FF user usage for utility client
Hi All,
Could you please let me know a Business scenario where FF ID is required for Utility client (Oil and Gas). the requirement is for business users.
Regards,
Praveen
Dear Praveen,
there is no pre-defined scenario where you have to use firefighters. Firefighter usage can be defined based on your business requirement.
Personally I recommend to use firefighter for critical access to have critical activities logged. Others are also using firefighter to avoid SOD violations.
There are several documents which describe EAM itself and also the process behind.
Firefighter ID User Assignment Lifecycle
Firefighter ID Lifecycle
De-centralized EAM GRC 10.0
ID-Based Firefighting vs. Role-Based Firefighting
Hope this helps to understand the concept and usage of firefighting.
Regards,
Alessandro
Similar Messages
-
User id for IDES client 800 is no longer possible
Hi,
I am trying to logon to the client 800 by using the user id IDADMIN by the default sap password. I didn't work, looks like i tried too many times. I am getting the message.
Password logon no longer possible - too many failed attempts.
Any one knows how to unlock this? I tried sap* and ddic, but couldn't logon to client 800. Thanks,
Regards,
Sundar.Hi Rakesh,
You have mention that we can delete the user from command prompt, pls can you tell me
delete from <HOSTNAME>.<SID>.<b><object_owner></b>.USR02 where BNAME='SAP*' and MANDT='000';
what is mean by above <object_owner>, pls can you tell me what do you mean by that.
waiting for positive reply.
Regards
Anil B Bhandary -
Hi everyone,
it's probably just me but I have tried real hard to get a simple AnyConnect setup working in a lab environment on my ASA 5505 at home, without luck. When I connect with the AnyConnect client I get the error message "User not authorized for AnyConnect Client access, contact your administrator". I have searched for this error and tried some of the few solutions out there, but to no avail. I also updated the ASA from 8.4.4(1) to 9.1(1) and ASDM from 6.4(9) to 7.1(1) but still the same problem. The setup of the ASA is straight forward, directly connected to the Internet with a 10.0.1.0 / 24 subnet on the inside and an address pool of 10.0.2.0 / 24 to assign to the VPN clients. Please note that due to ISP restrictions, I'm using port 44455 instead of 443. I had AnyConnect working with the SSL portal, but IKEv2 IPsec is giving me a headache. I have stripped down certificate authentication which I had running before just to eliminate this as a potential cause of the issue. When running debugging, I do not get any error messages - the handshake completes successfully and the local authentication works fine as well.
Please find the current config and debugging output below. I appreciate any pointers as to what might be wrong here.
: Saved
ASA Version 9.1(1)
hostname ASA
domain-name ingo.local
enable password ... encrypted
xlate per-session deny tcp any4 any4
xlate per-session deny tcp any4 any6
xlate per-session deny tcp any6 any4
xlate per-session deny tcp any6 any6
xlate per-session deny udp any4 any4 eq domain
xlate per-session deny udp any4 any6 eq domain
xlate per-session deny udp any6 any4 eq domain
xlate per-session deny udp any6 any6 eq domain
passwd ... encrypted
names
name 10.0.1.0 LAN-10-0-1-x
dns-guard
ip local pool VPNPool 10.0.2.1-10.0.2.10 mask 255.255.255.0
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif Internal
security-level 100
ip address 10.0.1.254 255.255.255.0
interface Vlan2
nameif External
security-level 0
ip address dhcp setroute
regex BlockFacebook "facebook.com"
banner login This is a monitored system. Unauthorized access is prohibited.
boot system disk0:/asa911-k8.bin
ftp mode passive
clock timezone PST -8
clock summer-time PDT recurring
dns domain-lookup Internal
dns domain-lookup External
dns server-group DefaultDNS
name-server 10.0.1.11
name-server 75.153.176.1
name-server 75.153.176.9
domain-name ingo.local
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network LAN-10-0-1-x
subnet 10.0.1.0 255.255.255.0
object network Company-IP1
host xxx.xxx.xxx.xxx
object network Company-IP2
host xxx.xxx.xxx.xxx
object network HYPER-V-DUAL-IP
range 10.0.1.1 10.0.1.2
object network LAN-10-0-1-X
access-list 100 extended permit tcp any4 object HYPER-V-DUAL-IP eq 3389 inactive
access-list 100 extended permit tcp object Company-IP1 object HYPER-V-DUAL-IP eq 3389
access-list 100 extended permit tcp object Company-IP2 object HYPER-V-DUAL-IP eq 3389
tcp-map Normalizer
check-retransmission
checksum-verification
no pager
logging enable
logging timestamp
logging list Threats message 106023
logging list Threats message 106100
logging list Threats message 106015
logging list Threats message 106021
logging list Threats message 401004
logging buffered errors
logging trap Threats
logging asdm debugging
logging device-id hostname
logging host Internal 10.0.1.11 format emblem
logging ftp-bufferwrap
logging ftp-server 10.0.1.11 / asa *****
logging permit-hostdown
mtu Internal 1500
mtu External 1500
ip verify reverse-path interface Internal
ip verify reverse-path interface External
icmp unreachable rate-limit 1 burst-size 1
icmp deny any echo External
asdm image disk0:/asdm-711.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
object network obj_any
nat (Internal,External) dynamic interface
object network LAN-10-0-1-x
nat (Internal,External) dynamic interface
object network HYPER-V-DUAL-IP
nat (Internal,External) static interface service tcp 3389 3389
access-group 100 in interface External
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server radius protocol radius
aaa-server radius (Internal) host 10.0.1.11
key *****
radius-common-pw *****
user-identity default-domain LOCAL
aaa authentication ssh console radius LOCAL
http server enable
http LAN-10-0-1-x 255.255.255.0 Internal
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec ikev2 ipsec-proposal DES
protocol esp encryption des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
protocol esp encryption 3des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
protocol esp encryption aes
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES192
protocol esp encryption aes-192
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES256
protocol esp encryption aes-256
protocol esp integrity sha-1 md5
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
crypto map External_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map External_map interface External
crypto ca trustpoint srv01_trustpoint
enrollment terminal
crl configure
crypto ca trustpoint asa_cert_trustpoint
keypair asa_cert_trustpoint
crl configure
crypto ca trustpoint LOCAL-CA-SERVER
keypair LOCAL-CA-SERVER
crl configure
crypto ca trustpool policy
crypto ca server
cdp-url http://.../+CSCOCA+/asa_ca.crl:44435
issuer-name CN=...
database path disk0:/LOCAL_CA_SERVER/
smtp from-address ...
publish-crl External 44436
crypto ca certificate chain srv01_trustpoint
certificate <output omitted>
quit
crypto ca certificate chain asa_cert_trustpoint
certificate <output omitted>
quit
crypto ca certificate chain LOCAL-CA-SERVER
certificate <output omitted>
quit
crypto ikev2 policy 1
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-192
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 20
encryption aes
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 30
encryption 3des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 40
encryption des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 enable External client-services port 44455
crypto ikev2 remote-access trustpoint asa_cert_trustpoint
telnet timeout 5
ssh LAN-10-0-1-x 255.255.255.0 Internal
ssh xxx.xxx.xxx.xxx 255.255.255.255 External
ssh xxx.xxx.xxx.xxx 255.255.255.255 External
ssh timeout 5
ssh version 2
console timeout 0
no vpn-addr-assign aaa
no ipv6-vpn-addr-assign aaa
no ipv6-vpn-addr-assign local
dhcpd dns 75.153.176.9 75.153.176.1
dhcpd domain ingo.local
dhcpd option 3 ip 10.0.1.254
dhcpd address 10.0.1.50-10.0.1.81 Internal
dhcpd enable Internal
threat-detection basic-threat
threat-detection scanning-threat shun except ip-address LAN-10-0-1-x 255.255.255.0
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
dynamic-filter use-database
dynamic-filter enable interface Internal
dynamic-filter enable interface External
dynamic-filter drop blacklist interface Internal
dynamic-filter drop blacklist interface External
ntp server 128.233.3.101 source External
ntp server 128.233.3.100 source External prefer
ntp server 204.152.184.72 source External
ntp server 192.6.38.127 source External
ssl encryption aes256-sha1 aes128-sha1 3des-sha1
ssl trust-point asa_cert_trustpoint External
webvpn
port 44433
enable External
dtls port 44433
anyconnect image disk0:/anyconnect-win-3.1.02026-k9.pkg 1
anyconnect profiles profile1 disk0:/profile1.xml
anyconnect enable
smart-tunnel list SmartTunnelList1 mstsc mstsc.exe platform windows
smart-tunnel list SmartTunnelList1 putty putty.exe platform windows
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless
webvpn
anyconnect profiles value profile1 type user
username write.ingo password ... encrypted
username ingo password ... encrypted privilege 15
username tom.tucker password ... encrypted
class-map TCP
match port tcp range 1 65535
class-map type regex match-any BlockFacebook
match regex BlockFacebook
class-map type inspect http match-all BlockDomains
match request header host regex class BlockFacebook
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 1500
id-randomization
policy-map TCP
class TCP
set connection conn-max 1000 embryonic-conn-max 1000 per-client-max 250 per-client-embryonic-max 250
set connection timeout dcd
set connection advanced-options Normalizer
set connection decrement-ttl
policy-map type inspect http HTTP
parameters
protocol-violation action drop-connection log
class BlockDomains
policy-map global_policy
class inspection_default
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect dns preset_dns_map dynamic-filter-snoop
inspect http HTTP
service-policy global_policy global
service-policy TCP interface External
smtp-server 199.185.220.249
privilege cmd level 3 mode exec command perfmon
privilege cmd level 3 mode exec command ping
privilege cmd level 3 mode exec command who
privilege cmd level 3 mode exec command logging
privilege cmd level 3 mode exec command failover
privilege cmd level 3 mode exec command vpn-sessiondb
privilege cmd level 3 mode exec command packet-tracer
privilege show level 5 mode exec command import
privilege show level 5 mode exec command running-config
privilege show level 3 mode exec command reload
privilege show level 3 mode exec command mode
privilege show level 3 mode exec command firewall
privilege show level 3 mode exec command asp
privilege show level 3 mode exec command cpu
privilege show level 3 mode exec command interface
privilege show level 3 mode exec command clock
privilege show level 3 mode exec command dns-hosts
privilege show level 3 mode exec command access-list
privilege show level 3 mode exec command logging
privilege show level 3 mode exec command vlan
privilege show level 3 mode exec command ip
privilege show level 3 mode exec command failover
privilege show level 3 mode exec command asdm
privilege show level 3 mode exec command arp
privilege show level 3 mode exec command ipv6
privilege show level 3 mode exec command route
privilege show level 3 mode exec command ospf
privilege show level 3 mode exec command aaa-server
privilege show level 3 mode exec command aaa
privilege show level 3 mode exec command eigrp
privilege show level 3 mode exec command crypto
privilege show level 3 mode exec command ssh
privilege show level 3 mode exec command vpn-sessiondb
privilege show level 3 mode exec command vpnclient
privilege show level 3 mode exec command vpn
privilege show level 3 mode exec command dhcpd
privilege show level 3 mode exec command blocks
privilege show level 3 mode exec command wccp
privilege show level 3 mode exec command dynamic-filter
privilege show level 3 mode exec command webvpn
privilege show level 3 mode exec command service-policy
privilege show level 3 mode exec command module
privilege show level 3 mode exec command uauth
privilege show level 3 mode exec command compression
privilege show level 3 mode configure command interface
privilege show level 3 mode configure command clock
privilege show level 3 mode configure command access-list
privilege show level 3 mode configure command logging
privilege show level 3 mode configure command ip
privilege show level 3 mode configure command failover
privilege show level 5 mode configure command asdm
privilege show level 3 mode configure command arp
privilege show level 3 mode configure command route
privilege show level 3 mode configure command aaa-server
privilege show level 3 mode configure command aaa
privilege show level 3 mode configure command crypto
privilege show level 3 mode configure command ssh
privilege show level 3 mode configure command dhcpd
privilege show level 5 mode configure command privilege
privilege clear level 3 mode exec command dns-hosts
privilege clear level 3 mode exec command logging
privilege clear level 3 mode exec command arp
privilege clear level 3 mode exec command aaa-server
privilege clear level 3 mode exec command crypto
privilege clear level 3 mode exec command dynamic-filter
privilege cmd level 3 mode configure command failover
privilege clear level 3 mode configure command logging
privilege clear level 3 mode configure command arp
privilege clear level 3 mode configure command crypto
privilege clear level 3 mode configure command aaa-server
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:41a021a28f73c647a2f550ba932bed1a
: end
Many thanks,
IngoHi Jose,
here is what I got now:
ASA(config)# sh run | begin tunnel-group
tunnel-group DefaultWEBVPNGroup general-attributes
address-pool VPNPool
authorization-required
and DAP debugging still the same:
ASA(config)# DAP_TRACE: DAP_open: CDC45080
DAP_TRACE: Username: tom.tucker, aaa.cisco.grouppolicy = DfltGrpPolicy
DAP_TRACE: Username: tom.tucker, aaa.cisco.username = tom.tucker
DAP_TRACE: Username: tom.tucker, aaa.cisco.username1 = tom.tucker
DAP_TRACE: Username: tom.tucker, aaa.cisco.username2 =
DAP_TRACE: Username: tom.tucker, aaa.cisco.tunnelgroup = DefaultWEBVPNGroup
DAP_TRACE: Username: tom.tucker, DAP_add_SCEP: scep required = [FALSE]
DAP_TRACE: Username: tom.tucker, DAP_add_AC:
endpoint.anyconnect.clientversion="3.1.02026";
endpoint.anyconnect.platform="win";
DAP_TRACE: Username: tom.tucker, dap_aggregate_attr: rec_count = 1
DAP_TRACE: Username: tom.tucker, Selected DAPs: DfltAccessPolicy
DAP_TRACE: Username: tom.tucker, DAP_close: CDC45080
Unfortunately, it still doesn't work. Hmmm.. maybe a wipe of the config and starting from scratch can help?
Thanks,
Ingo -
How could i get the kernel and user cpu usage for each process
Hi all,
In order to monitor the system CPU usage, I would like write a script to gather the kernel and user CPU usage for each process, like the prstat or top does. As always missing the shortlived kernel usage, prstat or top cann't get the precise CPU usage. I checked with the dtrace syscall, proc and fbt provider, but don't get which one is useful.
Please provide your comments and suggestion.
Thanks in advmail2sleepy wrote:
As I've studied the "dtrace" for a while, and seems Sun gives a pretty high score on this new feature.....I do want to know whether there's some probe can work for it, like writing a "dtrace" version prstat.You can write a prstat without dtrace. Because that's just polling at specific intervals and reading some process structures from /proc. You could have dtrace fire a probe every 5 seconds and read the same thing, but it wouldn't really be using any features of dtrace. Trhying to write it "in dtrace" doesn't make much sense.
What you could do that would be harder via other methods is to fire a probe at process exit that displayed the process information including total CPU time. They could print exactly when processes exited. Doing that without dtrace would be very difficult.
Darren -
Database link works for OS user "oracle" but not for other clients
My DBA connects as user1 to db1 and successfully queries over database link db2.
[oracle@linux19 ODA]$ sqlplus user1/****@db1
SQL*Plus: Release 11.2.0.3.0 Production on Fri Apr 12 07:39:49 2013
Copyright (c) 1982, 2011, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL> SELECT * FROM DUAL@db2;
D
XI log in from a Windows XP client and test the same database link with a ORA-12154 result.
C:\>sqlplus user1/****@db1
SQL*Plus: Release 11.2.0.1.0 Production on Fri Apr 12 11:18:18 2013
Copyright (c) 1982, 2010, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL> SELECT * FROM DUAL@db2;
SELECT * FROM [email protected]
ERROR at line 1:
ORA-12154: TNS:could not resolve the connect identifier specifiedI can create and successfully use database links by including the full TNS entry in the USING string.
What are some possible causes for the different results?
What additional information might I supply to help troubleshoot?
Thanks very much.
- Doug
Edited by: enquad on Apr 12, 2013 2:56 PM
changed "database link db1" to "database link db2" per comments by SB
Edited by: enquad on Apr 12, 2013 3:00 PM
Changed "user" to "OS user" in subject for clarityenquad wrote:
Sorry gentlemen and SB, but my question is still not answered. It is a new question, which I have not found answered elsewhere.
To summarize:
SB97025 informs me that db1 is not a database link, but I never said that it was. It is the second database (anonymized as "db2") that is connected to through the database link "db2.mycompany.net".
SB97025 also wonders intriguingly if my DBA and I are we really connecting to the same database when we each connect to user1 on db1. Perhaps the Oracle server and my PC have TNSNAMES.ORA files that lead us to different databases for the same TNS alias? I do not believe this is the case, because my DBA created that user1 and that database link in the db1 database specifically for the purpose of doing this test and I see that same link when I connect to user1 on db1. Unless my DBA is spoofing me by creating user1 in two different databases - only one of which contains a working dblink named db2.mycompany.net - just for the purpose of throwing me off, I would have to conclude that he and I are actually connecting to the same database.There is no reason to "believe" (or not) that "this is the case". The entire point of SB's comment on that was to get you to verify. President Reagan famously said "trust but verify". He never worked as a DBA. I say "don't trust, just verify".
Obviously something is different. And at this point the most likely and easiest to confirm is that you and your DBA really are connecting to the same database, on the same host server, using the same link. And at this point all we really have is to trust your DBAs statement.
>
Ed Stevens reminds me that db1 is acting as a client to db2 and so the solutions to the ORA-12154 are the same as for any client connection as listed on his blog (which I had already read), none of which solve my problem. Rembember, the DBA can use the database link, so by whatever means the TNS lookup is happening when he uses it, the correct connection description is being found. The question is not "why does this stinkin' database link not work"? It does work for the DBA.
Pierre wants to make sure I know that it is the Oracle server's TNSNAMES file that is the important thing, not my client's TNSNAMES file, which is true but not relevant to my problem and I was never so naive. He also says that I could try creating a database link by including the full TNS entry in the USING string, which does work as I had already mentioned in my original post.
Amar asks if my DBA can: sqlplus username/password@db2.
The answer is yes. The dba can use SQL*Plus to connect to db2 from the server hosting db1 and can connect to db1 from the server hosting db2. There is almost nothing my DBA cannot do.
None of the posters addressed the key information in my post, which was the different result my DBA and I get when using the same database link in the same schema on the same database. That AND the fact that my DBA is logged on to Linux Oracle serve as user "oracle" and I am logged in to my PC. Why should it matter to a database link which computer is running SQL*Plus or who the OS user is?
Also the GLOBAL_NAMES parameter is set to FALSE.
- Doug -
Hi,
is there Ready Made Configuration Packs available for Lync Client ( Client on end user computer ) and Server ... to check the configuration, services,compliance, functionality of all the features etc at end user level
and server configuration packs
Regards
Tanoj
OSLM ENGINEER - SCCM 2007 & 2012No, there is not something available for Lync. What's available can be found here (and it's all not recent):
https://www.microsoft.com/en-us/search/DownloadsDrillInResults.aspx?q=SCCM+%22configuration+pack%22&cateorder=2_5_1&site=
My Blog: http://www.petervanderwoude.nl/
Follow me on twitter: pvanderwoude -
Create users for other clients from client 000
Hello!
I have the following question:
What is the Tcode allows me to see all created users (perhaps wuth their password) in all clients from e.g. client 000?
Is it possible to create new users for other clients from client 000?
Thank you very much!
regards
Thom<b>SU10 User Mass Maintenance</b>
SCUA Central User Administration
SCUM Central User Administration
SCUG Copy users
SU01/SUCOMP User Maintenance/User company address maintenance
SU01D User Display
SCUL Central User Management Log -
Sql usage for user login screen in uix
I am very new to Jdeveloper so many things remain a mystery at this point. I'm using version 9.0.3.3.
I implemented a login screen using the example supplied in the uix developer guide and the solution works great except for the un-implemented method from the sample java program
if (password.equals(getPasswordForUser(userName)))
I need some help in how to implement this method. Conceptually, it is simple. Just a sql statement that searches the user file for a match on user name and password and either returns a single row or nothing.
The user interface screen works and passes down the user id and password and I made the java program work by hard coding in the user id and password rather than go to the database.
Any help would be greatly appreciated.
Thanks
Steve OliphantIf you figured this out, please share some code. In a nutshell I have some code that does not work, and have posted several questions on forum. So far no luck. The only way I made it work is to have dummy binding of USERS VO on my login page. Weird?
-
Dear All,
I'm trying to add a new user into my site definition in transaction SMOEAC. Already 3 employees are associated to this site; I want to add a new one.
I know that I should create a new subscription with Publication type User by employee, but when the wizard starts, I can't find the publication "User by employee" in my available list.
My user is already created and associated to a BP employee; it exists in the table SMOUSERS in CRM server, but not in my laptop. How is possible to update only this table in my laptop data base with the CRM one?
Could you help me, please?
Thanks.
BR,
Andrea.Hi,
how and when did you create the existing 3 user subscriptions for this site?
Is the user publication still in standard version or has it been changed to bulk replication mode?
Is there any other (intelligent) publication missing in the wizard list?
Regards,
Wolfhard -
Using JSSE : "Invalid Netscape CertType extension for SSL client" Error
Hi all,
Im using the sample code given sun site for JSSE with Client Authentication. The sample as such it worked with the testkeys provided in that. But it didn't workout when I tried using other certificates.
Both client and server certificates I generated from our internal Netscape Certificate Manager.
Function of the server :
The server will read a private key from the given keystore and starts listening on a port. This server will server only GET request.
Function of the client :
The Client sends a GET request to the server and gets the response back.
I simply changed the key store name alone in the working sample code.
It is not working.
The Exception thrown on client side :
D:\users\Jp\java\jssesamples\sockets\client\class>java SSLSocketClientWithClientAuth1 localhost 1089 /urls
localhost
1089
/urls
java.net.SocketException: Software caused connection abort: socket write error
at java.net.SocketOutputStream.socketWrite0(Native Method)
at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92)
at java.net.SocketOutputStream.write(SocketOutputStream.java:136)
at com.sun.net.ssl.internal.ssl.OutputRecord.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.j(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275)
at SSLSocketClientWithClientAuth1.main(SSLSocketClientWithClientAuth1.java:119)
Exception thrown on server side :
D:\users\Jp\java\jssesamples\sockets\server\class>java ClassFileServer 1089 . TLS true
USAGE: java ClassFileServer port docroot [TLS [true]]
If the third argument is TLS, it will start as
a TLS/SSL file server, otherwise, it will be
an ordinary file server.
If the fourth argument is true,it will require
client authentication as well.
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Invalid Netscape CertType extension for SSL client
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_aw.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_aw.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(DashoA6275)
at sun.nio.cs.StreamDecoder$CharsetSD.readBytes(StreamDecoder.java:406)
at sun.nio.cs.StreamDecoder$CharsetSD.implRead(StreamDecoder.java:446)
at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:180)
at java.io.InputStreamReader.read(InputStreamReader.java:167)
at java.io.BufferedReader.fill(BufferedReader.java:136)
at java.io.BufferedReader.readLine(BufferedReader.java:299)
at java.io.BufferedReader.readLine(BufferedReader.java:362)
at ClassServer.getPath(ClassServer.java:162)
at ClassServer.run(ClassServer.java:109)
at java.lang.Thread.run(Thread.java:536)
Caused by: java.security.cert.CertificateException: Invalid Netscape CertType extension for SSL client
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkClientTrusted(DashoA6275)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkClientTrusted(DashoA6275)
... 17 more
error writing response: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateExce
ption: Invalid Netscape CertType extension for SSL client
javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: java.security.cert.Certificate
Exception: Invalid Netscape CertType extension for SSL client
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.d(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.e(DashoA6275)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275)
at java.io.DataOutputStream.writeBytes(DataOutputStream.java:256)
at ClassServer.run(ClassServer.java:128)
at java.lang.Thread.run(Thread.java:536)
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Invalid Netscape CertType extension
for SSL client
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_aw.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_aw.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(DashoA6275)
at sun.nio.cs.StreamDecoder$CharsetSD.readBytes(StreamDecoder.java:406)
at sun.nio.cs.StreamDecoder$CharsetSD.implRead(StreamDecoder.java:446)
at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:180)
at java.io.InputStreamReader.read(InputStreamReader.java:167)
at java.io.BufferedReader.fill(BufferedReader.java:136)
at java.io.BufferedReader.readLine(BufferedReader.java:299)
at java.io.BufferedReader.readLine(BufferedReader.java:362)
at ClassServer.getPath(ClassServer.java:162)
at ClassServer.run(ClassServer.java:109)
... 1 more
Caused by: java.security.cert.CertificateException: Invalid Netscape CertType extension for SSL client
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkClientTrusted(DashoA6275)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkClientTrusted(DashoA6275)
... 17 more
The Client code :
* @(#)SSLSocketClientWithClientAuth.java 1.5 01/05/10
* Copyright 1995-2002 Sun Microsystems, Inc. All Rights Reserved.
* Redistribution and use in source and binary forms, with or
* without modification, are permitted provided that the following
* conditions are met:
* -Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* -Redistribution in binary form must reproduct the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
* Neither the name of Sun Microsystems, Inc. or the names of
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
* This software is provided "AS IS," without a warranty of any
* kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
* WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
* EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY
* DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR
* RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR
* ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
* FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT,
* SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
* CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF
* THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
* You acknowledge that Software is not designed, licensed or
* intended for use in the design, construction, operation or
* maintenance of any nuclear facility.
import java.net.*;
import java.io.*;
import javax.net.ssl.*;
import javax.security.cert.X509Certificate;
import java.security.KeyStore;
* This example shows how to set up a key manager to do client
* authentication if required by server.
* This program assumes that the client is not inside a firewall.
* The application can be modified to connect to a server outside
* the firewall by following SSLSocketClientWithTunneling.java.
public class SSLSocketClientWithClientAuth1 {
public static void main(String[] args) throws Exception {
String host = null;
int port = -1;
String path = null;
for (int i = 0; i < args.length; i++)
System.out.println(args);
if (args.length < 3) {
System.out.println(
"USAGE: java SSLSocketClientWithClientAuth " +
"host port requestedfilepath");
System.exit(-1);
try {
host = args[0];
port = Integer.parseInt(args[1]);
path = args[2];
} catch (IllegalArgumentException e) {
System.out.println("USAGE: java SSLSocketClientWithClientAuth " +
"host port requestedfilepath");
System.exit(-1);
try {
* Set up a key manager for client authentication
* if asked by the server. Use the implementation's
* default TrustStore and secureRandom routines.
SSLSocketFactory factory = null;
try {
SSLContext ctx;
KeyManagerFactory kmf;
KeyStore ks;
char[] passphrase = "passphrase".toCharArray();
ctx = SSLContext.getInstance("TLS");
kmf = KeyManagerFactory.getInstance("SunX509");
ks = KeyStore.getInstance("JKS");
// ks.load(new FileInputStream("testkeys"), passphrase);
ks.load(new FileInputStream("clientkey"), passphrase);
kmf.init(ks, passphrase);
ctx.init(kmf.getKeyManagers(), null, null);
factory = ctx.getSocketFactory();
} catch (Exception e) {
throw new IOException(e.getMessage());
SSLSocket socket = (SSLSocket)factory.createSocket(host, port);
* send http request
* See SSLSocketClient.java for more information about why
* there is a forced handshake here when using PrintWriters.
socket.startHandshake();
PrintWriter out = new PrintWriter(
new BufferedWriter(
new OutputStreamWriter(
socket.getOutputStream())));
out.println("GET " + path + " HTTP/1.1");
/* Some internet sites throw bad request error for HTTP/1.1 req if hostname is not specified so the foll line */
out.println("Host: " + host);
out.println();
out.flush();
* Make sure there were no surprises
if (out.checkError())
System.out.println(
"SSLSocketClient: java.io.PrintWriter error");
/* read response */
BufferedReader in = new BufferedReader(
new InputStreamReader(
socket.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);
in.close();
out.close();
socket.close();
} catch (Exception e) {
e.printStackTrace();
The Server code :
* @(#)ClassFileServer.java 1.5 01/05/10
* Copyright 1995-2002 Sun Microsystems, Inc. All Rights Reserved.
* Redistribution and use in source and binary forms, with or
* without modification, are permitted provided that the following
* conditions are met:
* -Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* -Redistribution in binary form must reproduct the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
* Neither the name of Sun Microsystems, Inc. or the names of
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
* This software is provided "AS IS," without a warranty of any
* kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
* WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
* EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY
* DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR
* RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR
* ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
* FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT,
* SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
* CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF
* THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
* You acknowledge that Software is not designed, licensed or
* intended for use in the design, construction, operation or
* maintenance of any nuclear facility.
import java.io.*;
import java.net.*;
import java.security.KeyStore;
import javax.net.*;
import javax.net.ssl.*;
import javax.security.cert.X509Certificate;
/* ClassFileServer.java -- a simple file server that can server
* Http get request in both clear and secure channel
* The ClassFileServer implements a ClassServer that
* reads files from the file system. See the
* doc for the "Main" method for how to run this
* server.
public class ClassFileServer extends ClassServer {
private String docroot;
private static int DefaultServerPort = 2001;
* Constructs a ClassFileServer.
* @param path the path where the server locates files
public ClassFileServer(ServerSocket ss, String docroot) throws IOException
super(ss);
this.docroot = docroot;
* Returns an array of bytes containing the bytes for
* the file represented by the argument <b>path</b>.
* @return the bytes for the file
* @exception FileNotFoundException if the file corresponding
* to <b>path</b> could not be loaded.
public byte[] getBytes(String path)
throws IOException
System.out.println("reading: " + path);
File f = new File(docroot + File.separator + path);
int length = (int)(f.length());
if (length == 0) {
throw new IOException("File length is zero: " + path);
} else {
FileInputStream fin = new FileInputStream(f);
DataInputStream in = new DataInputStream(fin);
byte[] bytecodes = new byte[length];
in.readFully(bytecodes);
return bytecodes;
* Main method to create the class server that reads
* files. This takes two command line arguments, the
* port on which the server accepts requests and the
* root of the path. To start up the server: <br><br>
* <code> java ClassFileServer <port> <path>
* </code><br><br>
* <code> new ClassFileServer(port, docroot);
* </code>
public static void main(String args[])
System.out.println(
"USAGE: java ClassFileServer port docroot [TLS [true]]");
System.out.println("");
System.out.println(
"If the third argument is TLS, it will start as\n" +
"a TLS/SSL file server, otherwise, it will be\n" +
"an ordinary file server. \n" +
"If the fourth argument is true,it will require\n" +
"client authentication as well.");
int port = DefaultServerPort;
String docroot = "";
if (args.length >= 1) {
port = Integer.parseInt(args[0]);
if (args.length >= 2) {
docroot = args[1];
String type = "PlainSocket";
if (args.length >= 3) {
type = args[2];
try {
ServerSocketFactory ssf =
ClassFileServer.getServerSocketFactory(type);
ServerSocket ss = ssf.createServerSocket(port);
if (args.length >= 4 && args[3].equals("true")) {
((SSLServerSocket)ss).setNeedClientAuth(true);
new ClassFileServer(ss, docroot);
} catch (IOException e) {
System.out.println("Unable to start ClassServer: " +
e.getMessage());
e.printStackTrace();
private static ServerSocketFactory getServerSocketFactory(String type) {
if (type.equals("TLS")) {
SSLServerSocketFactory ssf = null;
try {
// set up key manager to do server authentication
SSLContext ctx;
KeyManagerFactory kmf;
KeyStore ks;
char[] passphrase = "passphrase".toCharArray();
ctx = SSLContext.getInstance("TLS");
kmf = KeyManagerFactory.getInstance("SunX509");
ks = KeyStore.getInstance("JKS");
// ks.load(new FileInputStream("testkeys"), passphrase);
ks.load(new FileInputStream("serverkey"), passphrase);
kmf.init(ks, passphrase);
ctx.init(kmf.getKeyManagers(), null, null);
ssf = ctx.getServerSocketFactory();
return ssf;
} catch (Exception e) {
e.printStackTrace();
} else {
return ServerSocketFactory.getDefault();
return null;
Could anyone help ?
thanks in advance
JayaprakashThe same thing.
I have found the place where the exception throws.
It is com.sun.net.ssl.internal.ssl.AVA class.
It has a constructor AVA(StringReader)
There is a check in this constructor of different certificate extensions
(if-else). If it sees no familiar extension it throws exception and handshake fails.
It is not difficult to fix this problem: just ignore unknown extension.
Everything works fine with this "improved" class (under VA 3.5).
But the problem is - the using of this class in applets.
How can I say the browser to use my "improved" class and not the one it downloaded with java plug-in? -
All Im very new to Oracle DRM and Im trying to get the app setup on Windows server running SQL Server 2008. When I try to login to the Web Client I keep getting this error.
DRM-61026: Unable to create user session for the following reason: Login failed. Invalid user name or password.
Can you please helpThis might be due to The 'Oracle Instance' path may not have been set to a path relative to the 'CSS Bridge Host' (i.e. the Foundation Services machine) on the Configuration > Host Machines > CSS > General tab of the DRM Configuration Utility.
if this is the case then
1. Open the DRM Configuration Console.
2. Go to the Configuration > Host Machines > CSS > General tab of the DRM Configuration Utility.
3. Ensure that the path in 'Oracle Instance' has been set relative to the 'CSS Bridge Host' (i.e. the Foundation Services machine defined in 'CSS Bridge Host').
4. If corrections are made to 'Oracle Instance' then restart the DRM services to pick up the change.
Thanks,
~KKT~ -
Audit usage for REST API in SharePoint 2013
Hi,
Is there any OOB way for SharePoint to log access in REST API so that it will track which application/user uses the REST API?
Thanks,
KennyHi,
According to your post, my understanding is that you wanted to audit usage for REST API in SharePoint 2013.
Per my knowleadge, there is no out of the box way to accomplish this with SharePoint.
SharePoint 2013 introduces a Representational State Transfer (REST) service that is comparable to the existing SharePoint
client object models.
This means that developers can perform Create,
Read, Update, and Delete (CRUD) operations from their apps for SharePoint, solutions, and client applications, using REST web technologies and standard Open Data Protocol (OData) syntax.
More information:
REST API reference and samples
Thanks,
Linda Li
Forum Support
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Linda Li
TechNet Community Support -
OneDrive for Business sync prompts for ODfB client install
Working with a client that has installed Office 2013 ProPlus on an image that is being deployed. Users currently logon to their computer with a local account (Active Directory in process of being deployed). User is "migrated" and begins
to logon to Active Directory. User now logs on to the O365 portal and accesses their OneDrive site, not yet populated with documents. User clicks "sync" and is prompted to install a OneDrive for Business client, even though it has
already been installed as part of Office 2013 ProPlus. Install proceeds and Internet Explorer closes. Once install has completed, user logs on to O365 portal and attempts to sync OneDrive. User is prompted again to install the appropriate
client.
I have tried clearing IE cache, launching IE in InPrivate mode and using Chrome. Same behavior.
Any suggestions?
Thanks,
[email protected]New fun behavior noted:
New behavior. Similar scenario: User logging on to PC with a local account. Office 2013 ProPlus, including ODfB is installed. User is NOT currently using ODfB. Using Word
2013, Excel 2013, PPT 2013, Outlook 2013 ( connecting to Office 365 mailbox) and Lync 2013 (connecting to Lync Online) are being used by the users. Users machine is joined to a domain, User local account profile is migrated to domain profile.
User logs into PC with domain account. ( Matching the Office 365 account, typically [email protected] ). User logs into Outlook and Lync with no issues. User logs into the Office 365 Portal, selects OneDrive, and selects Sync.
"Sync this library to your device for easy access" window appears. User selects Sync now.. User is presented with "Sign in Call us overprotective, but we need to verify you account again before opening "https://realgoods-my.sharepoint.com""
windows. User enter his email address and clicks Next. User is then presented with "Sign In" windows and enters User ID and password. User is then presented with the "Overprotective" window. This happens 3 times
until user gets "We cannot connect to the specified SharePoint site." error message.
IE browser cache has been cleared. Steps have been followed to clear all document cache files. sharepoint.com, microsoftonline.com, office365.com have been added to the Trusted Sites zone and added to IE compatibility list.
Any clues on this one as well????
R,
Dale
[email protected] -
Cisco Jabber for Windows Client SDK
Is there an SDK for Cisco Jabber for Windows client? I could only find the Web SDK. Are there no other SDKs that would let me control features of the Jabber Windows Client?
And in order to avoid TAPI limitation, they say they have started using Jabber which controls all phone functionalities through an Application User connected to the Call Manager.
Assuming they are referring to the normal Jabber for Windows/Mac/iOS/Android applications then this is wrong. Jabber - the client, not the IM&P servers which are part of the CUCM cluster (if you're familiar with Lync consider CUCM+IM&P servers a Front End Pool) - do not use an Application User at all. When a user starts Jabber, assuming SAML SSO is off, they supply an email address. This is used to find the servers via DNS SRV records, or the Mobile and Remote Access Expressway (roughly analogous to a Lync Edge pool) to tunnel through the firewall. After the email address they are prompted for their End User username and password. This is then used to access several APIs on the server, namely the User Data Service to discover what the user has. This would include what the user has configured/available to them. After this is done the Jabber client does one of three things with respect to phone functionality:
If the user has no phone devices provisioned for them - physical or software - it becomes an IM&P client only.
If the user has a software phone phone provisioned, it registers as that using SIP. In this way Jabber is the actual phone. This is called a CSF device for Jabber Windows/OS X.
If the user has a desk phone assigned to their End User account AND administrative policy is to default to desk phone control, it registers to CTI Manager on the CUCM server to control the user's physical phone.
A user can toggle between option two and three, if appropriately provisioned, but cannot have both simultaneously. In other words, Jabber is either controlling a physical phone over CTI or is a phone itself using SIP. The difference is where the audio/video media is sent from/to.
All of this happens using that human's End User credentials.
Now, if you wanted to have a server control the user's phone - either a physical one or Jabber - you would use the TSP as an interface to CTI Manager on the CUCM server and receive real-time events (e.g. the user went off-hook, the phone is ringing with this caller ID, etc.) and issue commands to that phone (e.g. make a call to X). This is done using an Application User account because the server would need to do this for multiple users simultaneously. If you also use the Super Provider concept, the CUCM administrator doesn't have to take the extra step of associating every phone to your Application User manually. Instead, you can simply issue CTI subscriptions to see any/all device activity you want.
This is all assuming you wanted to do the integration server-side to avoid having to update the Cisco TSP application on every user PC (which also limits your WPF application to machines capable of running the TSP) every time the CUCM administrator patches the servers. If you don't care about that, then you can do this all client-side on the user's PC, and have them supply their End User credentials.
Of course, you could also reconsider the Jabber SDK and just embed the make/receive call functionality directly into your application instead. -
Job SM:SYNCHRONIZE USER DATA FOR NOTIFICATION canceled
Dear SAP Guru,
The BG job SM:SYNCHRONIZE USER DATA FOR NOTIFICATION is canceled every day and it´s
generating shortdump. Our system is SAP EHP1 for SAP Solution manager.
SAP ABA and SAP BASIS components are release 701 level 3.
ST is release 400 level 19
ST-PI is release 2008_1_700 level 1
ST-A/PI is release 01L_CRM570
Pls look on this shortdump.
Runtime Errors RAISE_EXCEPTION*
Date and Time 22.03.2010 06:50:11
|Short text |
| Exception condition "CUSTOMIZING_NOT_FOUND" raised. |
|What happened? |
| The current ABAP/4 program encountered an unexpected |
| situation. |
|What can you do? |
| Note down which actions and inputs caused the error. |
| |
| |
| To process the problem further, contact you SAP system |
| administrator. |
| |
| Using Transaction ST22 for ABAP Dump Analysis, you can look |
| at and manage termination messages, and you can also |
| keep them for a long time. |
|Error analysis |
| A RAISE statement in the program "SAPLDSWP_UTILITY" raised the exception |
| condition "CUSTOMIZING_NOT_FOUND". |
| Since the exception was not intercepted by a superior |
| program, processing was terminated. |
| |
| Short description of exception condition: |
| |
| |
| For detailed documentation of the exception condition, use |
| Transaction SE37 (Function Library). You can take the called |
| function module from the display of active calls. |
| - |
|How to correct the error |
| |
| If the error occures in a non-modified SAP program, you may be able to |
| find an interim solution in an SAP Note. |
| If you have access to SAP Notes, carry out a search with the following |
| keywords: |
| |
| "RAISE_EXCEPTION" " " |
| "SAPLDSWP_UTILITY" or "LDSWP_UTILITYU19" |
| "DSWP_GET_GLOBAL_CUSTOMIZING" |
| |
| or |
| |
| "SAPLDSWP_UTILITY" "CUSTOMIZING_NOT_FOUND" |
| |
| or |
| |
| "RDSWP_NM_SYNC_USER_DATA " "CUSTOMIZING_NOT_FOUND" |
| If you cannot solve the problem yourself and want to send an error |
| notification to SAP, include the following information: |
| |
*|
|System environment |
| SAP-Release 701 |
| |
| Application server... "crsgrant" |
| Network address...... "10.128.32.175" |
| Operating system..... "Windows NT" |
| Release.............. "5.2" |
| Hardware type........ "2x Intel 801686" |
| Character length.... 8 Bits |
| Pointer length....... 32 Bits |
| Work process number.. 13 |
| Shortdump setting.... "full" |
| |
| Database server... "CRSGRANT" |
| Database type..... "ORACLE" |
| Database name..... "SM1" |
| Database user ID.. "SAPSM1" |
| |
| Terminal.......... " " |
| |
| Char.set.... "Czech_Czech.28592" |
| |
| SAP kernel....... 701 |
| created (date)... "Apr 12 2009 22:43:15" |
| create on........ "NT 5.2 3790 Service Pack 1 x86 MS VC++ 14.00" |
| Database version. "OCI_10201_SHARE (10.2.0.4.0) " |
| |
| Patch level. 39 |
| Patch text.. " " |
| |
| Database............. "ORACLE 9.2.0.., ORACLE 10.1.0.., ORACLE 10.2.0.." |
| SAP database version. 701 |
| Operating system..... "Windows NT 5.0, Windows NT 5.1, Windows NT 5.2, Windows |
| NT 6.0" |
| |
| Memory consumption |
| Roll.... 8112 |
| EM...... 4181184 |
| Heap.... 0 |
| Page.... 24576 |
| MM Used. 873664 |
| MM Free. 170296 |
|User and Transaction |
| |
| Client.............. 001 |
| User................ "SOLMAN" |
| Language key........ "E" |
| Transaction......... " " |
| Transactions ID..... "C27635DF574FF121B0470050569757E9" |
| |
| Program............. "SAPLDSWP_UTILITY" |
| Screen.............. "SAPMSSY0 1000" |
| Screen line......... 6 |
|Information on where terminated |
| Termination occurred in the ABAP program "SAPLDSWP_UTILITY" - in |
| "DSWP_GET_GLOBAL_CUSTOMIZING". |
| The main program was "RDSWP_NM_SYNC_USER_DATA ". |
| |
| In the source code you have the termination point in line 22 |
| of the (Include) program "LDSWP_UTILITYU19". |
| The program "SAPLDSWP_UTILITY" was started as a background job. |
| Job Name....... "SM:SYNCHRONIZE USER DATA FOR NOT" |
| Job Initiator.. "SOLMAN" |
| Job Number..... 00104000 |
Have you some solution or advice?
Best Regards
JakubPlease could you check the following ?
- Please ensure that the latest version of note 1172948 has been implemented
- Please follow the recommendation in note 1314587.
- Check table 'DSWPGLOBALCUSTOM' and ensure that the entry 'DTMLOG' is available. Create the entry if missing.
These procedures will solve this issue.
Maybe you are looking for
-
Is OIM 9.1.0.2 BP09 certified on Weblogic Basic?
http://download.oracle.com/docs/cd/E12839_01/doc.1111/e14860/wls_basic.htm#CHDEJBEE Weblogic Basic has restrictions even on basic features of the server: -Core WebLogic application server -Java EE 5/EJB 3.0 -WebLogic Server management tools, includin
-
Howto eventing between components
Hi All... I am designing a program, and decided to implement each feature in a class which extends JPanel i decided to use Observer design pattern to inform special feature(JPanel) when event occur. I saw that there is an implementation of observer(j
-
How to store values in varrays and how to retrieve it ?
hi i am using d2k. i can store values in nested tables but i can't store it on varrays. declare TYPE NAMEARRAY IS table of varchar2(40) index by binary_integer; NAM NAMEARRAY; TYPE SACARRAY IS table of varchar2(30) index by binary_integer; SAC SACAR
-
I have a BIG problem. I don't know how it happened, but my itunes librairy is all messed up. Even the songs in the folders are messed up. I have iTunes match and now even it is messed up. Is there a way to revert the itunes match "match"? Is ther
-
I reset my zeen (Photosmart C510) and now it does not start. I get the "HP Photosmart eStation" welcome screen but it does not go beyond this point. What can I do? This question was solved. View Solution.