FTP Guest/Anonymous?

Is there a difference between FTP Guest and Anonymous access?

Hi Steve-
Generally "FTP anonymous" means just that. You are just some machine out in cyberspace requesting permission to upload a file to some other machine. You do not need an account in order to gain access Most servers with access to the real world do not accept such requests in an attempt to keep the rifraff out.
"FTP Guest" is a little misleading, but it is basically just that. As a guest you must have an account and generally a username and password. Sort of like if you were a "guest" at a hotel.
A deep explanation is here: http://en.wikipedia.org/wiki/Ftp
Hope that helps-
-DaddyPaycheck

Similar Messages

Enabling guest/anonymous user accesss using sun access manager(opensso 8.0)

Hi,
How to enable anonymous/guest user login through opensso? In otherwords, if I try to access my application protected by opnesso, the user should be not be redirected to opensso login page automatically. Instead the user can see the content which is allowed for guest login. If the user clicks on login button on our site then the user should be directed to opensso login page where the user will enter proper credentials and will be allowed to full site content.
How to do this in opensso?
Regards,
Pratap

Hi Pratap,
[I just answered this over on the OpenSSO forum.|https://opensso.dev.java.net/servlets/ProjectForumMessageView?forumID=1554&messageID=30801]
Cheers,
Pat

Named Anonymous Users: tabs link back to Default Guest Anonymous

After our migration from 6.0 SP2 to NW SP14, I have configured for using Named Anonymous Users. I can successfully modify my URL with j_user to show desktop and specific role for user ANON1. However when I click anything (another tab) it switches views to the default "Guest" user desktop and role. I have tried many variations on the Default Framework Page by changing the "Load" setting and verified that all authschemes are "anonymous". Sometimes I can get it to stop jumping to the Guest User but the tabs still do not load correctly, ie. when I click on tab #2 the content changes but the highlited tab stays the same.
Please help! Has anyone seen this issue in NW SP14 yet?
Regards,
Scott

My OSS note revealed that this issue has a fix that was intended for realease in SPS16 for NW. They have pre released some PAR files that can implemented to fix this issue for SAP Netweaver 04 SPS 14/15.
The fix can be found in SAP Note 870247. I found this by searching on Service MarketPlace. Below is an excerpt from the note re. this issue.
For SAP Netweaver 04 SPS 14/15 copy manually the par file attached to this note in the corresponding zip files for your SPS to the following location under your installation j2ee\cluster\server0\apps\sap.com\irj\servlet_jsp\irj\root\WEB-INF\deployment.
Restart the engine. The par files will be deployed on start.
Regards,
Scott

Delete last name in welcome area for guest(anonymous users)

Hi Experts
I don't want to put the user last name on the Welcome message of anonymous default framework page.
But I can not try bcoz user last name is must fill .
Pls help me if anyone can.
Regards
Nge Zar

Dear Syed Zammer,
Thanks for ur answer.
I saw on sdn home page they haven't show the last name in welcome area for the guset.My user also want like sdn.But i can not try.
Are they make special or they change in backend program?
Whatever thanks Syed Zammer for ur reply
Regards
nge zar

Need Info or a Solution for FTP Firewall

I have been able to create an Applesque anonymous FTP login situation for PCs and the only problem left is that the PCs can not connect unless they turn off Passive FTP.
For some reason ports 20-21 are being inappropriately blocked to proper FTP communication so that a session can not be properly initiated. Such as the remote client sending the request to the Server and the server initiating the connection. Or so I have been told that is the way it needs to be.
Right now I have the Apple firewall options turned off and all is fine. Anyone know anything of any of this?
Any assistance will be greatly appreciated.
Thanks

Graham,
Thank you for your reply, but I have found that it is not a firewall issue on the PC end, but on the Mac end. If you turn off "Use Passive FTP" (on by default in Explorer) on the PC end all is well. But with it on it can't get through on the Mac. If I turn off the Mac Firewall, all is well.
I am trying to provide the same access to a PC that a Mac has when you use "Connect to Server" from the "Go" menu in the Finder and login as "Guest" (Anonymous on the PC) - access to the Public and DropBox folders. Now if you login as a user with a password you get right in no matter what and have access to the whole user. This I don't want.
This all started working, to a point, after I created an FTP user and group in the NetInfo Manager via these instructions: http://digitalelf.net/archives/000030.html
So . . . it's either feast or famine. Something on the Mac end is over working. If I could get the Mac end to operate as everyone else in the IT world, that would solve my problem. Thus, my quest.
Thanks again.

FTP permissions

I'm having problems with my ftp services. I'm getting an error on downloading files via web browser links, stating that "you don't have permission to open this page"
I have made sure the under the FTP settings for the volume that I'm sharing, the allow ftp share this item using FTP as well as the Allow FTP guest access is turned on.
I have propagated the permission of the volume down to all inclosed folders and files.
The Custom FTP name is all so the same as the volume name.
I also made sure that 50 anonymous users can connect via FTP.
This has been working for years and now all of the established links in web pages are not able to gain access to the FTP services.
I can't even log in via and the FTP client transmit. It just reports Server said: Login Incorrect, (this is for guest access.
What am I missing, what would cause this?

UPDATE
Well I just rebuilt the server, after not being able to solve the permissions issue. All is well again.

Setting up the FTP Server on solaris 10 - Connection Problems

G-day
I am trying to set up the inbuilt FTP Server. I have followed a number of guides to set this up but have still been unable to connect to it. When trying to connect to it, it reads:
Connected, waiting for response...
220 unknown FTP server ready
USER anonymous
331 Guest login ok, send your complete email address as password
PASS (not shown)
530 Can't set guest privelages
Not Logged in
Can any1 shed some light on this please?

FTPACCESS FILE
# ident     "@(#)ftpaccess     1.2     03/05/14 SMI"
# FTP server configuration file, see ftpaccess(4).
class          realusers     real          *
class          guestusers     guest          *
class          anonusers     anonymous     *
loginfails     3
passwd-check     trivial          warn
private          no
shutdown     /etc/ftpd/shutdown.msg
# email          user@hostname
# guestuser     username
# rhostlookup     no
keepalive     yes
recvbuf          65536          real,guest,anonymous
sendbuf          65536          real,guest,anonymous
# flush-wait     no          anonymous
# passive     ports          0.0.0.0/0     32768     65535
# timeout     data          600
# timeout     idle          300
banner          /etc/ftpd/banner.msg
greeting     brief
message          /etc/ftpd/welcome.msg     login
message          .message          cwd=*
readme          README*               login
readme          README*               cwd=*
# quota-info     *
chmod          no          anonymous
delete          no          anonymous
overwrite     no          anonymous
rename          no          anonymous
umask          no          anonymous
compress     yes          realusers guestusers anonusers
tar          yes          realusers guestusers anonusers
path-filter     guest,anonymous     /etc/ftpd/filename.msg     ^[[:alnum:]._-]*$ ^[.-]
noretrieve     relative     class=anonusers          /
allow-retrieve     relative     class=anonusers          /pub
upload          class=anonusers *     *     no nodirs
# upload     class=anonusers *     /incoming yes ftpadm ftpadm 0440 nodirs
# log          commands     real,guest,anonymous
# log          security     real,guest,anonymous
# log          transfers     real,guest,anonymous     inbound,outbound
# xferlog     format     %T %Xt %R %Xn %XP %Xy %Xf %Xd %Xm %U ftp %Xa %u %Xc %Xs %Xr
# limit-time     anonymous     30
# limit          anonusers     10     Wk0730-1800     /etc/ftpd/toomany.msg
# limit          anonusers     50     SaSu|Any1800-0730 /etc/ftpd/toomany.msg
# FTP Test
upload /export/home/ftp /pub yes ftp other 0600 nodirs
FTP USERS FILE
# ident     "@(#)ftpusers     1.5     04/02/20 SMI"
# List of users denied access to the FTP server, see ftpusers(4).
root
daemon
bin
sys
adm
lp
uucp
nuucp
smmsp
listen
gdm
webservd
nobody
noaccess
nobody4
These are pretty much still at the default status.
Thanks mate

How to ASR 9k auto backup to external FTP server

How to take auto running configuration backup when use commit command in asr9k .Our asr9k sofware Version 4.0.1[Default] .I usse the commands
ftp client password encrypted 050D121F345F4B1B4
ftp client username cisco
ftp client source-interface GigabitEthernet0/0/0/14
ftp client anonymous-password cisco
(Password information changed)
configuration commit auto-save filename ftp://10.10.10.3/ASR9K/asr_conf
But auto backup not happening .following errror showing after every COMMIT command.
( Error:Couldn't save file /ftp://10.10.10.3/ASR9k/asr_conf.
Error:'CfgMgr' detected the 'warning' condition 'Operation is temporarily suspended.' )
Manually I able to take Running-configuration backup through ftp int same lacation (
ftp://10.10.10.3/ASR9K/asr_conf ) .But automatically not happening .Please help .

I have not personally seen this issue before but you may find verifying your config helpful.
SUMMARY STEPS
1. configure
2. show running-config
3. describe hostname hostname
4. end
5. show sysdb trace verification shared-plane | include path
6. show sysdb trace verification location node-id
7. show cfgmgr trace
8. show configuration history commit
9. show configuration commit changes {last | since | commit-id}
10. show config failed startup
11. cfs check --> Verifies the Configuration File System (CFS)
However I did notice the following:
Error:Couldn't save file /ftp://10.10.10.3/ASR9k/asr_conf. Notice the preceeding '/'?
Thanks

OSB obtaining file over ftp without auto name changing

Hi,
We would like to use OSB for a simple FTP Get (anonymous user) from a public FTP domain. Therefore it is not allowed to rename or delete the original file. We just want to GET it.
Anyone suggestions?
Many thanks,
Stefan

Hi Stefan,
I understood that it is a public FTP domain that is why you are not able to delete file from the source location better go for the archive option by providing the archive directory. Please try following the below process, it worked with for me.
1. Create one proxy service with FTP end point URL and Get All Headers = Yes and other required parameters.
2.Create the Business service with FTP endpoint URI and all other details.
3. Route the Proxy Service to Business Service. After routing action Add one more action --> Communication--> Set Transport Headers --> Set Transport Headers for Outbound Request.. Select Filename radio button and from drop down set file name in file heading.
4 Now if you want to keep the original file name and format (pdf,txt,doc) then select Copy header from inbound request --> save it and test it .
If you want ot change file name as per some required format then you need to write the xquery for generating the name like using concatenation or other function.
Regards
Bharat

Ivew for a guest user

Hi,
I have a customer registration form which is developed in Webdynpro abap.
I have to present this form to the guest(anonymous) user.
Now the issue is guest user is not having permission to access backend SAP system.
How to give permission to portal guest user(ume database) to access this customer regi form so that user can submit data to sap system with out logon to portal
Plz help me
Regards
John

Hi Michael,
Thanks for the reply.
Could u please elaborate it.
My requirement is to give the customer registration form to anonymous user.
It is working perfectly with the users in ABAP datasource in portal.
But guest user is in ume datasource .
So when i assign the role to guest user it is throwing an error
Exception in SAP Application Integrator occured: Cannot retrieve system object for this alias. System Alias: 'XXX, System ID: 'pcd:portal_content/xxxxx/xxxx'. User: 'Guest', Reason: Access denied (Object(s):
How to solve this.
Thanks in advance
John

FTP security vulnerability or what ?

I have tested the FTP settings on my DL2100 and allowed access for only 2 users X and Y. I have disabled Anonymous user on the FTP folder.When i looked at my logs, i saw that Anonymous has been logging in and out a few times a day. I said that impossbile since this user is not allowed.I logged on to the FTP with Anonymous myself, to my surprise and see only the ROOT folder, but indeed no FTP shares. I couldn't navigate anywhere with this user, BUT is this the way WD intended to secure FTP connections ? Shouldn't the connection for Anonymous be denied from the beggining ?

adicrst wrote:
Reply from WD Support Thank you for contacting Western Digital Customer Service and Support. My name is X.
I am sorry to read that you have an issue with the FTP. Our apologies for the inconvenience that this may have caused you.
Concerning the question you have about the Anonymous in FTP, I can inform you that when you created shares w which are accessible through FTP and you selected for the Anonymous as None, it is counted always for the share which Anonymous is not allowed to access and not for the root directory. That is why you can see the root directory, but not the specific shares.
I hope that I provided you the information you need and that you are satisfied with the answer.
If you have any further questions, please reply to this email and we will be happy to assist you further. So in other words we should just live with this security vulnerability, even if everyone has a solid confirmation that your FTP is available on the internet and everyone can log just for the fun of it with Anonymous user.What if i allow only 1 FTP connection and a hacker is holding it busy with Anonymous session ? Like the support guy state, when you enable FTP on a folder, remember to select, when I state select mean click the down arrow and select "Anonymous None" then click save. That is how I know it will save the setting. If you don't select, the device will think you want to set your FTP server for everyone to log in "including annonymous."

Can't disable guest access

I have been trying to disable the guest account. I have found
that if a client creates an initial context without specifying
any security credentials then they still get access to the system
as 'guest' regardless of whether the guest user is disabled or
not. I have also tried to change the guest password to no avail.
Is there a fix for this? I am using wls 5.1.
Thanks, Jim

so, the story here is that the difference between guest/Anonymous and
guest/defaultUser was never really enunciated so far in WLS. the
end-of-year release is working to get a solid resolution of these
differences and the access control thereof. But, the short term deal is that
by disabling guest, you turn off the guest/Anonymous access, but not the
guest/defaultUser access (which has no access control handle). so, the
solution/work-around for WLS5.1 is to simply put an ACL on anything you wish
to protect.
.paul
Kirk Everett wrote:
I contacted weblogic about this and this is what they said:
This is in response to the your case titled "Security Realm / guest
problems". I could reproduce this at my end, and think this is a defect.
I
have filed a Change request for this in our defect tracking system. This
will go to engineering and should get fixed in one of our near service
pack
releases. The defect number (which you can use to track the status of
this
defect) for this is CR036608.
I will be closing this case as now you can track this defect using
the
above CR number. You will see this CR number in the service pack release
notes, whenever this gets fixed.
Let me know if you have any questions/issues regarding this.
And for the workaround, I would suggest you to protect your EJBs
using
security policies in the XML deployment descriptor files, by explicitly
mentioning the users/groups who would be allowed access to Beans.
Jim Corkey wrote:
I have been trying to disable the guest account. I have found
that if a client creates an initial context without specifying
any security credentials then they still get access to the system
as 'guest' regardless of whether the guest user is disabled or
not. I have also tried to change the guest password to no avail.
Is there a fix for this? I am using wls 5.1.
Thanks, Jim

JSSO configuration issue with Mircrosoft AD

We are trying to configure the Windows Native Authentication for Webcenter 10.3.4.
We have configured JSSO to use a ldap login module, which is configured to interact with Microsoft Active Directory.
While using the JSSO login page we ecountered the following behavior:
If the user does not exist, the JSSO login page will reject the fake credential. We can find the following message in the log file:
JAAS-LDAP LoginModule: User with name samhain does not exist.
JAAS-LDAP LoginModule: Authentication failed: undable to find user sam hain.
That shows the loginmodule did manage to query the active directory success fully.
However even if the user exists in Active directory, we were still not able to log in through the JSSO login page. We got the following error in the log file as shown below:
java.lang.NullPointerException
at oracle.security.jazn.realm.LDAPPrincipal.equals(LDAPPrincipal.java:93)
at java.util.LinkedList.indexOf(LinkedList.java:406)
at java.util.LinkedList.contains(LinkedList.java:176)
at javax.security.auth.Subject$SecureSet.add(Subject.java:1086)
at java.util.Collections$SynchronizedCollection.add(Collections.java:1581)
at oracle.security.jazn.login.module.LDAPLoginModule.commit(LDAPLoginModule.java:475)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:580)
at oracle.security.jazn.oc4j.OC4JUtil.doJAASLogin(OC4JUtil.java:241)
at oracle.security.jazn.oc4j.GenericUser$1.run(JAZNUserManager.java:818)
at oracle.security.jazn.oc4j.OC4JUtil.doWithJAZNClsLdr(OC4JUtil.java:173)
at oracle.security.jazn.oc4j.GenericUser.authenticate(JAZNUserManager.java:814)
at oracle.security.jazn.oc4j.FilterUser.authenticate(JAZNUserManager.java:1143)
at com.evermind.server.http.EvermindHttpServletRequest.getUserPrincipalInternal(EvermindHttpServletRequest.java:3659)
at com.evermind.server.http.AJPHttpServletRequest.getUserPrincipalInternal(AJPHttpServletRequest.java:260)
at com.evermind.server.http.HttpApplication.checkAuthenticationAndAuthorize(HttpApplication.java:6332)
at com.evermind.server.http.HttpApplication.getRequestDispatcher(HttpApplication.java:3009)
at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:735)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:447)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:302)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:190)
at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
at java.lang.Thread.run(Thread.java:595)
javax.security.auth.login.LoginException: java.lang.NullPointerException
at oracle.security.jazn.realm.LDAPPrincipal.equals(LDAPPrincipal.java:93)
at java.util.LinkedList.indexOf(LinkedList.java:406)
at java.util.LinkedList.contains(LinkedList.java:176)
at javax.security.auth.Subject$SecureSet.add(Subject.java:1086)
at java.util.Collections$SynchronizedCollection.add(Collections.java:1581)
at oracle.security.jazn.login.module.LDAPLoginModule.commit(LDAPLoginModule.java:475)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:580)
at oracle.security.jazn.oc4j.OC4JUtil.doJAASLogin(OC4JUtil.java:241)
at oracle.security.jazn.oc4j.GenericUser$1.run(JAZNUserManager.java:818)
at oracle.security.jazn.oc4j.OC4JUtil.doWithJAZNClsLdr(OC4JUtil.java:173)
at oracle.security.jazn.oc4j.GenericUser.authenticate(JAZNUserManager.java:814)
at oracle.security.jazn.oc4j.FilterUser.authenticate(JAZNUserManager.java:1143)
at com.evermind.server.http.EvermindHttpServletRequest.getUserPrincipalInternal(EvermindHttpServletRequest.java:3659)
at com.evermind.server.http.AJPHttpServletRequest.getUserPrincipalInternal(AJPHttpServletRequest.java:260)
at com.evermind.server.http.HttpApplication.checkAuthenticationAndAuthorize(HttpApplication.java:6332)
at com.evermind.server.http.HttpApplication.getRequestDispatcher(HttpApplication.java:3009)
at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:735)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:447)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:302)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:190)
at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
at java.lang.Thread.run(Thread.java:595)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:872)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:580)
at oracle.security.jazn.oc4j.OC4JUtil.doJAASLogin(OC4JUtil.java:241)
at oracle.security.jazn.oc4j.GenericUser$1.run(JAZNUserManager.java:818)
at oracle.security.jazn.oc4j.OC4JUtil.doWithJAZNClsLdr(OC4JUtil.java:173)
at oracle.security.jazn.oc4j.GenericUser.authenticate(JAZNUserManager.java:814)
at oracle.security.jazn.oc4j.FilterUser.authenticate(JAZNUserManager.java:1143)
at com.evermind.server.http.EvermindHttpServletRequest.getUserPrincipalInternal(EvermindHttpServletRequest.java:3659)
at com.evermind.server.http.AJPHttpServletRequest.getUserPrincipalInternal(AJPHttpServletRequest.java:260)
at com.evermind.server.http.HttpApplication.checkAuthenticationAndAuthorize(HttpApplication.java:6332)
at com.evermind.server.http.HttpApplication.getRequestDispatcher(HttpApplication.java:3009)
at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:735)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:447)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:302)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:190)
at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
at java.lang.Thread.run(Thread.java:595)
Here is our systme-jazn-data.xml:
<?xml version="1.0" encoding="UTF-8" standalone='yes'?>
<jazn-data
xmlns:xsi="<a href="http://www.w3.org/2001/XMLSchema-instance">http://www.w3.org/2001/XMLSchema-instance</a>"
xsi:noNamespaceSchemaLocation="<a href="http://xmlns.oracle.com/oracleas/schema/jazn-data-10_0.xsd">http://xmlns.oracle.com/oracleas/schema/jazn-data-10_0.xsd</a>"
schema-major-version="10"
schema-minor-version="0"
>

<jazn-realm>
<realm>
<name>jazn.com</name>
<users>
<user deactivated="true">
<name>anonymous</name>
<guid>9D73EAA19FCB11DD9F715971021579B9</guid>
<description>The default guest/anonymous user</description>
</user>
<user>
<name>oc4jadmin</name>
<display-name>OC4J Administrator</display-name>
<guid>9D765BA09FCB11DD9F715971021579B9</guid>
<description>OC4J Administrator</description>
<credentials>{903}Vs5eBtwbaZJysFzhHW/zRKyHB7AjqjF1XZu/rYwML/Q=</credentials>
</user>
<user>
<name>JtaAdmin</name>
<display-name>JTA Recovery User</display-name>
<guid>9D765BA19FCB11DD9F715971021579B9</guid>
<description>Used to recover propagated OC4J transactions</description>
<credentials>{903}zT2YASAir+Q22xC6S3lq9LbxDxeb3X9IxjXIWVkOdDE=</credentials>
</user>
</users>
<roles>
<role>
<name>ascontrol_admin</name>
<display-name>ASControl Admin Role</display-name>
<description>Administrative role for ASControl</description>
<guid>9D765BA59FCB11DD9F715971021579B9</guid>
<members>
<member>
<type>user</type>
<name>oc4jadmin</name>
</member>
</members>
</role>
<role>
<name>oc4j-administrators</name>
<display-name>OC4J Admin Role</display-name>
<description>Administrative role for OC4J</description>
<guid>9D765BA29FCB11DD9F715971021579B9</guid>
<members>
<member>
<type>user</type>
<name>oc4jadmin</name>
</member>
<member>
<type>user</type>
<name>JtaAdmin</name>
</member>
</members>
</role>
<role>
<name>ascontrol_monitor</name>
<display-name>ASControl Monitor Role</display-name>
<description>Monitor role for ASControl</description>
<guid>9D765BA79FCB11DD9F715971021579B9</guid>
<members>
</members>
</role>
<role>
<name>ascontrol_appadmin</name>
<display-name>ASControl App Admin Role</display-name>
<description>Application Administrative role for ASControl</description>
<guid>9D765BA69FCB11DD9F715971021579B9</guid>
<members>
</members>
</role>
<role>
<name>oc4j-app-administrators</name>
<display-name>OC4J Application Administrators</display-name>
<description>OC4J application-level administrators</description>
<guid>9D765BA39FCB11DD9F715971021579B9</guid>
<members>
</members>
</role>
<role>
<name>users</name>
<display-name>users</display-name>
<description>users role for rmi/ejb access</description>
<guid>9D765BA49FCB11DD9F715971021579B9</guid>
<members>
</members>
</role>
</roles>
</realm>
</jazn-realm>

<jacc-repository>
</jacc-repository>
<jazn-policy>
<grant>
<grantee>
<principals>
<principal>
<realm-name>jazn.com</realm-name>
<type>role</type>
<class>oracle.security.jazn.spi.xml.XMLRealmRole</class>
<name>jazn.com/oc4j-administrators</name>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>oracle.security.jazn.policy.AdminPermission</class>
<name>oracle.security.jazn.realm.RealmPermission$jazn.com$createrole</name>
</permission>
<permission>
<class>oracle.security.jazn.policy.AdminPermission</class>
<name>oracle.security.jazn.realm.RealmPermission$jazn.com$modifyrealmmetadata</name>
</permission>
<permission>
<class>oracle.security.jazn.policy.AdminPermission</class>
<name>oracle.security.jazn.policy.RoleAdminPermission$jazn.com/*$</name>
</permission>
<permission>
<class>oracle.security.jazn.policy.AdminPermission</class>
<name>oracle.security.jazn.realm.RealmPermission$jazn.com$createrealm</name>
</permission>
<permission>
<class>oracle.security.jazn.policy.AdminPermission</class>
<name>oracle.security.jazn.realm.RealmPermission$jazn.com$droprealm</name>
</permission>
<permission>
<class>oracle.security.jazn.policy.AdminPermission</class>
<name>oracle.security.jazn.realm.RealmPermission$jazn.com$droprole</name>
</permission>
<permission>
<class>com.evermind.server.rmi.RMIPermission</class>
<name>login</name>
</permission>
<permission>
<class>com.evermind.server.rmi.RMIPermission</class>
<name>subject.propagation</name>
</permission>
<permission>
<class>oracle.security.jazn.policy.RoleAdminPermission</class>
<name>jazn.com/*</name>
</permission>
<permission>
<class>com.evermind.server.AdministrationPermission</class>
<name>administration</name>
<actions>administration</actions>
</permission>
<permission>
<class>oracle.security.jazn.realm.RealmPermission</class>
<name>jazn.com</name>
<actions>modifyrealmmetadata</actions>
</permission>
<permission>
<class>oracle.security.jazn.realm.RealmPermission</class>
<name>jazn.com</name>
<actions>createrealm</actions>
</permission>
<permission>
<class>oracle.security.jazn.realm.RealmPermission</class>
<name>jazn.com</name>
<actions>dropuser</actions>
</permission>
<permission>
<class>oracle.security.jazn.realm.RealmPermission</class>
<name>jazn.com</name>
<actions>droprealm</actions>
</permission>
</permissions>
</grant>
<grant>
<grantee>
<principals>
<principal>
<realm-name>jazn.com</realm-name>
<type>role</type>
<class>oracle.security.jazn.spi.xml.XMLRealmRole</class>
<name>jazn.com/ascontrol_admin</name>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>oracle.security.jazn.policy.AdminPermission</class>
<name>oracle.security.jazn.realm.RealmPermission$jazn.com$createrole</name>
</permission>
<permission>
<class>oracle.security.jazn.policy.AdminPermission</class>
<name>oracle.security.jazn.realm.RealmPermission$jazn.com$modifyrealmmetadata</name>
</permission>
<permission>
<class>oracle.security.jazn.policy.AdminPermission</class>
<name>oracle.security.jazn.policy.RoleAdminPermission$jazn.com/*$</name>
</permission>
<permission>
<class>oracle.security.jazn.policy.AdminPermission</class>
<name>oracle.security.jazn.realm.RealmPermission$jazn.com$createrealm</name>
</permission>
<permission>
<class>oracle.security.jazn.policy.AdminPermission</class>
<name>oracle.security.jazn.realm.RealmPermission$jazn.com$droprealm</name>
</permission>
<permission>
<class>oracle.security.jazn.policy.AdminPermission</class>
<name>oracle.security.jazn.realm.RealmPermission$jazn.com$droprole</name>
</permission>
<permission>
<class>com.evermind.server.rmi.RMIPermission</class>
<name>login</name>
</permission>
<permission>
<class>com.evermind.server.rmi.RMIPermission</class>
<name>subject.propagation</name>
</permission>
<permission>
<class>oracle.security.jazn.policy.RoleAdminPermission</class>
<name>jazn.com/*</name>
</permission>
<permission>
<class>com.evermind.server.AdministrationPermission</class>
<name>administration</name>
<actions>administration</actions>
</permission>
<permission>
<class>oracle.security.jazn.realm.RealmPermission</class>
<name>jazn.com</name>
<actions>modifyrealmmetadata</actions>
</permission>
<permission>
<class>oracle.security.jazn.realm.RealmPermission</class>
<name>jazn.com</name>
<actions>createrealm</actions>
</permission>
<permission>
<class>oracle.security.jazn.realm.RealmPermission</class>
<name>jazn.com</name>
<actions>dropuser</actions>
</permission>
<permission>
<class>oracle.security.jazn.realm.RealmPermission</class>
<name>jazn.com</name>
<actions>droprealm</actions>
</permission>
</permissions>
</grant>
<grant>
<grantee>
<principals>
<principal>
<realm-name>jazn.com</realm-name>
<type>role</type>
<class>oracle.security.jazn.spi.xml.XMLRealmRole</class>
<name>jazn.com/oc4j-app-administrators</name>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>com.evermind.server.rmi.RMIPermission</class>
<name>login</name>
</permission>
</permissions>
</grant>
<grant>
<grantee>
<principals>
<principal>
<realm-name>jazn.com</realm-name>
<type>role</type>
<class>oracle.security.jazn.spi.xml.XMLRealmRole</class>
<name>jazn.com/users</name>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>com.evermind.server.rmi.RMIPermission</class>
<name>login</name>
</permission>
</permissions>
</grant>
<grant>
<grantee>
<principals>
<principal>
<realm-name>jazn.com</realm-name>
<type>user</type>
<class>oracle.security.jazn.spi.xml.XMLRealmUser</class>
<name>jazn.com/anonymous</name>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>com.evermind.server.rmi.RMIPermission</class>
<name>login</name>
</permission>
</permissions>
</grant>
<grant>
<grantee>
<principals>
<principal>
<class>oracle.security.jazn.realm.LDAPPrincipal</class>
<name>oracleSESsvc</name>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>com.evermind.server.rmi.RMIPermission</class>
<name>login</name>
</permission>
</permissions>
</grant>
</jazn-policy>

<jazn-loginconfig>
<application>
<name>oracle.security.jazn.oc4j.CertificateAuthenticator</name>
<login-modules>
<login-module>
<class>oracle.security.jazn.login.module.X509LoginModule</class>
<control-flag>required</control-flag>
<options>
<option>
<name>addAllRoles</name>
<value>true</value>
</option>
</options>
</login-module>
</login-modules>
</application>
<application>
<name>javasso</name>
<login-modules>
<login-module>
<class>oracle.security.jazn.login.module.LDAPLoginModule</class>
<control-flag>required</control-flag>
<options>
<option>
<name>oracle.security.jaas.ldap.connect.pool.prefsize</name>
<value>10</value>
</option>
<option>
<name>oracle.security.jaas.ldap.provider.connect.pool</name>
<value>true</value>
</option>
<option>
<name>oracle.security.jaas.ldap.provider.type</name>
<value>Active Directory</value>
</option>
<option>
<name>oracle.security.jaas.ldap.provider.credential</name>
<value>{903}mAp2dqk8DOnyffj5FSDpqNBw1AUWkrS1ZXyxsSGyRQA=</value>
</option>
<option>
<name>oracle.security.jaas.ldap.connect.pool.maxsize</name>
<value>25</value>
</option>
<option>
<name>oracle.security.jaas.ldap.role.searchscope</name>
<value>subtree</value>
</option>
<option>
<name>oracle.security.jaas.ldap.user.searchscope</name>
<value>subtree</value>
</option>
<option>
<name>oracle.security.jaas.ldap.membership.searchscope</name>
<value>direct</value>
</option>
<option>
<name>oracle.security.jaas.ldap.member.attribute</name>
<value>member</value>
</option>
<option>
<name>oracle.security.jaas.ldap.lm.cache_enabled</name>
<value>true</value>
</option>
<option>
<name>oracle.security.jaas.ldap.connect.pool.initsize</name>
<value>2</value>
</option>
<option>
<name>oracle.security.jaas.ldap.user.object.class</name>
<value>user</value>
</option>
<option>
<name>oracle.security.jaas.ldap.connect.pool.timeout</name>
<b

Tried pointing directly to a single internal ADFS server (no NLB) and still receiving the same problem. The Remote Connectivity Analyser returns the following error for the Outlook AutoDiscover test -
A Web exception occurred because an HTTP 503 - ServiceUnavailable response was received from Unknown
And the Remote Connectivity Analyser SSO test sometimes succeeds and sometimes fails.
I notice if I go to https://autodiscover-s.outlook.com/Autodiscover/Autodiscover.xml and login with the
[email protected] account it returns "The service is unavailable."
What generally causes this? What particular URL is it trying to get to?

Leopard Clients Take 10 Minutes to Connect to Tiger 10.4.11 Server

I have a single Tiger server OS X 10.4.11, on a LAN with 5 Tiger Clients and 2 Leopard clients, all with up-to-date patches.
My problem is, that ALL of the Tiger clients can access any of the server shares almost instantaneously, but when I try to connect a Leopard client the the server, it initially takes a minimum of 10 minutes! If I just click on the server <as displayed on the Finder SHARED tab>, the connection eventually fails. However, if I click on the "Connect as" button, after about 10 minutes, I get the user/password login, and the Leopard client connects immediately, and all the data on all the share points are accessible.
But, if I don't actually mount a share point (i.e. see a the Network drive icon on the desktop), and use finder column mode to navigate through the shares, if I click on a local drive in the same finder window, I have to go through the whole 10 minute wait again before I see the user/password login.
So my question:
Why is it taking a minimum of 10 minutes for the Leopard clients to connect, where as the Tiger clients connect immediately?
So, if anyone can help me trouble shoot or resolve the server settings so that the Leo clients can connect as quickly as the Tiger clients, I would be extremely grateful.
BTW - I followed the setup instructions precisely as per the Linda.com *+Mac OS X Server v10.4 Tiger Essential Training+* CD.
TIA
Gary
All the shares are setup as:
General:
Share this item and its contents.
Access:
Owner=Root (Read & Write);
Group=Staff (Read & Write);
Everyone (Read Only);
No ACL
Protocols:
Apple File Settings:
Share this item using AFP;
Allow AFP guest access;
Custom Name=<unique name>;
Default permissions for new files and folders=Use standard POSIX behavior
Windows File Settings:
Share this item using SMB
Allow SMB guest access
Enable strict locking
Default permissions for new files and folders:
Assign as follows: Owner=Read & Write; Group=Read & Write; Everyone=Read Only
FTP Settings
Share this item using FTP
Allow FTP guest access
Common FTP name: <same unique name>
Network Mount
Where: LDAPv3.127.0.0.1 (locked)
AFP is setup as follows:
General:
Enable Bonjour registration
Access:
Authentication=Standard
Enable Secure connections
Client & Guest connections=Unlimited
Logging:
(Everything); Archive every 7 days
Idle Users: (nothing checked
All staff members are defined as part of the "staff" group.

Windows File Settings:
Share this item using SMB
Allow SMB guest access
Enable strict locking
Default permissions for new files and folders:
Do you have any Windows clients on your network? If not turn OFF the SMB server and change the settings here so there is no SMB sharing.
FTP Settings
Share this item using FTP
Allow FTP guest access
Common FTP name: <same unique name>
Do your users access this sharepoint with FTP from inside your network? If not, stop the FTP server and change the settings to not share this via FTP.
General:
Enable Bonjour registration
Turn this off for all sharepoints. If you have no Bonjour-only printers -like some of those POS HP color Laserjet 26xx or 36xx series- enter this in Terminal.app or through the 'Send UNIX command...' in ARD to all of your Leopard clients:
launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
user should be root if sent from ARD, prepend 'sudo' (without quotes) if in Terminal.app or if you're using an admin username from ARD. This turns off Bonjour.
Also, in WGM, look at each individual user account and see if the 'Primary Group ID' is listed in the 'Other Groups' list. If it's not, click the '+' sign and drag the user's primary group into the 'Other Groups' list and then save. You can 'shift-click' and select groups of users and add the group to them all at once if they are all in the same groups.
Access:
Authentication=Standard
Change the access to 'Any Method'. If your clients are all bound to the OD master and the sharepoints are listed in the directory (meaning Kerberos SSO works for all clients and users), the clients will try Kerberos first and anything else -like DHX authentication- if that fails. Also, if you are managing your clients with MCX you should have those shares mounting before log-in -meaning at startup- using guest access or at login with the username/pass.

Does main method have to be static? Is there a way to go around it?

I am trying to write a class that will recursively walk through directory listing of a given ftp adress and store it in a text file in this format:
<path> , DIR // if directory
<path> , file // if file
Since I am not yet experienced to do my own socket programming(tried and did not work out) I used Secure iNet Factory's library. And since I will be running multiple instances of this class I concluded that my fields and methods should not be static. Here is the class I wrote:
import com.jscape.inet.ftp.Ftp;
import com.jscape.inet.ftp.FtpException;
import java.io.BufferedWriter;
import java.io.FileWriter;
import java.io.IOException;
import java.net.URL;
import java.util.Enumeration;
import java.util.logging.Level;
import java.util.logging.Logger;
public class test {
     private String path = "/";
     private String name;
     private String adres;
     // create new Ftp instance and connect.
     public test(String Name, String Adres) throws IOException {
          name = Name;
          adres = Adres;
          System.out.println("Test class: " + name);
          try {
               Ftp ftp = new Ftp(adres,"anonymous","anonymous");
               ftp.connect();
               Enumeration e = ftp.getDirListing();
               iterate(path, ftp);
               ftp.disconnect();
          catch (FtpException ex) {
               Logger.getLogger(test.class.getName()).log(Level.SEVERE, null, ex);
     void iterate(String aStartingDir, Ftp ftp) throws FtpException, IOException {
          //Set the path.
          path = path + aStartingDir + "/";
          // Change directory.
          ftp.setDir(aStartingDir);
          // Iterate through directory list.
          Enumeration e = ftp.getDirListing();
          while(e.hasMoreElements()){
               Object f = e.nextElement();
               // Recursive call if item is directory.
               if(f.toString().startsWith("drwxrwxrwx") &&
                    // Ignore "." and ".."
                    !f.toString().substring(55).trim().equalsIgnoreCase(".") &&
                    !f.toString().substring(55).trim().equalsIgnoreCase("..")) {
                    // Write to index file.
                    URL dirUrl = FtpCheck.class.getResource("./index/"); // get the directory.
                    URL fileUrl = new URL(dirUrl, name + ".txt"); // construct the file path.
                    String filePath = fileUrl.getPath().replaceAll("%20", " "); // fix spaces.
                    BufferedWriter file = new BufferedWriter(new FileWriter(filePath,true));
                    file.write((path + f.toString().substring(55).trim()).substring(3)
                         + ",DIR\n");
                    file.close();
                    iterate(f.toString().substring(55).trim(),ftp);
               // Skip entries "." and ".."
               else if (f.toString().substring(55).trim().equalsIgnoreCase(".") ||
                         f.toString().substring(55).trim().equalsIgnoreCase("..")) {
                         continue;
               // Add files to the index.
               else {
                    URL dirUrl = FtpCheck.class.getResource("./index/"); // get the directory.
                    URL fileUrl = new URL(dirUrl, "index.txt"); // construct the file path.
                    String filePath = fileUrl.getPath().replaceAll("%20", " "); // fix spaces.
                    BufferedWriter file = new BufferedWriter(new FileWriter(filePath,true));
                    file.write((path + f.toString().substring(55).trim()).substring(3)
                         + ",file\n");
                    file.close();
          // End of listing reached, go one directory up.
          ftp.setDirUp();
          // And remove the last directory name from path.
          path = path.substring(0,path.lastIndexOf("/"));
          path = path.substring(0,path.lastIndexOf("/")) + "/";
}which compiles fine.
Here is the class that invokes it:
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.MalformedURLException;
import java.util.logging.Level;
import java.util.logging.Logger;
* @author Sentinel
public class NewClass {
     public NewClass() {
     public static void main(String args[]) throws MalformedURLException, FileNotFoundException, IOException {
          index t = new index("El Naga","elnaga.sytes.net");
          t.start();
          index t1 = new index("Afacan","afacan.myftp.org");
          t1.start();
     public class index extends Thread {
          String name;
          String adres;
        public index(String Name,String Adres) {
            name = Name;
            adres = Adres;
        @Override
        public void run() {
            try {
                test checker = new test(name,adres);
            catch (IOException ex) {
                 Logger.getLogger(NewClass.class.getName()).log(Level.SEVERE, null, ex);
}when I hit run build fails:
init:
deps-jar:
Compiling 1 source file to C:\Documents and Settings\Sentinel\My Documents\NetBeansProjects\ftpCheck\build\classes
C:\Documents and Settings\Sentinel\My Documents\NetBeansProjects\ftpCheck\src\NewClass.java:19: non-static variable this cannot be referenced from a static context
                index t = new index("El Naga","elnaga.sytes.net");
                          ^
C:\Documents and Settings\Sentinel\My Documents\NetBeansProjects\ftpCheck\src\NewClass.java:20: non-static variable this cannot be referenced from a static context
                index t1 = new index("Afacan","afacan.myftp.org");
                           ^
2 errors
BUILD FAILED (total time: 0 seconds)I (now)know that main method has to be static. I'm stuck and in need of help to overcome this obstacle. Is there a way to do this?

a stab in the dark, but what if you make index a non-internal class. make it a stand-alone class in it's own file. Either that or make it a static inner class (almost the same thing).
Your problem is that an inner class needs an instance of the outer class to start on, and you're not doing this. Another solution would be to do this kludge:
index t = new NewClass().new index("El Naga","elnaga.sytes.net"); // I think this is how to call itBut again better is to make index a stand-alone class.
Edited by: Encephalopathic on Oct 28, 2008 8:06 AM

FTP Guest/Anonymous?

Similar Messages

Maybe you are looking for