GTC provisioning through SPML
I am trying to provision a record and I am getting this error, Can anybody point me where I could have possibly gone wrong?
The response received is:
Response: SPML Response failed V2 schema validation
Response Description: SPML Response received is not compliant with the SPML V2 standard specifications.
Notes
WARN [ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)' XELLERATE.GC.PROVIDER.PROVISIONINGFORMAT - SPML Request validation result w.r.t SPML v2 CORE schema(pstc_spmlv2_core.xsd)-->true
WARN [ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)' XELLERATE.GC.PROVIDER.PROVISIONINGTRANSPORT - WSProvisioningTransportProvider.initialize :webServiceSOAPAction is not defined
ERROR [ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)' XELLERATE.GC.PROVIDER.PROVISIONINGTRANSPORT - Erratic SOAP/SPML response
ERROR [ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)' XELLERATE.GC.PROVIDER.PROVISIONINGTRANSPORT - WSProvisioningTransportProvider.sendData :problem with private methods
com.thortech.xl.gc.exception.ProvisioningTransportException: SPMLRESPONSE_FAIL_SCHEMA_VALIDATION
at com.thortech.xl.gc.impl.prov.WSProvisioningTransportProvider.getSOAPMessage(Unknown Source)
at com.thortech.xl.gc.impl.prov.WSProvisioningTransportProvider.sendData(Unknown Source)
at com.thortech.xl.gc.runtime.GCAdapterLibrary.executeFunctionality(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpDBSPMLPROV_GTC.GENERICADAPTER(adpDBSPMLPROV_GTC.java:125)
at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpDBSPMLPROV_GTC.implementation(adpDBSPMLPROV_GTC.java:70)
at com.thortech.xl.client.events.tcBaseEvent.run(Unknown Source)
at com.thortech.xl.dataobj.tcDataObj.runEvent(Unknown Source)
at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(Unknown Source)
at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(Unknown Source)
at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
at com.thortech.xl.dataobj.tcORC.insertNonConditionalMilestones(Unknown Source)
at com.thortech.xl.dataobj.tcORC.completeSystemValidationMilestone(Unknown Source)
at com.thortech.xl.dataobj.tcOrderItemInfo.completeCarrierBaseMilestone(Unknown Source)
at com.thortech.xl.dataobj.tcOrderItemInfo.eventPostInsert(Unknown Source)
at com.thortech.xl.dataobj.tcUDProcess.eventPostInsert(Unknown Source)
at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
at com.thortech.xl.ejb.beansimpl.tcFormInstanceOperationsBean.setProcessFormData(Unknown Source)
at com.thortech.xl.ejb.beansimpl.tcFormInstanceOperationsBean.setProcessFormData(Unknown Source)
at com.thortech.xl.ejb.beans.tcFormInstanceOperationsSession.setProcessFormData(Unknown Source)
at com.thortech.xl.ejb.beans.tcFormInstanceOperations_2j82mm_EOImpl.setProcessFormData(tcFormInstanceOperations_2j82mm_EOImpl.java:1560)
at Thor.API.Operations.tcFormInstanceOperationsClient.setProcessFormData(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at Thor.API.Base.SecurityInvocationHandler$1.run(Unknown Source)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.security.Security.runAs(Security.java:41)
at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(Unknown Source)
at Thor.API.Base.SecurityInvocationHandler.invoke(Unknown Source)
at $Proxy70.setProcessFormData(Unknown Source)
at com.thortech.xl.webclient.actions.DirectProvisionUserAction.handleVerifyProcessData(Unknown Source)
at com.thortech.xl.webclient.actions.DirectProvisionUserAction.goNext(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:280)
at com.thortech.xl.webclient.actions.tcLookupDispatchAction.execute(Unknown Source)
at com.thortech.xl.webclient.actions.tcActionBase.execute(Unknown Source)
at com.thortech.xl.webclient.actions.tcAction.execute(Unknown Source)
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at com.thortech.xl.webclient.security.SecurityFilter.doFilter(Unknown Source)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3496)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2180)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2086)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1406)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Caused by: com.thortech.xl.gc.exception.XSDValidationException: The SOAP response does not contain a valid SPML response type. Should be one of these -->addResponse modifyResponse deleteResponse resumeResponse suspendResponse setPasswordResponse
at com.thortech.xl.gc.impl.prov.WSProvisioningTransportProvider.extractSPMLResponseFromSOAP(Unknown Source)
... 70 more
It would be helpful to see the response coming back from the SPML service. You can either turn up the logging in OIM to DEBUG for the keys
XELLERATE.GC.SPML.PROVIDER.PROVISIONINGFORMAT
and
XELLERATE.GC.PROVIDER.PROVISIONINGFORMAT
and capture the response that way, or proxy it through a tool like SoapUI.
Eric
Similar Messages
-
Error obtained while provisioning using a GTC connector through SPML
Hi,
I am getting the following error while provisioning a resource using GTC and SPML... have created GTC and provisioning process ..is working for 1 instance (workflow) but have created a new instance with the same connector which is failing during the provisioning process and I am getting the below error.pLZ HELP. .
WARN,21 Apr 2010 20:02:06,039,[XELLERATE.GC.PROVIDER.PROVISIONINGFORMAT],SPML Request validation result w.r.t SPML v2 CORE schema(pstc_spmlv2_core.xsd)-->true
DEBUG,21 Apr 2010 20:02:06,039,[XELLERATE.ADAPTERS],Class/Method: tcADPClassLoader/getClassLoader entered.
DEBUG,21 Apr 2010 20:02:06,039,[XELLERATE.ADAPTERS],Class/Method: tcADPClassLoader/getClassLoader left.
WARN,21 Apr 2010 20:02:07,336,[XELLERATE.GC.PROVIDER.PROVISIONINGTRANSPORT],SPML Response validation result w.r.t SPML v2 CORE schema(pstc_spmlv2_core.xsd)-->true
WARN,21 Apr 2010 20:02:07,352,[XELLERATE.GC.PROVIDER.PROVISIONINGTRANSPORT],1. <errorMessage> present in SPML response is -->errorMessage=Retrieving the COM class factory for component with CLSID {BC8E841F-B86D-49E9-9422-3426C9B99FAF} failed due to the following error: 8000401a.
ERROR,21 Apr 2010 20:02:07,352,[XELLERATE.GC.PROVIDER.PROVISIONINGTRANSPORT],WSProvisioningTransportProvider.sendData :problem with private methods
com.thortech.xl.gc.exception.ProvisioningTransportException: SPML_RESPONSE_ERRORCODE_CUSTOM
at com.thortech.xl.gc.impl.prov.WSProvisioningTransportProvider.checkSPMLRespoenseError(Unknown Source)
at com.thortech.xl.gc.impl.prov.WSProvisioningTransportProvider.getSOAPMessage(Unknown Source)
at com.thortech.xl.gc.impl.prov.WSProvisioningTransportProvider.sendData(Unknown Source)
at com.thortech.xl.gc.runtime.GCAdapterLibrary.executeFunctionality(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:618)
Edited by: user9340488 on 21/04/2010 23:05Got the errors.
1) DB_STATUS.. error was coming since the lookup I gave there was not actually created in the database due to a refresh I did while creating it effectively deleting all the entered data.
2) The error in logs was coming due to wrong input of the GTC database provider during the creation of IT Resource. -
Hi
We are deploying Windows Mobile Professional devices on our environments. All the devices connects only to internal network through Wi-fi. Our security policy do not allow these devices to be connected to any other network (Other Wi-fi, Cellular etc). Is there any way to force the devices to use only the Wi-fi network provisioned through Afaria.
Tags edited by: Michael ApplebyI have the same problem with an early 2013 macbook pro. gfxCardStatus ( http://gfx.io/ ) will allow you to force integrated and not do dynamic switching, however the external display still doesn't work.
-
Direct provisioning through API - OIM 11g
Hi,
OIM 11g here. I am trying to use the APIs to make direct provisioning. What i have done till now:
tcUserOperationsIntf userIntf = (tcUserOperationsIntf)ioUtilityFactory.getUtility("Thor.API.Operations.tcUserOperationsIntf");
ResourceData rd = userIntf.provisionResource(userkey, objectkey);
now, in the ResourceData object i have two ids, obiKey and ouiKey. Now i need to extract the process instance key with those numbers. How can i do this?
Using the userIntf getObjects method i can get the list of objects provisioned, iterate over it and retrieve the process instance key of the object which matches obiKey and ouiKey. Is there an easier method to do this?
Another question, which one is the process instance key, ORC_KEY or ORC_TOS_INSTANCE_KEY ?
Last, how do i trigger the task responsible for provisioning given the filled process form?
thx in advanceOk, i guess the process instance key is ORC_KEY.
Now i am trying to provision through APIs a resource object (say AD User) to an OIM user. I have used the provisionResource(userkey, objectkey) method, but the Create User task is not put in the Resource History (there is only the System Validation Task), and i don't know how to look for it's task id to add it manually. -
Unable to work with Workflow Variable through SPML launchProcess Request ?
Hi,
I am trying to work with launch process request, which worked well with no error message when I am just using the workflow call through SPML "launchProcess Request " call. But when trying to use any workflow variable then getting exceptions. I don't undertsand about the error message. Is this trying to convert the variable in SIM variable.
<spml:extendedResponse xmlns:spml='urn:oasis:names:tc:SPML:1:0' xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' result='urn:oasis:names:tc:SPML:1:0#failure'>
<spml:operationalAttributes>
<dsml:attr name='errorMessages'>
<dsml:value>Couldn't find method get4() in class java.lang.String</dsml:value>
<dsml:value>java.lang.String.get4()</dsml:value>
<dsml:value>Missing view id.</dsml:value>
<dsml:value>Missing view id.</dsml:value>
<dsml:value>Unable to checkin view, missing view id</dsml:value>
<dsml:value>XPRESS <get> exception:</dsml:value>
<dsml:value>Couldn't find method get3() in class java.lang.String</dsml:value>
<dsml:value>java.lang.String.get3()</dsml:value>
<dsml:value>Missing view id.</dsml:value>
<dsml:value>Missing view id.</dsml:value>
<dsml:value>Unable to checkin view, missing view id</dsml:value>
<dsml:value>XPRESS <get> exception:</dsml:value>
<dsml:value>Couldn't find method get2() in class java.lang.String</dsml:value>
<dsml:value>java.lang.String.get2()</dsml:value>
<dsml:value>Missing view id.</dsml:value>
<dsml:value>Missing view id.</dsml:value>
<dsml:value>Unable to checkin view, missing view id</dsml:value>
<dsml:value>XPRESS <get> exception:</dsml:value>
<dsml:value>Couldn't find method get1() in class java.lang.String</dsml:value>
<dsml:value>java.lang.String.get1()</dsml:value>
<dsml:value>Missing view id.</dsml:value>
<dsml:value>Missing view id.</dsml:value>
<dsml:value>Unable to checkin view, missing view id</dsml:value>
<dsml:value>XPRESS <get> exception:</dsml:value>
<dsml:value>Couldn't find method get0() in class java.lang.String</dsml:value>
<dsml:value>java.lang.String.get0()</dsml:value>
<dsml:value>Missing view id.</dsml:value>
<dsml:value>Missing view id.</dsml:value>
<dsml:value>Unable to checkin view, missing view id</dsml:value>
</dsml:attr>
Below is the code I am using .
LighthouseClient client = new LighthouseClient();
client.setUser("configurator");
client.setPassword("configurator");
String url = "http://xyz:8080/idm/servlet/rpcrouter2";
client.setUrl(url);
ArrayList mslist = new ArrayList();
idlist.add("12345");
System.out.println("UserList :- "+idlist);
ExtendedRequest extReq = new ExtendedRequest();
extReq.setOperationIdentifier("launchProcess");
extReq.setAttribute("process", "TEST_WF");
extReq.setAttribute("idList",idlist); //workflow Global variable
ExtendedResponse res = (ExtendedResponse)client.request(extReq);
if (res.getResult() .equals(ExtendedResponse.RESULT_SUCCESS))
System.out.println("Workflow was successfully executed");
} catch (Exception e) {System.out.println("Error : " + e.getMessage());}
Please suggest me if I am using anything wrong. Its urgent... it halted my work.
Regards,
vinash.hi,
in java code you set variable:
extReq.setAttribute("my_email", "[email protected]");in express code of your workflow (you also can see it in your debugger if you set a breakpoint a the beginning of your workflow):
<ref>my_email</ref> -
Modify user roles through SPML?
Hi everyone,
I've been stuck for a few days now on trying to modify the assigned role of a user through SPML. I'll be brutally honest with everyone: I have no idea whatsoever of what I'm doing, I just gather information and try to chuck along.
Up to this point, I've been able to create users and search for users through SPML, and that's where everything falls down very rapidly. I'm using SPML 2.0 for creating users and SPML 1.0 for searching them.
The IDM server has a specific role implemented named ITACCESS, which launches a process that calls other servers and things like that once it is assigned to a user. My goal is thus to modify the "Roles assigned" value of a specific user to "ITACCESS", basically.
Am I wrong in thinking I can use SPML for this? What other ways of accessing the IDM server do I have available?
The server is configured with the regular spml.xml and spml2.xml (stock sample ones, not modified). I have tried simply sending an SPML 2.0 modifyRequest, but to no avail:
<modifyRequest xmlns='urn:oasis:names:tc:SPML:2:0' requestID='IDMConnector-01' executionMode='synchronous' returnData='data'>
<psoID ID='jlauwers'/>
<modification>
<dsml:modification xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='roles' operation='replace'>
<dsml:value>ITACCESS</dsml:value>
</dsml:modification>
</modification>
</modifyRequest>
===========================
<modifyResponse xmlns='urn:oasis:names:tc:SPML:2:0' status='success' requestID='IDMConnector-01'>
<pso>
<psoID ID='jlauwers'/>
<data>
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='objectclass'>
<dsml:value>spml2Person</dsml:value>
</dsml:attr>
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='accountId'>
<dsml:value>jlauwers</dsml:value>
</dsml:attr>
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='credentials'>
<dsml:value>LighthouseFakePassword</dsml:value>
</dsml:attr>
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='firstname'>
<dsml:value>John</dsml:value>
</dsml:attr>
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='lastname'>
<dsml:value>Lauwers</dsml:value>
</dsml:attr>
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='emailAddress'>
<dsml:value>[email protected]</dsml:value>
</dsml:attr>
</data>
</pso>
</modifyResponse>Any help would be gladly appreciated.
Thanks for readingHi everyone,
I have had some amazing help and have finally been able to resolve this issue.
For future reference:
There is no need to change any attribute mapping or anything complicated, the following code and XML demonstrates an example to change assign a new role to a user in Sun IDM:
LighthouseClient client = new LighthouseClient();
client.setUrl("http://idmserver:8080/servlet/rpcrouter2");
client.setUser("administrator");
client.setPassword("administrator");
ModifyRequest req = new ModifyRequest();
SpmlResponse modifyResponse = new ModifyResponse();
// enable server side trace
req.setOperationalAttribute("trace", "true");
// Set the objectclass
req.setOperationalAttribute("objectclass", "userview");
// Set the IDM Username
req.setIdentifier("user:someuser");
java.util.ArrayList al = new java.util.ArrayList();
al.Add("NewRole");
// Create, build and add a Modification to the request
Modification m = new Modification("waveset.roles", al);
req.addModification(m);
modifyResponse = client.request(req);
if (modifyResponse.getResult().Equals(SpmlResponse.RESULT_SUCCESS))
Log.append("Modification succeeded");
else
Log.append("Modification not completed");The following is the typical XML exchange:
<spml:modifyRequest xmlns:spml='urn:oasis:names:tc:SPML:1:0' xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core'>
<spml:operationalAttributes>
<dsml:attr name='trace'>
<dsml:value>true</dsml:value>
</dsml:attr>
<dsml:attr name='objectclass'>
<dsml:value>userview</dsml:value>
</dsml:attr>
<dsml:attr name='session'>
<dsml:value>AAAFJgAAILoAAAUGH4sIAAAAAAAAAMVaW2+jOBh9n1+B1Ic8rdpcmklH6UiEkK41BBCEVtqXiBI36y0BxGVGmV+/BnLB2DFgHqZP6fkcn2Nsvpszt7P3/6CXSoF7gM8DeXdAAUrS2E3DeCDF0N0ZgX98HqRxBgdSUg7eoAMMs/R5MJ4+5H8DyQ/3KFiHu5c4zKLnwR1Y3s0mTxNlPBrLT8PJZDKefvvr61AdrR5m34aj4UxVV6uJMsPgajXD33eTVPY8mCT53M+D4Wgyefw6epg+PE1Hg+9fJGluxijwUOT6Sf4vBoxCiwU/pPQY4e84CcSS0a6kr62Etbz7GxMVo4qVVKbzvDALUok9Ldu4Q0nku0e9GOOArbxcA/3FMhxzKyuK4eibEuokJF+lxFXDG8GR5Niq1UPXK4K/pHILShkVgMP6CtS3groTmYZXVMydnNmqCIdOA/amoLPF+CQ8juYs0c4TFgbJCn1ITkngTYsp/t9ahqYKLElxI/cd+ShFNQmkoUmDIpvyAmhgA0REGPHeDdBvN0VhQKqoWZpkGNaLrIN/5A0wdAEdZugjr/4grmATu2loQBF6AHK2Qzfo66bG0+AsQR8pFkzCLPZqKipokwBLtQ3HUvpwS4WRreBia6tjW2AiaqjXsuULKfgqWhnFl7Xjc4T4/oT3XIXxgeY8oW14V4a17sZdRKE1TF0p/0TEpgraFKDW6kYuPomFRAcoYfCB9lRovBg6piI4TyoDjwMqOUgV7TKhgtO8FBLBm4A4T0exVHmjdg/gVCwVC6P46QV58soMITeMvNUYuq4qfQLJmbPuzGm8hQwhN35mojw5w9BCg5g/r3PVXPpNcwdBIo79wlv17TWwjYTOHv7MQTjdGtiCuLvrdaJd/dUmIF49YC6FXu0l9GGNkoA4lEtVU3tQguWaRXuFm6nxWBH6KA5/ogT7lxp/HecKMC3jFdjY5Qi408BHwSe5zVWIt826BvQfIpRukqB9UCMlQC6tbNvgRWCtauC+++T5IiAOqarLC03kfKGE4iQx3sYCW4zVgjkTQUpAHE4Lr3QtQGni7fsVxjt2Y+GWlSPExLv8ZlhLgYaC8q8b7KHEl9QwiOdT/5b1F7WPQBy9YNqgjz+Gu4O2uumjDhyiME6J00NAHG6wNg1rI+SFQo/yQleI74UMRcALyVHuYvN+F7Mvd8PKa8yZuRvOO2E5husOS94YHd9bnEicmS/nAGPSFeRtPE4uLiq6nscim6K4z1lWO/5zfiWkoZpr13VUbe204DxcTIZ8jULMHtdtO+9oXAOWeMfrnPSxVLFtLfLC3moYnUimqYUW0X5kNRsm+gQMQ8tUuXu34I/l6ba51qSyhD/TEhDvWGqa8bbNR+fde9XuRrzI/E/+dQJvBEfWwtF+9LhOKFib7zoahzUp7HnrUfAz+ic03iREtJNSPgG6zKPxxkchWPAVTIyqj8abFIjWf1WmehHItrVUIlQOnhjZNeENY7OeHtVheRRY9RrL0nhMhCu3ExtVqtJ4swaxorVgYhSQNN6kQLSULPefUU8yDI2Hgqos5/fkLfnciIqu50ng2o3KT+VnNUjjo/QJjzjY4CiTn0awHEg/XT/DhHc2jiX0Lf54OJ1N1YdRfouvPD4NF4+Lp/wWfzw7Pwdq8uLHATjh85FXJH8XCiU8HNxgJ2kowC9nkML4w/Xg5Xnen/TO7y/LmN+ffq/w/cv/lfR9TrogAACMAwenmPTYv5nNkZAnqXXTe+MZ/Q==</dsml:value>
</dsml:attr>
</spml:operationalAttributes>
<spml:identifier type='urn:oasis:names:tc:SPML:1:0#GUID'>
<spml:id>user:someuser</spml:id>
</spml:identifier>
<spml:modifications>
<dsml:modification name='waveset.roles' operation='replace'>
<dsml:value>NewRole</dsml:value>
</dsml:modification>
</spml:modifications>
</spml:modifyRequest>
========================
<spml:modifyResponse xmlns:spml='urn:oasis:names:tc:SPML:1:0' xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' result='urn:oasis:names:tc:SPML:1:0#success'>
<spml:operationalAttributes>
<dsml:attr name='session'>
<dsml:value>AAAFJwAAILoAAAUHH4sIAAAAAAAAAMVaW2+jOBh9n1+BNA95WrW5tE1H6UiEkK41BBCEVtqXihK36y0BxGVGnV+/xuSCwbHBPEyf0vM5PsfYfDdn4Rav/8EgVyJ/Dx9G6m6PIpTlqZ/H6UhJob+zovDzYZSnBRwpWTV4i/YwLvKH0fT2uvwbKWH8jqJNvHtM4yJ5GH0Fq6/z2f1Mm06m6v14NptNb7/9dTfWJ+vr+bfxZDzX9fV6ps0xuF7P8ff9LFeDAGZZOffDaDyZzW7uJtc3d9Prm9H3L4qysFMUBSjxw6z8FwMW0eLANyX/TPB3vAxiyWhX0TdWwlre1YWJyCiyktp0QRAXUa6wp2UbdyhLQv/TJGM88KKuNsB8dCzPflE1zfLMbQX1ElKuUuGq4Y3gSPJc3Rmg6wnBX0q1BZWMGsBhfQL6M6HuRWbgFZG5syNbHeHQGcDdEjpXjk/B49qcFdp7QmJQnDiE9JQULloM+f/FsQxdYkman/ivKEQ5akigDSINmmqrS2CALZARYaXvfoR++zmKI1pFwyKSYTmPqgn+UbfAMiV02HGIguaDOIMidtsygCb1ANRihy7QN03C0+CtwBApDsziIg0aKmqoSICju5bnaEO4FWJkKzjZuup4IZiMmtZr2fGFlHwVnaLFV3Tj86T4/oT3XMfpvs15QLvwri1n04+bRKENzH2l/ETFphoqClAbfauST3Ih0QNaHL2h91ZoPBl6piI4T6oCjwdqOUgd7TOhhtO8HFLBm4I4T0dzdHWr9w/grVgqF0bx04vK5JUZQi4YeauxTFPXhgSSI2fTmbfxDjKk3PiRqeXJGYYOGuT8eZOr4dIvmnsIknHsJ966b2+AXST09vBHDsrpNsAOxP1dr5fsmq82BfHqAXsl9WqvYAgblBTEoVzphj6AEqw2LNozLKbGY2XokzT+iTLsXxr8TZwrwHasJ+BilyPhTqMQRR/0Ntch3jabBjB/yFD6WYbeowYpBXJpVdcFjxJr1SP/NaTPFwVxSHVTXRoy5wtlLU4a420scOVYHVgyUaQUxOF08Eo3EpQ23r5fcbpjNxYuWTlCbLzLz5azkmgoaP/60TtU+JIEg3g+9W/VfNSHCMTRC+YCffwx3B109e0QdWCfxGlOnR4K4nCDjW05WykvFActL3SG+F7I0iS8kJqULrbsdzH7chesvMacXbrhshNWYrjucNSt1fO9xYnEkfl0DjCmnEHexuPk4qSi73kk2VSL+5hldeM/5ldSGuq5dlNH3dZNC87D5WSo5yjE7HFdtvOOxjlgyXe8jkkfSxXb1iEvHKyG0Ylkmjpoke1H1rNhqk/AMHRMlft3C/5Ynu7aG0OpSvgjLQXxjqVhWM8v5eiye6+7/YiXRfjBv07gjeDIWnrGjwHXCYRVfNchHCZSOPDWg/Az+idtXCREtpNSPYF2mdfGhY9CsuAjTIyqr42LFMjWf3WmZhHItnVUIlUOHhjZNeEFo1jPgOqwOgqseo1lER4T6crtwNYqVdu4WINc0UqYGAVkGxcpkC0lq/1n1JMMg/BQtCrLxRV9S76wEtL1PAjc+En1qfqsR3n6qXzATxxscJQpTyNYjZSfflhgwq8ujiXtW/zp+HZ+q19Pylt87eZ+vLxZ3pe3+NP58Tm0Jic/DsAJX4gCkvydKLR4v/ejnWKgCL+cUQ7TNz+Ap+d5ddC7uDotY3F1+L3C9y//A9c39n66IAAAcSF27Dd5WEeyXvWz8UvVSYrS48Y=</dsml:value>
</dsml:attr>
</spml:operationalAttributes>
</spml:modifyResponse>HTH, -
Request submitted for provisioning through CUP
HI All
I am using SAP GRC 5.3
i am using Compliant User Provisioning for creating requests.
After submitting the requests does CUP directly talk to target System or does it talk to any provisioning engine
In short I want to know what actually happens( internally) when a request is submitted for provisioning through CUP
Thanks
JaganMph,
Once you complete the request in CUP and when it passes through all the approval stages, CUP will directly connect to target SAP system to provision users and roles. CUP has the java front-end which initiates the request and then it connects to the ABAP programs which are installed target SAP system for provisioning.
Hope this helps.
Regards,
Alpesh -
GTC Connector using SPML Format Provider and Web Services Transport Provide
Hello All,
Did any body create a GTC connector which uses SPML Format for Format Provider and Web Services format for Transport Provider?
Is there any doc which talks about the same?
I need to provision to a system over web services and I thought GTC using the above formats should be an easy approach. Am I right?
I was trying to follow:
http://download.oracle.com/docs/cd/E14571_01/doc.1111/e14309/devgtc.htm#BABDFDFE
But Iam getting lost in the immerse details.
Thanks in advance.Hi ,
I tried creating one and am getting the following error while provisioning:
SPML Response failed V2 schema validation
Th eoracle document says :Ensure that the SPML response returned by the target system conforms to the SPML V2 standard specification
Please help me with the same. What is it that needs to be done here.
Thanks
WIP -
OIM 11g R2 - Setting a field as mandatory while provisioning through catalo
Hi,
May I know how i can make a field as mandatory (Red Asterick) while trying to provision an account through catalog wizard.I dont see any option to set required=true while creating a form for an application instance.Thanks.login to sysadmin-> create sandbox-> go to form designer->select your form now click on customize link(right top corner)->select your attribute and set the required field as true and then save it. finally export sandbox. run catalog sync job. and then verify if attribute is mandatory in the request form/dataset or not.
same mentioned in R2 release note -
GTC connectors and SPML compliant
Hi
I am trying to integrate a target application using GTC connector transport providers as web services and Format providers as SPML and even i have to create a dummy web service which is compliant with SPML so that it can be integrated with OIM.
can any one pl help me to create a Dummy webservice compliant OIM SPML?
Web services shud be created using Java.The web service needs to store data the in txt file and send a response to OIM.Make sure you are exporting the Generic Connector type object, and not the Resource Object. There are configurations that only come when you export this way. Otherwise you only get the resource and process definition workflow, and none of the configurations.
You might also need to export the provider definition as well and import.
-Kevin -
Limitations of Auto-Provisioning through CUP (AE)
Hi all,
I am looking for some information on what are all the benefits and limitations of using auto-provisioning over manual provisioning for the backend systems through CUP (AE).
We are implementing GRC AC 5.3 and it is organization's business decision whether we need the proviosing piece to be automated or not. However, I would like to get your suggestions based on your project experiences esp in a decentralized security administration where security admins are in different geographical locations and have to provision only for their user groups.
Can we perform all the activities thro' auto-provision similar to a security administrator manually creating a user, assign appropriate user groups etc., or is there any limitation?
Which approach would be better for decentralized administration?
Appreciate your suggestions..
Thanks
SiriHi Alpesh & Williams,
The user default settings such as date, timezone, decimal etc can be configured through the 'user defaults' and 'user default mapping' . I see the option of assigning user groups and appropriate parameters too.
Say the user belong to user group AAA_XXX and another user belongs to AAA_YYY, where
AAA - location
XXX - Dept
I have configured these (location, dept) as required fields while entering the request in CUP .
However, during run time how will the correct user group be assigned to the user. Is it through the user default mapping? Where do we maintain all the user group information that is available in the ECC system? Do we have to create user default, user default mapping for each user group??
The documentation from SAP is not very clear .. Appreciate if you can provide some lights on this area.
Thanks
Siri -
Portal Roles Intial load and Provisioning through IDM UI
Dear All,
I am trying to assign portal roles to Users in IDM 7.1 SP5.
For this two activities needs to be performed:
1) Portal roles Initial load in IDM Identity store
2) Provisioning of Portal roles to Users through IDM UI
Please suggest about the configuration guide or steps required for both points mentioned above.
Thanks
HoneyDear Christoph,
Thanks for the reply.
Now I am able to assign Role / Privileges to Users from IDM to UME.
Require one clarification on User / Identity creation:
Where can I can set initial password for all the new user created from IDM UI ?
I am able to create new User and assign roles as well from IDM UI and all is available in EP UME also.
But when I am logging in with new user it is not taking the default password mentioned in Global Constant in IS.
Do I need to mention the password somewhere else.
Pls suggest.
Thanks
Honey
Edited by: Honey Gyanani on Oct 6, 2010 9:10 AM -
Password policy not working fully through SPML
We've come across a problem with password policy enforcement on IdM 6.0 where the "Number of Previous Passwords that Cannot be Reused" gets ignored. Consequently I can set the password back and forth between two values without error.
If I attempt this through the IdM password interface, I get the message:
{color:#ff0000}*Policy Violation (Password on Lighthouse User): New password cannot match any of the 4 previous passwords for this account.*
{color}
This is the response I am after through the SPML interface.
Should this be supported? If it should be, where might I be going astray.
The "Identity system account policy" set on the organisation I'm using is correctly configured to use the password policy as far as I can tell.
Edited by: SuperDuperJavaSnooper on Aug 19, 2009 9:44 PMHow do I go about reporting this as a bug of IdM 6.0?
-
All,
Had a query regarding provisioning a resource to a user through OIM API. iam using the provisionObject in tcUserOperationsIntf which provisions a new resource for the user . I would like to pass in process form values before this provisions resource to the user . Currently i see that i can only set values on process form only when the provisioning happens.
i require this because i want to choose which provisioning process to pick up based on a value on process form
ThanksSomething like that will also work . But whats complicating my requirement little bit , i have a single process form shared by two different process definition for this resource object . If i choose pre-population , i should prepoulate only for one process definition not the default process definition.
Message was edited by:
rufus -
Access provisioning through Access List
I have Inter Vlan Routing done on my Core Switch, through which subnets are restricted to access each other, Example subnet of 10.1.23.0 cannot have access to subnet of 10.1.24.0.
Due to certain requirement i want that 10.1.23.19(Users Worskstain IP) can access 10.1.24.41 (Users Workstation IP)
Is it possible to do that, without disturbing my InterVlan Routing? Please suggestBelow is the Configuration of Intervlan Routign on my core Switch, please suggest
interface Vlan2
description IAS
ip address 10.1.14.2 255.255.254.0
ip access-group IAS out
vrrp 2 ip 10.1.14.5
vrrp 2 priority 99
interface Vlan3
description MKT
no ip address
ip access-group MKT out
vrrp 3 ip 10.1.6.5
vrrp 3 priority 99
interface Vlan4
description ESG
ip address 10.1.16.2 255.255.255.128
ip access-group ESS out
vrrp 4 ip 10.1.16.5
vrrp 4 priority 99
interface Vlan5
description NMSG
ip address 10.1.24.2 255.255.255.128
vrrp 5 ip 10.1.24.5
vrrp 5 priority 99
interface Vlan6
description OAG
ip address 10.1.26.2 255.255.255.128
vrrp 6 ip 10.1.26.5
vrrp 6 priority 99
interface Vlan7
description SMG
ip address 10.1.28.2 255.255.255.128
ip access-group SMG out
vrrp 7 ip 10.1.28.5
vrrp 7 priority 99
interface Vlan8
description DMG
ip address 10.1.30.2 255.255.255.128
ip access-group DMG out
vrrp 8 ip 10.1.30.5
vrrp 8 priority 99
interface Vlan9
description DMS_UAT
ip address 10.1.32.2 255.255.255.128
ip access-group DMS_UAT out
vrrp 9 ip 10.1.32.5
vrrp 9 priority 99
interface Vlan10
description SEG
ip address 10.1.34.2 255.255.254.0
vrrp 10 ip 10.1.34.5
vrrp 10 priority 99
interface Vlan11
description SEG-2
ip address 10.1.33.2 255.255.255.128
vrrp 11 ip 10.1.33.5
vrrp 11 priority 99
interface Vlan12
description Finance_F2
ip address 10.1.2.2 255.255.255.0
vrrp 12 ip 10.1.2.5
vrrp 12 priority 99
interface Vlan13
description Operations
ip address 10.1.10.2 255.255.255.128
ip access-group OPS out
vrrp 13 ip 10.1.10.5
vrrp 13 priority 99
interface Vlan17
description PD&T
ip address 10.1.36.2 255.255.255.128
ip access-group PDT out
vrrp 17 ip 10.1.36.5
vrrp 17 priority 99
interface Vlan18
description HR&Admin
ip address 10.1.8.2 255.255.255.0
ip access-group HR&Admin out
vrrp 18 ip 10.1.8.5
vrrp 18 priority 99
interface Vlan19
no ip address
interface Vlan20
no ip address
interface Vlan21
no ip address
interface Vlan22
description SEG3
ip address 10.1.44.2 255.255.255.128
ip access-group SEG3 out
vrrp 22 ip 10.1.44.5
vrrp 22 priority 99
interface Vlan23
description Call_Center
ip address 10.1.42.2 255.255.255.0
ip access-group CC out
vrrp 23 ip 10.1.42.5
vrrp 23 priority 99
interface Vlan24
description IT_Sec
ip address 10.1.23.2 255.255.255.0
vrrp 23 ip 10.1.23.5
vrrp 23 priority 99
interface Vlan25
description Q-mgmt
ip address 10.1.9.2 255.255.255.0
ip access-group ACESSCONTROL out
vrrp 25 ip 10.1.9.5
vrrp 25 priority 99
interface Vlan26
description RTA
ip address 10.1.150.2 255.255.254.0
ip access-group RTA out
vrrp 26 ip 10.1.150.5
vrrp 26 priority 99
interface Vlan27
description P&D
ip address 10.1.45.2 255.255.255.0
ip access-group PD out
vrrp 27 ip 10.1.45.5
vrrp 27 priority 99
interface Vlan28
description Trustee
ip address 10.1.18.2 255.255.255.0
ip access-group TRUSTEE out
vrrp 28 ip 10.1.18.5
vrrp 28 priority 99
ip access-list standard CC
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard CEO
deny 10.1.2.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard CS
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
ip access-list standard DMG
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard DMSSCAN
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard DMS_UAT
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard ESS
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard FIN
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard HRADMIN
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard IAD
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard IAS
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard ITSEC
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
ip access-list standard MKT
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard NMSG
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard OAG
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
ip access-list standard OPS
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard PD
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard PDT
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard Q-mgmt
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
permit any
ip access-list standard RTA
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
permit any
ip access-list standard SEG
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard SEG2
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard SEG3
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard SMG
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.18.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard TRUSTEE
deny 10.1.2.0 0.0.0.255
deny 10.1.4.0 0.0.0.255
deny 10.1.6.0 0.0.0.255
deny 10.1.8.0 0.0.0.255
deny 10.1.9.0 0.0.0.255
deny 10.1.10.0 0.0.0.255
deny 10.1.12.0 0.0.0.255
deny 10.1.14.0 0.0.0.255
deny 10.1.23.0 0.0.0.255
deny 10.1.24.0 0.0.0.255
deny 10.1.26.0 0.0.0.255
deny 10.1.28.0 0.0.0.255
deny 10.1.30.0 0.0.0.255
deny 10.1.32.0 0.0.0.255
deny 10.1.33.0 0.0.0.255
deny 10.1.34.0 0.0.0.255
deny 10.1.35.0 0.0.0.255
deny 10.1.36.0 0.0.0.255
deny 10.1.38.0 0.0.0.255
deny 10.1.42.0 0.0.0.255
deny 10.1.44.0 0.0.0.255
deny 10.1.45.0 0.0.0.255
deny 10.1.48.0 0.0.0.255
deny 10.1.50.0 0.0.0.255
deny 10.1.150.0 0.0.0.255
permit any
ip access-list standard static-routes
permit 10.1.136.0 0.0.1.255
permit 10.1.138.0 0.0.1.255
permit 10.1.142.0 0.0.0.255
permit 10.1.144.0 0.0.1.255
permit 10.1.160.0 0.0.1.255
permit 10.1.200.0 0.0.1.255
permit 10.1.204.0 0.0.1.255
permit 10.1.210.0 0.0.0.255
permit 10.1.222.0 0.0.1.255
permit 172.18.100.0 0.0.0.255
permit 172.18.101.0 0.0.0.255
permit 172.18.102.0 0.0.0.255
permit 172.18.103.0 0.0.0.255
permit 172.18.104.0 0.0.0.255
permit 172.18.105.0 0.0.0.255
permit 172.18.106.0 0.0.0.255
permit 10.1.146.0 0.0.0.255
permit 192.168.1.0 0.0.0.255
permit 10.1.145.0 0.0.0.255
Maybe you are looking for
-
How can i get all values from jtable with out selecting?
i have one input table and two output tables (name it as output1, output2). Selected rows from input table are displayed in output1 table. The data in output1 table is temporary(means the dat wont store in database just for display purpose). Actually
-
Dynamic Creation of Items in Runtime through Application UI
We have a requirement where the Users wanted to have an option of creating an item dynamically. We developed and deployed a very simple application but the users want to have the flexibility of adding new columns (without vaildations and processing -
-
IMAP boxes disappear & reappear, continually reload, subfolders move random
I am having a very strange problem here which started about a week ago, maybe someone can point me in the right direction: 1) I use both gmail and my domain's server email which load into Mail.app. I use gmail because I like their spam filter and I u
-
Cant access image on my iphone via laptop
I used to connect my Iphone 5s to Laptop via USB and copy my images to the laptop,but for 2 weeks when i connect Usb cable to laptop, it beep twice and just charging my phon and I cant acess to my phon via expolorer. But iTune can recognize phone. No
-
Financial Report Textfunction Problem
Hi Im trying to create a report with a Text that displays the current Point of view. I used this function <<POVMember("Grid1",Period)>>. It works. Now if i want to reuse this textfield in another report an there is no Grid1 i have to change the Textf