Basic authentication"
Specify a "Default domain" by pressing the Select button and choosing an appropriate domain
From there, in your JDeveloper BAM connection, be sure to include the selected domain in your connection properties.
- Nathan

My app store is not working after installing mavericks. When I open app store it repeatedly asking me to login with apple ID and to provide User name and Password for proxy authentication in a loop.I am a newbie to mac,Please help me.

My app store is not working after installing mavericks. When I open app store it repeatedly asking me to login with apple ID and to provide User name and Password for proxy authentication in a loop.I am a newbie to mac,Please help me.

Hmmmm... would appear that you need to be actually logged in to enable the additional menu features.
Have you tried deletting the plists for MAS?
This page might help you out...
http://www.macobserver.com/tmo/answers/how_to_identify_and_fix_problems_with_the _mac_app_store
Failing that, I will have to throw this back to the forum to see if anyone else can advise further.
Let me know how you get on?
Thanks.

When I tried to open my Mail app this morning, it opened a list of choices - iCloud, E Exchange, Google, Yahoo, Aol, Outlook. I use Hotmail and it usually opens to my Inbox. Why did it do this and do I choose Outlook and is it safe to sign in

When I tried to open my Mail app on my IPhone this morning, it opened a list of choices - iCloud, E Exchange, Google, Yahoo, Aol, Outlook. I use Hotmail and it usually opens to my Inbox. Why did it do this and do I choose Outlook and is it safe to sign in?

It sounds like instead of opening your Mail App, you actually opened your Settings App, and were somehow in the 'Add Account' section of Mail, Contacts & Calendars.
Close the apps, and then reopen just the Mail App.

As a stockholder, I would like see the development of iTV with Retina display and integrating Siri control, internet access, and iTunes apps. This new product would be a large screen, thin wall mounted television, much like a oversided iPad.

As a stockholder, I would like see the development of iTV with Retina display and integrating Siri control, internet access, and iTunes apps. This new product would be a large screen, thin wall mounted television, much like a oversided iPad.
Do you think this product is possible?

In general theory, one now has the Edit button for their posts, until someone/anyone Replies to it. I've had Edit available for weeks, as opposed to the old forum's ~ 30 mins.
That, however, is in theory. I've posted, and immediately seen something that needed editing, only to find NO Replies, yet the Edit button is no longer available, only seconds later. Still, in that same thread, I'd have the Edit button from older posts, to which there had also been no Replies even after several days/weeks. Found one that had to be over a month old, and Edit was still there.
Do not know the why/how of this behavior. At first, I thought that maybe there WAS a Reply, that "ate" my Edit button, but had not Refreshed on my screen. Refresh still showed no Replies, just no Edit either. In those cases, I just Reply and mention the [Edit].
Also, it seems that the buttons get very scrambled at times, and Refresh does not always clear that up. I end up clicking where I "think" the right button should be and hope for the best. Seems that when the buttons do bunch up they can appear at random around the page, often three atop one another, and maybe one way the heck out in left-field.
While I'm on a role, it would be nice to be able to switch between Flattened and Threaded Views on the fly. Each has a use, and having to go to Options and then come back down to the thread is a very slow process. Jive is probably incapable of this, but I can dream.
Hunt

Integration b/w uccx7.0 and oracle 10g

hi,
currently i am doing integration b/w uccx7.0 and oracle 10g. i have installed the oracle client 10g . and i added the DSN in ODBC and also the test connection is succesful.. but when i mention the DSN in app admin page (Subsytem> Database). it is showing me error that some of the information is incorrect for the connection. and is not allowing me to add DSN in appadmin page of uccx 7.0.. even though i am using the same information in sqlplus to query the database from ipccx. Do i need to mention sth to make it work.
Regards
Nareh

Hi there
A few things you have to watch out for.
Firstly if you have create the DSN and able to connect to it via the ODBC its more likely that the driver was not loaded correctly.
- Remove the Driver and DNS
- Install the driver again and create the DSN and test if it works
- Reload the whole windows <----- was working on a case for 3 hours UCCX just wasn't loading the new 10g drivers reload fixed this
Now create the database connection and test.
Should this not work you can try the following:
CSCtb80893

Exchange ADFS 2.0 integration to provide federated authentication and SSO

Similar Messages

Maybe you are looking for